diff --git a/README.md b/README.md index 64fbcc8f166..e1adf4b1c13 100644 --- a/README.md +++ b/README.md @@ -623,6 +623,7 @@ RubyGems.org page under "LINKS" section. | FinSpace User Environment Management service | Aws::Finspace | aws-sdk-finspace | 2021-03-12 | | Firewall Management Service | Aws::FMS | aws-sdk-fms | 2018-01-01 | | GameSparks | Aws::GameSparks | aws-sdk-gamesparks | 2021-08-17 | +| IAM Roles Anywhere | Aws::RolesAnywhere | aws-sdk-rolesanywhere | 2018-05-10 | | Inspector2 | Aws::Inspector2 | aws-sdk-inspector2 | 2020-06-08 | | Managed Streaming for Kafka | Aws::Kafka | aws-sdk-kafka | 2018-11-14 | | Managed Streaming for Kafka Connect | Aws::KafkaConnect | aws-sdk-kafkaconnect | 2021-09-14 | diff --git a/apis/config/2014-11-12/docs-2.json b/apis/config/2014-11-12/docs-2.json index 4bc7364c223..572df67876e 100644 --- a/apis/config/2014-11-12/docs-2.json +++ b/apis/config/2014-11-12/docs-2.json @@ -37,9 +37,9 @@ "DescribeDeliveryChannelStatus": "

Returns the current status of the specified delivery channel. If a delivery channel is not specified, this action returns the current status of all delivery channels associated with the account.

Currently, you can specify only one delivery channel per region in your account.

", "DescribeDeliveryChannels": "

Returns details about the specified delivery channel. If a delivery channel is not specified, this action returns the details of all delivery channels associated with the account.

Currently, you can specify only one delivery channel per region in your account.

", "DescribeOrganizationConfigRuleStatuses": "

Provides organization Config rule deployment status for an organization.

The status is not considered successful until organization Config rule is successfully deployed in all the member accounts with an exception of excluded accounts.

When you specify the limit and the next token, you receive a paginated response. Limit and next token are not applicable if you specify organization Config rule names. It is only applicable, when you request all the organization Config rules.

", - "DescribeOrganizationConfigRules": "

Returns a list of organization Config rules.

When you specify the limit and the next token, you receive a paginated response. Limit and next token are not applicable if you specify organization Config rule names. It is only applicable, when you request all the organization Config rules.

", + "DescribeOrganizationConfigRules": "

Returns a list of organization Config rules.

When you specify the limit and the next token, you receive a paginated response.

Limit and next token are not applicable if you specify organization Config rule names. It is only applicable, when you request all the organization Config rules.

For accounts within an organzation

If you deploy an organizational rule or conformance pack in an organization administrator account, and then establish a delegated administrator and deploy an organizational rule or conformance pack in the delegated administrator account, you won't be able to see the organizational rule or conformance pack in the organization administrator account from the delegated administrator account or see the organizational rule or conformance pack in the delegated administrator account from organization administrator account. The DescribeOrganizationConfigRules and DescribeOrganizationConformancePacks APIs can only see and interact with the organization-related resource that were deployed from within the account calling those APIs.

", "DescribeOrganizationConformancePackStatuses": "

Provides organization conformance pack deployment status for an organization.

The status is not considered successful until organization conformance pack is successfully deployed in all the member accounts with an exception of excluded accounts.

When you specify the limit and the next token, you receive a paginated response. Limit and next token are not applicable if you specify organization conformance pack names. They are only applicable, when you request all the organization conformance packs.

", - "DescribeOrganizationConformancePacks": "

Returns a list of organization conformance packs.

When you specify the limit and the next token, you receive a paginated response.

Limit and next token are not applicable if you specify organization conformance packs names. They are only applicable, when you request all the organization conformance packs.

", + "DescribeOrganizationConformancePacks": "

Returns a list of organization conformance packs.

When you specify the limit and the next token, you receive a paginated response.

Limit and next token are not applicable if you specify organization conformance packs names. They are only applicable, when you request all the organization conformance packs.

For accounts within an organzation

If you deploy an organizational rule or conformance pack in an organization administrator account, and then establish a delegated administrator and deploy an organizational rule or conformance pack in the delegated administrator account, you won't be able to see the organizational rule or conformance pack in the organization administrator account from the delegated administrator account or see the organizational rule or conformance pack in the delegated administrator account from organization administrator account. The DescribeOrganizationConfigRules and DescribeOrganizationConformancePacks APIs can only see and interact with the organization-related resource that were deployed from within the account calling those APIs.

", "DescribePendingAggregationRequests": "

Returns a list of all pending aggregation requests.

", "DescribeRemediationConfigurations": "

Returns the details of one or more remediation configurations.

", "DescribeRemediationExceptions": "

Returns the details of one or more remediation exceptions. A detailed view of a remediation exception for a set of resources that includes an explanation of an exception and the time when the exception will be deleted. When you specify the limit and the next token, you receive a paginated response.

Config generates a remediation exception when a problem occurs executing a remediation action to a specific resource. Remediation exceptions blocks auto-remediation until the exception is cleared.

When you specify the limit and the next token, you receive a paginated response.

Limit and next token are not applicable if you request resources in batch. It is only applicable, when you request all resources.

", @@ -76,8 +76,8 @@ "PutEvaluations": "

Used by an Lambda function to deliver evaluation results to Config. This action is required in every Lambda function that is invoked by an Config rule.

", "PutExternalEvaluation": "

Add or updates the evaluations for process checks. This API checks if the rule is a process check when the name of the Config rule is provided.

", "PutOrganizationConfigRule": "

Adds or updates organization Config rule for your entire organization evaluating whether your Amazon Web Services resources comply with your desired configurations.

Only a master account and a delegated administrator can create or update an organization Config rule. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added.

This API enables organization service access through the EnableAWSServiceAccess action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service linked role is created only when the role does not exist in the caller account. Config verifies the existence of role with GetRole action.

To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegated-administrator for config-multiaccountsetup.amazonaws.com.

You can use this action to create both Config custom rules and Config managed rules. If you are adding a new Config custom rule, you must first create Lambda function in the master account or a delegated administrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed-account that can be assumed by the Lambda function. When you use the PutOrganizationConfigRule action to add the rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. If you are adding an Config managed rule, specify the rule's identifier for the RuleIdentifier key.

The maximum number of organization Config rules that Config supports is 150 and 3 delegated administrator per organization.

Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.

Specify either OrganizationCustomRuleMetadata or OrganizationManagedRuleMetadata.

", - "PutOrganizationConformancePack": "

Deploys conformance packs across member accounts in an Amazon Web Services Organization.

Only a master account and a delegated administrator can call this API. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added.

This API enables organization service access for config-multiaccountsetup.amazonaws.com through the EnableAWSServiceAccess action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service linked role is created only when the role does not exist in the caller account. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegate-admin for config-multiaccountsetup.amazonaws.com.

Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.

You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.

Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. You cannot update a conformance pack while it is in this state.

You can create 50 conformance packs with 25 Config rules in each pack and 3 delegated administrator per organization.

", - "PutRemediationConfigurations": "

Adds or updates the remediation configuration with a specific Config rule with the selected target or action. The API creates the RemediationConfiguration object for the Config rule. The Config rule must already exist for you to add a remediation configuration. The target (SSM document) must exist and have permissions to use the target.

If you make backward incompatible changes to the SSM document, you must call this again to ensure the remediations can run.

This API does not support adding remediation configurations for service-linked Config Rules such as Organization Config rules, the rules deployed by conformance packs, and rules deployed by Amazon Web Services Security Hub.

", + "PutOrganizationConformancePack": "

Deploys conformance packs across member accounts in an Amazon Web Services Organization. For information on how many organization conformance packs and how many Config rules you can have per account, see Service Limits in the Config Developer Guide.

Only a master account and a delegated administrator can call this API. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators.

This API enables organization service access for config-multiaccountsetup.amazonaws.com through the EnableAWSServiceAccess action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service linked role is created only when the role does not exist in the caller account. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegate-admin for config-multiaccountsetup.amazonaws.com.

Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.

You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.

Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. You cannot update a conformance pack while it is in this state.

", + "PutRemediationConfigurations": "

Adds or updates the remediation configuration with a specific Config rule with the selected target or action. The API creates the RemediationConfiguration object for the Config rule. The Config rule must already exist for you to add a remediation configuration. The target (SSM document) must exist and have permissions to use the target.

If you make backward incompatible changes to the SSM document, you must call this again to ensure the remediations can run.

This API does not support adding remediation configurations for service-linked Config Rules such as Organization Config rules, the rules deployed by conformance packs, and rules deployed by Amazon Web Services Security Hub.

For manual remediation configuration, you need to provide a value for automationAssumeRole or use a value in the assumeRolefield to remediate your resources. The SSM automation document can use either as long as it maps to a valid parameter.

However, for automatic remediation configuration, the only valid assumeRole field value is AutomationAssumeRole and you need to provide a value for AutomationAssumeRole to remediate your resources.

", "PutRemediationExceptions": "

A remediation exception is when a specific resource is no longer considered for auto-remediation. This API adds a new exception or updates an existing exception for a specific resource with a specific Config rule.

Config generates a remediation exception when a problem occurs executing a remediation action to a specific resource. Remediation exceptions blocks auto-remediation until the exception is cleared.

", "PutResourceConfig": "

Records the configuration state for the resource provided in the request. The configuration state of a resource is represented in Config as Configuration Items. Once this API records the configuration item, you can retrieve the list of configuration items for the custom resource type using existing Config APIs.

The custom resource type must be registered with CloudFormation. This API accepts the configuration item registered with CloudFormation.

When you call this API, Config only stores configuration state of the resource provided in the request. This API does not change or remediate the configuration of the resource.

Write-only schema properites are not recorded as part of the published configuration item.

", "PutRetentionConfiguration": "

Creates and updates the retention configuration with details about retention period (number of days) that Config stores your historical information. The API creates the RetentionConfiguration object and names the object as default. When you have a RetentionConfiguration object named default, calling the API modifies the default object.

Currently, Config supports only one retention configuration per region in your account.

", @@ -2002,12 +2002,12 @@ "MaximumExecutionFrequency": { "base": null, "refs": { - "ConfigRule$MaximumExecutionFrequency": "

The maximum frequency with which Config runs evaluations for a rule. You can specify a value for MaximumExecutionFrequency when:

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

", + "ConfigRule$MaximumExecutionFrequency": "

The maximum frequency with which Config runs evaluations for a rule. You can specify a value for MaximumExecutionFrequency when:

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

", "ConfigSnapshotDeliveryProperties$deliveryFrequency": "

The frequency with which Config delivers configuration snapshots.

", "OrganizationCustomPolicyRuleMetadata$MaximumExecutionFrequency": "

The maximum frequency with which Config runs evaluations for a rule. Your Config Custom Policy rule is triggered when Config delivers the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties.

", "OrganizationCustomPolicyRuleMetadataNoPolicy$MaximumExecutionFrequency": "

The maximum frequency with which Config runs evaluations for a rule. Your Config Custom Policy rule is triggered when Config delivers the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties.

", "OrganizationCustomRuleMetadata$MaximumExecutionFrequency": "

The maximum frequency with which Config runs evaluations for a rule. Your custom rule is triggered when Config delivers the configuration snapshot. For more information, see ConfigSnapshotDeliveryProperties.

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

", - "OrganizationManagedRuleMetadata$MaximumExecutionFrequency": "

The maximum frequency with which Config runs evaluations for a rule. You are using an Config managed rule that is triggered at a periodic frequency.

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

", + "OrganizationManagedRuleMetadata$MaximumExecutionFrequency": "

The maximum frequency with which Config runs evaluations for a rule. This is for an Config managed rule that is triggered at a periodic frequency.

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

", "SourceDetail$MaximumExecutionFrequency": "

The frequency at which you want Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for MaximumExecutionFrequency, then MessageType must use the ScheduledNotification value.

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the MaximumExecutionFrequency parameter.

Based on the valid value you choose, Config runs evaluations once for each valid value. For example, if you choose Three_Hours, Config runs evaluations once every three hours. In this case, Three_Hours is the frequency of this rule.

" } }, @@ -3155,7 +3155,7 @@ "ConfigRuleEvaluationStatus$LastDebugLogDeliveryStatusReason": "

The reason Config was not able to deliver a debug log. This is for the last failed attempt to retrieve a debug log for your Config Custom Policy rules.

", "ConfigStreamDeliveryInfo$lastErrorCode": "

The error code from the last attempted delivery.

", "ConfigStreamDeliveryInfo$lastErrorMessage": "

The error message from the last attempted delivery.

", - "ConfigurationRecorder$roleARN": "

Amazon Resource Name (ARN) of the IAM role used to describe the Amazon Web Services resources associated with the account.

", + "ConfigurationRecorder$roleARN": "

Amazon Resource Name (ARN) of the IAM role used to describe the Amazon Web Services resources associated with the account.

While the API model does not require this field, the server will reject a request without a defined roleARN for the configuration recorder.

", "ConfigurationRecorderStatus$name": "

The name of the configuration recorder.

", "ConfigurationRecorderStatus$lastErrorCode": "

The error code indicating that the recording failed.

", "ConfigurationRecorderStatus$lastErrorMessage": "

The message indicating that the recording failed due to an error.

", @@ -3394,7 +3394,7 @@ "base": null, "refs": { "ConfigurationItem$tags": "

A mapping of key value tags associated with the resource.

", - "PutResourceConfigRequest$Tags": "

Tags associated with the resource.

" + "PutResourceConfigRequest$Tags": "

Tags associated with the resource.

This field is not to be confused with the Amazon Web Services-wide tag feature for Amazon Web Services resources. Tags for PutResourceConfig are tags that you supply for the configuration items of your custom resources.

" } }, "TagsList": { diff --git a/apis/models.lex.v2/2020-08-07/api-2.json b/apis/models.lex.v2/2020-08-07/api-2.json index 1a2766d3b5a..71de8f65aa2 100644 --- a/apis/models.lex.v2/2020-08-07/api-2.json +++ b/apis/models.lex.v2/2020-08-07/api-2.json @@ -4130,6 +4130,13 @@ "max":5, "min":1 }, + "MessageSelectionStrategy":{ + "type":"string", + "enum":[ + "Random", + "Ordered" + ] + }, "MessageVariationsList":{ "type":"list", "member":{"shape":"Message"}, @@ -4295,7 +4302,8 @@ "members":{ "messageGroups":{"shape":"MessageGroupsList"}, "maxRetries":{"shape":"PromptMaxRetries"}, - "allowInterrupt":{"shape":"BoxedBoolean"} + "allowInterrupt":{"shape":"BoxedBoolean"}, + "messageSelectionStrategy":{"shape":"MessageSelectionStrategy"} } }, "QueryFilterString":{ diff --git a/apis/models.lex.v2/2020-08-07/docs-2.json b/apis/models.lex.v2/2020-08-07/docs-2.json index 8b81520a4da..18752f72043 100644 --- a/apis/models.lex.v2/2020-08-07/docs-2.json +++ b/apis/models.lex.v2/2020-08-07/docs-2.json @@ -421,7 +421,7 @@ } }, "BotRecommendationResults": { - "base": "

The object representing the URL of the bot definition, the URL of the associated transcript and a statistical summary of the bot recommendation results.

", + "base": "

The object representing the URL of the bot definition, the URL of the associated transcript, and a statistical summary of the bot recommendation results.

", "refs": { "DescribeBotRecommendationResponse$botRecommendationResults": "

The object representing the URL of the bot definition, the URL of the associated transcript and a statistical summary of the bot recommendation results.

" } @@ -1353,7 +1353,7 @@ "ExportStatus": { "base": null, "refs": { - "CreateExportResponse$exportStatus": "

The status of the export. When the status is Completed, you can use the DescribeExport operation to get the pre-signed S3 URL link to your exported bot or bot locale.

", + "CreateExportResponse$exportStatus": "

The status of the export. When the status is Completed, you can use the DescribeExport operation to get the pre-signed S3 URL link to your exported bot or bot locale.

", "DeleteExportResponse$exportStatus": "

The current status of the deletion. When the deletion is complete, the export will no longer be returned by the ListExports operation and calls to the DescribeExport operation with the export identifier will fail.

", "DescribeExportResponse$exportStatus": "

The status of the export. When the status is Complete the export archive file is available for download.

", "ExportSummary$exportStatus": "

The status of the export. When the status is Completed the export is ready to download.

", @@ -2192,6 +2192,12 @@ "StillWaitingResponseSpecification$messageGroups": "

One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.

" } }, + "MessageSelectionStrategy": { + "base": null, + "refs": { + "PromptSpecification$messageSelectionStrategy": "

Indicates how a message is selected from a message group among retries.

" + } + }, "MessageVariationsList": { "base": null, "refs": { @@ -3124,7 +3130,7 @@ "Transcript": { "base": null, "refs": { - "AssociatedTranscript$transcript": "

The content of the transcript that meets the search filter criteria. For the JSON format of the transcript, see Output transcript format.

" + "AssociatedTranscript$transcript": "

The content of the transcript that meets the search filter criteria. For the JSON format of the transcript, see Output transcript format.

" } }, "TranscriptFilter": { diff --git a/apis/quicksight/2018-04-01/api-2.json b/apis/quicksight/2018-04-01/api-2.json index 62fb936e1c3..7e5713a4d97 100644 --- a/apis/quicksight/2018-04-01/api-2.json +++ b/apis/quicksight/2018-04-01/api-2.json @@ -47,6 +47,26 @@ {"shape":"ResourceUnavailableException"} ] }, + "CreateAccountSubscription":{ + "name":"CreateAccountSubscription", + "http":{ + "method":"POST", + "requestUri":"/account/{AwsAccountId}" + }, + "input":{"shape":"CreateAccountSubscriptionRequest"}, + "output":{"shape":"CreateAccountSubscriptionResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"InvalidParameterValueException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ResourceExistsException"}, + {"shape":"PreconditionNotMetException"}, + {"shape":"ConflictException"}, + {"shape":"InternalFailureException"}, + {"shape":"ResourceUnavailableException"} + ] + }, "CreateAnalysis":{ "name":"CreateAnalysis", "http":{ @@ -664,6 +684,23 @@ {"shape":"ResourceUnavailableException"} ] }, + "DescribeAccountSubscription":{ + "name":"DescribeAccountSubscription", + "http":{ + "method":"GET", + "requestUri":"/account/{AwsAccountId}" + }, + "input":{"shape":"DescribeAccountSubscriptionRequest"}, + "output":{"shape":"DescribeAccountSubscriptionResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"InvalidParameterValueException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalFailureException"}, + {"shape":"ResourceUnavailableException"} + ] + }, "DescribeAnalysis":{ "name":"DescribeAnalysis", "http":{ @@ -2116,6 +2153,16 @@ "DefaultEmailCustomizationTemplate":{"shape":"Arn"} } }, + "AccountInfo":{ + "type":"structure", + "members":{ + "AccountName":{"shape":"String"}, + "Edition":{"shape":"Edition"}, + "NotificationEmail":{"shape":"String"}, + "AuthenticationType":{"shape":"String"}, + "AccountSubscriptionStatus":{"shape":"String"} + } + }, "AccountSettings":{ "type":"structure", "members":{ @@ -2331,6 +2378,14 @@ "Database":{"shape":"Database"} } }, + "AuthenticationMethodOption":{ + "type":"string", + "enum":[ + "IAM_AND_QUICKSIGHT", + "IAM_ONLY", + "ACTIVE_DIRECTORY" + ] + }, "AwsAccountId":{ "type":"string", "max":12, @@ -2631,6 +2686,48 @@ } } }, + "CreateAccountSubscriptionRequest":{ + "type":"structure", + "required":[ + "Edition", + "AuthenticationMethod", + "AwsAccountId", + "AccountName", + "NotificationEmail" + ], + "members":{ + "Edition":{"shape":"Edition"}, + "AuthenticationMethod":{"shape":"AuthenticationMethodOption"}, + "AwsAccountId":{ + "shape":"AwsAccountId", + "location":"uri", + "locationName":"AwsAccountId" + }, + "AccountName":{"shape":"String"}, + "NotificationEmail":{"shape":"String"}, + "ActiveDirectoryName":{"shape":"String"}, + "Realm":{"shape":"String"}, + "DirectoryId":{"shape":"String"}, + "AdminGroup":{"shape":"GroupsList"}, + "AuthorGroup":{"shape":"GroupsList"}, + "ReaderGroup":{"shape":"GroupsList"}, + "FirstName":{"shape":"String"}, + "LastName":{"shape":"String"}, + "EmailAddress":{"shape":"String"}, + "ContactNumber":{"shape":"String"} + } + }, + "CreateAccountSubscriptionResponse":{ + "type":"structure", + "members":{ + "SignupResponse":{"shape":"SignupResponse"}, + "Status":{ + "shape":"StatusCode", + "location":"statusCode" + }, + "RequestId":{"shape":"String"} + } + }, "CreateAnalysisRequest":{ "type":"structure", "required":[ @@ -4314,6 +4411,28 @@ } } }, + "DescribeAccountSubscriptionRequest":{ + "type":"structure", + "required":["AwsAccountId"], + "members":{ + "AwsAccountId":{ + "shape":"AwsAccountId", + "location":"uri", + "locationName":"AwsAccountId" + } + } + }, + "DescribeAccountSubscriptionResponse":{ + "type":"structure", + "members":{ + "AccountInfo":{"shape":"AccountInfo"}, + "Status":{ + "shape":"StatusCode", + "location":"statusCode" + }, + "RequestId":{"shape":"String"} + } + }, "DescribeAnalysisPermissionsRequest":{ "type":"structure", "required":[ @@ -5146,7 +5265,8 @@ "type":"string", "enum":[ "STANDARD", - "ENTERPRISE" + "ENTERPRISE", + "ENTERPRISE_AND_Q" ] }, "EmbeddingIdentityType":{ @@ -5346,7 +5466,8 @@ "Namespace":{"shape":"Namespace"}, "SessionTags":{"shape":"SessionTagList"}, "AuthorizedResourceArns":{"shape":"ArnList"}, - "ExperienceConfiguration":{"shape":"AnonymousUserEmbeddingExperienceConfiguration"} + "ExperienceConfiguration":{"shape":"AnonymousUserEmbeddingExperienceConfiguration"}, + "AllowedDomains":{"shape":"StringList"} } }, "GenerateEmbedUrlForAnonymousUserResponse":{ @@ -5380,7 +5501,8 @@ }, "SessionLifetimeInMinutes":{"shape":"SessionLifetimeInMinutes"}, "UserArn":{"shape":"Arn"}, - "ExperienceConfiguration":{"shape":"RegisteredUserEmbeddingExperienceConfiguration"} + "ExperienceConfiguration":{"shape":"RegisteredUserEmbeddingExperienceConfiguration"}, + "AllowedDomains":{"shape":"StringList"} } }, "GenerateEmbedUrlForRegisteredUserResponse":{ @@ -5603,6 +5725,10 @@ "max":1, "min":1 }, + "GroupsList":{ + "type":"list", + "member":{"shape":"String"} + }, "GutterStyle":{ "type":"structure", "members":{ @@ -7713,6 +7839,15 @@ "TileLayout":{"shape":"TileLayoutStyle"} } }, + "SignupResponse":{ + "type":"structure", + "members":{ + "IAMUser":{"shape":"Boolean"}, + "userLoginName":{"shape":"String"}, + "accountName":{"shape":"String"}, + "directoryType":{"shape":"String"} + } + }, "SiteBaseUrl":{ "type":"string", "max":1024, diff --git a/apis/quicksight/2018-04-01/docs-2.json b/apis/quicksight/2018-04-01/docs-2.json index 8cb0caef0b6..54cb18d0265 100644 --- a/apis/quicksight/2018-04-01/docs-2.json +++ b/apis/quicksight/2018-04-01/docs-2.json @@ -3,7 +3,8 @@ "service": "Amazon QuickSight API Reference

Amazon QuickSight is a fully managed, serverless business intelligence service for the Amazon Web Services Cloud that makes it easy to extend data and insights to every user in your organization. This API reference contains documentation for a programming interface that you can use to manage Amazon QuickSight.

", "operations": { "CancelIngestion": "

Cancels an ongoing ingestion of data into SPICE.

", - "CreateAccountCustomization": "

Creates Amazon QuickSight customizations the current Amazon Web Services Region. Currently, you can add a custom default theme by using the CreateAccountCustomization or UpdateAccountCustomization API operation. To further customize Amazon QuickSight by removing Amazon QuickSight sample assets and videos for all new users, see Customizing Amazon QuickSight in the Amazon QuickSight User Guide.

You can create customizations for your Amazon Web Services account or, if you specify a namespace, for a QuickSight namespace instead. Customizations that apply to a namespace always override customizations that apply to an Amazon Web Services account. To find out which customizations apply, use the DescribeAccountCustomization API operation.

Before you use the CreateAccountCustomization API operation to add a theme as the namespace default, make sure that you first share the theme with the namespace. If you don't share it with the namespace, the theme isn't visible to your users even if you make it the default theme. To check if the theme is shared, view the current permissions by using the DescribeThemePermissions API operation. To share the theme, grant permissions by using the UpdateThemePermissions API operation.

", + "CreateAccountCustomization": "

Creates Amazon QuickSight customizations for the current Amazon Web Services Region. Currently, you can add a custom default theme by using the CreateAccountCustomization or UpdateAccountCustomization API operation. To further customize Amazon QuickSight by removing Amazon QuickSight sample assets and videos for all new users, see Customizing Amazon QuickSight in the Amazon QuickSight User Guide.

You can create customizations for your Amazon Web Services account or, if you specify a namespace, for a QuickSight namespace instead. Customizations that apply to a namespace always override customizations that apply to an Amazon Web Services account. To find out which customizations apply, use the DescribeAccountCustomization API operation.

Before you use the CreateAccountCustomization API operation to add a theme as the namespace default, make sure that you first share the theme with the namespace. If you don't share it with the namespace, the theme isn't visible to your users even if you make it the default theme. To check if the theme is shared, view the current permissions by using the DescribeThemePermissions API operation. To share the theme, grant permissions by using the UpdateThemePermissions API operation.

", + "CreateAccountSubscription": "

Creates an Amazon QuickSight account, or subscribes to Amazon QuickSight Q.

The Amazon Web Services Region for the account is derived from what is configured in the CLI or SDK. This operation isn't supported in the US East (Ohio) Region, South America (Sao Paulo) Region, or Asia Pacific (Singapore) Region.

Before you use this operation, make sure that you can connect to an existing Amazon Web Services account. If you don't have an Amazon Web Services account, see Sign up for Amazon Web Services in the Amazon QuickSight User Guide. The person who signs up for Amazon QuickSight needs to have the correct Identity and Access Management (IAM) permissions. For more information, see IAM Policy Examples for Amazon QuickSight in the Amazon QuickSight User Guide.

If your IAM policy includes both the Subscribe and CreateAccountSubscription actions, make sure that both actions are set to Allow. If either action is set to Deny, the Deny action prevails and your API call fails.

You can't pass an existing IAM role to access other Amazon Web Services services using this API operation. To pass your existing IAM role to Amazon QuickSight, see Passing IAM roles to Amazon QuickSight in the Amazon QuickSight User Guide.

You can't set default resource access on the new account from the Amazon QuickSight API. Instead, add default resource access from the Amazon QuickSight console. For more information about setting default resource access to Amazon Web Services services, see Setting default resource access to Amazon Web Services services in the Amazon QuickSight User Guide.

", "CreateAnalysis": "

Creates an analysis in Amazon QuickSight.

", "CreateDashboard": "

Creates a dashboard from a template. To first create a template, see the CreateTemplate API operation.

A dashboard is an entity in Amazon QuickSight that identifies Amazon QuickSight reports, created from analyses. You can share Amazon QuickSight dashboards. With the right permissions, you can create scheduled email reports from them. If you have the correct permissions, you can create a dashboard from a template that exists in a different Amazon Web Services account.

", "CreateDataSet": "

Creates a dataset. This operation doesn't support datasets that include uploaded files as a source.

", @@ -38,6 +39,7 @@ "DeleteUserByPrincipalId": "

Deletes a user identified by its principal ID.

", "DescribeAccountCustomization": "

Describes the customizations associated with the provided Amazon Web Services account and Amazon Amazon QuickSight namespace in an Amazon Web Services Region. The Amazon QuickSight console evaluates which customizations to apply by running this API operation with the Resolved flag included.

To determine what customizations display when you run this command, it can help to visualize the relationship of the entities involved.

", "DescribeAccountSettings": "

Describes the settings that were used when your Amazon QuickSight subscription was first created in this Amazon Web Services account.

", + "DescribeAccountSubscription": "

Use the DescribeAccountSubscription operation to receive a description of a Amazon QuickSight account's subscription. A successful API call returns an AccountInfo object that includes an account's name, subscription status, authentication type, edition, and notification email address.

", "DescribeAnalysis": "

Provides a summary of the metadata for an analysis.

", "DescribeAnalysisPermissions": "

Provides the read and write permissions for an analysis.

", "DescribeDashboard": "

Provides a summary for a dashboard.

", @@ -62,9 +64,9 @@ "DescribeThemeAlias": "

Describes the alias for a theme.

", "DescribeThemePermissions": "

Describes the read and write permissions for a theme.

", "DescribeUser": "

Returns information about a user, given the user name.

", - "GenerateEmbedUrlForAnonymousUser": "

Generates an embed URL that you can use to embed an Amazon QuickSight dashboard in your website, without having to register any reader users. Before you use this action, make sure that you have configured the dashboards and permissions.

The following rules apply to the generated URL:

For more information, see Embedded Analytics in the Amazon QuickSight User Guide.

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", + "GenerateEmbedUrlForAnonymousUser": "

Generates an embed URL that you can use to embed an Amazon QuickSight dashboard in your website, without having to register any reader users. Before you use this action, make sure that you have configured the dashboards and permissions.

The following rules apply to the generated URL:

For more information, see Embedded Analytics in the Amazon QuickSight User Guide.

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", "GenerateEmbedUrlForRegisteredUser": "

Generates an embed URL that you can use to embed an Amazon QuickSight experience in your website. This action can be used for any type of user registered in an Amazon QuickSight account. Before you use this action, make sure that you have configured the relevant Amazon QuickSight resource and permissions.

The following rules apply to the generated URL:

For more information, see Embedded Analytics in the Amazon QuickSight User Guide.

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", - "GetDashboardEmbedUrl": "

Generates a session URL and authorization code that you can use to embed an Amazon Amazon QuickSight read-only dashboard in your web server code. Before you use this command, make sure that you have configured the dashboards and permissions.

Currently, you can use GetDashboardEmbedURL only from the server, not from the user's browser. The following rules apply to the combination of URL and authorization code:

For more information, see Embedding Analytics Using GetDashboardEmbedUrl in the Amazon QuickSight User Guide.

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", + "GetDashboardEmbedUrl": "

Generates a temporary session URL and authorization code that you can use to embed an Amazon QuickSight read-only dashboard in your website or application. Before you use this command, make sure that you have configured the dashboards and permissions.

Currently, you can use GetDashboardEmbedURL only from the server, not from the user's browser. The following rules apply to the generated URL:

For more information, see Embedding Analytics Using GetDashboardEmbedUrl in the Amazon QuickSight User Guide.

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", "GetSessionEmbedUrl": "

Generates a session URL and authorization code that you can use to embed the Amazon Amazon QuickSight console in your web server code. Use GetSessionEmbedUrl where you want to provide an authoring portal that allows users to create data sources, datasets, analyses, and dashboards. The users who access an embedded Amazon QuickSight console need belong to the author or admin security cohort. If you want to restrict permissions to some of these features, add a custom permissions profile to the user with the UpdateUser API operation. Use RegisterUser API operation to add a new user with a custom permission profile attached. For more information, see the following sections in the Amazon QuickSight User Guide:

", "ListAnalyses": "

Lists Amazon QuickSight analyses that exist in the specified Amazon Web Services account.

", "ListDashboardVersions": "

Lists all the versions of the dashboards in the Amazon QuickSight subscription.

", @@ -96,7 +98,7 @@ "SearchGroups": "

Use the SearchGroups operation to search groups in a specified Amazon QuickSight namespace using the supplied filters.

", "TagResource": "

Assigns one or more tags (key-value pairs) to the specified Amazon QuickSight resource.

Tags can help you organize and categorize your resources. You can also use them to scope user permissions, by granting a user permission to access or change only resources with certain tag values. You can use the TagResource operation with a resource that already has tags. If you specify a new tag key for the resource, this tag is appended to the list of tags associated with the resource. If you specify a tag key that is already associated with the resource, the new tag value that you specify replaces the previous value for that tag.

You can associate as many as 50 tags with a resource. Amazon QuickSight supports tagging on data set, data source, dashboard, and template.

Tagging for Amazon QuickSight works in a similar way to tagging for other Amazon Web Services services, except for the following:

", "UntagResource": "

Removes a tag or tags from a resource.

", - "UpdateAccountCustomization": "

Updates Amazon QuickSight customizations the current Amazon Web Services Region. Currently, the only customization you can use is a theme.

You can use customizations for your Amazon Web Services account or, if you specify a namespace, for a Amazon QuickSight namespace instead. Customizations that apply to a namespace override customizations that apply to an Amazon Web Services account. To find out which customizations apply, use the DescribeAccountCustomization API operation.

", + "UpdateAccountCustomization": "

Updates Amazon QuickSight customizations for the current Amazon Web Services Region. Currently, the only customization that you can use is a theme.

You can use customizations for your Amazon Web Services account or, if you specify a namespace, for a Amazon QuickSight namespace instead. Customizations that apply to a namespace override customizations that apply to an Amazon Web Services account. To find out which customizations apply, use the DescribeAccountCustomization API operation.

", "UpdateAccountSettings": "

Updates the Amazon QuickSight settings in your Amazon Web Services account.

", "UpdateAnalysis": "

Updates an analysis in Amazon QuickSight

", "UpdateAnalysisPermissions": "

Updates the read and write permissions for an analysis.

", @@ -112,7 +114,7 @@ "UpdateGroup": "

Changes a group description.

", "UpdateIAMPolicyAssignment": "

Updates an existing IAM policy assignment. This operation updates only the optional parameter or parameters that are specified in the request. This overwrites all of the users included in Identities.

", "UpdateIpRestriction": "

Updates the content and status of IP rules. To use this operation, you need to provide the entire map of rules. You can use the DescribeIpRestriction operation to get the current rule map.

", - "UpdatePublicSharingSettings": "

Use the UpdatePublicSharingSettings operation to enable or disable the public sharing settings of an Amazon QuickSight dashboard.

To use this operation, enable session capacity pricing on your Amazon QuickSight account.

Before you can enable public sharing on your account, you need to allow public sharing permissions to an administrative user in the IAM console. For more information on using IAM with Amazon QuickSight, see Using Amazon QuickSight with IAM.

", + "UpdatePublicSharingSettings": "

Use the UpdatePublicSharingSettings operation to turn on or turn off the public sharing settings of an Amazon QuickSight dashboard.

To use this operation, turn on session capacity pricing for your Amazon QuickSight account.

Before you can turn on public sharing on your account, make sure to give public sharing permissions to an administrative user in the Identity and Access Management (IAM) console. For more information on using IAM with Amazon QuickSight, see Using Amazon QuickSight with IAM in the Amazon QuickSight User Guide.

", "UpdateTemplate": "

Updates a template from an existing Amazon QuickSight analysis or another template.

", "UpdateTemplateAlias": "

Updates the template alias of a template.

", "UpdateTemplatePermissions": "

Updates the resource permissions for a template.

", @@ -137,10 +139,16 @@ "UpdateAccountCustomizationResponse$AccountCustomization": "

The Amazon QuickSight customizations you're updating in the current Amazon Web Services Region.

" } }, + "AccountInfo": { + "base": "

A structure that contains the following account information elements:

", + "refs": { + "DescribeAccountSubscriptionResponse$AccountInfo": "

A structure that contains the following elements:

" + } + }, "AccountSettings": { "base": "

The Amazon QuickSight settings associated with your Amazon Web Services account.

", "refs": { - "DescribeAccountSettingsResponse$AccountSettings": "

The Amazon QuickSight settings for this Amazon Web Services account. This information includes the edition of Amazon Amazon QuickSight that you subscribed to (Standard or Enterprise) and the notification email for the Amazon QuickSight subscription. In the QuickSight console, the Amazon QuickSight subscription is sometimes referred to as a QuickSight \"account\" even though it's technically not an account by itself. Instead, it's a subscription to the Amazon QuickSight service for your Amazon Web Services account. The edition that you subscribe to applies to Amazon QuickSight in every Amazon Web Services Region where you use it.

" + "DescribeAccountSettingsResponse$AccountSettings": "

The Amazon QuickSight settings for this Amazon Web Services account. This information includes the edition of Amazon Amazon QuickSight that you subscribed to (Standard or Enterprise) and the notification email for the Amazon QuickSight subscription.

In the QuickSight console, the Amazon QuickSight subscription is sometimes referred to as a QuickSight \"account\" even though it's technically not an account by itself. Instead, it's a subscription to the Amazon QuickSight service for your Amazon Web Services account. The edition that you subscribe to applies to Amazon QuickSight in every Amazon Web Services Region where you use it.

" } }, "ActionList": { @@ -162,7 +170,7 @@ } }, "AdHocFilteringOption": { - "base": "

Ad hoc (one-time) filtering option.

", + "base": "

An ad hoc (one-time) filtering option.

", "refs": { "DashboardPublishOptions$AdHocFilteringOption": "

Ad hoc (one-time) filtering option.

" } @@ -170,7 +178,7 @@ "AdditionalDashboardIdList": { "base": null, "refs": { - "GetDashboardEmbedUrlRequest$AdditionalDashboardIds": "

A list of one or more dashboard IDs that you want to add to a session that includes anonymous users. The IdentityType parameter must be set to ANONYMOUS for this to work, because other identity types authenticate as Amazon QuickSight or IAM users. For example, if you set \"--dashboard-id dash_id1 --dashboard-id dash_id2 dash_id3 identity-type ANONYMOUS\", the session can access all three dashboards.

" + "GetDashboardEmbedUrlRequest$AdditionalDashboardIds": "

A list of one or more dashboard IDs that you want anonymous users to have tempporary access to. Currently, the IdentityType parameter must be set to ANONYMOUS because other identity types authenticate as Amazon QuickSight or IAM users. For example, if you set \"--dashboard-id dash_id1 --dashboard-id dash_id2 dash_id3 identity-type ANONYMOUS\", the session can access all three dashboards.

" } }, "AliasName": { @@ -291,7 +299,7 @@ "AnonymousUserEmbeddingExperienceConfiguration": { "base": "

The type of experience you want to embed. For anonymous users, you can embed Amazon QuickSight dashboards.

", "refs": { - "GenerateEmbedUrlForAnonymousUserRequest$ExperienceConfiguration": "

The configuration of the experience you are embedding.

" + "GenerateEmbedUrlForAnonymousUserRequest$ExperienceConfiguration": "

The configuration of the experience that you are embedding.

" } }, "Arn": { @@ -421,7 +429,7 @@ "ArnList": { "base": null, "refs": { - "GenerateEmbedUrlForAnonymousUserRequest$AuthorizedResourceArns": "

The Amazon Resource Names for the Amazon QuickSight resources that the user is authorized to access during the lifetime of the session. If you choose Dashboard embedding experience, pass the list of dashboard ARNs in the account that you want the user to be able to view. Currently, you can pass up to 25 dashboard ARNs in each API call.

" + "GenerateEmbedUrlForAnonymousUserRequest$AuthorizedResourceArns": "

The Amazon Resource Names (ARNs) for the Amazon QuickSight resources that the user is authorized to access during the lifetime of the session. If you choose Dashboard embedding experience, pass the list of dashboard ARNs in the account that you want the user to be able to view. Currently, you can pass up to 25 dashboard ARNs in each API call.

" } }, "AssignmentStatus": { @@ -454,12 +462,19 @@ "DataSourceParameters$AuroraPostgreSqlParameters": "

The parameters for Amazon Aurora.

" } }, + "AuthenticationMethodOption": { + "base": null, + "refs": { + "CreateAccountSubscriptionRequest$AuthenticationMethod": "

The method that you want to use to authenticate your Amazon QuickSight account. Currently, the valid values for this parameter are IAM_AND_QUICKSIGHT, IAM_ONLY, and ACTIVE_DIRECTORY.

If you choose ACTIVE_DIRECTORY, provide an ActiveDirectoryName and an AdminGroup associated with your Active Directory.

" + } + }, "AwsAccountId": { "base": null, "refs": { "CancelIngestionRequest$AwsAccountId": "

The Amazon Web Services account ID.

", "CreateAccountCustomizationRequest$AwsAccountId": "

The ID for the Amazon Web Services account that you want to customize Amazon QuickSight for.

", "CreateAccountCustomizationResponse$AwsAccountId": "

The ID for the Amazon Web Services account that you want to customize Amazon QuickSight for.

", + "CreateAccountSubscriptionRequest$AwsAccountId": "

The Amazon Web Services account ID of the account that you're using to create your Amazon QuickSight account.

", "CreateAnalysisRequest$AwsAccountId": "

The ID of the Amazon Web Services account where you are creating an analysis.

", "CreateDashboardRequest$AwsAccountId": "

The ID of the Amazon Web Services account where you want to create the dashboard.

", "CreateDataSetRequest$AwsAccountId": "

The Amazon Web Services account ID.

", @@ -495,6 +510,7 @@ "DescribeAccountCustomizationRequest$AwsAccountId": "

The ID for the Amazon Web Services account that you want to describe Amazon QuickSight customizations for.

