diff --git a/apis/backup/2018-11-15/api-2.json b/apis/backup/2018-11-15/api-2.json index 0cb99a1ff86..4de02ae1b6e 100644 --- a/apis/backup/2018-11-15/api-2.json +++ b/apis/backup/2018-11-15/api-2.json @@ -1277,7 +1277,9 @@ "COPY_JOB_FAILED", "RECOVERY_POINT_MODIFIED", "BACKUP_PLAN_CREATED", - "BACKUP_PLAN_MODIFIED" + "BACKUP_PLAN_MODIFIED", + "S3_BACKUP_OBJECT_FAILED", + "S3_RESTORE_OBJECT_FAILED" ] }, "BackupVaultEvents":{ diff --git a/apis/backup/2018-11-15/docs-2.json b/apis/backup/2018-11-15/docs-2.json index 0eb69d48b03..0c7e3d41270 100644 --- a/apis/backup/2018-11-15/docs-2.json +++ b/apis/backup/2018-11-15/docs-2.json @@ -3,7 +3,7 @@ "service": "Backup

Backup is a unified backup service designed to protect Amazon Web Services services and their associated data. Backup simplifies the creation, migration, restoration, and deletion of backups, while also providing reporting and auditing.

", "operations": { "CreateBackupPlan": "

Creates a backup plan using a backup plan name and backup rules. A backup plan is a document that contains information that Backup uses to schedule tasks that create recovery points for resources.

If you call CreateBackupPlan with a plan that already exists, you receive an AlreadyExistsException exception.

", - "CreateBackupSelection": "

Creates a JSON document that specifies a set of resources to assign to a backup plan. For examples, see Assigning resources programmatically.

", + "CreateBackupSelection": "

Creates a JSON document that specifies a set of resources to assign to a backup plan. For examples, see Assigning resources programmatically.

", "CreateBackupVault": "

Creates a logical container where backups are stored. A CreateBackupVault request includes a name, optionally one or more resource tags, an encryption key, and a request ID.

Do not include sensitive data, such as passport numbers, in the name of a backup vault.

", "CreateFramework": "

Creates a framework with one or more controls. A framework is a collection of controls that you can use to evaluate your backup practices. By using pre-built customizable controls to define your policies, you can evaluate whether your backup practices comply with your policies and which resources are not yet in compliance.

", "CreateReportPlan": "

Creates a report plan. A report plan is a document that contains information about the contents of the report and where Backup will deliver it.

If you call CreateReportPlan with a plan that already exists, you receive an AlreadyExistsException exception.

", @@ -51,7 +51,7 @@ "ListReportJobs": "

Returns details about your report jobs.

", "ListReportPlans": "

Returns a list of your report plans. For detailed information about a single report plan, use DescribeReportPlan.

", "ListRestoreJobs": "

Returns a list of jobs that Backup initiated to restore a saved resource, including details about the recovery process.

", - "ListTags": "

Returns a list of key-value pairs assigned to a target recovery point, backup plan, or backup vault.

ListTags are currently only supported with Amazon EFS backups.

", + "ListTags": "

Returns a list of key-value pairs assigned to a target recovery point, backup plan, or backup vault.

ListTags only works for resource types that support full Backup management of their backups. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table.

", "PutBackupVaultAccessPolicy": "

Sets a resource-based policy that is used to manage access permissions on the target backup vault. Requires a backup vault name and an access policy document in JSON format.

", "PutBackupVaultLockConfiguration": "

Applies Backup Vault Lock to a backup vault, preventing attempts to delete any recovery point stored in or created in a backup vault. Vault Lock also prevents attempts to update the lifecycle policy that controls the retention period of any recovery point currently stored in a backup vault. If specified, Vault Lock enforces a minimum and maximum retention period for future backup and copy jobs that target a backup vault.

Backup Vault Lock has yet to receive a third-party assessment for SEC 17a-4(f) and CFTC.

", "PutBackupVaultNotifications": "

Turns on notifications on a backup vault for the specified topic and events.

", @@ -65,7 +65,7 @@ "UpdateBackupPlan": "

Updates an existing backup plan identified by its backupPlanId with the input document in JSON format. The new version is uniquely identified by a VersionId.

", "UpdateFramework": "

Updates an existing framework identified by its FrameworkName with the input document in JSON format.

", "UpdateGlobalSettings": "

Updates whether the Amazon Web Services account is opted in to cross-account backup. Returns an error if the account is not an Organizations management account. Use the DescribeGlobalSettings API to determine the current settings.

", - "UpdateRecoveryPointLifecycle": "

Sets the transition lifecycle of a recovery point.

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only Amazon EFS file system backups can be transitioned to cold storage.

Does not support continuous backups.

", + "UpdateRecoveryPointLifecycle": "

Sets the transition lifecycle of a recovery point.

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only resource types that support full Backup management can transition their backups to cold storage. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table. Backup ignores this expression for other resource types.

This operation does not support continuous backups.

", "UpdateRegionSettings": "

Updates the current service opt-in settings for the Region. If service-opt-in is enabled for a service, Backup tries to protect that service's resources in this Region, when the resource is included in an on-demand backup or scheduled backup plan. Otherwise, Backup does not try to protect that service's resources in this Region. Use the DescribeRegionSettings API to determine the resource types that are supported.

", "UpdateReportPlan": "

Updates an existing report plan identified by its ReportPlanName with the input document in JSON format.

" }, @@ -78,7 +78,7 @@ "BackupJob$ResourceArn": "

An ARN that uniquely identifies a resource. The format of the ARN depends on the resource type.

", "BackupPlansListMember$BackupPlanArn": "

An Amazon Resource Name (ARN) that uniquely identifies a backup plan; for example, arn:aws:backup:us-east-1:123456789012:plan:8F81F553-3A74-4A3F-B93D-B3360DC80C50.

", "BackupVaultListMember$BackupVaultArn": "

An Amazon Resource Name (ARN) that uniquely identifies a backup vault; for example, arn:aws:backup:us-east-1:123456789012:vault:aBackupVault.

", - "BackupVaultListMember$EncryptionKeyArn": "

The server-side encryption key that is used to protect your backups; for example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.

", + "BackupVaultListMember$EncryptionKeyArn": "

A server-side encryption key you can specify to encrypt your backups from services that support full Backup management; for example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab. If you specify a key, you must specify its ARN, not its alias. If you do not specify a key, Backup creates a KMS key for you by default.

To learn which Backup services support full Backup management and how Backup handles encryption for backups from services that do not yet support full Backup, see Encryption for backups in Backup

", "CopyAction$DestinationBackupVaultArn": "

An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup. For example, arn:aws:backup:us-east-1:123456789012:vault:aBackupVault.

", "CopyJob$SourceBackupVaultArn": "

An Amazon Resource Name (ARN) that uniquely identifies a source copy vault; for example, arn:aws:backup:us-east-1:123456789012:vault:aBackupVault.

", "CopyJob$SourceRecoveryPointArn": "

An ARN that uniquely identifies a source recovery point; for example, arn:aws:backup:us-east-1:123456789012:recovery-point:1EB3B5E7-9EB0-435A-A80B-108B488B0D45.

", @@ -350,7 +350,7 @@ "base": null, "refs": { "GetBackupVaultNotificationsOutput$BackupVaultEvents": "

An array of events that indicate the status of jobs to back up resources to the backup vault.

", - "PutBackupVaultNotificationsInput$BackupVaultEvents": "

An array of events that indicate the status of jobs to back up resources to the backup vault.

For common use cases and code samples, see Using Amazon SNS to track Backup events.

The following events are supported:

Ignore the list below because it includes deprecated events. Refer to the list above.

" + "PutBackupVaultNotificationsInput$BackupVaultEvents": "

An array of events that indicate the status of jobs to back up resources to the backup vault.

For common use cases and code samples, see Using Amazon SNS to track Backup events.

The following events are supported:

Ignore the list below because it includes deprecated events. Refer to the list above.

" } }, "BackupVaultList": { @@ -410,7 +410,7 @@ } }, "CalculatedLifecycle": { - "base": "

Contains DeleteAt and MoveToColdStorageAt timestamps, which are used to specify a lifecycle for a recovery point.

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only Amazon EFS file system backups can be transitioned to cold storage.

", + "base": "

Contains DeleteAt and MoveToColdStorageAt timestamps, which are used to specify a lifecycle for a recovery point.

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only resource types that support full Backup management can transition their backups to cold storage. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table. Backup ignores this expression for other resource types.

", "refs": { "DescribeRecoveryPointOutput$CalculatedLifecycle": "

A CalculatedLifecycle object containing DeleteAt and MoveToColdStorageAt timestamps.

", "RecoveryPointByBackupVault$CalculatedLifecycle": "

A CalculatedLifecycle object containing DeleteAt and MoveToColdStorageAt timestamps.

", @@ -454,7 +454,7 @@ "ConditionType": { "base": null, "refs": { - "Condition$ConditionType": "

An operation applied to a key-value pair used to assign resources to your backup plan. Condition only supports StringEquals. For more flexible assignment options, incluidng StringLike and the ability to exclude resources from your backup plan, use Conditions (with an \"s\" on the end) for your BackupSelection .

" + "Condition$ConditionType": "

An operation applied to a key-value pair used to assign resources to your backup plan. Condition only supports StringEquals. For more flexible assignment options, including StringLike and the ability to exclude resources from your backup plan, use Conditions (with an \"s\" on the end) for your BackupSelection .

" } }, "ConditionValue": { @@ -964,17 +964,17 @@ } }, "Lifecycle": { - "base": "

Contains an array of Transition objects specifying how long in days before a recovery point transitions to cold storage or is deleted.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, on the console, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only Amazon EFS file system backups can be transitioned to cold storage.

", + "base": "

Contains an array of Transition objects specifying how long in days before a recovery point transitions to cold storage or is deleted.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, on the console, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only resource types that support full Backup management can transition their backups to cold storage. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table. Backup ignores this expression for other resource types.

", "refs": { - "BackupRule$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only Amazon EFS file system backups can be transitioned to cold storage.

", - "BackupRuleInput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup will transition and expire backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only Amazon EFS file system backups can be transitioned to cold storage.

", + "BackupRule$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only resource types that support full Backup management can transition their backups to cold storage. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table. Backup ignores this expression for other resource types.

", + "BackupRuleInput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup will transition and expire backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only resource types that support full Backup management can transition their backups to cold storage. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table. Backup ignores this expression for other resource types.

", "CopyAction$Lifecycle": null, - "DescribeRecoveryPointOutput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups that are transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only Amazon EFS file system backups can be transitioned to cold storage.

", - "RecoveryPointByBackupVault$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only Amazon EFS file system backups can be transitioned to cold storage.

", - "StartBackupJobInput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup will transition and expire backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only Amazon EFS file system backups can be transitioned to cold storage.

", + "DescribeRecoveryPointOutput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups that are transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only resource types that support full Backup management can transition their backups to cold storage. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table. Backup ignores this expression for other resource types.

", + "RecoveryPointByBackupVault$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only resource types that support full Backup management can transition their backups to cold storage. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table. Backup ignores this expression for other resource types.

", + "StartBackupJobInput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup will transition and expire backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only resource types that support full Backup management can transition their backups to cold storage. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table. Backup ignores this expression for other resource types.

", "StartCopyJobInput$Lifecycle": null, - "UpdateRecoveryPointLifecycleInput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

", - "UpdateRecoveryPointLifecycleOutput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only Amazon EFS file system backups can be transitioned to cold storage.

" + "UpdateRecoveryPointLifecycleInput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

", + "UpdateRecoveryPointLifecycleOutput$Lifecycle": "

The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define.

Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “retention” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.

Only resource types that support full Backup management can transition their backups to cold storage. Those resource types are listed in the \"Full Backup management\" section of the Feature availability by resource table. Backup ignores this expression for other resource types.

" } }, "LimitExceededException": { @@ -1155,8 +1155,8 @@ "DescribeRestoreJobOutput$ExpectedCompletionTimeMinutes": "

The amount of time in minutes that a job restoring a recovery point is expected to take.

", "Lifecycle$MoveToColdStorageAfterDays": "

Specifies the number of days after creation that a recovery point is moved to cold storage.

", "Lifecycle$DeleteAfterDays": "

Specifies the number of days after creation that a recovery point is deleted. Must be greater than 90 days plus MoveToColdStorageAfterDays.

", - "PutBackupVaultLockConfigurationInput$MinRetentionDays": "

The Backup Vault Lock configuration that specifies the minimum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to retain certain data for at least seven years (2555 days).

If this parameter is not specified, Vault Lock will not enforce a minimum retention period.

If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or longer than the minimum retention period. If the job's retention period is shorter than that minimum retention period, then the vault fails that backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected.

", - "PutBackupVaultLockConfigurationInput$MaxRetentionDays": "

The Backup Vault Lock configuration that specifies the maximum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to destroy certain data after retaining it for four years (1460 days).

If this parameter is not included, Vault Lock does not enforce a maximum retention period on the recovery points in the vault. If this parameter is included without a value, Vault Lock will not enforce a maximum retention period.

If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or shorter than the maximum retention period. If the job's retention period is longer than that maximum retention period, then the vault fails the backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected.

", + "PutBackupVaultLockConfigurationInput$MinRetentionDays": "

The Backup Vault Lock configuration that specifies the minimum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to retain certain data for at least seven years (2555 days).

If this parameter is not specified, Vault Lock will not enforce a minimum retention period.

If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or longer than the minimum retention period. If the job's retention period is shorter than that minimum retention period, then the vault fails that backup or copy job, and you should either modify your lifecycle settings or use a different vault. The shortest minimum retention period you can specify is 1 day. Recovery points already saved in the vault prior to Vault Lock are not affected.

", + "PutBackupVaultLockConfigurationInput$MaxRetentionDays": "

The Backup Vault Lock configuration that specifies the maximum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to destroy certain data after retaining it for four years (1460 days).

If this parameter is not included, Vault Lock does not enforce a maximum retention period on the recovery points in the vault. If this parameter is included without a value, Vault Lock will not enforce a maximum retention period.

If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or shorter than the maximum retention period. If the job's retention period is longer than that maximum retention period, then the vault fails the backup or copy job, and you should either modify your lifecycle settings or use a different vault. The longest maximum retention period you can specify is 36500 days (approximately 100 years). Recovery points already saved in the vault prior to Vault Lock are not affected.

", "PutBackupVaultLockConfigurationInput$ChangeableForDays": "

The Backup Vault Lock configuration that specifies the number of days before the lock date. For example, setting ChangeableForDays to 30 on Jan. 1, 2022 at 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC.

Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set ChangeableForDays to 3 or greater.

Before the lock date, you can delete Vault Lock from the vault using DeleteBackupVaultLockConfiguration or change the Vault Lock configuration using PutBackupVaultLockConfiguration. On and after the lock date, the Vault Lock becomes immutable and cannot be changed or deleted.

If this parameter is not specified, you can delete Vault Lock from the vault using DeleteBackupVaultLockConfiguration or change the Vault Lock configuration using PutBackupVaultLockConfiguration at any time.

", "RecoveryPointByBackupVault$BackupSizeInBytes": "

The size, in bytes, of a backup.

", "RecoveryPointByResource$BackupSizeBytes": "

The size, in bytes, of a backup.

", @@ -1394,8 +1394,8 @@ "DescribeProtectedResourceOutput$ResourceType": "

The type of Amazon Web Services resource saved as a recovery point; for example, an Amazon EBS volume or an Amazon RDS database.

", "DescribeRecoveryPointOutput$ResourceType": "

The type of Amazon Web Services resource to save as a recovery point; for example, an Amazon Elastic Block Store (Amazon EBS) volume or an Amazon Relational Database Service (Amazon RDS) database.

", "DescribeRestoreJobOutput$ResourceType": "

Returns metadata associated with a restore job listed by resource type.

", - "ListBackupJobsInput$ByResourceType": "

Returns only backup jobs for the specified resources:

", - "ListCopyJobsInput$ByResourceType": "

Returns only backup jobs for the specified resources:

", + "ListBackupJobsInput$ByResourceType": "

Returns only backup jobs for the specified resources:

", + "ListCopyJobsInput$ByResourceType": "

Returns only backup jobs for the specified resources:

", "ListRecoveryPointsByBackupVaultInput$ByResourceType": "

Returns only recovery points that match the specified resource type.

", "ProtectedResource$ResourceType": "

The type of Amazon Web Services resource; for example, an Amazon Elastic Block Store (Amazon EBS) volume or an Amazon Relational Database Service (Amazon RDS) database. For Windows Volume Shadow Copy Service (VSS) backups, the only supported resource type is Amazon EC2.

", "RecoveryPointByBackupVault$ResourceType": "

The type of Amazon Web Services resource saved as a recovery point; for example, an Amazon Elastic Block Store (Amazon EBS) volume or an Amazon Relational Database Service (Amazon RDS) database. For Windows Volume Shadow Copy Service (VSS) backups, the only supported resource type is Amazon EC2.

", @@ -1403,7 +1403,7 @@ "ResourceTypeOptInPreference$key": null, "ResourceTypes$member": null, "RestoreJobsListMember$ResourceType": "

The resource type of the listed restore jobs; for example, an Amazon Elastic Block Store (Amazon EBS) volume or an Amazon Relational Database Service (Amazon RDS) database. For Windows Volume Shadow Copy Service (VSS) backups, the only supported resource type is Amazon EC2.

", - "StartRestoreJobInput$ResourceType": "

Starts a job to restore a recovery point for one of the following resources:

" + "StartRestoreJobInput$ResourceType": "

Starts a job to restore a recovery point for one of the following resources:

" } }, "ResourceTypeList": { @@ -1415,8 +1415,8 @@ "ResourceTypeManagementPreference": { "base": null, "refs": { - "DescribeRegionSettingsOutput$ResourceTypeManagementPreference": "

Returns whether a DynamoDB recovery point was taken using Backup's advanced DynamoDB backup features.

", - "UpdateRegionSettingsInput$ResourceTypeManagementPreference": "

Enables or disables Backup's advanced DynamoDB backup features for the Region.

" + "DescribeRegionSettingsOutput$ResourceTypeManagementPreference": "

Returns whether Backup fully manages the backups for a resource type.

For the benefits of full Backup management, see Full Backup management.

For a list of resource types and whether each supports full Backup management, see the Feature availability by resource table.

If \"DynamoDB\":false, you can enable full Backup management for DynamoDB backup by enabling Backup's advanced DynamoDB backup features.

", + "UpdateRegionSettingsInput$ResourceTypeManagementPreference": "

Enables or disables full Backup management of backups for a resource type. To enable full Backup management for DynamoDB along with Backup's advanced DynamoDB backup features, follow the procedure to enable advanced DynamoDB backup programmatically.

