diff --git a/.changes/2.1285.0.json b/.changes/2.1285.0.json new file mode 100644 index 0000000000..df31835717 --- /dev/null +++ b/.changes/2.1285.0.json @@ -0,0 +1,17 @@ +[ + { + "type": "feature", + "category": "EMR", + "description": "Added GetClusterSessionCredentials API to allow Amazon SageMaker Studio to connect to EMR on EC2 clusters with runtime roles and AWS Lake Formation-based access control for Apache Spark, Apache Hive, and Presto queries." + }, + { + "type": "feature", + "category": "SecretsManager", + "description": "Added owning service filter, include planned deletion flag, and next rotation date response parameter in ListSecrets." + }, + { + "type": "feature", + "category": "Wisdom", + "description": "This release extends Wisdom CreateContent and StartContentUpload APIs to support PDF and MicrosoftWord docx document uploading." + } +] \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index 0d1ce5a644..7ca299ca39 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,12 @@ # Changelog for AWS SDK for JavaScript - + +## 2.1285.0 +* feature: EMR: Added GetClusterSessionCredentials API to allow Amazon SageMaker Studio to connect to EMR on EC2 clusters with runtime roles and AWS Lake Formation-based access control for Apache Spark, Apache Hive, and Presto queries. +* feature: SecretsManager: Added owning service filter, include planned deletion flag, and next rotation date response parameter in ListSecrets. +* feature: Wisdom: This release extends Wisdom CreateContent and StartContentUpload APIs to support PDF and MicrosoftWord docx document uploading. + ## 2.1284.0 * feature: ElastiCache: This release allows you to modify the encryption in transit setting, for existing Redis clusters. You can now change the TLS configuration of your Redis clusters without the need to re-build or re-provision the clusters or impact application availability. * feature: NetworkFirewall: AWS Network Firewall now provides status messages for firewalls to help you troubleshoot when your endpoint fails. diff --git a/README.md b/README.md index 8429dc8633..ab8deb3008 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ for further details. To use the SDK in the browser, simply add the following script tag to your HTML pages: - + You can also build a custom browser SDK with your specified set of AWS services. This can allow you to reduce the SDK's size, specify different API versions of diff --git a/apis/apigateway-2015-07-09.normal.json b/apis/apigateway-2015-07-09.normal.json index 16276819c9..86382c22de 100644 --- a/apis/apigateway-2015-07-09.normal.json +++ b/apis/apigateway-2015-07-09.normal.json @@ -4233,7 +4233,7 @@ }, "cacheClusterSize": { "shape": "CacheClusterSize", - "documentation": "
Specifies the cache cluster size for the Stage resource specified in the input, if a cache cluster is enabled.
" + "documentation": "The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.
" }, "variables": { "shape": "MapOfStringToString", @@ -4535,7 +4535,7 @@ }, "cacheClusterSize": { "shape": "CacheClusterSize", - "documentation": "The stage's cache cluster size.
" + "documentation": "The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.
" }, "variables": { "shape": "MapOfStringToString", @@ -8031,7 +8031,7 @@ }, "cacheClusterSize": { "shape": "CacheClusterSize", - "documentation": "The size of the cache cluster for the stage, if enabled.
" + "documentation": "The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.
" }, "cacheClusterStatus": { "shape": "CacheClusterStatus", diff --git a/apis/elasticmapreduce-2009-03-31.min.json b/apis/elasticmapreduce-2009-03-31.min.json index 7c1cfc2423..0ad6cce883 100644 --- a/apis/elasticmapreduce-2009-03-31.min.json +++ b/apis/elasticmapreduce-2009-03-31.min.json @@ -789,6 +789,41 @@ } } }, + "GetClusterSessionCredentials": { + "input": { + "type": "structure", + "required": [ + "ClusterId", + "ExecutionRoleArn" + ], + "members": { + "ClusterId": {}, + "ExecutionRoleArn": {} + } + }, + "output": { + "type": "structure", + "members": { + "Credentials": { + "type": "structure", + "members": { + "UsernamePassword": { + "type": "structure", + "members": { + "Username": {}, + "Password": {} + }, + "sensitive": true + } + }, + "union": true + }, + "ExpiresAt": { + "type": "timestamp" + } + } + } + }, "GetManagedScalingPolicy": { "input": { "type": "structure", @@ -803,7 +838,7 @@ "type": "structure", "members": { "ManagedScalingPolicy": { - "shape": "S4v" + "shape": "S4z" } } } @@ -995,7 +1030,7 @@ "shape": "Si" }, "EbsBlockDevices": { - "shape": "S5m" + "shape": "S5q" }, "EbsOptimized": { "type": "boolean" @@ -1085,16 +1120,16 @@ "type": "long" }, "EbsBlockDevices": { - "shape": "S5m" + "shape": "S5q" }, "EbsOptimized": { "type": "boolean" }, "ShrinkPolicy": { - "shape": "S5y" + "shape": "S62" }, "AutoScalingPolicy": { - "shape": "S62" + "shape": "S66" }, "CustomAmiId": {} } @@ -1457,7 +1492,7 @@ "member": {} }, "ShrinkPolicy": { - "shape": "S5y" + "shape": "S62" }, "ReconfigurationType": {}, "Configurations": { @@ -1491,7 +1526,7 @@ "ClusterId": {}, "InstanceGroupId": {}, "AutoScalingPolicy": { - "shape": "S62" + "shape": "S66" }, "ClusterArn": {} } @@ -1542,7 +1577,7 @@ "members": { "ClusterId": {}, "ManagedScalingPolicy": { - "shape": "S4v" + "shape": "S4z" } } }, @@ -1667,10 +1702,10 @@ "EmrManagedSlaveSecurityGroup": {}, "ServiceAccessSecurityGroup": {}, "AdditionalMasterSecurityGroups": { - "shape": "S80" + "shape": "S84" }, "AdditionalSlaveSecurityGroups": { - "shape": "S80" + "shape": "S84" } } }, @@ -1727,7 +1762,7 @@ "type": "integer" }, "ManagedScalingPolicy": { - "shape": "S4v" + "shape": "S4z" }, "PlacementGroupConfigs": { "shape": "S32" @@ -2432,7 +2467,7 @@ } } }, - "S4v": { + "S4z": { "type": "structure", "members": { "ComputeLimits": { @@ -2460,7 +2495,7 @@ } } }, - "S5m": { + "S5q": { "type": "list", "member": { "type": "structure", @@ -2472,7 +2507,7 @@ } } }, - "S5y": { + "S62": { "type": "structure", "members": { "DecommissionTimeout": { @@ -2482,10 +2517,10 @@ "type": "structure", "members": { "InstancesToTerminate": { - "shape": "S60" + "shape": "S64" }, "InstancesToProtect": { - "shape": "S60" + "shape": "S64" }, "InstanceTerminationTimeout": { "type": "integer" @@ -2494,11 +2529,11 @@ } } }, - "S60": { + "S64": { "type": "list", "member": {} }, - "S62": { + "S66": { "type": "structure", "members": { "Status": { @@ -2522,7 +2557,7 @@ } } }, - "S80": { + "S84": { "type": "list", "member": {} } diff --git a/apis/elasticmapreduce-2009-03-31.normal.json b/apis/elasticmapreduce-2009-03-31.normal.json index 0dddde4993..218757270b 100644 --- a/apis/elasticmapreduce-2009-03-31.normal.json +++ b/apis/elasticmapreduce-2009-03-31.normal.json @@ -71,7 +71,7 @@ "shape": "InternalServerError" } ], - "documentation": "AddJobFlowSteps adds new steps to a running cluster. A maximum of 256 steps are allowed in each job flow.
If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using SSH to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop. For more information on how to do this, see Add More than 256 Steps to a Cluster in the Amazon EMR Management Guide.