", "DescribeAccountCustomizationResponse$AwsAccountId": "

The ID for the Amazon Web Services account that you're describing.

", "DescribeAccountSettingsRequest$AwsAccountId": "

The ID for the Amazon Web Services account that contains the settings that you want to list.

", + "DescribeAccountSubscriptionRequest$AwsAccountId": "

The Amazon Web Services account ID associated with your Amazon QuickSight account.

", "DescribeAnalysisPermissionsRequest$AwsAccountId": "

The ID of the Amazon Web Services account that contains the analysis whose permissions you're describing. You must be using the Amazon Web Services account that the analysis is in.

", "DescribeAnalysisRequest$AwsAccountId": "

The ID of the Amazon Web Services account that contains the analysis. You must be using the Amazon Web Services account that the analysis is in.

", "DescribeDashboardPermissionsRequest$AwsAccountId": "

The ID of the Amazon Web Services account that contains the dashboard that you're describing permissions for.

", @@ -594,7 +610,7 @@ "Boolean": { "base": null, "refs": { - "AccountSettings$PublicSharingEnabled": "

A boolean that indicates whether or not public sharing is enabled on an Amazon QuickSight account. For more information about enabling public sharing, see UpdatePublicSharingSettings.

", + "AccountSettings$PublicSharingEnabled": "

A Boolean value that indicates whether public sharing is turned on for an Amazon QuickSight account. For more information about turning on public sharing, see UpdatePublicSharingSettings.

", "DataSetSummary$RowLevelPermissionTagConfigurationApplied": "

Whether or not the row level permission tags are applied.

", "DataSetSummary$ColumnLevelPermissionRulesApplied": "

A value that indicates if the dataset has column level permission configured.

", "DataSetUsageConfiguration$DisableUseAsDirectQuerySource": "

An option that controls whether a child dataset of a direct query can use this dataset as a source.

", @@ -603,8 +619,9 @@ "GetDashboardEmbedUrlRequest$ResetDisabled": "

Remove the reset button on the embedded dashboard. The default is FALSE, which enables the reset button.

", "GetDashboardEmbedUrlRequest$StatePersistenceEnabled": "

Adds persistence of state for the user session in an embedded dashboard. Persistence applies to the sheet and the parameter settings. These are control settings that the dashboard subscriber (Amazon QuickSight reader) chooses while viewing the dashboard. If this is set to TRUE, the settings are the same when the subscriber reopens the same dashboard URL. The state is stored in Amazon QuickSight, not in a browser cookie. If this is set to FALSE, the state of the user session is not persisted. The default is FALSE.

", "JoinKeyProperties$UniqueKey": "

A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by Amazon QuickSight to optimize query performance.

", + "SignupResponse$IAMUser": "

A Boolean that is TRUE if the Amazon QuickSight uses IAM as an authentication method.

", "SslProperties$DisableSsl": "

A Boolean option to control whether SSL should be disabled.

", - "UpdatePublicSharingSettingsRequest$PublicSharingEnabled": "

A boolean that indicates whether or not public sharing is enabled on a Amazon QuickSight account.

", + "UpdatePublicSharingSettingsRequest$PublicSharingEnabled": "

A Boolean value that indicates whether public sharing is turned on for an Amazon QuickSight account.

", "UpdateUserRequest$UnapplyCustomPermissions": "

A flag that you use to indicate that you want to remove all custom permissions from this user. Using this parameter resets the user to the state it was in before a custom permissions profile was applied. This parameter defaults to NULL and it doesn't accept any other value.

", "UploadSettings$ContainsHeader": "

Whether the file has a header row, or the files each have a header row.

", "User$Active": "

The active status of user. When you create an Amazon QuickSight user that’s not an IAM user or an Active Directory user, that user is inactive until they sign in and provide a password.

" @@ -841,6 +858,16 @@ "refs": { } }, + "CreateAccountSubscriptionRequest": { + "base": null, + "refs": { + } + }, + "CreateAccountSubscriptionResponse": { + "base": null, + "refs": { + } + }, "CreateAnalysisRequest": { "base": null, "refs": { @@ -1507,6 +1534,16 @@ "refs": { } }, + "DescribeAccountSubscriptionRequest": { + "base": null, + "refs": { + } + }, + "DescribeAccountSubscriptionResponse": { + "base": null, + "refs": { + } + }, "DescribeAnalysisPermissionsRequest": { "base": null, "refs": { @@ -1774,7 +1811,9 @@ "Edition": { "base": null, "refs": { - "AccountSettings$Edition": "

The edition of Amazon QuickSight that you're currently subscribed to: Enterprise edition or Standard edition.

" + "AccountInfo$Edition": "

The edition of your Amazon QuickSight account.

", + "AccountSettings$Edition": "

The edition of Amazon QuickSight that you're currently subscribed to: Enterprise edition or Standard edition.

", + "CreateAccountSubscriptionRequest$Edition": "

The edition of Amazon QuickSight that you want your account to have. Currently, you can choose from ENTERPRISE or ENTERPRISE_AND_Q.

If you choose ENTERPRISE_AND_Q, the following parameters are required:

" } }, "EmbeddingIdentityType": { @@ -2100,6 +2139,14 @@ "SearchGroupsRequest$Filters": "

The structure for the search filters that you want to apply to your search.

" } }, + "GroupsList": { + "base": null, + "refs": { + "CreateAccountSubscriptionRequest$AdminGroup": "

The admin group associated with your Active Directory. This field is required if ACTIVE_DIRECTORY is the selected authentication method of the new Amazon QuickSight account. For more information about using Active Directory in Amazon QuickSight, see Using Active Directory with Amazon QuickSight Enterprise Edition in the Amazon QuickSight User Guide.

", + "CreateAccountSubscriptionRequest$AuthorGroup": "

The author group associated with your Active Directory. For more information about using Active Directory in Amazon QuickSight, see Using Active Directory with Amazon QuickSight Enterprise Edition in the Amazon QuickSight User Guide.

", + "CreateAccountSubscriptionRequest$ReaderGroup": "

The reader group associated with your Active Direcrtory. For more information about using Active Directory in Amazon QuickSight, see Using Active Directory with Amazon QuickSight Enterprise Edition in the Amazon QuickSight User Guide.

" + } + }, "GutterStyle": { "base": "

The display options for gutter spacing between tiles on a sheet.

", "refs": { @@ -2764,7 +2811,7 @@ "SearchGroupsRequest$Namespace": "

The namespace that you want to search.

", "UpdateAccountCustomizationRequest$Namespace": "

The namespace that you want to update Amazon QuickSight customizations for.

", "UpdateAccountCustomizationResponse$Namespace": "

The namespace associated with the customization that you're updating.

", - "UpdateAccountSettingsRequest$DefaultNamespace": "

The default namespace for this Amazon Web Services account. Currently, the default is default. Identity and Access Management (IAM) users that register for the first time with Amazon QuickSight provide an email that becomes associated with the default namespace.

", + "UpdateAccountSettingsRequest$DefaultNamespace": "

The default namespace for this Amazon Web Services account. Currently, the default is default. Identity and Access Management (IAM) users that register for the first time with Amazon QuickSight provide an email address that becomes associated with the default namespace.

", "UpdateGroupRequest$Namespace": "

The namespace of the group that you want to update.

", "UpdateIAMPolicyAssignmentRequest$Namespace": "

The namespace of the assignment.

", "UpdateUserRequest$Namespace": "

The namespace. Currently, you should set this to default.

" @@ -3020,7 +3067,7 @@ "RegisteredUserQSearchBarEmbeddingConfiguration": { "base": "

Information about the Q search bar embedding experience.

", "refs": { - "RegisteredUserEmbeddingExperienceConfiguration$QSearchBar": "

The configuration details for embedding the Q search bar.

For more information about embedding the Q search bar, see Embedding Overview.

" + "RegisteredUserEmbeddingExperienceConfiguration$QSearchBar": "

The configuration details for embedding the Q search bar.

For more information about embedding the Q search bar, see Embedding Overview in the Amazon QuickSight User Guide.

" } }, "RegisteredUserQuickSightConsoleEmbeddingConfiguration": { @@ -3466,7 +3513,7 @@ "SessionTagList": { "base": null, "refs": { - "GenerateEmbedUrlForAnonymousUserRequest$SessionTags": "

The session tags used for row-level security. Before you use this parameter, make sure that you have configured the relevant datasets using the DataSet$RowLevelPermissionTagConfiguration parameter so that session tags can be used to provide row-level security.

These are not the tags used for the Amazon Web Services resource tagging feature. For more information, see Using Row-Level Security (RLS) with Tags.

" + "GenerateEmbedUrlForAnonymousUserRequest$SessionTags": "

The session tags used for row-level security. Before you use this parameter, make sure that you have configured the relevant datasets using the DataSet$RowLevelPermissionTagConfiguration parameter so that session tags can be used to provide row-level security.

These are not the tags used for the Amazon Web Services resource tagging feature. For more information, see Using Row-Level Security (RLS) with Tagsin the Amazon QuickSight User Guide.

" } }, "SessionTagValue": { @@ -3502,6 +3549,12 @@ "ThemeConfiguration$Sheet": "

Display options related to sheets.

" } }, + "SignupResponse": { + "base": "

A SignupResponse object that contains a summary of a newly created account.

", + "refs": { + "CreateAccountSubscriptionResponse$SignupResponse": "

A SignupResponse object that returns information about a newly created Amazon QuickSight account.

" + } + }, "SiteBaseUrl": { "base": null, "refs": { @@ -3553,6 +3606,7 @@ "refs": { "CancelIngestionResponse$Status": "

The HTTP status of the request.

", "CreateAccountCustomizationResponse$Status": "

The HTTP status of the request.

", + "CreateAccountSubscriptionResponse$Status": "

The HTTP status of the request.

", "CreateAnalysisResponse$Status": "

The HTTP status of the request.

", "CreateDashboardResponse$Status": "

The HTTP status of the request.

", "CreateDataSetResponse$Status": "

The HTTP status of the request.

", @@ -3587,6 +3641,7 @@ "DeleteUserResponse$Status": "

The HTTP status of the request.

", "DescribeAccountCustomizationResponse$Status": "

The HTTP status of the request.

", "DescribeAccountSettingsResponse$Status": "

The HTTP status of the request.

", + "DescribeAccountSubscriptionResponse$Status": "

The HTTP status of the request.

", "DescribeAnalysisPermissionsResponse$Status": "

The HTTP status of the request.

", "DescribeAnalysisResponse$Status": "

The HTTP status of the request.

", "DescribeDashboardPermissionsResponse$Status": "

The HTTP status of the request.

", @@ -3676,6 +3731,10 @@ "refs": { "AccessDeniedException$Message": null, "AccessDeniedException$RequestId": "

The Amazon Web Services request ID for this request.

", + "AccountInfo$AccountName": "

The account name that you provided for the Amazon QuickSight subscription in your Amazon Web Services account. You create this name when you sign up for Amazon QuickSight. It's unique over all of Amazon Web Services, and it appears only when users sign in.

", + "AccountInfo$NotificationEmail": "

The email address that will be used for Amazon QuickSight to send notifications regarding your Amazon Web Services account or Amazon QuickSight subscription.

", + "AccountInfo$AuthenticationType": "

The way that your Amazon QuickSight account is authenticated.

", + "AccountInfo$AccountSubscriptionStatus": "

The status of your account subscription.

", "AccountSettings$AccountName": "

The \"account name\" you provided for the Amazon QuickSight subscription in your Amazon Web Services account. You create this name when you sign up for Amazon QuickSight. It is unique in all of Amazon Web Services and it appears only when users sign in.

", "AccountSettings$NotificationEmail": "

The main notification email for your Amazon QuickSight subscription.

", "ActionList$member": null, @@ -3693,6 +3752,16 @@ "ConflictException$Message": null, "ConflictException$RequestId": "

The Amazon Web Services request ID for this request.

", "CreateAccountCustomizationResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", + "CreateAccountSubscriptionRequest$AccountName": "

The name of your Amazon QuickSight account. This name is unique over all of Amazon Web Services, and it appears only when users sign in. You can't change AccountName value after the Amazon QuickSight account is created.

", + "CreateAccountSubscriptionRequest$NotificationEmail": "

The email address that you want Amazon QuickSight to send notifications to regarding your Amazon QuickSight account or Amazon QuickSight subscription.

", + "CreateAccountSubscriptionRequest$ActiveDirectoryName": "

The name of your Active Directory. This field is required if ACTIVE_DIRECTORY is the selected authentication method of the new Amazon QuickSight account.

", + "CreateAccountSubscriptionRequest$Realm": "

The realm of the Active Directory that is associated with your Amazon QuickSight account. This field is required if ACTIVE_DIRECTORY is the selected authentication method of the new Amazon QuickSight account.

", + "CreateAccountSubscriptionRequest$DirectoryId": "

The ID of the Active Directory that is associated with your Amazon QuickSight account.

", + "CreateAccountSubscriptionRequest$FirstName": "

The first name of the author of the Amazon QuickSight account to use for future communications. This field is required if ENTERPPRISE_AND_Q is the selected edition of the new Amazon QuickSight account.

", + "CreateAccountSubscriptionRequest$LastName": "

The last name of the author of the Amazon QuickSight account to use for future communications. This field is required if ENTERPPRISE_AND_Q is the selected edition of the new Amazon QuickSight account.

", + "CreateAccountSubscriptionRequest$EmailAddress": "

The email address of the author of the Amazon QuickSight account to use for future communications. This field is required if ENTERPPRISE_AND_Q is the selected edition of the new Amazon QuickSight account.

", + "CreateAccountSubscriptionRequest$ContactNumber": "

A 10-digit phone number for the author of the Amazon QuickSight account to use for future communications. This field is required if ENTERPPRISE_AND_Q is the selected edition of the new Amazon QuickSight account.

", + "CreateAccountSubscriptionResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "CreateAnalysisResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "CreateDashboardResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "CreateDataSetResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", @@ -3734,6 +3803,7 @@ "DeleteUserResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "DescribeAccountCustomizationResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "DescribeAccountSettingsResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", + "DescribeAccountSubscriptionResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "DescribeAnalysisPermissionsResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "DescribeAnalysisResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "DescribeDashboardPermissionsResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", @@ -3770,6 +3840,7 @@ "GetSessionEmbedUrlResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "Group$PrincipalId": "

The principal ID of the group.

", "GroupSearchFilter$Value": "

The value of the named item, in this case GROUP_NAME, that you want to use as a filter.

", + "GroupsList$member": null, "IAMPolicyAssignment$AssignmentId": "

Assignment ID.

", "IdentityMap$key": null, "IdentityTypeNotSupportedException$Message": null, @@ -3886,6 +3957,9 @@ "SearchGroupsResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "SessionLifetimeInMinutesInvalidException$Message": null, "SessionLifetimeInMinutesInvalidException$RequestId": "

The Amazon Web Services request ID for this request.

", + "SignupResponse$userLoginName": "

The user login name for your Amazon QuickSight account.

", + "SignupResponse$accountName": "

The name of your Amazon QuickSight account.

", + "SignupResponse$directoryType": "

The type of Active Directory that is being used to authenticate the Amazon QuickSight account. Valid values are SIMPLE_AD, AD_CONNECTOR, and MICROSOFT_AD.

", "StringList$member": null, "TagResourceResponse$RequestId": "

The Amazon Web Services request ID for this operation.

", "ThrottlingException$Message": null, @@ -3935,6 +4009,8 @@ "StringList": { "base": null, "refs": { + "GenerateEmbedUrlForAnonymousUserRequest$AllowedDomains": "

The domains that you want to add to the allow list for access to the generated URL that is then embedded. This optional parameter overrides the static domains that are configured in the Manage QuickSight menu in the Amazon QuickSight console and instead allows only the domains that you include in this parameter. You can list up to three domains or subdomains in each API call.

To include a subdomain, use * to include all subdomains under a specific domain to the allow list. For example, https://*.sapp.amazon.com, includes all subdomains under https://sapp.amazon.com.

", + "GenerateEmbedUrlForRegisteredUserRequest$AllowedDomains": "

The domains that you want to add to the allow list for access to the generated URL that is then embedded. This optional parameter overrides the static domains that are configured in the Manage QuickSight menu in the Amazon QuickSight console and instead allows only the domains that you include in this parameter. You can list up to three domains or subdomains in each API call.

To include a subdomain, use * to include all subdomains under a specific domain to the allow list. For example, https://*.sapp.amazon.com, includes all subdomains under https://sapp.amazon.com.

", "StringParameter$Values": "

The values of a string parameter.

" } }, diff --git a/apis/rds/2014-10-31/docs-2.json b/apis/rds/2014-10-31/docs-2.json index 8114d842439..b71f11e0f03 100644 --- a/apis/rds/2014-10-31/docs-2.json +++ b/apis/rds/2014-10-31/docs-2.json @@ -8,28 +8,28 @@ "AddTagsToResource": "

Adds metadata tags to an Amazon RDS resource. These tags can also be used with cost allocation reporting to track cost associated with Amazon RDS resources, or used in a Condition statement in an IAM policy for Amazon RDS.

For an overview on tagging Amazon RDS resources, see Tagging Amazon RDS Resources.

", "ApplyPendingMaintenanceAction": "

Applies a pending maintenance action to a resource (for example, to a DB instance).

", "AuthorizeDBSecurityGroupIngress": "

Enables ingress to a DBSecurityGroup using one of two forms of authorization. First, EC2 or VPC security groups can be added to the DBSecurityGroup if the application using the database is running on EC2 or VPC instances. Second, IP ranges are available if the application accessing your database is running on the internet. Required parameters for this API are one of CIDR range, EC2SecurityGroupId for VPC, or (EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId for non-VPC).

You can't authorize ingress from an EC2 security group in one Amazon Web Services Region to an Amazon RDS DB instance in another. You can't authorize ingress from a VPC security group in one VPC to an Amazon RDS DB instance in another.

For an overview of CIDR ranges, go to the Wikipedia Tutorial.

", - "BacktrackDBCluster": "

Backtracks a DB cluster to a specific time, without creating a new DB cluster.

For more information on backtracking, see Backtracking an Aurora DB Cluster in the Amazon Aurora User Guide.

This action applies only to Aurora MySQL DB clusters.

", + "BacktrackDBCluster": "

Backtracks a DB cluster to a specific time, without creating a new DB cluster.

For more information on backtracking, see Backtracking an Aurora DB Cluster in the Amazon Aurora User Guide.

This action only applies to Aurora MySQL DB clusters.

", "CancelExportTask": "

Cancels an export task in progress that is exporting a snapshot to Amazon S3. Any data that has already been written to the S3 bucket isn't removed.

", "CopyDBClusterParameterGroup": "

Copies the specified DB cluster parameter group.

", - "CopyDBClusterSnapshot": "

Copies a snapshot of a DB cluster.

To copy a DB cluster snapshot from a shared manual DB cluster snapshot, SourceDBClusterSnapshotIdentifier must be the Amazon Resource Name (ARN) of the shared DB cluster snapshot.

You can copy an encrypted DB cluster snapshot from another Amazon Web Services Region. In that case, the Amazon Web Services Region where you call the CopyDBClusterSnapshot operation is the destination Amazon Web Services Region for the encrypted DB cluster snapshot to be copied to. To copy an encrypted DB cluster snapshot from another Amazon Web Services Region, you must provide the following values:

To cancel the copy operation once it is in progress, delete the target DB cluster snapshot identified by TargetDBClusterSnapshotIdentifier while that DB cluster snapshot is in \"copying\" status.

For more information on copying encrypted Amazon Aurora DB cluster snapshots from one Amazon Web Services Region to another, see Copying a Snapshot in the Amazon Aurora User Guide.

For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", + "CopyDBClusterSnapshot": "

Copies a snapshot of a DB cluster.

To copy a DB cluster snapshot from a shared manual DB cluster snapshot, SourceDBClusterSnapshotIdentifier must be the Amazon Resource Name (ARN) of the shared DB cluster snapshot.

You can copy an encrypted DB cluster snapshot from another Amazon Web Services Region. In that case, the Amazon Web Services Region where you call the CopyDBClusterSnapshot action is the destination Amazon Web Services Region for the encrypted DB cluster snapshot to be copied to. To copy an encrypted DB cluster snapshot from another Amazon Web Services Region, you must provide the following values:

To cancel the copy operation once it is in progress, delete the target DB cluster snapshot identified by TargetDBClusterSnapshotIdentifier while that DB cluster snapshot is in \"copying\" status.

For more information on copying encrypted Amazon Aurora DB cluster snapshots from one Amazon Web Services Region to another, see Copying a Snapshot in the Amazon Aurora User Guide.

For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", "CopyDBParameterGroup": "

Copies the specified DB parameter group.

", - "CopyDBSnapshot": "

Copies the specified DB snapshot. The source DB snapshot must be in the available state.

You can copy a snapshot from one Amazon Web Services Region to another. In that case, the Amazon Web Services Region where you call the CopyDBSnapshot operation is the destination Amazon Web Services Region for the DB snapshot copy.

This command doesn't apply to RDS Custom.

For more information about copying snapshots, see Copying a DB Snapshot in the Amazon RDS User Guide.

", + "CopyDBSnapshot": "

Copies the specified DB snapshot. The source DB snapshot must be in the available state.

You can copy a snapshot from one Amazon Web Services Region to another. In that case, the Amazon Web Services Region where you call the CopyDBSnapshot action is the destination Amazon Web Services Region for the DB snapshot copy.

This command doesn't apply to RDS Custom.

For more information about copying snapshots, see Copying a DB Snapshot in the Amazon RDS User Guide.

", "CopyOptionGroup": "

Copies the specified option group.

", "CreateCustomDBEngineVersion": "

Creates a custom DB engine version (CEV). A CEV is a binary volume snapshot of a database engine and specific AMI. The supported engines are the following:

Amazon RDS, which is a fully managed service, supplies the Amazon Machine Image (AMI) and database software. The Amazon RDS database software is preinstalled, so you need only select a DB engine and version, and create your database. With Amazon RDS Custom for Oracle, you upload your database installation files in Amazon S3.

When you create a custom engine version, you specify the files in a JSON document called a CEV manifest. This document describes installation .zip files stored in Amazon S3. RDS Custom creates your CEV from the installation files that you provided. This service model is called Bring Your Own Media (BYOM).

Creation takes approximately two hours. If creation fails, RDS Custom issues RDS-EVENT-0196 with the message Creation failed for custom engine version, and includes details about the failure. For example, the event prints missing files.

After you create the CEV, it is available for use. You can create multiple CEVs, and create multiple RDS Custom instances from any CEV. You can also change the status of a CEV to make it available or inactive.

The MediaImport service that imports files from Amazon S3 to create CEVs isn't integrated with Amazon Web Services CloudTrail. If you turn on data logging for Amazon RDS in CloudTrail, calls to the CreateCustomDbEngineVersion event aren't logged. However, you might see calls from the API gateway that accesses your Amazon S3 bucket. These calls originate from the MediaImport service for the CreateCustomDbEngineVersion event.

For more information, see Creating a CEV in the Amazon RDS User Guide.

", - "CreateDBCluster": "

Creates a new Amazon Aurora DB cluster or Multi-AZ DB cluster.

You can use the ReplicationSourceIdentifier parameter to create an Amazon Aurora DB cluster as a read replica of another DB cluster or Amazon RDS MySQL or PostgreSQL DB instance.

For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", - "CreateDBClusterEndpoint": "

Creates a new custom endpoint and associates it with an Amazon Aurora DB cluster.

This action applies only to Aurora DB clusters.

", - "CreateDBClusterParameterGroup": "

Creates a new DB cluster parameter group.

Parameters in a DB cluster parameter group apply to all of the instances in a DB cluster.

A DB cluster parameter group is initially created with the default parameters for the database engine used by instances in the DB cluster. To provide custom values for any of the parameters, you must modify the group after creating it using ModifyDBClusterParameterGroup. Once you've created a DB cluster parameter group, you need to associate it with your DB cluster using ModifyDBCluster.

When you associate a new DB cluster parameter group with a running Aurora DB cluster, reboot the DB instances in the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.

When you associate a new DB cluster parameter group with a running Multi-AZ DB cluster, reboot the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.

After you create a DB cluster parameter group, you should wait at least 5 minutes before creating your first DB cluster that uses that DB cluster parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the DB cluster parameter group is used as the default for a new DB cluster. This is especially important for parameters that are critical when creating the default database for a DB cluster, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBClusterParameters operation to verify that your DB cluster parameter group has been created or modified.

For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", + "CreateDBCluster": "

Creates a new Amazon Aurora DB cluster or Multi-AZ DB cluster.

You can use the ReplicationSourceIdentifier parameter to create an Amazon Aurora DB cluster as a read replica of another DB cluster or Amazon RDS MySQL or PostgreSQL DB instance. For cross-Region replication where the DB cluster identified by ReplicationSourceIdentifier is encrypted, also specify the PreSignedUrl parameter.

For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", + "CreateDBClusterEndpoint": "

Creates a new custom endpoint and associates it with an Amazon Aurora DB cluster.

This action only applies to Aurora DB clusters.

", + "CreateDBClusterParameterGroup": "

Creates a new DB cluster parameter group.

Parameters in a DB cluster parameter group apply to all of the instances in a DB cluster.

A DB cluster parameter group is initially created with the default parameters for the database engine used by instances in the DB cluster. To provide custom values for any of the parameters, you must modify the group after creating it using ModifyDBClusterParameterGroup. Once you've created a DB cluster parameter group, you need to associate it with your DB cluster using ModifyDBCluster.

When you associate a new DB cluster parameter group with a running Aurora DB cluster, reboot the DB instances in the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.

When you associate a new DB cluster parameter group with a running Multi-AZ DB cluster, reboot the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.

After you create a DB cluster parameter group, you should wait at least 5 minutes before creating your first DB cluster that uses that DB cluster parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the DB cluster parameter group is used as the default for a new DB cluster. This is especially important for parameters that are critical when creating the default database for a DB cluster, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBClusterParameters action to verify that your DB cluster parameter group has been created or modified.

For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", "CreateDBClusterSnapshot": "

Creates a snapshot of a DB cluster.

For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", - "CreateDBInstance": "

Creates a new DB instance.

The new DB instance can be an RDS DB instance, or it can be a DB instance in an Aurora DB cluster. For an Aurora DB cluster, you can call this operation multiple times to add more than one DB instance to the cluster.

For more information about creating an RDS DB instance, see Creating an Amazon RDS DB instance in the Amazon RDS User Guide.

For more information about creating a DB instance in an Aurora DB cluster, see Creating an Amazon Aurora DB cluster in the Amazon Aurora User Guide.

", - "CreateDBInstanceReadReplica": "

Creates a new DB instance that acts as a read replica for an existing source DB instance. You can create a read replica for a DB instance running MySQL, MariaDB, Oracle, PostgreSQL, or SQL Server. For more information, see Working with Read Replicas in the Amazon RDS User Guide.

Amazon Aurora doesn't support this operation. Call the CreateDBInstance operation to create a DB instance for an Aurora DB cluster.

All read replica DB instances are created with backups disabled. All other DB instance attributes (including DB security groups and DB parameter groups) are inherited from the source DB instance, except as specified.

Your source DB instance must have backup retention enabled.

", + "CreateDBInstance": "

Creates a new DB instance.

", + "CreateDBInstanceReadReplica": "

Creates a new DB instance that acts as a read replica for an existing source DB instance. You can create a read replica for a DB instance running MySQL, MariaDB, Oracle, PostgreSQL, or SQL Server. For more information, see Working with Read Replicas in the Amazon RDS User Guide.

Amazon Aurora doesn't support this action. Call the CreateDBInstance action to create a DB instance for an Aurora DB cluster.

All read replica DB instances are created with backups disabled. All other DB instance attributes (including DB security groups and DB parameter groups) are inherited from the source DB instance, except as specified.

Your source DB instance must have backup retention enabled.

", "CreateDBParameterGroup": "

Creates a new DB parameter group.

A DB parameter group is initially created with the default parameters for the database engine used by the DB instance. To provide custom values for any of the parameters, you must modify the group after creating it using ModifyDBParameterGroup. Once you've created a DB parameter group, you need to associate it with your DB instance using ModifyDBInstance. When you associate a new DB parameter group with a running DB instance, you need to reboot the DB instance without failover for the new DB parameter group and associated settings to take effect.

This command doesn't apply to RDS Custom.

After you create a DB parameter group, you should wait at least 5 minutes before creating your first DB instance that uses that DB parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the parameter group is used as the default for a new DB instance. This is especially important for parameters that are critical when creating the default database for a DB instance, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBParameters command to verify that your DB parameter group has been created or modified.

", "CreateDBProxy": "

Creates a new DB proxy.

", "CreateDBProxyEndpoint": "

Creates a DBProxyEndpoint. Only applies to proxies that are associated with Aurora DB clusters. You can use DB proxy endpoints to specify read/write or read-only access to the DB cluster. You can also use DB proxy endpoints to access a DB proxy through a different VPC than the proxy's default VPC.

", "CreateDBSecurityGroup": "

Creates a new DB security group. DB security groups control access to a DB instance.

A DB security group controls access to EC2-Classic DB instances that are not in a VPC.

", "CreateDBSnapshot": "

Creates a snapshot of a DB instance. The source DB instance must be in the available or storage-optimization state.

", "CreateDBSubnetGroup": "

Creates a new DB subnet group. DB subnet groups must contain at least one subnet in at least two AZs in the Amazon Web Services Region.

", - "CreateEventSubscription": "

Creates an RDS event notification subscription. This operation requires a topic Amazon Resource Name (ARN) created by either the RDS console, the SNS console, or the SNS API. To obtain an ARN with SNS, you must create a topic in Amazon SNS and subscribe to the topic. The ARN is displayed in the SNS console.

You can specify the type of source (SourceType) that you want to be notified of and provide a list of RDS sources (SourceIds) that triggers the events. You can also provide a list of event categories (EventCategories) for events that you want to be notified of. For example, you can specify SourceType = db-instance, SourceIds = mydbinstance1, mydbinstance2 and EventCategories = Availability, Backup.

If you specify both the SourceType and SourceIds, such as SourceType = db-instance and SourceIds = myDBInstance1, you are notified of all the db-instance events for the specified source. If you specify a SourceType but do not specify SourceIds, you receive notice of the events for that source type for all your RDS sources. If you don't specify either the SourceType or the SourceIds, you are notified of events generated from all RDS sources belonging to your customer account.

RDS event notification is only available for unencrypted SNS topics. If you specify an encrypted SNS topic, event notifications aren't sent for the topic.

", - "CreateGlobalCluster": "

Creates an Aurora global database spread across multiple Amazon Web Services Regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem.

You can create a global database that is initially empty, and then add a primary cluster and a secondary cluster to it. Or you can specify an existing Aurora cluster during the create operation, and this cluster becomes the primary cluster of the global database.

This action applies only to Aurora DB clusters.

", + "CreateEventSubscription": "

Creates an RDS event notification subscription. This action requires a topic Amazon Resource Name (ARN) created by either the RDS console, the SNS console, or the SNS API. To obtain an ARN with SNS, you must create a topic in Amazon SNS and subscribe to the topic. The ARN is displayed in the SNS console.

You can specify the type of source (SourceType) that you want to be notified of and provide a list of RDS sources (SourceIds) that triggers the events. You can also provide a list of event categories (EventCategories) for events that you want to be notified of. For example, you can specify SourceType = db-instance, SourceIds = mydbinstance1, mydbinstance2 and EventCategories = Availability, Backup.

If you specify both the SourceType and SourceIds, such as SourceType = db-instance and SourceIds = myDBInstance1, you are notified of all the db-instance events for the specified source. If you specify a SourceType but do not specify SourceIds, you receive notice of the events for that source type for all your RDS sources. If you don't specify either the SourceType or the SourceIds, you are notified of events generated from all RDS sources belonging to your customer account.

RDS event notification is only available for unencrypted SNS topics. If you specify an encrypted SNS topic, event notifications aren't sent for the topic.

", + "CreateGlobalCluster": "

Creates an Aurora global database spread across multiple Amazon Web Services Regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem.

You can create a global database that is initially empty, and then add a primary cluster and a secondary cluster to it. Or you can specify an existing Aurora cluster during the create operation, and this cluster becomes the primary cluster of the global database.

This action only applies to Aurora DB clusters.

", "CreateOptionGroup": "

Creates a new option group. You can create up to 20 option groups.

This command doesn't apply to RDS Custom.

", "DeleteCustomDBEngineVersion": "

Deletes a custom engine version. To run this command, make sure you meet the following prerequisites:

Typically, deletion takes a few minutes.

The MediaImport service that imports files from Amazon S3 to create CEVs isn't integrated with Amazon Web Services CloudTrail. If you turn on data logging for Amazon RDS in CloudTrail, calls to the DeleteCustomDbEngineVersion event aren't logged. However, you might see calls from the API gateway that accesses your Amazon S3 bucket. These calls originate from the MediaImport service for the DeleteCustomDbEngineVersion event.

For more information, see Deleting a CEV in the Amazon RDS User Guide.

", "DeleteDBCluster": "

The DeleteDBCluster action deletes a previously provisioned DB cluster. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the specified DB cluster are not deleted.

For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", @@ -75,7 +75,7 @@ "DescribeEngineDefaultParameters": "

Returns the default engine and system parameter information for the specified database engine.

", "DescribeEventCategories": "

Displays a list of categories for all event source types, or, if specified, for a specified source type. You can also see this list in the \"Amazon RDS event categories and event messages\" section of the Amazon RDS User Guide or the Amazon Aurora User Guide .

", "DescribeEventSubscriptions": "

Lists all the subscription descriptions for a customer account. The description for a subscription includes SubscriptionName, SNSTopicARN, CustomerID, SourceType, SourceID, CreationTime, and Status.

If you specify a SubscriptionName, lists the description for that subscription.

", - "DescribeEvents": "

Returns events related to DB instances, DB clusters, DB parameter groups, DB security groups, DB snapshots, DB cluster snapshots, and RDS Proxies for the past 14 days. Events specific to a particular DB instance, DB cluster, DB parameter group, DB security group, DB snapshot, DB cluster snapshot group, or RDS Proxy can be obtained by providing the name as a parameter.

For more information on working with events, see Monitoring Amazon RDS events in the Amazon RDS User Guide and Monitoring Amazon Aurora events in the Amazon Aurora User Guide.

By default, RDS returns events that were generated in the past hour.

", + "DescribeEvents": "

Returns events related to DB instances, DB clusters, DB parameter groups, DB security groups, DB snapshots, DB cluster snapshots, and RDS Proxies for the past 14 days. Events specific to a particular DB instance, DB cluster, DB parameter group, DB security group, DB snapshot, DB cluster snapshot group, or RDS Proxy can be obtained by providing the name as a parameter.

By default, RDS returns events that were generated in the past hour.

", "DescribeExportTasks": "

Returns information about a snapshot export to Amazon S3. This API operation supports pagination.

", "DescribeGlobalClusters": "

Returns information about Aurora global database clusters. This API supports pagination.

For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters.

", "DescribeOptionGroupOptions": "

Describes all available options.

", @@ -87,7 +87,7 @@ "DescribeSourceRegions": "

Returns a list of the source Amazon Web Services Regions where the current Amazon Web Services Region can create a read replica, copy a DB snapshot from, or replicate automated backups from. This API action supports pagination.

", "DescribeValidDBInstanceModifications": "

You can call DescribeValidDBInstanceModifications to learn what modifications you can make to your DB instance. You can use this information when you call ModifyDBInstance.

This command doesn't apply to RDS Custom.

", "DownloadDBLogFilePortion": "

Downloads all or a portion of the specified log file, up to 1 MB in size.

This command doesn't apply to RDS Custom.

", - "FailoverDBCluster": "

Forces a failover for a DB cluster.

For an Aurora DB cluster, failover for a DB cluster promotes one of the Aurora Replicas (read-only instances) in the DB cluster to be the primary DB instance (the cluster writer).

For a Multi-AZ DB cluster, failover for a DB cluster promotes one of the readable standby DB instances (read-only instances) in the DB cluster to be the primary DB instance (the cluster writer).

An Amazon Aurora DB cluster automatically fails over to an Aurora Replica, if one exists, when the primary DB instance fails. A Multi-AZ DB cluster automatically fails over to a readable standby DB instance when the primary DB instance fails.

To simulate a failure of a primary instance for testing, you can force a failover. Because each instance in a DB cluster has its own endpoint address, make sure to clean up and re-establish any existing connections that use those endpoint addresses when the failover is complete.

For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", + "FailoverDBCluster": "

Forces a failover for a DB cluster.

For an Aurora DB cluster, failover for a DB cluster promotes one of the Aurora Replicas (read-only instances) in the DB cluster to be the primary DB instance (the cluster writer).

For a Multi-AZ DB cluster, failover for a DB cluster promotes one of the readable standby DB instances (read-only instances) in the DB cluster to be the primary DB instance (the cluster writer).

An Amazon Aurora DB cluster automatically fails over to an Aurora Replica, if one exists, when the primary DB instance fails. A Multi-AZ DB cluster automatically fails over to a readbable standby DB instance when the primary DB instance fails.

To simulate a failure of a primary instance for testing, you can force a failover. Because each instance in a DB cluster has its own endpoint address, make sure to clean up and re-establish any existing connections that use those endpoint addresses when the failover is complete.

For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", "FailoverGlobalCluster": "

Initiates the failover process for an Aurora global database (GlobalCluster).

A failover for an Aurora global database promotes one of secondary read-only DB clusters to be the primary DB cluster and demotes the primary DB cluster to being a secondary (read-only) DB cluster. In other words, the role of the current primary DB cluster and the selected (target) DB cluster are switched. The selected secondary DB cluster assumes full read/write capabilities for the Aurora global database.

For more information about failing over an Amazon Aurora global database, see Managed planned failover for Amazon Aurora global databases in the Amazon Aurora User Guide.

This action applies to GlobalCluster (Aurora global databases) only. Use this action only on healthy Aurora global databases with running Aurora DB clusters and no Region-wide outages, to test disaster recovery scenarios or to reconfigure your Aurora global database topology.

", "ListTagsForResource": "

Lists all tags on an Amazon RDS resource.

For an overview on tagging an Amazon RDS resource, see Tagging Amazon RDS Resources in the Amazon RDS User Guide.

", "ModifyCertificates": "

Override the system-default Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate for Amazon RDS for new DB instances, or remove the override.

By using this operation, you can specify an RDS-approved SSL/TLS certificate for new DB instances that is different from the default certificate provided by RDS. You can also use this operation to remove the override, so that new DB instances use the default certificate provided by RDS.

You might need to override the default certificate in the following situations:

For more information about rotating your SSL/TLS certificate for RDS DB engines, see Rotating Your SSL/TLS Certificate in the Amazon RDS User Guide.

For more information about rotating your SSL/TLS certificate for Aurora DB engines, see Rotating Your SSL/TLS Certificate in the Amazon Aurora User Guide.

", @@ -95,15 +95,15 @@ "ModifyCustomDBEngineVersion": "

Modifies the status of a custom engine version (CEV). You can find CEVs to modify by calling DescribeDBEngineVersions.

The MediaImport service that imports files from Amazon S3 to create CEVs isn't integrated with Amazon Web Services CloudTrail. If you turn on data logging for Amazon RDS in CloudTrail, calls to the ModifyCustomDbEngineVersion event aren't logged. However, you might see calls from the API gateway that accesses your Amazon S3 bucket. These calls originate from the MediaImport service for the ModifyCustomDbEngineVersion event.

For more information, see Modifying CEV status in the Amazon RDS User Guide.

", "ModifyDBCluster": "

Modify the settings for an Amazon Aurora DB cluster or a Multi-AZ DB cluster. You can change one or more settings by specifying these parameters and the new values in the request.

For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", "ModifyDBClusterEndpoint": "

Modifies the properties of an endpoint in an Amazon Aurora DB cluster.

This action only applies to Aurora DB clusters.

", - "ModifyDBClusterParameterGroup": "

Modifies the parameters of a DB cluster parameter group. To modify more than one parameter, submit a list of the following: ParameterName, ParameterValue, and ApplyMethod. A maximum of 20 parameters can be modified in a single request.

After you create a DB cluster parameter group, you should wait at least 5 minutes before creating your first DB cluster that uses that DB cluster parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the parameter group is used as the default for a new DB cluster. This is especially important for parameters that are critical when creating the default database for a DB cluster, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBClusterParameters operation to verify that your DB cluster parameter group has been created or modified.

If the modified DB cluster parameter group is used by an Aurora Serverless v1 cluster, Aurora applies the update immediately. The cluster restart might interrupt your workload. In that case, your application must reopen any connections and retry any transactions that were active when the parameter changes took effect.

For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", - "ModifyDBClusterSnapshotAttribute": "

Adds an attribute and values to, or removes an attribute and values from, a manual DB cluster snapshot.

To share a manual DB cluster snapshot with other Amazon Web Services accounts, specify restore as the AttributeName and use the ValuesToAdd parameter to add a list of IDs of the Amazon Web Services accounts that are authorized to restore the manual DB cluster snapshot. Use the value all to make the manual DB cluster snapshot public, which means that it can be copied or restored by all Amazon Web Services accounts.

Don't add the all value for any manual DB cluster snapshots that contain private information that you don't want available to all Amazon Web Services accounts.

If a manual DB cluster snapshot is encrypted, it can be shared, but only by specifying a list of authorized Amazon Web Services account IDs for the ValuesToAdd parameter. You can't use all as a value for that parameter in this case.

To view which Amazon Web Services accounts have access to copy or restore a manual DB cluster snapshot, or whether a manual DB cluster snapshot is public or private, use the DescribeDBClusterSnapshotAttributes API operation. The accounts are returned as values for the restore attribute.

