Creates a root or subordinate private certificate authority (CA). You must specify the\n\t\t\tCA configuration, an optional configuration for Online Certificate Status Protocol\n\t\t\t(OCSP) and/or a certificate revocation list (CRL), the CA type, and an optional\n\t\t\tidempotency token to avoid accidental creation of multiple CAs. The CA configuration\n\t\t\tspecifies the name of the algorithm and key size to be used to create the CA private\n\t\t\tkey, the type of signing algorithm that the CA uses, and X.500 subject information. The\n\t\t\tOCSP configuration can optionally specify a custom URL for the OCSP responder. The CRL\n\t\t\tconfiguration specifies the CRL expiration period in days (the validity period of the\n\t\t\tCRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias for the S3\n\t\t\tbucket that is included in certificates issued by the CA. If successful, this action\n\t\t\treturns the Amazon Resource Name (ARN) of the CA.
\nBoth Amazon Web Services Private CA and the IAM principal must have permission to write to\n the S3 bucket that you specify. If the IAM principal making the call\n does not have permission to write to the bucket, then an exception is\n thrown. For more information, see Access \n\t\t\t\t\t\tpolicies for CRLs in Amazon S3.
\nAmazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. \n For more information, see Encrypting Your\n\t\t\tCRLs.
", + "smithy.api#documentation": "Creates a root or subordinate private certificate authority (CA). You must specify the\n\t\t\tCA configuration, an optional configuration for Online Certificate Status Protocol\n\t\t\t(OCSP) and/or a certificate revocation list (CRL), the CA type, and an optional\n\t\t\tidempotency token to avoid accidental creation of multiple CAs. The CA configuration\n\t\t\tspecifies the name of the algorithm and key size to be used to create the CA private\n\t\t\tkey, the type of signing algorithm that the CA uses, and X.500 subject information. The\n\t\t\tOCSP configuration can optionally specify a custom URL for the OCSP responder. The CRL\n\t\t\tconfiguration specifies the CRL expiration period in days (the validity period of the\n\t\t\tCRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias for the S3\n\t\t\tbucket that is included in certificates issued by the CA. If successful, this action\n\t\t\treturns the Amazon Resource Name (ARN) of the CA.
\nBoth Amazon Web Services Private CA and the IAM principal must have permission to write to\n the S3 bucket that you specify. If the IAM principal making the call\n does not have permission to write to the bucket, then an exception is\n thrown. For more information, see Access \n\t\t\t\t\t\tpolicies for CRLs in Amazon S3.
\nAmazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. \n For more information, see Encrypting Your\n\t\t\tCRLs.
", "smithy.api#idempotent": {} } }, @@ -2035,7 +2035,7 @@ } }, "traits": { - "smithy.api#documentation": "Contains configuration information for a certificate revocation list (CRL). Your\n\t\t\tprivate certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You\n\t\t\tcan enable CRLs for your new or an existing private CA by setting the Enabled parameter to true. Your private CA\n\t\t\twrites CRLs to an S3 bucket that you specify in the S3BucketName parameter. You can hide the name of your bucket by\n\t\t\tspecifying a value for the CustomCname parameter. Your\n\t\t\tprivate CA by default copies the CNAME or the S3 bucket name to the CRL\n\t\t\t\tDistribution Points extension of each certificate it issues. If you want to configure\n\t\t\t\tthis default behavior to be something different, you can set the CrlDistributionPointExtensionConfiguration \n\t\t\t\tparameter. Your S3\n\t\t\tbucket policy must give write permission to Amazon Web Services Private CA.
Amazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. \n For more information, see Encrypting Your\n\t\t\tCRLs.
\nYour private CA uses the value in the ExpirationInDays parameter to calculate the nextUpdate field in the CRL. The CRL is refreshed prior to a\n\t\t\tcertificate's expiration date or when a certificate is revoked. When a certificate is\n\t\t\trevoked, it appears in the CRL until the certificate expires, and then in one additional\n\t\t\tCRL after expiration, and it always appears in the audit report.
\nA CRL is typically updated approximately 30 minutes after a certificate \n\tis revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts \n\tevery 15 minutes.
\nCRLs contain the following fields:
\n\n Version: The current version number defined\n\t\t\t\t\tin RFC 5280 is V2. The integer value is 0x1.
\n\n Signature Algorithm: The name of the\n\t\t\t\t\talgorithm used to sign the CRL.
\n\n Issuer: The X.500 distinguished name of your\n\t\t\t\t\tprivate CA that issued the CRL.
\n\n Last Update: The issue date and time of this\n\t\t\t\t\tCRL.
\n\n Next Update: The day and time by which the\n\t\t\t\t\tnext CRL will be issued.
\n\n Revoked Certificates: List of revoked\n\t\t\t\t\tcertificates. Each list item contains the following information.
\n\n Serial Number: The serial number, in\n\t\t\t\t\t\t\thexadecimal format, of the revoked certificate.
\n\n Revocation Date: Date and time the\n\t\t\t\t\t\t\tcertificate was revoked.
\n\n CRL Entry Extensions: Optional\n\t\t\t\t\t\t\textensions for the CRL entry.
\n\n X509v3 CRL Reason Code:\n\t\t\t\t\t\t\t\t\tReason the certificate was revoked.
\n\n CRL Extensions: Optional extensions for the\n\t\t\t\t\tCRL.
\n\n X509v3 Authority Key Identifier:\n\t\t\t\t\t\t\tIdentifies the public key associated with the private key used to sign\n\t\t\t\t\t\t\tthe certificate.
\n\n X509v3 CRL Number:: Decimal sequence\n\t\t\t\t\t\t\tnumber for the CRL.
\n\n Signature Algorithm: Algorithm used by your\n\t\t\t\t\tprivate CA to sign the CRL.
\n\n Signature Value: Signature computed over the\n\t\t\t\t\tCRL.
\nCertificate revocation lists created by Amazon Web Services Private CA are DER-encoded. You can use the\n\t\t\tfollowing OpenSSL command to list a CRL.