A step specifies the location of a JAR file stored either on the master node of the cluster or in Amazon S3. Each step is performed by the main function of the main class of the JAR file. The main class can be specified either in the manifest of the JAR or by using the MainFunction parameter of the step.
Amazon EMR executes each step in the order listed. For a step to be considered complete, the main function must exit with a zero exit code and all Hadoop jobs started while the step was running must have completed and run successfully.
You can only add steps to a cluster that is in one of the following states: STARTING, BOOTSTRAPPING, RUNNING, or WAITING.
The string values passed into HadoopJarStep
object cannot exceed a total of 10240 characters.
AddJobFlowSteps adds new steps to a running cluster. A maximum of 256 steps are allowed in each job flow.
If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using SSH to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop.
A step specifies the location of a JAR file stored either on the master node of the cluster or in Amazon S3. Each step is performed by the main function of the main class of the JAR file. The main class can be specified either in the manifest of the JAR or by using the MainFunction parameter of the step.
Amazon EMR executes each step in the order listed. For a step to be considered complete, the main function must exit with a zero exit code and all Hadoop jobs started while the step was running must have completed and run successfully.
You can only add steps to a cluster that is in one of the following states: STARTING, BOOTSTRAPPING, RUNNING, or WAITING.
The string values passed into HadoopJarStep
object cannot exceed a total of 10240 characters.
Maps a user or group to the Amazon EMR Studio specified by StudioId
, and applies a session policy to refine Studio permissions for that user or group. Use CreateStudioSessionMapping
to assign users to a Studio when you use Amazon Web Services SSO authentication. For instructions on how to assign users to a Studio when you use IAM authentication, see Assign a user or group to your EMR Studio.
Maps a user or group to the Amazon EMR Studio specified by StudioId
, and applies a session policy to refine Studio permissions for that user or group. Use CreateStudioSessionMapping
to assign users to a Studio when you use IAM Identity Center authentication. For instructions on how to assign users to a Studio when you use IAM authentication, see Assign a user or group to your EMR Studio.
Returns the Amazon EMR block public access configuration for your Amazon Web Services account in the current Region. For more information see Configure Block Public Access for Amazon EMR in the Amazon EMR Management Guide.
" }, + "GetClusterSessionCredentials": { + "name": "GetClusterSessionCredentials", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetClusterSessionCredentialsInput" + }, + "output": { + "shape": "GetClusterSessionCredentialsOutput" + }, + "errors": [ + { + "shape": "InternalServerError" + }, + { + "shape": "InvalidRequestException" + } + ], + "documentation": "Provides Temporary, basic HTTP credentials that are associated with a given runtime IAM role and used by a cluster with fine-grained access control activated. You can use these credentials to connect to cluster endpoints that support username-based and password-based authentication.
" + }, "GetManagedScalingPolicy": { "name": "GetManagedScalingPolicy", "http": { @@ -908,7 +930,7 @@ "shape": "InternalServerError" } ], - "documentation": "RunJobFlow creates and starts running a new cluster (job flow). The cluster runs the steps specified. After the steps complete, the cluster stops and the HDFS partition is lost. To prevent loss of data, configure the last step of the job flow to store results in Amazon S3. If the JobFlowInstancesConfig KeepJobFlowAliveWhenNoSteps
parameter is set to TRUE
, the cluster transitions to the WAITING state rather than shutting down after the steps have completed.
For additional protection, you can set the JobFlowInstancesConfig TerminationProtected
parameter to TRUE
to lock the cluster and prevent it from being terminated by API call, user intervention, or in the event of a job flow error.
A maximum of 256 steps are allowed in each job flow.
If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using the SSH shell to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop. For more information on how to do this, see Add More than 256 Steps to a Cluster in the Amazon EMR Management Guide.
For long running clusters, we recommend that you periodically store your results.
The instance fleets configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions. The RunJobFlow request can contain InstanceFleets parameters or InstanceGroups parameters, but not both.
RunJobFlow creates and starts running a new cluster (job flow). The cluster runs the steps specified. After the steps complete, the cluster stops and the HDFS partition is lost. To prevent loss of data, configure the last step of the job flow to store results in Amazon S3. If the JobFlowInstancesConfig KeepJobFlowAliveWhenNoSteps
parameter is set to TRUE
, the cluster transitions to the WAITING state rather than shutting down after the steps have completed.
For additional protection, you can set the JobFlowInstancesConfig TerminationProtected
parameter to TRUE
to lock the cluster and prevent it from being terminated by API call, user intervention, or in the event of a job flow error.
A maximum of 256 steps are allowed in each job flow.
If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using the SSH shell to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop.
For long-running clusters, we recommend that you periodically store your results.
The instance fleets configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions. The RunJobFlow request can contain InstanceFleets parameters or InstanceGroups parameters, but not both.
Specifies whether the Studio authenticates users using IAM or Amazon Web Services SSO.
" + "documentation": "Specifies whether the Studio authenticates users using IAM or IAM Identity Center.
" }, "VpcId": { "shape": "XmlStringMaxLen256", @@ -1925,7 +1947,7 @@ }, "UserRole": { "shape": "XmlString", - "documentation": "The IAM user role that users and groups assume when logged in to an Amazon EMR Studio. Only specify a UserRole
when you use Amazon Web Services SSO authentication. The permissions attached to the UserRole
can be scoped down for each user or group using session policies.
The IAM user role that users and groups assume when logged in to an Amazon EMR Studio. Only specify a UserRole
when you use IAM Identity Center authentication. The permissions attached to the UserRole
can be scoped down for each user or group using session policies.
The globally unique identifier (GUID) of the user or group from the Amazon Web Services SSO Identity Store. For more information, see UserId and GroupId in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName
or IdentityId
must be specified, but not both.
The globally unique identifier (GUID) of the user or group from the IAM Identity Center Identity Store. For more information, see UserId and GroupId in the IAM Identity Center Identity Store API Reference. Either IdentityName
or IdentityId
must be specified, but not both.
The name of the user or group. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName
or IdentityId
must be specified, but not both.
The name of the user or group. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference. Either IdentityName
or IdentityId
must be specified, but not both.
The username and password that you use to connect to cluster endpoints.
" + } + }, + "documentation": "The credentials that you can use to connect to cluster endpoints. Credentials consist of a username and a password.
", + "union": true + }, "Date": { "type": "timestamp" }, @@ -2040,11 +2073,11 @@ }, "IdentityId": { "shape": "XmlStringMaxLen256", - "documentation": "The globally unique identifier (GUID) of the user or group to remove from the Amazon EMR Studio. For more information, see UserId and GroupId in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The globally unique identifier (GUID) of the user or group to remove from the Amazon EMR Studio. For more information, see UserId and GroupId in the IAM Identity Center Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The name of the user name or group to remove from the Amazon EMR Studio. For more information, see UserName and DisplayName in the Amazon Web Services SSO Store API Reference. Either IdentityName
or IdentityId
must be specified.
The name of the user name or group to remove from the Amazon EMR Studio. For more information, see UserName and DisplayName in the IAM Identity Center Store API Reference. Either IdentityName
or IdentityId
must be specified.
The unique identifier of the cluster.
" + }, + "ExecutionRoleArn": { + "shape": "ArnType", + "documentation": "The Amazon Resource Name (ARN) of the runtime role for interactive workload submission on the cluster. The runtime role can be a cross-account IAM role. The runtime role ARN is a combination of account ID, role name, and role type using the following format: arn:partition:service:region:account:resource
.
The credentials that you can use to connect to cluster endpoints that support username-based and password-based authentication.
" + }, + "ExpiresAt": { + "shape": "Date", + "documentation": "The time when the credentials that are returned by the GetClusterSessionCredentials
API expire.
The globally unique identifier (GUID) of the user or group. For more information, see UserId and GroupId in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The globally unique identifier (GUID) of the user or group. For more information, see UserId and GroupId in the IAM Identity Center Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The name of the user or group to fetch. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The name of the user or group to fetch. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The IAM role that Amazon EMR assumes in order to access Amazon Web Services resources on your behalf.