", + "ModifyDBClusterParameterGroup": "

Modifies the parameters of a DB cluster parameter group. To modify more than one parameter, submit a list of the following: ParameterName, ParameterValue, and ApplyMethod. A maximum of 20 parameters can be modified in a single request.

After you create a DB cluster parameter group, you should wait at least 5 minutes before creating your first DB cluster that uses that DB cluster parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the parameter group is used as the default for a new DB cluster. This is especially important for parameters that are critical when creating the default database for a DB cluster, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBClusterParameters action to verify that your DB cluster parameter group has been created or modified.

If the modified DB cluster parameter group is used by an Aurora Serverless v1 cluster, Aurora applies the update immediately. The cluster restart might interrupt your workload. In that case, your application must reopen any connections and retry any transactions that were active when the parameter changes took effect.

For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.

For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

", + "ModifyDBClusterSnapshotAttribute": "

Adds an attribute and values to, or removes an attribute and values from, a manual DB cluster snapshot.

To share a manual DB cluster snapshot with other Amazon Web Services accounts, specify restore as the AttributeName and use the ValuesToAdd parameter to add a list of IDs of the Amazon Web Services accounts that are authorized to restore the manual DB cluster snapshot. Use the value all to make the manual DB cluster snapshot public, which means that it can be copied or restored by all Amazon Web Services accounts.

Don't add the all value for any manual DB cluster snapshots that contain private information that you don't want available to all Amazon Web Services accounts.

If a manual DB cluster snapshot is encrypted, it can be shared, but only by specifying a list of authorized Amazon Web Services account IDs for the ValuesToAdd parameter. You can't use all as a value for that parameter in this case.

To view which Amazon Web Services accounts have access to copy or restore a manual DB cluster snapshot, or whether a manual DB cluster snapshot is public or private, use the DescribeDBClusterSnapshotAttributes API action. The accounts are returned as values for the restore attribute.

", "ModifyDBInstance": "

Modifies settings for a DB instance. You can change one or more database configuration parameters by specifying these parameters and the new values in the request. To learn what modifications you can make to your DB instance, call DescribeValidDBInstanceModifications before you call ModifyDBInstance.

", "ModifyDBParameterGroup": "

Modifies the parameters of a DB parameter group. To modify more than one parameter, submit a list of the following: ParameterName, ParameterValue, and ApplyMethod. A maximum of 20 parameters can be modified in a single request.

After you modify a DB parameter group, you should wait at least 5 minutes before creating your first DB instance that uses that DB parameter group as the default parameter group. This allows Amazon RDS to fully complete the modify action before the parameter group is used as the default for a new DB instance. This is especially important for parameters that are critical when creating the default database for a DB instance, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBParameters command to verify that your DB parameter group has been created or modified.

", "ModifyDBProxy": "

Changes the settings for an existing DB proxy.

", "ModifyDBProxyEndpoint": "

Changes the settings for an existing DB proxy endpoint.

", "ModifyDBProxyTargetGroup": "

Modifies the properties of a DBProxyTargetGroup.

", "ModifyDBSnapshot": "

Updates a manual DB snapshot with a new engine version. The snapshot can be encrypted or unencrypted, but not shared or public.

Amazon RDS supports upgrading DB snapshots for MySQL, PostgreSQL, and Oracle. This command doesn't apply to RDS Custom.

", - "ModifyDBSnapshotAttribute": "

Adds an attribute and values to, or removes an attribute and values from, a manual DB snapshot.

To share a manual DB snapshot with other Amazon Web Services accounts, specify restore as the AttributeName and use the ValuesToAdd parameter to add a list of IDs of the Amazon Web Services accounts that are authorized to restore the manual DB snapshot. Uses the value all to make the manual DB snapshot public, which means it can be copied or restored by all Amazon Web Services accounts.

Don't add the all value for any manual DB snapshots that contain private information that you don't want available to all Amazon Web Services accounts.

If the manual DB snapshot is encrypted, it can be shared, but only by specifying a list of authorized Amazon Web Services account IDs for the ValuesToAdd parameter. You can't use all as a value for that parameter in this case.

To view which Amazon Web Services accounts have access to copy or restore a manual DB snapshot, or whether a manual DB snapshot public or private, use the DescribeDBSnapshotAttributes API operation. The accounts are returned as values for the restore attribute.

", + "ModifyDBSnapshotAttribute": "

Adds an attribute and values to, or removes an attribute and values from, a manual DB snapshot.

To share a manual DB snapshot with other Amazon Web Services accounts, specify restore as the AttributeName and use the ValuesToAdd parameter to add a list of IDs of the Amazon Web Services accounts that are authorized to restore the manual DB snapshot. Uses the value all to make the manual DB snapshot public, which means it can be copied or restored by all Amazon Web Services accounts.

Don't add the all value for any manual DB snapshots that contain private information that you don't want available to all Amazon Web Services accounts.

If the manual DB snapshot is encrypted, it can be shared, but only by specifying a list of authorized Amazon Web Services account IDs for the ValuesToAdd parameter. You can't use all as a value for that parameter in this case.

To view which Amazon Web Services accounts have access to copy or restore a manual DB snapshot, or whether a manual DB snapshot public or private, use the DescribeDBSnapshotAttributes API action. The accounts are returned as values for the restore attribute.

", "ModifyDBSubnetGroup": "

Modifies an existing DB subnet group. DB subnet groups must contain at least one subnet in at least two AZs in the Amazon Web Services Region.

", "ModifyEventSubscription": "

Modifies an existing RDS event notification subscription. You can't modify the source identifiers using this call. To change source identifiers for a subscription, use the AddSourceIdentifierToSubscription and RemoveSourceIdentifierFromSubscription calls.

You can see a list of the event categories for a given source type (SourceType) in Events in the Amazon RDS User Guide or by using the DescribeEventCategories operation.

", "ModifyGlobalCluster": "

Modify a setting for an Amazon Aurora global cluster. You can change one or more database configuration parameters by specifying these parameters and the new values in the request. For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters.

", @@ -136,7 +136,7 @@ "StopActivityStream": "

Stops a database activity stream that was started using the Amazon Web Services console, the start-activity-stream CLI command, or the StartActivityStream action.

For more information, see Database Activity Streams in the Amazon Aurora User Guide.

", "StopDBCluster": "

Stops an Amazon Aurora DB cluster. When you stop a DB cluster, Aurora retains the DB cluster's metadata, including its endpoints and DB parameter groups. Aurora also retains the transaction logs so you can do a point-in-time restore if necessary.

For more information, see Stopping and Starting an Aurora Cluster in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters.

", "StopDBInstance": "

Stops an Amazon RDS DB instance. When you stop a DB instance, Amazon RDS retains the DB instance's metadata, including its endpoint, DB parameter group, and option group membership. Amazon RDS also retains the transaction logs so you can do a point-in-time restore if necessary.

For more information, see Stopping an Amazon RDS DB Instance Temporarily in the Amazon RDS User Guide.

This command doesn't apply to RDS Custom, Aurora MySQL, and Aurora PostgreSQL. For Aurora clusters, use StopDBCluster instead.

", - "StopDBInstanceAutomatedBackupsReplication": "

Stops automated backup replication for a DB instance.

This command doesn't apply to RDS Custom, Aurora MySQL, and Aurora PostgreSQL.

For more information, see Replicating Automated Backups to Another Amazon Web Services Region in the Amazon RDS User Guide.

" + "StopDBInstanceAutomatedBackupsReplication": "

Stops automated backup replication for a DB instance.

This command doesn't apply to RDS Custom.

For more information, see Replicating Automated Backups to Another Amazon Web Services Region in the Amazon RDS User Guide.

" }, "shapes": { "AccountAttributesMessage": { @@ -419,7 +419,7 @@ "CopyDBClusterSnapshotMessage$CopyTags": "

A value that indicates whether to copy all tags from the source DB cluster snapshot to the target DB cluster snapshot. By default, tags are not copied.

", "CopyDBSnapshotMessage$CopyTags": "

A value that indicates whether to copy all tags from the source DB snapshot to the target DB snapshot. By default, tags are not copied.

", "CreateDBClusterMessage$StorageEncrypted": "

A value that indicates whether the DB cluster is encrypted.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

", - "CreateDBClusterMessage$EnableIAMDatabaseAuthentication": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled.

For more information, see IAM Database Authentication in the Amazon Aurora User Guide.

Valid for: Aurora DB clusters only

", + "CreateDBClusterMessage$EnableIAMDatabaseAuthentication": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled.

For more information, see IAM Database Authentication in the Amazon Aurora User Guide..

Valid for: Aurora DB clusters only

", "CreateDBClusterMessage$DeletionProtection": "

A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

", "CreateDBClusterMessage$EnableHttpEndpoint": "

A value that indicates whether to enable the HTTP endpoint for an Aurora Serverless v1 DB cluster. By default, the HTTP endpoint is disabled.

When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless v1 DB cluster. You can also query your database from inside the RDS console with the query editor.

For more information, see Using the Data API for Aurora Serverless v1 in the Amazon Aurora User Guide.

Valid for: Aurora DB clusters only

", "CreateDBClusterMessage$CopyTagsToSnapshot": "

A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

", @@ -427,12 +427,12 @@ "CreateDBClusterMessage$PubliclyAccessible": "

A value that indicates whether the DB cluster is publicly accessible.

When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster's VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.

When the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.

Default: The default behavior varies depending on whether DBSubnetGroupName is specified.

If DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified, the following applies:

If DBSubnetGroupName is specified, and PubliclyAccessible isn't specified, the following applies:

Valid for: Multi-AZ DB clusters only

", "CreateDBClusterMessage$AutoMinorVersionUpgrade": "

A value that indicates whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.

Valid for: Multi-AZ DB clusters only

", "CreateDBClusterMessage$EnablePerformanceInsights": "

A value that indicates whether to turn on Performance Insights for the DB cluster.

For more information, see Using Amazon Performance Insights in the Amazon RDS User Guide.

Valid for: Multi-AZ DB clusters only

", - "CreateDBInstanceMessage$MultiAZ": "

A value that indicates whether the DB instance is a Multi-AZ deployment. You can't set the AvailabilityZone parameter if the DB instance is a Multi-AZ deployment.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable. DB instance Availability Zones (AZs) are managed by the DB cluster.

", + "CreateDBInstanceMessage$MultiAZ": "

A value that indicates whether the DB instance is a Multi-AZ deployment. You can't set the AvailabilityZone parameter if the DB instance is a Multi-AZ deployment.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceMessage$AutoMinorVersionUpgrade": "

A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.

If you create an RDS Custom DB instance, you must set AutoMinorVersionUpgrade to false.

", "CreateDBInstanceMessage$PubliclyAccessible": "

A value that indicates whether the DB instance is publicly accessible.

When the DB instance is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB instance's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB instance's VPC. Access to the DB instance is ultimately controlled by the security group it uses. That public access is not permitted if the security group assigned to the DB instance doesn't permit it.

When the DB instance isn't publicly accessible, it is an internal DB instance with a DNS name that resolves to a private IP address.

Default: The default behavior varies depending on whether DBSubnetGroupName is specified.

If DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified, the following applies:

If DBSubnetGroupName is specified, and PubliclyAccessible isn't specified, the following applies:

", "CreateDBInstanceMessage$StorageEncrypted": "

A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.

For RDS Custom instances, either set this parameter to true or leave it unset. If you set this parameter to false, RDS reports an error.

Amazon Aurora

Not applicable. The encryption for DB instances is managed by the DB cluster.

", "CreateDBInstanceMessage$CopyTagsToSnapshot": "

A value that indicates whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.

Amazon Aurora

Not applicable. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.

", - "CreateDBInstanceMessage$EnableIAMDatabaseAuthentication": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled.

For more information, see IAM Database Authentication for MySQL and PostgreSQL in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable. Mapping Amazon Web Services IAM accounts to database accounts is managed by the DB cluster.

", + "CreateDBInstanceMessage$EnableIAMDatabaseAuthentication": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled.

This setting doesn't apply to RDS Custom or Amazon Aurora. In Aurora, mapping Amazon Web Services IAM accounts to database accounts is managed by the DB cluster.

For more information, see IAM Database Authentication for MySQL and PostgreSQL in the Amazon RDS User Guide.

", "CreateDBInstanceMessage$EnablePerformanceInsights": "

A value that indicates whether to enable Performance Insights for the DB instance. For more information, see Using Amazon Performance Insights in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceMessage$DeletionProtection": "

A value that indicates whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see Deleting a DB Instance.

Amazon Aurora

Not applicable. You can enable or disable deletion protection for the DB cluster. For more information, see CreateDBCluster. DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.

", "CreateDBInstanceMessage$EnableCustomerOwnedIp": "

A value that indicates whether to enable a customer-owned IP address (CoIP) for an RDS on Outposts DB instance.

A CoIP provides local or external connectivity to resources in your Outpost subnets through your on-premises network. For some use cases, a CoIP can provide lower latency for connections to the DB instance from outside of its virtual private cloud (VPC) on your local network.

For more information about RDS on Outposts, see Working with Amazon RDS on Amazon Web Services Outposts in the Amazon RDS User Guide.

For more information about CoIPs, see Customer-owned IP addresses in the Amazon Web Services Outposts User Guide.

", @@ -481,7 +481,7 @@ "ModifyDBInstanceMessage$CopyTagsToSnapshot": "

A value that indicates whether to copy all tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.

Amazon Aurora

Not applicable. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting. For more information, see ModifyDBCluster.

", "ModifyDBInstanceMessage$PubliclyAccessible": "

A value that indicates whether the DB instance is publicly accessible.

When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster's VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.

When the DB instance isn't publicly accessible, it is an internal DB instance with a DNS name that resolves to a private IP address.

PubliclyAccessible only applies to DB instances in a VPC. The DB instance must be part of a public subnet and PubliclyAccessible must be enabled for it to be publicly accessible.

Changes to the PubliclyAccessible parameter are applied immediately regardless of the value of the ApplyImmediately parameter.

", "ModifyDBInstanceMessage$EnableIAMDatabaseAuthentication": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled.

This setting doesn't apply to Amazon Aurora. Mapping Amazon Web Services IAM accounts to database accounts is managed by the DB cluster.

For more information about IAM database authentication, see IAM Database Authentication for MySQL and PostgreSQL in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

", - "ModifyDBInstanceMessage$EnablePerformanceInsights": "

A value that indicates whether to enable Performance Insights for the DB instance.

For more information, see Using Amazon Performance Insights in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

", + "ModifyDBInstanceMessage$EnablePerformanceInsights": "

A value that indicates whether to enable Performance Insights for the DB instance.

For more information, see Using Amazon Performance Insights in the Amazon RDS User Guide..

This setting doesn't apply to RDS Custom.

", "ModifyDBInstanceMessage$UseDefaultProcessorFeatures": "

A value that indicates whether the DB instance class of the DB instance uses its default processor features.

This setting doesn't apply to RDS Custom.

", "ModifyDBInstanceMessage$DeletionProtection": "

A value that indicates whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see Deleting a DB Instance.

", "ModifyDBInstanceMessage$CertificateRotationRestart": "

A value that indicates whether the DB instance is restarted when you rotate your SSL/TLS certificate.

By default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.

Set this parameter only if you are not using SSL/TLS to connect to the DB instance.

If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:

This setting doesn't apply to RDS Custom.

", @@ -523,7 +523,7 @@ "RestoreDBInstanceFromS3Message$StorageEncrypted": "

A value that indicates whether the new DB instance is encrypted or not.

", "RestoreDBInstanceFromS3Message$CopyTagsToSnapshot": "

A value that indicates whether to copy all tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.

", "RestoreDBInstanceFromS3Message$EnableIAMDatabaseAuthentication": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled.

For more information about IAM database authentication, see IAM Database Authentication for MySQL and PostgreSQL in the Amazon RDS User Guide.

", - "RestoreDBInstanceFromS3Message$EnablePerformanceInsights": "

A value that indicates whether to enable Performance Insights for the DB instance.

For more information, see Using Amazon Performance Insights in the Amazon RDS User Guide.

", + "RestoreDBInstanceFromS3Message$EnablePerformanceInsights": "

A value that indicates whether to enable Performance Insights for the DB instance.

For more information, see Using Amazon Performance Insights in the Amazon RDS User Guide..

", "RestoreDBInstanceFromS3Message$UseDefaultProcessorFeatures": "

A value that indicates whether the DB instance class of the DB instance uses its default processor features.

", "RestoreDBInstanceFromS3Message$DeletionProtection": "

A value that indicates whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see Deleting a DB Instance.

", "RestoreDBInstanceToPointInTimeMessage$MultiAZ": "

A value that indicates whether the DB instance is a Multi-AZ deployment.

This setting doesn't apply to RDS Custom.

Constraint: You can't specify the AvailabilityZone parameter if the DB instance is a Multi-AZ deployment.

", @@ -1458,7 +1458,7 @@ "DBSecurityGroupNameList": { "base": null, "refs": { - "CreateDBInstanceMessage$DBSecurityGroups": "

A list of DB security groups to associate with this DB instance.

This setting applies to the legacy EC2-Classic platform, which is no longer used to create new DB instances. Use the VpcSecurityGroupIds setting instead.

", + "CreateDBInstanceMessage$DBSecurityGroups": "

A list of DB security groups to associate with this DB instance.

Default: The default DB security group for the database engine.

", "ModifyDBInstanceMessage$DBSecurityGroups": "

A list of DB security groups to authorize on this DB instance. Changing this setting doesn't result in an outage and the change is asynchronously applied as soon as possible.

This setting doesn't apply to RDS Custom.

Constraints:

", "OptionConfiguration$DBSecurityGroupMemberships": "

A list of DBSecurityGroupMembership name strings used for this option.

", "RestoreDBInstanceFromS3Message$DBSecurityGroups": "

A list of DB security groups to associate with this DB instance.

Default: The default DB security group for the database engine.

" @@ -2089,7 +2089,7 @@ } }, "Event": { - "base": "

This data type is used as a response element in the DescribeEvents action.

", + "base": "

This data type is used as a response element in the DescribeEvents action.

", "refs": { "EventList$member": null } @@ -2106,7 +2106,7 @@ } }, "EventCategoriesMap": { - "base": "

Contains the results of a successful invocation of the DescribeEventCategories operation.

", + "base": "

Contains the results of a successful invocation of the DescribeEventCategories operation.

", "refs": { "EventCategoriesMapList$member": null } @@ -2427,19 +2427,19 @@ "CreateDBClusterMessage$AllocatedStorage": "

The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.

This setting is required to create a Multi-AZ DB cluster.

Valid for: Multi-AZ DB clusters only

", "CreateDBClusterMessage$Iops": "

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.

For information about valid Iops values, see Amazon RDS Provisioned IOPS storage to improve performance in the Amazon RDS User Guide.

This setting is required to create a Multi-AZ DB cluster.

Constraints: Must be a multiple between .5 and 50 of the storage amount for the DB cluster.

Valid for: Multi-AZ DB clusters only

", "CreateDBClusterMessage$MonitoringInterval": "

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0.

If MonitoringRoleArn is specified, also set MonitoringInterval to a value other than 0.

Valid Values: 0, 1, 5, 10, 15, 30, 60

Valid for: Multi-AZ DB clusters only

", - "CreateDBClusterMessage$PerformanceInsightsRetentionPeriod": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

For example, the following values are valid:

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

Valid for: Multi-AZ DB clusters only

", + "CreateDBClusterMessage$PerformanceInsightsRetentionPeriod": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

Valid for: Multi-AZ DB clusters only

", "CreateDBInstanceMessage$AllocatedStorage": "

The amount of storage in gibibytes (GiB) to allocate for the DB instance.

Type: Integer

Amazon Aurora

Not applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.

Amazon RDS Custom

Constraints to the amount of storage for each storage type are the following:

MySQL

Constraints to the amount of storage for each storage type are the following:

MariaDB

Constraints to the amount of storage for each storage type are the following:

PostgreSQL

Constraints to the amount of storage for each storage type are the following:

Oracle

Constraints to the amount of storage for each storage type are the following:

SQL Server

Constraints to the amount of storage for each storage type are the following:

", - "CreateDBInstanceMessage$BackupRetentionPeriod": "

The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.

Amazon Aurora

Not applicable. The retention period for automated backups is managed by the DB cluster.

Default: 1

Constraints:

", + "CreateDBInstanceMessage$BackupRetentionPeriod": "

The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.

Amazon Aurora

Not applicable. The retention period for automated backups is managed by the DB cluster.

Default: 1

Constraints:

", "CreateDBInstanceMessage$Port": "

The port number on which the database accepts connections.

MySQL

Default: 3306

Valid values: 1150-65535

Type: Integer

MariaDB

Default: 3306

Valid values: 1150-65535

Type: Integer

PostgreSQL

Default: 5432

Valid values: 1150-65535

Type: Integer

Oracle

Default: 1521

Valid values: 1150-65535

SQL Server

Default: 1433

Valid values: 1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and 49152-49156.

Amazon Aurora

Default: 3306

Valid values: 1150-65535

Type: Integer

", - "CreateDBInstanceMessage$Iops": "

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance. For information about valid Iops values, see Amazon RDS Provisioned IOPS storage to improve performance in the Amazon RDS User Guide.

Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL DB instances, must be a multiple between .5 and 50 of the storage amount for the DB instance. For SQL Server DB instances, must be a multiple between 1 and 50 of the storage amount for the DB instance.

Amazon Aurora

Not applicable. Storage is managed by the DB cluster.

", + "CreateDBInstanceMessage$Iops": "

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance. For information about valid Iops values, see Amazon RDS Provisioned IOPS storage to improve performance in the Amazon RDS User Guide.

Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL DB instances, must be a multiple between .5 and 50 of the storage amount for the DB instance. For SQL Server DB instances, must be a multiple between 1 and 50 of the storage amount for the DB instance.

", "CreateDBInstanceMessage$MonitoringInterval": "

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify 0. The default is 0.

If MonitoringRoleArn is specified, then you must set MonitoringInterval to a value other than 0.

This setting doesn't apply to RDS Custom.

Valid Values: 0, 1, 5, 10, 15, 30, 60

", "CreateDBInstanceMessage$PromotionTier": "

A value that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see Fault Tolerance for an Aurora DB Cluster in the Amazon Aurora User Guide.

This setting doesn't apply to RDS Custom.

Default: 1

Valid Values: 0 - 15

", - "CreateDBInstanceMessage$PerformanceInsightsRetentionPeriod": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

For example, the following values are valid:

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

This setting doesn't apply to RDS Custom.

", - "CreateDBInstanceMessage$MaxAllocatedStorage": "

The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.

For more information about this setting, including limitations that apply to it, see Managing capacity automatically with Amazon RDS storage autoscaling in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable. Storage is managed by the DB cluster.

", + "CreateDBInstanceMessage$PerformanceInsightsRetentionPeriod": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

This setting doesn't apply to RDS Custom.

", + "CreateDBInstanceMessage$MaxAllocatedStorage": "

The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.

For more information about this setting, including limitations that apply to it, see Managing capacity automatically with Amazon RDS storage autoscaling in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceReadReplicaMessage$Port": "

The port number that the DB instance uses for connections.

Default: Inherits from the source DB instance

Valid Values: 1150-65535

", "CreateDBInstanceReadReplicaMessage$Iops": "

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance.

", "CreateDBInstanceReadReplicaMessage$MonitoringInterval": "

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the read replica. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0.

If MonitoringRoleArn is specified, then you must also set MonitoringInterval to a value other than 0.

This setting doesn't apply to RDS Custom.

Valid Values: 0, 1, 5, 10, 15, 30, 60

", - "CreateDBInstanceReadReplicaMessage$PerformanceInsightsRetentionPeriod": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

For example, the following values are valid:

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

This setting doesn't apply to RDS Custom.

", + "CreateDBInstanceReadReplicaMessage$PerformanceInsightsRetentionPeriod": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceReadReplicaMessage$MaxAllocatedStorage": "

The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.

For more information about this setting, including limitations that apply to it, see Managing capacity automatically with Amazon RDS storage autoscaling in the Amazon RDS User Guide.

", "CreateDBProxyRequest$IdleClientTimeout": "

The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.

", "DBCluster$AllocatedStorage": "

For all database engines except Amazon Aurora, AllocatedStorage specifies the allocated storage size in gibibytes (GiB). For Aurora, AllocatedStorage always returns 1, because Aurora DB cluster storage size isn't fixed, but instead automatically adjusts as needed.

", @@ -2448,7 +2448,7 @@ "DBCluster$Capacity": "

The current capacity of an Aurora Serverless v1 DB cluster. The capacity is 0 (zero) when the cluster is paused.

For more information about Aurora Serverless v1, see Using Amazon Aurora Serverless v1 in the Amazon Aurora User Guide.

", "DBCluster$Iops": "

The Provisioned IOPS (I/O operations per second) value.

This setting is only for non-Aurora Multi-AZ DB clusters.

", "DBCluster$MonitoringInterval": "

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster.

This setting is only for non-Aurora Multi-AZ DB clusters.

", - "DBCluster$PerformanceInsightsRetentionPeriod": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

For example, the following values are valid:

This setting is only for non-Aurora Multi-AZ DB clusters.

", + "DBCluster$PerformanceInsightsRetentionPeriod": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

This setting is only for non-Aurora Multi-AZ DB clusters.

", "DBClusterCapacityInfo$PendingCapacity": "

A value that specifies the capacity that the DB cluster scales to next.

", "DBClusterCapacityInfo$CurrentCapacity": "

The current capacity of the DB cluster.

", "DBClusterCapacityInfo$SecondsBeforeTimeout": "

The number of seconds before a call to ModifyCurrentDBClusterCapacity times out.

", @@ -2456,7 +2456,7 @@ "DBInstance$Iops": "

Specifies the Provisioned IOPS (I/O operations per second) value.

", "DBInstance$MonitoringInterval": "

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance.

", "DBInstance$PromotionTier": "

A value that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see Fault Tolerance for an Aurora DB Cluster in the Amazon Aurora User Guide.

", - "DBInstance$PerformanceInsightsRetentionPeriod": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

For example, the following values are valid:

", + "DBInstance$PerformanceInsightsRetentionPeriod": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

", "DBInstance$MaxAllocatedStorage": "

The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.

", "DBInstanceAutomatedBackup$Iops": "

The IOPS (I/O operations per second) value for the automated backup.

", "DBInstanceAutomatedBackup$BackupRetentionPeriod": "

The retention period for the automated backups.

", @@ -2497,14 +2497,14 @@ "ModifyDBClusterMessage$AllocatedStorage": "

The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.

Type: Integer

Valid for: Multi-AZ DB clusters only

", "ModifyDBClusterMessage$Iops": "

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.

For information about valid Iops values, see Amazon RDS Provisioned IOPS Storage to Improve Performance in the Amazon RDS User Guide.

Constraints: Must be a multiple between .5 and 50 of the storage amount for the DB cluster.

Valid for: Multi-AZ DB clusters only

", "ModifyDBClusterMessage$MonitoringInterval": "

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0.

If MonitoringRoleArn is specified, also set MonitoringInterval to a value other than 0.

Valid Values: 0, 1, 5, 10, 15, 30, 60

Valid for: Multi-AZ DB clusters only

", - "ModifyDBClusterMessage$PerformanceInsightsRetentionPeriod": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

For example, the following values are valid:

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

Valid for: Multi-AZ DB clusters only

", + "ModifyDBClusterMessage$PerformanceInsightsRetentionPeriod": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

Valid for: Multi-AZ DB clusters only

", "ModifyDBInstanceMessage$AllocatedStorage": "

The new amount of storage in gibibytes (GiB) to allocate for the DB instance.

For MariaDB, MySQL, Oracle, and PostgreSQL, the value supplied must be at least 10% greater than the current value. Values that are not at least 10% greater than the existing value are rounded up so that they are 10% greater than the current value.

For the valid values for allocated storage for each engine, see CreateDBInstance.

", - "ModifyDBInstanceMessage$BackupRetentionPeriod": "

The number of days to retain automated backups. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.

Enabling and disabling backups can result in a brief I/O suspension that lasts from a few seconds to a few minutes, depending on the size and class of your DB instance.

These changes are applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request. If you change the parameter from one non-zero value to another non-zero value, the change is asynchronously applied as soon as possible.

Amazon Aurora

Not applicable. The retention period for automated backups is managed by the DB cluster. For more information, see ModifyDBCluster.

Default: Uses existing setting

Constraints:

", + "ModifyDBInstanceMessage$BackupRetentionPeriod": "

The number of days to retain automated backups. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.

Enabling and disabling backups can result in a brief I/O suspension that lasts from a few seconds to a few minutes, depending on the size and class of your DB instance.

These changes are applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request. If you change the parameter from one non-zero value to another non-zero value, the change is asynchronously applied as soon as possible.

Amazon Aurora

Not applicable. The retention period for automated backups is managed by the DB cluster. For more information, see ModifyDBCluster.

Default: Uses existing setting

Constraints:

", "ModifyDBInstanceMessage$Iops": "

The new Provisioned IOPS (I/O operations per second) value for the RDS instance.

Changing this setting doesn't result in an outage and the change is applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request. If you are migrating from Provisioned IOPS to standard storage, set this value to 0. The DB instance will require a reboot for the change in storage type to take effect.

If you choose to migrate your DB instance from using standard storage to using Provisioned IOPS, or from using Provisioned IOPS to using standard storage, the process can take time. The duration of the migration depends on several factors such as database load, storage size, storage type (standard or Provisioned IOPS), amount of IOPS provisioned (if any), and the number of prior scale storage operations. Typical migration times are under 24 hours, but the process can take up to several days in some cases. During the migration, the DB instance is available for use, but might experience performance degradation. While the migration takes place, nightly backups for the instance are suspended. No other Amazon RDS operations can take place for the instance, including modifying the instance, rebooting the instance, deleting the instance, creating a read replica for the instance, and creating a DB snapshot of the instance.

Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL, the value supplied must be at least 10% greater than the current value. Values that are not at least 10% greater than the existing value are rounded up so that they are 10% greater than the current value.

Default: Uses existing setting

", "ModifyDBInstanceMessage$MonitoringInterval": "

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0, which is the default.

If MonitoringRoleArn is specified, set MonitoringInterval to a value other than 0.

This setting doesn't apply to RDS Custom.

Valid Values: 0, 1, 5, 10, 15, 30, 60

", "ModifyDBInstanceMessage$DBPortNumber": "

The port number on which the database accepts connections.

The value of the DBPortNumber parameter must not match any of the port values specified for options in the option group for the DB instance.

If you change the DBPortNumber value, your database restarts regardless of the value of the ApplyImmediately parameter.

This setting doesn't apply to RDS Custom.

MySQL

Default: 3306

Valid values: 1150-65535

MariaDB

Default: 3306

Valid values: 1150-65535

PostgreSQL

Default: 5432

Valid values: 1150-65535

Type: Integer

Oracle

Default: 1521

Valid values: 1150-65535

SQL Server

Default: 1433

Valid values: 1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and 49152-49156.

Amazon Aurora

Default: 3306

Valid values: 1150-65535

", "ModifyDBInstanceMessage$PromotionTier": "

A value that specifies the order in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see Fault Tolerance for an Aurora DB Cluster in the Amazon Aurora User Guide.

This setting doesn't apply to RDS Custom.

Default: 1

Valid Values: 0 - 15

", - "ModifyDBInstanceMessage$PerformanceInsightsRetentionPeriod": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

For example, the following values are valid:

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

This setting doesn't apply to RDS Custom.

", + "ModifyDBInstanceMessage$PerformanceInsightsRetentionPeriod": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

This setting doesn't apply to RDS Custom.

", "ModifyDBInstanceMessage$MaxAllocatedStorage": "

The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.

For more information about this setting, including limitations that apply to it, see Managing capacity automatically with Amazon RDS storage autoscaling in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

", "ModifyDBInstanceMessage$ResumeFullAutomationModeMinutes": "

The number of minutes to pause the automation. When the time period ends, RDS Custom resumes full automation. The minimum value is 60 (default). The maximum value is 1,440.

", "ModifyDBProxyRequest$IdleClientTimeout": "

The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.

", @@ -2535,7 +2535,7 @@ "RestoreDBInstanceFromS3Message$Port": "

The port number on which the database accepts connections.

Type: Integer

Valid Values: 1150-65535

Default: 3306

", "RestoreDBInstanceFromS3Message$Iops": "

The amount of Provisioned IOPS (input/output operations per second) to allocate initially for the DB instance. For information about valid Iops values, see Amazon RDS Provisioned IOPS Storage to Improve Performance in the Amazon RDS User Guide.

", "RestoreDBInstanceFromS3Message$MonitoringInterval": "

The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0.

If MonitoringRoleArn is specified, then you must also set MonitoringInterval to a value other than 0.

Valid Values: 0, 1, 5, 10, 15, 30, 60

Default: 0

", - "RestoreDBInstanceFromS3Message$PerformanceInsightsRetentionPeriod": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

For example, the following values are valid:

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

", + "RestoreDBInstanceFromS3Message$PerformanceInsightsRetentionPeriod": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

", "RestoreDBInstanceFromS3Message$MaxAllocatedStorage": "

The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.

For more information about this setting, including limitations that apply to it, see Managing capacity automatically with Amazon RDS storage autoscaling in the Amazon RDS User Guide.

", "RestoreDBInstanceToPointInTimeMessage$Port": "

The port number on which the database accepts connections.

Constraints: Value must be 1150-65535

Default: The same port as the original DB instance.

", "RestoreDBInstanceToPointInTimeMessage$Iops": "

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance.

Constraints: Must be an integer greater than 1000.

SQL Server

Setting the IOPS value for the SQL Server database engine isn't supported.

", @@ -2712,8 +2712,8 @@ "PendingCloudwatchLogsExports$LogTypesToEnable": "

Log types that are in the process of being deactivated. After they are deactivated, these log types aren't exported to CloudWatch Logs.

", "PendingCloudwatchLogsExports$LogTypesToDisable": "

Log types that are in the process of being enabled. After they are enabled, these log types are exported to CloudWatch Logs.

", "RestoreDBClusterFromS3Message$EnableCloudwatchLogsExports": "

The list of logs that the restored DB cluster is to export to CloudWatch Logs. The values in the list depend on the DB engine being used.

Aurora MySQL

Possible values are audit, error, general, and slowquery.

Aurora PostgreSQL

Possible value is postgresql.

For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.

", - "RestoreDBClusterFromSnapshotMessage$EnableCloudwatchLogsExports": "

The list of logs that the restored DB cluster is to export to Amazon CloudWatch Logs. The values in the list depend on the DB engine being used.

RDS for MySQL

Possible values are error, general, and slowquery.

RDS for PostgreSQL

Possible values are postgresql and upgrade.

Aurora MySQL

Possible values are audit, error, general, and slowquery.

Aurora PostgreSQL

Possible value is postgresql.

For more information about exporting CloudWatch Logs for Amazon RDS, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide.

For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

", - "RestoreDBClusterToPointInTimeMessage$EnableCloudwatchLogsExports": "

The list of logs that the restored DB cluster is to export to CloudWatch Logs. The values in the list depend on the DB engine being used.

RDS for MySQL

Possible values are error, general, and slowquery.

RDS for PostgreSQL

Possible values are postgresql and upgrade.

Aurora MySQL

Possible values are audit, error, general, and slowquery.

Aurora PostgreSQL

Possible value is postgresql.

For more information about exporting CloudWatch Logs for Amazon RDS, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide.

For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

", + "RestoreDBClusterFromSnapshotMessage$EnableCloudwatchLogsExports": "

The list of logs that the restored DB cluster is to export to Amazon CloudWatch Logs. The values in the list depend on the DB engine being used.

RDS for MySQL

Possible values are error, general, and slowquery.

RDS for PostgreSQL

Possible values are postgresql and upgrade.

Aurora MySQL

Possible values are audit, error, general, and slowquery.

Aurora PostgreSQL

Possible value is postgresql.

For more information about exporting CloudWatch Logs for Amazon RDS, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide..

For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

", + "RestoreDBClusterToPointInTimeMessage$EnableCloudwatchLogsExports": "

The list of logs that the restored DB cluster is to export to CloudWatch Logs. The values in the list depend on the DB engine being used.

RDS for MySQL

Possible values are error, general, and slowquery.

RDS for PostgreSQL

Possible values are postgresql and upgrade.

Aurora MySQL

Possible values are audit, error, general, and slowquery.

Aurora PostgreSQL

Possible value is postgresql.

For more information about exporting CloudWatch Logs for Amazon RDS, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide..

For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

", "RestoreDBInstanceFromDBSnapshotMessage$EnableCloudwatchLogsExports": "

The list of logs that the restored DB instance is to export to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

", "RestoreDBInstanceFromS3Message$EnableCloudwatchLogsExports": "

The list of logs that the restored DB instance is to export to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide.

", "RestoreDBInstanceToPointInTimeMessage$EnableCloudwatchLogsExports": "

The list of logs that the restored DB instance is to export to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

" @@ -3164,7 +3164,7 @@ "ProcessorFeatureList": { "base": null, "refs": { - "CreateDBInstanceMessage$ProcessorFeatures": "

The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable.

", + "CreateDBInstanceMessage$ProcessorFeatures": "

The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceReadReplicaMessage$ProcessorFeatures": "

The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.

This setting doesn't apply to RDS Custom.

", "DBInstance$ProcessorFeatures": "

The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.

", "DBSnapshot$ProcessorFeatures": "

The number of CPU cores and the number of threads per core for the DB instance class of the DB instance when the DB snapshot was created.

", @@ -3721,14 +3721,14 @@ "CopyDBClusterSnapshotMessage$SourceDBClusterSnapshotIdentifier": "

The identifier of the DB cluster snapshot to copy. This parameter isn't case-sensitive.

You can't copy an encrypted, shared DB cluster snapshot from one Amazon Web Services Region to another.

Constraints:

Example: my-cluster-snapshot1

", "CopyDBClusterSnapshotMessage$TargetDBClusterSnapshotIdentifier": "

The identifier of the new DB cluster snapshot to create from the source DB cluster snapshot. This parameter isn't case-sensitive.

Constraints:

Example: my-cluster-snapshot2

", "CopyDBClusterSnapshotMessage$KmsKeyId": "

The Amazon Web Services KMS key identifier for an encrypted DB cluster snapshot. The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the Amazon Web Services KMS key.

If you copy an encrypted DB cluster snapshot from your Amazon Web Services account, you can specify a value for KmsKeyId to encrypt the copy with a new KMS key. If you don't specify a value for KmsKeyId, then the copy of the DB cluster snapshot is encrypted with the same KMS key as the source DB cluster snapshot.

If you copy an encrypted DB cluster snapshot that is shared from another Amazon Web Services account, then you must specify a value for KmsKeyId.

To copy an encrypted DB cluster snapshot to another Amazon Web Services Region, you must set KmsKeyId to the Amazon Web Services KMS key identifier you want to use to encrypt the copy of the DB cluster snapshot in the destination Amazon Web Services Region. KMS keys are specific to the Amazon Web Services Region that they are created in, and you can't use KMS keys from one Amazon Web Services Region in another Amazon Web Services Region.

If you copy an unencrypted DB cluster snapshot and specify a value for the KmsKeyId parameter, an error is returned.

", - "CopyDBClusterSnapshotMessage$PreSignedUrl": "

When you are copying a DB cluster snapshot from one Amazon Web Services GovCloud (US) Region to another, the URL that contains a Signature Version 4 signed request for the CopyDBClusterSnapshot API operation in the Amazon Web Services Region that contains the source DB cluster snapshot to copy. Use the PreSignedUrl parameter when copying an encrypted DB cluster snapshot from another Amazon Web Services Region. Don't specify PreSignedUrl when copying an encrypted DB cluster snapshot in the same Amazon Web Services Region.

This setting applies only to Amazon Web Services GovCloud (US) Regions. It's ignored in other Amazon Web Services Regions.

The presigned URL must be a valid request for the CopyDBClusterSnapshot API operation that can run in the source Amazon Web Services Region that contains the encrypted DB cluster snapshot to copy. The presigned URL request must contain the following parameter values:

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can run in the source Amazon Web Services Region.

", + "CopyDBClusterSnapshotMessage$PreSignedUrl": "

The URL that contains a Signature Version 4 signed request for the CopyDBClusterSnapshot API action in the Amazon Web Services Region that contains the source DB cluster snapshot to copy. The PreSignedUrl parameter must be used when copying an encrypted DB cluster snapshot from another Amazon Web Services Region. Don't specify PreSignedUrl when you are copying an encrypted DB cluster snapshot in the same Amazon Web Services Region.

The pre-signed URL must be a valid request for the CopyDBClusterSnapshot API action that can be executed in the source Amazon Web Services Region that contains the encrypted DB cluster snapshot to be copied. The pre-signed URL request must contain the following parameter values:

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a pre-signed URL that is a valid request for the operation that can be executed in the source Amazon Web Services Region.

", "CopyDBParameterGroupMessage$SourceDBParameterGroupIdentifier": "

The identifier or ARN for the source DB parameter group. For information about creating an ARN, see Constructing an ARN for Amazon RDS in the Amazon RDS User Guide.

Constraints:

", "CopyDBParameterGroupMessage$TargetDBParameterGroupIdentifier": "

The identifier for the copied DB parameter group.

Constraints:

Example: my-db-parameter-group

", "CopyDBParameterGroupMessage$TargetDBParameterGroupDescription": "

A description for the copied DB parameter group.

", - "CopyDBSnapshotMessage$SourceDBSnapshotIdentifier": "

The identifier for the source DB snapshot.