\n\n openssl crl -inform DER -text -in crl_path\n\t\t\t-noout\n
For more information, see Planning a certificate revocation list\n\t\t\t\t(CRL) in the Amazon Web Services Private Certificate Authority User Guide\n
" + "smithy.api#documentation": "Contains configuration information for a certificate revocation list (CRL). Your\n\t\t\tprivate certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You\n\t\t\tcan enable CRLs for your new or an existing private CA by setting the Enabled parameter to true. Your private CA\n\t\t\twrites CRLs to an S3 bucket that you specify in the S3BucketName parameter. You can hide the name of your bucket by\n\t\t\tspecifying a value for the CustomCname parameter. Your\n\t\t\tprivate CA by default copies the CNAME or the S3 bucket name to the CRL\n\t\t\t\tDistribution Points extension of each certificate it issues. If you want to configure\n\t\t\t\tthis default behavior to be something different, you can set the CrlDistributionPointExtensionConfiguration \n\t\t\t\tparameter. Your S3\n\t\t\tbucket policy must give write permission to Amazon Web Services Private CA.
Amazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. \n For more information, see Encrypting Your\n\t\t\tCRLs.
\nYour private CA uses the value in the ExpirationInDays parameter to calculate the nextUpdate field in the CRL. The CRL is refreshed prior to a\n\t\t\tcertificate's expiration date or when a certificate is revoked. When a certificate is\n\t\t\trevoked, it appears in the CRL until the certificate expires, and then in one additional\n\t\t\tCRL after expiration, and it always appears in the audit report.
\nA CRL is typically updated approximately 30 minutes after a certificate \n\tis revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts \n\tevery 15 minutes.
\nCRLs contain the following fields:
\n\n Version: The current version number defined\n\t\t\t\t\tin RFC 5280 is V2. The integer value is 0x1.
\n\n Signature Algorithm: The name of the\n\t\t\t\t\talgorithm used to sign the CRL.
\n\n Issuer: The X.500 distinguished name of your\n\t\t\t\t\tprivate CA that issued the CRL.
\n\n Last Update: The issue date and time of this\n\t\t\t\t\tCRL.
\n\n Next Update: The day and time by which the\n\t\t\t\t\tnext CRL will be issued.
\n\n Revoked Certificates: List of revoked\n\t\t\t\t\tcertificates. Each list item contains the following information.
\n\n Serial Number: The serial number, in\n\t\t\t\t\t\t\thexadecimal format, of the revoked certificate.
\n\n Revocation Date: Date and time the\n\t\t\t\t\t\t\tcertificate was revoked.
\n\n CRL Entry Extensions: Optional\n\t\t\t\t\t\t\textensions for the CRL entry.
\n\n X509v3 CRL Reason Code:\n\t\t\t\t\t\t\t\t\tReason the certificate was revoked.
\n\n CRL Extensions: Optional extensions for the\n\t\t\t\t\tCRL.
\n\n X509v3 Authority Key Identifier:\n\t\t\t\t\t\t\tIdentifies the public key associated with the private key used to sign\n\t\t\t\t\t\t\tthe certificate.
\n\n X509v3 CRL Number:: Decimal sequence\n\t\t\t\t\t\t\tnumber for the CRL.
\n\n Signature Algorithm: Algorithm used by your\n\t\t\t\t\tprivate CA to sign the CRL.
\n\n Signature Value: Signature computed over the\n\t\t\t\t\tCRL.
\nCertificate revocation lists created by Amazon Web Services Private CA are DER-encoded. You can use the\n\t\t\tfollowing OpenSSL command to list a CRL.
\n\n openssl crl -inform DER -text -in crl_path\n\t\t\t-noout\n
For more information, see Planning a certificate revocation list\n\t\t\t\t(CRL) in the Amazon Web Services Private Certificate Authority User Guide\n
" } }, "com.amazonaws.acmpca#CrlDistributionPointExtensionConfiguration": { @@ -3065,7 +3065,7 @@ } ], "traits": { - "smithy.api#documentation": "Imports a signed private CA certificate into Amazon Web Services Private CA. This action is used when you\n\t\t\tare using a chain of trust whose root is located outside Amazon Web Services Private CA. Before you can call\n\t\t\tthis action, the following preparations must in place:
\nIn Amazon Web Services Private CA, call the CreateCertificateAuthority action to create the private CA that you\n\t\t\t\t\tplan to back with the imported certificate.
\nCall the GetCertificateAuthorityCsr action to generate a certificate signing\n\t\t\t\t\trequest (CSR).
\nSign the CSR using a root or intermediate CA hosted by either an on-premises\n\t\t\t\t\tPKI hierarchy or by a commercial CA.
\nCreate a certificate chain and copy the signed certificate and the certificate\n\t\t\t\t\tchain to your working directory.
\nAmazon Web Services Private CA supports three scenarios for installing a CA certificate:
\nInstalling a certificate for a root CA hosted by Amazon Web Services Private CA.
\nInstalling a subordinate CA certificate whose parent authority is hosted by\n\t\t\t\t\tAmazon Web Services Private CA.
\nInstalling a subordinate CA certificate whose parent authority is externally\n\t\t\t\t\thosted.
\nThe following additional requirements apply when you import a CA certificate.
\nOnly a self-signed certificate can be imported as a root CA.
\nA self-signed certificate cannot be imported as a subordinate CA.
\nYour certificate chain must not include the private CA certificate that you\n\t\t\t\t\tare importing.
\nYour root CA must be the last certificate in your chain. The subordinate\n\t\t\t\t\tcertificate, if any, that your root CA signed must be next to last. The\n\t\t\t\t\tsubordinate certificate signed by the preceding subordinate CA must come next,\n\t\t\t\t\tand so on until your chain is built.
\nThe chain must be PEM-encoded.
\nThe maximum allowed size of a certificate is 32 KB.
\nThe maximum allowed size of a certificate chain is 2 MB.
\n\n Enforcement of Critical Constraints\n
\nAmazon Web Services Private CA allows the following extensions to be marked critical in the imported CA\n\t\t\tcertificate or chain.
\nBasic constraints (must be marked critical)
\nSubject alternative names
\nKey usage
\nExtended key usage
\nAuthority key identifier
\nSubject key identifier
\nIssuer alternative name
\nSubject directory attributes
\nSubject information access
\nCertificate policies
\nPolicy mappings
\nInhibit anyPolicy
\nAmazon Web Services Private CA rejects the following extensions when they are marked critical in an\n\t\t\timported CA certificate or chain.