" + "documentation": "The IAM role that Amazon EMR assumes in order to access Amazon Web Services resources on your behalf. If you've created a custom service role path, you must specify it for the service role when you launch your cluster.
" }, "Tags": { "shape": "TagList", @@ -4954,7 +5017,7 @@ }, "IdentityName": { "shape": "XmlStringMaxLen256", - "documentation": "The name of the user or group. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference.
" + "documentation": "The name of the user or group. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference.
" }, "IdentityType": { "shape": "IdentityType", @@ -4984,11 +5047,11 @@ }, "IdentityId": { "shape": "XmlStringMaxLen256", - "documentation": "The globally unique identifier (GUID) of the user or group from the Amazon Web Services SSO Identity Store.
" + "documentation": "The globally unique identifier (GUID) of the user or group from the IAM Identity Center Identity Store.
" }, "IdentityName": { "shape": "XmlStringMaxLen256", - "documentation": "The name of the user or group. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference.
" + "documentation": "The name of the user or group. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference.
" }, "IdentityType": { "shape": "IdentityType", @@ -5504,7 +5567,7 @@ }, "AuthMode": { "shape": "AuthMode", - "documentation": "Specifies whether the Amazon EMR Studio authenticates users using IAM or Amazon Web Services SSO.
" + "documentation": "Specifies whether the Amazon EMR Studio authenticates users using IAM or IAM Identity Center.
" }, "VpcId": { "shape": "XmlStringMaxLen256", @@ -5582,7 +5645,7 @@ }, "AuthMode": { "shape": "AuthMode", - "documentation": "Specifies whether the Studio authenticates users using IAM or Amazon Web Services SSO.
" + "documentation": "Specifies whether the Studio authenticates users using IAM or IAM Identity Center.
" }, "CreationTime": { "shape": "Date", @@ -5734,11 +5797,11 @@ }, "IdentityId": { "shape": "XmlStringMaxLen256", - "documentation": "The globally unique identifier (GUID) of the user or group. For more information, see UserId and GroupId in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The globally unique identifier (GUID) of the user or group. For more information, see UserId and GroupId in the IAM Identity Center Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The name of the user or group to update. For more information, see UserName and DisplayName in the Amazon Web Services SSO Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The name of the user or group to update. For more information, see UserName and DisplayName in the IAM Identity Center Identity Store API Reference. Either IdentityName
or IdentityId
must be specified.
The username associated with the temporary credentials that you use to connect to cluster endpoints.
" + }, + "Password": { + "shape": "XmlStringMaxLen256", + "documentation": "The password associated with the temporary credentials that you use to connect to cluster endpoints.
" + } + }, + "documentation": "The username and password that you use to connect to cluster endpoints.
", + "sensitive": true + }, "VolumeSpecification": { "type": "structure", "required": [ @@ -5759,7 +5837,7 @@ "members": { "VolumeType": { "shape": "String", - "documentation": "The volume type. Volume types supported are gp2, io1, and standard.
" + "documentation": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.
" }, "Iops": { "shape": "Integer", diff --git a/apis/secretsmanager-2017-10-17.min.json b/apis/secretsmanager-2017-10-17.min.json index 720e7cadd3..8751c29ed2 100644 --- a/apis/secretsmanager-2017-10-17.min.json +++ b/apis/secretsmanager-2017-10-17.min.json @@ -155,11 +155,14 @@ "DeletedDate": { "type": "timestamp" }, + "NextRotationDate": { + "type": "timestamp" + }, "Tags": { "shape": "Se" }, "VersionIdsToStages": { - "shape": "S19" + "shape": "S1a" }, "OwningService": {}, "CreatedDate": { @@ -254,7 +257,7 @@ "shape": "Sd" }, "VersionStages": { - "shape": "S1a" + "shape": "S1b" }, "CreatedDate": { "type": "timestamp" @@ -289,7 +292,7 @@ "members": { "VersionId": {}, "VersionStages": { - "shape": "S1a" + "shape": "S1b" }, "LastAccessedDate": { "type": "timestamp" @@ -314,6 +317,9 @@ "input": { "type": "structure", "members": { + "IncludePlannedDeletion": { + "type": "boolean" + }, "MaxResults": { "type": "integer" }, @@ -365,11 +371,14 @@ "DeletedDate": { "type": "timestamp" }, + "NextRotationDate": { + "type": "timestamp" + }, "Tags": { "shape": "Se" }, "SecretVersionsToStages": { - "shape": "S19" + "shape": "S1a" }, "OwningService": {}, "CreatedDate": { @@ -424,7 +433,7 @@ "shape": "Sd" }, "VersionStages": { - "shape": "S1a" + "shape": "S1b" } } }, @@ -435,7 +444,7 @@ "Name": {}, "VersionId": {}, "VersionStages": { - "shape": "S1a" + "shape": "S1b" } } } @@ -724,14 +733,14 @@ "ScheduleExpression": {} } }, - "S19": { + "S1a": { "type": "map", "key": {}, "value": { - "shape": "S1a" + "shape": "S1b" } }, - "S1a": { + "S1b": { "type": "list", "member": {} } diff --git a/apis/secretsmanager-2017-10-17.normal.json b/apis/secretsmanager-2017-10-17.normal.json index f04b3abcb4..b9e508b056 100644 --- a/apis/secretsmanager-2017-10-17.normal.json +++ b/apis/secretsmanager-2017-10-17.normal.json @@ -85,7 +85,7 @@ "shape": "DecryptionFailure" } ], - "documentation": "Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. The secret also includes the connection information to access a database or other service, which Secrets Manager doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret.
For secrets that use managed rotation, you need to create the secret through the managing service. For more information, see Secrets Manager secrets managed by other Amazon Web Services services.
For information about creating a secret in the console, see Create a secret.
To create a secret, you can provide the secret value to be encrypted in either the SecretString
parameter or the SecretBinary
parameter, but not both. If you include SecretString
or SecretBinary
then Secrets Manager creates an initial secret version and automatically attaches the staging label AWSCURRENT
to it.
For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the JSON you store in the SecretString
matches the JSON structure of a database secret.
If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key aws/secretsmanager
. If this key doesn't already exist in your account, then Secrets Manager creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager
. Creating aws/secretsmanager
can result in a one-time significant delay in returning the result.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't use aws/secretsmanager
to encrypt the secret, and you must create and use a customer managed KMS key.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary
or SecretString
because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
Required permissions: secretsmanager:CreateSecret
. If you include tags in the secret, you also need secretsmanager:TagResource
. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.
To encrypt the secret with a KMS key other than aws/secretsmanager
, you need kms:GenerateDataKey
and kms:Decrypt
permission to the key.
Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. The secret also includes the connection information to access a database or other service, which Secrets Manager doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the important information needed to manage the secret.
For information about creating a secret in the console, see Create a secret.
To create a secret, you can provide the secret value to be encrypted in either the SecretString
parameter or the SecretBinary
parameter, but not both. If you include SecretString
or SecretBinary
then Secrets Manager creates an initial secret version and automatically attaches the staging label AWSCURRENT
to it.
For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the JSON you store in the SecretString
matches the JSON structure of a database secret.
If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key aws/secretsmanager
. If this key doesn't already exist in your account, then Secrets Manager creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager
. Creating aws/secretsmanager
can result in a one-time significant delay in returning the result.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't use aws/secretsmanager
to encrypt the secret, and you must create and use a customer managed KMS key.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary
or SecretString
because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
Required permissions: secretsmanager:CreateSecret
. If you include tags in the secret, you also need secretsmanager:TagResource
. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager.
To encrypt the secret with a KMS key other than aws/secretsmanager
, you need kms:GenerateDataKey
and kms:Decrypt
permission to the key.