If the source snapshot is in the same Amazon Web Services Region as the copy, specify a valid DB snapshot identifier. For example, you might specify rds:mysql-instance1-snapshot-20130805.

If the source snapshot is in a different Amazon Web Services Region than the copy, specify a valid DB snapshot ARN. For example, you might specify arn:aws:rds:us-west-2:123456789012:snapshot:mysql-instance1-snapshot-20130805.

If you are copying from a shared manual DB snapshot, this parameter must be the Amazon Resource Name (ARN) of the shared DB snapshot.

If you are copying an encrypted snapshot this parameter must be in the ARN format for the source Amazon Web Services Region.

Constraints:

Example: rds:mydb-2012-04-02-00-01

Example: arn:aws:rds:us-west-2:123456789012:snapshot:mysql-instance1-snapshot-20130805

", + "CopyDBSnapshotMessage$SourceDBSnapshotIdentifier": "

The identifier for the source DB snapshot.

If the source snapshot is in the same Amazon Web Services Region as the copy, specify a valid DB snapshot identifier. For example, you might specify rds:mysql-instance1-snapshot-20130805.

If the source snapshot is in a different Amazon Web Services Region than the copy, specify a valid DB snapshot ARN. For example, you might specify arn:aws:rds:us-west-2:123456789012:snapshot:mysql-instance1-snapshot-20130805.

If you are copying from a shared manual DB snapshot, this parameter must be the Amazon Resource Name (ARN) of the shared DB snapshot.

If you are copying an encrypted snapshot this parameter must be in the ARN format for the source Amazon Web Services Region, and must match the SourceDBSnapshotIdentifier in the PreSignedUrl parameter.

Constraints:

Example: rds:mydb-2012-04-02-00-01

Example: arn:aws:rds:us-west-2:123456789012:snapshot:mysql-instance1-snapshot-20130805

", "CopyDBSnapshotMessage$TargetDBSnapshotIdentifier": "

The identifier for the copy of the snapshot.

Constraints:

Example: my-db-snapshot

", "CopyDBSnapshotMessage$KmsKeyId": "

The Amazon Web Services KMS key identifier for an encrypted DB snapshot. The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.

If you copy an encrypted DB snapshot from your Amazon Web Services account, you can specify a value for this parameter to encrypt the copy with a new KMS key. If you don't specify a value for this parameter, then the copy of the DB snapshot is encrypted with the same Amazon Web Services KMS key as the source DB snapshot.

If you copy an encrypted DB snapshot that is shared from another Amazon Web Services account, then you must specify a value for this parameter.

If you specify this parameter when you copy an unencrypted snapshot, the copy is encrypted.

If you copy an encrypted snapshot to a different Amazon Web Services Region, then you must specify an Amazon Web Services KMS key identifier for the destination Amazon Web Services Region. KMS keys are specific to the Amazon Web Services Region that they are created in, and you can't use KMS keys from one Amazon Web Services Region in another Amazon Web Services Region.

", - "CopyDBSnapshotMessage$PreSignedUrl": "

When you are copying a snapshot from one Amazon Web Services GovCloud (US) Region to another, the URL that contains a Signature Version 4 signed request for the CopyDBSnapshot API operation in the source Amazon Web Services Region that contains the source DB snapshot to copy.

This setting applies only to Amazon Web Services GovCloud (US) Regions. It's ignored in other Amazon Web Services Regions.

You must specify this parameter when you copy an encrypted DB snapshot from another Amazon Web Services Region by using the Amazon RDS API. Don't specify PreSignedUrl when you are copying an encrypted DB snapshot in the same Amazon Web Services Region.

The presigned URL must be a valid request for the CopyDBClusterSnapshot API operation that can run in the source Amazon Web Services Region that contains the encrypted DB cluster snapshot to copy. The presigned URL request must contain the following parameter values:

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can run in the source Amazon Web Services Region.

", + "CopyDBSnapshotMessage$PreSignedUrl": "

The URL that contains a Signature Version 4 signed request for the CopyDBSnapshot API action in the source Amazon Web Services Region that contains the source DB snapshot to copy.

You must specify this parameter when you copy an encrypted DB snapshot from another Amazon Web Services Region by using the Amazon RDS API. Don't specify PreSignedUrl when you are copying an encrypted DB snapshot in the same Amazon Web Services Region.

The presigned URL must be a valid request for the CopyDBSnapshot API action that can be executed in the source Amazon Web Services Region that contains the encrypted DB snapshot to be copied. The presigned URL request must contain the following parameter values:

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a pre-signed URL that is a valid request for the operation that can be executed in the source Amazon Web Services Region.

", "CopyDBSnapshotMessage$OptionGroupName": "

The name of an option group to associate with the copy of the snapshot.

Specify this option if you are copying a snapshot from one Amazon Web Services Region to another, and your DB instance uses a nondefault option group. If your source DB instance uses Transparent Data Encryption for Oracle or Microsoft SQL Server, you must specify this option when copying across Amazon Web Services Regions. For more information, see Option group considerations in the Amazon RDS User Guide.

", "CopyDBSnapshotMessage$TargetCustomAvailabilityZone": "

The external custom Availability Zone (CAZ) identifier for the target CAZ.

Example: rds-caz-aiqhTgQv.

", "CopyOptionGroupMessage$SourceOptionGroupIdentifier": "

The identifier for the source option group.

Constraints:

", @@ -3751,8 +3751,8 @@ "CreateDBClusterMessage$PreferredMaintenanceWindow": "

The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).

Format: ddd:hh24:mi-ddd:hh24:mi

The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide.

Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.

Constraints: Minimum 30-minute window.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

", "CreateDBClusterMessage$ReplicationSourceIdentifier": "

The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.

Valid for: Aurora DB clusters only

", "CreateDBClusterMessage$KmsKeyId": "

The Amazon Web Services KMS key identifier for an encrypted DB cluster.

The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.

When a KMS key isn't specified in KmsKeyId:

There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.

If you create a read replica of an encrypted DB cluster in another Amazon Web Services Region, you must set KmsKeyId to a KMS key identifier that is valid in the destination Amazon Web Services Region. This KMS key is used to encrypt the read replica in that Amazon Web Services Region.

Valid for: Aurora DB clusters and Multi-AZ DB clusters

", - "CreateDBClusterMessage$PreSignedUrl": "

When you are replicating a DB cluster from one Amazon Web Services GovCloud (US) Region to another, an URL that contains a Signature Version 4 signed request for the CreateDBCluster operation to be called in the source Amazon Web Services Region where the DB cluster is replicated from. Specify PreSignedUrl only when you are performing cross-Region replication from an encrypted DB cluster.

The presigned URL must be a valid request for the CreateDBCluster API operation that can run in the source Amazon Web Services Region that contains the encrypted DB cluster to copy.

The presigned URL request must contain the following parameter values:

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can run in the source Amazon Web Services Region.

Valid for: Aurora DB clusters only

", - "CreateDBClusterMessage$EngineMode": "

The DB engine mode of the DB cluster, either provisioned, serverless, parallelquery, global, or multimaster.

The parallelquery engine mode isn't required for Aurora MySQL version 1.23 and higher 1.x versions, and version 2.09 and higher 2.x versions.

The global engine mode isn't required for Aurora MySQL version 1.22 and higher 1.x versions, and global engine mode isn't required for any 2.x versions.

The multimaster engine mode only applies for DB clusters created with Aurora MySQL version 5.6.10a.

The serverless engine mode only applies for Aurora Serverless v1 DB clusters.

For Aurora PostgreSQL, the global engine mode isn't required, and both the parallelquery and the multimaster engine modes currently aren't supported.

Limitations and requirements apply to some DB engine modes. For more information, see the following sections in the Amazon Aurora User Guide:

Valid for: Aurora DB clusters only

", + "CreateDBClusterMessage$PreSignedUrl": "

A URL that contains a Signature Version 4 signed request for the CreateDBCluster action to be called in the source Amazon Web Services Region where the DB cluster is replicated from. Specify PreSignedUrl only when you are performing cross-Region replication from an encrypted DB cluster.

The pre-signed URL must be a valid request for the CreateDBCluster API action that can be executed in the source Amazon Web Services Region that contains the encrypted DB cluster to be copied.

The pre-signed URL request must contain the following parameter values:

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a pre-signed URL that is a valid request for the operation that can be executed in the source Amazon Web Services Region.

Valid for: Aurora DB clusters only

", + "CreateDBClusterMessage$EngineMode": "

The DB engine mode of the DB cluster, either provisioned, serverless, parallelquery, global, or multimaster.

The parallelquery engine mode isn't required for Aurora MySQL version 1.23 and higher 1.x versions, and version 2.09 and higher 2.x versions.

The global engine mode isn't required for Aurora MySQL version 1.22 and higher 1.x versions, and global engine mode isn't required for any 2.x versions.

The multimaster engine mode only applies for DB clusters created with Aurora MySQL version 5.6.10a.

For Aurora PostgreSQL, the global engine mode isn't required, and both the parallelquery and the multimaster engine modes currently aren't supported.

Limitations and requirements apply to some DB engine modes. For more information, see the following sections in the Amazon Aurora User Guide:

Valid for: Aurora DB clusters only

", "CreateDBClusterMessage$GlobalClusterIdentifier": "

The global cluster ID of an Aurora cluster that becomes the primary cluster in the new global database cluster.

Valid for: Aurora DB clusters only

", "CreateDBClusterMessage$Domain": "

The Active Directory directory ID to create the DB cluster in.

For Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.

For more information, see Kerberos authentication in the Amazon Aurora User Guide.

Valid for: Aurora DB clusters only

", "CreateDBClusterMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

Valid for: Aurora DB clusters only

", @@ -3767,7 +3767,7 @@ "CreateDBClusterSnapshotMessage$DBClusterIdentifier": "

The identifier of the DB cluster to create a snapshot for. This parameter isn't case-sensitive.

Constraints:

Example: my-cluster1

", "CreateDBInstanceMessage$DBName": "

The meaning of this parameter differs according to the database engine you use.

MySQL

The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.

Constraints:

MariaDB

The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.

Constraints:

PostgreSQL

The name of the database to create when the DB instance is created. If this parameter isn't specified, a database named postgres is created in the DB instance.

Constraints:

Oracle

The Oracle System ID (SID) of the created DB instance. If you specify null, the default value ORCL is used. You can't specify the string NULL, or any other reserved word, for DBName.

Default: ORCL

Constraints:

Amazon RDS Custom for Oracle

The Oracle System ID (SID) of the created RDS Custom DB instance. If you don't specify a value, the default value is ORCL.

Default: ORCL

Constraints:

Amazon RDS Custom for SQL Server

Not applicable. Must be null.

SQL Server

Not applicable. Must be null.

Amazon Aurora MySQL

The name of the database to create when the primary DB instance of the Aurora MySQL DB cluster is created. If this parameter isn't specified for an Aurora MySQL DB cluster, no database is created in the DB cluster.

Constraints:

Amazon Aurora PostgreSQL

The name of the database to create when the primary DB instance of the Aurora PostgreSQL DB cluster is created. If this parameter isn't specified for an Aurora PostgreSQL DB cluster, a database named postgres is created in the DB cluster.

Constraints:

", "CreateDBInstanceMessage$DBInstanceIdentifier": "

The DB instance identifier. This parameter is stored as a lowercase string.

Constraints:

Example: mydbinstance

", - "CreateDBInstanceMessage$DBInstanceClass": "

The compute and memory capacity of the DB instance, for example db.m5.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB instance classes in the Amazon RDS User Guide or Aurora DB instance classes in the Amazon Aurora User Guide.

", + "CreateDBInstanceMessage$DBInstanceClass": "

The compute and memory capacity of the DB instance, for example db.m4.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.

", "CreateDBInstanceMessage$Engine": "

The name of the database engine to be used for this instance.

Not every database engine is available for every Amazon Web Services Region.

Valid Values:

", "CreateDBInstanceMessage$MasterUsername": "

The name for the master user.

Amazon Aurora

Not applicable. The name for the master user is managed by the DB cluster.

Amazon RDS

Constraints:

", "CreateDBInstanceMessage$MasterUserPassword": "

The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".

Amazon Aurora

Not applicable. The password for the master user is managed by the DB cluster.

MariaDB

Constraints: Must contain from 8 to 41 characters.

Microsoft SQL Server

Constraints: Must contain from 8 to 128 characters.

MySQL

Constraints: Must contain from 8 to 41 characters.

Oracle

Constraints: Must contain from 8 to 30 characters.

PostgreSQL

Constraints: Must contain from 8 to 128 characters.

", @@ -3776,19 +3776,19 @@ "CreateDBInstanceMessage$PreferredMaintenanceWindow": "

The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC). For more information, see Amazon RDS Maintenance Window.

Format: ddd:hh24:mi-ddd:hh24:mi

The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region, occurring on a random day of the week.

Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.

Constraints: Minimum 30-minute window.

", "CreateDBInstanceMessage$DBParameterGroupName": "

The name of the DB parameter group to associate with this DB instance. If you do not specify a value, then the default DB parameter group for the specified DB engine and version is used.

This setting doesn't apply to RDS Custom.

Constraints:

", "CreateDBInstanceMessage$PreferredBackupWindow": "

The daily time range during which automated backups are created if automated backups are enabled, using the BackupRetentionPeriod parameter. The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region. For more information, see Backup window in the Amazon RDS User Guide.

Amazon Aurora

Not applicable. The daily time range for creating automated backups is managed by the DB cluster.

Constraints:

", - "CreateDBInstanceMessage$EngineVersion": "

The version number of the database engine to use.

For a list of valid engine versions, use the DescribeDBEngineVersions operation.

The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every Amazon Web Services Region.

Amazon Aurora

Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.

Amazon RDS Custom for Oracle

A custom engine version (CEV) that you have previously created. This setting is required for RDS Custom for Oracle. The CEV name has the following format: 19.customized_string . An example identifier is 19.my_cev1. For more information, see Creating an RDS Custom for Oracle DB instance in the Amazon RDS User Guide.

Amazon RDS Custom for SQL Server

See RDS Custom for SQL Server general requirements in the Amazon RDS User Guide.

MariaDB

For information, see MariaDB on Amazon RDS Versions in the Amazon RDS User Guide.

Microsoft SQL Server

For information, see Microsoft SQL Server Versions on Amazon RDS in the Amazon RDS User Guide.

MySQL

For information, see MySQL on Amazon RDS Versions in the Amazon RDS User Guide.

Oracle

For information, see Oracle Database Engine Release Notes in the Amazon RDS User Guide.

PostgreSQL

For information, see Amazon RDS for PostgreSQL versions and extensions in the Amazon RDS User Guide.

", - "CreateDBInstanceMessage$LicenseModel": "

License model information for this DB instance.

Valid values: license-included | bring-your-own-license | general-public-license

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable.

", - "CreateDBInstanceMessage$OptionGroupName": "

A value that indicates that the DB instance should be associated with the specified option group.

Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance after it is associated with a DB instance.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable.

", + "CreateDBInstanceMessage$EngineVersion": "

The version number of the database engine to use.

For a list of valid engine versions, use the DescribeDBEngineVersions action.

The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every Amazon Web Services Region.

Amazon Aurora

Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.

Amazon RDS Custom for Oracle

A custom engine version (CEV) that you have previously created. This setting is required for RDS Custom for Oracle. The CEV name has the following format: 19.customized_string . An example identifier is 19.my_cev1. For more information, see Creating an RDS Custom for Oracle DB instance in the Amazon RDS User Guide.

Amazon RDS Custom for SQL Server

See RDS Custom for SQL Server general requirements in the Amazon RDS User Guide.

MariaDB

For information, see MariaDB on Amazon RDS Versions in the Amazon RDS User Guide.

Microsoft SQL Server

For information, see Microsoft SQL Server Versions on Amazon RDS in the Amazon RDS User Guide.

MySQL

For information, see MySQL on Amazon RDS Versions in the Amazon RDS User Guide.

Oracle

For information, see Oracle Database Engine Release Notes in the Amazon RDS User Guide.

PostgreSQL

For information, see Amazon RDS for PostgreSQL versions and extensions in the Amazon RDS User Guide.

", + "CreateDBInstanceMessage$LicenseModel": "

License model information for this DB instance.

Valid values: license-included | bring-your-own-license | general-public-license

This setting doesn't apply to RDS Custom.

", + "CreateDBInstanceMessage$OptionGroupName": "

A value that indicates that the DB instance should be associated with the specified option group.

Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance after it is associated with a DB instance.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceMessage$CharacterSetName": "

For supported engines, this value indicates that the DB instance should be associated with the specified CharacterSet.

This setting doesn't apply to RDS Custom. However, if you need to change the character set, you can change it on the database itself.

Amazon Aurora

Not applicable. The character set is managed by the DB cluster. For more information, see CreateDBCluster.

", "CreateDBInstanceMessage$NcharCharacterSetName": "

The name of the NCHAR character set for the Oracle DB instance.

This parameter doesn't apply to RDS Custom.

", "CreateDBInstanceMessage$DBClusterIdentifier": "

The identifier of the DB cluster that the instance will belong to.

This setting doesn't apply to RDS Custom.

", - "CreateDBInstanceMessage$StorageType": "

Specifies the storage type to be associated with the DB instance.

Valid values: standard | gp2 | io1

If you specify io1, you must also include a value for the Iops parameter.

Default: io1 if the Iops parameter is specified, otherwise gp2

Amazon Aurora

Not applicable. Storage is managed by the DB cluster.

", - "CreateDBInstanceMessage$TdeCredentialArn": "

The ARN from the key store with which to associate the instance for TDE encryption.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable.

", + "CreateDBInstanceMessage$StorageType": "

Specifies the storage type to be associated with the DB instance.

Valid values: standard | gp2 | io1

If you specify io1, you must also include a value for the Iops parameter.

Default: io1 if the Iops parameter is specified, otherwise gp2

", + "CreateDBInstanceMessage$TdeCredentialArn": "

The ARN from the key store with which to associate the instance for TDE encryption.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceMessage$TdeCredentialPassword": "

The password for the given ARN from the key store in order to access the device.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceMessage$KmsKeyId": "

The Amazon Web Services KMS key identifier for an encrypted DB instance.

The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.

Amazon Aurora

Not applicable. The Amazon Web Services KMS key identifier is managed by the DB cluster. For more information, see CreateDBCluster.

If StorageEncrypted is enabled, and you do not specify a value for the KmsKeyId parameter, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.

Amazon RDS Custom

A KMS key is required for RDS Custom instances. For most RDS engines, if you leave this parameter empty while enabling StorageEncrypted, the engine uses the default KMS key. However, RDS Custom doesn't use the default key when this parameter is empty. You must explicitly specify a key.

", - "CreateDBInstanceMessage$Domain": "

The Active Directory directory ID to create the DB instance in. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

For more information, see Kerberos Authentication in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable. The domain is managed by the DB cluster.

", + "CreateDBInstanceMessage$Domain": "

The Active Directory directory ID to create the DB instance in. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

For more information, see Kerberos Authentication in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceMessage$MonitoringRoleArn": "

The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, see Setting Up and Enabling Enhanced Monitoring in the Amazon RDS User Guide.

If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value.

This setting doesn't apply to RDS Custom.

", - "CreateDBInstanceMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable. The domain is managed by the DB cluster.

", + "CreateDBInstanceMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceMessage$Timezone": "

The time zone of the DB instance. The time zone parameter is currently supported only by Microsoft SQL Server.

", "CreateDBInstanceMessage$PerformanceInsightsKMSKeyId": "

The Amazon Web Services KMS key identifier for encryption of Performance Insights data.

The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.

If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceMessage$CustomIamInstanceProfile": "

The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance. The instance profile must meet the following requirements:

For the list of permissions required for the IAM role, see Configure IAM and your VPC in the Amazon RDS User Guide.

This setting is required for RDS Custom.

", @@ -3799,12 +3799,12 @@ "CreateDBInstanceReadReplicaMessage$DBInstanceClass": "

The compute and memory capacity of the read replica, for example db.m4.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.

Default: Inherits from the source DB instance.

", "CreateDBInstanceReadReplicaMessage$AvailabilityZone": "

The Availability Zone (AZ) where the read replica will be created.

Default: A random, system-chosen Availability Zone in the endpoint's Amazon Web Services Region.

Example: us-east-1d

", "CreateDBInstanceReadReplicaMessage$OptionGroupName": "

The option group the DB instance is associated with. If omitted, the option group associated with the source instance is used.

For SQL Server, you must use the option group associated with the source instance.

This setting doesn't apply to RDS Custom.

", - "CreateDBInstanceReadReplicaMessage$DBParameterGroupName": "

The name of the DB parameter group to associate with this DB instance.

If you do not specify a value for DBParameterGroupName, then Amazon RDS uses the DBParameterGroup of source DB instance for a same Region read replica, or the default DBParameterGroup for the specified DB engine for a cross-Region read replica.

Specifying a parameter group for this operation is only supported for MySQL and Oracle DB instances. It isn't supported for RDS Custom.

Constraints:

", + "CreateDBInstanceReadReplicaMessage$DBParameterGroupName": "

The name of the DB parameter group to associate with this DB instance.

If you do not specify a value for DBParameterGroupName, then Amazon RDS uses the DBParameterGroup of source DB instance for a same Region read replica, or the default DBParameterGroup for the specified DB engine for a cross-Region read replica.

Specifying a parameter group for this operation is only supported for Oracle DB instances. It isn't supported for RDS Custom.

Constraints:

", "CreateDBInstanceReadReplicaMessage$DBSubnetGroupName": "

Specifies a DB subnet group for the DB instance. The new DB instance is created in the VPC associated with the DB subnet group. If no DB subnet group is specified, then the new DB instance isn't created in a VPC.

Constraints:

Example: mydbsubnetgroup

", "CreateDBInstanceReadReplicaMessage$StorageType": "

Specifies the storage type to be associated with the read replica.

Valid values: standard | gp2 | io1

If you specify io1, you must also include a value for the Iops parameter.

Default: io1 if the Iops parameter is specified, otherwise gp2

", "CreateDBInstanceReadReplicaMessage$MonitoringRoleArn": "

The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, go to To create an IAM role for Amazon RDS Enhanced Monitoring in the Amazon RDS User Guide.

If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceReadReplicaMessage$KmsKeyId": "

The Amazon Web Services KMS key identifier for an encrypted read replica.

The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.

If you create an encrypted read replica in the same Amazon Web Services Region as the source DB instance, then do not specify a value for this parameter. A read replica in the same Amazon Web Services Region is always encrypted with the same KMS key as the source DB instance.

If you create an encrypted read replica in a different Amazon Web Services Region, then you must specify a KMS key identifier for the destination Amazon Web Services Region. KMS keys are specific to the Amazon Web Services Region that they are created in, and you can't use KMS keys from one Amazon Web Services Region in another Amazon Web Services Region.

You can't create an encrypted read replica from an unencrypted DB instance.

This setting doesn't apply to RDS Custom, which uses the same KMS key as the primary replica.

", - "CreateDBInstanceReadReplicaMessage$PreSignedUrl": "

When you are creating a read replica from one Amazon Web Services GovCloud (US) Region to another or from one China Amazon Web Services Region to another, the URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica API operation in the source Amazon Web Services Region that contains the source DB instance.

This setting applies only to Amazon Web Services GovCloud (US) Regions and China Amazon Web Services Regions. It's ignored in other Amazon Web Services Regions.

You must specify this parameter when you create an encrypted read replica from another Amazon Web Services Region by using the Amazon RDS API. Don't specify PreSignedUrl when you are creating an encrypted read replica in the same Amazon Web Services Region.

The presigned URL must be a valid request for the CreateDBInstanceReadReplica API operation that can run in the source Amazon Web Services Region that contains the encrypted source DB instance. The presigned URL request must contain the following parameter values:

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can run in the source Amazon Web Services Region.

SourceRegion isn't supported for SQL Server, because Amazon RDS for SQL Server doesn't support cross-Region read replicas.

This setting doesn't apply to RDS Custom.

", + "CreateDBInstanceReadReplicaMessage$PreSignedUrl": "

The URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica API action in the source Amazon Web Services Region that contains the source DB instance.

You must specify this parameter when you create an encrypted read replica from another Amazon Web Services Region by using the Amazon RDS API. Don't specify PreSignedUrl when you are creating an encrypted read replica in the same Amazon Web Services Region.

The presigned URL must be a valid request for the CreateDBInstanceReadReplica API action that can be executed in the source Amazon Web Services Region that contains the encrypted source DB instance. The presigned URL request must contain the following parameter values:

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can be executed in the source Amazon Web Services Region.

SourceRegion isn't supported for SQL Server, because SQL Server on Amazon RDS doesn't support cross-Region read replicas.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceReadReplicaMessage$PerformanceInsightsKMSKeyId": "

The Amazon Web Services KMS key identifier for encryption of Performance Insights data.

The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.

If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceReadReplicaMessage$Domain": "

The Active Directory directory ID to create the DB instance in. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

For more information, see Kerberos Authentication in the Amazon RDS User Guide.

This setting doesn't apply to RDS Custom.

", "CreateDBInstanceReadReplicaMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

This setting doesn't apply to RDS Custom.

", @@ -3828,7 +3828,7 @@ "CreateGlobalClusterMessage$SourceDBClusterIdentifier": "

The Amazon Resource Name (ARN) to use as the primary cluster of the global database. This parameter is optional.

", "CreateGlobalClusterMessage$Engine": "

The name of the database engine to be used for this DB cluster.

", "CreateGlobalClusterMessage$EngineVersion": "

The engine version of the Aurora global database.

", - "CreateGlobalClusterMessage$DatabaseName": "

The name for your database of up to 64 alphanumeric characters. If you do not provide a name, Amazon Aurora will not create a database in the global database cluster you are creating.

", + "CreateGlobalClusterMessage$DatabaseName": "

The name for your database of up to 64 alpha-numeric characters. If you do not provide a name, Amazon Aurora will not create a database in the global database cluster you are creating.

", "CreateOptionGroupMessage$OptionGroupName": "

Specifies the name of the option group to be created.

Constraints:

Example: myoptiongroup

", "CreateOptionGroupMessage$EngineName": "

Specifies the name of the engine that this option group should be associated with.

Valid Values:

", "CreateOptionGroupMessage$MajorEngineVersion": "

Specifies the major version of the engine that this option group should be associated with.

", @@ -4258,11 +4258,11 @@ "ModifyDBClusterMessage$PerformanceInsightsKMSKeyId": "

The Amazon Web Services KMS key identifier for encryption of Performance Insights data.

The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.

If you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.

Valid for: Multi-AZ DB clusters only

", "ModifyDBClusterParameterGroupMessage$DBClusterParameterGroupName": "

The name of the DB cluster parameter group to modify.

", "ModifyDBClusterSnapshotAttributeMessage$DBClusterSnapshotIdentifier": "

The identifier for the DB cluster snapshot to modify the attributes for.

", - "ModifyDBClusterSnapshotAttributeMessage$AttributeName": "

The name of the DB cluster snapshot attribute to modify.

To manage authorization for other Amazon Web Services accounts to copy or restore a manual DB cluster snapshot, set this value to restore.

To view the list of attributes available to modify, use the DescribeDBClusterSnapshotAttributes API operation.

", + "ModifyDBClusterSnapshotAttributeMessage$AttributeName": "

The name of the DB cluster snapshot attribute to modify.

To manage authorization for other Amazon Web Services accounts to copy or restore a manual DB cluster snapshot, set this value to restore.

To view the list of attributes available to modify, use the DescribeDBClusterSnapshotAttributes API action.

", "ModifyDBInstanceMessage$DBInstanceIdentifier": "

The DB instance identifier. This value is stored as a lowercase string.

Constraints:

", - "ModifyDBInstanceMessage$DBInstanceClass": "

The new compute and memory capacity of the DB instance, for example db.m5.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB instance classes in the Amazon RDS User Guide or Aurora DB instance classes in the Amazon Aurora User Guide.

If you modify the DB instance class, an outage occurs during the change. The change is applied during the next maintenance window, unless ApplyImmediately is enabled for this request.

This setting doesn't apply to RDS Custom for Oracle.

Default: Uses existing setting

", + "ModifyDBInstanceMessage$DBInstanceClass": "

The new compute and memory capacity of the DB instance, for example db.m4.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.

If you modify the DB instance class, an outage occurs during the change. The change is applied during the next maintenance window, unless ApplyImmediately is enabled for this request.

This setting doesn't apply to RDS Custom for Oracle.

Default: Uses existing setting

", "ModifyDBInstanceMessage$DBSubnetGroupName": "

The new DB subnet group for the DB instance. You can use this parameter to move your DB instance to a different VPC. If your DB instance isn't in a VPC, you can also use this parameter to move your DB instance into a VPC. For more information, see Working with a DB instance in a VPC in the Amazon RDS User Guide.

Changing the subnet group causes an outage during the change. The change is applied during the next maintenance window, unless you enable ApplyImmediately.

This parameter doesn't apply to RDS Custom.

Constraints: If supplied, must match the name of an existing DBSubnetGroup.

Example: mydbsubnetgroup

", - "ModifyDBInstanceMessage$MasterUserPassword": "

The new password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".

Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. Between the time of the request and the completion of the request, the MasterUserPassword element exists in the PendingModifiedValues element of the operation response.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable. The password for the master user is managed by the DB cluster. For more information, see ModifyDBCluster.

Default: Uses existing setting

MariaDB

Constraints: Must contain from 8 to 41 characters.

Microsoft SQL Server

Constraints: Must contain from 8 to 128 characters.

MySQL

Constraints: Must contain from 8 to 41 characters.

Oracle

Constraints: Must contain from 8 to 30 characters.

PostgreSQL

Constraints: Must contain from 8 to 128 characters.

Amazon RDS API operations never return the password, so this action provides a way to regain access to a primary instance user if the password is lost. This includes restoring privileges that might have been accidentally revoked.

", + "ModifyDBInstanceMessage$MasterUserPassword": "

The new password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".

Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. Between the time of the request and the completion of the request, the MasterUserPassword element exists in the PendingModifiedValues element of the operation response.

This setting doesn't apply to RDS Custom.

Amazon Aurora

Not applicable. The password for the master user is managed by the DB cluster. For more information, see ModifyDBCluster.

Default: Uses existing setting

MariaDB

Constraints: Must contain from 8 to 41 characters.

Microsoft SQL Server

Constraints: Must contain from 8 to 128 characters.

MySQL

Constraints: Must contain from 8 to 41 characters.

Oracle

Constraints: Must contain from 8 to 30 characters.

PostgreSQL

Constraints: Must contain from 8 to 128 characters.

Amazon RDS API actions never return the password, so this action provides a way to regain access to a primary instance user if the password is lost. This includes restoring privileges that might have been accidentally revoked.

", "ModifyDBInstanceMessage$DBParameterGroupName": "

The name of the DB parameter group to apply to the DB instance.

Changing this setting doesn't result in an outage. The parameter group name itself is changed immediately, but the actual parameter changes are not applied until you reboot the instance without failover. In this case, the DB instance isn't rebooted automatically, and the parameter changes aren't applied during the next maintenance window. However, if you modify dynamic parameters in the newly associated DB parameter group, these changes are applied immediately without a reboot.

This setting doesn't apply to RDS Custom.

Default: Uses existing setting

Constraints: The DB parameter group must be in the same DB parameter group family as the DB instance.

", "ModifyDBInstanceMessage$PreferredBackupWindow": "

The daily time range during which automated backups are created if automated backups are enabled, as determined by the BackupRetentionPeriod parameter. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region. For more information, see Backup window in the Amazon RDS User Guide.

Amazon Aurora

Not applicable. The daily time range for creating automated backups is managed by the DB cluster. For more information, see ModifyDBCluster.

Constraints:

", "ModifyDBInstanceMessage$PreferredMaintenanceWindow": "

The weekly time range (in UTC) during which system maintenance can occur, which might result in an outage. Changing this parameter doesn't result in an outage, except in the following situation, and the change is asynchronously applied as soon as possible. If there are pending actions that cause a reboot, and the maintenance window is changed to include the current time, then changing this parameter will cause a reboot of the DB instance. If moving this window to the current time, there must be at least 30 minutes between the current time and end of the window to ensure pending changes are applied.

For more information, see Amazon RDS Maintenance Window in the Amazon RDS User Guide.

Default: Uses existing setting

Format: ddd:hh24:mi-ddd:hh24:mi

Valid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun

Constraints: Must be at least 30 minutes

", @@ -4283,11 +4283,11 @@ "ModifyDBProxyRequest$DBProxyName": "

The identifier for the DBProxy to modify.

", "ModifyDBProxyRequest$NewDBProxyName": "

The new identifier for the DBProxy. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.

", "ModifyDBProxyRequest$RoleArn": "

The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in Amazon Web Services Secrets Manager.

", - "ModifyDBProxyTargetGroupRequest$TargetGroupName": "

The name of the target group to modify.

", - "ModifyDBProxyTargetGroupRequest$DBProxyName": "

The name of the proxy.

", + "ModifyDBProxyTargetGroupRequest$TargetGroupName": "

The name of the new target group to assign to the proxy.

", + "ModifyDBProxyTargetGroupRequest$DBProxyName": "

The name of the new proxy to which to assign the target group.

", "ModifyDBProxyTargetGroupRequest$NewName": "

The new name for the modified DBProxyTarget. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.

", "ModifyDBSnapshotAttributeMessage$DBSnapshotIdentifier": "

The identifier for the DB snapshot to modify the attributes for.

", - "ModifyDBSnapshotAttributeMessage$AttributeName": "

The name of the DB snapshot attribute to modify.

To manage authorization for other Amazon Web Services accounts to copy or restore a manual DB snapshot, set this value to restore.

To view the list of attributes available to modify, use the DescribeDBSnapshotAttributes API operation.

", + "ModifyDBSnapshotAttributeMessage$AttributeName": "

The name of the DB snapshot attribute to modify.

To manage authorization for other Amazon Web Services accounts to copy or restore a manual DB snapshot, set this value to restore.

To view the list of attributes available to modify, use the DescribeDBSnapshotAttributes API action.

", "ModifyDBSnapshotMessage$DBSnapshotIdentifier": "

The identifier of the DB snapshot to modify.

", "ModifyDBSnapshotMessage$EngineVersion": "

The engine version to upgrade the DB snapshot to.

The following are the database engines and engine versions that are available when you upgrade a DB snapshot.

MySQL

Oracle

PostgreSQL

For the list of engine versions that are available for upgrading a DB snapshot, see Upgrading the PostgreSQL DB Engine for Amazon RDS.

", "ModifyDBSnapshotMessage$OptionGroupName": "

The option group to identify with the upgraded DB snapshot.

You can specify this parameter when you upgrade an Oracle DB snapshot. The same option group considerations apply when upgrading a DB snapshot as when upgrading a DB instance. For more information, see Option group considerations in the Amazon RDS User Guide.

", @@ -4415,8 +4415,8 @@ "RestoreDBClusterFromS3Message$DBClusterIdentifier": "

The name of the DB cluster to create from the source data in the Amazon S3 bucket. This parameter isn't case-sensitive.

Constraints:

Example: my-cluster1

", "RestoreDBClusterFromS3Message$DBClusterParameterGroupName": "

The name of the DB cluster parameter group to associate with the restored DB cluster. If this argument is omitted, default.aurora5.6 is used.

Constraints:

", "RestoreDBClusterFromS3Message$DBSubnetGroupName": "

A DB subnet group to associate with the restored DB cluster.

Constraints: If supplied, must match the name of an existing DBSubnetGroup.

Example: mydbsubnetgroup

", - "RestoreDBClusterFromS3Message$Engine": "

The name of the database engine to be used for this DB cluster.

Valid Values: aurora (for MySQL 5.6-compatible Aurora) and aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)

", - "RestoreDBClusterFromS3Message$EngineVersion": "

The version number of the database engine to use.

To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:

aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"

To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), use the following command:

aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"

Aurora MySQL

Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.mysql_aurora.2.07.1, 8.0.mysql_aurora.3.02.0

", + "RestoreDBClusterFromS3Message$Engine": "

The name of the database engine to be used for this DB cluster.

Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), and aurora-postgresql

", + "RestoreDBClusterFromS3Message$EngineVersion": "

The version number of the database engine to use.

To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:

aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"

To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), use the following command:

aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"

To list all of the available engine versions for aurora-postgresql, use the following command:

aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"

Aurora MySQL

Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.12, 5.7.mysql_aurora.2.04.5, 8.0.mysql_aurora.3.01.0

Aurora PostgreSQL

Example: 9.6.3, 10.7

", "RestoreDBClusterFromS3Message$MasterUsername": "

The name of the master user for the restored DB cluster.

Constraints:

", "RestoreDBClusterFromS3Message$MasterUserPassword": "

The password for the master database user. This password can contain any printable ASCII character except \"/\", \"\"\", or \"@\".

Constraints: Must contain from 8 to 41 characters.

", "RestoreDBClusterFromS3Message$OptionGroupName": "

A value that indicates that the restored DB cluster should be associated with the specified option group.

Permanent options can't be removed from an option group. An option group can't be removed from a DB cluster once it is associated with a DB cluster.

", @@ -4537,7 +4537,7 @@ "StartDBClusterMessage$DBClusterIdentifier": "

The DB cluster identifier of the Amazon Aurora DB cluster to be started. This parameter is stored as a lowercase string.

", "StartDBInstanceAutomatedBackupsReplicationMessage$SourceDBInstanceArn": "

The Amazon Resource Name (ARN) of the source DB instance for the replicated automated backups, for example, arn:aws:rds:us-west-2:123456789012:db:mydatabase.

", "StartDBInstanceAutomatedBackupsReplicationMessage$KmsKeyId": "

The Amazon Web Services KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination Amazon Web Services Region, for example, arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE.

", - "StartDBInstanceAutomatedBackupsReplicationMessage$PreSignedUrl": "

In an Amazon Web Services GovCloud (US) Region, an URL that contains a Signature Version 4 signed request for the StartDBInstanceAutomatedBackupsReplication operation to call in the Amazon Web Services Region of the source DB instance. The presigned URL must be a valid request for the StartDBInstanceAutomatedBackupsReplication API operation that can run in the Amazon Web Services Region that contains the source DB instance.

This setting applies only to Amazon Web Services GovCloud (US) Regions. It's ignored in other Amazon Web Services Regions.

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can run in the source Amazon Web Services Region.

", + "StartDBInstanceAutomatedBackupsReplicationMessage$PreSignedUrl": "

A URL that contains a Signature Version 4 signed request for the StartDBInstanceAutomatedBackupsReplication action to be called in the Amazon Web Services Region of the source DB instance. The presigned URL must be a valid request for the StartDBInstanceAutomatedBackupsReplication API action that can be executed in the Amazon Web Services Region that contains the source DB instance.

", "StartDBInstanceMessage$DBInstanceIdentifier": "

The user-supplied instance identifier.

", "StartExportTaskMessage$ExportTaskIdentifier": "

A unique identifier for the snapshot export task. This ID isn't an identifier for the Amazon S3 bucket where the snapshot is to be exported to.

", "StartExportTaskMessage$SourceArn": "

The Amazon Resource Name (ARN) of the snapshot to export to Amazon S3.

", @@ -4572,7 +4572,7 @@ "ValidStorageOptions$StorageType": "

The valid storage types for your DB instance. For example, gp2, io1.

", "VpcSecurityGroupIdList$member": null, "VpcSecurityGroupMembership$VpcSecurityGroupId": "

The name of the VPC security group.

", - "VpcSecurityGroupMembership$Status": "

The membership status of the VPC security group.

Currently, the only valid status is active.

" + "VpcSecurityGroupMembership$Status": "

The status of the VPC security group.