\nName constraints
\nPolicy constraints
\nCRL distribution points
\nAuthority information access
\nFreshest CRL
\nAny other extension
\nImports a signed private CA certificate into Amazon Web Services Private CA. This action is used when you\n\t\t\tare using a chain of trust whose root is located outside Amazon Web Services Private CA. Before you can call\n\t\t\tthis action, the following preparations must in place:
\nIn Amazon Web Services Private CA, call the CreateCertificateAuthority action to create the private CA that you\n\t\t\t\t\tplan to back with the imported certificate.
\nCall the GetCertificateAuthorityCsr action to generate a certificate signing\n\t\t\t\t\trequest (CSR).
\nSign the CSR using a root or intermediate CA hosted by either an on-premises\n\t\t\t\t\tPKI hierarchy or by a commercial CA.
\nCreate a certificate chain and copy the signed certificate and the certificate\n\t\t\t\t\tchain to your working directory.
\nAmazon Web Services Private CA supports three scenarios for installing a CA certificate:
\nInstalling a certificate for a root CA hosted by Amazon Web Services Private CA.
\nInstalling a subordinate CA certificate whose parent authority is hosted by\n\t\t\t\t\tAmazon Web Services Private CA.
\nInstalling a subordinate CA certificate whose parent authority is externally\n\t\t\t\t\thosted.
\nThe following additional requirements apply when you import a CA certificate.
\nOnly a self-signed certificate can be imported as a root CA.
\nA self-signed certificate cannot be imported as a subordinate CA.
\nYour certificate chain must not include the private CA certificate that you\n\t\t\t\t\tare importing.
\nYour root CA must be the last certificate in your chain. The subordinate\n\t\t\t\t\tcertificate, if any, that your root CA signed must be next to last. The\n\t\t\t\t\tsubordinate certificate signed by the preceding subordinate CA must come next,\n\t\t\t\t\tand so on until your chain is built.
\nThe chain must be PEM-encoded.
\nThe maximum allowed size of a certificate is 32 KB.
\nThe maximum allowed size of a certificate chain is 2 MB.
\n\n Enforcement of Critical Constraints\n
\nAmazon Web Services Private CA allows the following extensions to be marked critical in the imported CA\n\t\t\tcertificate or chain.
\nAuthority key identifier
\nBasic constraints (must be marked critical)
\nCertificate policies
\nExtended key usage
\nInhibit anyPolicy
\nIssuer alternative name
\nKey usage
\nName constraints
\nPolicy mappings
\nSubject alternative name
\nSubject directory attributes
\nSubject key identifier
\nSubject information access
\nAmazon Web Services Private CA rejects the following extensions when they are marked critical in an\n\t\t\timported CA certificate or chain.
\nAuthority information access
\nCRL distribution points
\nFreshest CRL
\nPolicy constraints
\nAmazon Web Services Private Certificate Authority will also reject any other extension marked as critical not contained on the preceding list of allowed extensions.
" } }, "com.amazonaws.acmpca#ImportCertificateAuthorityCertificateRequest": { diff --git a/codegen/sdk-codegen/aws-models/batch.json b/codegen/sdk-codegen/aws-models/batch.json index 1555f8a449b..2e47a6a4466 100644 --- a/codegen/sdk-codegen/aws-models/batch.json +++ b/codegen/sdk-codegen/aws-models/batch.json @@ -3137,7 +3137,20 @@ "outputToken": "nextToken", "items": "computeEnvironments", "pageSize": "maxResults" - } + }, + "smithy.test#smokeTests": [ + { + "id": "DescribeComputeEnvironmentsSuccess", + "params": {}, + "vendorParams": { + "region": "us-west-2" + }, + "vendorParamsShape": "aws.test#AwsVendorParams", + "expect": { + "success": {} + } + } + ] } }, "com.amazonaws.batch#DescribeComputeEnvironmentsRequest": { diff --git a/codegen/sdk-codegen/aws-models/codebuild.json b/codegen/sdk-codegen/aws-models/codebuild.json index bdb108fd8fd..98f50908cd5 100644 --- a/codegen/sdk-codegen/aws-models/codebuild.json +++ b/codegen/sdk-codegen/aws-models/codebuild.json @@ -3234,6 +3234,12 @@ "traits": { "smithy.api#documentation": "If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns payloadUrl and \n secret values for the webhook. The payloadUrl and secret values in the output can be \n used to manually create a webhook within GitHub.
\n manualCreation is only available for GitHub webhooks.
The scope configuration for global or organization webhooks.
\nGlobal or organization webhooks are only available for GitHub and Github Enterprise webhooks.
\nThe scaling configuration output of a compute fleet.
" } }, + "com.amazonaws.codebuild#ScopeConfiguration": { + "type": "structure", + "members": { + "name": { + "target": "com.amazonaws.codebuild#String", + "traits": { + "smithy.api#documentation": "The name of either the enterprise or organization that will send webhook events to CodeBuild, depending on if the webhook is a global or organization webhook respectively.
", + "smithy.api#required": {} + } + }, + "domain": { + "target": "com.amazonaws.codebuild#String", + "traits": { + "smithy.api#documentation": "The domain of the GitHub Enterprise organization. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE
" + } + }, + "scope": { + "target": "com.amazonaws.codebuild#WebhookScopeType", + "traits": { + "smithy.api#documentation": "The type of scope for a GitHub webhook.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains configuration information about the scope for a webhook.
" + } + }, "com.amazonaws.codebuild#SecurityGroupIds": { "type": "list", "member": { @@ -8981,6 +9015,12 @@ "traits": { "smithy.api#documentation": "A timestamp that indicates the last time a repository's secret token was modified.\n
" } + }, + "scopeConfiguration": { + "target": "com.amazonaws.codebuild#ScopeConfiguration", + "traits": { + "smithy.api#documentation": "The scope configuration for global or organization webhooks.
\nGlobal or organization webhooks are only available for GitHub and Github Enterprise webhooks.
\n The type of webhook filter. There are nine webhook filter types: EVENT,\n ACTOR_ACCOUNT_ID, HEAD_REF, BASE_REF,\n FILE_PATH, COMMIT_MESSAGE, TAG_NAME, RELEASE_NAME, \n and WORKFLOW_NAME.