Configures and starts the asynchronous process of rotating the secret. For information about rotation, see Rotate secrets in the Secrets Manager User Guide. If you include the configuration parameters, the operation sets the values for the secret and then immediately starts a rotation. If you don't include the configuration parameters, the operation starts a rotation with the values already stored in the secret.
When rotation is successful, the AWSPENDING
staging label might be attached to the same version as the AWSCURRENT
version, or it might not be attached to any version. If the AWSPENDING
staging label is present but not attached to the same version as AWSCURRENT
, then any later invocation of RotateSecret
assumes that a previous rotation request is still in progress and returns an error. When rotation is unsuccessful, the AWSPENDING
staging label might be attached to an empty secret version. For more information, see Troubleshoot rotation in the Secrets Manager User Guide.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
Required permissions: secretsmanager:RotateSecret
. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager. You also need lambda:InvokeFunction
permissions on the rotation function. For more information, see Permissions for rotation.
Configures and starts the asynchronous process of rotating the secret. For more information about rotation, see Rotate secrets.
If you include the configuration parameters, the operation sets the values for the secret and then immediately starts a rotation. If you don't include the configuration parameters, the operation starts a rotation with the values already stored in the secret.
For database credentials you want to rotate, for Secrets Manager to be able to rotate the secret, you must make sure the secret value is in the JSON structure of a database secret. In particular, if you want to use the alternating users strategy, your secret must contain the ARN of a superuser secret.
To configure rotation, you also need the ARN of an Amazon Web Services Lambda function and the schedule for the rotation. The Lambda rotation function creates a new version of the secret and creates or updates the credentials on the database or service to match. After testing the new credentials, the function marks the new secret version with the staging label AWSCURRENT
. Then anyone who retrieves the secret gets the new version. For more information, see How rotation works.
You can create the Lambda rotation function based on the rotation function templates that Secrets Manager provides. Choose a template that matches your Rotation strategy.
When rotation is successful, the AWSPENDING
staging label might be attached to the same version as the AWSCURRENT
version, or it might not be attached to any version. If the AWSPENDING
staging label is present but not attached to the same version as AWSCURRENT
, then any later invocation of RotateSecret
assumes that a previous rotation request is still in progress and returns an error.
When rotation is unsuccessful, the AWSPENDING
staging label might be attached to an empty secret version. For more information, see Troubleshoot rotation in the Secrets Manager User Guide.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
Required permissions: secretsmanager:RotateSecret
. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager. You also need lambda:InvokeFunction
permissions on the rotation function. For more information, see Permissions for rotation.
Modifies the details of a secret, including metadata and the secret value. To change the secret value, you can also use PutSecretValue.
To change the rotation configuration of a secret, use RotateSecret instead.
To change a secret so that it is managed by another service, you need to recreate the secret in that service. See Secrets Manager secrets managed by other Amazon Web Services services.
We recommend you avoid calling UpdateSecret
at a sustained rate of more than once every 10 minutes. When you call UpdateSecret
to update the secret value, Secrets Manager creates a new version of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not remove versions created less than 24 hours ago. If you update the secret value more than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach the quota for secret versions.
If you include SecretString
or SecretBinary
to create a new secret version, Secrets Manager automatically moves the staging label AWSCURRENT
to the new version. Then it attaches the label AWSPREVIOUS
to the version that AWSCURRENT
was removed from.
If you call this operation with a ClientRequestToken
that matches an existing version's VersionId
, the operation results in an error. You can't modify an existing version, you can only create a new version. To remove a version, remove all staging labels from it. See UpdateSecretVersionStage.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary
or SecretString
because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
Required permissions: secretsmanager:UpdateSecret
. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager. If you use a customer managed key, you must also have kms:GenerateDataKey
and kms:Decrypt
permissions on the key. For more information, see Secret encryption and decryption.
Modifies the details of a secret, including metadata and the secret value. To change the secret value, you can also use PutSecretValue.
To change the rotation configuration of a secret, use RotateSecret instead.
We recommend you avoid calling UpdateSecret
at a sustained rate of more than once every 10 minutes. When you call UpdateSecret
to update the secret value, Secrets Manager creates a new version of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not remove versions created less than 24 hours ago. If you update the secret value more than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach the quota for secret versions.
If you include SecretString
or SecretBinary
to create a new secret version, Secrets Manager automatically moves the staging label AWSCURRENT
to the new version. Then it attaches the label AWSPREVIOUS
to the version that AWSCURRENT
was removed from.
If you call this operation with a ClientRequestToken
that matches an existing version's VersionId
, the operation results in an error. You can't modify an existing version, you can only create a new version. To remove a version, remove all staging labels from it. See UpdateSecretVersionStage.
Secrets Manager generates a CloudTrail log entry when you call this action. Do not include sensitive information in request parameters except SecretBinary
or SecretString
because it might be logged. For more information, see Logging Secrets Manager events with CloudTrail.
Required permissions: secretsmanager:UpdateSecret
. For more information, see IAM policy actions for Secrets Manager and Authentication and access control in Secrets Manager. If you use a customer managed key, you must also have kms:GenerateDataKey
and kms:Decrypt
permissions on the key. For more information, see Secret encryption and decryption.
The date the secret is scheduled for deletion. If it is not scheduled for deletion, this field is omitted. When you delete a secret, Secrets Manager requires a recovery window of at least 7 days before deleting the secret. Some time after the deleted date, Secrets Manager deletes the secret, including all of its versions.
If a secret is scheduled for deletion, then its details, including the encrypted secret value, is not accessible. To cancel a scheduled deletion and restore access to the secret, use RestoreSecret.
", "box": true }, + "NextRotationDate": { + "shape": "NextRotationDateType" + }, "Tags": { "shape": "TagListType", "documentation": "The list of tags attached to the secret. To add tags to a secret, use TagResource. To remove tags, use UntagResource.
" @@ -1011,13 +1014,14 @@ "tag-key", "tag-value", "primary-region", + "owning-service", "all" ] }, "FilterValueStringType": { "type": "string", "max": 512, - "pattern": "^\\!?[a-zA-Z0-9 :_@\\/\\+\\=\\.\\-]*$" + "pattern": "^\\!?[a-zA-Z0-9 :_@\\/\\+\\=\\.\\-\\!]*$" }, "FilterValuesStringList": { "type": "list", @@ -1243,6 +1247,10 @@ "ListSecretsRequest": { "type": "structure", "members": { + "IncludePlannedDeletion": { + "shape": "BooleanType", + "box": true + }, "MaxResults": { "shape": "MaxResultsType", "documentation": "The number of results to include in the response.
If there are more results available, in the response, Secrets Manager includes NextToken
. To get the next results, call ListSecrets
again with the value from NextToken
.
For secrets that use a Lambda rotation function to rotate, the ARN of the Lambda rotation function.
For secrets that use managed rotation, omit this field. For more information, see Managed rotation in the Secrets Manager User Guide.
" + "documentation": "The ARN of the Lambda rotation function that can rotate the secret.
" }, "RotationRules": { "shape": "RotationRulesType", @@ -1575,7 +1586,7 @@ }, "RotateImmediately": { "shape": "BooleanType", - "documentation": "Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules.
For secrets that use a Lambda rotation function to rotate, if you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the testSecret
step of the Lambda rotation function. The test creates an AWSPENDING
version of the secret and then removes it.
If you don't specify this value, then by default, Secrets Manager rotates the secret immediately.
", + "documentation": "Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules.
If you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the testSecret
step of the Lambda rotation function. The test creates an AWSPENDING
version of the secret and then removes it.
If you don't specify this value, then by default, Secrets Manager rotates the secret immediately.
", "box": true } } @@ -1698,6 +1709,9 @@ "shape": "DeletedDateType", "documentation": "The date and time the deletion of the secret occurred. Not present on active secrets. The secret can be recovered until the number of days in the recovery window has passed, as specified in the RecoveryWindowInDays
parameter of the DeleteSecret
operation.