" } }, "ResourceTypeOptInPreference": { @@ -1429,7 +1429,7 @@ "ResourceTypes": { "base": null, "refs": { - "GetSupportedResourceTypesOutput$ResourceTypes": "

Contains a string with the supported Amazon Web Services resource types:

" + "GetSupportedResourceTypesOutput$ResourceTypes": "

Contains a string with the supported Amazon Web Services resource types:

" } }, "RestoreJobId": { @@ -1613,7 +1613,7 @@ "BackupRuleInput$StartWindowMinutes": "

A value in minutes after a backup is scheduled before a job will be canceled if it doesn't start successfully. This value is optional.

", "BackupRuleInput$CompletionWindowMinutes": "

A value in minutes after a backup job is successfully started before it must be completed or it will be canceled by Backup. This value is optional.

", "StartBackupJobInput$StartWindowMinutes": "

A value in minutes after a backup is scheduled before a job will be canceled if it doesn't start successfully. This value is optional, and the default is 8 hours.

", - "StartBackupJobInput$CompleteWindowMinutes": "

A value in minutes during which a successfully started backup must complete, or else AWS Backup will cancel the job. This value is optional. This value begins counting down from when the backup was scheduled. It does not add additional time for StartWindowMinutes, or if the backup started later than scheduled.

" + "StartBackupJobInput$CompleteWindowMinutes": "

A value in minutes during which a successfully started backup must complete, or else Backup will cancel the job. This value is optional. This value begins counting down from when the backup was scheduled. It does not add additional time for StartWindowMinutes, or if the backup started later than scheduled.

" } }, "boolean": { diff --git a/apis/evidently/2021-02-01/api-2.json b/apis/evidently/2021-02-01/api-2.json index 26535875cfc..8aa8ec91a6f 100644 --- a/apis/evidently/2021-02-01/api-2.json +++ b/apis/evidently/2021-02-01/api-2.json @@ -107,6 +107,7 @@ "input":{"shape":"DeleteExperimentRequest"}, "output":{"shape":"DeleteExperimentResponse"}, "errors":[ + {"shape":"ValidationException"}, {"shape":"InternalServerException"}, {"shape":"ConflictException"}, {"shape":"ServiceUnavailableException"}, @@ -197,6 +198,7 @@ "output":{"shape":"GetExperimentResponse"}, "errors":[ {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, {"shape":"ResourceNotFoundException"}, {"shape":"AccessDeniedException"} ] @@ -245,6 +247,7 @@ "output":{"shape":"GetLaunchResponse"}, "errors":[ {"shape":"ThrottlingException"}, + {"shape":"ValidationException"}, {"shape":"ResourceNotFoundException"}, {"shape":"AccessDeniedException"} ] @@ -276,7 +279,8 @@ "output":{"shape":"ListExperimentsResponse"}, "errors":[ {"shape":"ValidationException"}, - {"shape":"ResourceNotFoundException"} + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} ] }, "ListFeatures":{ @@ -387,6 +391,7 @@ "errors":[ {"shape":"ThrottlingException"}, {"shape":"ValidationException"}, + {"shape":"ConflictException"}, {"shape":"ServiceQuotaExceededException"}, {"shape":"ResourceNotFoundException"}, {"shape":"AccessDeniedException"} @@ -1041,7 +1046,7 @@ "type":"string", "max":127, "min":1, - "pattern":"[-a-zA-Z0-9._]*" + "pattern":"^[-a-zA-Z0-9._]*$" }, "ExperimentReport":{ "type":"structure", @@ -1184,7 +1189,7 @@ "type":"string", "max":127, "min":1, - "pattern":"[-a-zA-Z0-9._]*" + "pattern":"^[-a-zA-Z0-9._]*$" }, "FeatureStatus":{ "type":"string", @@ -1360,7 +1365,7 @@ "type":"string", "max":127, "min":1, - "pattern":"[-a-zA-Z0-9._]*" + "pattern":"^[-a-zA-Z0-9._]*$" }, "GroupToWeightMap":{ "type":"map", @@ -1470,7 +1475,7 @@ "type":"string", "max":127, "min":1, - "pattern":"[-a-zA-Z0-9._]*" + "pattern":"^[-a-zA-Z0-9._]*$" }, "LaunchStatus":{ "type":"string", @@ -1515,6 +1520,11 @@ "shape":"ProjectRef", "location":"uri", "locationName":"project" + }, + "status":{ + "shape":"ExperimentStatus", + "location":"querystring", + "locationName":"status" } } }, @@ -1571,6 +1581,11 @@ "shape":"ProjectRef", "location":"uri", "locationName":"project" + }, + "status":{ + "shape":"LaunchStatus", + "location":"querystring", + "locationName":"status" } } }, @@ -1663,6 +1678,11 @@ }, "MetricDefinitionConfig":{ "type":"structure", + "required":[ + "entityIdKey", + "name", + "valueKey" + ], "members":{ "entityIdKey":{"shape":"JsonPath"}, "eventPattern":{ @@ -1814,7 +1834,7 @@ "type":"string", "max":127, "min":1, - "pattern":"[-a-zA-Z0-9._]*" + "pattern":"^[-a-zA-Z0-9._]*$" }, "ProjectRef":{ "type":"string", @@ -2233,7 +2253,7 @@ "type":"string", "max":127, "min":1, - "pattern":"[-a-zA-Z0-9._]*" + "pattern":"^[-a-zA-Z0-9._]*$" }, "TreatmentNameList":{ "type":"list", @@ -2499,7 +2519,7 @@ "type":"string", "max":127, "min":1, - "pattern":"[-a-zA-Z0-9._]*" + "pattern":"^[-a-zA-Z0-9._]*$" }, "VariationNameList":{ "type":"list", diff --git a/apis/evidently/2021-02-01/docs-2.json b/apis/evidently/2021-02-01/docs-2.json index b4515c2fed2..3674a5a79e6 100644 --- a/apis/evidently/2021-02-01/docs-2.json +++ b/apis/evidently/2021-02-01/docs-2.json @@ -432,7 +432,8 @@ "ExperimentStatus": { "base": null, "refs": { - "Experiment$status": "

The current state of the experiment.

" + "Experiment$status": "

The current state of the experiment.

", + "ListExperimentsRequest$status": "

Use this optional parameter to limit the returned results to only the experiments with the status that you specify here.

" } }, "ExperimentStopDesiredState": { @@ -672,7 +673,8 @@ "LaunchStatus": { "base": null, "refs": { - "Launch$status": "

The current state of the launch.

" + "Launch$status": "

The current state of the launch.

", + "ListLaunchesRequest$status": "

Use this optional parameter to limit the returned results to only the launches with the status that you specify here.

" } }, "LaunchStopDesiredState": { diff --git a/apis/iam/2010-05-08/docs-2.json b/apis/iam/2010-05-08/docs-2.json index 9de7d6c29c5..65025974418 100644 --- a/apis/iam/2010-05-08/docs-2.json +++ b/apis/iam/2010-05-08/docs-2.json @@ -53,7 +53,7 @@ "EnableMFADevice": "

Enables the specified MFA device and associates it with the specified IAM user. When enabled, the MFA device is required for every subsequent login by the IAM user associated with the device.

", "GenerateCredentialReport": "

Generates a credential report for the Amazon Web Services account. For more information about the credential report, see Getting credential reports in the IAM User Guide.

", "GenerateOrganizationsAccessReport": "

Generates a report for service last accessed data for Organizations. You can generate a report for any entities (organization root, organizational unit, or account) or policies in your organization.

To call this operation, you must be signed in using your Organizations management account credentials. You can use your long-term IAM user or root user credentials, or temporary credentials from assuming an IAM role. SCPs must be enabled for your organization root. You must have the required IAM and Organizations permissions. For more information, see Refining permissions using service last accessed data in the IAM User Guide.

You can generate a service last accessed data report for entities by specifying only the entity's path. This data includes a list of services that are allowed by any service control policies (SCPs) that apply to the entity.

You can generate a service last accessed data report for a policy by specifying an entity's path and an optional Organizations policy ID. This data includes a list of services that are allowed by the specified SCP.

For each service in both report types, the data includes the most recent account activity that the policy allows to account principals in the entity or the entity's children. For important information about the data, reporting period, permissions required, troubleshooting, and supported Regions see Reducing permissions using service last accessed data in the IAM User Guide.

The data includes all attempts to access Amazon Web Services, not just the successful ones. This includes all attempts that were made using the Amazon Web Services Management Console, the Amazon Web Services API through any of the SDKs, or any of the command line tools. An unexpected entry in the service last accessed data does not mean that an account has been compromised, because the request might have been denied. Refer to your CloudTrail logs as the authoritative source for information about all API calls and whether they were successful or denied access. For more information, see Logging IAM events with CloudTrail in the IAM User Guide.

This operation returns a JobId. Use this parameter in the GetOrganizationsAccessReport operation to check the status of the report generation. To check the status of this request, use the JobId parameter in the GetOrganizationsAccessReport operation and test the JobStatus response parameter. When the job is complete, you can retrieve the report.

To generate a service last accessed data report for entities, specify an entity path without specifying the optional Organizations policy ID. The type of entity that you specify determines the data returned in the report.

To generate a service last accessed data report for policies, specify an entity path and the optional Organizations policy ID. The type of entity that you specify determines the data returned for each service.

Service last accessed data does not use other policy types when determining whether a principal could access a service. These other policy types include identity-based policies, resource-based policies, access control lists, IAM permissions boundaries, and STS assume role policies. It only applies SCP logic. For more about the evaluation of policy types, see Evaluating policies in the IAM User Guide.

For more information about service last accessed data, see Reducing policy scope by viewing user activity in the IAM User Guide.

", - "GenerateServiceLastAccessedDetails": "

Generates a report that includes details about when an IAM resource (user, group, role, or policy) was last used in an attempt to access Amazon Web Services services. Recent activity usually appears within four hours. IAM reports activity for the last 365 days, or less if your Region began supporting this feature within the last year. For more information, see Regions where data is tracked.

The service last accessed data includes all attempts to access an Amazon Web Services API, not just the successful ones. This includes all attempts that were made using the Amazon Web Services Management Console, the Amazon Web Services API through any of the SDKs, or any of the command line tools. An unexpected entry in the service last accessed data does not mean that your account has been compromised, because the request might have been denied. Refer to your CloudTrail logs as the authoritative source for information about all API calls and whether they were successful or denied access. For more information, see Logging IAM events with CloudTrail in the IAM User Guide.

The GenerateServiceLastAccessedDetails operation returns a JobId. Use this parameter in the following operations to retrieve the following details from your report:

To check the status of the GenerateServiceLastAccessedDetails request, use the JobId parameter in the same operations and test the JobStatus response parameter.

For additional information about the permissions policies that allow an identity (user, group, or role) to access specific services, use the ListPoliciesGrantingServiceAccess operation.

Service last accessed data does not use other policy types when determining whether a resource could access a service. These other policy types include resource-based policies, access control lists, Organizations policies, IAM permissions boundaries, and STS assume role policies. It only applies permissions policy logic. For more about the evaluation of policy types, see Evaluating policies in the IAM User Guide.

For more information about service and action last accessed data, see Reducing permissions using service last accessed data in the IAM User Guide.

", + "GenerateServiceLastAccessedDetails": "

Generates a report that includes details about when an IAM resource (user, group, role, or policy) was last used in an attempt to access Amazon Web Services services. Recent activity usually appears within four hours. IAM reports activity for at least the last 400 days, or less if your Region began supporting this feature within the last year. For more information, see Regions where data is tracked.

The service last accessed data includes all attempts to access an Amazon Web Services API, not just the successful ones. This includes all attempts that were made using the Amazon Web Services Management Console, the Amazon Web Services API through any of the SDKs, or any of the command line tools. An unexpected entry in the service last accessed data does not mean that your account has been compromised, because the request might have been denied. Refer to your CloudTrail logs as the authoritative source for information about all API calls and whether they were successful or denied access. For more information, see Logging IAM events with CloudTrail in the IAM User Guide.

The GenerateServiceLastAccessedDetails operation returns a JobId. Use this parameter in the following operations to retrieve the following details from your report:

To check the status of the GenerateServiceLastAccessedDetails request, use the JobId parameter in the same operations and test the JobStatus response parameter.

For additional information about the permissions policies that allow an identity (user, group, or role) to access specific services, use the ListPoliciesGrantingServiceAccess operation.

Service last accessed data does not use other policy types when determining whether a resource could access a service. These other policy types include resource-based policies, access control lists, Organizations policies, IAM permissions boundaries, and STS assume role policies. It only applies permissions policy logic. For more about the evaluation of policy types, see Evaluating policies in the IAM User Guide.

For more information about service and action last accessed data, see Reducing permissions using service last accessed data in the IAM User Guide.

", "GetAccessKeyLastUsed": "

Retrieves information about when the specified access key was last used. The information includes the date and time of last use, along with the Amazon Web Services service and Region that were specified in the last request made with that key.

", "GetAccountAuthorizationDetails": "

Retrieves information about all IAM users, groups, roles, and policies in your Amazon Web Services account, including their relationships to one another. Use this operation to obtain a snapshot of the configuration of IAM permissions (users, groups, roles, and policies) in your account.

Policies returned by this operation are URL-encoded compliant with RFC 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

You can optionally filter the results using the Filter parameter. You can paginate the results using the MaxItems and Marker parameters.

", "GetAccountPasswordPolicy": "

Retrieves the password policy for the Amazon Web Services account. This tells you the complexity requirements and mandatory rotation periods for the IAM user passwords in your account. For more information about using a password policy, see Managing an IAM password policy.

", @@ -112,7 +112,7 @@ "ListUserPolicies": "

Lists the names of the inline policies embedded in the specified IAM user.

An IAM user can also have managed policies attached to it. To list the managed policies that are attached to a user, use ListAttachedUserPolicies. For more information about policies, see Managed policies and inline policies in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified user, the operation returns an empty list.

", "ListUserTags": "

Lists the tags that are attached to the specified IAM user. The returned list of tags is sorted by tag key. For more information about tagging, see Tagging IAM resources in the IAM User Guide.

", "ListUsers": "

Lists the IAM users that have the specified path prefix. If no path prefix is specified, the operation returns all users in the Amazon Web Services account. If there are none, the operation returns an empty list.

IAM resource-listing operations return a subset of the available attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a user, see GetUser.

You can paginate the results using the MaxItems and Marker parameters.

", - "ListVirtualMFADevices": "

Lists the virtual MFA devices defined in the Amazon Web Services account by assignment status. If you do not specify an assignment status, the operation returns a list of all virtual MFA devices. Assignment status can be Assigned, Unassigned, or Any.

IAM resource-listing operations return a subset of the available attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a virtual MFA device, see ListVirtualMFADevices.

You can paginate the results using the MaxItems and Marker parameters.

", + "ListVirtualMFADevices": "

Lists the virtual MFA devices defined in the Amazon Web Services account by assignment status. If you do not specify an assignment status, the operation returns a list of all virtual MFA devices. Assignment status can be Assigned, Unassigned, or Any.

IAM resource-listing operations return a subset of the available attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view tag information for a virtual MFA device, see ListMFADeviceTags.

You can paginate the results using the MaxItems and Marker parameters.

", "PutGroupPolicy": "

Adds or updates an inline policy document that is embedded in the specified IAM group.

A user can also have managed policies attached to it. To attach a managed policy to a group, use AttachGroupPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed policies and inline policies in the IAM User Guide.

For information about the maximum number of inline policies that you can embed in a group, see IAM and STS quotas in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutGroupPolicy. For general information about using the Query API with IAM, see Making query requests in the IAM User Guide.

", "PutRolePermissionsBoundary": "

Adds or updates the policy that is specified as the IAM role's permissions boundary. You can use an Amazon Web Services managed policy or a customer managed policy to set the boundary for a role. Use the boundary to control the maximum permissions that the role can have. Setting a permissions boundary is an advanced feature that can affect the permissions for the role.

You cannot set the boundary for a service-linked role.

Policies used as permissions boundaries do not provide permissions. You must also attach a permissions policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic in the IAM User Guide.

", "PutRolePolicy": "

Adds or updates an inline policy document that is embedded in the specified IAM role.

When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy. For more information about IAM roles, see Using roles to delegate permissions and federate identities.

A role can also have a managed policy attached to it. To attach a managed policy to a role, use AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed policies and inline policies in the IAM User Guide.

For information about the maximum number of inline policies that you can embed with a role, see IAM and STS quotas in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutRolePolicy. For general information about using the Query API with IAM, see Making query requests in the IAM User Guide.

", @@ -144,7 +144,7 @@ "UntagServerCertificate": "

Removes the specified tags from the IAM server certificate. For more information about tagging, see Tagging IAM resources in the IAM User Guide.

For certificates in a Region supported by Certificate Manager (ACM), we recommend that you don't use IAM server certificates. Instead, use ACM to provision, manage, and deploy your server certificates. For more information about IAM server certificates, Working with server certificates in the IAM User Guide.

", "UntagUser": "

Removes the specified tags from the user. For more information about tagging, see Tagging IAM resources in the IAM User Guide.

", "UpdateAccessKey": "

Changes the status of the specified access key from Active to Inactive, or vice versa. This operation can be used to disable a user's key as part of a key rotation workflow.

If the UserName is not specified, the user name is determined implicitly based on the Amazon Web Services access key ID used to sign the request. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated users.

For information about rotating keys, see Managing keys and certificates in the IAM User Guide.

", - "UpdateAccountPasswordPolicy": "

Updates the password policy settings for the Amazon Web Services account.

For more information about using a password policy, see Managing an IAM password policy in the IAM User Guide.

", + "UpdateAccountPasswordPolicy": "

Updates the password policy settings for the Amazon Web Services account.

This operation does not support partial updates. No parameters are required, but if you do not specify a parameter, that parameter's value reverts to its default value. See the Request Parameters section for each parameter's default value. Also note that some parameters do not allow the default parameter to be explicitly set. Instead, to invoke the default value, do not include that parameter when you invoke the operation.

For more information about using a password policy, see Managing an IAM password policy in the IAM User Guide.

", "UpdateAssumeRolePolicy": "

Updates the policy that grants an IAM entity permission to assume a role. This is typically referred to as the \"role trust policy\". For more information about roles, see Using roles to delegate permissions and federate identities.

", "UpdateGroup": "

Updates the name and/or the path of the specified IAM group.

You should understand the implications of changing a group's path or name. For more information, see Renaming users and groups in the IAM User Guide.

The person making the request (the principal), must have permission to change the role group with the old name and the new name. For example, to change the group named Managers to MGRs, the principal must have a policy that allows them to update both groups. If the principal has permission to update the Managers group, but not the MGRs group, then the update fails. For more information about permissions, see Access management.

", "UpdateLoginProfile": "

Changes the password for the specified IAM user. You can use the CLI, the Amazon Web Services API, or the Users page in the IAM console to change the password for any IAM user. Use ChangePassword to change your own password in the My Security Credentials page in the Amazon Web Services Management Console.