" } }, "String255": { diff --git a/apis/rds/2014-10-31/waiters-2.json b/apis/rds/2014-10-31/waiters-2.json index 1510d1fc8a4..127e4467328 100644 --- a/apis/rds/2014-10-31/waiters-2.json +++ b/apis/rds/2014-10-31/waiters-2.json @@ -255,6 +255,91 @@ "argument": "DBClusterSnapshots[].Status" } ] + }, + "DBClusterAvailable" : { + "delay": 30, + "operation": "DescribeDBClusters", + "maxAttempts": 60, + "acceptors": [ + { + "expected": "available", + "matcher": "pathAll", + "state": "success", + "argument": "DBClusters[].Status" + }, + { + "expected": "deleted", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusters[].Status" + }, + { + "expected": "deleting", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusters[].Status" + }, + { + "expected": "failed", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusters[].Status" + }, + { + "expected": "incompatible-restore", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusters[].Status" + }, + { + "expected": "incompatible-parameters", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusters[].Status" + } + ] + }, + "DBClusterDeleted": { + "delay": 30, + "operation": "DescribeDBClusters", + "maxAttempts": 60, + "acceptors": [ + { + "expected": true, + "matcher": "path", + "state": "success", + "argument": "length(DBClusters) == `0`" + }, + { + "expected": "DBClusterNotFoundFault", + "matcher": "error", + "state": "success" + }, + { + "expected": "creating", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusters[].Status" + }, + { + "expected": "modifying", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusters[].Status" + }, + { + "expected": "rebooting", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusters[].Status" + }, + { + "expected": "resetting-master-credentials", + "matcher": "pathAny", + "state": "failure", + "argument": "DBClusters[].Status" + } + ] } } } diff --git a/apis/rolesanywhere/2018-05-10/api-2.json b/apis/rolesanywhere/2018-05-10/api-2.json new file mode 100644 index 00000000000..0e2414e2381 --- /dev/null +++ b/apis/rolesanywhere/2018-05-10/api-2.json @@ -0,0 +1,973 @@ +{ + "version":"2.0", + "metadata":{ + "apiVersion":"2018-05-10", + "endpointPrefix":"rolesanywhere", + "jsonVersion":"1.1", + "protocol":"rest-json", + "serviceFullName":"IAM Roles Anywhere", + "serviceId":"RolesAnywhere", + "signatureVersion":"v4", + "signingName":"rolesanywhere", + "uid":"rolesanywhere-2018-05-10" + }, + "operations":{ + "CreateProfile":{ + "name":"CreateProfile", + "http":{ + "method":"POST", + "requestUri":"/profiles", + "responseCode":201 + }, + "input":{"shape":"CreateProfileRequest"}, + "output":{"shape":"ProfileDetailResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "CreateTrustAnchor":{ + "name":"CreateTrustAnchor", + "http":{ + "method":"POST", + "requestUri":"/trustanchors", + "responseCode":201 + }, + "input":{"shape":"CreateTrustAnchorRequest"}, + "output":{"shape":"TrustAnchorDetailResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "DeleteCrl":{ + "name":"DeleteCrl", + "http":{ + "method":"DELETE", + "requestUri":"/crl/{crlId}", + "responseCode":200 + }, + "input":{"shape":"ScalarCrlRequest"}, + "output":{"shape":"CrlDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ], + "idempotent":true + }, + "DeleteProfile":{ + "name":"DeleteProfile", + "http":{ + "method":"DELETE", + "requestUri":"/profile/{profileId}", + "responseCode":200 + }, + "input":{"shape":"ScalarProfileRequest"}, + "output":{"shape":"ProfileDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ], + "idempotent":true + }, + "DeleteTrustAnchor":{ + "name":"DeleteTrustAnchor", + "http":{ + "method":"DELETE", + "requestUri":"/trustanchor/{trustAnchorId}", + "responseCode":200 + }, + "input":{"shape":"ScalarTrustAnchorRequest"}, + "output":{"shape":"TrustAnchorDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ], + "idempotent":true + }, + "DisableCrl":{ + "name":"DisableCrl", + "http":{ + "method":"POST", + "requestUri":"/crl/{crlId}/disable", + "responseCode":200 + }, + "input":{"shape":"ScalarCrlRequest"}, + "output":{"shape":"CrlDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "DisableProfile":{ + "name":"DisableProfile", + "http":{ + "method":"POST", + "requestUri":"/profile/{profileId}/disable", + "responseCode":200 + }, + "input":{"shape":"ScalarProfileRequest"}, + "output":{"shape":"ProfileDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "DisableTrustAnchor":{ + "name":"DisableTrustAnchor", + "http":{ + "method":"POST", + "requestUri":"/trustanchor/{trustAnchorId}/disable", + "responseCode":200 + }, + "input":{"shape":"ScalarTrustAnchorRequest"}, + "output":{"shape":"TrustAnchorDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "EnableCrl":{ + "name":"EnableCrl", + "http":{ + "method":"POST", + "requestUri":"/crl/{crlId}/enable", + "responseCode":200 + }, + "input":{"shape":"ScalarCrlRequest"}, + "output":{"shape":"CrlDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "EnableProfile":{ + "name":"EnableProfile", + "http":{ + "method":"POST", + "requestUri":"/profile/{profileId}/enable", + "responseCode":200 + }, + "input":{"shape":"ScalarProfileRequest"}, + "output":{"shape":"ProfileDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "EnableTrustAnchor":{ + "name":"EnableTrustAnchor", + "http":{ + "method":"POST", + "requestUri":"/trustanchor/{trustAnchorId}/enable", + "responseCode":200 + }, + "input":{"shape":"ScalarTrustAnchorRequest"}, + "output":{"shape":"TrustAnchorDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "GetCrl":{ + "name":"GetCrl", + "http":{ + "method":"GET", + "requestUri":"/crl/{crlId}", + "responseCode":200 + }, + "input":{"shape":"ScalarCrlRequest"}, + "output":{"shape":"CrlDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"} + ] + }, + "GetProfile":{ + "name":"GetProfile", + "http":{ + "method":"GET", + "requestUri":"/profile/{profileId}", + "responseCode":200 + }, + "input":{"shape":"ScalarProfileRequest"}, + "output":{"shape":"ProfileDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "GetSubject":{ + "name":"GetSubject", + "http":{ + "method":"GET", + "requestUri":"/subject/{subjectId}", + "responseCode":200 + }, + "input":{"shape":"ScalarSubjectRequest"}, + "output":{"shape":"SubjectDetailResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "GetTrustAnchor":{ + "name":"GetTrustAnchor", + "http":{ + "method":"GET", + "requestUri":"/trustanchor/{trustAnchorId}", + "responseCode":200 + }, + "input":{"shape":"ScalarTrustAnchorRequest"}, + "output":{"shape":"TrustAnchorDetailResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "ImportCrl":{ + "name":"ImportCrl", + "http":{ + "method":"POST", + "requestUri":"/crls", + "responseCode":201 + }, + "input":{"shape":"ImportCrlRequest"}, + "output":{"shape":"CrlDetailResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "ListCrls":{ + "name":"ListCrls", + "http":{ + "method":"GET", + "requestUri":"/crls", + "responseCode":200 + }, + "input":{"shape":"ListRequest"}, + "output":{"shape":"ListCrlsResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "ListProfiles":{ + "name":"ListProfiles", + "http":{ + "method":"GET", + "requestUri":"/profiles", + "responseCode":200 + }, + "input":{"shape":"ListRequest"}, + "output":{"shape":"ListProfilesResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "ListSubjects":{ + "name":"ListSubjects", + "http":{ + "method":"GET", + "requestUri":"/subjects", + "responseCode":200 + }, + "input":{"shape":"ListRequest"}, + "output":{"shape":"ListSubjectsResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "ListTagsForResource":{ + "name":"ListTagsForResource", + "http":{ + "method":"GET", + "requestUri":"/ListTagsForResource", + "responseCode":200 + }, + "input":{"shape":"ListTagsForResourceRequest"}, + "output":{"shape":"ListTagsForResourceResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "ListTrustAnchors":{ + "name":"ListTrustAnchors", + "http":{ + "method":"GET", + "requestUri":"/trustanchors", + "responseCode":200 + }, + "input":{"shape":"ListRequest"}, + "output":{"shape":"ListTrustAnchorsResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"} + ] + }, + "TagResource":{ + "name":"TagResource", + "http":{ + "method":"POST", + "requestUri":"/TagResource", + "responseCode":201 + }, + "input":{"shape":"TagResourceRequest"}, + "output":{"shape":"TagResourceResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"TooManyTagsException"} + ] + }, + "UntagResource":{ + "name":"UntagResource", + "http":{ + "method":"POST", + "requestUri":"/UntagResource", + "responseCode":200 + }, + "input":{"shape":"UntagResourceRequest"}, + "output":{"shape":"UntagResourceResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "UpdateCrl":{ + "name":"UpdateCrl", + "http":{ + "method":"PATCH", + "requestUri":"/crl/{crlId}", + "responseCode":200 + }, + "input":{"shape":"UpdateCrlRequest"}, + "output":{"shape":"CrlDetailResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ] + }, + "UpdateProfile":{ + "name":"UpdateProfile", + "http":{ + "method":"PATCH", + "requestUri":"/profile/{profileId}", + "responseCode":200 + }, + "input":{"shape":"UpdateProfileRequest"}, + "output":{"shape":"ProfileDetailResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ], + "idempotent":true + }, + "UpdateTrustAnchor":{ + "name":"UpdateTrustAnchor", + "http":{ + "method":"PATCH", + "requestUri":"/trustanchor/{trustAnchorId}", + "responseCode":200 + }, + "input":{"shape":"UpdateTrustAnchorRequest"}, + "output":{"shape":"TrustAnchorDetailResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"} + ], + "idempotent":true + } + }, + "shapes":{ + "AccessDeniedException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":403, + "senderFault":true + }, + "exception":true + }, + "AmazonResourceName":{ + "type":"string", + "max":1011, + "min":1 + }, + "Blob":{"type":"blob"}, + "Boolean":{ + "type":"boolean", + "box":true + }, + "CreateProfileRequest":{ + "type":"structure", + "required":[ + "name", + "roleArns" + ], + "members":{ + "durationSeconds":{"shape":"CreateProfileRequestDurationSecondsInteger"}, + "enabled":{"shape":"Boolean"}, + "managedPolicyArns":{"shape":"ManagedPolicyList"}, + "name":{"shape":"ResourceName"}, + "requireInstanceProperties":{"shape":"Boolean"}, + "roleArns":{"shape":"RoleArnList"}, + "sessionPolicy":{"shape":"String"}, + "tags":{"shape":"TagList"} + } + }, + "CreateProfileRequestDurationSecondsInteger":{ + "type":"integer", + "box":true, + "max":43200, + "min":900 + }, + "CreateTrustAnchorRequest":{ + "type":"structure", + "required":[ + "name", + "source" + ], + "members":{ + "enabled":{"shape":"Boolean"}, + "name":{"shape":"ResourceName"}, + "source":{"shape":"Source"}, + "tags":{"shape":"TagList"} + } + }, + "CredentialSummaries":{ + "type":"list", + "member":{"shape":"CredentialSummary"} + }, + "CredentialSummary":{ + "type":"structure", + "members":{ + "enabled":{"shape":"Boolean"}, + "failed":{"shape":"Boolean"}, + "issuer":{"shape":"String"}, + "seenAt":{"shape":"SyntheticTimestamp_date_time"}, + "serialNumber":{"shape":"String"}, + "x509CertificateData":{"shape":"String"} + } + }, + "CrlDetail":{ + "type":"structure", + "members":{ + "createdAt":{"shape":"SyntheticTimestamp_date_time"}, + "crlArn":{"shape":"String"}, + "crlData":{"shape":"Blob"}, + "crlId":{"shape":"Uuid"}, + "enabled":{"shape":"Boolean"}, + "name":{"shape":"String"}, + "trustAnchorArn":{"shape":"String"}, + "updatedAt":{"shape":"SyntheticTimestamp_date_time"} + } + }, + "CrlDetailResponse":{ + "type":"structure", + "required":["crl"], + "members":{ + "crl":{"shape":"CrlDetail"} + } + }, + "CrlDetails":{ + "type":"list", + "member":{"shape":"CrlDetail"} + }, + "ImportCrlRequest":{ + "type":"structure", + "required":[ + "crlData", + "name", + "trustAnchorArn" + ], + "members":{ + "crlData":{"shape":"ImportCrlRequestCrlDataBlob"}, + "enabled":{"shape":"Boolean"}, + "name":{"shape":"ResourceName"}, + "tags":{"shape":"TagList"}, + "trustAnchorArn":{"shape":"TrustAnchorArn"} + } + }, + "ImportCrlRequestCrlDataBlob":{ + "type":"blob", + "max":300000, + "min":1 + }, + "InstanceProperties":{ + "type":"list", + "member":{"shape":"InstanceProperty"} + }, + "InstanceProperty":{ + "type":"structure", + "members":{ + "failed":{"shape":"Boolean"}, + "properties":{"shape":"InstancePropertyMap"}, + "seenAt":{"shape":"SyntheticTimestamp_date_time"} + } + }, + "InstancePropertyMap":{ + "type":"map", + "key":{"shape":"InstancePropertyMapKeyString"}, + "value":{"shape":"InstancePropertyMapValueString"}, + "max":50, + "min":0 + }, + "InstancePropertyMapKeyString":{ + "type":"string", + "max":200, + "min":1 + }, + "InstancePropertyMapValueString":{ + "type":"string", + "max":200, + "min":1 + }, + "Integer":{ + "type":"integer", + "box":true + }, + "ListCrlsResponse":{ + "type":"structure", + "members":{ + "crls":{"shape":"CrlDetails"}, + "nextToken":{"shape":"String"} + } + }, + "ListProfilesResponse":{ + "type":"structure", + "members":{ + "nextToken":{"shape":"String"}, + "profiles":{"shape":"ProfileDetails"} + } + }, + "ListRequest":{ + "type":"structure", + "members":{ + "nextToken":{ + "shape":"ListRequestNextTokenString", + "location":"querystring", + "locationName":"nextToken" + }, + "pageSize":{ + "shape":"Integer", + "location":"querystring", + "locationName":"pageSize" + } + } + }, + "ListRequestNextTokenString":{ + "type":"string", + "max":10000, + "min":1 + }, + "ListSubjectsResponse":{ + "type":"structure", + "members":{ + "nextToken":{"shape":"String"}, + "subjects":{"shape":"SubjectSummaries"} + } + }, + "ListTagsForResourceRequest":{ + "type":"structure", + "required":["resourceArn"], + "members":{ + "resourceArn":{ + "shape":"AmazonResourceName", + "location":"querystring", + "locationName":"resourceArn" + } + } + }, + "ListTagsForResourceResponse":{ + "type":"structure", + "members":{ + "tags":{"shape":"TagList"} + } + }, + "ListTrustAnchorsResponse":{ + "type":"structure", + "members":{ + "nextToken":{"shape":"String"}, + "trustAnchors":{"shape":"TrustAnchorDetails"} + } + }, + "ManagedPolicyList":{ + "type":"list", + "member":{"shape":"ManagedPolicyListMemberString"}, + "max":50, + "min":0 + }, + "ManagedPolicyListMemberString":{ + "type":"string", + "max":200, + "min":1 + }, + "ProfileArn":{ + "type":"string", + "max":1011, + "min":1, + "pattern":"^arn:aws(-[^:]+)?:rolesanywhere(:.*){2}(:profile.*)$" + }, + "ProfileDetail":{ + "type":"structure", + "members":{ + "createdAt":{"shape":"SyntheticTimestamp_date_time"}, + "createdBy":{"shape":"String"}, + "durationSeconds":{"shape":"Integer"}, + "enabled":{"shape":"Boolean"}, + "managedPolicyArns":{"shape":"ManagedPolicyList"}, + "name":{"shape":"ResourceName"}, + "profileArn":{"shape":"ProfileArn"}, + "profileId":{"shape":"Uuid"}, + "requireInstanceProperties":{"shape":"Boolean"}, + "roleArns":{"shape":"RoleArnList"}, + "sessionPolicy":{"shape":"String"}, + "updatedAt":{"shape":"SyntheticTimestamp_date_time"} + } + }, + "ProfileDetailResponse":{ + "type":"structure", + "members":{ + "profile":{"shape":"ProfileDetail"} + } + }, + "ProfileDetails":{ + "type":"list", + "member":{"shape":"ProfileDetail"} + }, + "ResourceName":{ + "type":"string", + "max":255, + "min":1, + "pattern":"^[ a-zA-Z0-9-_]*$" + }, + "ResourceNotFoundException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":404, + "senderFault":true + }, + "exception":true + }, + "RoleArn":{ + "type":"string", + "max":1011, + "min":1, + "pattern":"^arn:aws(-[^:]+)?:iam(:.*){2}(:role.*)$" + }, + "RoleArnList":{ + "type":"list", + "member":{"shape":"RoleArn"}, + "max":50, + "min":0 + }, + "ScalarCrlRequest":{ + "type":"structure", + "required":["crlId"], + "members":{ + "crlId":{ + "shape":"Uuid", + "location":"uri", + "locationName":"crlId" + } + } + }, + "ScalarProfileRequest":{ + "type":"structure", + "required":["profileId"], + "members":{ + "profileId":{ + "shape":"Uuid", + "location":"uri", + "locationName":"profileId" + } + } + }, + "ScalarSubjectRequest":{ + "type":"structure", + "required":["subjectId"], + "members":{ + "subjectId":{ + "shape":"Uuid", + "location":"uri", + "locationName":"subjectId" + } + } + }, + "ScalarTrustAnchorRequest":{ + "type":"structure", + "required":["trustAnchorId"], + "members":{ + "trustAnchorId":{ + "shape":"Uuid", + "location":"uri", + "locationName":"trustAnchorId" + } + } + }, + "Source":{ + "type":"structure", + "members":{ + "sourceData":{"shape":"SourceData"}, + "sourceType":{"shape":"TrustAnchorType"} + } + }, + "SourceData":{ + "type":"structure", + "members":{ + "acmPcaArn":{"shape":"String"}, + "x509CertificateData":{"shape":"String"} + }, + "union":true + }, + "String":{"type":"string"}, + "SubjectDetail":{ + "type":"structure", + "members":{ + "createdAt":{"shape":"SyntheticTimestamp_date_time"}, + "credentials":{"shape":"CredentialSummaries"}, + "enabled":{"shape":"Boolean"}, + "instanceProperties":{"shape":"InstanceProperties"}, + "lastSeenAt":{"shape":"SyntheticTimestamp_date_time"}, + "subjectArn":{"shape":"String"}, + "subjectId":{"shape":"Uuid"}, + "updatedAt":{"shape":"SyntheticTimestamp_date_time"}, + "x509Subject":{"shape":"String"} + } + }, + "SubjectDetailResponse":{ + "type":"structure", + "members":{ + "subject":{"shape":"SubjectDetail"} + } + }, + "SubjectSummaries":{ + "type":"list", + "member":{"shape":"SubjectSummary"} + }, + "SubjectSummary":{ + "type":"structure", + "members":{ + "createdAt":{"shape":"SyntheticTimestamp_date_time"}, + "enabled":{"shape":"Boolean"}, + "lastSeenAt":{"shape":"SyntheticTimestamp_date_time"}, + "subjectArn":{"shape":"String"}, + "subjectId":{"shape":"Uuid"}, + "updatedAt":{"shape":"SyntheticTimestamp_date_time"}, + "x509Subject":{"shape":"String"} + } + }, + "SyntheticTimestamp_date_time":{ + "type":"timestamp", + "timestampFormat":"iso8601" + }, + "Tag":{ + "type":"structure", + "required":[ + "key", + "value" + ], + "members":{ + "key":{"shape":"TagKey"}, + "value":{"shape":"TagValue"} + } + }, + "TagKey":{ + "type":"string", + "max":128, + "min":1, + "pattern":"^[ a-zA-Z0-9_.:/=+@-]*$", + "sensitive":true + }, + "TagKeyList":{ + "type":"list", + "member":{"shape":"TagKey"}, + "max":50, + "min":0 + }, + "TagList":{ + "type":"list", + "member":{"shape":"Tag"}, + "max":50, + "min":0 + }, + "TagResourceRequest":{ + "type":"structure", + "required":[ + "resourceArn", + "tags" + ], + "members":{ + "resourceArn":{"shape":"AmazonResourceName"}, + "tags":{"shape":"TagList"} + } + }, + "TagResourceResponse":{ + "type":"structure", + "members":{ + } + }, + "TagValue":{ + "type":"string", + "max":256, + "min":0, + "pattern":"^[ a-zA-Z0-9_.:/=+@-]*$", + "sensitive":true + }, + "TooManyTagsException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":400, + "senderFault":true + }, + "exception":true + }, + "TrustAnchorArn":{ + "type":"string", + "max":1011, + "min":1, + "pattern":"^arn:aws(-[^:]+)?:rolesanywhere(:.*){2}(:trust-anchor.*)$" + }, + "TrustAnchorDetail":{ + "type":"structure", + "members":{ + "createdAt":{"shape":"SyntheticTimestamp_date_time"}, + "enabled":{"shape":"Boolean"}, + "name":{"shape":"ResourceName"}, + "source":{"shape":"Source"}, + "trustAnchorArn":{"shape":"String"}, + "trustAnchorId":{"shape":"Uuid"}, + "updatedAt":{"shape":"SyntheticTimestamp_date_time"} + } + }, + "TrustAnchorDetailResponse":{ + "type":"structure", + "required":["trustAnchor"], + "members":{ + "trustAnchor":{"shape":"TrustAnchorDetail"} + } + }, + "TrustAnchorDetails":{ + "type":"list", + "member":{"shape":"TrustAnchorDetail"} + }, + "TrustAnchorType":{ + "type":"string", + "enum":[ + "AWS_ACM_PCA", + "CERTIFICATE_BUNDLE", + "SELF_SIGNED_REPOSITORY" + ] + }, + "UntagResourceRequest":{ + "type":"structure", + "required":[ + "resourceArn", + "tagKeys" + ], + "members":{ + "resourceArn":{"shape":"AmazonResourceName"}, + "tagKeys":{"shape":"TagKeyList"} + } + }, + "UntagResourceResponse":{ + "type":"structure", + "members":{ + } + }, + "UpdateCrlRequest":{ + "type":"structure", + "required":["crlId"], + "members":{ + "crlData":{"shape":"UpdateCrlRequestCrlDataBlob"}, + "crlId":{ + "shape":"Uuid", + "location":"uri", + "locationName":"crlId" + }, + "name":{"shape":"ResourceName"} + } + }, + "UpdateCrlRequestCrlDataBlob":{ + "type":"blob", + "max":300000, + "min":1 + }, + "UpdateProfileRequest":{ + "type":"structure", + "required":["profileId"], + "members":{ + "durationSeconds":{"shape":"UpdateProfileRequestDurationSecondsInteger"}, + "managedPolicyArns":{"shape":"ManagedPolicyList"}, + "name":{"shape":"ResourceName"}, + "profileId":{ + "shape":"Uuid", + "location":"uri", + "locationName":"profileId" + }, + "roleArns":{"shape":"RoleArnList"}, + "sessionPolicy":{"shape":"UpdateProfileRequestSessionPolicyString"} + } + }, + "UpdateProfileRequestDurationSecondsInteger":{ + "type":"integer", + "box":true, + "max":43200, + "min":900 + }, + "UpdateProfileRequestSessionPolicyString":{ + "type":"string", + "max":100000, + "min":1 + }, + "UpdateTrustAnchorRequest":{ + "type":"structure", + "required":["trustAnchorId"], + "members":{ + "name":{"shape":"ResourceName"}, + "source":{"shape":"Source"}, + "trustAnchorId":{ + "shape":"Uuid", + "location":"uri", + "locationName":"trustAnchorId" + } + } + }, + "Uuid":{ + "type":"string", + "max":36, + "min":36, + "pattern":"[a-f0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}" + }, + "ValidationException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":400, + "senderFault":true + }, + "exception":true + } + } +} diff --git a/apis/rolesanywhere/2018-05-10/docs-2.json b/apis/rolesanywhere/2018-05-10/docs-2.json new file mode 100644 index 00000000000..dca96bf084f --- /dev/null +++ b/apis/rolesanywhere/2018-05-10/docs-2.json @@ -0,0 +1,526 @@ +{ + "version": "2.0", + "service": "

AWS Identity and Access Management Roles Anywhere provides a secure way for your workloads such as servers, containers, and applications running outside of AWS to obtain Temporary AWS credentials. Your workloads can use the same IAM policies and roles that you have configured with native AWS applications to access AWS resources. Using IAM Roles Anywhere will eliminate the need to manage long term credentials for workloads running outside of AWS.

To use IAM Roles Anywhere customer workloads will need to use X.509 certificates issued by their Certificate Authority (CA) . The Certificate Authority (CA) needs to be registered with IAM Roles Anywhere as a trust anchor to establish trust between customer PKI and IAM Roles Anywhere. Customers who do not manage their own PKI system can use AWS Certificate Manager Private Certificate Authority (ACM PCA) to create a Certificate Authority and use that to establish trust with IAM Roles Anywhere

This guide describes the IAM rolesanywhere operations that you can call programmatically. For general information about IAM Roles Anywhere see https://docs.aws.amazon.com/

", + "operations": { + "CreateProfile": "

Creates a profile. A profile is configuration resource to list the roles that RolesAnywhere service is trusted to assume. In addition, by applying a profile you can intersect permissions with IAM managed policies.

Required permissions: rolesanywhere:CreateProfile.

", + "CreateTrustAnchor": "

Creates a trust anchor. You establish trust between IAM Roles Anywhere and your certificate authority (CA) by configuring a trust anchor. A Trust Anchor is defined either as a reference to a AWS Certificate Manager Private Certificate Authority (ACM PCA), or by uploading a Certificate Authority (CA) certificate. Your AWS workloads can authenticate with the trust anchor using certificates issued by the trusted Certificate Authority (CA) in exchange for temporary AWS credentials.

Required permissions: rolesanywhere:CreateTrustAnchor.

", + "DeleteCrl": "

Deletes a certificate revocation list (CRL).

Required permissions: rolesanywhere:DeleteCrl.

", + "DeleteProfile": "

Deletes a profile.

Required permissions: rolesanywhere:DeleteProfile.

", + "DeleteTrustAnchor": "

Deletes a trust anchor.

Required permissions: rolesanywhere:DeleteTrustAnchor.

", + "DisableCrl": "

Disables a certificate revocation list (CRL).

Required permissions: rolesanywhere:DisableCrl.

", + "DisableProfile": "

Disables a profile. When disabled, CreateSession requests with this profile fail.

Required permissions: rolesanywhere:DisableProfile.

", + "DisableTrustAnchor": "

Disables a trust anchor. When disabled, CreateSession requests specifying this trust anchor are unauthorized.

Required permissions: rolesanywhere:DisableTrustAnchor.

", + "EnableCrl": "

Enables a certificate revocation list (CRL). When enabled, certificates stored in the CRL are unauthorized to receive session credentials.

Required permissions: rolesanywhere:EnableCrl.

", + "EnableProfile": "

Enables the roles in a profile to receive session credentials in CreateSession.

Required permissions: rolesanywhere:EnableProfile.

", + "EnableTrustAnchor": "

Enables a trust anchor. When enabled, certificates in the trust anchor chain are authorized for trust validation.

Required permissions: rolesanywhere:EnableTrustAnchor.

", + "GetCrl": "

Gets a certificate revocation list (CRL).

Required permissions: rolesanywhere:GetCrl.

", + "GetProfile": "

Gets a profile.

Required permissions: rolesanywhere:GetProfile.

", + "GetSubject": "

Gets a Subject. A Subject associates a certificate identity with authentication attempts by CreateSession. The Subject resources stores audit information such as status of the last authentication attempt, the certificate data used in the attempt, and the last time the associated identity attempted authentication.

Required permissions: rolesanywhere:GetSubject.

", + "GetTrustAnchor": "

Gets a trust anchor.

Required permissions: rolesanywhere:GetTrustAnchor.

", + "ImportCrl": "

Imports the certificate revocation list (CRL). CRl is a list of certificates that have been revoked by the issuing certificate Authority (CA). IAM Roles Anywhere validates against the crl list before issuing credentials.

Required permissions: rolesanywhere:ImportCrl.

", + "ListCrls": "

Lists all Crls in the authenticated account and Amazon Web Services Region.

Required permissions: rolesanywhere:ListCrls.

", + "ListProfiles": "

Lists all profiles in the authenticated account and Amazon Web Services Region.

Required permissions: rolesanywhere:ListProfiles.

", + "ListSubjects": "

Lists the subjects in the authenticated account and Amazon Web Services Region.

Required permissions: rolesanywhere:ListSubjects.

", + "ListTagsForResource": "

Lists the tags attached to the resource.

Required permissions: rolesanywhere:ListTagsForResource.

", + "ListTrustAnchors": "

Lists the trust anchors in the authenticated account and Amazon Web Services Region.

Required permissions: rolesanywhere:ListTrustAnchors.

", + "TagResource": "

Attaches tags to a resource.

Required permissions: rolesanywhere:TagResource.

", + "UntagResource": "

Removes tags from the resource.

Required permissions: rolesanywhere:UntagResource.

", + "UpdateCrl": "

Updates the certificate revocation list (CRL). CRl is a list of certificates that have been revoked by the issuing certificate Authority (CA). IAM Roles Anywhere validates against the crl list before issuing credentials.

Required permissions: rolesanywhere:UpdateCrl.

", + "UpdateProfile": "

Updates the profile. A profile is configuration resource to list the roles that RolesAnywhere service is trusted to assume. In addition, by applying a profile you can scope-down permissions with IAM managed policies.

Required permissions: rolesanywhere:UpdateProfile.

", + "UpdateTrustAnchor": "

Updates the trust anchor.You establish trust between IAM Roles Anywhere and your certificate authority (CA) by configuring a trust anchor. A Trust Anchor is defined either as a reference to a AWS Certificate Manager Private Certificate Authority (ACM PCA), or by uploading a Certificate Authority (CA) certificate. Your AWS workloads can authenticate with the trust anchor using certificates issued by the trusted Certificate Authority (CA) in exchange for temporary AWS credentials.

Required permissions: rolesanywhere:UpdateTrustAnchor.

" + }, + "shapes": { + "AccessDeniedException": { + "base": "

You do not have sufficient access to perform this action.

", + "refs": { + } + }, + "AmazonResourceName": { + "base": null, + "refs": { + "ListTagsForResourceRequest$resourceArn": "

The ARN of the resource.

", + "TagResourceRequest$resourceArn": "

The ARN of the resource.

", + "UntagResourceRequest$resourceArn": "

The ARN of the resource.

" + } + }, + "Blob": { + "base": null, + "refs": { + "CrlDetail$crlData": "

The state of the certificate revocation list (CRL) after a read or write operation.

" + } + }, + "Boolean": { + "base": null, + "refs": { + "CreateProfileRequest$enabled": "

Specifies whether the profile is enabled.

", + "CreateProfileRequest$requireInstanceProperties": "

Specifies whether instance properties are required in CreateSession requests with this profile.

", + "CreateTrustAnchorRequest$enabled": "

Specifies whether the trust anchor is enabled.

", + "CredentialSummary$enabled": "

Indicates whether the credential is enabled.

", + "CredentialSummary$failed": "

Indicates whether the CreateSession operation was successful.

", + "CrlDetail$enabled": "

Indicates whether the certificate revocation list (CRL) is enabled.

", + "ImportCrlRequest$enabled": "

Specifies whether the certificate revocation list (CRL) is enabled.

", + "InstanceProperty$failed": "

Indicates whether the CreateSession operation was successful.

", + "ProfileDetail$enabled": "

Indicates whether the profile is enabled.

", + "ProfileDetail$requireInstanceProperties": "

Specifies whether instance properties are required in CreateSession requests with this profile.

", + "SubjectDetail$enabled": "

The enabled status of the subject.

", + "SubjectSummary$enabled": "

The enabled status of the Subject.

", + "TrustAnchorDetail$enabled": "

Indicates whether the trust anchor is enabled.

" + } + }, + "CreateProfileRequest": { + "base": null, + "refs": { + } + }, + "CreateProfileRequestDurationSecondsInteger": { + "base": null, + "refs": { + "CreateProfileRequest$durationSeconds": "

The number of seconds the vended session credentials are valid for.

" + } + }, + "CreateTrustAnchorRequest": { + "base": null, + "refs": { + } + }, + "CredentialSummaries": { + "base": null, + "refs": { + "SubjectDetail$credentials": "

The temporary session credentials vended at the last authenticating call with this Subject.

" + } + }, + "CredentialSummary": { + "base": "

A record of a presented X509 credential to CreateSession.

", + "refs": { + "CredentialSummaries$member": null + } + }, + "CrlDetail": { + "base": "

The state of the certificate revocation list (CRL) after a read or write operation.

", + "refs": { + "CrlDetailResponse$crl": "

The state of the certificate revocation list (CRL) after a read or write operation.

", + "CrlDetails$member": null + } + }, + "CrlDetailResponse": { + "base": null, + "refs": { + } + }, + "CrlDetails": { + "base": null, + "refs": { + "ListCrlsResponse$crls": "

A list of certificate revocation lists (CRL).

" + } + }, + "ImportCrlRequest": { + "base": null, + "refs": { + } + }, + "ImportCrlRequestCrlDataBlob": { + "base": null, + "refs": { + "ImportCrlRequest$crlData": "

The x509 v3 specified certificate revocation list

" + } + }, + "InstanceProperties": { + "base": null, + "refs": { + "SubjectDetail$instanceProperties": "

The specified instance properties associated with the request.

" + } + }, + "InstanceProperty": { + "base": "

A key-value pair you set that identifies a property of the authenticating instance.

", + "refs": { + "InstanceProperties$member": null + } + }, + "InstancePropertyMap": { + "base": null, + "refs": { + "InstanceProperty$properties": "

A list of instanceProperty objects.

" + } + }, + "InstancePropertyMapKeyString": { + "base": null, + "refs": { + "InstancePropertyMap$key": null + } + }, + "InstancePropertyMapValueString": { + "base": null, + "refs": { + "InstancePropertyMap$value": null + } + }, + "Integer": { + "base": null, + "refs": { + "ListRequest$pageSize": "

The number of resources in the paginated list.

", + "ProfileDetail$durationSeconds": "

The number of seconds the vended session credentials are valid for.

" + } + }, + "ListCrlsResponse": { + "base": null, + "refs": { + } + }, + "ListProfilesResponse": { + "base": null, + "refs": { + } + }, + "ListRequest": { + "base": null, + "refs": { + } + }, + "ListRequestNextTokenString": { + "base": null, + "refs": { + "ListRequest$nextToken": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

" + } + }, + "ListSubjectsResponse": { + "base": null, + "refs": { + } + }, + "ListTagsForResourceRequest": { + "base": null, + "refs": { + } + }, + "ListTagsForResourceResponse": { + "base": null, + "refs": { + } + }, + "ListTrustAnchorsResponse": { + "base": null, + "refs": { + } + }, + "ManagedPolicyList": { + "base": null, + "refs": { + "CreateProfileRequest$managedPolicyArns": "

A list of managed policy ARNs that apply to the vended session credentials.

", + "ProfileDetail$managedPolicyArns": "

A list of managed policy ARNs that apply to the vended session credentials.

", + "UpdateProfileRequest$managedPolicyArns": "

A list of managed policy ARNs that apply to the vended session credentials.

" + } + }, + "ManagedPolicyListMemberString": { + "base": null, + "refs": { + "ManagedPolicyList$member": null + } + }, + "ProfileArn": { + "base": null, + "refs": { + "ProfileDetail$profileArn": "

The ARN of the profile.

" + } + }, + "ProfileDetail": { + "base": "

The state of the profile after a read or write operation.

", + "refs": { + "ProfileDetailResponse$profile": "

The state of the profile after a read or write operation.

", + "ProfileDetails$member": null + } + }, + "ProfileDetailResponse": { + "base": null, + "refs": { + } + }, + "ProfileDetails": { + "base": null, + "refs": { + "ListProfilesResponse$profiles": "

A list of profiles.

" + } + }, + "ResourceName": { + "base": null, + "refs": { + "CreateProfileRequest$name": "

The name of the profile.

", + "CreateTrustAnchorRequest$name": "

The name of the trust anchor.

", + "ImportCrlRequest$name": "

The name of the certificate revocation list (CRL).

", + "ProfileDetail$name": "

The name of the profile.

", + "TrustAnchorDetail$name": "

The name of the trust anchor.

", + "UpdateCrlRequest$name": "

The name of the Crl.

", + "UpdateProfileRequest$name": "

The name of the profile.

", + "UpdateTrustAnchorRequest$name": "

The name of the trust anchor.

" + } + }, + "ResourceNotFoundException": { + "base": "

The resource could not be found.

", + "refs": { + } + }, + "RoleArn": { + "base": null, + "refs": { + "RoleArnList$member": null + } + }, + "RoleArnList": { + "base": null, + "refs": { + "CreateProfileRequest$roleArns": "

A list of IAM roles that this profile can assume in a CreateSession operation.

", + "ProfileDetail$roleArns": "

A list of IAM roles that this profile can assume in a CreateSession operation.

", + "UpdateProfileRequest$roleArns": "

A list of IAM roles that this profile can assume in a CreateSession operation.

" + } + }, + "ScalarCrlRequest": { + "base": null, + "refs": { + } + }, + "ScalarProfileRequest": { + "base": null, + "refs": { + } + }, + "ScalarSubjectRequest": { + "base": null, + "refs": { + } + }, + "ScalarTrustAnchorRequest": { + "base": null, + "refs": { + } + }, + "Source": { + "base": "

The trust anchor type and its related certificate data.

", + "refs": { + "CreateTrustAnchorRequest$source": "

The trust anchor type and its related certificate data.

", + "TrustAnchorDetail$source": "

The trust anchor type and its related certificate data.

", + "UpdateTrustAnchorRequest$source": "

The trust anchor type and its related certificate data.

" + } + }, + "SourceData": { + "base": "

The data field of the trust anchor depending on its type.

", + "refs": { + "Source$sourceData": "

The data field of the trust anchor depending on its type.

" + } + }, + "String": { + "base": null, + "refs": { + "AccessDeniedException$message": null, + "CreateProfileRequest$sessionPolicy": "

A session policy that applies to the trust boundary of the vended session credentials.

", + "CredentialSummary$issuer": "

The fully qualified domain name of the issuing certificate for the presented end-entity certificate.

", + "CredentialSummary$serialNumber": "

The serial number of the certificate.

", + "CredentialSummary$x509CertificateData": "

The PEM-encoded data of the certificate.

", + "CrlDetail$crlArn": "

The ARN of the certificate revocation list (CRL).

", + "CrlDetail$name": "

The name of the certificate revocation list (CRL).

", + "CrlDetail$trustAnchorArn": "

The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.

", + "ListCrlsResponse$nextToken": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

", + "ListProfilesResponse$nextToken": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

", + "ListSubjectsResponse$nextToken": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

", + "ListTrustAnchorsResponse$nextToken": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

", + "ProfileDetail$createdBy": "

The Amazon Web Services account that created the profile.

", + "ProfileDetail$sessionPolicy": "

A session policy that applies to the trust boundary of the vended session credentials.

", + "ResourceNotFoundException$message": null, + "SourceData$acmPcaArn": "

The root certificate of the Certificate Manager Private Certificate Authority specified by this ARN is used in trust validation for CreateSession operations. Included for trust anchors of type AWS_ACM_PCA.

", + "SourceData$x509CertificateData": "

The PEM-encoded data for the certificate anchor. Included for trust anchors of type CERTIFICATE_BUNDLE.

", + "SubjectDetail$subjectArn": "

The ARN of the resource.

", + "SubjectDetail$x509Subject": "

The x509 principal identifier of the authenticating certificate.

", + "SubjectSummary$subjectArn": "

The ARN of the resource.

", + "SubjectSummary$x509Subject": "

The x509 principal identifier of the authenticating certificate.

", + "TooManyTagsException$message": null, + "TrustAnchorDetail$trustAnchorArn": "

The ARN of the trust anchor.

", + "ValidationException$message": null + } + }, + "SubjectDetail": { + "base": "

The state of the subject after a read or write operation.

", + "refs": { + "SubjectDetailResponse$subject": "

The state of the subject after a read or write operation.

" + } + }, + "SubjectDetailResponse": { + "base": null, + "refs": { + } + }, + "SubjectSummaries": { + "base": null, + "refs": { + "ListSubjectsResponse$subjects": "

A list of subjects.

" + } + }, + "SubjectSummary": { + "base": "

A summary representation of Subject resources returned in read operations; primarily ListSubjects.

", + "refs": { + "SubjectSummaries$member": null + } + }, + "SyntheticTimestamp_date_time": { + "base": null, + "refs": { + "CredentialSummary$seenAt": "

The ISO-8601 time stamp of when the certificate was last used in a CreateSession operation.

", + "CrlDetail$createdAt": "

The ISO-8601 timestamp when the certificate revocation list (CRL) was created.

", + "CrlDetail$updatedAt": "

The ISO-8601 timestamp when the certificate revocation list (CRL) was last updated.

", + "InstanceProperty$seenAt": "

The ISO-8601 time stamp of when the certificate was last used in a CreateSession operation.

", + "ProfileDetail$createdAt": "

The ISO-8601 timestamp when the profile was created.

", + "ProfileDetail$updatedAt": "

The ISO-8601 timestamp when the profile was last updated.

", + "SubjectDetail$createdAt": "

The ISO-8601 timestamp when the subject was created.

", + "SubjectDetail$lastSeenAt": "

The ISO-8601 timestamp of the last time this Subject requested temporary session credentials.

", + "SubjectDetail$updatedAt": "

The ISO-8601 timestamp when the subject was last updated.

", + "SubjectSummary$createdAt": "

The ISO-8601 time stamp of when the certificate was first used in a CreateSession operation.

", + "SubjectSummary$lastSeenAt": "

The ISO-8601 time stamp of when the certificate was last used in a CreateSession operation.

", + "SubjectSummary$updatedAt": "

The ISO-8601 timestamp when the subject was last updated.

", + "TrustAnchorDetail$createdAt": "

The ISO-8601 timestamp when the trust anchor was created.

", + "TrustAnchorDetail$updatedAt": "

The ISO-8601 timestamp when the trust anchor was last updated.

" + } + }, + "Tag": { + "base": "

A label that consists of a key and value you define.

", + "refs": { + "TagList$member": null + } + }, + "TagKey": { + "base": null, + "refs": { + "Tag$key": "

The tag key.

", + "TagKeyList$member": null + } + }, + "TagKeyList": { + "base": null, + "refs": { + "UntagResourceRequest$tagKeys": "

A list of keys. Tag keys are the unique identifiers of tags.

" + } + }, + "TagList": { + "base": null, + "refs": { + "CreateProfileRequest$tags": "

The tags to attach to the profile.

", + "CreateTrustAnchorRequest$tags": "

The tags to attach to the trust anchor.

", + "ImportCrlRequest$tags": "

A list of tags to attach to the certificate revocation list (CRL).

", + "ListTagsForResourceResponse$tags": "

A list of tags attached to the resource.

", + "TagResourceRequest$tags": "

The tags to attach to the resource.

" + } + }, + "TagResourceRequest": { + "base": null, + "refs": { + } + }, + "TagResourceResponse": { + "base": null, + "refs": { + } + }, + "TagValue": { + "base": null, + "refs": { + "Tag$value": "

The tag value.

" + } + }, + "TooManyTagsException": { + "base": "

Too many tags.

", + "refs": { + } + }, + "TrustAnchorArn": { + "base": null, + "refs": { + "ImportCrlRequest$trustAnchorArn": "

The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.