The list of user-defined tags associated with the secret. To add tags to a secret, use TagResource
. To remove tags, use UntagResource
.
Amazon Web Services Secrets Manager provides a service to enable you to store, manage, and retrieve, secrets.
This guide provides descriptions of the Secrets Manager API. For more information about using this service, see the Amazon Web Services Secrets Manager User Guide.
API Version
This version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.
For a list of endpoints, see Amazon Web Services Secrets Manager endpoints.
Support and Feedback for Amazon Web Services Secrets Manager
We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and questions in the Amazon Web Services Secrets Manager Discussion Forum. For more information about the Amazon Web Services Discussion Forums, see Forums Help.
Logging API Requests
Amazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. By using information that's collected by Amazon Web Services CloudTrail, you can determine the requests successfully made to Secrets Manager, who made the request, when it was made, and so on. For more about Amazon Web Services Secrets Manager and support for Amazon Web Services CloudTrail, see Logging Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail in the Amazon Web Services Secrets Manager User Guide. To learn more about CloudTrail, including enabling it and find your log files, see the Amazon Web Services CloudTrail User Guide.
" + "documentation": "Amazon Web Services Secrets Manager provides a service to enable you to store, manage, and retrieve, secrets.
This guide provides descriptions of the Secrets Manager API. For more information about using this service, see the Amazon Web Services Secrets Manager User Guide.
API Version
This version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.
Support and Feedback for Amazon Web Services Secrets Manager
We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and questions in the Amazon Web Services Secrets Manager Discussion Forum. For more information about the Amazon Web Services Discussion Forums, see Forums Help.
Logging API Requests
Amazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. By using information that's collected by Amazon Web Services CloudTrail, you can determine the requests successfully made to Secrets Manager, who made the request, when it was made, and so on. For more about Amazon Web Services Secrets Manager and support for Amazon Web Services CloudTrail, see Logging Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail in the Amazon Web Services Secrets Manager User Guide. To learn more about CloudTrail, including enabling it and find your log files, see the Amazon Web Services CloudTrail User Guide.
" } \ No newline at end of file diff --git a/apis/wisdom-2020-10-19.min.json b/apis/wisdom-2020-10-19.min.json index a36522f93c..6031a5e698 100644 --- a/apis/wisdom-2020-10-19.min.json +++ b/apis/wisdom-2020-10-19.min.json @@ -127,7 +127,7 @@ "type": "structure", "members": { "content": { - "shape": "St" + "shape": "Su" } } }, @@ -152,13 +152,13 @@ "knowledgeBaseType": {}, "name": {}, "renderingConfiguration": { - "shape": "S10" + "shape": "S11" }, "serverSideEncryptionConfiguration": { "shape": "S5" }, "sourceConfiguration": { - "shape": "S11" + "shape": "S12" }, "tags": { "shape": "S7" @@ -169,7 +169,7 @@ "type": "structure", "members": { "knowledgeBase": { - "shape": "S16" + "shape": "S17" } } }, @@ -205,7 +205,7 @@ "type": "structure", "members": { "session": { - "shape": "S1a" + "shape": "S1b" } } }, @@ -403,7 +403,7 @@ "type": "structure", "members": { "content": { - "shape": "St" + "shape": "Su" } } } @@ -435,7 +435,7 @@ "type": "structure", "members": { "contentSummary": { - "shape": "S1r" + "shape": "S1s" } } } @@ -462,7 +462,7 @@ "type": "structure", "members": { "knowledgeBase": { - "shape": "S16" + "shape": "S17" } } } @@ -516,7 +516,7 @@ ], "members": { "document": { - "shape": "S20" + "shape": "S21" }, "recommendationId": {}, "relevanceLevel": {}, @@ -546,7 +546,7 @@ "type": "structure", "members": { "text": { - "shape": "S2f" + "shape": "S2g" } } } @@ -555,7 +555,7 @@ }, "id": {}, "recommendationIds": { - "shape": "S2g" + "shape": "S2h" }, "source": {}, "type": {} @@ -592,7 +592,7 @@ "type": "structure", "members": { "session": { - "shape": "S1a" + "shape": "S1b" } } } @@ -752,7 +752,7 @@ ], "members": { "contentSummaries": { - "shape": "S2w" + "shape": "S2x" }, "nextToken": {} } @@ -802,13 +802,13 @@ "knowledgeBaseType": {}, "name": {}, "renderingConfiguration": { - "shape": "S10" + "shape": "S11" }, "serverSideEncryptionConfiguration": { "shape": "S5" }, "sourceConfiguration": { - "shape": "S11" + "shape": "S12" }, "status": {}, "tags": { @@ -866,7 +866,7 @@ "locationName": "assistantId" }, "recommendationIds": { - "shape": "S2g" + "shape": "S2h" }, "sessionId": { "location": "uri", @@ -888,7 +888,7 @@ } }, "recommendationIds": { - "shape": "S2g" + "shape": "S2h" } } }, @@ -915,7 +915,7 @@ }, "nextToken": {}, "queryText": { - "shape": "S2f" + "shape": "S2g" } } }, @@ -936,7 +936,7 @@ ], "members": { "document": { - "shape": "S20" + "shape": "S21" }, "relevanceScore": { "type": "double" @@ -997,7 +997,7 @@ "locationName": "nextToken" }, "searchExpression": { - "shape": "S3f" + "shape": "S3g" } } }, @@ -1008,7 +1008,7 @@ ], "members": { "contentSummaries": { - "shape": "S2w" + "shape": "S2x" }, "nextToken": {} } @@ -1040,7 +1040,7 @@ "locationName": "nextToken" }, "searchExpression": { - "shape": "S3f" + "shape": "S3g" } } }, @@ -1107,10 +1107,10 @@ }, "uploadId": {}, "url": { - "shape": "Sw" + "shape": "Sx" }, "urlExpiry": { - "shape": "Sx" + "shape": "Sy" } } } @@ -1209,7 +1209,7 @@ "type": "structure", "members": { "content": { - "shape": "St" + "shape": "Su" } } } @@ -1237,7 +1237,7 @@ "type": "structure", "members": { "knowledgeBase": { - "shape": "S16" + "shape": "S17" } } } @@ -1321,7 +1321,7 @@ "key": {}, "value": {} }, - "St": { + "Su": { "type": "structure", "required": [ "contentArn", @@ -1355,28 +1355,28 @@ }, "title": {}, "url": { - "shape": "Sw" + "shape": "Sx" }, "urlExpiry": { - "shape": "Sx" + "shape": "Sy" } } }, - "Sw": { + "Sx": { "type": "string", "sensitive": true }, - "Sx": { + "Sy": { "type": "timestamp", "timestampFormat": "unixTimestamp" }, - "S10": { + "S11": { "type": "structure", "members": { "templateUri": {} } }, - "S11": { + "S12": { "type": "structure", "members": { "appIntegrations": { @@ -1396,7 +1396,7 @@ }, "union": true }, - "S16": { + "S17": { "type": "structure", "required": [ "knowledgeBaseArn", @@ -1411,17 +1411,17 @@ "knowledgeBaseId": {}, "knowledgeBaseType": {}, "lastContentModificationTime": { - "shape": "Sx" + "shape": "Sy" }, "name": {}, "renderingConfiguration": { - "shape": "S10" + "shape": "S11" }, "serverSideEncryptionConfiguration": { "shape": "S5" }, "sourceConfiguration": { - "shape": "S11" + "shape": "S12" }, "status": {}, "tags": { @@ -1429,7 +1429,7 @@ } } }, - "S1a": { + "S1b": { "type": "structure", "required": [ "name", @@ -1446,7 +1446,7 @@ } } }, - "S1r": { + "S1s": { "type": "structure", "required": [ "contentArn", @@ -1478,7 +1478,7 @@ "title": {} } }, - "S20": { + "S21": { "type": "structure", "required": [ "contentReference" @@ -1494,14 +1494,14 @@ } }, "excerpt": { - "shape": "S22" + "shape": "S23" }, "title": { - "shape": "S22" + "shape": "S23" } } }, - "S22": { + "S23": { "type": "structure", "members": { "highlights": { @@ -1524,21 +1524,21 @@ } } }, - "S2f": { + "S2g": { "type": "string", "sensitive": true }, - "S2g": { + "S2h": { "type": "list", "member": {} }, - "S2w": { + "S2x": { "type": "list", "member": { - "shape": "S1r" + "shape": "S1s" } }, - "S3f": { + "S3g": { "type": "structure", "required": [ "filters" diff --git a/apis/wisdom-2020-10-19.normal.json b/apis/wisdom-2020-10-19.normal.json index b44b61f1c4..71de0f6df7 100644 --- a/apis/wisdom-2020-10-19.normal.json +++ b/apis/wisdom-2020-10-19.normal.json @@ -1293,7 +1293,7 @@ }, "ContentType": { "type": "string", - "pattern": "^(text/(plain|html))|(application/x\\.wisdom-json;source=(salesforce|servicenow|zendesk))$" + "pattern": "^(text/(plain|html))|(application/(pdf|vnd\\.openxmlformats-officedocument\\.wordprocessingml\\.document))|(application/x\\.wisdom-json;source=(salesforce|servicenow|zendesk))$" }, "CreateAssistantAssociationRequest": { "type": "structure", @@ -1420,7 +1420,7 @@ "documentation": "The title of the content. If not set, the title is equal to the name.