\n EVENT\n
\n A webhook event triggers a build when the provided pattern\n matches one of nine event types: PUSH,\n PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, \n PULL_REQUEST_CLOSED, PULL_REQUEST_REOPENED, \n PULL_REQUEST_MERGED, RELEASED, PRERELEASED, \n and WORKFLOW_JOB_QUEUED. The EVENT patterns are\n specified as a comma-separated string. For example, PUSH,\n PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED filters all push, pull\n request created, and pull request updated events.
Types PULL_REQUEST_REOPENED and WORKFLOW_JOB_QUEUED \n work with GitHub and GitHub Enterprise only. Types RELEASED and \n PRERELEASED work with GitHub only.
ACTOR_ACCOUNT_ID
\n A webhook event triggers a build when a GitHub, GitHub Enterprise, or\n Bitbucket account ID matches the regular expression pattern.\n
HEAD_REF
\n A webhook event triggers a build when the head reference matches the\n regular expression pattern. For example,\n refs/heads/branch-name and refs/tags/tag-name.
Works with GitHub and GitHub Enterprise push, GitHub and GitHub\n Enterprise pull request, Bitbucket push, and Bitbucket pull request events.
\nBASE_REF
\n A webhook event triggers a build when the base reference matches the\n regular expression pattern. For example,\n refs/heads/branch-name.
Works with pull request events only.
\nFILE_PATH
\n A webhook triggers a build when the path of a changed file matches the\n regular expression pattern.
Works with GitHub and Bitbucket events push and pull requests events.\n Also works with GitHub Enterprise push events, but does not work with\n GitHub Enterprise pull request events.
\nCOMMIT_MESSAGE
\nA webhook triggers a build when the head commit message matches the\n regular expression pattern.
Works with GitHub and Bitbucket events push and pull requests events.\n Also works with GitHub Enterprise push events, but does not work with\n GitHub Enterprise pull request events.
\nTAG_NAME
\nA webhook triggers a build when the tag name of the release matches the \n regular expression pattern.
Works with RELEASED and PRERELEASED events only.
RELEASE_NAME
\nA webhook triggers a build when the release name matches the \n regular expression pattern.
Works with RELEASED and PRERELEASED events only.
WORKFLOW_NAME
\nA webhook triggers a build when the workflow name matches the \n regular expression pattern.
Works with WORKFLOW_JOB_QUEUED events only.
The type of webhook filter. There are nine webhook filter types: EVENT,\n ACTOR_ACCOUNT_ID, HEAD_REF, BASE_REF,\n FILE_PATH, COMMIT_MESSAGE, TAG_NAME, RELEASE_NAME, \n and WORKFLOW_NAME.
\n EVENT\n
\n A webhook event triggers a build when the provided pattern\n matches one of nine event types: PUSH,\n PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, \n PULL_REQUEST_CLOSED, PULL_REQUEST_REOPENED, \n PULL_REQUEST_MERGED, RELEASED, PRERELEASED, \n and WORKFLOW_JOB_QUEUED. The EVENT patterns are\n specified as a comma-separated string. For example, PUSH,\n PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED filters all push, pull\n request created, and pull request updated events.
Types PULL_REQUEST_REOPENED and WORKFLOW_JOB_QUEUED \n work with GitHub and GitHub Enterprise only. Types RELEASED and \n PRERELEASED work with GitHub only.
ACTOR_ACCOUNT_ID
\n A webhook event triggers a build when a GitHub, GitHub Enterprise, or\n Bitbucket account ID matches the regular expression pattern.\n
HEAD_REF
\n A webhook event triggers a build when the head reference matches the\n regular expression pattern. For example,\n refs/heads/branch-name and refs/tags/tag-name.
Works with GitHub and GitHub Enterprise push, GitHub and GitHub\n Enterprise pull request, Bitbucket push, and Bitbucket pull request events.
\nBASE_REF
\n A webhook event triggers a build when the base reference matches the\n regular expression pattern. For example,\n refs/heads/branch-name.
Works with pull request events only.
\nFILE_PATH
\n A webhook triggers a build when the path of a changed file matches the\n regular expression pattern.
Works with GitHub and Bitbucket events push and pull requests events.\n Also works with GitHub Enterprise push events, but does not work with\n GitHub Enterprise pull request events.
\nCOMMIT_MESSAGE
\nA webhook triggers a build when the head commit message matches the\n regular expression pattern.
Works with GitHub and Bitbucket events push and pull requests events.\n Also works with GitHub Enterprise push events, but does not work with\n GitHub Enterprise pull request events.
\nTAG_NAME
\nA webhook triggers a build when the tag name of the release matches the \n regular expression pattern.
Works with RELEASED and PRERELEASED events only.
RELEASE_NAME
\nA webhook triggers a build when the release name matches the \n regular expression pattern.
Works with RELEASED and PRERELEASED events only.
REPOSITORY_NAME
\nA webhook triggers a build when the repository name matches the \n regular expression pattern.
\nWorks with GitHub global or organization webhooks only.
\nWORKFLOW_NAME
\nA webhook triggers a build when the workflow name matches the \n regular expression pattern.
Works with WORKFLOW_JOB_QUEUED events only.
A default value for the parameter.
" + } + }, + "AllowedValues": { + "target": "com.amazonaws.glue#AllowedValuesStringList", + "traits": { + "smithy.api#documentation": "A list of allowed values for the parameter.
" + } + }, + "MinValue": { + "target": "com.amazonaws.glue#ConfigValueString", + "traits": { + "smithy.api#documentation": "A minimum allowed value for the parameter.
" + } + }, + "MaxValue": { + "target": "com.amazonaws.glue#ConfigValueString", + "traits": { + "smithy.api#documentation": "A maximum allowed value for the parameter.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the values that an admin sets for each job or session parameter configured in a Glue usage profile.
" + } + }, "com.amazonaws.glue#ConflictException": { "type": "structure", "members": { @@ -10177,6 +10249,86 @@ "smithy.api#output": {} } }, + "com.amazonaws.glue#CreateUsageProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.glue#CreateUsageProfileRequest" + }, + "output": { + "target": "com.amazonaws.glue#CreateUsageProfileResponse" + }, + "errors": [ + { + "target": "com.amazonaws.glue#AlreadyExistsException" + }, + { + "target": "com.amazonaws.glue#InternalServiceException" + }, + { + "target": "com.amazonaws.glue#InvalidInputException" + }, + { + "target": "com.amazonaws.glue#OperationNotSupportedException" + }, + { + "target": "com.amazonaws.glue#OperationTimeoutException" + }, + { + "target": "com.amazonaws.glue#ResourceNumberLimitExceededException" + } + ], + "traits": { + "smithy.api#documentation": "Creates an Glue usage profile.