For more information about modifying passwords, see Managing passwords in the IAM User Guide.

", @@ -2296,8 +2296,8 @@ "booleanObjectType": { "base": null, "refs": { - "PasswordPolicy$HardExpiry": "

Specifies whether IAM users are prevented from setting a new password after their password has expired.

", - "UpdateAccountPasswordPolicyRequest$HardExpiry": "

Prevents IAM users from setting a new password after their password has expired. The IAM user cannot be accessed until an administrator resets the password.

If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that IAM users can change their passwords after they expire and continue to sign in as the user.

", + "PasswordPolicy$HardExpiry": "

Specifies whether IAM users are prevented from setting a new password via the Amazon Web Services Management Console after their password has expired. The IAM user cannot access the console until an administrator resets the password. IAM users with iam:ChangePassword permission and active access keys can reset their own expired console password using the CLI or API.

", + "UpdateAccountPasswordPolicyRequest$HardExpiry": "

Prevents IAM users who are accessing the account via the Amazon Web Services Management Console from setting a new console password after their password has expired. The IAM user cannot access the console until an administrator resets the password.

If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that IAM users can change their passwords after they expire and continue to sign in as the user.

In the Amazon Web Services Management Console, the custom password policy option Allow users to change their own password gives IAM users permissions to iam:ChangePassword for only their user and to the iam:GetAccountPasswordPolicy action. This option does not attach a permissions policy to each user, rather the permissions are applied at the account-level for all users by IAM. IAM users with iam:ChangePassword permission and active access keys can reset their own expired console password using the CLI or API.

", "UpdateLoginProfileRequest$PasswordResetRequired": "

Allows this new password to be used only once by requiring the specified IAM user to set a new password on next sign-in.

" } }, @@ -2350,7 +2350,7 @@ "PasswordPolicy$RequireNumbers": "

Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).

", "PasswordPolicy$RequireUppercaseCharacters": "

Specifies whether IAM user passwords must contain at least one uppercase character (A to Z).

", "PasswordPolicy$RequireLowercaseCharacters": "

Specifies whether IAM user passwords must contain at least one lowercase character (a to z).

", - "PasswordPolicy$AllowUsersToChangePassword": "

Specifies whether IAM users are allowed to change their own password.

", + "PasswordPolicy$AllowUsersToChangePassword": "

Specifies whether IAM users are allowed to change their own password. Gives IAM users permissions to iam:ChangePassword for only their user and to the iam:GetAccountPasswordPolicy action. This option does not attach a permissions policy to each user, rather the permissions are applied at the account-level for all users by IAM.

", "PasswordPolicy$ExpirePasswords": "

Indicates whether passwords in the account expire. Returns true if MaxPasswordAge contains a value greater than 0. Returns false if MaxPasswordAge is 0 or not present.

", "PermissionsBoundaryDecisionDetail$AllowedByPermissionsBoundary": "

Specifies whether an action is allowed by a permissions boundary that is applied to an IAM entity (user or role). A value of true means that the permissions boundary does not deny the action. This means that the policy includes an Allow statement that matches the request. In this case, if an identity-based policy also allows the action, the request is allowed. A value of false means that either the requested action is not allowed (implicitly denied) or that the action is explicitly denied by the permissions boundary. In both of these cases, the action is not allowed, regardless of the identity-based policy.

", "Policy$IsAttachable": "

Specifies whether the policy can be attached to an IAM user, group, or role.

", @@ -2360,7 +2360,7 @@ "UpdateAccountPasswordPolicyRequest$RequireNumbers": "

Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).

If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that passwords do not require at least one numeric character.

", "UpdateAccountPasswordPolicyRequest$RequireUppercaseCharacters": "

Specifies whether IAM user passwords must contain at least one uppercase character from the ISO basic Latin alphabet (A to Z).

If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that passwords do not require at least one uppercase character.

", "UpdateAccountPasswordPolicyRequest$RequireLowercaseCharacters": "

Specifies whether IAM user passwords must contain at least one lowercase character from the ISO basic Latin alphabet (a to z).

If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that passwords do not require at least one lowercase character.

", - "UpdateAccountPasswordPolicyRequest$AllowUsersToChangePassword": "

Allows all IAM users in your account to use the Amazon Web Services Management Console to change their own passwords. For more information, see Letting IAM users change their own passwords in the IAM User Guide.

If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that IAM users in the account do not automatically have permissions to change their own password.

" + "UpdateAccountPasswordPolicyRequest$AllowUsersToChangePassword": "

Allows all IAM users in your account to use the Amazon Web Services Management Console to change their own passwords. For more information, see Permitting IAM users to change their own passwords in the IAM User Guide.

If you do not specify a value for this parameter, then the operation uses the default value of false. The result is that IAM users in the account do not automatically have permissions to change their own password.

" } }, "certificateBodyType": { diff --git a/apis/redshift/2012-12-01/api-2.json b/apis/redshift/2012-12-01/api-2.json index 85fdaf76fca..c5468864db7 100644 --- a/apis/redshift/2012-12-01/api-2.json +++ b/apis/redshift/2012-12-01/api-2.json @@ -2151,7 +2151,8 @@ "members":{ "DataShareArn":{"shape":"String"}, "AssociateEntireAccount":{"shape":"BooleanOptional"}, - "ConsumerArn":{"shape":"String"} + "ConsumerArn":{"shape":"String"}, + "ConsumerRegion":{"shape":"String"} } }, "AssociatedClusterList":{ @@ -3264,6 +3265,7 @@ "members":{ "ConsumerIdentifier":{"shape":"String"}, "Status":{"shape":"DataShareStatus"}, + "ConsumerRegion":{"shape":"String"}, "CreatedDate":{"shape":"TStamp"}, "StatusChangeDate":{"shape":"TStamp"} } @@ -3947,7 +3949,8 @@ "members":{ "DataShareArn":{"shape":"String"}, "DisassociateEntireAccount":{"shape":"BooleanOptional"}, - "ConsumerArn":{"shape":"String"} + "ConsumerArn":{"shape":"String"}, + "ConsumerRegion":{"shape":"String"} } }, "Double":{"type":"double"}, @@ -6761,7 +6764,8 @@ "type":"string", "enum":[ "spectrum", - "concurrency-scaling" + "concurrency-scaling", + "cross-region-datasharing" ] }, "UsageLimitLimitType":{ diff --git a/apis/redshift/2012-12-01/docs-2.json b/apis/redshift/2012-12-01/docs-2.json index 507e6667574..1f40922710a 100644 --- a/apis/redshift/2012-12-01/docs-2.json +++ b/apis/redshift/2012-12-01/docs-2.json @@ -24,7 +24,7 @@ "CreateHsmClientCertificate": "

Creates an HSM client certificate that an Amazon Redshift cluster will use to connect to the client's HSM in order to store and retrieve the keys used to encrypt the cluster databases.

The command returns a public key, which you must store in the HSM. In addition to creating the HSM certificate, you must create an Amazon Redshift HSM configuration that provides a cluster the information needed to store and use encryption keys in the HSM. For more information, go to Hardware Security Modules in the Amazon Redshift Cluster Management Guide.

", "CreateHsmConfiguration": "

Creates an HSM configuration that contains the information required by an Amazon Redshift cluster to store and use database encryption keys in a Hardware Security Module (HSM). After creating the HSM configuration, you can specify it as a parameter when creating a cluster. The cluster will then store its encryption keys in the HSM.

In addition to creating an HSM configuration, you must also create an HSM client certificate. For more information, go to Hardware Security Modules in the Amazon Redshift Cluster Management Guide.

", "CreateScheduledAction": "

Creates a scheduled action. A scheduled action contains a schedule and an Amazon Redshift API action. For example, you can create a schedule of when to run the ResizeCluster API operation.

", - "CreateSnapshotCopyGrant": "

Creates a snapshot copy grant that permits Amazon Redshift to use a customer master key (CMK) from Key Management Service (KMS) to encrypt copied snapshots in a destination region.

For more information about managing snapshot copy grants, go to Amazon Redshift Database Encryption in the Amazon Redshift Cluster Management Guide.

", + "CreateSnapshotCopyGrant": "

Creates a snapshot copy grant that permits Amazon Redshift to use an encrypted symmetric key from Key Management Service (KMS) to encrypt copied snapshots in a destination region.

For more information about managing snapshot copy grants, go to Amazon Redshift Database Encryption in the Amazon Redshift Cluster Management Guide.

", "CreateSnapshotSchedule": "

Create a snapshot schedule that can be associated to a cluster and which overrides the default system backup schedule.

", "CreateTags": "

Adds tags to a cluster.

A resource can have up to 50 tags. If you try to create more than 50 tags for a resource, you will receive an error and the attempt will fail.

If you specify a key that already exists for the resource, the value for that key will be updated with the new value.

", "CreateUsageLimit": "

Creates a usage limit for a specified Amazon Redshift feature on a cluster. The usage limit is identified by the returned usage limit identifier.

", @@ -83,7 +83,7 @@ "DescribeTags": "

Returns a list of tags. You can return tags from a specific resource by specifying an ARN, or you can return all tags for a given type of resource, such as clusters, snapshots, and so on.

The following are limitations for DescribeTags:

If you specify both tag keys and tag values in the same request, Amazon Redshift returns all resources that match any combination of the specified keys and values. For example, if you have owner and environment for tag keys, and admin and test for tag values, all resources that have any combination of those values are returned.

If both tag keys and values are omitted from the request, resources are returned regardless of whether they have tag keys or values associated with them.

", "DescribeUsageLimits": "

Shows usage limits on a cluster. Results are filtered based on the combination of input usage limit identifier, cluster identifier, and feature type parameters:

", "DisableLogging": "

Stops logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.

", - "DisableSnapshotCopy": "

Disables the automatic copying of snapshots from one region to another region for a specified cluster.

If your cluster and its snapshots are encrypted using a customer master key (CMK) from Key Management Service, use DeleteSnapshotCopyGrant to delete the grant that grants Amazon Redshift permission to the CMK in the destination region.

", + "DisableSnapshotCopy": "

Disables the automatic copying of snapshots from one region to another region for a specified cluster.

If your cluster and its snapshots are encrypted using an encrypted symmetric key from Key Management Service, use DeleteSnapshotCopyGrant to delete the grant that grants Amazon Redshift permission to the key in the destination region.

", "DisassociateDataShareConsumer": "

From a consumer account, remove association for the specified datashare.

", "EnableLogging": "

Starts logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.

", "EnableSnapshotCopy": "

Enables the automatic copy of snapshots from one region to another region for a specified cluster.

", @@ -94,7 +94,7 @@ "ModifyAuthenticationProfile": "

Modifies an authentication profile.

", "ModifyCluster": "

Modifies the settings for a cluster.

You can also change node type and the number of nodes to scale up or down the cluster. When resizing a cluster, you must specify both the number of nodes and the node type even if one of the parameters does not change.

You can add another security or parameter group, or change the admin user password. Resetting a cluster password or modifying the security groups associated with a cluster do not need a reboot. However, modifying a parameter group requires a reboot for parameters to take effect. For more information about managing clusters, go to Amazon Redshift Clusters in the Amazon Redshift Cluster Management Guide.

", "ModifyClusterDbRevision": "

Modifies the database revision of a cluster. The database revision is a unique revision of the database running in a cluster.

", - "ModifyClusterIamRoles": "

Modifies the list of Identity and Access Management (IAM) roles that can be used by the cluster to access other Amazon Web Services services.

A cluster can have up to 10 IAM roles associated at any time.

", + "ModifyClusterIamRoles": "

Modifies the list of Identity and Access Management (IAM) roles that can be used by the cluster to access other Amazon Web Services services.

The maximum number of IAM roles that you can associate is subject to a quota. For more information, go to Quotas and limits in the Amazon Redshift Cluster Management Guide.

", "ModifyClusterMaintenance": "

Modifies the maintenance settings of a cluster.

", "ModifyClusterParameterGroup": "

Modifies the parameters of a parameter group. For the parameters parameter, it can't contain ASCII characters.

For more information about parameters and parameter groups, go to Amazon Redshift Parameter Groups in the Amazon Redshift Cluster Management Guide.

", "ModifyClusterSnapshot": "

Modifies the settings for a snapshot.

This exanmple modifies the manual retention period setting for a cluster snapshot.

", @@ -1644,10 +1644,10 @@ "IamRoleArnList": { "base": null, "refs": { - "CreateClusterMessage$IamRoles": "

A list of Identity and Access Management (IAM) roles that can be used by the cluster to access other Amazon Web Services services. You must supply the IAM roles in their Amazon Resource Name (ARN) format. You can supply up to 10 IAM roles in a single request.

A cluster can have up to 10 IAM roles associated with it at any time.

", - "ModifyClusterIamRolesMessage$AddIamRoles": "

Zero or more IAM roles to associate with the cluster. The roles must be in their Amazon Resource Name (ARN) format. You can associate up to 10 IAM roles with a single cluster in a single request.

", - "ModifyClusterIamRolesMessage$RemoveIamRoles": "

Zero or more IAM roles in ARN format to disassociate from the cluster. You can disassociate up to 10 IAM roles from a single cluster in a single request.

", - "RestoreFromClusterSnapshotMessage$IamRoles": "

A list of Identity and Access Management (IAM) roles that can be used by the cluster to access other Amazon Web Services services. You must supply the IAM roles in their Amazon Resource Name (ARN) format. You can supply up to 10 IAM roles in a single request.

A cluster can have up to 10 IAM roles associated at any time.

" + "CreateClusterMessage$IamRoles": "

A list of Identity and Access Management (IAM) roles that can be used by the cluster to access other Amazon Web Services services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.

The maximum number of IAM roles that you can associate is subject to a quota. For more information, go to Quotas and limits in the Amazon Redshift Cluster Management Guide.

", + "ModifyClusterIamRolesMessage$AddIamRoles": "

Zero or more IAM roles to associate with the cluster. The roles must be in their Amazon Resource Name (ARN) format.

", + "ModifyClusterIamRolesMessage$RemoveIamRoles": "

Zero or more IAM roles in ARN format to disassociate from the cluster.

", + "RestoreFromClusterSnapshotMessage$IamRoles": "

A list of Identity and Access Management (IAM) roles that can be used by the cluster to access other Amazon Web Services services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.

The maximum number of IAM roles that you can associate is subject to a quota. For more information, go to Quotas and limits in the Amazon Redshift Cluster Management Guide.

" } }, "ImportTablesCompleted": { @@ -2758,7 +2758,7 @@ } }, "SnapshotCopyGrant": { - "base": "

The snapshot copy grant that grants Amazon Redshift permission to encrypt copied snapshots with the specified customer master key (CMK) from Amazon Web Services KMS in the destination region.

For more information about managing snapshot copy grants, go to Amazon Redshift Database Encryption in the Amazon Redshift Cluster Management Guide.

", + "base": "

The snapshot copy grant that grants Amazon Redshift permission to encrypt copied snapshots with the specified encrypted symmetric key from Amazon Web Services KMS in the destination region.

For more information about managing snapshot copy grants, go to Amazon Redshift Database Encryption in the Amazon Redshift Cluster Management Guide.

", "refs": { "CreateSnapshotCopyGrantResult$SnapshotCopyGrant": null, "SnapshotCopyGrantList$member": null @@ -2896,6 +2896,7 @@ "AccountWithRestoreAccess$AccountAlias": "

The identifier of an Amazon Web Services support account authorized to restore a snapshot. For Amazon Web Services Support, the identifier is amazon-redshift-support.

", "AssociateDataShareConsumerMessage$DataShareArn": "

The Amazon Resource Name (ARN) of the datashare that the consumer is to use with the account or the namespace.

", "AssociateDataShareConsumerMessage$ConsumerArn": "

The Amazon Resource Name (ARN) of the consumer that is associated with the datashare.

", + "AssociateDataShareConsumerMessage$ConsumerRegion": "

From a datashare consumer account, associates a datashare with all existing and future namespaces in the specified Amazon Web Services Region.

", "AttributeNameList$member": null, "AttributeValueTarget$AttributeValue": "

The value of the attribute.

", "AuthenticationProfile$AuthenticationProfileContent": "

The content of the authentication profile in JSON format. The maximum length of the JSON string is determined by a quota for your account.

", @@ -2984,7 +2985,7 @@ "CreateClusterMessage$ClusterType": "

The type of the cluster. When cluster type is specified as

Valid Values: multi-node | single-node

Default: multi-node

", "CreateClusterMessage$NodeType": "

The node type to be provisioned for the cluster. For information about node types, go to Working with Clusters in the Amazon Redshift Cluster Management Guide.

Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.xlplus | ra3.4xlarge | ra3.16xlarge

", "CreateClusterMessage$MasterUsername": "

The user name associated with the admin user account for the cluster that is being created.

Constraints:

", - "CreateClusterMessage$MasterUserPassword": "

The password associated with the admin user account for the cluster that is being created.

Constraints:

", + "CreateClusterMessage$MasterUserPassword": "

The password associated with the admin user account for the cluster that is being created.

Constraints:

", "CreateClusterMessage$ClusterSubnetGroupName": "

The name of a cluster subnet group to be associated with this cluster.

If this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).

", "CreateClusterMessage$AvailabilityZone": "

The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.

Default: A random, system-chosen Availability Zone in the region that is specified by the endpoint.

Example: us-east-2d

Constraint: The specified Availability Zone must be in the same region as the current endpoint.

", "CreateClusterMessage$PreferredMaintenanceWindow": "

The weekly time range (in UTC) during which automated cluster maintenance can occur.

Format: ddd:hh24:mi-ddd:hh24:mi

Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see Maintenance Windows in Amazon Redshift Cluster Management Guide.

Valid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun

Constraints: Minimum 30-minute window.

", @@ -3027,7 +3028,7 @@ "CreateScheduledActionMessage$IamRole": "

The IAM role to assume to run the target action. For more information about this parameter, see ScheduledAction.

", "CreateScheduledActionMessage$ScheduledActionDescription": "

The description of the scheduled action.

", "CreateSnapshotCopyGrantMessage$SnapshotCopyGrantName": "

The name of the snapshot copy grant. This name must be unique in the region for the Amazon Web Services account.

Constraints:

", - "CreateSnapshotCopyGrantMessage$KmsKeyId": "

The unique identifier of the customer master key (CMK) to which to grant Amazon Redshift permission. If no key is specified, the default key is used.

", + "CreateSnapshotCopyGrantMessage$KmsKeyId": "

The unique identifier of the encrypted symmetric key to which to grant Amazon Redshift permission. If no key is specified, the default key is used.

", "CreateSnapshotScheduleMessage$ScheduleIdentifier": "

A unique identifier for a snapshot schedule. Only alphanumeric characters are allowed for the identifier.

", "CreateSnapshotScheduleMessage$ScheduleDescription": "

The description of the snapshot schedule.