" }, "uploadId": { - "shape": "NonEmptyString", + "shape": "UploadId", "documentation": "A pointer to the uploaded asset. This value is returned by StartContentUpload.
" } } @@ -2827,7 +2827,7 @@ "documentation": "The headers to include in the upload.
" }, "uploadId": { - "shape": "NonEmptyString", + "shape": "UploadId", "documentation": "The identifier of the upload.
" }, "url": { @@ -2963,7 +2963,7 @@ "documentation": "The title of the content.
" }, "uploadId": { - "shape": "NonEmptyString", + "shape": "UploadId", "documentation": "A pointer to the uploaded asset. This value is returned by StartContentUpload.
" } } @@ -3005,6 +3005,11 @@ } } }, + "UploadId": { + "type": "string", + "max": 1200, + "min": 1 + }, "Uri": { "type": "string", "max": 4096, diff --git a/clients/apigateway.d.ts b/clients/apigateway.d.ts index 22afbaa16e..8b2eec4968 100644 --- a/clients/apigateway.d.ts +++ b/clients/apigateway.d.ts @@ -1324,7 +1324,7 @@ declare namespace APIGateway { */ cacheClusterEnabled?: NullableBoolean; /** - * Specifies the cache cluster size for the Stage resource specified in the input, if a cache cluster is enabled. + * The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness. */ cacheClusterSize?: CacheClusterSize; /** @@ -1545,7 +1545,7 @@ declare namespace APIGateway { */ cacheClusterEnabled?: Boolean; /** - * The stage's cache cluster size. + * The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness. */ cacheClusterSize?: CacheClusterSize; /** @@ -3491,7 +3491,7 @@ declare namespace APIGateway { */ cacheClusterEnabled?: Boolean; /** - * The size of the cache cluster for the stage, if enabled. + * The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness. */ cacheClusterSize?: CacheClusterSize; /** diff --git a/clients/emr.d.ts b/clients/emr.d.ts index 95cf118a11..a8d2499ede 100644 --- a/clients/emr.d.ts +++ b/clients/emr.d.ts @@ -29,11 +29,11 @@ declare class EMR extends Service { */ addInstanceGroups(callback?: (err: AWSError, data: EMR.Types.AddInstanceGroupsOutput) => void): Request>1,l=23===i?Math.pow(2,-24)-Math.pow(2,-77):0,d=a?0:s-1,y=a?1:-1,b=t<0||0===t&&1/t<0?1:0;for(t=Math.abs(t),isNaN(t)||t===1/0?(n=isNaN(t)?1:0,o=m):(o=Math.floor(Math.log(t)/Math.LN2),t*(u=Math.pow(2,-o))<1&&(o--,u*=2),t+=o+c>=1?l/u:l*Math.pow(2,1-c),t*u>=2&&(o++,u/=2),o+c>=m?(n=0,o=m):o+c>=1?(n=(t*u-1)*Math.pow(2,i),o+=c):(n=t*Math.pow(2,c-1)*Math.pow(2,i),o=0));i>=8;e[r+d]=255&n,d+=y,n/=256,i-=8);for(o=o<0;e[r+d]=255&o,d+=y,o/=256,p-=8);e[r+d-y]|=128*b}},{}],437:[function(e,t,r){var a={}.toString;t.exports=Array.isArray||function(e){return"[object Array]"==a.call(e)}},{}],438:[function(e,t,r){!function(e){"use strict";function t(e){return null!==e&&"[object Array]"===Object.prototype.toString.call(e)}function r(e){return null!==e&&"[object Object]"===Object.prototype.toString.call(e)}function a(e,i){if(e===i)return!0;if(Object.prototype.toString.call(e)!==Object.prototype.toString.call(i))return!1;if(!0===t(e)){if(e.length!==i.length)return!1;for(var s=0;s G((f-r)/g)&&i("overflow"),r+=(p-t)*g,t=p,u=0;u =0?(c=b.substr(0,S),l=b.substr(S+1)):(c=b,l=""),d=decodeURIComponent(c),y=decodeURIComponent(l),a(o,d)?i(o[d])?o[d].push(y):o[d]=[o[d],y]:o[d]=y}return o};var i=Array.isArray||function(e){return"[object Array]"===Object.prototype.toString.call(e)}},{}],442:[function(e,t,r){"use strict";function a(e,t){if(e.map)return e.map(t);for(var r=[],a=0;a >1,l=23===i?Math.pow(2,-24)-Math.pow(2,-77):0,d=a?0:s-1,y=a?1:-1,b=t<0||0===t&&1/t<0?1:0;for(t=Math.abs(t),isNaN(t)||t===1/0?(n=isNaN(t)?1:0,o=m):(o=Math.floor(Math.log(t)/Math.LN2),t*(u=Math.pow(2,-o))<1&&(o--,u*=2),t+=o+c>=1?l/u:l*Math.pow(2,1-c),t*u>=2&&(o++,u/=2),o+c>=m?(n=0,o=m):o+c>=1?(n=(t*u-1)*Math.pow(2,i),o+=c):(n=t*Math.pow(2,c-1)*Math.pow(2,i),o=0));i>=8;e[r+d]=255&n,d+=y,n/=256,i-=8);for(o=o<0;e[r+d]=255&o,d+=y,o/=256,p-=8);e[r+d-y]|=128*b}},{}],437:[function(e,t,r){var a={}.toString;t.exports=Array.isArray||function(e){return"[object Array]"==a.call(e)}},{}],438:[function(e,t,r){!function(e){"use strict";function t(e){return null!==e&&"[object Array]"===Object.prototype.toString.call(e)}function r(e){return null!==e&&"[object Object]"===Object.prototype.toString.call(e)}function a(e,i){if(e===i)return!0;if(Object.prototype.toString.call(e)!==Object.prototype.toString.call(i))return!1;if(!0===t(e)){if(e.length!==i.length)return!1;for(var s=0;s G((f-r)/g)&&i("overflow"),r+=(p-t)*g,t=p,u=0;u =0?(c=b.substr(0,S),l=b.substr(S+1)):(c=b,l=""),d=decodeURIComponent(c),y=decodeURIComponent(l),a(o,d)?i(o[d])?o[d].push(y):o[d]=[o[d],y]:o[d]=y}return o};var i=Array.isArray||function(e){return"[object Array]"===Object.prototype.toString.call(e)}},{}],442:[function(e,t,r){"use strict";function a(e,t){if(e.map)return e.map(t);for(var r=[],a=0;a=55296&&t<=56319&&i65535&&(e-=65536,t+=w(e>>>10&1023|55296),e=56320|1023&e),t+=w(e)}).join("")}function p(e){return e-48<10?e-22:e-65<26?e-65:e-97<26?e-97:T}function m(e,t){return e+22+75*(e<26)-((0!=t)<<5)}function c(e,t,r){var a=0;for(e=r?G(e/R):e>>1,e+=G(e/t);e>L*k>>1;a+=T)e=G(e/L);return G(a+(L+1)*e/(e+A))}function l(e){var t,r,a,s,o,n,m,l,d,y,b=[],S=e.length,g=0,h=v,N=D;for(r=e.lastIndexOf(x),r<0&&(r=0),a=0;a=S&&i("invalid-input"),l=p(e.charCodeAt(s++)),(l>=T||l>G((f-g)/n))&&i("overflow"),g+=l*n,d=m<=N?C:m>=N+k?k:m-N,!(l=t&&bf&&i("overflow"),b==t){for(l=r,d=T;y=d<=o?C:d>=o+k?k:d-o,!