" + } + }, + "com.amazonaws.glue#CreateUsageProfileRequest": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of the usage profile.
", + "smithy.api#required": {} + } + }, + "Description": { + "target": "com.amazonaws.glue#DescriptionString", + "traits": { + "smithy.api#documentation": "A description of the usage profile.
" + } + }, + "Configuration": { + "target": "com.amazonaws.glue#ProfileConfiguration", + "traits": { + "smithy.api#documentation": "A ProfileConfiguration object specifying the job and session values for the profile.
A list of tags applied to the usage profile.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.glue#CreateUsageProfileResponse": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of the usage profile that was created.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.glue#CreateUserDefinedFunction": { "type": "operation", "input": { @@ -13287,6 +13439,54 @@ "smithy.api#output": {} } }, + "com.amazonaws.glue#DeleteUsageProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.glue#DeleteUsageProfileRequest" + }, + "output": { + "target": "com.amazonaws.glue#DeleteUsageProfileResponse" + }, + "errors": [ + { + "target": "com.amazonaws.glue#InternalServiceException" + }, + { + "target": "com.amazonaws.glue#InvalidInputException" + }, + { + "target": "com.amazonaws.glue#OperationNotSupportedException" + }, + { + "target": "com.amazonaws.glue#OperationTimeoutException" + } + ], + "traits": { + "smithy.api#documentation": "Deletes the Glue specified usage profile.
" + } + }, + "com.amazonaws.glue#DeleteUsageProfileRequest": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of the usage profile to delete.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.glue#DeleteUsageProfileResponse": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.glue#DeleteUserDefinedFunction": { "type": "operation", "input": { @@ -17297,7 +17497,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves the metadata for a given job run.
" + "smithy.api#documentation": "Retrieves the metadata for a given job run. Job run history is accessible for 90 days for your workflow and job run.
" } }, "com.amazonaws.glue#GetJobRunRequest": { @@ -20419,6 +20619,88 @@ "smithy.api#output": {} } }, + "com.amazonaws.glue#GetUsageProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.glue#GetUsageProfileRequest" + }, + "output": { + "target": "com.amazonaws.glue#GetUsageProfileResponse" + }, + "errors": [ + { + "target": "com.amazonaws.glue#EntityNotFoundException" + }, + { + "target": "com.amazonaws.glue#InternalServiceException" + }, + { + "target": "com.amazonaws.glue#InvalidInputException" + }, + { + "target": "com.amazonaws.glue#OperationNotSupportedException" + }, + { + "target": "com.amazonaws.glue#OperationTimeoutException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves information about the specified Glue usage profile.
" + } + }, + "com.amazonaws.glue#GetUsageProfileRequest": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of the usage profile to retrieve.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.glue#GetUsageProfileResponse": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of the usage profile.
" + } + }, + "Description": { + "target": "com.amazonaws.glue#DescriptionString", + "traits": { + "smithy.api#documentation": "A description of the usage profile.
" + } + }, + "Configuration": { + "target": "com.amazonaws.glue#ProfileConfiguration", + "traits": { + "smithy.api#documentation": "A ProfileConfiguration object specifying the job and session values for the profile.
The date and time when the usage profile was created.
" + } + }, + "LastModifiedOn": { + "target": "com.amazonaws.glue#TimestampValue", + "traits": { + "smithy.api#documentation": "The date and time when the usage profile was last modified.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.glue#GetUserDefinedFunction": { "type": "operation", "input": { @@ -20667,7 +20949,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves the metadata for a given workflow run.
" + "smithy.api#documentation": "Retrieves the metadata for a given workflow run. Job run history is accessible for 90 days for your workflow and job run.
" } }, "com.amazonaws.glue#GetWorkflowRunProperties": { @@ -22308,6 +22590,12 @@ "traits": { "smithy.api#documentation": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. Glue periodically performs maintenance activities. During these maintenance windows, Glue will need to restart your streaming jobs.
\nGlue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT.
" } + }, + "ProfileName": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of an Glue usage profile associated with the job.
" + } } }, "traits": { @@ -22652,6 +22940,12 @@ "traits": { "smithy.api#documentation": "This field specifies a day of the week and hour for a maintenance window for streaming jobs. Glue periodically performs maintenance activities. During these maintenance windows, Glue will need to restart your streaming jobs.
\nGlue will restart the job within 3 hours of the specified maintenance window. For instance, if you set up the maintenance window for Monday at 10:00AM GMT, your jobs will be restarted between 10:00AM GMT to 1:00PM GMT.
" } + }, + "ProfileName": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of an Glue usage profile associated with the job run.
" + } } }, "traits": { @@ -25044,6 +25338,78 @@ "smithy.api#output": {} } }, + "com.amazonaws.glue#ListUsageProfiles": { + "type": "operation", + "input": { + "target": "com.amazonaws.glue#ListUsageProfilesRequest" + }, + "output": { + "target": "com.amazonaws.glue#ListUsageProfilesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.glue#InternalServiceException" + }, + { + "target": "com.amazonaws.glue#InvalidInputException" + }, + { + "target": "com.amazonaws.glue#OperationNotSupportedException" + }, + { + "target": "com.amazonaws.glue#OperationTimeoutException" + } + ], + "traits": { + "smithy.api#documentation": "List all the Glue usage profiles.
", + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "Profiles", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.glue#ListUsageProfilesRequest": { + "type": "structure", + "members": { + "NextToken": { + "target": "com.amazonaws.glue#OrchestrationToken", + "traits": { + "smithy.api#documentation": "A continuation token, included if this is a continuation call.
" + } + }, + "MaxResults": { + "target": "com.amazonaws.glue#OrchestrationPageSize200", + "traits": { + "smithy.api#documentation": "The maximum number of usage profiles to return in a single response.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.glue#ListUsageProfilesResponse": { + "type": "structure", + "members": { + "Profiles": { + "target": "com.amazonaws.glue#UsageProfileDefinitionList", + "traits": { + "smithy.api#documentation": "A list of usage profile (UsageProfileDefinition) objects.