", "CreateTagsMessage$ResourceName": "

The Amazon Resource Name (ARN) to which you want to add the tag or tags. For example, arn:aws:redshift:us-east-2:123456789:cluster:t1.

", @@ -3036,6 +3037,7 @@ "DataShare$ProducerArn": "

The Amazon Resource Name (ARN) of the producer.

", "DataShare$ManagedBy": "

The identifier of a datashare to show its managing entity.

", "DataShareAssociation$ConsumerIdentifier": "

The name of the consumer accounts that have an association with a producer datashare.

", + "DataShareAssociation$ConsumerRegion": "

The Amazon Web Services Region of the consumer accounts that have an association with a producer datashare.

", "DataTransferProgress$Status": "

Describes the status of the cluster. While the transfer is in progress the status is transferringdata.

", "DbGroupList$member": null, "DeauthorizeDataShareMessage$DataShareArn": "

The Amazon Resource Name (ARN) of the datashare to remove authorization from.

", @@ -3148,6 +3150,7 @@ "DisableSnapshotCopyMessage$ClusterIdentifier": "

The unique identifier of the source cluster that you want to disable copying of snapshots to a destination region.

Constraints: Must be the valid name of an existing cluster that has cross-region snapshot copy enabled.

", "DisassociateDataShareConsumerMessage$DataShareArn": "

The Amazon Resource Name (ARN) of the datashare to remove association for.

", "DisassociateDataShareConsumerMessage$ConsumerArn": "

The Amazon Resource Name (ARN) of the consumer that association for the datashare is removed from.

", + "DisassociateDataShareConsumerMessage$ConsumerRegion": "

From a datashare consumer account, removes association of a datashare from all the existing and future namespaces in the specified Amazon Web Services Region.

", "EC2SecurityGroup$Status": "

The status of the EC2 security group.

", "EC2SecurityGroup$EC2SecurityGroupName": "

The name of the EC2 Security Group.

", "EC2SecurityGroup$EC2SecurityGroupOwnerId": "

The Amazon Web Services account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName field.

", @@ -3233,7 +3236,7 @@ "ModifyClusterMessage$ClusterIdentifier": "

The unique identifier of the cluster to be modified.

Example: examplecluster

", "ModifyClusterMessage$ClusterType": "

The new cluster type.

When you submit your cluster resize request, your existing cluster goes into a read-only mode. After Amazon Redshift provisions a new cluster based on your resize requirements, there will be outage for a period while the old cluster is deleted and your connection is switched to the new cluster. You can use DescribeResize to track the progress of the resize request.

Valid Values: multi-node | single-node

", "ModifyClusterMessage$NodeType": "

The new node type of the cluster. If you specify a new node type, you must also specify the number of nodes parameter.

For more information about resizing clusters, go to Resizing Clusters in Amazon Redshift in the Amazon Redshift Cluster Management Guide.

Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.xlplus | ra3.4xlarge | ra3.16xlarge

", - "ModifyClusterMessage$MasterUserPassword": "

The new password for the cluster admin user. This change is asynchronously applied as soon as possible. Between the time of the request and the completion of the request, the MasterUserPassword element exists in the PendingModifiedValues element of the operation response.

Operations never return the password, so this operation provides a way to regain access to the admin user account for a cluster if the password is lost.

Default: Uses existing setting.

Constraints:

", + "ModifyClusterMessage$MasterUserPassword": "

The new password for the cluster admin user. This change is asynchronously applied as soon as possible. Between the time of the request and the completion of the request, the MasterUserPassword element exists in the PendingModifiedValues element of the operation response.

Operations never return the password, so this operation provides a way to regain access to the admin user account for a cluster if the password is lost.

Default: Uses existing setting.

Constraints:

", "ModifyClusterMessage$ClusterParameterGroupName": "

The name of the cluster parameter group to apply to this cluster. This change is applied only after the cluster is rebooted. To reboot a cluster use RebootCluster.

Default: Uses existing setting.

Constraints: The cluster parameter group must be in the same parameter group family that matches the cluster version.

", "ModifyClusterMessage$PreferredMaintenanceWindow": "

The weekly time range (in UTC) during which system maintenance can occur, if necessary. If system maintenance is necessary during the window, it may result in an outage.

This maintenance window change is made immediately. If the new maintenance window indicates the current time, there must be at least 120 minutes between the current time and end of the window in order to ensure that pending changes are applied.

Default: Uses existing setting.

Format: ddd:hh24:mi-ddd:hh24:mi, for example wed:07:30-wed:08:00.

Valid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun

Constraints: Must be at least 30 minutes.

", "ModifyClusterMessage$ClusterVersion": "

The new version number of the Amazon Redshift engine to upgrade to.

For major version upgrades, if a non-default cluster parameter group is currently in use, a new cluster parameter group in the cluster parameter group family for the new version must be specified. The new cluster parameter group can be the default for that cluster parameter group family. For more information about parameters and parameter groups, go to Amazon Redshift Parameter Groups in the Amazon Redshift Cluster Management Guide.

Example: 1.0

", @@ -3386,7 +3389,7 @@ "Snapshot$SourceRegion": "

The source region from which the snapshot was copied.

", "Snapshot$MaintenanceTrackName": "

The name of the maintenance track for the snapshot.

", "SnapshotCopyGrant$SnapshotCopyGrantName": "

The name of the snapshot copy grant.

", - "SnapshotCopyGrant$KmsKeyId": "

The unique identifier of the customer master key (CMK) in Amazon Web Services KMS to which Amazon Redshift is granted permission.

", + "SnapshotCopyGrant$KmsKeyId": "

The unique identifier of the encrypted symmetric key in Amazon Web Services KMS to which Amazon Redshift is granted permission.

", "SnapshotCopyGrantMessage$Marker": "

An optional parameter that specifies the starting point to return a set of response records. When the results of a DescribeSnapshotCopyGrant request exceed the value specified in MaxRecords, Amazon Web Services returns a value in the Marker field of the response. You can retrieve the next set of response records by providing the returned marker value in the Marker parameter and retrying the request.

Constraints: You can specify either the SnapshotCopyGrantName parameter or the Marker parameter, but not both.

", "SnapshotErrorMessage$SnapshotIdentifier": "

A unique identifier for the snapshot returning the error.

", "SnapshotErrorMessage$SnapshotClusterIdentifier": "

A unique identifier for the cluster.

", @@ -3758,7 +3761,7 @@ "UsageLimitLimitType": { "base": null, "refs": { - "CreateUsageLimitMessage$LimitType": "

The type of limit. Depending on the feature type, this can be based on a time duration or data size. If FeatureType is spectrum, then LimitType must be data-scanned. If FeatureType is concurrency-scaling, then LimitType must be time.

", + "CreateUsageLimitMessage$LimitType": "

The type of limit. Depending on the feature type, this can be based on a time duration or data size. If FeatureType is spectrum, then LimitType must be data-scanned. If FeatureType is concurrency-scaling, then LimitType must be time. If FeatureType is cross-region-datasharing, then LimitType must be data-scanned.

", "UsageLimit$LimitType": "

The type of limit. Depending on the feature type, this can be based on a time duration or data size.