" + } + }, + "TrustAnchorDetail": { + "base": "

The state of the trust anchor after a read or write operation.

", + "refs": { + "TrustAnchorDetailResponse$trustAnchor": "

The state of the trust anchor after a read or write operation.

", + "TrustAnchorDetails$member": null + } + }, + "TrustAnchorDetailResponse": { + "base": null, + "refs": { + } + }, + "TrustAnchorDetails": { + "base": null, + "refs": { + "ListTrustAnchorsResponse$trustAnchors": "

A list of trust anchors.

" + } + }, + "TrustAnchorType": { + "base": null, + "refs": { + "Source$sourceType": "

The type of the trust anchor.

" + } + }, + "UntagResourceRequest": { + "base": null, + "refs": { + } + }, + "UntagResourceResponse": { + "base": null, + "refs": { + } + }, + "UpdateCrlRequest": { + "base": null, + "refs": { + } + }, + "UpdateCrlRequestCrlDataBlob": { + "base": null, + "refs": { + "UpdateCrlRequest$crlData": "

The x509 v3 specified certificate revocation list

" + } + }, + "UpdateProfileRequest": { + "base": null, + "refs": { + } + }, + "UpdateProfileRequestDurationSecondsInteger": { + "base": null, + "refs": { + "UpdateProfileRequest$durationSeconds": "

The number of seconds the vended session credentials are valid for.

" + } + }, + "UpdateProfileRequestSessionPolicyString": { + "base": null, + "refs": { + "UpdateProfileRequest$sessionPolicy": "

A session policy that applies to the trust boundary of the vended session credentials.

" + } + }, + "UpdateTrustAnchorRequest": { + "base": null, + "refs": { + } + }, + "Uuid": { + "base": null, + "refs": { + "CrlDetail$crlId": "

The unique identifier of the certificate revocation list (CRL).

", + "ProfileDetail$profileId": "

The unique identifier of the profile.

", + "ScalarCrlRequest$crlId": "

The unique identifier of the certificate revocation list (CRL).

", + "ScalarProfileRequest$profileId": "

The unique identifier of the profile.

", + "ScalarSubjectRequest$subjectId": "

The unique identifier of the subject.

", + "ScalarTrustAnchorRequest$trustAnchorId": "

The unique identifier of the trust anchor.

", + "SubjectDetail$subjectId": "

The id of the resource

", + "SubjectSummary$subjectId": "

The id of the resource.

", + "TrustAnchorDetail$trustAnchorId": "

The unique identifier of the trust anchor.

", + "UpdateCrlRequest$crlId": "

The unique identifier of the certificate revocation list (CRL).

", + "UpdateProfileRequest$profileId": "

The unique identifier of the profile.

", + "UpdateTrustAnchorRequest$trustAnchorId": "

The unique identifier of the trust anchor.

" + } + }, + "ValidationException": { + "base": "

Validation exception error.

", + "refs": { + } + } + } +} diff --git a/apis/rolesanywhere/2018-05-10/examples-1.json b/apis/rolesanywhere/2018-05-10/examples-1.json new file mode 100644 index 00000000000..0ea7e3b0bbe --- /dev/null +++ b/apis/rolesanywhere/2018-05-10/examples-1.json @@ -0,0 +1,5 @@ +{ + "version": "1.0", + "examples": { + } +} diff --git a/apis/rolesanywhere/2018-05-10/paginators-1.json b/apis/rolesanywhere/2018-05-10/paginators-1.json new file mode 100644 index 00000000000..97298614bfa --- /dev/null +++ b/apis/rolesanywhere/2018-05-10/paginators-1.json @@ -0,0 +1,24 @@ +{ + "pagination": { + "ListCrls": { + "input_token": "nextToken", + "output_token": "nextToken", + "result_key": "crls" + }, + "ListProfiles": { + "input_token": "nextToken", + "output_token": "nextToken", + "result_key": "profiles" + }, + "ListSubjects": { + "input_token": "nextToken", + "output_token": "nextToken", + "result_key": "subjects" + }, + "ListTrustAnchors": { + "input_token": "nextToken", + "output_token": "nextToken", + "result_key": "trustAnchors" + } + } +} diff --git a/apis/ssm-incidents/2018-05-10/api-2.json b/apis/ssm-incidents/2018-05-10/api-2.json index 398278a3e49..56fe2ad99df 100644 --- a/apis/ssm-incidents/2018-05-10/api-2.json +++ b/apis/ssm-incidents/2018-05-10/api-2.json @@ -1082,6 +1082,7 @@ "members":{ "dedupeString":{"shape":"DedupeString"}, "impact":{"shape":"Impact"}, + "incidentTags":{"shape":"TagMap"}, "notificationTargets":{"shape":"NotificationTargetSet"}, "summary":{"shape":"IncidentSummary"}, "title":{"shape":"IncidentTitle"} @@ -1653,6 +1654,13 @@ "max":50, "min":1 }, + "TagMapUpdate":{ + "type":"map", + "key":{"shape":"TagKey"}, + "value":{"shape":"TagValue"}, + "max":50, + "min":0 + }, "TagResourceRequest":{ "type":"structure", "required":[ @@ -1881,6 +1889,7 @@ "incidentTemplateImpact":{"shape":"Impact"}, "incidentTemplateNotificationTargets":{"shape":"NotificationTargetSet"}, "incidentTemplateSummary":{"shape":"IncidentSummary"}, + "incidentTemplateTags":{"shape":"TagMapUpdate"}, "incidentTemplateTitle":{"shape":"IncidentTitle"} } }, diff --git a/apis/ssm-incidents/2018-05-10/docs-2.json b/apis/ssm-incidents/2018-05-10/docs-2.json index f61594688d7..bc4076ac085 100644 --- a/apis/ssm-incidents/2018-05-10/docs-2.json +++ b/apis/ssm-incidents/2018-05-10/docs-2.json @@ -929,7 +929,8 @@ "base": null, "refs": { "TagKeyList$member": null, - "TagMap$key": null + "TagMap$key": null, + "TagMapUpdate$key": null } }, "TagKeyList": { @@ -942,10 +943,17 @@ "base": null, "refs": { "CreateResponsePlanInput$tags": "

A list of tags that you are adding to the response plan.

", + "IncidentTemplate$incidentTags": "

Tags to apply to an incident when calling the StartIncident API action.

", "ListTagsForResourceResponse$tags": "

A list of tags for the response plan.

", "TagResourceRequest$tags": "

A list of tags that you are adding to the response plan.

" } }, + "TagMapUpdate": { + "base": null, + "refs": { + "UpdateResponsePlanInput$incidentTemplateTags": "

Tags to apply to an incident when calling the StartIncident API action. To call this action, you must also have permission to call the TagResource API action for the incident record resource.