A continuation token, present if the current list segment is not the last.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.glue#ListWorkflows": { "type": "operation", "input": { @@ -26359,6 +26725,21 @@ "smithy.api#documentation": "A structure representing an open format table.
" } }, + "com.amazonaws.glue#OperationNotSupportedException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.glue#MessageString", + "traits": { + "smithy.api#documentation": "A message describing the problem.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The operation is not available in the region.
", + "smithy.api#error": "client" + } + }, "com.amazonaws.glue#OperationTimeoutException": { "type": "structure", "members": { @@ -27465,6 +27846,26 @@ } } }, + "com.amazonaws.glue#ProfileConfiguration": { + "type": "structure", + "members": { + "SessionConfiguration": { + "target": "com.amazonaws.glue#ConfigurationMap", + "traits": { + "smithy.api#documentation": "A key-value map of configuration parameters for Glue sessions.
" + } + }, + "JobConfiguration": { + "target": "com.amazonaws.glue#ConfigurationMap", + "traits": { + "smithy.api#documentation": "A key-value map of configuration parameters for Glue jobs.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the job and session values that an admin configures in an Glue usage profile.
" + } + }, "com.amazonaws.glue#PropertyPredicate": { "type": "structure", "members": { @@ -30879,6 +31280,12 @@ "traits": { "smithy.api#documentation": "The number of minutes when idle before the session times out.
" } + }, + "ProfileName": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of an Glue usage profile associated with the session.
" + } } }, "traits": { @@ -36820,6 +37227,80 @@ "smithy.api#output": {} } }, + "com.amazonaws.glue#UpdateUsageProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.glue#UpdateUsageProfileRequest" + }, + "output": { + "target": "com.amazonaws.glue#UpdateUsageProfileResponse" + }, + "errors": [ + { + "target": "com.amazonaws.glue#ConcurrentModificationException" + }, + { + "target": "com.amazonaws.glue#EntityNotFoundException" + }, + { + "target": "com.amazonaws.glue#InternalServiceException" + }, + { + "target": "com.amazonaws.glue#InvalidInputException" + }, + { + "target": "com.amazonaws.glue#OperationNotSupportedException" + }, + { + "target": "com.amazonaws.glue#OperationTimeoutException" + } + ], + "traits": { + "smithy.api#documentation": "Update an Glue usage profile.
" + } + }, + "com.amazonaws.glue#UpdateUsageProfileRequest": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of the usage profile.
", + "smithy.api#required": {} + } + }, + "Description": { + "target": "com.amazonaws.glue#DescriptionString", + "traits": { + "smithy.api#documentation": "A description of the usage profile.
" + } + }, + "Configuration": { + "target": "com.amazonaws.glue#ProfileConfiguration", + "traits": { + "smithy.api#documentation": "A ProfileConfiguration object specifying the job and session values for the profile.
The name of the usage profile that was updated.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.glue#UpdateUserDefinedFunction": { "type": "operation", "input": { @@ -37026,6 +37507,44 @@ "com.amazonaws.glue#UriString": { "type": "string" }, + "com.amazonaws.glue#UsageProfileDefinition": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.glue#NameString", + "traits": { + "smithy.api#documentation": "The name of the usage profile.
" + } + }, + "Description": { + "target": "com.amazonaws.glue#DescriptionString", + "traits": { + "smithy.api#documentation": "A description of the usage profile.
" + } + }, + "CreatedOn": { + "target": "com.amazonaws.glue#TimestampValue", + "traits": { + "smithy.api#documentation": "The date and time when the usage profile was created.
" + } + }, + "LastModifiedOn": { + "target": "com.amazonaws.glue#TimestampValue", + "traits": { + "smithy.api#documentation": "The date and time when the usage profile was last modified.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes an Glue usage profile.
" + } + }, + "com.amazonaws.glue#UsageProfileDefinitionList": { + "type": "list", + "member": { + "target": "com.amazonaws.glue#UsageProfileDefinition" + } + }, "com.amazonaws.glue#UserDefinedFunction": { "type": "structure", "members": { diff --git a/codegen/sdk-codegen/aws-models/kms.json b/codegen/sdk-codegen/aws-models/kms.json index 826975cb65f..e391dae4bf5 100644 --- a/codegen/sdk-codegen/aws-models/kms.json +++ b/codegen/sdk-codegen/aws-models/kms.json @@ -1799,12 +1799,13 @@ "input": { "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "KeyAgreementAlgorithm": "ECDH", - "PublicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH3Yj0wbkLEpUl95Cv1cJVjsVNSjwGq3tCLnzXfhVwVvmzGN8pYj3U8nKwgouaHbBWNJYjP5VutbbkKS4Kv4GojwZBJyHN17kmxo8yTjRmjR15SKIQ8cqRA2uaERMLnpztIXdZp232PQPbWGxDyXYJ0aJ5EFSag+iSK341kr2kFTpINN7T1ZaX9vfXBdGR+VtkRKMWoHQeWzHrPZ+3irvpXNCKxGUxmPNsJSjPUhuSXT5+0VrY/LEYLQ5lUTrhU6z5/OK0kzaCc66DXc5ipSloS4Xyg+QcYSMxe9xuqO5HtzFImUSKBm1W6eDT6lHnSbpi7vXzNbIX7pWxKw9nmQvQIDAQAB" + "PublicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH3Yj0wbkLEpUl95Cv1cJVjsVNSjwGq3tCLnzXfhVwVvmzGN8pYj3U8nKwgouaHbBWNJYjP5VutbbkKS4Kv4GojwZBJyHN17kmxo8yTjRmjR15SKIQ8cqRA2uaERMLnpztIXdZp232PQPbWGxDyXYJ0aJ5EFSag" }, "output": { "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "SharedSecret": "MEYCIQCKZLWyTk5runarx6XiAkU9gv3lbwPO/pHa+DXFehzdDwIhANwpsIV2g/9SPWLLsF6p/hiSskuIXMTRwqrMdVKWTMHG", - "KeyAgreementAlgorithm": "ECDH" + "KeyAgreementAlgorithm": "ECDH", + "KeyOrigin": "AWS_KMS" } } ] diff --git a/codegen/sdk-codegen/aws-models/mediaconvert.json b/codegen/sdk-codegen/aws-models/mediaconvert.json index 8729da07ce9..7c304a55533 100644 --- a/codegen/sdk-codegen/aws-models/mediaconvert.json +++ b/codegen/sdk-codegen/aws-models/mediaconvert.json @@ -3893,6 +3893,13 @@ "smithy.api#jsonName": "codecSpecification" } }, + "DashIFrameTrickPlayNameModifier": { + "target": "com.amazonaws.mediaconvert#__stringMin1Max256", + "traits": { + "smithy.api#documentation": "Specify whether MediaConvert generates I-frame only video segments for DASH trick play, also known as trick mode. When specified, the I-frame only video segments are included within an additional AdaptationSet in your DASH output manifest. To generate I-frame only video segments: Enter a name as a text string, up to 256 character long. This name is appended to the end of this output group's base filename, that you specify as part of your destination URI, and