" } }, diff --git a/gems/aws-partitions/CHANGELOG.md b/gems/aws-partitions/CHANGELOG.md index caa9a5f42d9..48ea3d14e5a 100644 --- a/gems/aws-partitions/CHANGELOG.md +++ b/gems/aws-partitions/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.555.0 (2022-02-17) +------------------ + +* Feature - Updated the partitions source data the determines the AWS service regions and endpoints. + 1.554.0 (2022-02-10) ------------------ diff --git a/gems/aws-partitions/VERSION b/gems/aws-partitions/VERSION index aeb49faadc6..688de053280 100644 --- a/gems/aws-partitions/VERSION +++ b/gems/aws-partitions/VERSION @@ -1 +1 @@ -1.554.0 +1.555.0 diff --git a/gems/aws-partitions/partitions.json b/gems/aws-partitions/partitions.json index f8660ca857e..2c6f89af087 100644 --- a/gems/aws-partitions/partitions.json +++ b/gems/aws-partitions/partitions.json @@ -5726,6 +5726,7 @@ "ap-south-1" : { }, "ap-southeast-1" : { }, "ap-southeast-2" : { }, + "ap-southeast-3" : { }, "ca-central-1" : { }, "eu-central-1" : { }, "eu-north-1" : { }, diff --git a/gems/aws-sdk-backup/CHANGELOG.md b/gems/aws-sdk-backup/CHANGELOG.md index 50de4d61782..7db8f4b7b89 100644 --- a/gems/aws-sdk-backup/CHANGELOG.md +++ b/gems/aws-sdk-backup/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.42.0 (2022-02-17) +------------------ + +* Feature - AWS Backup add new S3_BACKUP_OBJECT_FAILED and S3_RESTORE_OBJECT_FAILED event types in BackupVaultNotifications events list. + 1.41.0 (2022-02-03) ------------------ diff --git a/gems/aws-sdk-backup/VERSION b/gems/aws-sdk-backup/VERSION index 7d47e599800..a50908ca3da 100644 --- a/gems/aws-sdk-backup/VERSION +++ b/gems/aws-sdk-backup/VERSION @@ -1 +1 @@ -1.41.0 +1.42.0 diff --git a/gems/aws-sdk-backup/lib/aws-sdk-backup.rb b/gems/aws-sdk-backup/lib/aws-sdk-backup.rb index 4e965846cd8..794c278ac00 100644 --- a/gems/aws-sdk-backup/lib/aws-sdk-backup.rb +++ b/gems/aws-sdk-backup/lib/aws-sdk-backup.rb @@ -48,6 +48,6 @@ # @!group service module Aws::Backup - GEM_VERSION = '1.41.0' + GEM_VERSION = '1.42.0' end diff --git a/gems/aws-sdk-backup/lib/aws-sdk-backup/client.rb b/gems/aws-sdk-backup/lib/aws-sdk-backup/client.rb index 2aeedd8f161..6b68a2e87c0 100644 --- a/gems/aws-sdk-backup/lib/aws-sdk-backup/client.rb +++ b/gems/aws-sdk-backup/lib/aws-sdk-backup/client.rb @@ -454,7 +454,7 @@ def create_backup_plan(params = {}, options = {}) # # # - # [1]: https://docs.aws.amazon.com/assigning-resources.html#assigning-resources-json + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/assigning-resources.html#assigning-resources-json # # @option params [required, String] :backup_plan_id # Uniquely identifies the backup plan to be associated with the @@ -1899,7 +1899,7 @@ def get_backup_vault_access_policy(params = {}, options = {}) # resp.backup_vault_arn #=> String # resp.sns_topic_arn #=> String # resp.backup_vault_events #=> Array - # resp.backup_vault_events[0] #=> String, one of "BACKUP_JOB_STARTED", "BACKUP_JOB_COMPLETED", "BACKUP_JOB_SUCCESSFUL", "BACKUP_JOB_FAILED", "BACKUP_JOB_EXPIRED", "RESTORE_JOB_STARTED", "RESTORE_JOB_COMPLETED", "RESTORE_JOB_SUCCESSFUL", "RESTORE_JOB_FAILED", "COPY_JOB_STARTED", "COPY_JOB_SUCCESSFUL", "COPY_JOB_FAILED", "RECOVERY_POINT_MODIFIED", "BACKUP_PLAN_CREATED", "BACKUP_PLAN_MODIFIED" + # resp.backup_vault_events[0] #=> String, one of "BACKUP_JOB_STARTED", "BACKUP_JOB_COMPLETED", "BACKUP_JOB_SUCCESSFUL", "BACKUP_JOB_FAILED", "BACKUP_JOB_EXPIRED", "RESTORE_JOB_STARTED", "RESTORE_JOB_COMPLETED", "RESTORE_JOB_SUCCESSFUL", "RESTORE_JOB_FAILED", "COPY_JOB_STARTED", "COPY_JOB_SUCCESSFUL", "COPY_JOB_FAILED", "RECOVERY_POINT_MODIFIED", "BACKUP_PLAN_CREATED", "BACKUP_PLAN_MODIFIED", "S3_BACKUP_OBJECT_FAILED", "S3_RESTORE_OBJECT_FAILED" # # @see http://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/GetBackupVaultNotifications AWS API Documentation # @@ -2013,6 +2013,10 @@ def get_supported_resource_types(params = {}, options = {}) # @option params [String] :by_resource_type # Returns only backup jobs for the specified resources: # + # * `Aurora` for Amazon Aurora + # + # * `DocumentDB` for Amazon DocumentDB (with MongoDB compatibility) + # # * `DynamoDB` for Amazon DynamoDB # # * `EBS` for Amazon Elastic Block Store @@ -2021,12 +2025,18 @@ def get_supported_resource_types(params = {}, options = {}) # # * `EFS` for Amazon Elastic File System # - # * `RDS` for Amazon Relational Database Service + # * `FSx` for Amazon FSx # - # * `Aurora` for Amazon Aurora + # * `Neptune` for Amazon Neptune + # + # * `RDS` for Amazon Relational Database Service # # * `Storage Gateway` for Storage Gateway # + # * `S3` for Amazon S3 + # + # * `VirtualMachine` for virtual machines + # # @option params [String] :by_account_id # The account ID to list the jobs from. Returns only backup jobs # associated with the specified account ID. @@ -2378,6 +2388,10 @@ def list_backup_vaults(params = {}, options = {}) # @option params [String] :by_resource_type # Returns only backup jobs for the specified resources: # + # * `Aurora` for Amazon Aurora + # + # * `DocumentDB` for Amazon DocumentDB (with MongoDB compatibility) + # # * `DynamoDB` for Amazon DynamoDB # # * `EBS` for Amazon Elastic Block Store @@ -2386,12 +2400,18 @@ def list_backup_vaults(params = {}, options = {}) # # * `EFS` for Amazon Elastic File System # - # * `RDS` for Amazon Relational Database Service + # * `FSx` for Amazon FSx # - # * `Aurora` for Amazon Aurora + # * `Neptune` for Amazon Neptune + # + # * `RDS` for Amazon Relational Database Service # # * `Storage Gateway` for Storage Gateway # + # * `S3` for Amazon S3 + # + # * `VirtualMachine` for virtual machines + # # @option params [String] :by_destination_vault_arn # An Amazon Resource Name (ARN) that uniquely identifies a source backup # vault to copy from; for example, @@ -2905,9 +2925,14 @@ def list_restore_jobs(params = {}, options = {}) # Returns a list of key-value pairs assigned to a target recovery point, # backup plan, or backup vault. # - # `ListTags` are currently only supported with Amazon EFS backups. + # `ListTags` only works for resource types that support full Backup + # management of their backups. Those resource types are listed in the + # "Full Backup management" section of the [ Feature availability by + # resource][1] table. # - # + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # # @option params [required, String] :resource_arn # An Amazon Resource Name (ARN) that uniquely identifies a resource. The @@ -3016,7 +3041,8 @@ def put_backup_vault_access_policy(params = {}, options = {}) # longer than the minimum retention period. If the job's retention # period is shorter than that minimum retention period, then the vault # fails that backup or copy job, and you should either modify your - # lifecycle settings or use a different vault. Recovery points already + # lifecycle settings or use a different vault. The shortest minimum + # retention period you can specify is 1 day. Recovery points already # saved in the vault prior to Vault Lock are not affected. # # @option params [Integer] :max_retention_days @@ -3036,8 +3062,10 @@ def put_backup_vault_access_policy(params = {}, options = {}) # shorter than the maximum retention period. If the job's retention # period is longer than that maximum retention period, then the vault # fails the backup or copy job, and you should either modify your - # lifecycle settings or use a different vault. Recovery points already - # saved in the vault prior to Vault Lock are not affected. + # lifecycle settings or use a different vault. The longest maximum + # retention period you can specify is 36500 days (approximately 100 + # years). Recovery points already saved in the vault prior to Vault Lock + # are not affected. # # @option params [Integer] :changeable_for_days # The Backup Vault Lock configuration that specifies the number of days @@ -3110,6 +3138,8 @@ def put_backup_vault_lock_configuration(params = {}, options = {}) # * `RESTORE_JOB_STARTED` \| `RESTORE_JOB_COMPLETED` \| # `RECOVERY_POINT_MODIFIED` # + # * `S3_BACKUP_OBJECT_FAILED` \| `S3_RESTORE_OBJECT_FAILED` + # # Ignore the list below because it includes deprecated events. Refer to # the list above. # @@ -3126,7 +3156,7 @@ def put_backup_vault_lock_configuration(params = {}, options = {}) # resp = client.put_backup_vault_notifications({ # backup_vault_name: "BackupVaultName", # required # sns_topic_arn: "ARN", # required - # backup_vault_events: ["BACKUP_JOB_STARTED"], # required, accepts BACKUP_JOB_STARTED, BACKUP_JOB_COMPLETED, BACKUP_JOB_SUCCESSFUL, BACKUP_JOB_FAILED, BACKUP_JOB_EXPIRED, RESTORE_JOB_STARTED, RESTORE_JOB_COMPLETED, RESTORE_JOB_SUCCESSFUL, RESTORE_JOB_FAILED, COPY_JOB_STARTED, COPY_JOB_SUCCESSFUL, COPY_JOB_FAILED, RECOVERY_POINT_MODIFIED, BACKUP_PLAN_CREATED, BACKUP_PLAN_MODIFIED + # backup_vault_events: ["BACKUP_JOB_STARTED"], # required, accepts BACKUP_JOB_STARTED, BACKUP_JOB_COMPLETED, BACKUP_JOB_SUCCESSFUL, BACKUP_JOB_FAILED, BACKUP_JOB_EXPIRED, RESTORE_JOB_STARTED, RESTORE_JOB_COMPLETED, RESTORE_JOB_SUCCESSFUL, RESTORE_JOB_FAILED, COPY_JOB_STARTED, COPY_JOB_SUCCESSFUL, COPY_JOB_FAILED, RECOVERY_POINT_MODIFIED, BACKUP_PLAN_CREATED, BACKUP_PLAN_MODIFIED, S3_BACKUP_OBJECT_FAILED, S3_RESTORE_OBJECT_FAILED # }) # # @see http://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/PutBackupVaultNotifications AWS API Documentation @@ -3167,10 +3197,10 @@ def put_backup_vault_notifications(params = {}, options = {}) # # @option params [Integer] :complete_window_minutes # A value in minutes during which a successfully started backup must - # complete, or else AWS Backup will cancel the job. This value is - # optional. This value begins counting down from when the backup was - # scheduled. It does not add additional time for `StartWindowMinutes`, - # or if the backup started later than scheduled. + # complete, or else Backup will cancel the job. This value is optional. + # This value begins counting down from when the backup was scheduled. It + # does not add additional time for `StartWindowMinutes`, or if the + # backup started later than scheduled. # # @option params [Types::Lifecycle] :lifecycle # The lifecycle defines when a protected resource is transitioned to @@ -3178,13 +3208,20 @@ def put_backup_vault_notifications(params = {}, options = {}) # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be changed - # after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. The + # “transition to cold after days” setting cannot be changed after a + # backup has been transitioned to cold. + # + # Only resource types that support full Backup management can transition + # their backups to cold storage. Those resource types are listed in the + # "Full Backup management" section of the [ Feature availability by + # resource][1] table. Backup ignores this expression for other resource + # types. # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # # @option params [Hash] :recovery_point_tags # To help organize your resources, you can assign your own metadata to @@ -3277,13 +3314,20 @@ def start_backup_job(params = {}, options = {}) # before a recovery point transitions to cold storage or is deleted. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, on the console, the “expire after - # days” setting must be 90 days greater than the “transition to cold - # after days” setting. The “transition to cold after days” setting - # cannot be changed after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, on the console, the “retention” + # setting must be 90 days greater than the “transition to cold after + # days” setting. The “transition to cold after days” setting cannot be + # changed after a backup has been transitioned to cold. + # + # Only resource types that support full Backup management can transition + # their backups to cold storage. Those resource types are listed in the + # "Full Backup management" section of the [ Feature availability by + # resource][1] table. Backup ignores this expression for other resource + # types. # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # # @return [Types::StartCopyJobOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # @@ -3418,6 +3462,10 @@ def start_report_job(params = {}, options = {}) # Starts a job to restore a recovery point for one of the following # resources: # + # * `Aurora` for Amazon Aurora + # + # * `DocumentDB` for Amazon DocumentDB (with MongoDB compatibility) + # # * `DynamoDB` for Amazon DynamoDB # # * `EBS` for Amazon Elastic Block Store @@ -3426,12 +3474,18 @@ def start_report_job(params = {}, options = {}) # # * `EFS` for Amazon Elastic File System # - # * `RDS` for Amazon Relational Database Service + # * `FSx` for Amazon FSx # - # * `Aurora` for Amazon Aurora + # * `Neptune` for Amazon Neptune + # + # * `RDS` for Amazon Relational Database Service # # * `Storage Gateway` for Storage Gateway # + # * `S3` for Amazon S3 + # + # * `VirtualMachine` for virtual machines + # # @return [Types::StartRestoreJobOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::StartRestoreJobOutput#restore_job_id #restore_job_id} => String @@ -3735,15 +3789,22 @@ def update_global_settings(params = {}, options = {}) # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be changed - # after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. The + # “transition to cold after days” setting cannot be changed after a + # backup has been transitioned to cold. # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # Only resource types that support full Backup management can transition + # their backups to cold storage. Those resource types are listed in the + # "Full Backup management" section of the [ Feature availability by + # resource][1] table. Backup ignores this expression for other resource + # types. # - # Does not support continuous backups. + # This operation does not support continuous backups. + # + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # # @option params [required, String] :backup_vault_name # The name of a logical container where backups are stored. Backup @@ -3762,10 +3823,10 @@ def update_global_settings(params = {}, options = {}) # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be changed - # after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. The + # “transition to cold after days” setting cannot be changed after a + # backup has been transitioned to cold. # # @return [Types::UpdateRecoveryPointLifecycleOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # @@ -3816,12 +3877,15 @@ def update_recovery_point_lifecycle(params = {}, options = {}) # Region. # # @option params [Hash] :resource_type_management_preference - # Enables or disables [ Backup's advanced DynamoDB backup features][1] - # for the Region. + # Enables or disables full Backup management of backups for a resource + # type. To enable full Backup management for DynamoDB along with [ + # Backup's advanced DynamoDB backup features][1], follow the procedure + # to [ enable advanced DynamoDB backup programmatically][2]. # # # # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/advanced-ddb-backup.html + # [2]: https://docs.aws.amazon.com/aws-backup/latest/devguide/advanced-ddb-backup.html#advanced-ddb-backup-enable-cli # # @return [Struct] Returns an empty {Seahorse::Client::Response response}. # @@ -3934,7 +3998,7 @@ def build_request(operation_name, params = {}) params: params, config: config) context[:gem_name] = 'aws-sdk-backup' - context[:gem_version] = '1.41.0' + context[:gem_version] = '1.42.0' Seahorse::Client::Request.new(handlers, context) end diff --git a/gems/aws-sdk-backup/lib/aws-sdk-backup/types.rb b/gems/aws-sdk-backup/lib/aws-sdk-backup/types.rb index c0b20d021f4..98602bb9987 100644 --- a/gems/aws-sdk-backup/lib/aws-sdk-backup/types.rb +++ b/gems/aws-sdk-backup/lib/aws-sdk-backup/types.rb @@ -492,13 +492,20 @@ class BackupPlansListMember < Struct.new( # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be - # changed after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. + # The “transition to cold after days” setting cannot be changed after + # a backup has been transitioned to cold. + # + # Only resource types that support full Backup management can + # transition their backups to cold storage. Those resource types are + # listed in the "Full Backup management" section of the [ Feature + # availability by resource][1] table. Backup ignores this expression + # for other resource types. # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # @return [Types::Lifecycle] # # @!attribute [rw] recovery_point_tags @@ -604,13 +611,20 @@ class BackupRule < Struct.new( # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be - # changed after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. + # The “transition to cold after days” setting cannot be changed after + # a backup has been transitioned to cold. + # + # Only resource types that support full Backup management can + # transition their backups to cold storage. Those resource types are + # listed in the "Full Backup management" section of the [ Feature + # availability by resource][1] table. Backup ignores this expression + # for other resource types. # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # @return [Types::Lifecycle] # # @!attribute [rw] recovery_point_tags @@ -841,9 +855,20 @@ class BackupSelectionsListMember < Struct.new( # @return [Time] # # @!attribute [rw] encryption_key_arn - # The server-side encryption key that is used to protect your backups; - # for example, + # A server-side encryption key you can specify to encrypt your backups + # from services that support full Backup management; for example, # `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`. + # If you specify a key, you must specify its ARN, not its alias. If + # you do not specify a key, Backup creates a KMS key for you by + # default. + # + # To learn which Backup services support full Backup management and + # how Backup handles encryption for backups from services that do not + # yet support full Backup, see [ Encryption for backups in Backup][1] + # + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html # @return [String] # # @!attribute [rw] creator_request_id @@ -934,13 +959,20 @@ class BackupVaultListMember < Struct.new( # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be changed - # after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. The + # “transition to cold after days” setting cannot be changed after a + # backup has been transitioned to cold. + # + # Only resource types that support full Backup management can transition + # their backups to cold storage. Those resource types are listed in the + # "Full Backup management" section of the [ Feature availability by + # resource][1] table. Backup ignores this expression for other resource + # types. + # # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # # @!attribute [rw] move_to_cold_storage_at # A timestamp that specifies when to transition a recovery point to @@ -976,7 +1008,7 @@ class CalculatedLifecycle < Struct.new( # @!attribute [rw] condition_type # An operation applied to a key-value pair used to assign resources to # your backup plan. Condition only supports `StringEquals`. For more - # flexible assignment options, incluidng `StringLike` and the ability + # flexible assignment options, including `StringLike` and the ability # to exclude resources from your backup plan, use `Conditions` (with # an "s" on the end) for your [ `BackupSelection` ][1]. # @@ -1231,14 +1263,20 @@ class ControlScope < Struct.new( # deleted. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, on the console, the “expire - # after days” setting must be 90 days greater than the “transition to - # cold after days” setting. The “transition to cold after days” - # setting cannot be changed after a backup has been transitioned to - # cold. - # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # for a minimum of 90 days. Therefore, on the console, the “retention” + # setting must be 90 days greater than the “transition to cold after + # days” setting. The “transition to cold after days” setting cannot be + # changed after a backup has been transitioned to cold. + # + # Only resource types that support full Backup management can + # transition their backups to cold storage. Those resource types are + # listed in the "Full Backup management" section of the [ Feature + # availability by resource][1] table. Backup ignores this expression + # for other resource types. + # + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # @return [Types::Lifecycle] # # @!attribute [rw] destination_backup_vault_arn @@ -2736,13 +2774,20 @@ class DescribeRecoveryPointInput < Struct.new( # backups automatically according to the lifecycle that you define. # # Backups that are transitioned to cold storage must be stored in cold - # storage for a minimum of 90 days. Therefore, the “expire after days” - # setting must be 90 days greater than the “transition to cold after - # days” setting. The “transition to cold after days” setting cannot be + # storage for a minimum of 90 days. Therefore, the “retention” setting + # must be 90 days greater than the “transition to cold after days” + # setting. The “transition to cold after days” setting cannot be # changed after a backup has been transitioned to cold. # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # Only resource types that support full Backup management can + # transition their backups to cold storage. Those resource types are + # listed in the "Full Backup management" section of the [ Feature + # availability by resource][1] table. Backup ignores this expression + # for other resource types. + # + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # @return [Types::Lifecycle] # # @!attribute [rw] encryption_key_arn @@ -2808,12 +2853,24 @@ class DescribeRegionSettingsInput < Aws::EmptyStructure; end # @return [Hash] # # @!attribute [rw] resource_type_management_preference - # Returns whether a DynamoDB recovery point was taken using [ - # Backup's advanced DynamoDB backup features][1]. + # Returns whether Backup fully manages the backups for a resource + # type. # + # For the benefits of full Backup management, see [ Full Backup + # management][1]. # + # For a list of resource types and whether each supports full Backup + # management, see the [ Feature availability by resource][2] table. # - # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/advanced-ddb-backup.html + # If `"DynamoDB":false`, you can enable full Backup management for + # DynamoDB backup by enabling [ Backup's advanced DynamoDB backup + # features][3]. + # + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#full-management + # [2]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource + # [3]: https://docs.aws.amazon.com/aws-backup/latest/devguide/advanced-ddb-backup.html#advanced-ddb-backup-enable-cli # @return [Hash] # # @see http://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/DescribeRegionSettingsOutput AWS API Documentation @@ -3566,6 +3623,10 @@ class GetRecoveryPointRestoreMetadataOutput < Struct.new( # * `RDS` for Amazon Relational Database Service # # * `Storage Gateway` for Storage Gateway + # + # * `DocDB` for Amazon DocumentDB (with MongoDB compatibility) + # + # * `Neptune` for Amazon Neptune # @return [Array] # # @see http://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/GetSupportedResourceTypesOutput AWS API Documentation @@ -3659,13 +3720,20 @@ class InvalidResourceStateException < Struct.new( # before a recovery point transitions to cold storage or is deleted. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, on the console, the “expire after - # days” setting must be 90 days greater than the “transition to cold - # after days” setting. The “transition to cold after days” setting - # cannot be changed after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, on the console, the “retention” + # setting must be 90 days greater than the “transition to cold after + # days” setting. The “transition to cold after days” setting cannot be + # changed after a backup has been transitioned to cold. + # + # Only resource types that support full Backup management can transition + # their backups to cold storage. Those resource types are listed in the + # "Full Backup management" section of the [ Feature availability by + # resource][1] table. Backup ignores this expression for other resource + # types. + # + # # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # # @note When making an API call, you may pass Lifecycle # data as a hash: @@ -3776,6 +3844,10 @@ class LimitExceededException < Struct.new( # @!attribute [rw] by_resource_type # Returns only backup jobs for the specified resources: # + # * `Aurora` for Amazon Aurora + # + # * `DocumentDB` for Amazon DocumentDB (with MongoDB compatibility) + # # * `DynamoDB` for Amazon DynamoDB # # * `EBS` for Amazon Elastic Block Store @@ -3784,11 +3856,17 @@ class LimitExceededException < Struct.new( # # * `EFS` for Amazon Elastic File System # - # * `RDS` for Amazon Relational Database Service + # * `FSx` for Amazon FSx # - # * `Aurora` for Amazon Aurora + # * `Neptune` for Amazon Neptune + # + # * `RDS` for Amazon Relational Database Service # # * `Storage Gateway` for Storage Gateway + # + # * `S3` for Amazon S3 + # + # * `VirtualMachine` for virtual machines # @return [String] # # @!attribute [rw] by_account_id @@ -4148,6 +4226,10 @@ class ListBackupVaultsOutput < Struct.new( # @!attribute [rw] by_resource_type # Returns only backup jobs for the specified resources: # + # * `Aurora` for Amazon Aurora + # + # * `DocumentDB` for Amazon DocumentDB (with MongoDB compatibility) + # # * `DynamoDB` for Amazon DynamoDB # # * `EBS` for Amazon Elastic Block Store @@ -4156,11 +4238,17 @@ class ListBackupVaultsOutput < Struct.new( # # * `EFS` for Amazon Elastic File System # - # * `RDS` for Amazon Relational Database Service + # * `FSx` for Amazon FSx # - # * `Aurora` for Amazon Aurora + # * `Neptune` for Amazon Neptune + # + # * `RDS` for Amazon Relational Database Service # # * `Storage Gateway` for Storage Gateway + # + # * `S3` for Amazon S3 + # + # * `VirtualMachine` for virtual machines # @return [String] # # @!attribute [rw] by_destination_vault_arn @@ -4851,7 +4939,8 @@ class PutBackupVaultAccessPolicyInput < Struct.new( # longer than the minimum retention period. If the job's retention # period is shorter than that minimum retention period, then the vault # fails that backup or copy job, and you should either modify your - # lifecycle settings or use a different vault. Recovery points already + # lifecycle settings or use a different vault. The shortest minimum + # retention period you can specify is 1 day. Recovery points already # saved in the vault prior to Vault Lock are not affected. # @return [Integer] # @@ -4872,8 +4961,10 @@ class PutBackupVaultAccessPolicyInput < Struct.new( # shorter than the maximum retention period. If the job's retention # period is longer than that maximum retention period, then the vault # fails the backup or copy job, and you should either modify your - # lifecycle settings or use a different vault. Recovery points already - # saved in the vault prior to Vault Lock are not affected. + # lifecycle settings or use a different vault. The longest maximum + # retention period you can specify is 36500 days (approximately 100 + # years). Recovery points already saved in the vault prior to Vault + # Lock are not affected. # @return [Integer] # # @!attribute [rw] changeable_for_days @@ -4915,7 +5006,7 @@ class PutBackupVaultLockConfigurationInput < Struct.new( # { # backup_vault_name: "BackupVaultName", # required # sns_topic_arn: "ARN", # required - # backup_vault_events: ["BACKUP_JOB_STARTED"], # required, accepts BACKUP_JOB_STARTED, BACKUP_JOB_COMPLETED, BACKUP_JOB_SUCCESSFUL, BACKUP_JOB_FAILED, BACKUP_JOB_EXPIRED, RESTORE_JOB_STARTED, RESTORE_JOB_COMPLETED, RESTORE_JOB_SUCCESSFUL, RESTORE_JOB_FAILED, COPY_JOB_STARTED, COPY_JOB_SUCCESSFUL, COPY_JOB_FAILED, RECOVERY_POINT_MODIFIED, BACKUP_PLAN_CREATED, BACKUP_PLAN_MODIFIED + # backup_vault_events: ["BACKUP_JOB_STARTED"], # required, accepts BACKUP_JOB_STARTED, BACKUP_JOB_COMPLETED, BACKUP_JOB_SUCCESSFUL, BACKUP_JOB_FAILED, BACKUP_JOB_EXPIRED, RESTORE_JOB_STARTED, RESTORE_JOB_COMPLETED, RESTORE_JOB_SUCCESSFUL, RESTORE_JOB_FAILED, COPY_JOB_STARTED, COPY_JOB_SUCCESSFUL, COPY_JOB_FAILED, RECOVERY_POINT_MODIFIED, BACKUP_PLAN_CREATED, BACKUP_PLAN_MODIFIED, S3_BACKUP_OBJECT_FAILED, S3_RESTORE_OBJECT_FAILED # } # # @!attribute [rw] backup_vault_name @@ -4947,6 +5038,8 @@ class PutBackupVaultLockConfigurationInput < Struct.new( # * `RESTORE_JOB_STARTED` \| `RESTORE_JOB_COMPLETED` \| # `RECOVERY_POINT_MODIFIED` # + # * `S3_BACKUP_OBJECT_FAILED` \| `S3_RESTORE_OBJECT_FAILED` + # # Ignore the list below because it includes deprecated events. Refer # to the list above. # @@ -5057,13 +5150,20 @@ class PutBackupVaultNotificationsInput < Struct.new( # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be - # changed after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. + # The “transition to cold after days” setting cannot be changed after + # a backup has been transitioned to cold. + # + # Only resource types that support full Backup management can + # transition their backups to cold storage. Those resource types are + # listed in the "Full Backup management" section of the [ Feature + # availability by resource][1] table. Backup ignores this expression + # for other resource types. + # + # # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # @return [Types::Lifecycle] # # @!attribute [rw] encryption_key_arn @@ -5644,7 +5744,7 @@ class ServiceUnavailableException < Struct.new( # # @!attribute [rw] complete_window_minutes # A value in minutes during which a successfully started backup must - # complete, or else AWS Backup will cancel the job. This value is + # complete, or else Backup will cancel the job. This value is # optional. This value begins counting down from when the backup was # scheduled. It does not add additional time for `StartWindowMinutes`, # or if the backup started later than scheduled. @@ -5656,13 +5756,20 @@ class ServiceUnavailableException < Struct.new( # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be - # changed after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. + # The “transition to cold after days” setting cannot be changed after + # a backup has been transitioned to cold. + # + # Only resource types that support full Backup management can + # transition their backups to cold storage. Those resource types are + # listed in the "Full Backup management" section of the [ Feature + # availability by resource][1] table. Backup ignores this expression + # for other resource types. + # + # # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # @return [Types::Lifecycle] # # @!attribute [rw] recovery_point_tags @@ -5776,14 +5883,20 @@ class StartBackupJobOutput < Struct.new( # deleted. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, on the console, the “expire - # after days” setting must be 90 days greater than the “transition to - # cold after days” setting. The “transition to cold after days” - # setting cannot be changed after a backup has been transitioned to - # cold. - # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # for a minimum of 90 days. Therefore, on the console, the “retention” + # setting must be 90 days greater than the “transition to cold after + # days” setting. The “transition to cold after days” setting cannot be + # changed after a backup has been transitioned to cold. + # + # Only resource types that support full Backup management can + # transition their backups to cold storage. Those resource types are + # listed in the "Full Backup management" section of the [ Feature + # availability by resource][1] table. Backup ignores this expression + # for other resource types. + # + # + # + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # @return [Types::Lifecycle] # # @see http://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/StartCopyJobInput AWS API Documentation @@ -5942,6 +6055,10 @@ class StartReportJobOutput < Struct.new( # Starts a job to restore a recovery point for one of the following # resources: # + # * `Aurora` for Amazon Aurora + # + # * `DocumentDB` for Amazon DocumentDB (with MongoDB compatibility) + # # * `DynamoDB` for Amazon DynamoDB # # * `EBS` for Amazon Elastic Block Store @@ -5950,11 +6067,17 @@ class StartReportJobOutput < Struct.new( # # * `EFS` for Amazon Elastic File System # - # * `RDS` for Amazon Relational Database Service + # * `FSx` for Amazon FSx # - # * `Aurora` for Amazon Aurora + # * `Neptune` for Amazon Neptune + # + # * `RDS` for Amazon Relational Database Service # # * `Storage Gateway` for Storage Gateway + # + # * `S3` for Amazon S3 + # + # * `VirtualMachine` for virtual machines # @return [String] # # @see http://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/StartRestoreJobInput AWS API Documentation @@ -6304,10 +6427,10 @@ class UpdateGlobalSettingsInput < Struct.new( # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be - # changed after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. + # The “transition to cold after days” setting cannot be changed after + # a backup has been transitioned to cold. # @return [Types::Lifecycle] # # @see http://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/UpdateRecoveryPointLifecycleInput AWS API Documentation @@ -6337,13 +6460,20 @@ class UpdateRecoveryPointLifecycleInput < Struct.new( # backups automatically according to the lifecycle that you define. # # Backups transitioned to cold storage must be stored in cold storage - # for a minimum of 90 days. Therefore, the “expire after days” setting - # must be 90 days greater than the “transition to cold after days” - # setting. The “transition to cold after days” setting cannot be - # changed after a backup has been transitioned to cold. + # for a minimum of 90 days. Therefore, the “retention” setting must be + # 90 days greater than the “transition to cold after days” setting. + # The “transition to cold after days” setting cannot be changed after + # a backup has been transitioned to cold. + # + # Only resource types that support full Backup management can + # transition their backups to cold storage. Those resource types are + # listed in the "Full Backup management" section of the [ Feature + # availability by resource][1] table. Backup ignores this expression + # for other resource types. + # + # # - # Only Amazon EFS file system backups can be transitioned to cold - # storage. + # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource # @return [Types::Lifecycle] # # @!attribute [rw] calculated_lifecycle @@ -6380,12 +6510,15 @@ class UpdateRecoveryPointLifecycleOutput < Struct.new( # @return [Hash] # # @!attribute [rw] resource_type_management_preference - # Enables or disables [ Backup's advanced DynamoDB backup - # features][1] for the Region. + # Enables or disables full Backup management of backups for a resource + # type. To enable full Backup management for DynamoDB along with [ + # Backup's advanced DynamoDB backup features][1], follow the + # procedure to [ enable advanced DynamoDB backup programmatically][2]. # # # # [1]: https://docs.aws.amazon.com/aws-backup/latest/devguide/advanced-ddb-backup.html + # [2]: https://docs.aws.amazon.com/aws-backup/latest/devguide/advanced-ddb-backup.html#advanced-ddb-backup-enable-cli # @return [Hash] # # @see http://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/UpdateRegionSettingsInput AWS API Documentation diff --git a/gems/aws-sdk-cloudwatchevidently/CHANGELOG.md b/gems/aws-sdk-cloudwatchevidently/CHANGELOG.md index 6b5e981a8fa..aeaf25b3768 100644 --- a/gems/aws-sdk-cloudwatchevidently/CHANGELOG.md +++ b/gems/aws-sdk-cloudwatchevidently/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.4.0 (2022-02-17) +------------------ + +* Feature - Add support for filtering list of experiments and launches by status + 1.3.0 (2022-02-03) ------------------ diff --git a/gems/aws-sdk-cloudwatchevidently/VERSION b/gems/aws-sdk-cloudwatchevidently/VERSION index f0bb29e7638..88c5fb891dc 100644 --- a/gems/aws-sdk-cloudwatchevidently/VERSION +++ b/gems/aws-sdk-cloudwatchevidently/VERSION @@ -1 +1 @@ -1.3.0 +1.4.0 diff --git a/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently.rb b/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently.rb index 1585483dad5..f3a45235d5f 100644 --- a/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently.rb +++ b/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently.rb @@ -48,6 +48,6 @@ # @!group service module Aws::CloudWatchEvidently - GEM_VERSION = '1.3.0' + GEM_VERSION = '1.4.0' end diff --git a/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/client.rb b/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/client.rb index 8ba5511fe87..6f708f57d77 100644 --- a/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/client.rb +++ b/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/client.rb @@ -502,11 +502,11 @@ def batch_evaluate_feature(params = {}, options = {}) # { # desired_change: "INCREASE", # accepts INCREASE, DECREASE # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # }, # ], @@ -779,11 +779,11 @@ def create_feature(params = {}, options = {}) # metric_monitors: [ # { # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # }, # ], @@ -1492,6 +1492,10 @@ def get_project(params = {}, options = {}) # @option params [required, String] :project # The name or ARN of the project to return the experiment list from. # + # @option params [String] :status + # Use this optional parameter to limit the returned results to only the + # experiments with the status that you specify here. + # # @return [Types::ListExperimentsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::ListExperimentsResponse#experiments #experiments} => Array<Types::Experiment> @@ -1505,6 +1509,7 @@ def get_project(params = {}, options = {}) # max_results: 1, # next_token: "NextToken", # project: "ProjectRef", # required + # status: "CREATED", # accepts CREATED, UPDATING, RUNNING, COMPLETED, CANCELLED # }) # # @example Response structure @@ -1620,6 +1625,10 @@ def list_features(params = {}, options = {}) # @option params [required, String] :project # The name or ARN of the project to return the launch list from. # + # @option params [String] :status + # Use this optional parameter to limit the returned results to only the + # launches with the status that you specify here. + # # @return [Types::ListLaunchesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::ListLaunchesResponse#launches #launches} => Array<Types::Launch> @@ -1633,6 +1642,7 @@ def list_features(params = {}, options = {}) # max_results: 1, # next_token: "NextToken", # project: "ProjectRef", # required + # status: "CREATED", # accepts CREATED, UPDATING, RUNNING, COMPLETED, CANCELLED # }) # # @example Response structure @@ -2139,11 +2149,11 @@ def untag_resource(params = {}, options = {}) # { # desired_change: "INCREASE", # accepts INCREASE, DECREASE # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # }, # ], @@ -2382,11 +2392,11 @@ def update_feature(params = {}, options = {}) # metric_monitors: [ # { # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # }, # ], @@ -2585,7 +2595,7 @@ def build_request(operation_name, params = {}) params: params, config: config) context[:gem_name] = 'aws-sdk-cloudwatchevidently' - context[:gem_version] = '1.3.0' + context[:gem_version] = '1.4.0' Seahorse::Client::Request.new(handlers, context) end diff --git a/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/client_api.rb b/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/client_api.rb index 14f73989307..e9340df162b 100644 --- a/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/client_api.rb +++ b/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/client_api.rb @@ -541,6 +541,7 @@ module ClientApi ListExperimentsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxExperiments, location: "querystring", location_name: "maxResults")) ListExperimentsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "nextToken")) ListExperimentsRequest.add_member(:project, Shapes::ShapeRef.new(shape: ProjectRef, required: true, location: "uri", location_name: "project")) + ListExperimentsRequest.add_member(:status, Shapes::ShapeRef.new(shape: ExperimentStatus, location: "querystring", location_name: "status")) ListExperimentsRequest.struct_class = Types::ListExperimentsRequest ListExperimentsResponse.add_member(:experiments, Shapes::ShapeRef.new(shape: ExperimentList, location_name: "experiments")) @@ -559,6 +560,7 @@ module ClientApi ListLaunchesRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxLaunches, location: "querystring", location_name: "maxResults")) ListLaunchesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "nextToken")) ListLaunchesRequest.add_member(:project, Shapes::ShapeRef.new(shape: ProjectRef, required: true, location: "uri", location_name: "project")) + ListLaunchesRequest.add_member(:status, Shapes::ShapeRef.new(shape: LaunchStatus, location: "querystring", location_name: "status")) ListLaunchesRequest.struct_class = Types::ListLaunchesRequest ListLaunchesResponse.add_member(:launches, Shapes::ShapeRef.new(shape: LaunchesList, location_name: "launches")) @@ -586,11 +588,11 @@ module ClientApi MetricDefinition.add_member(:value_key, Shapes::ShapeRef.new(shape: JsonPath, location_name: "valueKey")) MetricDefinition.struct_class = Types::MetricDefinition - MetricDefinitionConfig.add_member(:entity_id_key, Shapes::ShapeRef.new(shape: JsonPath, location_name: "entityIdKey")) + MetricDefinitionConfig.add_member(:entity_id_key, Shapes::ShapeRef.new(shape: JsonPath, required: true, location_name: "entityIdKey")) MetricDefinitionConfig.add_member(:event_pattern, Shapes::ShapeRef.new(shape: MetricDefinitionConfigEventPatternString, location_name: "eventPattern", metadata: {"jsonvalue"=>true})) - MetricDefinitionConfig.add_member(:name, Shapes::ShapeRef.new(shape: CwDimensionSafeName, location_name: "name")) + MetricDefinitionConfig.add_member(:name, Shapes::ShapeRef.new(shape: CwDimensionSafeName, required: true, location_name: "name")) MetricDefinitionConfig.add_member(:unit_label, Shapes::ShapeRef.new(shape: MetricUnitLabel, location_name: "unitLabel")) - MetricDefinitionConfig.add_member(:value_key, Shapes::ShapeRef.new(shape: JsonPath, location_name: "valueKey")) + MetricDefinitionConfig.add_member(:value_key, Shapes::ShapeRef.new(shape: JsonPath, required: true, location_name: "valueKey")) MetricDefinitionConfig.struct_class = Types::MetricDefinitionConfig MetricGoal.add_member(:desired_change, Shapes::ShapeRef.new(shape: ChangeDirectionEnum, location_name: "desiredChange")) @@ -977,6 +979,7 @@ module ClientApi o.http_request_uri = "/projects/{project}/experiments/{experiment}" o.input = Shapes::ShapeRef.new(shape: DeleteExperimentRequest) o.output = Shapes::ShapeRef.new(shape: DeleteExperimentResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) o.errors << Shapes::ShapeRef.new(shape: InternalServerException) o.errors << Shapes::ShapeRef.new(shape: ConflictException) o.errors << Shapes::ShapeRef.new(shape: ServiceUnavailableException) @@ -1045,6 +1048,7 @@ module ClientApi o.input = Shapes::ShapeRef.new(shape: GetExperimentRequest) o.output = Shapes::ShapeRef.new(shape: GetExperimentResponse) o.errors << Shapes::ShapeRef.new(shape: ThrottlingException) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) end) @@ -1081,6 +1085,7 @@ module ClientApi o.input = Shapes::ShapeRef.new(shape: GetLaunchRequest) o.output = Shapes::ShapeRef.new(shape: GetLaunchResponse) o.errors << Shapes::ShapeRef.new(shape: ThrottlingException) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) end) @@ -1105,6 +1110,7 @@ module ClientApi o.output = Shapes::ShapeRef.new(shape: ListExperimentsResponse) o.errors << Shapes::ShapeRef.new(shape: ValidationException) o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) o[:pager] = Aws::Pager.new( limit_key: "max_results", tokens: { @@ -1213,6 +1219,7 @@ module ClientApi o.output = Shapes::ShapeRef.new(shape: StartLaunchResponse) o.errors << Shapes::ShapeRef.new(shape: ThrottlingException) o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: ConflictException) o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException) o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) diff --git a/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/types.rb b/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/types.rb index d382cae7418..8e7197538e7 100644 --- a/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/types.rb +++ b/gems/aws-sdk-cloudwatchevidently/lib/aws-sdk-cloudwatchevidently/types.rb @@ -141,11 +141,11 @@ class ConflictException < Struct.new( # { # desired_change: "INCREASE", # accepts INCREASE, DECREASE # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # }, # ], @@ -391,11 +391,11 @@ class CreateFeatureResponse < Struct.new( # metric_monitors: [ # { # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # }, # ], @@ -1757,6 +1757,7 @@ class LaunchGroupConfig < Struct.new( # max_results: 1, # next_token: "NextToken", # project: "ProjectRef", # required + # status: "CREATED", # accepts CREATED, UPDATING, RUNNING, COMPLETED, CANCELLED # } # # @!attribute [rw] max_results @@ -1772,12 +1773,18 @@ class LaunchGroupConfig < Struct.new( # The name or ARN of the project to return the experiment list from. # @return [String] # + # @!attribute [rw] status + # Use this optional parameter to limit the returned results to only + # the experiments with the status that you specify here. + # @return [String] + # # @see http://docs.aws.amazon.com/goto/WebAPI/evidently-2021-02-01/ListExperimentsRequest AWS API Documentation # class ListExperimentsRequest < Struct.new( :max_results, :next_token, - :project) + :project, + :status) SENSITIVE = [] include