(l=0&&delete e.httpRequest.headers["Content-Length"]}function i(e){var t=new l,r=e.service.api.operations[e.operation].input;if(r.payload){var a={},i=r.members[r.payload];a=e.params[r.payload],"structure"===i.type?(e.httpRequest.body=t.build(a||{},i),s(e)):void 0!==a&&(e.httpRequest.body=a,("binary"===i.type||i.isStreaming)&&s(e,!0))}else e.httpRequest.body=t.build(e.params,r),s(e)}function s(e,t){if(!e.httpRequest.headers["Content-Type"]){var r=t?"binary/octet-stream":"application/json";e.httpRequest.headers["Content-Type"]=r}}function o(e){m.buildRequest(e),y.indexOf(e.httpRequest.method)<0&&i(e)}function n(e){c.extractError(e)}function u(e){m.extractData(e);var t,r=e.request,a=r.service.api.operations[r.operation],i=r.service.api.operations[r.operation].output||{};a.hasEventOutput;if(i.payload){var s=i.members[i.payload],o=e.httpResponse.body;if(s.isEventStream)t=new d,e.data[payload]=p.createEventStream(2===AWS.HttpClient.streamsApiVersion?e.httpResponse.stream:o,t,s);else if("structure"===s.type||"list"===s.type){var t=new d;e.data[i.payload]=t.parse(o,s)}else"binary"===s.type||s.isStreaming?e.data[i.payload]=o:e.data[i.payload]=s.toType(o)}else{var n=e.data;c.extractData(e),e.data=p.merge(n,e.data)}}var p=e("../util"),m=e("./rest"),c=e("./json"),l=e("../json/builder"),d=e("../json/parser"),y=["GET","HEAD","DELETE"];t.exports={buildRequest:o,extractError:n,extractData:u,unsetContentLength:a}},{"../json/builder":369,"../json/parser":370,"../util":422,"./json":380,"./rest":382}],384:[function(e,t,r){function a(e){var t=e.service.api.operations[e.operation].input,r=new n.XML.Builder,a=e.params,i=t.payload;if(i){var s=t.members[i];if(void 0===(a=a[i]))return;if("structure"===s.type){var o=s.name;e.httpRequest.body=r.toXML(a,s,o,!0)}else e.httpRequest.body=a}else e.httpRequest.body=r.toXML(a,t,t.name||t.shape||u.string.upperFirst(e.operation)+"Request")}function i(e){p.buildRequest(e),["GET","HEAD"].indexOf(e.httpRequest.method)<0&&a(e)}function s(e){p.extractError(e);var t;try{t=(new n.XML.Parser).parse(e.httpResponse.body.toString())}catch(r){t={Code:e.httpResponse.statusCode,Message:e.httpResponse.statusMessage}}t.Errors&&(t=t.Errors),t.Error&&(t=t.Error),t.Code?e.error=u.error(new Error,{code:t.Code,message:t.Message}):e.error=u.error(new Error,{code:e.httpResponse.statusCode,message:null})}function o(e){p.extractData(e);var t,r=e.request,a=e.httpResponse.body,i=r.service.api.operations[r.operation],s=i.output,o=(i.hasEventOutput,s.payload);if(o){var m=s.members[o];m.isEventStream?(t=new n.XML.Parser,e.data[o]=u.createEventStream(2===n.HttpClient.streamsApiVersion?e.httpResponse.stream:e.httpResponse.body,t,m)):"structure"===m.type?(t=new n.XML.Parser,e.data[o]=t.parse(a.toString(),m)):"binary"===m.type||m.isStreaming?e.data[o]=a:e.data[o]=m.toType(a)}else if(a.length>0){t=new n.XML.Parser;var c=t.parse(a.toString(),s);u.update(e.data,c)}}var n=e("../core"),u=e("../util"),p=e("./rest");t.exports={buildRequest:i,extractError:s,extractData:o}},{"../core":345,"../util":422,"./rest":382}],385:[function(e,t,r){function a(){}function i(e){return e.isQueryName||"ec2"!==e.api.protocol?e.name:e.name[0].toUpperCase()+e.name.substr(1)}function s(e,t,r,a){p.each(r.members,function(r,s){var o=t[r];if(null!==o&&void 0!==o){var n=i(s);n=e?e+"."+n:n,u(n,o,s,a)}})}function o(e,t,r,a){var i=1;p.each(t,function(t,s){var o=r.flattened?".":".entry.",n=o+i+++".",p=n+(r.key.name||"key"),m=n+(r.value.name||"value");u(e+p,t,r.key,a),u(e+m,s,r.value,a)})}function n(e,t,r,a){var s=r.member||{};if(0===t.length)return void a.call(this,e,null);p.arrayEach(t,function(t,o){var n="."+(o+1);if("ec2"===r.api.protocol)n+="";else if(r.flattened){if(s.name){var p=e.split(".");p.pop(),p.push(i(s)),e=p.join(".")}}else n="."+(s.name?s.name:"member")+n;u(e+n,t,s,a)})}function u(e,t,r,a){null!==t&&void 0!==t&&("structure"===r.type?s(e,t,r,a):"list"===r.type?n(e,t,r,a):"map"===r.type?o(e,t,r,a):a(e,r.toWireFormat(t).toString()))}var p=e("../util");a.prototype.serialize=function(e,t,r){s("",e,t,r)},t.exports=a},{"../util":422}],386:[function(e,t,r){var a=e("../core"),i=null,s={signatureVersion:"v4",signingName:"rds-db",operations:{}},o={region:"string",hostname:"string",port:"number",username:"string"};a.RDS.Signer=a.util.inherit({constructor:function(e){this.options=e||{}},convertUrlToAuthToken:function(e){if(0===e.indexOf("https://"))return e.substring("https://".length)},getAuthToken:function(e,t){"function"==typeof e&&void 0===t&&(t=e,e={});var r=this,o="function"==typeof t;e=a.util.merge(this.options,e);var n=this.validateAuthTokenOptions(e);if(!0!==n){if(o)return t(n,null);throw n}var u={region:e.region,endpoint:new a.Endpoint(e.hostname+":"+e.port),paramValidation:!1,signatureVersion:"v4"};e.credentials&&(u.credentials=e.credentials),i=new a.Service(u),i.api=s;var p=i.makeRequest();if(this.modifyRequestForAuthToken(p,e),!o){var m=p.presign(900);return this.convertUrlToAuthToken(m)}p.presign(900,function(e,a){a&&(a=r.convertUrlToAuthToken(a)),t(e,a)})},modifyRequestForAuthToken:function(e,t){e.on("build",e.buildAsGet),e.httpRequest.body=a.util.queryParamsToString({Action:"connect",DBUser:t.username})},validateAuthTokenOptions:function(e){var t="";e=e||{};for(var r in o)Object.prototype.hasOwnProperty.call(o,r)&&typeof e[r]!==o[r]&&(t+="option '"+r+"' should have been type '"+o[r]+"', was '"+typeof e[r]+"'.