used for the I-frame only video segment files. You may also include format identifiers. For more information, see: https://docs.aws.amazon.com/mediaconvert/latest/ug/using-variables-in-your-job-settings.html#using-settings-variables-with-streaming-outputs To not generate I-frame only video segments: Leave blank.", + "smithy.api#jsonName": "dashIFrameTrickPlayNameModifier" + } + }, "DashManifestStyle": { "target": "com.amazonaws.mediaconvert#DashManifestStyle", "traits": { @@ -5841,6 +5848,13 @@ "smithy.api#jsonName": "baseUrl" } }, + "DashIFrameTrickPlayNameModifier": { + "target": "com.amazonaws.mediaconvert#__stringMin1Max256", + "traits": { + "smithy.api#documentation": "Specify whether MediaConvert generates I-frame only video segments for DASH trick play, also known as trick mode. When specified, the I-frame only video segments are included within an additional AdaptationSet in your DASH output manifest. To generate I-frame only video segments: Enter a name as a text string, up to 256 character long. This name is appended to the end of this output group's base filename, that you specify as part of your destination URI, and used for the I-frame only video segment files. You may also include format identifiers. For more information, see: https://docs.aws.amazon.com/mediaconvert/latest/ug/using-variables-in-your-job-settings.html#using-settings-variables-with-streaming-outputs To not generate I-frame only video segments: Leave blank.", + "smithy.api#jsonName": "dashIFrameTrickPlayNameModifier" + } + }, "DashManifestStyle": { "target": "com.amazonaws.mediaconvert#DashManifestStyle", "traits": { @@ -13043,14 +13057,14 @@ "type": "structure", "members": { "EndTimecode": { - "target": "com.amazonaws.mediaconvert#__stringPattern010920405090509092", + "target": "com.amazonaws.mediaconvert#__stringPattern010920405090509092090909", "traits": { "smithy.api#documentation": "Set End timecode to the end of the portion of the input you are clipping. The frame corresponding to the End timecode value is included in the clip. Start timecode or End timecode may be left blank, but not both. Use the format HH:MM:SS:FF or HH:MM:SS;FF, where HH is the hour, MM is the minute, SS is the second, and FF is the frame number. When choosing this value, take into account your setting for timecode source under input settings. For example, if you have embedded timecodes that start at 01:00:00:00 and you want your clip to end six minutes into the video, use 01:06:00:00.", "smithy.api#jsonName": "endTimecode" } }, "StartTimecode": { - "target": "com.amazonaws.mediaconvert#__stringPattern010920405090509092", + "target": "com.amazonaws.mediaconvert#__stringPattern010920405090509092090909", "traits": { "smithy.api#documentation": "Set Start timecode to the beginning of the portion of the input you are clipping. The frame corresponding to the Start timecode value is included in the clip. Start timecode or End timecode may be left blank, but not both. Use the format HH:MM:SS:FF or HH:MM:SS;FF, where HH is the hour, MM is the minute, SS is the second, and FF is the frame number. When choosing this value, take into account your setting for Input timecode source. For example, if you have embedded timecodes that start at 01:00:00:00 and you want your clip to begin five minutes into the video, use 01:05:00:00.", "smithy.api#jsonName": "startTimecode" @@ -13471,12 +13485,40 @@ "com.amazonaws.mediaconvert#InputVideoGenerator": { "type": "structure", "members": { + "Channels": { + "target": "com.amazonaws.mediaconvert#__integerMin1Max32", + "traits": { + "smithy.api#documentation": "Specify the number of audio channels to include in your video generator input. MediaConvert creates these audio channels as silent audio within a single audio track. Enter an integer from 1 to 32.", + "smithy.api#jsonName": "channels" + } + }, "Duration": { "target": "com.amazonaws.mediaconvert#__integerMin50Max86400000", "traits": { - "smithy.api#documentation": "Specify an integer value for Black video duration from 50 to 86400000 to generate a black video input for that many milliseconds. Required when you include Video generator.", + "smithy.api#documentation": "Specify the duration, in milliseconds, for your video generator input.\nEnter an integer from 50 to 86400000.", "smithy.api#jsonName": "duration" } + }, + "FramerateDenominator": { + "target": "com.amazonaws.mediaconvert#__integerMin1Max1001", + "traits": { + "smithy.api#documentation": "Specify the denominator of the fraction that represents the frame rate for your video generator input. When you do, you must also specify a value for Frame rate numerator. MediaConvert uses a default frame rate of 29.97 when you leave Frame rate numerator and Frame rate denominator blank.", + "smithy.api#jsonName": "framerateDenominator" + } + }, + "FramerateNumerator": { + "target": "com.amazonaws.mediaconvert#__integerMin1Max60000", + "traits": { + "smithy.api#documentation": "Specify the numerator of the fraction that represents the frame rate for your video generator input. When you do, you must also specify a value for Frame rate denominator. MediaConvert uses a default frame rate of 29.97 when you leave Frame rate numerator and Frame rate denominator blank.", + "smithy.api#jsonName": "framerateNumerator" + } + }, + "SampleRate": { + "target": "com.amazonaws.mediaconvert#__integerMin32000Max48000", + "traits": { + "smithy.api#documentation": "Specify the audio sample rate, in Hz, for the silent audio in your video generator input.\nEnter an integer from 32000 to 48000.", + "smithy.api#jsonName": "sampleRate" + } } }, "traits": { @@ -16984,6 +17026,9 @@ "name": "mediaconvert" }, "aws.protocols#restJson1": {}, + "smithy.api#auth": [ + "aws.auth#sigv4" + ], "smithy.api#documentation": "AWS Elemental MediaConvert", "smithy.api#title": "AWS Elemental MediaConvert", "smithy.rules#endpointRuleSet": { @@ -20258,7 +20303,7 @@ } }, "NameModifier": { - "target": "com.amazonaws.mediaconvert#__stringMin1", + "target": "com.amazonaws.mediaconvert#__stringMin1Max256", "traits": { "smithy.api#documentation": "Use Name modifier to have the service add a string to the end of each output filename. You specify the base filename as part of your destination URI. When you create multiple outputs in the same output group, Name modifier is required. Name modifier also accepts format identifiers. For DASH ISO outputs, if you use the format identifiers $Number$ or $Time$ in one output, you must use them in the same way in all outputs of the output group.", "smithy.api#jsonName": "nameModifier" @@ -27082,6 +27127,12 @@ "smithy.api#pattern": "^([01][0-9]|2[0-4]):[0-5][0-9]:[0-5][0-9][:;][0-9]{2}$" } }, + "com.amazonaws.mediaconvert#__stringPattern010920405090509092090909": { + "type": "string", + "traits": { + "smithy.api#pattern": "^([01][0-9]|2[0-4]):[0-5][0-9]:[0-5][0-9][:;][0-9]{2}(@[0-9]+(\\.