Aws::Structure end @@ -1859,6 +1866,7 @@ class ListFeaturesResponse < Struct.new( # max_results: 1, # next_token: "NextToken", # project: "ProjectRef", # required + # status: "CREATED", # accepts CREATED, UPDATING, RUNNING, COMPLETED, CANCELLED # } # # @!attribute [rw] max_results @@ -1874,12 +1882,18 @@ class ListFeaturesResponse < Struct.new( # The name or ARN of the project to return the launch list from. # @return [String] # + # @!attribute [rw] status + # Use this optional parameter to limit the returned results to only + # the launches with the status that you specify here. + # @return [String] + # # @see http://docs.aws.amazon.com/goto/WebAPI/evidently-2021-02-01/ListLaunchesRequest AWS API Documentation # class ListLaunchesRequest < Struct.new( :max_results, :next_token, - :project) + :project, + :status) SENSITIVE = [] include Aws::Structure end @@ -2031,11 +2045,11 @@ class MetricDefinition < Struct.new( # data as a hash: # # { - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # } # # @!attribute [rw] entity_id_key @@ -2113,11 +2127,11 @@ class MetricGoal < Struct.new( # { # desired_change: "INCREASE", # accepts INCREASE, DECREASE # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # } # @@ -2165,11 +2179,11 @@ class MetricMonitor < Struct.new( # # { # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # } # @@ -3110,11 +3124,11 @@ class UntagResourceResponse < Aws::EmptyStructure; end # { # desired_change: "INCREASE", # accepts INCREASE, DECREASE # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # }, # ], @@ -3334,11 +3348,11 @@ class UpdateFeatureResponse < Struct.new( # metric_monitors: [ # { # metric_definition: { # required - # entity_id_key: "JsonPath", + # entity_id_key: "JsonPath", # required # event_pattern: "MetricDefinitionConfigEventPatternString", - # name: "CwDimensionSafeName", + # name: "CwDimensionSafeName", # required # unit_label: "MetricUnitLabel", - # value_key: "JsonPath", + # value_key: "JsonPath", # required # }, # }, # ], diff --git a/gems/aws-sdk-iam/CHANGELOG.md b/gems/aws-sdk-iam/CHANGELOG.md index bc795c7e023..586fd5d7f10 100644 --- a/gems/aws-sdk-iam/CHANGELOG.md +++ b/gems/aws-sdk-iam/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.67.0 (2022-02-17) +------------------ + +* Feature - Documentation updates for AWS Identity and Access Management (IAM). + 1.66.0 (2022-02-03) ------------------ diff --git a/gems/aws-sdk-iam/VERSION b/gems/aws-sdk-iam/VERSION index b6148bc0a75..65ee0959841 100644 --- a/gems/aws-sdk-iam/VERSION +++ b/gems/aws-sdk-iam/VERSION @@ -1 +1 @@ -1.66.0 +1.67.0 diff --git a/gems/aws-sdk-iam/lib/aws-sdk-iam.rb b/gems/aws-sdk-iam/lib/aws-sdk-iam.rb index c565e00a2f7..40006671cc4 100644 --- a/gems/aws-sdk-iam/lib/aws-sdk-iam.rb +++ b/gems/aws-sdk-iam/lib/aws-sdk-iam.rb @@ -70,6 +70,6 @@ # @!group service module Aws::IAM - GEM_VERSION = '1.66.0' + GEM_VERSION = '1.67.0' end diff --git a/gems/aws-sdk-iam/lib/aws-sdk-iam/account_password_policy.rb b/gems/aws-sdk-iam/lib/aws-sdk-iam/account_password_policy.rb index f0fadaba06c..394f8581167 100644 --- a/gems/aws-sdk-iam/lib/aws-sdk-iam/account_password_policy.rb +++ b/gems/aws-sdk-iam/lib/aws-sdk-iam/account_password_policy.rb @@ -61,6 +61,10 @@ def require_lowercase_characters end # Specifies whether IAM users are allowed to change their own password. + # Gives IAM users permissions to `iam:ChangePassword` for only their + # user and to the `iam:GetAccountPasswordPolicy` action. This option + # does not attach a permissions policy to each user, rather the + # permissions are applied at the account-level for all users by IAM. # @return [Boolean] def allow_users_to_change_password data[:allow_users_to_change_password] @@ -88,7 +92,11 @@ def password_reuse_prevention end # Specifies whether IAM users are prevented from setting a new password - # after their password has expired. + # via the Amazon Web Services Management Console after their password + # has expired. The IAM user cannot access the console until an + # administrator resets the password. IAM users with `iam:ChangePassword` + # permission and active access keys can reset their own expired console + # password using the CLI or API. # @return [Boolean] def hard_expiry data[:hard_expiry] @@ -290,8 +298,8 @@ def delete(options = {}) # @option options [Boolean] :allow_users_to_change_password # Allows all IAM users in your account to use the Amazon Web Services # Management Console to change their own passwords. For more - # information, see [Letting IAM users change their own passwords][1] in - # the *IAM User Guide*. + # information, see [Permitting IAM users to change their own + # passwords][1] in the *IAM User Guide*. # # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that IAM users in the @@ -300,7 +308,7 @@ def delete(options = {}) # # # - # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html + # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html # @option options [Integer] :max_password_age # The number of days that an IAM user password is valid. # @@ -315,14 +323,26 @@ def delete(options = {}) # uses the default value of `0`. The result is that IAM users are not # prevented from reusing previous passwords. # @option options [Boolean] :hard_expiry - # Prevents IAM users from setting a new password after their password - # has expired. The IAM user cannot be accessed until an administrator - # resets the password. + # Prevents IAM users who are accessing the account via the Amazon Web + # Services Management Console from setting a new console password after + # their password has expired. The IAM user cannot access the console + # until an administrator resets the password. # # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that IAM users can # change their passwords after they expire and continue to sign in as # the user. + # + # In the Amazon Web Services Management Console, the custom password + # policy option **Allow users to change their own password** gives IAM + # users permissions to `iam:ChangePassword` for only their user and to + # the `iam:GetAccountPasswordPolicy` action. This option does not attach + # a permissions policy to each user, rather the permissions are applied + # at the account-level for all users by IAM. IAM users with + # `iam:ChangePassword` permission and active access keys can reset their + # own expired console password using the CLI or API. + # + # # @return [EmptyStructure] def update(options = {}) resp = @client.update_account_password_policy(options) diff --git a/gems/aws-sdk-iam/lib/aws-sdk-iam/client.rb b/gems/aws-sdk-iam/lib/aws-sdk-iam/client.rb index 899eeacd51a..320aa5a13b3 100644 --- a/gems/aws-sdk-iam/lib/aws-sdk-iam/client.rb +++ b/gems/aws-sdk-iam/lib/aws-sdk-iam/client.rb @@ -3991,9 +3991,9 @@ def generate_organizations_access_report(params = {}, options = {}) # Generates a report that includes details about when an IAM resource # (user, group, role, or policy) was last used in an attempt to access # Amazon Web Services services. Recent activity usually appears within - # four hours. IAM reports activity for the last 365 days, or less if - # your Region began supporting this feature within the last year. For - # more information, see [Regions where data is tracked][1]. + # four hours. IAM reports activity for at least the last 400 days, or + # less if your Region began supporting this feature within the last + # year. For more information, see [Regions where data is tracked][1]. # # The service last accessed data includes all attempts to access an # Amazon Web Services API, not just the successful ones. This includes @@ -9107,8 +9107,8 @@ def list_users(params = {}, options = {}) # IAM resource-listing operations return a subset of the available # attributes for the resource. For example, this operation does not # return tags, even though they are an attribute of the returned object. - # To view all of the information for a virtual MFA device, see - # ListVirtualMFADevices. + # To view tag information for a virtual MFA device, see + # ListMFADeviceTags. # # # @@ -11844,15 +11844,13 @@ def update_access_key(params = {}, options = {}) # Updates the password policy settings for the Amazon Web Services # account. # - # * This operation does not support partial updates. No parameters are - # required, but if you do not specify a parameter, that parameter's - # value reverts to its default value. See the **Request Parameters** - # section for each parameter's default value. Also note that some - # parameters do not allow the default parameter to be explicitly set. - # Instead, to invoke the default value, do not include that parameter - # when you invoke the operation. - # - # ^ + # This operation does not support partial updates. No parameters are + # required, but if you do not specify a parameter, that parameter's + # value reverts to its default value. See the **Request Parameters** + # section for each parameter's default value. Also note that some + # parameters do not allow the default parameter to be explicitly set. + # Instead, to invoke the default value, do not include that parameter + # when you invoke the operation. # # # @@ -11906,8 +11904,8 @@ def update_access_key(params = {}, options = {}) # @option params [Boolean] :allow_users_to_change_password # Allows all IAM users in your account to use the Amazon Web Services # Management Console to change their own passwords. For more - # information, see [Letting IAM users change their own passwords][1] in - # the *IAM User Guide*. + # information, see [Permitting IAM users to change their own + # passwords][1] in the *IAM User Guide*. # # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that IAM users in the @@ -11916,7 +11914,7 @@ def update_access_key(params = {}, options = {}) # # # - # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html + # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html # # @option params [Integer] :max_password_age # The number of days that an IAM user password is valid. @@ -11934,15 +11932,27 @@ def update_access_key(params = {}, options = {}) # prevented from reusing previous passwords. # # @option params [Boolean] :hard_expiry - # Prevents IAM users from setting a new password after their password - # has expired. The IAM user cannot be accessed until an administrator - # resets the password. + # Prevents IAM users who are accessing the account via the Amazon Web + # Services Management Console from setting a new console password after + # their password has expired. The IAM user cannot access the console + # until an administrator resets the password. # # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that IAM users can # change their passwords after they expire and continue to sign in as # the user. # + # In the Amazon Web Services Management Console, the custom password + # policy option **Allow users to change their own password** gives IAM + # users permissions to `iam:ChangePassword` for only their user and to + # the `iam:GetAccountPasswordPolicy` action. This option does not attach + # a permissions policy to each user, rather the permissions are applied + # at the account-level for all users by IAM. IAM users with + # `iam:ChangePassword` permission and active access keys can reset their + # own expired console password using the CLI or API. + # + # + # # @return [Struct] Returns an empty {Seahorse::Client::Response response}. # # @@ -13213,7 +13223,7 @@ def build_request(operation_name, params = {}) params: params, config: config) context[:gem_name] = 'aws-sdk-iam' - context[:gem_version] = '1.66.0' + context[:gem_version] = '1.67.0' Seahorse::Client::Request.new(handlers, context) end diff --git a/gems/aws-sdk-iam/lib/aws-sdk-iam/resource.rb b/gems/aws-sdk-iam/lib/aws-sdk-iam/resource.rb index b0d71063eea..6f0771aed8b 100644 --- a/gems/aws-sdk-iam/lib/aws-sdk-iam/resource.rb +++ b/gems/aws-sdk-iam/lib/aws-sdk-iam/resource.rb @@ -142,8 +142,8 @@ def create_account_alias(options = {}) # @option options [Boolean] :allow_users_to_change_password # Allows all IAM users in your account to use the Amazon Web Services # Management Console to change their own passwords. For more - # information, see [Letting IAM users change their own passwords][1] in - # the *IAM User Guide*. + # information, see [Permitting IAM users to change their own + # passwords][1] in the *IAM User Guide*. # # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that IAM users in the @@ -152,7 +152,7 @@ def create_account_alias(options = {}) # # # - # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html + # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html # @option options [Integer] :max_password_age # The number of days that an IAM user password is valid. # @@ -167,14 +167,26 @@ def create_account_alias(options = {}) # uses the default value of `0`. The result is that IAM users are not # prevented from reusing previous passwords. # @option options [Boolean] :hard_expiry - # Prevents IAM users from setting a new password after their password - # has expired. The IAM user cannot be accessed until an administrator - # resets the password. + # Prevents IAM users who are accessing the account via the Amazon Web + # Services Management Console from setting a new console password after + # their password has expired. The IAM user cannot access the console + # until an administrator resets the password. # # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that IAM users can # change their passwords after they expire and continue to sign in as # the user. + # + # In the Amazon Web Services Management Console, the custom password + # policy option **Allow users to change their own password** gives IAM + # users permissions to `iam:ChangePassword` for only their user and to + # the `iam:GetAccountPasswordPolicy` action. This option does not attach + # a permissions policy to each user, rather the permissions are applied + # at the account-level for all users by IAM. IAM users with + # `iam:ChangePassword` permission and active access keys can reset their + # own expired console password using the CLI or API. + # + # # @return [AccountPasswordPolicy] def create_account_password_policy(options = {}) @client.update_account_password_policy(options) diff --git a/gems/aws-sdk-iam/lib/aws-sdk-iam/types.rb b/gems/aws-sdk-iam/lib/aws-sdk-iam/types.rb index c9e32e32e47..d266eeb2366 100644 --- a/gems/aws-sdk-iam/lib/aws-sdk-iam/types.rb +++ b/gems/aws-sdk-iam/lib/aws-sdk-iam/types.rb @@ -8440,7 +8440,11 @@ class OrganizationsDecisionDetail < Struct.new( # # @!attribute [rw] allow_users_to_change_password # Specifies whether IAM users are allowed to change their own - # password. + # password. Gives IAM users permissions to `iam:ChangePassword` for + # only their user and to the `iam:GetAccountPasswordPolicy` action. + # This option does not attach a permissions policy to each user, + # rather the permissions are applied at the account-level for all + # users by IAM. # @return [Boolean] # # @!attribute [rw] expire_passwords @@ -8460,7 +8464,11 @@ class OrganizationsDecisionDetail < Struct.new( # # @!attribute [rw] hard_expiry # Specifies whether IAM users are prevented from setting a new - # password after their password has expired. + # password via the Amazon Web Services Management Console after their + # password has expired. The IAM user cannot access the console until + # an administrator resets the password. IAM users with + # `iam:ChangePassword` permission and active access keys can reset + # their own expired console password using the CLI or API. # @return [Boolean] # # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PasswordPolicy AWS API Documentation @@ -11922,8 +11930,8 @@ class UpdateAccessKeyRequest < Struct.new( # @!attribute [rw] allow_users_to_change_password # Allows all IAM users in your account to use the Amazon Web Services # Management Console to change their own passwords. For more - # information, see [Letting IAM users change their own passwords][1] - # in the *IAM User Guide*. + # information, see [Permitting IAM users to change their own + # passwords][1] in the *IAM User Guide*. # # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that IAM users in @@ -11932,7 +11940,7 @@ class UpdateAccessKeyRequest < Struct.new( # # # - # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html + # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html # @return [Boolean] # # @!attribute [rw] max_password_age @@ -11953,14 +11961,26 @@ class UpdateAccessKeyRequest < Struct.new( # @return [Integer] # # @!attribute [rw] hard_expiry - # Prevents IAM users from setting a new password after their password - # has expired. The IAM user cannot be accessed until an administrator - # resets the password. + # Prevents IAM users who are accessing the account via the Amazon Web + # Services Management Console from setting a new console password + # after their password has expired. The IAM user cannot access the + # console until an administrator resets the password. # # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that IAM users can # change their passwords after they expire and continue to sign in as # the user. + # + # In the Amazon Web Services Management Console, the custom password + # policy option **Allow users to change their own password** gives IAM + # users permissions to `iam:ChangePassword` for only their user and to + # the `iam:GetAccountPasswordPolicy` action. This option does not + # attach a permissions policy to each user, rather the permissions are + # applied at the account-level for all users by IAM. IAM users with + # `iam:ChangePassword` permission and active access keys can reset + # their own expired console password using the CLI or API. + # + # # @return [Boolean] # # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicyRequest AWS API Documentation diff --git a/gems/aws-sdk-redshift/CHANGELOG.md b/gems/aws-sdk-redshift/CHANGELOG.md index 77d8caeb7cb..ab2c1c3354c 100644 --- a/gems/aws-sdk-redshift/CHANGELOG.md +++ b/gems/aws-sdk-redshift/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.78.0 (2022-02-17) +------------------ + +* Feature - SDK release for Cross region datasharing and cost-control for cross region datasharing + 1.77.0 (2022-02-03) ------------------ diff --git a/gems/aws-sdk-redshift/VERSION b/gems/aws-sdk-redshift/VERSION index 79e15fd4937..54227249d1f 100644 --- a/gems/aws-sdk-redshift/VERSION +++ b/gems/aws-sdk-redshift/VERSION @@ -1 +1 @@ -1.77.0 +1.78.0 diff --git a/gems/aws-sdk-redshift/lib/aws-sdk-redshift.rb b/gems/aws-sdk-redshift/lib/aws-sdk-redshift.rb index 6a7ffd56294..02f766c20b3 100644 --- a/gems/aws-sdk-redshift/lib/aws-sdk-redshift.rb +++ b/gems/aws-sdk-redshift/lib/aws-sdk-redshift.rb @@ -49,6 +49,6 @@ # @!group service module Aws::Redshift - GEM_VERSION = '1.77.0' + GEM_VERSION = '1.78.0' end diff --git a/gems/aws-sdk-redshift/lib/aws-sdk-redshift/client.rb b/gems/aws-sdk-redshift/lib/aws-sdk-redshift/client.rb index 2a2a8ff70ed..6cc297e1add 100644 --- a/gems/aws-sdk-redshift/lib/aws-sdk-redshift/client.rb +++ b/gems/aws-sdk-redshift/lib/aws-sdk-redshift/client.rb @@ -463,6 +463,11 @@ def add_partner(params = {}, options = {}) # The Amazon Resource Name (ARN) of the consumer that is associated with # the datashare. # + # @option params [String] :consumer_region + # From a datashare consumer account, associates a datashare with all + # existing and future namespaces in the specified Amazon Web Services + # Region. + # # @return [Types::DataShare] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DataShare#data_share_arn #data_share_arn} => String @@ -477,6 +482,7 @@ def add_partner(params = {}, options = {}) # data_share_arn: "String", # required # associate_entire_account: false, # consumer_arn: "String", + # consumer_region: "String", # }) # # @example Response structure @@ -487,6 +493,7 @@ def add_partner(params = {}, options = {}) # resp.data_share_associations #=> Array # resp.data_share_associations[0].consumer_identifier #=> String # resp.data_share_associations[0].status #=> String, one of "ACTIVE", "PENDING_AUTHORIZATION", "AUTHORIZED", "DEAUTHORIZED", "REJECTED", "AVAILABLE" + # resp.data_share_associations[0].consumer_region #=> String # resp.data_share_associations[0].created_date #=> Time # resp.data_share_associations[0].status_change_date #=> Time # resp.managed_by #=> String @@ -623,6 +630,7 @@ def authorize_cluster_security_group_ingress(params = {}, options = {}) # resp.data_share_associations #=> Array # resp.data_share_associations[0].consumer_identifier #=> String # resp.data_share_associations[0].status #=> String, one of "ACTIVE", "PENDING_AUTHORIZATION", "AUTHORIZED", "DEAUTHORIZED", "REJECTED", "AVAILABLE" + # resp.data_share_associations[0].consumer_region #=> String # resp.data_share_associations[0].created_date #=> Time # resp.data_share_associations[0].status_change_date #=> Time # resp.managed_by #=> String @@ -1213,8 +1221,8 @@ def create_authentication_profile(params = {}, options = {}) # # * Must contain one number. # - # * Can be any printable ASCII character (ASCII code 33 to 126) except - # ' (single quote), " (double quote), \\, /, @, or space. + # * Can be any printable ASCII character (ASCII code 33-126) except ' + # (single quote), " (double quote), \\, /, or @. # # @option params [Array] :cluster_security_groups # A list of security groups to be associated with this cluster. @@ -1418,10 +1426,15 @@ def create_authentication_profile(params = {}, options = {}) # @option params [Array] :iam_roles # A list of Identity and Access Management (IAM) roles that can be used # by the cluster to access other Amazon Web Services services. You must - # supply the IAM roles in their Amazon Resource Name (ARN) format. You - # can supply up to 10 IAM roles in a single request. + # supply the IAM roles in their Amazon Resource Name (ARN) format. + # + # The maximum number of IAM roles that you can associate is subject to a + # quota. For more information, go to [Quotas and limits][1] in the + # *Amazon Redshift Cluster Management Guide*. + # # - # A cluster can have up to 10 IAM roles associated with it at any time. + # + # [1]: https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html # # @option params [String] :maintenance_track_name # An optional parameter for the name of the maintenance track for the @@ -2445,8 +2458,8 @@ def create_scheduled_action(params = {}, options = {}) req.send_request(options) end - # Creates a snapshot copy grant that permits Amazon Redshift to use a - # customer master key (CMK) from Key Management Service (KMS) to encrypt + # Creates a snapshot copy grant that permits Amazon Redshift to use an + # encrypted symmetric key from Key Management Service (KMS) to encrypt # copied snapshots in a destination region. # # For more information about managing snapshot copy grants, go to @@ -2475,9 +2488,9 @@ def create_scheduled_action(params = {}, options = {}) # account. # # @option params [String] :kms_key_id - # The unique identifier of the customer master key (CMK) to which to - # grant Amazon Redshift permission. If no key is specified, the default - # key is used. + # The unique identifier of the encrypted symmetric key to which to grant + # Amazon Redshift permission. If no key is specified, the default key is + # used. # # @option params [Array] :tags # A list of tag instances. @@ -2647,7 +2660,9 @@ def create_tags(params = {}, options = {}) # The type of limit. Depending on the feature type, this can be based on # a time duration or data size. If `FeatureType` is `spectrum`, then # `LimitType` must be `data-scanned`. If `FeatureType` is - # `concurrency-scaling`, then `LimitType` must be `time`. + # `concurrency-scaling`, then `LimitType` must be `time`. If + # `FeatureType` is `cross-region-datasharing`, then `LimitType` must be + # `data-scanned`. # # @option params [required, Integer] :amount # The limit amount. If time-based, this amount is in minutes. If @@ -2681,7 +2696,7 @@ def create_tags(params = {}, options = {}) # # resp = client.create_usage_limit({ # cluster_identifier: "String", # required - # feature_type: "spectrum", # required, accepts spectrum, concurrency-scaling + # feature_type: "spectrum", # required, accepts spectrum, concurrency-scaling, cross-region-datasharing # limit_type: "time", # required, accepts time, data-scanned # amount: 1, # required # period: "daily", # accepts daily, weekly, monthly @@ -2698,7 +2713,7 @@ def create_tags(params = {}, options = {}) # # resp.usage_limit_id #=> String # resp.cluster_identifier #=> String - # resp.feature_type #=> String, one of "spectrum", "concurrency-scaling" + # resp.feature_type #=> String, one of "spectrum", "concurrency-scaling", "cross-region-datasharing" # resp.limit_type #=> String, one of "time", "data-scanned" # resp.amount #=> Integer # resp.period #=> String, one of "daily", "weekly", "monthly" @@ -2751,6 +2766,7 @@ def create_usage_limit(params = {}, options = {}) # resp.data_share_associations #=> Array # resp.data_share_associations[0].consumer_identifier #=> String # resp.data_share_associations[0].status #=> String, one of "ACTIVE", "PENDING_AUTHORIZATION", "AUTHORIZED", "DEAUTHORIZED", "REJECTED", "AVAILABLE" + # resp.data_share_associations[0].consumer_region #=> String # resp.data_share_associations[0].created_date #=> Time # resp.data_share_associations[0].status_change_date #=> Time # resp.managed_by #=> String @@ -4619,6 +4635,7 @@ def describe_clusters(params = {}, options = {}) # resp.data_shares[0].data_share_associations #=> Array # resp.data_shares[0].data_share_associations[0].consumer_identifier #=> String # resp.data_shares[0].data_share_associations[0].status #=> String, one of "ACTIVE", "PENDING_AUTHORIZATION", "AUTHORIZED", "DEAUTHORIZED", "REJECTED", "AVAILABLE" + # resp.data_shares[0].data_share_associations[0].consumer_region #=> String # resp.data_shares[0].data_share_associations[0].created_date #=> Time # resp.data_shares[0].data_share_associations[0].status_change_date #=> Time # resp.data_shares[0].managed_by #=> String @@ -4686,6 +4703,7 @@ def describe_data_shares(params = {}, options = {}) # resp.data_shares[0].data_share_associations #=> Array # resp.data_shares[0].data_share_associations[0].consumer_identifier #=> String # resp.data_shares[0].data_share_associations[0].status #=> String, one of "ACTIVE", "PENDING_AUTHORIZATION", "AUTHORIZED", "DEAUTHORIZED", "REJECTED", "AVAILABLE" + # resp.data_shares[0].data_share_associations[0].consumer_region #=> String # resp.data_shares[0].data_share_associations[0].created_date #=> Time # resp.data_shares[0].data_share_associations[0].status_change_date #=> Time # resp.data_shares[0].managed_by #=> String @@ -4753,6 +4771,7 @@ def describe_data_shares_for_consumer(params = {}, options = {}) # resp.data_shares[0].data_share_associations #=> Array # resp.data_shares[0].data_share_associations[0].consumer_identifier #=> String # resp.data_shares[0].data_share_associations[0].status #=> String, one of "ACTIVE", "PENDING_AUTHORIZATION", "AUTHORIZED", "DEAUTHORIZED", "REJECTED", "AVAILABLE" + # resp.data_shares[0].data_share_associations[0].consumer_region #=> String # resp.data_shares[0].data_share_associations[0].created_date #=> Time # resp.data_shares[0].data_share_associations[0].status_change_date #=> Time # resp.data_shares[0].managed_by #=> String @@ -6578,7 +6597,7 @@ def describe_tags(params = {}, options = {}) # resp = client.describe_usage_limits({ # usage_limit_id: "String", # cluster_identifier: "String", - # feature_type: "spectrum", # accepts spectrum, concurrency-scaling + # feature_type: "spectrum", # accepts spectrum, concurrency-scaling, cross-region-datasharing # max_records: 1, # marker: "String", # tag_keys: ["String"], @@ -6590,7 +6609,7 @@ def describe_tags(params = {}, options = {}) # resp.usage_limits #=> Array # resp.usage_limits[0].usage_limit_id #=> String # resp.usage_limits[0].cluster_identifier #=> String - # resp.usage_limits[0].feature_type #=> String, one of "spectrum", "concurrency-scaling" + # resp.usage_limits[0].feature_type #=> String, one of "spectrum", "concurrency-scaling", "cross-region-datasharing" # resp.usage_limits[0].limit_type #=> String, one of "time", "data-scanned" # resp.usage_limits[0].amount #=> Integer # resp.usage_limits[0].period #=> String, one of "daily", "weekly", "monthly" @@ -6653,10 +6672,10 @@ def disable_logging(params = {}, options = {}) # Disables the automatic copying of snapshots from one region to another # region for a specified cluster. # - # If your cluster and its snapshots are encrypted using a customer - # master key (CMK) from Key Management Service, use - # DeleteSnapshotCopyGrant to delete the grant that grants Amazon - # Redshift permission to the CMK in the destination region. + # If your cluster and its snapshots are encrypted using an encrypted + # symmetric key from Key Management Service, use DeleteSnapshotCopyGrant + # to delete the grant that grants Amazon Redshift permission to the key + # in the destination region. # # @option params [required, String] :cluster_identifier # The unique identifier of the source cluster that you want to disable @@ -6820,6 +6839,11 @@ def disable_snapshot_copy(params = {}, options = {}) # The Amazon Resource Name (ARN) of the consumer that association for # the datashare is removed from. # + # @option params [String] :consumer_region + # From a datashare consumer account, removes association of a datashare + # from all the existing and future namespaces in the specified Amazon + # Web Services Region. + # # @return [Types::DataShare] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DataShare#data_share_arn #data_share_arn} => String @@ -6834,6 +6858,7 @@ def disable_snapshot_copy(params = {}, options = {}) # data_share_arn: "String", # required # disassociate_entire_account: false, # consumer_arn: "String", + # consumer_region: "String", # }) # # @example Response structure @@ -6844,6 +6869,7 @@ def disable_snapshot_copy(params = {}, options = {}) # resp.data_share_associations #=> Array # resp.data_share_associations[0].consumer_identifier #=> String # resp.data_share_associations[0].status #=> String, one of "ACTIVE", "PENDING_AUTHORIZATION", "AUTHORIZED", "DEAUTHORIZED", "REJECTED", "AVAILABLE" + # resp.data_share_associations[0].consumer_region #=> String # resp.data_share_associations[0].created_date #=> Time # resp.data_share_associations[0].status_change_date #=> Time # resp.managed_by #=> String @@ -7611,8 +7637,8 @@ def modify_authentication_profile(params = {}, options = {}) # # * Must contain one number. # - # * Can be any printable ASCII character (ASCII code 33 to 126) except - # ' (single quote), " (double quote), \\, /, @, or space. + # * Can be any printable ASCII character (ASCII code 33-126) except ' + # (single quote), " (double quote), \\, /, or @. # # @option params [String] :cluster_parameter_group_name # The name of the cluster parameter group to apply to this cluster. This @@ -8104,7 +8130,13 @@ def modify_cluster_db_revision(params = {}, options = {}) # can be used by the cluster to access other Amazon Web Services # services. # - # A cluster can have up to 10 IAM roles associated at any time. + # The maximum number of IAM roles that you can associate is subject to a + # quota. For more information, go to [Quotas and limits][1] in the + # *Amazon Redshift Cluster Management Guide*. + # + # + # + # [1]: https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html # # @option params [required, String] :cluster_identifier # The unique identifier of the cluster for which you want to associate @@ -8112,13 +8144,10 @@ def modify_cluster_db_revision(params = {}, options = {}) # # @option params [Array] :add_iam_roles # Zero or more IAM roles to associate with the cluster. The roles must - # be in their Amazon Resource Name (ARN) format. You can associate up to - # 10 IAM roles with a single cluster in a single request. + # be in their Amazon Resource Name (ARN) format. # # @option params [Array] :remove_iam_roles # Zero or more IAM roles in ARN format to disassociate from the cluster. - # You can disassociate up to 10 IAM roles from a single cluster in a - # single request. # # @option params [String] :default_iam_role_arn # The Amazon Resource Name (ARN) for the IAM role that was set as @@ -9201,7 +9230,7 @@ def modify_snapshot_schedule(params = {}, options = {}) # # resp.usage_limit_id #=> String # resp.cluster_identifier #=> String - # resp.feature_type #=> String, one of "spectrum", "concurrency-scaling" + # resp.feature_type #=> String, one of "spectrum", "concurrency-scaling", "cross-region-datasharing" # resp.limit_type #=> String, one of "time", "data-scanned" # resp.amount #=> Integer # resp.period #=> String, one of "daily", "weekly", "monthly" @@ -9607,6 +9636,7 @@ def reboot_cluster(params = {}, options = {}) # resp.data_share_associations #=> Array # resp.data_share_associations[0].consumer_identifier #=> String # resp.data_share_associations[0].status #=> String, one of "ACTIVE", "PENDING_AUTHORIZATION", "AUTHORIZED", "DEAUTHORIZED", "REJECTED", "AVAILABLE" + # resp.data_share_associations[0].consumer_region #=> String # resp.data_share_associations[0].created_date #=> Time # resp.data_share_associations[0].status_change_date #=> Time # resp.managed_by #=> String @@ -10102,10 +10132,15 @@ def resize_cluster(params = {}, options = {}) # @option params [Array] :iam_roles # A list of Identity and Access Management (IAM) roles that can be used # by the cluster to access other Amazon Web Services services. You must - # supply the IAM roles in their Amazon Resource Name (ARN) format. You - # can supply up to 10 IAM roles in a single request. + # supply the IAM roles in their Amazon Resource Name (ARN) format. + # + # The maximum number of IAM roles that you can associate is subject to a + # quota. For more information, go to [Quotas and limits][1] in the + # *Amazon Redshift Cluster Management Guide*. + # + # # - # A cluster can have up to 10 IAM roles associated at any time. + # [1]: https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html # # @option params [String] :maintenance_track_name # The name of the maintenance track for the restored cluster. When you @@ -10996,7 +11031,7 @@ def build_request(operation_name, params = {}) params: params, config: config) context[:gem_name] = 'aws-sdk-redshift' - context[:gem_version] = '1.77.0' + context[:gem_version] = '1.78.0' Seahorse::Client::Request.new(handlers, context) end diff --git a/gems/aws-sdk-redshift/lib/aws-sdk-redshift/client_api.rb b/gems/aws-sdk-redshift/lib/aws-sdk-redshift/client_api.rb index e942629e21b..58dcf1e0a06 100644 --- a/gems/aws-sdk-redshift/lib/aws-sdk-redshift/client_api.rb +++ b/gems/aws-sdk-redshift/lib/aws-sdk-redshift/client_api.rb @@ -568,6 +568,7 @@ module ClientApi AssociateDataShareConsumerMessage.add_member(:data_share_arn, Shapes::ShapeRef.new(shape: String, required: true, location_name: "DataShareArn")) AssociateDataShareConsumerMessage.add_member(:associate_entire_account, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "AssociateEntireAccount")) AssociateDataShareConsumerMessage.add_member(:consumer_arn, Shapes::ShapeRef.new(shape: String, location_name: "ConsumerArn")) + AssociateDataShareConsumerMessage.add_member(:consumer_region, Shapes::ShapeRef.new(shape: String, location_name: "ConsumerRegion")) AssociateDataShareConsumerMessage.struct_class = Types::AssociateDataShareConsumerMessage AssociatedClusterList.member = Shapes::ShapeRef.new(shape: ClusterAssociatedToSchedule, location_name: "ClusterAssociatedToSchedule") @@ -1055,6 +1056,7 @@ module ClientApi DataShareAssociation.add_member(:consumer_identifier, Shapes::ShapeRef.new(shape: String, location_name: "ConsumerIdentifier")) DataShareAssociation.add_member(:status, Shapes::ShapeRef.new(shape: DataShareStatus, location_name: "Status")) + DataShareAssociation.add_member(:consumer_region, Shapes::ShapeRef.new(shape: String, location_name: "ConsumerRegion")) DataShareAssociation.add_member(:created_date, Shapes::ShapeRef.new(shape: TStamp, location_name: "CreatedDate")) DataShareAssociation.add_member(:status_change_date, Shapes::ShapeRef.new(shape: TStamp, location_name: "StatusChangeDate")) DataShareAssociation.struct_class = Types::DataShareAssociation @@ -1426,6 +1428,7 @@ module ClientApi DisassociateDataShareConsumerMessage.add_member(:data_share_arn, Shapes::ShapeRef.new(shape: String, required: true, location_name: "DataShareArn")) DisassociateDataShareConsumerMessage.add_member(:disassociate_entire_account, Shapes::ShapeRef.new(shape: BooleanOptional, location_name: "DisassociateEntireAccount")) DisassociateDataShareConsumerMessage.add_member(:consumer_arn, Shapes::ShapeRef.new(shape: String, location_name: "ConsumerArn")) + DisassociateDataShareConsumerMessage.add_member(:consumer_region, Shapes::ShapeRef.new(shape: String, location_name: "ConsumerRegion")) DisassociateDataShareConsumerMessage.struct_class = Types::DisassociateDataShareConsumerMessage EC2SecurityGroup.add_member(:status, Shapes::ShapeRef.new(shape: String, location_name: "Status")) diff --git a/gems/aws-sdk-redshift/lib/aws-sdk-redshift/types.rb b/gems/aws-sdk-redshift/lib/aws-sdk-redshift/types.rb index ef6cb2ababb..c44c7f9a027 100644 --- a/gems/aws-sdk-redshift/lib/aws-sdk-redshift/types.rb +++ b/gems/aws-sdk-redshift/lib/aws-sdk-redshift/types.rb @@ -157,6 +157,7 @@ class AquaConfiguration < Struct.new( # data_share_arn: "String", # required # associate_entire_account: false, # consumer_arn: "String", + # consumer_region: "String", # } # # @!attribute [rw] data_share_arn @@ -174,12 +175,19 @@ class AquaConfiguration < Struct.new( # with the datashare. # @return [String] # + # @!attribute [rw] consumer_region + # From a datashare consumer account, associates a datashare with all + # existing and future namespaces in the specified Amazon Web Services + # Region. + # @return [String] + # # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/AssociateDataShareConsumerMessage AWS API Documentation # class AssociateDataShareConsumerMessage < Struct.new( :data_share_arn, :associate_entire_account, - :consumer_arn) + :consumer_arn, + :consumer_region) SENSITIVE = [] include Aws::Structure end @@ -1983,8 +1991,8 @@ class CreateAuthenticationProfileResult < Struct.new( # # * Must contain one number. # - # * Can be any printable ASCII character (ASCII code 33 to 126) except - # ' (single quote), " (double quote), \\, /, @, or space. + # * Can be any printable ASCII character (ASCII code 33-126) except ' + # (single quote), " (double quote), \\, /, or @. # @return [String] # # @!attribute [rw] cluster_security_groups @@ -2213,10 +2221,15 @@ class CreateAuthenticationProfileResult < Struct.new( # A list of Identity and Access Management (IAM) roles that can be # used by the cluster to access other Amazon Web Services services. # You must supply the IAM roles in their Amazon Resource Name (ARN) - # format. You can supply up to 10 IAM roles in a single request. + # format. + # + # The maximum number of IAM roles that you can associate is subject to + # a quota. For more information, go to [Quotas and limits][1] in the + # *Amazon Redshift Cluster Management Guide*. + # + # # - # A cluster can have up to 10 IAM roles associated with it at any - # time. + # [1]: https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html # @return [Array] # # @!attribute [rw] maintenance_track_name @@ -2997,7 +3010,7 @@ class CreateScheduledActionMessage < Struct.new( # @return [String] # # @!attribute [rw] kms_key_id - # The unique identifier of the customer master key (CMK) to which to + # The unique identifier of the encrypted symmetric key to which to # grant Amazon Redshift permission. If no key is specified, the # default key is used. # @return [String] @@ -3018,8 +3031,8 @@ class CreateSnapshotCopyGrantMessage < Struct.new( # @!attribute [rw] snapshot_copy_grant # The snapshot copy grant that grants Amazon Redshift permission to - # encrypt copied snapshots with the specified customer master key - # (CMK) from Amazon Web Services KMS in the destination region. + # encrypt copied snapshots with the specified encrypted symmetric key + # from Amazon Web Services KMS in the destination region. # # For more information about managing snapshot copy grants, go to # [Amazon Redshift Database Encryption][1] in the *Amazon Redshift @@ -3138,7 +3151,7 @@ class CreateTagsMessage < Struct.new( # # { # cluster_identifier: "String", # required - # feature_type: "spectrum", # required, accepts spectrum, concurrency-scaling + # feature_type: "spectrum", # required, accepts spectrum, concurrency-scaling, cross-region-datasharing # limit_type: "time", # required, accepts time, data-scanned # amount: 1, # required # period: "daily", # accepts daily, weekly, monthly @@ -3163,7 +3176,9 @@ class CreateTagsMessage < Struct.new( # The type of limit. Depending on the feature type, this can be based # on a time duration or data size. If `FeatureType` is `spectrum`, # then `LimitType` must be `data-scanned`. If `FeatureType` is - # `concurrency-scaling`, then `LimitType` must be `time`. + # `concurrency-scaling`, then `LimitType` must be `time`. If + # `FeatureType` is `cross-region-datasharing`, then `LimitType` must + # be `data-scanned`. # @return [String] # # @!attribute [rw] amount @@ -3268,6 +3283,11 @@ class DataShare < Struct.new( # The status of the datashare that is associated. # @return [String] # + # @!attribute [rw] consumer_region + # The Amazon Web Services Region of the consumer accounts that have an + # association with a producer datashare. + # @return [String] + # # @!attribute [rw] created_date # The creation date of the datashare that is associated. # @return [Time] @@ -3281,6 +3301,7 @@ class DataShare < Struct.new( class DataShareAssociation < Struct.new( :consumer_identifier, :status, + :consumer_region, :created_date, :status_change_date) SENSITIVE = [] @@ -6076,7 +6097,7 @@ class DescribeTagsMessage < Struct.new( # { # usage_limit_id: "String", # cluster_identifier: "String", - # feature_type: "spectrum", # accepts spectrum, concurrency-scaling + # feature_type: "spectrum", # accepts spectrum, concurrency-scaling, cross-region-datasharing # max_records: 1, # marker: "String", # tag_keys: ["String"], @@ -6215,6 +6236,7 @@ class DisableSnapshotCopyResult < Struct.new( # data_share_arn: "String", # required # disassociate_entire_account: false, # consumer_arn: "String", + # consumer_region: "String", # } # # @!attribute [rw] data_share_arn @@ -6232,12 +6254,19 @@ class DisableSnapshotCopyResult < Struct.new( # the datashare is removed from. # @return [String] # + # @!attribute [rw] consumer_region + # From a datashare consumer account, removes association of a + # datashare from all the existing and future namespaces in the + # specified Amazon Web Services Region. + # @return [String] + # # @see http://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/DisassociateDataShareConsumerMessage AWS API Documentation # class DisassociateDataShareConsumerMessage < Struct.new( :data_share_arn, :disassociate_entire_account, - :consumer_arn) + :consumer_arn, + :consumer_region) SENSITIVE = [] include Aws::Structure end @@ -7852,14 +7881,12 @@ class ModifyClusterDbRevisionResult < Struct.new( # # @!attribute [rw] add_iam_roles # Zero or more IAM roles to associate with the cluster. The roles must - # be in their Amazon Resource Name (ARN) format. You can associate up - # to 10 IAM roles with a single cluster in a single request. + # be in their Amazon Resource Name (ARN) format. # @return [Array] # # @!attribute [rw] remove_iam_roles # Zero or more IAM roles in ARN format to disassociate from the - # cluster. You can disassociate up to 10 IAM roles from a single - # cluster in a single request. + # cluster. # @return [Array] # # @!attribute [rw] default_iam_role_arn @@ -8085,8 +8112,8 @@ class ModifyClusterMaintenanceResult < Struct.new( # # * Must contain one number. # - # * Can be any printable ASCII character (ASCII code 33 to 126) except - # ' (single quote), " (double quote), \\, /, @, or space. + # * Can be any printable ASCII character (ASCII code 33-126) except ' + # (single quote), " (double quote), \\, /, or @. # @return [String] # # @!attribute [rw] cluster_parameter_group_name @@ -10298,9 +10325,15 @@ class ResourceNotFoundFault < Aws::EmptyStructure; end # A list of Identity and Access Management (IAM) roles that can be # used by the cluster to access other Amazon Web Services services. # You must supply the IAM roles in their Amazon Resource Name (ARN) - # format. You can supply up to 10 IAM roles in a single request. + # format. + # + # The maximum number of IAM roles that you can associate is subject to + # a quota. For more information, go to [Quotas and limits][1] in the + # *Amazon Redshift Cluster Management Guide*. + # + # # - # A cluster can have up to 10 IAM roles associated at any time. + # [1]: https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html # @return [Array] # # @!attribute [rw] maintenance_track_name @@ -11269,7 +11302,7 @@ class SnapshotCopyAlreadyEnabledFault < Aws::EmptyStructure; end class SnapshotCopyDisabledFault < Aws::EmptyStructure; end # The snapshot copy grant that grants Amazon Redshift permission to - # encrypt copied snapshots with the specified customer master key (CMK) + # encrypt copied snapshots with the specified encrypted symmetric key # from Amazon Web Services KMS in the destination region. # # For more information about managing snapshot copy grants, go to @@ -11285,7 +11318,7 @@ class SnapshotCopyDisabledFault < Aws::EmptyStructure; end # @return [String] # # @!attribute [rw] kms_key_id - # The unique identifier of the customer master key (CMK) in Amazon Web + # The unique identifier of the encrypted symmetric key in Amazon Web # Services KMS to which Amazon Redshift is granted permission. # @return [String] #