\n");return!t.length||a.util.error(new Error,{code:"InvalidParameter",message:t})}})},{"../core":345}],387:[function(e,t,r){t.exports={now:function(){return"undefined"!=typeof performance&&"function"==typeof performance.now?performance.now():Date.now()}}},{}],388:[function(e,t,r){function a(e){return"string"==typeof e&&(e.startsWith("fips-")||e.endsWith("-fips"))}function i(e){return"string"==typeof e&&["aws-global","aws-us-gov-global"].includes(e)}function s(e){return["fips-aws-global","aws-fips","aws-global"].includes(e)?"us-east-1":["fips-aws-us-gov-global","aws-us-gov-global"].includes(e)?"us-gov-west-1":e.replace(/fips-(dkr-|prod-)?|-fips/,"")}t.exports={isFipsRegion:a,isGlobalRegion:i,getRealRegion:s}},{}],389:[function(e,t,r){function a(e){if(!e)return null;var t=e.split("-");return t.length<3?null:t.slice(0,t.length-2).join("-")+"-*"}function i(e){var t=e.config.region,r=a(t),i=e.api.endpointPrefix;return[[t,i],[r,i],[t,"*"],[r,"*"],["*",i],["*","*"]].map(function(e){return e[0]&&e[1]?e.join("/"):null})}function s(e,t){u.each(t,function(t,r){"globalEndpoint"!==t&&(void 0!==e.config[t]&&null!==e.config[t]||(e.config[t]=r))})}function o(e){for(var t=i(e),r=e.config.useFipsEndpoint,a=e.config.useDualstackEndpoint,o=0;o=a())throw new RangeError("Attempt to allocate Buffer larger than maximum size: 0x"+a().toString(16)+" bytes");return 0|e}function b(e){return+e!=e&&(e=0),s.alloc(+e)}function S(e,t){if(s.isBuffer(e))return e.length;if("undefined"!=typeof ArrayBuffer&&"function"==typeof ArrayBuffer.isView&&(ArrayBuffer.isView(e)||e instanceof ArrayBuffer))return e.byteLength;"string"!=typeof e&&(e=""+e);var r=e.length;if(0===r)return 0;for(var a=!1;;)switch(t){case"ascii":case"latin1":case"binary":return r;case"utf8":case"utf-8":case void 0:return K(e).length;case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return 2*r;case"hex":return r>>>1;case"base64":return H(e).length;default:if(a)return K(e).length;t=(""+t).toLowerCase(),a=!0}}function g(e,t,r){var a=!1;if((void 0===t||t<0)&&(t=0),t>this.length)return"";if((void 0===r||r>this.length)&&(r=this.length),r<=0)return"";if(r>>>=0,t>>>=0,r<=t)return"";for(e||(e="utf8");;)switch(e){case"hex":return E(this,t,r);case"utf8":case"utf-8":return v(this,t,r);case"ascii":return P(this,t,r);case"latin1":case"binary":return q(this,t,r);case"base64":return D(this,t,r);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return M(this,t,r);default:if(a)throw new TypeError("Unknown encoding: "+e);e=(e+"").toLowerCase(),a=!0}}function h(e,t,r){var a=e[t];e[t]=e[r],e[r]=a}function N(e,t,r,a,i){if(0===e.length)return-1;if("string"==typeof r?(a=r,r=0):r>2147483647?r=2147483647:r<-2147483648&&(r=-2147483648),r=+r,isNaN(r)&&(r=i?0:e.length-1),r<0&&(r=e.length+r),r>=e.length){if(i)return-1;r=e.length-1}else if(r<0){if(!i)return-1;r=0}if("string"==typeof t&&(t=s.from(t,a)),s.isBuffer(t))return 0===t.length?-1:I(e,t,r,a,i);if("number"==typeof t)return t&=255,s.TYPED_ARRAY_SUPPORT&&"function"==typeof Uint8Array.prototype.indexOf?i?Uint8Array.prototype.indexOf.call(e,t,r):Uint8Array.prototype.lastIndexOf.call(e,t,r):I(e,[t],r,a,i);throw new TypeError("val must be string, number or Buffer")}function I(e,t,r,a,i){function s(e,t){return 1===o?e[t]:e.readUInt16BE(t*o)}var o=1,n=e.length,u=t.length;if(void 0!==a&&("ucs2"===(a=String(a).toLowerCase())||"ucs-2"===a||"utf16le"===a||"utf-16le"===a)){if(e.length<2||t.length<2)return-1;o=2,n/=2,u/=2,r/=2}var p;if(i){var m=-1;for(p=r;p>>8*(a?i:1-i)}function B(e,t,r,a){t<0&&(t=4294967295+t+1);for(var i=0,s=Math.min(e.length-r,4);i>>8*(a?i:3-i)&255}function U(e,t,r,a,i,s){if(r+a>e.length)throw new RangeError("Index out of range");if(r<0)throw new RangeError("Index out of range")}function _(e,t,r,a,i){return i||U(e,t,r,4,3.4028234663852886e38,-3.4028234663852886e38),X.write(e,t,r,a,23,4),r+4}function F(e,t,r,a,i){return i||U(e,t,r,8,1.7976931348623157e308,-1.7976931348623157e308),X.write(e,t,r,a,52,8),r+8}function O(e){if(e=V(e).replace(ee,""),e.length<2)return"";for(;e.length%4!=0;)e+="=";return e}function V(e){return e.trim?e.trim():e.replace(/^\s+|\s+$/g,"")}function z(e){return e<16?"0"+e.toString(16):e.toString(16)}function K(e,t){t=t||1/0;for(var r,a=e.length,i=null,s=[],o=0;o55295&&r<57344){if(!i){if(r>56319){(t-=3)>-1&&s.push(239,191,189);continue}if(o+1===a){(t-=3)>-1&&s.push(239,191,189);continue}i=r;continue}if(r<56320){(t-=3)>-1&&s.push(239,191,189),i=r;continue}r=65536+(i-55296<<10|r-56320)}else i&&(t-=3)>-1&&s.push(239,191,189);if(i=null,r<128){if((t-=1)<0)break;s.push(r)}else if(r<2048){if((t-=2)<0)break;s.push(r>>6|192,63&r|128)}else if(r<65536){if((t-=3)<0)break;s.push(r>>12|224,r>>6&63|128,63&r|128)}else{if(!(r<1114112))throw new Error("Invalid code point");if((t-=4)<0)break;s.push(r>>18|240,r>>12&63|128,r>>6&63|128,63&r|128)}}return s}function j(e){for(var t=[],r=0;r=55296&&t<=56319&&i65535&&(e-=65536,t+=w(e>>>10&1023|55296),e=56320|1023&e),t+=w(e)}).join("")}function p(e){return e-48<10?e-22:e-65<26?e-65:e-97<26?e-97:T}function m(e,t){return e+22+75*(e<26)-((0!=t)<<5)}function c(e,t,r){var a=0;for(e=r?G(e/R):e>>1,e+=G(e/t);e>L*k>>1;a+=T)e=G(e/L);return G(a+(L+1)*e/(e+A))}function l(e){var t,r,a,s,o,n,m,l,d,y,b=[],S=e.length,g=0,h=v,N=D;for(r=e.lastIndexOf(x),r<0&&(r=0),a=0;a=S&&i("invalid-input"),l=p(e.charCodeAt(s++)),(l>=T||l>G((f-g)/n))&&i("overflow"),g+=l*n,d=m<=N?C:m>=N+k?k:m-N,!(l=t&&bf&&i("overflow"),b==t){for(l=r,d=T;y=d<=o?C:d>=o+k?k:d-o,!(l