[0-9]+)?(:[0-9]+)?)?$" + } + }, "com.amazonaws.mediaconvert#__stringPattern01D20305D205D": { "type": "string", "traits": { diff --git a/codegen/sdk-codegen/aws-models/secrets-manager.json b/codegen/sdk-codegen/aws-models/secrets-manager.json index 61978c977c3..7a89a0443d2 100644 --- a/codegen/sdk-codegen/aws-models/secrets-manager.json +++ b/codegen/sdk-codegen/aws-models/secrets-manager.json @@ -360,7 +360,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new secret. A secret can be a password, a set of \n credentials such as a user name and password, an OAuth token, or other secret information \n that you store in an encrypted form in Secrets Manager. The secret also \n includes the connection information to access a database or other service, which Secrets Manager \n doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the\n important information needed to manage the secret.
\nFor secrets that use managed rotation, you need to create the secret through the managing service. For more information, see Secrets Manager secrets managed by other Amazon Web Services services.\n\n
\nFor information about creating a secret in the console, see Create a secret.
\nTo create a secret, you can provide the secret value to be encrypted in either the\n SecretString parameter or the SecretBinary parameter, but not both. \n If you include SecretString or SecretBinary\n then Secrets Manager creates an initial secret version and automatically attaches the staging\n label AWSCURRENT to it.
For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret,\n you must make sure the JSON you store in the SecretString matches the JSON structure of\n a database secret.
If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key \n aws/secretsmanager. If this key \n doesn't already exist in your account, then Secrets Manager creates it for you automatically. All\n users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. \n Creating aws/secretsmanager can result in a one-time significant delay in returning the \n result.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then \n you can't use aws/secretsmanager to encrypt the secret, and you must create \n and use a customer managed KMS key.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
\n Required permissions: \n secretsmanager:CreateSecret. If you \n include tags in the secret, you also need secretsmanager:TagResource.\n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
To encrypt the secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Decrypt permission to the key.
Creates a new secret. A secret can be a password, a set of \n credentials such as a user name and password, an OAuth token, or other secret information \n that you store in an encrypted form in Secrets Manager. The secret also \n includes the connection information to access a database or other service, which Secrets Manager \n doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the\n important information needed to manage the secret.
\nFor secrets that use managed rotation, you need to create the secret through the managing service. For more information, see Secrets Manager secrets managed by other Amazon Web Services services.\n\n
\nFor information about creating a secret in the console, see Create a secret.
\nTo create a secret, you can provide the secret value to be encrypted in either the\n SecretString parameter or the SecretBinary parameter, but not both. \n If you include SecretString or SecretBinary\n then Secrets Manager creates an initial secret version and automatically attaches the staging\n label AWSCURRENT to it.
For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret,\n you must make sure the JSON you store in the SecretString matches the JSON structure of\n a database secret.
If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key \n aws/secretsmanager. If this key \n doesn't already exist in your account, then Secrets Manager creates it for you automatically. All\n users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. \n Creating aws/secretsmanager can result in a one-time significant delay in returning the \n result.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then \n you can't use aws/secretsmanager to encrypt the secret, and you must create \n and use a customer managed KMS key.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary or SecretString because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
\n Required permissions: \n secretsmanager:CreateSecret. If you \n include tags in the secret, you also need secretsmanager:TagResource. To add replica Regions, you must also have secretsmanager:ReplicateSecretToRegions.\n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
To encrypt the secret with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey and kms:Decrypt permission to the key.
Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. \n The rotation schedule is defined in RotateSecretRequest$RotationRules.
\nFor secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the \n \n testSecret \n step of the Lambda rotation function. The test creates an AWSPENDING version of the secret and then removes it.
By default, Secrets Manager rotates the secret immediately.
" + "smithy.api#documentation": "Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. \n The rotation schedule is defined in RotateSecretRequest$RotationRules.
\nFor secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the \n \n testSecret \n step of the Lambda rotation function. The test creates an AWSPENDING version of the secret and then removes it.
By default, Secrets Manager rotates the secret immediately.
" } } }, diff --git a/codegen/sdk-codegen/aws-models/waf.json b/codegen/sdk-codegen/aws-models/waf.json index be68ad1a604..197779e7fc9 100644 --- a/codegen/sdk-codegen/aws-models/waf.json +++ b/codegen/sdk-codegen/aws-models/waf.json @@ -7266,6 +7266,21 @@ ] } } + ], + "smithy.test#smokeTests": [ + { + "id": "ListRulesSuccess", + "params": { + "Limit": 20 + }, + "vendorParams": { + "region": "us-east-1" + }, + "vendorParamsShape": "aws.test#AwsVendorParams", + "expect": { + "success": {} + } + } ] } },