" + } + }, "TagResourceRequest": { "base": null, "refs": { @@ -959,7 +967,8 @@ "TagValue": { "base": null, "refs": { - "TagMap$value": null + "TagMap$value": null, + "TagMapUpdate$value": null } }, "ThrottlingException": { diff --git a/gems/aws-partitions/CHANGELOG.md b/gems/aws-partitions/CHANGELOG.md index d0f2ea408bd..ed51ecf5df3 100644 --- a/gems/aws-partitions/CHANGELOG.md +++ b/gems/aws-partitions/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.603.0 (2022-07-05) +------------------ + +* Feature - Added support for enumerating regions for `Aws::RolesAnywhere`. + 1.602.0 (2022-06-29) ------------------ diff --git a/gems/aws-partitions/VERSION b/gems/aws-partitions/VERSION index f73fe674819..21127745550 100644 --- a/gems/aws-partitions/VERSION +++ b/gems/aws-partitions/VERSION @@ -1 +1 @@ -1.602.0 +1.603.0 diff --git a/gems/aws-partitions/lib/aws-partitions.rb b/gems/aws-partitions/lib/aws-partitions.rb index 02e12b33184..e41981fd6d0 100644 --- a/gems/aws-partitions/lib/aws-partitions.rb +++ b/gems/aws-partitions/lib/aws-partitions.rb @@ -471,6 +471,7 @@ def service_ids 'ResourceGroups' => 'resource-groups', 'ResourceGroupsTaggingAPI' => 'tagging', 'RoboMaker' => 'robomaker', + 'RolesAnywhere' => 'rolesanywhere', 'Route53' => 'route53', 'Route53Domains' => 'route53domains', 'Route53RecoveryCluster' => 'route53-recovery-cluster', diff --git a/gems/aws-partitions/partitions.json b/gems/aws-partitions/partitions.json index 7c72f601c6c..a656cc4a4e5 100644 --- a/gems/aws-partitions/partitions.json +++ b/gems/aws-partitions/partitions.json @@ -10136,6 +10136,29 @@ "us-west-2" : { } } }, + "rolesanywhere" : { + "endpoints" : { + "ap-east-1" : { }, + "ap-northeast-1" : { }, + "ap-northeast-2" : { }, + "ap-northeast-3" : { }, + "ap-south-1" : { }, + "ap-southeast-1" : { }, + "ap-southeast-2" : { }, + "ca-central-1" : { }, + "eu-central-1" : { }, + "eu-north-1" : { }, + "eu-west-1" : { }, + "eu-west-2" : { }, + "eu-west-3" : { }, + "me-south-1" : { }, + "sa-east-1" : { }, + "us-east-1" : { }, + "us-east-2" : { }, + "us-west-1" : { }, + "us-west-2" : { } + } + }, "route53" : { "endpoints" : { "aws-global" : { diff --git a/gems/aws-sdk-configservice/CHANGELOG.md b/gems/aws-sdk-configservice/CHANGELOG.md index 53b8fcc99eb..43da739f8ae 100644 --- a/gems/aws-sdk-configservice/CHANGELOG.md +++ b/gems/aws-sdk-configservice/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.78.0 (2022-07-05) +------------------ + +* Feature - Updating documentation service limits + 1.77.0 (2022-04-06) ------------------ diff --git a/gems/aws-sdk-configservice/VERSION b/gems/aws-sdk-configservice/VERSION index 79e15fd4937..54227249d1f 100644 --- a/gems/aws-sdk-configservice/VERSION +++ b/gems/aws-sdk-configservice/VERSION @@ -1 +1 @@ -1.77.0 +1.78.0 diff --git a/gems/aws-sdk-configservice/lib/aws-sdk-configservice.rb b/gems/aws-sdk-configservice/lib/aws-sdk-configservice.rb index 1d25baaed89..000ca6fcaeb 100644 --- a/gems/aws-sdk-configservice/lib/aws-sdk-configservice.rb +++ b/gems/aws-sdk-configservice/lib/aws-sdk-configservice.rb @@ -48,6 +48,6 @@ # @!group service module Aws::ConfigService - GEM_VERSION = '1.77.0' + GEM_VERSION = '1.78.0' end diff --git a/gems/aws-sdk-configservice/lib/aws-sdk-configservice/client.rb b/gems/aws-sdk-configservice/lib/aws-sdk-configservice/client.rb index b0e8d0915c0..c0c5b8b1b45 100644 --- a/gems/aws-sdk-configservice/lib/aws-sdk-configservice/client.rb +++ b/gems/aws-sdk-configservice/lib/aws-sdk-configservice/client.rb @@ -1974,9 +1974,26 @@ def describe_organization_config_rule_statuses(params = {}, options = {}) # Returns a list of organization Config rules. # # When you specify the limit and the next token, you receive a paginated - # response. Limit and next token are not applicable if you specify - # organization Config rule names. It is only applicable, when you - # request all the organization Config rules. + # response. + # + # Limit and next token are not applicable if you specify organization + # Config rule names. It is only applicable, when you request all the + # organization Config rules. + # + # *For accounts within an organzation* + # + # If you deploy an organizational rule or conformance pack in an + # organization administrator account, and then establish a delegated + # administrator and deploy an organizational rule or conformance pack in + # the delegated administrator account, you won't be able to see the + # organizational rule or conformance pack in the organization + # administrator account from the delegated administrator account or see + # the organizational rule or conformance pack in the delegated + # administrator account from organization administrator account. The + # `DescribeOrganizationConfigRules` and + # `DescribeOrganizationConformancePacks` APIs can only see and interact + # with the organization-related resource that were deployed from within + # the account calling those APIs. # # # @@ -2132,6 +2149,21 @@ def describe_organization_conformance_pack_statuses(params = {}, options = {}) # conformance packs names. They are only applicable, when you request # all the organization conformance packs. # + # *For accounts within an organzation* + # + # If you deploy an organizational rule or conformance pack in an + # organization administrator account, and then establish a delegated + # administrator and deploy an organizational rule or conformance pack in + # the delegated administrator account, you won't be able to see the + # organizational rule or conformance pack in the organization + # administrator account from the delegated administrator account or see + # the organizational rule or conformance pack in the delegated + # administrator account from organization administrator account. The + # `DescribeOrganizationConfigRules` and + # `DescribeOrganizationConformancePacks` APIs can only see and interact + # with the organization-related resource that were deployed from within + # the account calling those APIs. + # # # # @option params [Array] :organization_conformance_pack_names @@ -4413,11 +4445,14 @@ def put_organization_config_rule(params = {}, options = {}) end # Deploys conformance packs across member accounts in an Amazon Web - # Services Organization. + # Services Organization. For information on how many organization + # conformance packs and how many Config rules you can have per account, + # see [ **Service Limits** ][1] in the Config Developer Guide. # # Only a master account and a delegated administrator can call this API. # When calling this API with a delegated administrator, you must ensure - # Organizations `ListDelegatedAdministrator` permissions are added. + # Organizations `ListDelegatedAdministrator` permissions are added. An + # organization can have up to 3 delegated administrators. # # This API enables organization service access for # `config-multiaccountsetup.amazonaws.com` through the @@ -4442,11 +4477,12 @@ def put_organization_config_rule(params = {}, options = {}) # updated. You cannot update a conformance pack while it is in this # state. # - # You can create 50 conformance packs with 25 Config rules in each pack - # and 3 delegated administrator per organization. - # # # + # + # + # [1]: https://docs.aws.amazon.com/config/latest/developerguide/configlimits.html + # # @option params [required, String] :organization_conformance_pack_name # Name of the organization conformance pack you want to create. # @@ -4537,6 +4573,18 @@ def put_organization_conformance_pack(params = {}, options = {}) # # # + # For manual remediation configuration, you need to provide a value for + # `automationAssumeRole` or use a value in the `assumeRole`field to + # remediate your resources. The SSM automation document can use either + # as long as it maps to a valid parameter. + # + # However, for automatic remediation configuration, the only valid + # `assumeRole` field value is `AutomationAssumeRole` and you need to + # provide a value for `AutomationAssumeRole` to remediate your + # resources. + # + # + # # @option params [required, Array] :remediation_configurations # A list of remediation configuration objects. # @@ -4723,6 +4771,13 @@ def put_remediation_exceptions(params = {}, options = {}) # @option params [Hash] :tags # Tags associated with the resource. # + # This field is not to be confused with the Amazon Web Services-wide tag + # feature for Amazon Web Services resources. Tags for + # `PutResourceConfig` are tags that you supply for the configuration + # items of your custom resources. + # + # + # # @return [Struct] Returns an empty {Seahorse::Client::Response response}. # # @example Request syntax with placeholder values @@ -5213,7 +5268,7 @@ def build_request(operation_name, params = {}) params: params, config: config) context[:gem_name] = 'aws-sdk-configservice' - context[:gem_version] = '1.77.0' + context[:gem_version] = '1.78.0' Seahorse::Client::Request.new(handlers, context) end diff --git a/gems/aws-sdk-configservice/lib/aws-sdk-configservice/types.rb b/gems/aws-sdk-configservice/lib/aws-sdk-configservice/types.rb index 3df9470cca4..819bcf53cc4 100644 --- a/gems/aws-sdk-configservice/lib/aws-sdk-configservice/types.rb +++ b/gems/aws-sdk-configservice/lib/aws-sdk-configservice/types.rb @@ -982,8 +982,8 @@ class ConfigExportDeliveryInfo < Struct.new( # The maximum frequency with which Config runs evaluations for a rule. # You can specify a value for `MaximumExecutionFrequency` when: # - # * You are using an Config managed rule that is triggered at a - # periodic frequency. + # * This is for an Config managed rule that is triggered at a periodic + # frequency. # # * Your custom rule is triggered when Config delivers the # configuration snapshot. For more information, see @@ -1523,6 +1523,12 @@ class ConfigurationItem < Struct.new( # @!attribute [rw] role_arn # Amazon Resource Name (ARN) of the IAM role used to describe the # Amazon Web Services resources associated with the account. + # + # While the API model does not require this field, the server will + # reject a request without a defined roleARN for the configuration + # recorder. + # + # # @return [String] # # @!attribute [rw] recording_group @@ -6548,7 +6554,7 @@ class OrganizationCustomRuleMetadata < Struct.new( # # @!attribute [rw] maximum_execution_frequency # The maximum frequency with which Config runs evaluations for a rule. - # You are using an Config managed rule that is triggered at a periodic + # This is for an Config managed rule that is triggered at a periodic # frequency. # # By default, rules with a periodic trigger are evaluated every 24 @@ -7457,6 +7463,13 @@ class PutRemediationExceptionsResponse < Struct.new( # # @!attribute [rw] tags # Tags associated with the resource. + # + # This field is not to be confused with the Amazon Web Services-wide + # tag feature for Amazon Web Services resources. Tags for + # `PutResourceConfig` are tags that you supply for the configuration + # items of your custom resources. + # + # # @return [Hash] # # @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutResourceConfigRequest AWS API Documentation diff --git a/gems/aws-sdk-lexmodelsv2/CHANGELOG.md b/gems/aws-sdk-lexmodelsv2/CHANGELOG.md index e194fdd7423..0a3f039d5a8 100644 --- a/gems/aws-sdk-lexmodelsv2/CHANGELOG.md +++ b/gems/aws-sdk-lexmodelsv2/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.24.0 (2022-07-05) +------------------ + +* Feature - This release introduces additional optional parameters "messageSelectionStrategy" to PromptSpecification, which enables the users to configure the bot to play messages in orderly manner. + 1.23.0 (2022-03-10) ------------------ diff --git a/gems/aws-sdk-lexmodelsv2/VERSION b/gems/aws-sdk-lexmodelsv2/VERSION index a6c2798a482..53cc1a6f929 100644 --- a/gems/aws-sdk-lexmodelsv2/VERSION +++ b/gems/aws-sdk-lexmodelsv2/VERSION @@ -1 +1 @@ -1.23.0 +1.24.0 diff --git a/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2.rb b/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2.rb index 96de886a766..69a6069ee92 100644 --- a/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2.rb +++ b/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2.rb @@ -49,6 +49,6 @@ # @!group service module Aws::LexModelsV2 - GEM_VERSION = '1.23.0' + GEM_VERSION = '1.24.0' end diff --git a/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/client.rb b/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/client.rb index 064201573b4..2fe65cbb9f2 100644 --- a/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/client.rb +++ b/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/client.rb @@ -1390,6 +1390,7 @@ def create_export(params = {}, options = {}) # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # declination_response: { # required # message_groups: [ # required @@ -1665,6 +1666,7 @@ def create_export(params = {}, options = {}) # resp.intent_confirmation_setting.prompt_specification.message_groups[0].variations[0].image_response_card.buttons[0].value #=> String # resp.intent_confirmation_setting.prompt_specification.max_retries #=> Integer # resp.intent_confirmation_setting.prompt_specification.allow_interrupt #=> Boolean + # resp.intent_confirmation_setting.prompt_specification.message_selection_strategy #=> String, one of "Random", "Ordered" # resp.intent_confirmation_setting.declination_response.message_groups #=> Array # resp.intent_confirmation_setting.declination_response.message_groups[0].message.plain_text_message.value #=> String # resp.intent_confirmation_setting.declination_response.message_groups[0].message.custom_payload.value #=> String @@ -2020,6 +2022,7 @@ def create_resource_policy_statement(params = {}, options = {}) # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # sample_utterances: [ # { @@ -2234,6 +2237,7 @@ def create_resource_policy_statement(params = {}, options = {}) # resp.value_elicitation_setting.prompt_specification.message_groups[0].variations[0].image_response_card.buttons[0].value #=> String # resp.value_elicitation_setting.prompt_specification.max_retries #=> Integer # resp.value_elicitation_setting.prompt_specification.allow_interrupt #=> Boolean + # resp.value_elicitation_setting.prompt_specification.message_selection_strategy #=> String, one of "Random", "Ordered" # resp.value_elicitation_setting.sample_utterances #=> Array # resp.value_elicitation_setting.sample_utterances[0].utterance #=> String # resp.value_elicitation_setting.wait_and_continue_specification.waiting_response.message_groups #=> Array @@ -3770,6 +3774,7 @@ def describe_import(params = {}, options = {}) # resp.intent_confirmation_setting.prompt_specification.message_groups[0].variations[0].image_response_card.buttons[0].value #=> String # resp.intent_confirmation_setting.prompt_specification.max_retries #=> Integer # resp.intent_confirmation_setting.prompt_specification.allow_interrupt #=> Boolean + # resp.intent_confirmation_setting.prompt_specification.message_selection_strategy #=> String, one of "Random", "Ordered" # resp.intent_confirmation_setting.declination_response.message_groups #=> Array # resp.intent_confirmation_setting.declination_response.message_groups[0].message.plain_text_message.value #=> String # resp.intent_confirmation_setting.declination_response.message_groups[0].message.custom_payload.value #=> String @@ -3951,6 +3956,7 @@ def describe_resource_policy(params = {}, options = {}) # resp.value_elicitation_setting.prompt_specification.message_groups[0].variations[0].image_response_card.buttons[0].value #=> String # resp.value_elicitation_setting.prompt_specification.max_retries #=> Integer # resp.value_elicitation_setting.prompt_specification.allow_interrupt #=> Boolean + # resp.value_elicitation_setting.prompt_specification.message_selection_strategy #=> String, one of "Random", "Ordered" # resp.value_elicitation_setting.sample_utterances #=> Array # resp.value_elicitation_setting.sample_utterances[0].utterance #=> String # resp.value_elicitation_setting.wait_and_continue_specification.waiting_response.message_groups #=> Array @@ -5295,6 +5301,7 @@ def list_slot_types(params = {}, options = {}) # resp.slot_summaries[0].value_elicitation_prompt_specification.message_groups[0].variations[0].image_response_card.buttons[0].value #=> String # resp.slot_summaries[0].value_elicitation_prompt_specification.max_retries #=> Integer # resp.slot_summaries[0].value_elicitation_prompt_specification.allow_interrupt #=> Boolean + # resp.slot_summaries[0].value_elicitation_prompt_specification.message_selection_strategy #=> String, one of "Random", "Ordered" # resp.slot_summaries[0].last_updated_date_time #=> Time # resp.next_token #=> String # @@ -6556,6 +6563,7 @@ def update_export(params = {}, options = {}) # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # declination_response: { # required # message_groups: [ # required @@ -6834,6 +6842,7 @@ def update_export(params = {}, options = {}) # resp.intent_confirmation_setting.prompt_specification.message_groups[0].variations[0].image_response_card.buttons[0].value #=> String # resp.intent_confirmation_setting.prompt_specification.max_retries #=> Integer # resp.intent_confirmation_setting.prompt_specification.allow_interrupt #=> Boolean + # resp.intent_confirmation_setting.prompt_specification.message_selection_strategy #=> String, one of "Random", "Ordered" # resp.intent_confirmation_setting.declination_response.message_groups #=> Array # resp.intent_confirmation_setting.declination_response.message_groups[0].message.plain_text_message.value #=> String # resp.intent_confirmation_setting.declination_response.message_groups[0].message.custom_payload.value #=> String @@ -7093,6 +7102,7 @@ def update_resource_policy(params = {}, options = {}) # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # sample_utterances: [ # { @@ -7307,6 +7317,7 @@ def update_resource_policy(params = {}, options = {}) # resp.value_elicitation_setting.prompt_specification.message_groups[0].variations[0].image_response_card.buttons[0].value #=> String # resp.value_elicitation_setting.prompt_specification.max_retries #=> Integer # resp.value_elicitation_setting.prompt_specification.allow_interrupt #=> Boolean + # resp.value_elicitation_setting.prompt_specification.message_selection_strategy #=> String, one of "Random", "Ordered" # resp.value_elicitation_setting.sample_utterances #=> Array # resp.value_elicitation_setting.sample_utterances[0].utterance #=> String # resp.value_elicitation_setting.wait_and_continue_specification.waiting_response.message_groups #=> Array @@ -7536,7 +7547,7 @@ def build_request(operation_name, params = {}) params: params, config: config) context[:gem_name] = 'aws-sdk-lexmodelsv2' - context[:gem_version] = '1.23.0' + context[:gem_version] = '1.24.0' Seahorse::Client::Request.new(handlers, context) end diff --git a/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/client_api.rb b/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/client_api.rb index c74e73fa961..7a4ef76f906 100644 --- a/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/client_api.rb +++ b/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/client_api.rb @@ -296,6 +296,7 @@ module ClientApi Message = Shapes::StructureShape.new(name: 'Message') MessageGroup = Shapes::StructureShape.new(name: 'MessageGroup') MessageGroupsList = Shapes::ListShape.new(name: 'MessageGroupsList') + MessageSelectionStrategy = Shapes::StringShape.new(name: 'MessageSelectionStrategy') MessageVariationsList = Shapes::ListShape.new(name: 'MessageVariationsList') MissedCount = Shapes::IntegerShape.new(name: 'MissedCount') MultipleValuesSetting = Shapes::StructureShape.new(name: 'MultipleValuesSetting') @@ -1632,6 +1633,7 @@ module ClientApi PromptSpecification.add_member(:message_groups, Shapes::ShapeRef.new(shape: MessageGroupsList, required: true, location_name: "messageGroups")) PromptSpecification.add_member(:max_retries, Shapes::ShapeRef.new(shape: PromptMaxRetries, required: true, location_name: "maxRetries")) PromptSpecification.add_member(:allow_interrupt, Shapes::ShapeRef.new(shape: BoxedBoolean, location_name: "allowInterrupt")) + PromptSpecification.add_member(:message_selection_strategy, Shapes::ShapeRef.new(shape: MessageSelectionStrategy, location_name: "messageSelectionStrategy")) PromptSpecification.struct_class = Types::PromptSpecification RecommendedActions.member = Shapes::ShapeRef.new(shape: RecommendedAction) diff --git a/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/types.rb b/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/types.rb index f7a84356b41..89a69f982eb 100644 --- a/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/types.rb +++ b/gems/aws-sdk-lexmodelsv2/lib/aws-sdk-lexmodelsv2/types.rb @@ -162,7 +162,7 @@ class AggregatedUtterancesSummary < Struct.new( # # # - # [1]: https://docs.aws.amazon.com/lex/latest/dg/designing-output-format.html + # [1]: https://docs.aws.amazon.com/lexv2/latest/dg/designing-output-format.html # @return [String] # # @see http://docs.aws.amazon.com/goto/WebAPI/models.lex.v2-2020-08-07/AssociatedTranscript AWS API Documentation @@ -784,7 +784,7 @@ class BotRecommendationResultStatistics < Struct.new( end # The object representing the URL of the bot definition, the URL of the - # associated transcript and a statistical summary of the bot + # associated transcript, and a statistical summary of the bot # recommendation results. # # @!attribute [rw] bot_locale_export_url @@ -1962,7 +1962,7 @@ class CreateExportRequest < Struct.new( # # # - # [1]: https://docs.aws.amazon.com/latest/dg/API_DescribeExport.html + # [1]: https://docs.aws.amazon.com/lexv2/latest/dg/API_DescribeExport.html # @return [String] # # @!attribute [rw] creation_date_time @@ -2326,6 +2326,7 @@ class CreateExportResponse < Struct.new( # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # declination_response: { # required # message_groups: [ # required @@ -2937,6 +2938,7 @@ class CreateResourcePolicyStatementResponse < Struct.new( # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # sample_utterances: [ # { @@ -6835,6 +6837,7 @@ class IntentClosingSetting < Struct.new( # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # declination_response: { # required # message_groups: [ # required @@ -9250,6 +9253,7 @@ class Principal < Struct.new( # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # } # # @!attribute [rw] message_groups @@ -9267,12 +9271,18 @@ class Principal < Struct.new( # bot. # @return [Boolean] # + # @!attribute [rw] message_selection_strategy + # Indicates how a message is selected from a message group among + # retries. + # @return [String] + # # @see http://docs.aws.amazon.com/goto/WebAPI/models.lex.v2-2020-08-07/PromptSpecification AWS API Documentation # class PromptSpecification < Struct.new( :message_groups, :max_retries, - :allow_interrupt) + :allow_interrupt, + :message_selection_strategy) SENSITIVE = [] include Aws::Structure end @@ -10213,6 +10223,7 @@ class SlotTypeValue < Struct.new( # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # sample_utterances: [ # { @@ -12024,6 +12035,7 @@ class UpdateExportResponse < Struct.new( # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # declination_response: { # required # message_groups: [ # required @@ -12504,6 +12516,7 @@ class UpdateResourcePolicyResponse < Struct.new( # ], # max_retries: 1, # required # allow_interrupt: false, + # message_selection_strategy: "Random", # accepts Random, Ordered # }, # sample_utterances: [ # { diff --git a/gems/aws-sdk-quicksight/CHANGELOG.md b/gems/aws-sdk-quicksight/CHANGELOG.md index 9b53244249f..a219af58d59 100644 --- a/gems/aws-sdk-quicksight/CHANGELOG.md +++ b/gems/aws-sdk-quicksight/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.66.0 (2022-07-05) +------------------ + +* Feature - This release allows customers to programmatically create QuickSight accounts with Enterprise and Enterprise + Q editions. It also releases allowlisting domains for embedding QuickSight dashboards at runtime through the embedding APIs. + 1.65.0 (2022-05-18) ------------------ diff --git a/gems/aws-sdk-quicksight/VERSION b/gems/aws-sdk-quicksight/VERSION index 902c74186fb..b6148bc0a75 100644 --- a/gems/aws-sdk-quicksight/VERSION +++ b/gems/aws-sdk-quicksight/VERSION @@ -1 +1 @@ -1.65.0 +1.66.0 diff --git a/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight.rb b/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight.rb index 3f49cfbbd4b..96e0188d673 100644 --- a/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight.rb +++ b/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight.rb @@ -48,6 +48,6 @@ # @!group service module Aws::QuickSight - GEM_VERSION = '1.65.0' + GEM_VERSION = '1.66.0' end diff --git a/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/client.rb b/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/client.rb index 5b7f67dbc4b..b935dfa2157 100644 --- a/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/client.rb +++ b/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/client.rb @@ -393,7 +393,7 @@ def cancel_ingestion(params = {}, options = {}) req.send_request(options) end - # Creates Amazon QuickSight customizations the current Amazon Web + # Creates Amazon QuickSight customizations for the current Amazon Web # Services Region. Currently, you can add a custom default theme by # using the `CreateAccountCustomization` or `UpdateAccountCustomization` # API operation. To further customize Amazon QuickSight by removing @@ -490,6 +490,199 @@ def create_account_customization(params = {}, options = {}) req.send_request(options) end + # Creates an Amazon QuickSight account, or subscribes to Amazon + # QuickSight Q. + # + # The Amazon Web Services Region for the account is derived from what is + # configured in the CLI or SDK. This operation isn't supported in the + # US East (Ohio) Region, South America (Sao Paulo) Region, or Asia + # Pacific (Singapore) Region. + # + # Before you use this operation, make sure that you can connect to an + # existing Amazon Web Services account. If you don't have an Amazon Web + # Services account, see [Sign up for Amazon Web Services][1] in the + # *Amazon QuickSight User Guide*. The person who signs up for Amazon + # QuickSight needs to have the correct Identity and Access Management + # (IAM) permissions. For more information, see [IAM Policy Examples for + # Amazon QuickSight][2] in the *Amazon QuickSight User Guide*. + # + # If your IAM policy includes both the `Subscribe` and + # `CreateAccountSubscription` actions, make sure that both actions are + # set to `Allow`. If either action is set to `Deny`, the `Deny` action + # prevails and your API call fails. + # + # You can't pass an existing IAM role to access other Amazon Web + # Services services using this API operation. To pass your existing IAM + # role to Amazon QuickSight, see [Passing IAM roles to Amazon + # QuickSight][3] in the *Amazon QuickSight User Guide*. + # + # You can't set default resource access on the new account from the + # Amazon QuickSight API. Instead, add default resource access from the + # Amazon QuickSight console. For more information about setting default + # resource access to Amazon Web Services services, see [Setting default + # resource access to Amazon Web Services services][4] in the *Amazon + # QuickSight User Guide*. + # + # + # + # [1]: https://docs.aws.amazon.com/quicksight/latest/user/setting-up-aws-sign-up.html + # [2]: https://docs.aws.amazon.com/quicksight/latest/user/iam-policy-examples.html + # [3]: https://docs.aws.amazon.com/quicksight/latest/user/security_iam_service-with-iam.html#security-create-iam-role + # [4]: https://docs.aws.amazon.com/quicksight/latest/user/scoping-policies-defaults.html + # + # @option params [required, String] :edition + # The edition of Amazon QuickSight that you want your account to have. + # Currently, you can choose from `ENTERPRISE` or `ENTERPRISE_AND_Q`. + # + # If you choose `ENTERPRISE_AND_Q`, the following parameters are + # required: + # + # * `FirstName` + # + # * `LastName` + # + # * `EmailAddress` + # + # * `ContactNumber` + # + # @option params [required, String] :authentication_method + # The method that you want to use to authenticate your Amazon QuickSight + # account. Currently, the valid values for this parameter are + # `IAM_AND_QUICKSIGHT`, `IAM_ONLY`, and `ACTIVE_DIRECTORY`. + # + # If you choose `ACTIVE_DIRECTORY`, provide an `ActiveDirectoryName` and + # an `AdminGroup` associated with your Active Directory. + # + # @option params [required, String] :aws_account_id + # The Amazon Web Services account ID of the account that you're using + # to create your Amazon QuickSight account. + # + # @option params [required, String] :account_name + # The name of your Amazon QuickSight account. This name is unique over + # all of Amazon Web Services, and it appears only when users sign in. + # You can't change `AccountName` value after the Amazon QuickSight + # account is created. + # + # @option params [required, String] :notification_email + # The email address that you want Amazon QuickSight to send + # notifications to regarding your Amazon QuickSight account or Amazon + # QuickSight subscription. + # + # @option params [String] :active_directory_name + # The name of your Active Directory. This field is required if + # `ACTIVE_DIRECTORY` is the selected authentication method of the new + # Amazon QuickSight account. + # + # @option params [String] :realm + # The realm of the Active Directory that is associated with your Amazon + # QuickSight account. This field is required if `ACTIVE_DIRECTORY` is + # the selected authentication method of the new Amazon QuickSight + # account. + # + # @option params [String] :directory_id + # The ID of the Active Directory that is associated with your Amazon + # QuickSight account. + # + # @option params [Array] :admin_group + # The admin group associated with your Active Directory. This field is + # required if `ACTIVE_DIRECTORY` is the selected authentication method + # of the new Amazon QuickSight account. For more information about using + # Active Directory in Amazon QuickSight, see [Using Active Directory + # with Amazon QuickSight Enterprise Edition][1] in the Amazon QuickSight + # User Guide. + # + # + # + # [1]: https://docs.aws.amazon.com/quicksight/latest/user/aws-directory-service.html + # + # @option params [Array] :author_group + # The author group associated with your Active Directory. For more + # information about using Active Directory in Amazon QuickSight, see + # [Using Active Directory with Amazon QuickSight Enterprise Edition][1] + # in the Amazon QuickSight User Guide. + # + # + # + # [1]: https://docs.aws.amazon.com/quicksight/latest/user/aws-directory-service.html + # + # @option params [Array] :reader_group + # The reader group associated with your Active Direcrtory. For more + # information about using Active Directory in Amazon QuickSight, see + # [Using Active Directory with Amazon QuickSight Enterprise Edition][1] + # in the *Amazon QuickSight User Guide*. + # + # + # + # [1]: https://docs.aws.amazon.com/quicksight/latest/user/aws-directory-service.html + # + # @option params [String] :first_name + # The first name of the author of the Amazon QuickSight account to use + # for future communications. This field is required if + # `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon + # QuickSight account. + # + # @option params [String] :last_name + # The last name of the author of the Amazon QuickSight account to use + # for future communications. This field is required if + # `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon + # QuickSight account. + # + # @option params [String] :email_address + # The email address of the author of the Amazon QuickSight account to + # use for future communications. This field is required if + # `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon + # QuickSight account. + # + # @option params [String] :contact_number + # A 10-digit phone number for the author of the Amazon QuickSight + # account to use for future communications. This field is required if + # `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon + # QuickSight account. + # + # @return [Types::CreateAccountSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CreateAccountSubscriptionResponse#signup_response #signup_response} => Types::SignupResponse + # * {Types::CreateAccountSubscriptionResponse#status #status} => Integer + # * {Types::CreateAccountSubscriptionResponse#request_id #request_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.create_account_subscription({ + # edition: "STANDARD", # required, accepts STANDARD, ENTERPRISE, ENTERPRISE_AND_Q + # authentication_method: "IAM_AND_QUICKSIGHT", # required, accepts IAM_AND_QUICKSIGHT, IAM_ONLY, ACTIVE_DIRECTORY + # aws_account_id: "AwsAccountId", # required + # account_name: "String", # required + # notification_email: "String", # required + # active_directory_name: "String", + # realm: "String", + # directory_id: "String", + # admin_group: ["String"], + # author_group: ["String"], + # reader_group: ["String"], + # first_name: "String", + # last_name: "String", + # email_address: "String", + # contact_number: "String", + # }) + # + # @example Response structure + # + # resp.signup_response.iam_user #=> Boolean + # resp.signup_response.user_login_name #=> String + # resp.signup_response.account_name #=> String + # resp.signup_response.directory_type #=> String + # resp.status #=> Integer + # resp.request_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/CreateAccountSubscription AWS API Documentation + # + # @overload create_account_subscription(params = {}) + # @param [Hash] params ({}) + def create_account_subscription(params = {}, options = {}) + req = build_request(:create_account_subscription, params) + req.send_request(options) + end + # Creates an analysis in Amazon QuickSight. # # @option params [required, String] :aws_account_id @@ -3012,7 +3205,7 @@ def describe_account_customization(params = {}, options = {}) # @example Response structure # # resp.account_settings.account_name #=> String - # resp.account_settings.edition #=> String, one of "STANDARD", "ENTERPRISE" + # resp.account_settings.edition #=> String, one of "STANDARD", "ENTERPRISE", "ENTERPRISE_AND_Q" # resp.account_settings.default_namespace #=> String # resp.account_settings.notification_email #=> String # resp.account_settings.public_sharing_enabled #=> Boolean @@ -3028,6 +3221,47 @@ def describe_account_settings(params = {}, options = {}) req.send_request(options) end + # Use the DescribeAccountSubscription operation to receive a description + # of a Amazon QuickSight account's subscription. A successful API call + # returns an `AccountInfo` object that includes an account's name, + # subscription status, authentication type, edition, and notification + # email address. + # + # @option params [required, String] :aws_account_id + # The Amazon Web Services account ID associated with your Amazon + # QuickSight account. + # + # @return [Types::DescribeAccountSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::DescribeAccountSubscriptionResponse#account_info #account_info} => Types::AccountInfo + # * {Types::DescribeAccountSubscriptionResponse#status #status} => Integer + # * {Types::DescribeAccountSubscriptionResponse#request_id #request_id} => String + # + # @example Request syntax with placeholder values + # + # resp = client.describe_account_subscription({ + # aws_account_id: "AwsAccountId", # required + # }) + # + # @example Response structure + # + # resp.account_info.account_name #=> String + # resp.account_info.edition #=> String, one of "STANDARD", "ENTERPRISE", "ENTERPRISE_AND_Q" + # resp.account_info.notification_email #=> String + # resp.account_info.authentication_type #=> String + # resp.account_info.account_subscription_status #=> String + # resp.status #=> Integer + # resp.request_id #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/DescribeAccountSubscription AWS API Documentation + # + # @overload describe_account_subscription(params = {}) + # @param [Hash] params ({}) + def describe_account_subscription(params = {}, options = {}) + req = build_request(:describe_account_subscription, params) + req.send_request(options) + end + # Provides a summary of the metadata for an analysis. # # @option params [required, String] :aws_account_id @@ -4427,10 +4661,9 @@ def describe_user(params = {}, options = {}) # # * The URL validity period should not be confused with the actual # session lifetime that can be customized using the ` - # SessionLifetimeInMinutes ` parameter. - # - # The resulting user session is valid for 15 minutes (minimum) to 10 - # hours (maximum). The default session duration is 10 hours. + # SessionLifetimeInMinutes ` parameter. The resulting user session is + # valid for 15 minutes (minimum) to 10 hours (maximum). The default + # session duration is 10 hours. # # * You are charged only when the URL is used or there is interaction # with Amazon QuickSight. @@ -4468,22 +4701,35 @@ def describe_user(params = {}, options = {}) # # These are not the tags used for the Amazon Web Services resource # tagging feature. For more information, see [Using Row-Level Security - # (RLS) with Tags][1]. + # (RLS) with Tags][1]in the *Amazon QuickSight User Guide*. # # # # [1]: https://docs.aws.amazon.com/quicksight/latest/user/quicksight-dev-rls-tags.html # # @option params [required, Array] :authorized_resource_arns - # The Amazon Resource Names for the Amazon QuickSight resources that the - # user is authorized to access during the lifetime of the session. If - # you choose `Dashboard` embedding experience, pass the list of - # dashboard ARNs in the account that you want the user to be able to + # The Amazon Resource Names (ARNs) for the Amazon QuickSight resources + # that the user is authorized to access during the lifetime of the + # session. If you choose `Dashboard` embedding experience, pass the list + # of dashboard ARNs in the account that you want the user to be able to # view. Currently, you can pass up to 25 dashboard ARNs in each API # call. # # @option params [required, Types::AnonymousUserEmbeddingExperienceConfiguration] :experience_configuration - # The configuration of the experience you are embedding. + # The configuration of the experience that you are embedding. + # + # @option params [Array] :allowed_domains + # The domains that you want to add to the allow list for access to the + # generated URL that is then embedded. This optional parameter overrides + # the static domains that are configured in the Manage QuickSight menu + # in the Amazon QuickSight console and instead allows only the domains + # that you include in this parameter. You can list up to three domains + # or subdomains in each API call. + # + # To include a subdomain, use `*` to include all subdomains under a + # specific domain to the allow list. For example, + # `https://*.sapp.amazon.com,` includes all subdomains under + # `https://sapp.amazon.com`. # # @return [Types::GenerateEmbedUrlForAnonymousUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # @@ -4509,6 +4755,7 @@ def describe_user(params = {}, options = {}) # initial_dashboard_id: "RestrictiveResourceId", # required # }, # }, + # allowed_domains: ["String"], # }) # # @example Response structure @@ -4575,6 +4822,19 @@ def generate_embed_url_for_anonymous_user(params = {}, options = {}) # The experience you are embedding. For registered users, you can embed # Amazon QuickSight dashboards or the entire Amazon QuickSight console. # + # @option params [Array] :allowed_domains + # The domains that you want to add to the allow list for access to the + # generated URL that is then embedded. This optional parameter overrides + # the static domains that are configured in the Manage QuickSight menu + # in the Amazon QuickSight console and instead allows only the domains + # that you include in this parameter. You can list up to three domains + # or subdomains in each API call. + # + # To include a subdomain, use `*` to include all subdomains under a + # specific domain to the allow list. For example, + # `https://*.sapp.amazon.com,` includes all subdomains under + # `https://sapp.amazon.com`. + # # @return [Types::GenerateEmbedUrlForRegisteredUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GenerateEmbedUrlForRegisteredUserResponse#embed_url #embed_url} => String @@ -4598,6 +4858,7 @@ def generate_embed_url_for_anonymous_user(params = {}, options = {}) # initial_topic_id: "RestrictiveResourceId", # }, # }, + # allowed_domains: ["String"], # }) # # @example Response structure @@ -4615,14 +4876,14 @@ def generate_embed_url_for_registered_user(params = {}, options = {}) req.send_request(options) end - # Generates a session URL and authorization code that you can use to - # embed an Amazon Amazon QuickSight read-only dashboard in your web - # server code. Before you use this command, make sure that you have + # Generates a temporary session URL and authorization code that you can + # use to embed an Amazon QuickSight read-only dashboard in your website + # or application. Before you use this command, make sure that you have # configured the dashboards and permissions. # # Currently, you can use `GetDashboardEmbedURL` only from the server, # not from the user's browser. The following rules apply to the - # combination of URL and authorization code: + # generated URL: # # * They must be used together. # @@ -4630,7 +4891,9 @@ def generate_embed_url_for_registered_user(params = {}, options = {}) # # * They are valid for 5 minutes after you run this command. # - # * The resulting user session is valid for 10 hours. + # * The resulting user session is valid for 15 minutes (default) up to + # 10 hours (maximum). You can use the optional + # `SessionLifetimeInMinutes` parameter to customi session duration. # # For more information, see [Embedding Analytics Using # GetDashboardEmbedUrl][1] in the *Amazon QuickSight User Guide*. @@ -4700,11 +4963,11 @@ def generate_embed_url_for_registered_user(params = {}, options = {}) # = default`. # # @option params [Array] :additional_dashboard_ids - # A list of one or more dashboard IDs that you want to add to a session - # that includes anonymous users. The `IdentityType` parameter must be - # set to `ANONYMOUS` for this to work, because other identity types - # authenticate as Amazon QuickSight or IAM users. For example, if you - # set "`--dashboard-id dash_id1 --dashboard-id dash_id2 dash_id3 + # A list of one or more dashboard IDs that you want anonymous users to + # have tempporary access to. Currently, the `IdentityType` parameter + # must be set to `ANONYMOUS` because other identity types authenticate + # as Amazon QuickSight or IAM users. For example, if you set + # "`--dashboard-id dash_id1 --dashboard-id dash_id2 dash_id3 # identity-type ANONYMOUS`", the session can access all three # dashboards. # @@ -6704,9 +6967,9 @@ def untag_resource(params = {}, options = {}) req.send_request(options) end - # Updates Amazon QuickSight customizations the current Amazon Web - # Services Region. Currently, the only customization you can use is a - # theme. + # Updates Amazon QuickSight customizations for the current Amazon Web + # Services Region. Currently, the only customization that you can use is + # a theme. # # You can use customizations for your Amazon Web Services account or, if # you specify a namespace, for a Amazon QuickSight namespace instead. @@ -6777,7 +7040,7 @@ def update_account_customization(params = {}, options = {}) # The default namespace for this Amazon Web Services account. Currently, # the default is `default`. Identity and Access Management (IAM) users # that register for the first time with Amazon QuickSight provide an - # email that becomes associated with the default namespace. + # email address that becomes associated with the default namespace. # # @option params [String] :notification_email # The email address that you want Amazon QuickSight to send @@ -8161,16 +8424,17 @@ def update_ip_restriction(params = {}, options = {}) req.send_request(options) end - # Use the UpdatePublicSharingSettings operation to enable or disable the - # public sharing settings of an Amazon QuickSight dashboard. + # Use the `UpdatePublicSharingSettings` operation to turn on or turn off + # the public sharing settings of an Amazon QuickSight dashboard. # - # To use this operation, enable session capacity pricing on your Amazon - # QuickSight account. + # To use this operation, turn on session capacity pricing for your + # Amazon QuickSight account. # - # Before you can enable public sharing on your account, you need to - # allow public sharing permissions to an administrative user in the IAM - # console. For more information on using IAM with Amazon QuickSight, see - # [Using Amazon QuickSight with IAM][1]. + # Before you can turn on public sharing on your account, make sure to + # give public sharing permissions to an administrative user in the + # Identity and Access Management (IAM) console. For more information on + # using IAM with Amazon QuickSight, see [Using Amazon QuickSight with + # IAM][1] in the *Amazon QuickSight User Guide*. # # # @@ -8181,8 +8445,8 @@ def update_ip_restriction(params = {}, options = {}) # QuickSight subscription. # # @option params [Boolean] :public_sharing_enabled - # A boolean that indicates whether or not public sharing is enabled on a - # Amazon QuickSight account. + # A Boolean value that indicates whether public sharing is turned on for + # an Amazon QuickSight account. # # @return [Types::UpdatePublicSharingSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # @@ -8813,7 +9077,7 @@ def build_request(operation_name, params = {}) params: params, config: config) context[:gem_name] = 'aws-sdk-quicksight' - context[:gem_version] = '1.65.0' + context[:gem_version] = '1.66.0' Seahorse::Client::Request.new(handlers, context) end diff --git a/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/client_api.rb b/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/client_api.rb index 1066f230b04..914a57beea1 100644 --- a/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/client_api.rb +++ b/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/client_api.rb @@ -15,6 +15,7 @@ module ClientApi AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException') AccountCustomization = Shapes::StructureShape.new(name: 'AccountCustomization') + AccountInfo = Shapes::StructureShape.new(name: 'AccountInfo') AccountSettings = Shapes::StructureShape.new(name: 'AccountSettings') ActionList = Shapes::ListShape.new(name: 'ActionList') ActiveIAMPolicyAssignment = Shapes::StructureShape.new(name: 'ActiveIAMPolicyAssignment') @@ -44,6 +45,7 @@ module ClientApi AthenaParameters = Shapes::StructureShape.new(name: 'AthenaParameters') AuroraParameters = Shapes::StructureShape.new(name: 'AuroraParameters') AuroraPostgreSqlParameters = Shapes::StructureShape.new(name: 'AuroraPostgreSqlParameters') + AuthenticationMethodOption = Shapes::StringShape.new(name: 'AuthenticationMethodOption') AwsAccountId = Shapes::StringShape.new(name: 'AwsAccountId') AwsAndAccountId = Shapes::StringShape.new(name: 'AwsAndAccountId') AwsIotAnalyticsParameters = Shapes::StructureShape.new(name: 'AwsIotAnalyticsParameters') @@ -85,6 +87,8 @@ module ClientApi CopySourceArn = Shapes::StringShape.new(name: 'CopySourceArn') CreateAccountCustomizationRequest = Shapes::StructureShape.new(name: 'CreateAccountCustomizationRequest') CreateAccountCustomizationResponse = Shapes::StructureShape.new(name: 'CreateAccountCustomizationResponse') + CreateAccountSubscriptionRequest = Shapes::StructureShape.new(name: 'CreateAccountSubscriptionRequest') + CreateAccountSubscriptionResponse = Shapes::StructureShape.new(name: 'CreateAccountSubscriptionResponse') CreateAnalysisRequest = Shapes::StructureShape.new(name: 'CreateAnalysisRequest') CreateAnalysisResponse = Shapes::StructureShape.new(name: 'CreateAnalysisResponse') CreateColumnsOperation = Shapes::StructureShape.new(name: 'CreateColumnsOperation') @@ -202,6 +206,8 @@ module ClientApi DescribeAccountCustomizationResponse = Shapes::StructureShape.new(name: 'DescribeAccountCustomizationResponse') DescribeAccountSettingsRequest = Shapes::StructureShape.new(name: 'DescribeAccountSettingsRequest') DescribeAccountSettingsResponse = Shapes::StructureShape.new(name: 'DescribeAccountSettingsResponse') + DescribeAccountSubscriptionRequest = Shapes::StructureShape.new(name: 'DescribeAccountSubscriptionRequest') + DescribeAccountSubscriptionResponse = Shapes::StructureShape.new(name: 'DescribeAccountSubscriptionResponse') DescribeAnalysisPermissionsRequest = Shapes::StructureShape.new(name: 'DescribeAnalysisPermissionsRequest') DescribeAnalysisPermissionsResponse = Shapes::StructureShape.new(name: 'DescribeAnalysisPermissionsResponse') DescribeAnalysisRequest = Shapes::StructureShape.new(name: 'DescribeAnalysisRequest') @@ -304,6 +310,7 @@ module ClientApi GroupName = Shapes::StringShape.new(name: 'GroupName') GroupSearchFilter = Shapes::StructureShape.new(name: 'GroupSearchFilter') GroupSearchFilterList = Shapes::ListShape.new(name: 'GroupSearchFilterList') + GroupsList = Shapes::ListShape.new(name: 'GroupsList') GutterStyle = Shapes::StructureShape.new(name: 'GutterStyle') HexColor = Shapes::StringShape.new(name: 'HexColor') Host = Shapes::StringShape.new(name: 'Host') @@ -490,6 +497,7 @@ module ClientApi SheetControlsOption = Shapes::StructureShape.new(name: 'SheetControlsOption') SheetList = Shapes::ListShape.new(name: 'SheetList') SheetStyle = Shapes::StructureShape.new(name: 'SheetStyle') + SignupResponse = Shapes::StructureShape.new(name: 'SignupResponse') SiteBaseUrl = Shapes::StringShape.new(name: 'SiteBaseUrl') SnowflakeParameters = Shapes::StructureShape.new(name: 'SnowflakeParameters') SparkParameters = Shapes::StructureShape.new(name: 'SparkParameters') @@ -627,6 +635,13 @@ module ClientApi AccountCustomization.add_member(:default_email_customization_template, Shapes::ShapeRef.new(shape: Arn, location_name: "DefaultEmailCustomizationTemplate")) AccountCustomization.struct_class = Types::AccountCustomization + AccountInfo.add_member(:account_name, Shapes::ShapeRef.new(shape: String, location_name: "AccountName")) + AccountInfo.add_member(:edition, Shapes::ShapeRef.new(shape: Edition, location_name: "Edition")) + AccountInfo.add_member(:notification_email, Shapes::ShapeRef.new(shape: String, location_name: "NotificationEmail")) + AccountInfo.add_member(:authentication_type, Shapes::ShapeRef.new(shape: String, location_name: "AuthenticationType")) + AccountInfo.add_member(:account_subscription_status, Shapes::ShapeRef.new(shape: String, location_name: "AccountSubscriptionStatus")) + AccountInfo.struct_class = Types::AccountInfo + AccountSettings.add_member(:account_name, Shapes::ShapeRef.new(shape: String, location_name: "AccountName")) AccountSettings.add_member(:edition, Shapes::ShapeRef.new(shape: Edition, location_name: "Edition")) AccountSettings.add_member(:default_namespace, Shapes::ShapeRef.new(shape: Namespace, location_name: "DefaultNamespace")) @@ -813,6 +828,28 @@ module ClientApi CreateAccountCustomizationResponse.add_member(:status, Shapes::ShapeRef.new(shape: StatusCode, location: "statusCode", location_name: "Status")) CreateAccountCustomizationResponse.struct_class = Types::CreateAccountCustomizationResponse + CreateAccountSubscriptionRequest.add_member(:edition, Shapes::ShapeRef.new(shape: Edition, required: true, location_name: "Edition")) + CreateAccountSubscriptionRequest.add_member(:authentication_method, Shapes::ShapeRef.new(shape: AuthenticationMethodOption, required: true, location_name: "AuthenticationMethod")) + CreateAccountSubscriptionRequest.add_member(:aws_account_id, Shapes::ShapeRef.new(shape: AwsAccountId, required: true, location: "uri", location_name: "AwsAccountId")) + CreateAccountSubscriptionRequest.add_member(:account_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "AccountName")) + CreateAccountSubscriptionRequest.add_member(:notification_email, Shapes::ShapeRef.new(shape: String, required: true, location_name: "NotificationEmail")) + CreateAccountSubscriptionRequest.add_member(:active_directory_name, Shapes::ShapeRef.new(shape: String, location_name: "ActiveDirectoryName")) + CreateAccountSubscriptionRequest.add_member(:realm, Shapes::ShapeRef.new(shape: String, location_name: "Realm")) + CreateAccountSubscriptionRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: String, location_name: "DirectoryId")) + CreateAccountSubscriptionRequest.add_member(:admin_group, Shapes::ShapeRef.new(shape: GroupsList, location_name: "AdminGroup")) + CreateAccountSubscriptionRequest.add_member(:author_group, Shapes::ShapeRef.new(shape: GroupsList, location_name: "AuthorGroup")) + CreateAccountSubscriptionRequest.add_member(:reader_group, Shapes::ShapeRef.new(shape: GroupsList, location_name: "ReaderGroup")) + CreateAccountSubscriptionRequest.add_member(:first_name, Shapes::ShapeRef.new(shape: String, location_name: "FirstName")) + CreateAccountSubscriptionRequest.add_member(:last_name, Shapes::ShapeRef.new(shape: String, location_name: "LastName")) + CreateAccountSubscriptionRequest.add_member(:email_address, Shapes::ShapeRef.new(shape: String, location_name: "EmailAddress")) + CreateAccountSubscriptionRequest.add_member(:contact_number, Shapes::ShapeRef.new(shape: String, location_name: "ContactNumber")) + CreateAccountSubscriptionRequest.struct_class = Types::CreateAccountSubscriptionRequest + + CreateAccountSubscriptionResponse.add_member(:signup_response, Shapes::ShapeRef.new(shape: SignupResponse, location_name: "SignupResponse")) + CreateAccountSubscriptionResponse.add_member(:status, Shapes::ShapeRef.new(shape: StatusCode, location: "statusCode", location_name: "Status")) + CreateAccountSubscriptionResponse.add_member(:request_id, Shapes::ShapeRef.new(shape: String, location_name: "RequestId")) + CreateAccountSubscriptionResponse.struct_class = Types::CreateAccountSubscriptionResponse + CreateAnalysisRequest.add_member(:aws_account_id, Shapes::ShapeRef.new(shape: AwsAccountId, required: true, location: "uri", location_name: "AwsAccountId")) CreateAnalysisRequest.add_member(:analysis_id, Shapes::ShapeRef.new(shape: RestrictiveResourceId, required: true, location: "uri", location_name: "AnalysisId")) CreateAnalysisRequest.add_member(:name, Shapes::ShapeRef.new(shape: AnalysisName, required: true, location_name: "Name")) @@ -1438,6 +1475,14 @@ module ClientApi DescribeAccountSettingsResponse.add_member(:status, Shapes::ShapeRef.new(shape: StatusCode, location: "statusCode", location_name: "Status")) DescribeAccountSettingsResponse.struct_class = Types::DescribeAccountSettingsResponse + DescribeAccountSubscriptionRequest.add_member(:aws_account_id, Shapes::ShapeRef.new(shape: AwsAccountId, required: true, location: "uri", location_name: "AwsAccountId")) + DescribeAccountSubscriptionRequest.struct_class = Types::DescribeAccountSubscriptionRequest + + DescribeAccountSubscriptionResponse.add_member(:account_info, Shapes::ShapeRef.new(shape: AccountInfo, location_name: "AccountInfo")) + DescribeAccountSubscriptionResponse.add_member(:status, Shapes::ShapeRef.new(shape: StatusCode, location: "statusCode", location_name: "Status")) + DescribeAccountSubscriptionResponse.add_member(:request_id, Shapes::ShapeRef.new(shape: String, location_name: "RequestId")) + DescribeAccountSubscriptionResponse.struct_class = Types::DescribeAccountSubscriptionResponse + DescribeAnalysisPermissionsRequest.add_member(:aws_account_id, Shapes::ShapeRef.new(shape: AwsAccountId, required: true, location: "uri", location_name: "AwsAccountId")) DescribeAnalysisPermissionsRequest.add_member(:analysis_id, Shapes::ShapeRef.new(shape: RestrictiveResourceId, required: true, location: "uri", location_name: "AnalysisId")) DescribeAnalysisPermissionsRequest.struct_class = Types::DescribeAnalysisPermissionsRequest @@ -1753,6 +1798,7 @@ module ClientApi GenerateEmbedUrlForAnonymousUserRequest.add_member(:session_tags, Shapes::ShapeRef.new(shape: SessionTagList, location_name: "SessionTags")) GenerateEmbedUrlForAnonymousUserRequest.add_member(:authorized_resource_arns, Shapes::ShapeRef.new(shape: ArnList, required: true, location_name: "AuthorizedResourceArns")) GenerateEmbedUrlForAnonymousUserRequest.add_member(:experience_configuration, Shapes::ShapeRef.new(shape: AnonymousUserEmbeddingExperienceConfiguration, required: true, location_name: "ExperienceConfiguration")) + GenerateEmbedUrlForAnonymousUserRequest.add_member(:allowed_domains, Shapes::ShapeRef.new(shape: StringList, location_name: "AllowedDomains")) GenerateEmbedUrlForAnonymousUserRequest.struct_class = Types::GenerateEmbedUrlForAnonymousUserRequest GenerateEmbedUrlForAnonymousUserResponse.add_member(:embed_url, Shapes::ShapeRef.new(shape: EmbeddingUrl, required: true, location_name: "EmbedUrl")) @@ -1764,6 +1810,7 @@ module ClientApi GenerateEmbedUrlForRegisteredUserRequest.add_member(:session_lifetime_in_minutes, Shapes::ShapeRef.new(shape: SessionLifetimeInMinutes, location_name: "SessionLifetimeInMinutes")) GenerateEmbedUrlForRegisteredUserRequest.add_member(:user_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "UserArn")) GenerateEmbedUrlForRegisteredUserRequest.add_member(:experience_configuration, Shapes::ShapeRef.new(shape: RegisteredUserEmbeddingExperienceConfiguration, required: true, location_name: "ExperienceConfiguration")) + GenerateEmbedUrlForRegisteredUserRequest.add_member(:allowed_domains, Shapes::ShapeRef.new(shape: StringList, location_name: "AllowedDomains")) GenerateEmbedUrlForRegisteredUserRequest.struct_class = Types::GenerateEmbedUrlForRegisteredUserRequest GenerateEmbedUrlForRegisteredUserResponse.add_member(:embed_url, Shapes::ShapeRef.new(shape: EmbeddingUrl, required: true, location_name: "EmbedUrl")) @@ -1825,6 +1872,8 @@ module ClientApi GroupSearchFilterList.member = Shapes::ShapeRef.new(shape: GroupSearchFilter) + GroupsList.member = Shapes::ShapeRef.new(shape: String) + GutterStyle.add_member(:show, Shapes::ShapeRef.new(shape: boolean, location_name: "Show", metadata: {"box"=>true})) GutterStyle.struct_class = Types::GutterStyle @@ -2472,6 +2521,12 @@ module ClientApi SheetStyle.add_member(:tile_layout, Shapes::ShapeRef.new(shape: TileLayoutStyle, location_name: "TileLayout")) SheetStyle.struct_class = Types::SheetStyle + SignupResponse.add_member(:iam_user, Shapes::ShapeRef.new(shape: Boolean, location_name: "IAMUser")) + SignupResponse.add_member(:user_login_name, Shapes::ShapeRef.new(shape: String, location_name: "userLoginName")) + SignupResponse.add_member(:account_name, Shapes::ShapeRef.new(shape: String, location_name: "accountName")) + SignupResponse.add_member(:directory_type, Shapes::ShapeRef.new(shape: String, location_name: "directoryType")) + SignupResponse.struct_class = Types::SignupResponse + SnowflakeParameters.add_member(:host, Shapes::ShapeRef.new(shape: Host, required: true, location_name: "Host")) SnowflakeParameters.add_member(:database, Shapes::ShapeRef.new(shape: Database, required: true, location_name: "Database")) SnowflakeParameters.add_member(:warehouse, Shapes::ShapeRef.new(shape: Warehouse, required: true, location_name: "Warehouse")) @@ -3105,6 +3160,23 @@ module ClientApi o.errors << Shapes::ShapeRef.new(shape: ResourceUnavailableException) end) + api.add_operation(:create_account_subscription, Seahorse::Model::Operation.new.tap do |o| + o.name = "CreateAccountSubscription" + o.http_method = "POST" + o.http_request_uri = "/account/{AwsAccountId}" + o.input = Shapes::ShapeRef.new(shape: CreateAccountSubscriptionRequest) + o.output = Shapes::ShapeRef.new(shape: CreateAccountSubscriptionResponse) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: ThrottlingException) + o.errors << Shapes::ShapeRef.new(shape: ResourceExistsException) + o.errors << Shapes::ShapeRef.new(shape: PreconditionNotMetException) + o.errors << Shapes::ShapeRef.new(shape: ConflictException) + o.errors << Shapes::ShapeRef.new(shape: InternalFailureException) + o.errors << Shapes::ShapeRef.new(shape: ResourceUnavailableException) + end) + api.add_operation(:create_analysis, Seahorse::Model::Operation.new.tap do |o| o.name = "CreateAnalysis" o.http_method = "POST" @@ -3620,6 +3692,20 @@ module ClientApi o.errors << Shapes::ShapeRef.new(shape: ResourceUnavailableException) end) + api.add_operation(:describe_account_subscription, Seahorse::Model::Operation.new.tap do |o| + o.name = "DescribeAccountSubscription" + o.http_method = "GET" + o.http_request_uri = "/account/{AwsAccountId}" + o.input = Shapes::ShapeRef.new(shape: DescribeAccountSubscriptionRequest) + o.output = Shapes::ShapeRef.new(shape: DescribeAccountSubscriptionResponse) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: ThrottlingException) + o.errors << Shapes::ShapeRef.new(shape: InternalFailureException) + o.errors << Shapes::ShapeRef.new(shape: ResourceUnavailableException) + end) + api.add_operation(:describe_analysis, Seahorse::Model::Operation.new.tap do |o| o.name = "DescribeAnalysis" o.http_method = "GET" diff --git a/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/types.rb b/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/types.rb index fd754389704..4b8054371fd 100644 --- a/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/types.rb +++ b/gems/aws-sdk-quicksight/lib/aws-sdk-quicksight/types.rb @@ -61,6 +61,56 @@ class AccountCustomization < Struct.new( include Aws::Structure end + # A structure that contains the following account information elements: + # + # * Your Amazon QuickSight account name. + # + # * The edition of Amazon QuickSight that your account is using. + # + # * The notification email address that is associated with the Amazon + # QuickSight account. + # + # * The authentication type of the Amazon QuickSight account. + # + # * The status of the Amazon QuickSight account's subscription. + # + # @!attribute [rw] account_name + # The account name that you provided for the Amazon QuickSight + # subscription in your Amazon Web Services account. You create this + # name when you sign up for Amazon QuickSight. It's unique over all + # of Amazon Web Services, and it appears only when users sign in. + # @return [String] + # + # @!attribute [rw] edition + # The edition of your Amazon QuickSight account. + # @return [String] + # + # @!attribute [rw] notification_email + # The email address that will be used for Amazon QuickSight to send + # notifications regarding your Amazon Web Services account or Amazon + # QuickSight subscription. + # @return [String] + # + # @!attribute [rw] authentication_type + # The way that your Amazon QuickSight account is authenticated. + # @return [String] + # + # @!attribute [rw] account_subscription_status + # The status of your account subscription. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/AccountInfo AWS API Documentation + # + class AccountInfo < Struct.new( + :account_name, + :edition, + :notification_email, + :authentication_type, + :account_subscription_status) + SENSITIVE = [] + include Aws::Structure + end + # The Amazon QuickSight settings associated with your Amazon Web # Services account. # @@ -86,9 +136,9 @@ class AccountCustomization < Struct.new( # @return [String] # # @!attribute [rw] public_sharing_enabled - # A boolean that indicates whether or not public sharing is enabled on - # an Amazon QuickSight account. For more information about enabling - # public sharing, see [UpdatePublicSharingSettings][1]. + # A Boolean value that indicates whether public sharing is turned on + # for an Amazon QuickSight account. For more information about turning + # on public sharing, see [UpdatePublicSharingSettings][1]. # # # @@ -126,7 +176,7 @@ class ActiveIAMPolicyAssignment < Struct.new( include Aws::Structure end - # Ad hoc (one-time) filtering option. + # An ad hoc (one-time) filtering option. # # @note When making an API call, you may pass AdHocFilteringOption # data as a hash: @@ -1020,6 +1070,196 @@ class CreateAccountCustomizationResponse < Struct.new( include Aws::Structure end + # @note When making an API call, you may pass CreateAccountSubscriptionRequest + # data as a hash: + # + # { + # edition: "STANDARD", # required, accepts STANDARD, ENTERPRISE, ENTERPRISE_AND_Q + # authentication_method: "IAM_AND_QUICKSIGHT", # required, accepts IAM_AND_QUICKSIGHT, IAM_ONLY, ACTIVE_DIRECTORY + # aws_account_id: "AwsAccountId", # required + # account_name: "String", # required + # notification_email: "String", # required + # active_directory_name: "String", + # realm: "String", + # directory_id: "String", + # admin_group: ["String"], + # author_group: ["String"], + # reader_group: ["String"], + # first_name: "String", + # last_name: "String", + # email_address: "String", + # contact_number: "String", + # } + # + # @!attribute [rw] edition + # The edition of Amazon QuickSight that you want your account to have. + # Currently, you can choose from `ENTERPRISE` or `ENTERPRISE_AND_Q`. + # + # If you choose `ENTERPRISE_AND_Q`, the following parameters are + # required: + # + # * `FirstName` + # + # * `LastName` + # + # * `EmailAddress` + # + # * `ContactNumber` + # @return [String] + # + # @!attribute [rw] authentication_method + # The method that you want to use to authenticate your Amazon + # QuickSight account. Currently, the valid values for this parameter + # are `IAM_AND_QUICKSIGHT`, `IAM_ONLY`, and `ACTIVE_DIRECTORY`. + # + # If you choose `ACTIVE_DIRECTORY`, provide an `ActiveDirectoryName` + # and an `AdminGroup` associated with your Active Directory. + # @return [String] + # + # @!attribute [rw] aws_account_id + # The Amazon Web Services account ID of the account that you're using + # to create your Amazon QuickSight account. + # @return [String] + # + # @!attribute [rw] account_name + # The name of your Amazon QuickSight account. This name is unique over + # all of Amazon Web Services, and it appears only when users sign in. + # You can't change `AccountName` value after the Amazon QuickSight + # account is created. + # @return [String] + # + # @!attribute [rw] notification_email + # The email address that you want Amazon QuickSight to send + # notifications to regarding your Amazon QuickSight account or Amazon + # QuickSight subscription. + # @return [String] + # + # @!attribute [rw] active_directory_name + # The name of your Active Directory. This field is required if + # `ACTIVE_DIRECTORY` is the selected authentication method of the new + # Amazon QuickSight account. + # @return [String] + # + # @!attribute [rw] realm + # The realm of the Active Directory that is associated with your + # Amazon QuickSight account. This field is required if + # `ACTIVE_DIRECTORY` is the selected authentication method of the new + # Amazon QuickSight account. + # @return [String] + # + # @!attribute [rw] directory_id + # The ID of the Active Directory that is associated with your Amazon + # QuickSight account. + # @return [String] + # + # @!attribute [rw] admin_group + # The admin group associated with your Active Directory. This field is + # required if `ACTIVE_DIRECTORY` is the selected authentication method + # of the new Amazon QuickSight account. For more information about + # using Active Directory in Amazon QuickSight, see [Using Active + # Directory with Amazon QuickSight Enterprise Edition][1] in the + # Amazon QuickSight User Guide. + # + # + # + # [1]: https://docs.aws.amazon.com/quicksight/latest/user/aws-directory-service.html + # @return [Array] + # + # @!attribute [rw] author_group + # The author group associated with your Active Directory. For more + # information about using Active Directory in Amazon QuickSight, see + # [Using Active Directory with Amazon QuickSight Enterprise + # Edition][1] in the Amazon QuickSight User Guide. + # + # + # + # [1]: https://docs.aws.amazon.com/quicksight/latest/user/aws-directory-service.html + # @return [Array] + # + # @!attribute [rw] reader_group + # The reader group associated with your Active Direcrtory. For more + # information about using Active Directory in Amazon QuickSight, see + # [Using Active Directory with Amazon QuickSight Enterprise + # Edition][1] in the *Amazon QuickSight User Guide*. + # + # + # + # [1]: https://docs.aws.amazon.com/quicksight/latest/user/aws-directory-service.html + # @return [Array] + # + # @!attribute [rw] first_name + # The first name of the author of the Amazon QuickSight account to use + # for future communications. This field is required if + # `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon + # QuickSight account. + # @return [String] + # + # @!attribute [rw] last_name + # The last name of the author of the Amazon QuickSight account to use + # for future communications. This field is required if + # `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon + # QuickSight account. + # @return [String] + # + # @!attribute [rw] email_address + # The email address of the author of the Amazon QuickSight account to + # use for future communications. This field is required if + # `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon + # QuickSight account. + # @return [String] + # + # @!attribute [rw] contact_number + # A 10-digit phone number for the author of the Amazon QuickSight + # account to use for future communications. This field is required if + # `ENTERPPRISE_AND_Q` is the selected edition of the new Amazon + # QuickSight account. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/CreateAccountSubscriptionRequest AWS API Documentation + # + class CreateAccountSubscriptionRequest < Struct.new( + :edition, + :authentication_method, + :aws_account_id, + :account_name, + :notification_email, + :active_directory_name, + :realm, + :directory_id, + :admin_group, + :author_group, + :reader_group, + :first_name, + :last_name, + :email_address, + :contact_number) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] signup_response + # A `SignupResponse` object that returns information about a newly + # created Amazon QuickSight account. + # @return [Types::SignupResponse] + # + # @!attribute [rw] status + # The HTTP status of the request. + # @return [Integer] + # + # @!attribute [rw] request_id + # The Amazon Web Services request ID for this operation. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/CreateAccountSubscriptionResponse AWS API Documentation + # + class CreateAccountSubscriptionResponse < Struct.new( + :signup_response, + :status, + :request_id) + SENSITIVE = [] + include Aws::Structure + end + # @note When making an API call, you may pass CreateAnalysisRequest # data as a hash: # @@ -5413,13 +5653,14 @@ class DescribeAccountSettingsRequest < Struct.new( # The Amazon QuickSight settings for this Amazon Web Services account. # This information includes the edition of Amazon Amazon QuickSight # that you subscribed to (Standard or Enterprise) and the notification - # email for the Amazon QuickSight subscription. In the QuickSight - # console, the Amazon QuickSight subscription is sometimes referred to - # as a QuickSight "account" even though it's technically not an - # account by itself. Instead, it's a subscription to the Amazon - # QuickSight service for your Amazon Web Services account. The edition - # that you subscribe to applies to Amazon QuickSight in every Amazon - # Web Services Region where you use it. + # email for the Amazon QuickSight subscription. + # + # In the QuickSight console, the Amazon QuickSight subscription is + # sometimes referred to as a QuickSight "account" even though it's + # technically not an account by itself. Instead, it's a subscription + # to the Amazon QuickSight service for your Amazon Web Services + # account. The edition that you subscribe to applies to Amazon + # QuickSight in every Amazon Web Services Region where you use it. # @return [Types::AccountSettings] # # @!attribute [rw] request_id @@ -5440,6 +5681,59 @@ class DescribeAccountSettingsResponse < Struct.new( include Aws::Structure end + # @note When making an API call, you may pass DescribeAccountSubscriptionRequest + # data as a hash: + # + # { + # aws_account_id: "AwsAccountId", # required + # } + # + # @!attribute [rw] aws_account_id + # The Amazon Web Services account ID associated with your Amazon + # QuickSight account. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/DescribeAccountSubscriptionRequest AWS API Documentation + # + class DescribeAccountSubscriptionRequest < Struct.new( + :aws_account_id) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] account_info + # A structure that contains the following elements: + # + # * Your Amazon QuickSight account name. + # + # * The edition of Amazon QuickSight that your account is using. + # + # * The notification email address that is associated with the Amazon + # QuickSight account. + # + # * The authentication type of the Amazon QuickSight account. + # + # * The status of the Amazon QuickSight account's subscription. + # @return [Types::AccountInfo] + # + # @!attribute [rw] status + # The HTTP status of the request. + # @return [Integer] + # + # @!attribute [rw] request_id + # The Amazon Web Services request ID for this operation. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/DescribeAccountSubscriptionResponse AWS API Documentation + # + class DescribeAccountSubscriptionResponse < Struct.new( + :account_info, + :status, + :request_id) + SENSITIVE = [] + include Aws::Structure + end + # @note When making an API call, you may pass DescribeAnalysisPermissionsRequest # data as a hash: # @@ -7101,6 +7395,7 @@ class FolderSummary < Struct.new( # initial_dashboard_id: "RestrictiveResourceId", # required # }, # }, + # allowed_domains: ["String"], # } # # @!attribute [rw] aws_account_id @@ -7127,7 +7422,7 @@ class FolderSummary < Struct.new( # # These are not the tags used for the Amazon Web Services resource # tagging feature. For more information, see [Using Row-Level Security - # (RLS) with Tags][1]. + # (RLS) with Tags][1]in the *Amazon QuickSight User Guide*. # # # @@ -7135,18 +7430,32 @@ class FolderSummary < Struct.new( # @return [Array] # # @!attribute [rw] authorized_resource_arns - # The Amazon Resource Names for the Amazon QuickSight resources that - # the user is authorized to access during the lifetime of the session. - # If you choose `Dashboard` embedding experience, pass the list of - # dashboard ARNs in the account that you want the user to be able to - # view. Currently, you can pass up to 25 dashboard ARNs in each API - # call. + # The Amazon Resource Names (ARNs) for the Amazon QuickSight resources + # that the user is authorized to access during the lifetime of the + # session. If you choose `Dashboard` embedding experience, pass the + # list of dashboard ARNs in the account that you want the user to be + # able to view. Currently, you can pass up to 25 dashboard ARNs in + # each API call. # @return [Array] # # @!attribute [rw] experience_configuration - # The configuration of the experience you are embedding. + # The configuration of the experience that you are embedding. # @return [Types::AnonymousUserEmbeddingExperienceConfiguration] # + # @!attribute [rw] allowed_domains + # The domains that you want to add to the allow list for access to the + # generated URL that is then embedded. This optional parameter + # overrides the static domains that are configured in the Manage + # QuickSight menu in the Amazon QuickSight console and instead allows + # only the domains that you include in this parameter. You can list up + # to three domains or subdomains in each API call. + # + # To include a subdomain, use `*` to include all subdomains under a + # specific domain to the allow list. For example, + # `https://*.sapp.amazon.com,` includes all subdomains under + # `https://sapp.amazon.com`. + # @return [Array] + # # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/GenerateEmbedUrlForAnonymousUserRequest AWS API Documentation # class GenerateEmbedUrlForAnonymousUserRequest < Struct.new( @@ -7155,7 +7464,8 @@ class GenerateEmbedUrlForAnonymousUserRequest < Struct.new( :namespace, :session_tags, :authorized_resource_arns, - :experience_configuration) + :experience_configuration, + :allowed_domains) SENSITIVE = [] include Aws::Structure end @@ -7200,6 +7510,7 @@ class GenerateEmbedUrlForAnonymousUserResponse < Struct.new( # initial_topic_id: "RestrictiveResourceId", # }, # }, + # allowed_domains: ["String"], # } # # @!attribute [rw] aws_account_id @@ -7222,13 +7533,28 @@ class GenerateEmbedUrlForAnonymousUserResponse < Struct.new( # console. # @return [Types::RegisteredUserEmbeddingExperienceConfiguration] # + # @!attribute [rw] allowed_domains + # The domains that you want to add to the allow list for access to the + # generated URL that is then embedded. This optional parameter + # overrides the static domains that are configured in the Manage + # QuickSight menu in the Amazon QuickSight console and instead allows + # only the domains that you include in this parameter. You can list up + # to three domains or subdomains in each API call. + # + # To include a subdomain, use `*` to include all subdomains under a + # specific domain to the allow list. For example, + # `https://*.sapp.amazon.com,` includes all subdomains under + # `https://sapp.amazon.com`. + # @return [Array] + # # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/GenerateEmbedUrlForRegisteredUserRequest AWS API Documentation # class GenerateEmbedUrlForRegisteredUserRequest < Struct.new( :aws_account_id, :session_lifetime_in_minutes, :user_arn, - :experience_configuration) + :experience_configuration, + :allowed_domains) SENSITIVE = [] include Aws::Structure end @@ -7369,13 +7695,13 @@ class GeoSpatialColumnGroup < Struct.new( # @return [String] # # @!attribute [rw] additional_dashboard_ids - # A list of one or more dashboard IDs that you want to add to a - # session that includes anonymous users. The `IdentityType` parameter - # must be set to `ANONYMOUS` for this to work, because other identity - # types authenticate as Amazon QuickSight or IAM users. For example, - # if you set "`--dashboard-id dash_id1 --dashboard-id dash_id2 - # dash_id3 identity-type ANONYMOUS`", the session can access all - # three dashboards. + # A list of one or more dashboard IDs that you want anonymous users to + # have tempporary access to. Currently, the `IdentityType` parameter + # must be set to `ANONYMOUS` because other identity types authenticate + # as Amazon QuickSight or IAM users. For example, if you set + # "`--dashboard-id dash_id1 --dashboard-id dash_id2 dash_id3 + # identity-type ANONYMOUS`", the session can access all three + # dashboards. # @return [Array] # # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/GetDashboardEmbedUrlRequest AWS API Documentation @@ -10482,7 +10808,7 @@ class RegisteredUserDashboardEmbeddingConfiguration < Struct.new( # The configuration details for embedding the Q search bar. # # For more information about embedding the Q search bar, see - # [Embedding Overview][1]. + # [Embedding Overview][1] in the *Amazon QuickSight User Guide*. # # # @@ -11508,6 +11834,39 @@ class SheetStyle < Struct.new( include Aws::Structure end + # A `SignupResponse` object that contains a summary of a newly created + # account. + # + # @!attribute [rw] iam_user + # A Boolean that is `TRUE` if the Amazon QuickSight uses IAM as an + # authentication method. + # @return [Boolean] + # + # @!attribute [rw] user_login_name + # The user login name for your Amazon QuickSight account. + # @return [String] + # + # @!attribute [rw] account_name + # The name of your Amazon QuickSight account. + # @return [String] + # + # @!attribute [rw] directory_type + # The type of Active Directory that is being used to authenticate the + # Amazon QuickSight account. Valid values are `SIMPLE_AD`, + # `AD_CONNECTOR`, and `MICROSOFT_AD`. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/SignupResponse AWS API Documentation + # + class SignupResponse < Struct.new( + :iam_user, + :user_login_name, + :account_name, + :directory_type) + SENSITIVE = [] + include Aws::Structure + end + # The parameters for Snowflake. # # @note When making an API call, you may pass SnowflakeParameters @@ -12940,7 +13299,8 @@ class UpdateAccountCustomizationResponse < Struct.new( # The default namespace for this Amazon Web Services account. # Currently, the default is `default`. Identity and Access Management # (IAM) users that register for the first time with Amazon QuickSight - # provide an email that becomes associated with the default namespace. + # provide an email address that becomes associated with the default + # namespace. # @return [String] # # @!attribute [rw] notification_email @@ -14652,8 +15012,8 @@ class UpdateIpRestrictionResponse < Struct.new( # @return [String] # # @!attribute [rw] public_sharing_enabled - # A boolean that indicates whether or not public sharing is enabled on - # a Amazon QuickSight account. + # A Boolean value that indicates whether public sharing is turned on + # for an Amazon QuickSight account. # @return [Boolean] # # @see http://docs.aws.amazon.com/goto/WebAPI/quicksight-2018-04-01/UpdatePublicSharingSettingsRequest AWS API Documentation diff --git a/gems/aws-sdk-rds/CHANGELOG.md b/gems/aws-sdk-rds/CHANGELOG.md index 7c68845a9b3..1bd0250f78c 100644 --- a/gems/aws-sdk-rds/CHANGELOG.md +++ b/gems/aws-sdk-rds/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.148.0 (2022-07-05) +------------------ + +* Feature - Adds waiters support for DBCluster. + 1.147.0 (2022-07-01) ------------------ diff --git a/gems/aws-sdk-rds/VERSION b/gems/aws-sdk-rds/VERSION index 461b71fb4a4..309b7f257b5 100644 --- a/gems/aws-sdk-rds/VERSION +++ b/gems/aws-sdk-rds/VERSION @@ -1 +1 @@ -1.147.0 +1.148.0 diff --git a/gems/aws-sdk-rds/lib/aws-sdk-rds.rb b/gems/aws-sdk-rds/lib/aws-sdk-rds.rb index a580757cfe2..9f63ceeca25 100644 --- a/gems/aws-sdk-rds/lib/aws-sdk-rds.rb +++ b/gems/aws-sdk-rds/lib/aws-sdk-rds.rb @@ -74,6 +74,6 @@ # @!group service module Aws::RDS - GEM_VERSION = '1.147.0' + GEM_VERSION = '1.148.0' end diff --git a/gems/aws-sdk-rds/lib/aws-sdk-rds/client.rb b/gems/aws-sdk-rds/lib/aws-sdk-rds/client.rb index 7a8750b779c..5503b956fa6 100644 --- a/gems/aws-sdk-rds/lib/aws-sdk-rds/client.rb +++ b/gems/aws-sdk-rds/lib/aws-sdk-rds/client.rb @@ -765,7 +765,7 @@ def authorize_db_security_group_ingress(params = {}, options = {}) # For more information on backtracking, see [ Backtracking an Aurora DB # Cluster][1] in the *Amazon Aurora User Guide*. # - # This action applies only to Aurora MySQL DB clusters. + # This action only applies to Aurora MySQL DB clusters. # # # @@ -1020,16 +1020,60 @@ def copy_db_cluster_parameter_group(params = {}, options = {}) # # You can copy an encrypted DB cluster snapshot from another Amazon Web # Services Region. In that case, the Amazon Web Services Region where - # you call the `CopyDBClusterSnapshot` operation is the destination - # Amazon Web Services Region for the encrypted DB cluster snapshot to be - # copied to. To copy an encrypted DB cluster snapshot from another - # Amazon Web Services Region, you must provide the following values: + # you call the `CopyDBClusterSnapshot` action is the destination Amazon + # Web Services Region for the encrypted DB cluster snapshot to be copied + # to. To copy an encrypted DB cluster snapshot from another Amazon Web + # Services Region, you must provide the following values: # # * `KmsKeyId` - The Amazon Web Services Key Management System (Amazon # Web Services KMS) key identifier for the key to use to encrypt the # copy of the DB cluster snapshot in the destination Amazon Web # Services Region. # + # * `PreSignedUrl` - A URL that contains a Signature Version 4 signed + # request for the `CopyDBClusterSnapshot` action to be called in the + # source Amazon Web Services Region where the DB cluster snapshot is + # copied from. The pre-signed URL must be a valid request for the + # `CopyDBClusterSnapshot` API action that can be executed in the + # source Amazon Web Services Region that contains the encrypted DB + # cluster snapshot to be copied. + # + # The pre-signed URL request must contain the following parameter + # values: + # + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the + # KMS key to use to encrypt the copy of the DB cluster snapshot in + # the destination Amazon Web Services Region. This is the same + # identifier for both the `CopyDBClusterSnapshot` action that is + # called in the destination Amazon Web Services Region, and the + # action contained in the pre-signed URL. + # + # * `DestinationRegion` - The name of the Amazon Web Services Region + # that the DB cluster snapshot is to be created in. + # + # * `SourceDBClusterSnapshotIdentifier` - The DB cluster snapshot + # identifier for the encrypted DB cluster snapshot to be copied. + # This identifier must be in the Amazon Resource Name (ARN) format + # for the source Amazon Web Services Region. For example, if you are + # copying an encrypted DB cluster snapshot from the us-west-2 Amazon + # Web Services Region, then your `SourceDBClusterSnapshotIdentifier` + # looks like the following example: + # `arn:aws:rds:us-west-2:123456789012:cluster-snapshot:aurora-cluster1-snapshot-20161115`. + # + # To learn how to generate a Signature Version 4 signed request, see [ + # Authenticating Requests: Using Query Parameters (Amazon Web Services + # Signature Version 4)][1] and [ Signature Version 4 Signing + # Process][2]. + # + # If you are using an Amazon Web Services SDK tool or the CLI, you can + # specify `SourceRegion` (or `--source-region` for the CLI) instead of + # specifying `PreSignedUrl` manually. Specifying `SourceRegion` + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. + # + # + # # * `TargetDBClusterSnapshotIdentifier` - The identifier for the new # copy of the DB cluster snapshot in the destination Amazon Web # Services Region. @@ -1038,7 +1082,7 @@ def copy_db_cluster_parameter_group(params = {}, options = {}) # identifier for the encrypted DB cluster snapshot to be copied. This # identifier must be in the ARN format for the source Amazon Web # Services Region and is the same value as the - # `SourceDBClusterSnapshotIdentifier` in the presigned URL. + # `SourceDBClusterSnapshotIdentifier` in the pre-signed URL. # # To cancel the copy operation once it is in progress, delete the target # DB cluster snapshot identified by `TargetDBClusterSnapshotIdentifier` @@ -1046,20 +1090,22 @@ def copy_db_cluster_parameter_group(params = {}, options = {}) # # For more information on copying encrypted Amazon Aurora DB cluster # snapshots from one Amazon Web Services Region to another, see [ - # Copying a Snapshot][1] in the *Amazon Aurora User Guide*. + # Copying a Snapshot][3] in the *Amazon Aurora User Guide*. # # For more information on Amazon Aurora DB clusters, see [ What is - # Amazon Aurora?][2] in the *Amazon Aurora User Guide*. + # Amazon Aurora?][4] in the *Amazon Aurora User Guide*. # # For more information on Multi-AZ DB clusters, see [ Multi-AZ - # deployments with two readable standby DB instances][3] in the *Amazon + # deployments with two readable standby DB instances][5] in the *Amazon # RDS User Guide*. # # # - # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_CopySnapshot.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html - # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html + # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html + # [2]: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html + # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_CopySnapshot.html + # [4]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html + # [5]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html # # @option params [required, String] :source_db_cluster_snapshot_identifier # The identifier of the DB cluster snapshot to copy. This parameter @@ -1127,30 +1173,26 @@ def copy_db_cluster_parameter_group(params = {}, options = {}) # the `KmsKeyId` parameter, an error is returned. # # @option params [String] :pre_signed_url - # When you are copying a DB cluster snapshot from one Amazon Web - # Services GovCloud (US) Region to another, the URL that contains a - # Signature Version 4 signed request for the `CopyDBClusterSnapshot` API - # operation in the Amazon Web Services Region that contains the source - # DB cluster snapshot to copy. Use the `PreSignedUrl` parameter when - # copying an encrypted DB cluster snapshot from another Amazon Web - # Services Region. Don't specify `PreSignedUrl` when copying an - # encrypted DB cluster snapshot in the same Amazon Web Services Region. - # - # This setting applies only to Amazon Web Services GovCloud (US) - # Regions. It's ignored in other Amazon Web Services Regions. + # The URL that contains a Signature Version 4 signed request for the + # `CopyDBClusterSnapshot` API action in the Amazon Web Services Region + # that contains the source DB cluster snapshot to copy. The + # `PreSignedUrl` parameter must be used when copying an encrypted DB + # cluster snapshot from another Amazon Web Services Region. Don't + # specify `PreSignedUrl` when you are copying an encrypted DB cluster + # snapshot in the same Amazon Web Services Region. # - # The presigned URL must be a valid request for the - # `CopyDBClusterSnapshot` API operation that can run in the source + # The pre-signed URL must be a valid request for the + # `CopyDBClusterSnapshot` API action that can be executed in the source # Amazon Web Services Region that contains the encrypted DB cluster - # snapshot to copy. The presigned URL request must contain the following - # parameter values: + # snapshot to be copied. The pre-signed URL request must contain the + # following parameter values: # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB cluster snapshot in the destination - # Amazon Web Services Region. This is the same identifier for both the - # `CopyDBClusterSnapshot` operation that is called in the destination - # Amazon Web Services Region, and the operation contained in the - # presigned URL. + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the KMS + # key to use to encrypt the copy of the DB cluster snapshot in the + # destination Amazon Web Services Region. This is the same identifier + # for both the `CopyDBClusterSnapshot` action that is called in the + # destination Amazon Web Services Region, and the action contained in + # the pre-signed URL. # # * `DestinationRegion` - The name of the Amazon Web Services Region # that the DB cluster snapshot is to be created in. @@ -1172,8 +1214,9 @@ def copy_db_cluster_parameter_group(params = {}, options = {}) # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # @@ -1372,7 +1415,7 @@ def copy_db_parameter_group(params = {}, options = {}) # # You can copy a snapshot from one Amazon Web Services Region to # another. In that case, the Amazon Web Services Region where you call - # the `CopyDBSnapshot` operation is the destination Amazon Web Services + # the `CopyDBSnapshot` action is the destination Amazon Web Services # Region for the DB snapshot copy. # # This command doesn't apply to RDS Custom. @@ -1400,7 +1443,8 @@ def copy_db_parameter_group(params = {}, options = {}) # must be the Amazon Resource Name (ARN) of the shared DB snapshot. # # If you are copying an encrypted snapshot this parameter must be in the - # ARN format for the source Amazon Web Services Region. + # ARN format for the source Amazon Web Services Region, and must match + # the `SourceDBSnapshotIdentifier` in the `PreSignedUrl` parameter. # # Constraints: # @@ -1466,46 +1510,39 @@ def copy_db_parameter_group(params = {}, options = {}) # snapshot to the target DB snapshot. By default, tags are not copied. # # @option params [String] :pre_signed_url - # When you are copying a snapshot from one Amazon Web Services GovCloud - # (US) Region to another, the URL that contains a Signature Version 4 - # signed request for the `CopyDBSnapshot` API operation in the source - # Amazon Web Services Region that contains the source DB snapshot to - # copy. - # - # This setting applies only to Amazon Web Services GovCloud (US) - # Regions. It's ignored in other Amazon Web Services Regions. + # The URL that contains a Signature Version 4 signed request for the + # `CopyDBSnapshot` API action in the source Amazon Web Services Region + # that contains the source DB snapshot to copy. # # You must specify this parameter when you copy an encrypted DB snapshot # from another Amazon Web Services Region by using the Amazon RDS API. # Don't specify `PreSignedUrl` when you are copying an encrypted DB # snapshot in the same Amazon Web Services Region. # - # The presigned URL must be a valid request for the - # `CopyDBClusterSnapshot` API operation that can run in the source - # Amazon Web Services Region that contains the encrypted DB cluster - # snapshot to copy. The presigned URL request must contain the following - # parameter values: + # The presigned URL must be a valid request for the `CopyDBSnapshot` API + # action that can be executed in the source Amazon Web Services Region + # that contains the encrypted DB snapshot to be copied. The presigned + # URL request must contain the following parameter values: # # * `DestinationRegion` - The Amazon Web Services Region that the # encrypted DB snapshot is copied to. This Amazon Web Services Region - # is the same one where the `CopyDBSnapshot` operation is called that + # is the same one where the `CopyDBSnapshot` action is called that # contains this presigned URL. # # For example, if you copy an encrypted DB snapshot from the us-west-2 # Amazon Web Services Region to the us-east-1 Amazon Web Services - # Region, then you call the `CopyDBSnapshot` operation in the - # us-east-1 Amazon Web Services Region and provide a presigned URL - # that contains a call to the `CopyDBSnapshot` operation in the - # us-west-2 Amazon Web Services Region. For this example, the - # `DestinationRegion` in the presigned URL must be set to the - # us-east-1 Amazon Web Services Region. - # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB snapshot in the destination Amazon Web - # Services Region. This is the same identifier for both the - # `CopyDBSnapshot` operation that is called in the destination Amazon - # Web Services Region, and the operation contained in the presigned - # URL. + # Region, then you call the `CopyDBSnapshot` action in the us-east-1 + # Amazon Web Services Region and provide a presigned URL that contains + # a call to the `CopyDBSnapshot` action in the us-west-2 Amazon Web + # Services Region. For this example, the `DestinationRegion` in the + # presigned URL must be set to the us-east-1 Amazon Web Services + # Region. + # + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the KMS + # key to use to encrypt the copy of the DB snapshot in the destination + # Amazon Web Services Region. This is the same identifier for both the + # `CopyDBSnapshot` action that is called in the destination Amazon Web + # Services Region, and the action contained in the presigned URL. # # * `SourceDBSnapshotIdentifier` - The DB snapshot identifier for the # encrypted snapshot to be copied. This identifier must be in the @@ -1522,8 +1559,9 @@ def copy_db_parameter_group(params = {}, options = {}) # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # @@ -2002,7 +2040,10 @@ def create_custom_db_engine_version(params = {}, options = {}) # # You can use the `ReplicationSourceIdentifier` parameter to create an # Amazon Aurora DB cluster as a read replica of another DB cluster or - # Amazon RDS MySQL or PostgreSQL DB instance. + # Amazon RDS MySQL or PostgreSQL DB instance. For cross-Region + # replication where the DB cluster identified by + # `ReplicationSourceIdentifier` is encrypted, also specify the + # `PreSignedUrl` parameter. # # For more information on Amazon Aurora, see [ What is Amazon # Aurora?][1] in the *Amazon Aurora User Guide*. @@ -2325,25 +2366,25 @@ def create_custom_db_engine_version(params = {}, options = {}) # Valid for: Aurora DB clusters and Multi-AZ DB clusters # # @option params [String] :pre_signed_url - # When you are replicating a DB cluster from one Amazon Web Services - # GovCloud (US) Region to another, an URL that contains a Signature - # Version 4 signed request for the `CreateDBCluster` operation to be - # called in the source Amazon Web Services Region where the DB cluster - # is replicated from. Specify `PreSignedUrl` only when you are - # performing cross-Region replication from an encrypted DB cluster. - # - # The presigned URL must be a valid request for the `CreateDBCluster` - # API operation that can run in the source Amazon Web Services Region - # that contains the encrypted DB cluster to copy. - # - # The presigned URL request must contain the following parameter values: - # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB cluster in the destination Amazon Web - # Services Region. This should refer to the same KMS key for both the - # `CreateDBCluster` operation that is called in the destination Amazon - # Web Services Region, and the operation contained in the presigned - # URL. + # A URL that contains a Signature Version 4 signed request for the + # `CreateDBCluster` action to be called in the source Amazon Web + # Services Region where the DB cluster is replicated from. Specify + # `PreSignedUrl` only when you are performing cross-Region replication + # from an encrypted DB cluster. + # + # The pre-signed URL must be a valid request for the `CreateDBCluster` + # API action that can be executed in the source Amazon Web Services + # Region that contains the encrypted DB cluster to be copied. + # + # The pre-signed URL request must contain the following parameter + # values: + # + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the KMS + # key to use to encrypt the copy of the DB cluster in the destination + # Amazon Web Services Region. This should refer to the same KMS key + # for both the `CreateDBCluster` action that is called in the + # destination Amazon Web Services Region, and the action contained in + # the pre-signed URL. # # * `DestinationRegion` - The name of the Amazon Web Services Region # that Aurora read replica will be created in. @@ -2364,8 +2405,9 @@ def create_custom_db_engine_version(params = {}, options = {}) # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # @@ -2382,7 +2424,7 @@ def create_custom_db_engine_version(params = {}, options = {}) # accounts. By default, mapping isn't enabled. # # For more information, see [ IAM Database Authentication][1] in the - # *Amazon Aurora User Guide*. + # *Amazon Aurora User Guide.*. # # Valid for: Aurora DB clusters only # @@ -2456,9 +2498,6 @@ def create_custom_db_engine_version(params = {}, options = {}) # The `multimaster` engine mode only applies for DB clusters created # with Aurora MySQL version 5.6.10a. # - # The `serverless` engine mode only applies for Aurora Serverless v1 DB - # clusters. - # # For Aurora PostgreSQL, the `global` engine mode isn't required, and # both the `parallelquery` and the `multimaster` engine modes currently # aren't supported. @@ -2467,25 +2506,22 @@ def create_custom_db_engine_version(params = {}, options = {}) # information, see the following sections in the *Amazon Aurora User # Guide*\: # - # * [Limitations of Aurora Serverless v1][1] - # - # * [Requirements for Aurora Serverless v2][2] + # * [ Limitations of Aurora Serverless v1][1] # - # * [Limitations of Parallel Query][3] + # * [ Limitations of Parallel Query][2] # - # * [Limitations of Aurora Global Databases][4] + # * [ Limitations of Aurora Global Databases][3] # - # * [Limitations of Multi-Master Clusters][5] + # * [ Limitations of Multi-Master Clusters][4] # # Valid for: Aurora DB clusters only # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html - # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations - # [4]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations - # [5]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations + # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations + # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations + # [4]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations # # @option params [Types::ScalingConfiguration] :scaling_configuration # For DB clusters in `serverless` DB engine mode, the scaling properties @@ -2727,27 +2763,8 @@ def create_custom_db_engine_version(params = {}, options = {}) # Valid for: Multi-AZ DB clusters only # # @option params [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # Valid for: Multi-AZ DB clusters only # @@ -2980,7 +2997,7 @@ def create_db_cluster(params = {}, options = {}) # Creates a new custom endpoint and associates it with an Amazon Aurora # DB cluster. # - # This action applies only to Aurora DB clusters. + # This action only applies to Aurora DB clusters. # # # @@ -3092,9 +3109,8 @@ def create_db_cluster_endpoint(params = {}, options = {}) # the default database for a DB cluster, such as the character set for # the default database defined by the `character_set_database` # parameter. You can use the *Parameter Groups* option of the [Amazon - # RDS console][1] or the `DescribeDBClusterParameters` operation to - # verify that your DB cluster parameter group has been created or - # modified. + # RDS console][1] or the `DescribeDBClusterParameters` action to verify + # that your DB cluster parameter group has been created or modified. # # For more information on Amazon Aurora, see [ What is Amazon # Aurora?][2] in the *Amazon Aurora User Guide*. @@ -3347,23 +3363,6 @@ def create_db_cluster_snapshot(params = {}, options = {}) # Creates a new DB instance. # - # The new DB instance can be an RDS DB instance, or it can be a DB - # instance in an Aurora DB cluster. For an Aurora DB cluster, you can - # call this operation multiple times to add more than one DB instance to - # the cluster. - # - # For more information about creating an RDS DB instance, see [ Creating - # an Amazon RDS DB instance][1] in the *Amazon RDS User Guide*. - # - # For more information about creating a DB instance in an Aurora DB - # cluster, see [ Creating an Amazon Aurora DB cluster][2] in the *Amazon - # Aurora User Guide*. - # - # - # - # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateDBInstance.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html - # # @option params [String] :db_name # The meaning of this parameter differs according to the database engine # you use. @@ -3597,16 +3596,14 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # @option params [required, String] :db_instance_class # The compute and memory capacity of the DB instance, for example - # db.m5.large. Not all DB instance classes are available in all Amazon + # db.m4.large. Not all DB instance classes are available in all Amazon # Web Services Regions, or for all database engines. For the full list # of DB instance classes, and availability for your engine, see [DB - # instance classes][1] in the *Amazon RDS User Guide* or [Aurora DB - # instance classes][2] in the *Amazon Aurora User Guide*. + # Instance Class][1] in the *Amazon RDS User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html # # @option params [required, String] :engine # The name of the database engine to be used for this instance. @@ -3705,9 +3702,7 @@ def create_db_cluster_snapshot(params = {}, options = {}) # @option params [Array] :db_security_groups # A list of DB security groups to associate with this DB instance. # - # This setting applies to the legacy EC2-Classic platform, which is no - # longer used to create new DB instances. Use the `VpcSecurityGroupIds` - # setting instead. + # Default: The default DB security group for the database engine. # # @option params [Array] :vpc_security_group_ids # A list of Amazon EC2 VPC security groups to associate with this DB @@ -3807,7 +3802,7 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # * Can't be set to 0 if the DB instance is a source to read replicas # - # * Can't be set to 0 for an RDS Custom for Oracle DB instance + # * Can't be set to 0 or 35 for an RDS Custom for Oracle DB instance # # @option params [String] :preferred_backup_window # The daily time range during which automated backups are created if @@ -3890,16 +3885,11 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. DB instance Availability Zones (AZs) are managed by - # the DB cluster. - # # @option params [String] :engine_version # The version number of the database engine to use. # # For a list of valid engine versions, use the - # `DescribeDBEngineVersions` operation. + # `DescribeDBEngineVersions` action. # # The following are the database engines and links to information about # the major and minor versions that are available with Amazon RDS. Not @@ -3975,10 +3965,6 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. - # # @option params [Integer] :iops # The amount of Provisioned IOPS (input/output operations per second) to # be initially allocated for the DB instance. For information about @@ -3990,10 +3976,6 @@ def create_db_cluster_snapshot(params = {}, options = {}) # instance. For SQL Server DB instances, must be a multiple between 1 # and 50 of the storage amount for the DB instance. # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS @@ -4009,10 +3991,6 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. - # # @option params [String] :character_set_name # For supported engines, this value indicates that the DB instance # should be associated with the specified `CharacterSet`. @@ -4083,20 +4061,12 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # Default: `io1` if the `Iops` parameter is specified, otherwise `gp2` # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. - # # @option params [String] :tde_credential_arn # The ARN from the key store with which to associate the instance for # TDE encryption. # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. - # # @option params [String] :tde_credential_password # The password for the given ARN from the key store in order to access # the device. @@ -4153,10 +4123,6 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. The domain is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html @@ -4205,10 +4171,6 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. The domain is managed by the DB cluster. - # # @option params [Integer] :promotion_tier # A value that specifies the order in which an Aurora Replica is # promoted to the primary instance after a failure of the existing @@ -4238,16 +4200,13 @@ def create_db_cluster_snapshot(params = {}, options = {}) # Services Identity and Access Management (IAM) accounts to database # accounts. By default, mapping isn't enabled. # + # This setting doesn't apply to RDS Custom or Amazon Aurora. In Aurora, + # mapping Amazon Web Services IAM accounts to database accounts is + # managed by the DB cluster. + # # For more information, see [ IAM Database Authentication for MySQL and # PostgreSQL][1] in the *Amazon RDS User Guide*. # - # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. Mapping Amazon Web Services IAM accounts to database - # accounts is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html @@ -4278,27 +4237,8 @@ def create_db_cluster_snapshot(params = {}, options = {}) # This setting doesn't apply to RDS Custom. # # @option params [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @@ -4347,10 +4287,6 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. - # # @option params [Boolean] :deletion_protection # A value that indicates whether the DB instance has deletion protection # enabled. The database can't be deleted when deletion protection is @@ -4378,10 +4314,6 @@ def create_db_cluster_snapshot(params = {}, options = {}) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling @@ -4709,8 +4641,8 @@ def create_db_instance(params = {}, options = {}) # information, see [Working with Read Replicas][1] in the *Amazon RDS # User Guide*. # - # Amazon Aurora doesn't support this operation. Call the - # `CreateDBInstance` operation to create a DB instance for an Aurora DB + # Amazon Aurora doesn't support this action. Call the + # `CreateDBInstance` action to create a DB instance for an Aurora DB # cluster. # # All read replica DB instances are created with backups disabled. All @@ -4842,7 +4774,7 @@ def create_db_instance(params = {}, options = {}) # specified DB engine for a cross-Region read replica. # # Specifying a parameter group for this operation is only supported for - # MySQL and Oracle DB instances. It isn't supported for RDS Custom. + # Oracle DB instances. It isn't supported for RDS Custom. # # Constraints: # @@ -4981,16 +4913,9 @@ def create_db_instance(params = {}, options = {}) # as the primary replica. # # @option params [String] :pre_signed_url - # When you are creating a read replica from one Amazon Web Services - # GovCloud (US) Region to another or from one China Amazon Web Services - # Region to another, the URL that contains a Signature Version 4 signed - # request for the `CreateDBInstanceReadReplica` API operation in the - # source Amazon Web Services Region that contains the source DB - # instance. - # - # This setting applies only to Amazon Web Services GovCloud (US) Regions - # and China Amazon Web Services Regions. It's ignored in other Amazon - # Web Services Regions. + # The URL that contains a Signature Version 4 signed request for the + # `CreateDBInstanceReadReplica` API action in the source Amazon Web + # Services Region that contains the source DB instance. # # You must specify this parameter when you create an encrypted read # replica from another Amazon Web Services Region by using the Amazon @@ -4998,31 +4923,32 @@ def create_db_instance(params = {}, options = {}) # encrypted read replica in the same Amazon Web Services Region. # # The presigned URL must be a valid request for the - # `CreateDBInstanceReadReplica` API operation that can run in the source - # Amazon Web Services Region that contains the encrypted source DB - # instance. The presigned URL request must contain the following + # `CreateDBInstanceReadReplica` API action that can be executed in the + # source Amazon Web Services Region that contains the encrypted source + # DB instance. The presigned URL request must contain the following # parameter values: # # * `DestinationRegion` - The Amazon Web Services Region that the # encrypted read replica is created in. This Amazon Web Services # Region is the same one where the `CreateDBInstanceReadReplica` - # operation is called that contains this presigned URL. + # action is called that contains this presigned URL. # # For example, if you create an encrypted DB instance in the us-west-1 # Amazon Web Services Region, from a source DB instance in the # us-east-2 Amazon Web Services Region, then you call the - # `CreateDBInstanceReadReplica` operation in the us-east-1 Amazon Web + # `CreateDBInstanceReadReplica` action in the us-east-1 Amazon Web # Services Region and provide a presigned URL that contains a call to - # the `CreateDBInstanceReadReplica` operation in the us-west-2 Amazon - # Web Services Region. For this example, the `DestinationRegion` in - # the presigned URL must be set to the us-east-1 Amazon Web Services + # the `CreateDBInstanceReadReplica` action in the us-west-2 Amazon Web + # Services Region. For this example, the `DestinationRegion` in the + # presigned URL must be set to the us-east-1 Amazon Web Services # Region. # - # * `KmsKeyId` - The KMS key identifier for the key to use to encrypt - # the read replica in the destination Amazon Web Services Region. This - # is the same identifier for both the `CreateDBInstanceReadReplica` - # operation that is called in the destination Amazon Web Services - # Region, and the operation contained in the presigned URL. + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the key + # to use to encrypt the read replica in the destination Amazon Web + # Services Region. This is the same identifier for both the + # `CreateDBInstanceReadReplica` action that is called in the + # destination Amazon Web Services Region, and the action contained in + # the presigned URL. # # * `SourceDBInstanceIdentifier` - The DB instance identifier for the # encrypted DB instance to be replicated. This identifier must be in @@ -5041,10 +4967,11 @@ def create_db_instance(params = {}, options = {}) # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # operation that can be executed in the source Amazon Web Services + # Region. # - # `SourceRegion` isn't supported for SQL Server, because Amazon RDS for - # SQL Server doesn't support cross-Region read replicas. + # `SourceRegion` isn't supported for SQL Server, because SQL Server on + # Amazon RDS doesn't support cross-Region read replicas. # # # @@ -5098,27 +5025,8 @@ def create_db_instance(params = {}, options = {}) # This setting doesn't apply to RDS Custom. # # @option params [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @@ -6138,11 +6046,11 @@ def create_db_subnet_group(params = {}, options = {}) req.send_request(options) end - # Creates an RDS event notification subscription. This operation - # requires a topic Amazon Resource Name (ARN) created by either the RDS - # console, the SNS console, or the SNS API. To obtain an ARN with SNS, - # you must create a topic in Amazon SNS and subscribe to the topic. The - # ARN is displayed in the SNS console. + # Creates an RDS event notification subscription. This action requires a + # topic Amazon Resource Name (ARN) created by either the RDS console, + # the SNS console, or the SNS API. To obtain an ARN with SNS, you must + # create a topic in Amazon SNS and subscribe to the topic. The ARN is + # displayed in the SNS console. # # You can specify the type of source (`SourceType`) that you want to be # notified of and provide a list of RDS sources (`SourceIds`) that @@ -6325,7 +6233,7 @@ def create_event_subscription(params = {}, options = {}) # existing Aurora cluster during the create operation, and this cluster # becomes the primary cluster of the global database. # - # This action applies only to Aurora DB clusters. + # This action only applies to Aurora DB clusters. # # # @@ -6347,9 +6255,9 @@ def create_event_subscription(params = {}, options = {}) # global database can't be deleted when deletion protection is enabled. # # @option params [String] :database_name - # The name for your database of up to 64 alphanumeric characters. If you - # do not provide a name, Amazon Aurora will not create a database in the - # global database cluster you are creating. + # The name for your database of up to 64 alpha-numeric characters. If + # you do not provide a name, Amazon Aurora will not create a database in + # the global database cluster you are creating. # # @option params [Boolean] :storage_encrypted # The storage encryption setting for the new global database cluster. @@ -8918,6 +8826,12 @@ def describe_db_cluster_snapshots(params = {}, options = {}) # resp.db_clusters[0].serverless_v2_scaling_configuration.min_capacity #=> Float # resp.db_clusters[0].serverless_v2_scaling_configuration.max_capacity #=> Float # + # + # The following waiters are defined for this operation (see {Client#wait_until} for detailed usage): + # + # * db_cluster_available + # * db_cluster_deleted + # # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DescribeDBClusters AWS API Documentation # # @overload describe_db_clusters(params = {}) @@ -11029,19 +10943,10 @@ def describe_event_subscriptions(params = {}, options = {}) # snapshot, DB cluster snapshot group, or RDS Proxy can be obtained by # providing the name as a parameter. # - # For more information on working with events, see [Monitoring Amazon - # RDS events][1] in the *Amazon RDS User Guide* and [Monitoring Amazon - # Aurora events][2] in the *Amazon Aurora User Guide*. - # # By default, RDS returns events that were generated in the past hour. # # # - # - # - # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/working-with-events.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/working-with-events.html - # # @option params [String] :source_identifier # The identifier of the event source for which events are returned. If # not specified, then all sources are included in the response. @@ -12502,7 +12407,7 @@ def download_db_log_file_portion(params = {}, options = {}) # # An Amazon Aurora DB cluster automatically fails over to an Aurora # Replica, if one exists, when the primary DB instance fails. A Multi-AZ - # DB cluster automatically fails over to a readable standby DB instance + # DB cluster automatically fails over to a readbable standby DB instance # when the primary DB instance fails. # # To simulate a failure of a primary instance for testing, you can force @@ -13655,27 +13560,8 @@ def modify_custom_db_engine_version(params = {}, options = {}) # Valid for: Multi-AZ DB clusters only # # @option params [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # Valid for: Multi-AZ DB clusters only # @@ -13963,7 +13849,7 @@ def modify_db_cluster_endpoint(params = {}, options = {}) # database for a DB cluster, such as the character set for the default # database defined by the `character_set_database` parameter. You can # use the *Parameter Groups* option of the [Amazon RDS console][1] or - # the `DescribeDBClusterParameters` operation to verify that your DB + # the `DescribeDBClusterParameters` action to verify that your DB # cluster parameter group has been created or modified. # # If the modified DB cluster parameter group is used by an Aurora @@ -14090,7 +13976,7 @@ def modify_db_cluster_parameter_group(params = {}, options = {}) # To view which Amazon Web Services accounts have access to copy or # restore a manual DB cluster snapshot, or whether a manual DB cluster # snapshot is public or private, use the - # DescribeDBClusterSnapshotAttributes API operation. The accounts are + # DescribeDBClusterSnapshotAttributes API action. The accounts are # returned as values for the `restore` attribute. # # @option params [required, String] :db_cluster_snapshot_identifier @@ -14104,7 +13990,7 @@ def modify_db_cluster_parameter_group(params = {}, options = {}) # or restore a manual DB cluster snapshot, set this value to `restore`. # # To view the list of attributes available to modify, use the - # DescribeDBClusterSnapshotAttributes API operation. + # DescribeDBClusterSnapshotAttributes API action. # # # @@ -14216,11 +14102,10 @@ def modify_db_cluster_snapshot_attribute(params = {}, options = {}) # # @option params [String] :db_instance_class # The new compute and memory capacity of the DB instance, for example - # db.m5.large. Not all DB instance classes are available in all Amazon + # db.m4.large. Not all DB instance classes are available in all Amazon # Web Services Regions, or for all database engines. For the full list # of DB instance classes, and availability for your engine, see [DB - # instance classes][1] in the *Amazon RDS User Guide* or [Aurora DB - # instance classes][2] in the *Amazon Aurora User Guide*. + # Instance Class][1] in the *Amazon RDS User Guide*. # # If you modify the DB instance class, an outage occurs during the # change. The change is applied during the next maintenance window, @@ -14233,7 +14118,6 @@ def modify_db_cluster_snapshot_attribute(params = {}, options = {}) # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html # # @option params [String] :db_subnet_group_name # The new DB subnet group for the DB instance. You can use this @@ -14345,7 +14229,7 @@ def modify_db_cluster_snapshot_attribute(params = {}, options = {}) # # Constraints: Must contain from 8 to 128 characters. # - # Amazon RDS API operations never return the password, so this action + # Amazon RDS API actions never return the password, so this action # provides a way to regain access to a primary instance user if the # password is lost. This includes restoring privileges that might have # been accidentally revoked. @@ -14397,8 +14281,8 @@ def modify_db_cluster_snapshot_attribute(params = {}, options = {}) # Constraints: # # * It must be a value from 0 to 35. It can't be set to 0 if the DB - # instance is a source to read replicas. It can't be set to 0 for an - # RDS Custom for Oracle DB instance. + # instance is a source to read replicas. It can't be set to 0 or 35 + # for an RDS Custom for Oracle DB instance. # # * It can be specified for a MySQL read replica only if the source is # running MySQL 5.6 or later. @@ -14810,7 +14694,7 @@ def modify_db_cluster_snapshot_attribute(params = {}, options = {}) # DB instance. # # For more information, see [Using Amazon Performance Insights][1] in - # the *Amazon RDS User Guide*. + # the *Amazon RDS User Guide.*. # # This setting doesn't apply to RDS Custom. # @@ -14833,27 +14717,8 @@ def modify_db_cluster_snapshot_attribute(params = {}, options = {}) # This setting doesn't apply to RDS Custom. # # @option params [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @@ -15529,10 +15394,10 @@ def modify_db_proxy_endpoint(params = {}, options = {}) # Modifies the properties of a `DBProxyTargetGroup`. # # @option params [required, String] :target_group_name - # The name of the target group to modify. + # The name of the new target group to assign to the proxy. # # @option params [required, String] :db_proxy_name - # The name of the proxy. + # The name of the new proxy to which to assign the target group. # # @option params [Types::ConnectionPoolConfiguration] :connection_pool_config # The settings that determine the size and behavior of the connection @@ -15720,7 +15585,7 @@ def modify_db_snapshot(params = {}, options = {}) # # To view which Amazon Web Services accounts have access to copy or # restore a manual DB snapshot, or whether a manual DB snapshot public - # or private, use the DescribeDBSnapshotAttributes API operation. The + # or private, use the DescribeDBSnapshotAttributes API action. The # accounts are returned as values for the `restore` attribute. # # @option params [required, String] :db_snapshot_identifier @@ -15733,7 +15598,7 @@ def modify_db_snapshot(params = {}, options = {}) # or restore a manual DB snapshot, set this value to `restore`. # # To view the list of attributes available to modify, use the - # DescribeDBSnapshotAttributes API operation. + # DescribeDBSnapshotAttributes API action. # # # @@ -17666,9 +17531,9 @@ def reset_db_parameter_group(params = {}, options = {}) # @option params [required, String] :engine # The name of the database engine to be used for this DB cluster. # - # Valid Values: `aurora` (for MySQL 5.6-compatible Aurora) and + # Valid Values: `aurora` (for MySQL 5.6-compatible Aurora), # `aurora-mysql` (for MySQL 5.7-compatible and MySQL 8.0-compatible - # Aurora) + # Aurora), and `aurora-postgresql` # # @option params [String] :engine_version # The version number of the database engine to use. @@ -17686,10 +17551,20 @@ def reset_db_parameter_group(params = {}, options = {}) # `aws rds describe-db-engine-versions --engine aurora-mysql --query # "DBEngineVersions[].EngineVersion"` # + # To list all of the available engine versions for `aurora-postgresql`, + # use the following command: + # + # `aws rds describe-db-engine-versions --engine aurora-postgresql + # --query "DBEngineVersions[].EngineVersion"` + # # **Aurora MySQL** # - # Example: `5.6.10a`, `5.6.mysql_aurora.1.19.2`, - # `5.7.mysql_aurora.2.07.1`, `8.0.mysql_aurora.3.02.0` + # Example: `5.6.10a`, `5.6.mysql_aurora.1.19.2`, `5.7.12`, + # `5.7.mysql_aurora.2.04.5`, `8.0.mysql_aurora.3.01.0` + # + # **Aurora PostgreSQL** + # + # Example: `9.6.3`, `10.7` # # @option params [Integer] :port # The port number on which the instances in the restored DB cluster @@ -18323,7 +18198,7 @@ def restore_db_cluster_from_s3(params = {}, options = {}) # # For more information about exporting CloudWatch Logs for Amazon RDS, # see [Publishing Database Logs to Amazon CloudWatch Logs][1] in the - # *Amazon RDS User Guide*. + # *Amazon RDS User Guide.*. # # For more information about exporting CloudWatch Logs for Amazon # Aurora, see [Publishing Database Logs to Amazon CloudWatch Logs][2] in @@ -18905,7 +18780,7 @@ def restore_db_cluster_from_snapshot(params = {}, options = {}) # # For more information about exporting CloudWatch Logs for Amazon RDS, # see [Publishing Database Logs to Amazon CloudWatch Logs][1] in the - # *Amazon RDS User Guide*. + # *Amazon RDS User Guide.*. # # For more information about exporting CloudWatch Logs for Amazon # Aurora, see [Publishing Database Logs to Amazon CloudWatch Logs][2] in @@ -20312,7 +20187,7 @@ def restore_db_instance_from_db_snapshot(params = {}, options = {}) # DB instance. # # For more information, see [Using Amazon Performance Insights][1] in - # the *Amazon RDS User Guide*. + # the *Amazon RDS User Guide.*. # # # @@ -20331,27 +20206,8 @@ def restore_db_instance_from_db_snapshot(params = {}, options = {}) # a different default KMS key for each Amazon Web Services Region. # # @option params [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # @option params [Array] :enable_cloudwatch_logs_exports # The list of logs that the restored DB instance is to export to @@ -21877,36 +21733,14 @@ def start_db_instance(params = {}, options = {}) # `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE`. # # @option params [String] :pre_signed_url - # In an Amazon Web Services GovCloud (US) Region, an URL that contains a - # Signature Version 4 signed request for the - # `StartDBInstanceAutomatedBackupsReplication` operation to call in the + # A URL that contains a Signature Version 4 signed request for the + # StartDBInstanceAutomatedBackupsReplication action to be called in the # Amazon Web Services Region of the source DB instance. The presigned # URL must be a valid request for the - # `StartDBInstanceAutomatedBackupsReplication` API operation that can - # run in the Amazon Web Services Region that contains the source DB + # StartDBInstanceAutomatedBackupsReplication API action that can be + # executed in the Amazon Web Services Region that contains the source DB # instance. # - # This setting applies only to Amazon Web Services GovCloud (US) - # Regions. It's ignored in other Amazon Web Services Regions. - # - # To learn how to generate a Signature Version 4 signed request, see [ - # Authenticating Requests: Using Query Parameters (Amazon Web Services - # Signature Version 4)][1] and [ Signature Version 4 Signing - # Process][2]. - # - # If you are using an Amazon Web Services SDK tool or the CLI, you can - # specify `SourceRegion` (or `--source-region` for the CLI) instead of - # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. - # - # - # - # - # - # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html - # [2]: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html - # # @option params [String] :source_region # The source region of the snapshot. This is only needed when the # shapshot is encrypted and in a different region. @@ -22475,8 +22309,7 @@ def stop_db_instance(params = {}, options = {}) # Stops automated backup replication for a DB instance. # - # This command doesn't apply to RDS Custom, Aurora MySQL, and Aurora - # PostgreSQL. + # This command doesn't apply to RDS Custom. # # For more information, see [ Replicating Automated Backups to Another # Amazon Web Services Region][1] in the *Amazon RDS User Guide.* @@ -22554,7 +22387,7 @@ def build_request(operation_name, params = {}) params: params, config: config) context[:gem_name] = 'aws-sdk-rds' - context[:gem_version] = '1.147.0' + context[:gem_version] = '1.148.0' Seahorse::Client::Request.new(handlers, context) end @@ -22622,6 +22455,8 @@ def build_request(operation_name, params = {}) # # | waiter_name | params | :delay | :max_attempts | # | ----------------------------- | -------------------------------------- | -------- | ------------- | + # | db_cluster_available | {Client#describe_db_clusters} | 30 | 60 | + # | db_cluster_deleted | {Client#describe_db_clusters} | 30 | 60 | # | db_cluster_snapshot_available | {Client#describe_db_cluster_snapshots} | 30 | 60 | # | db_cluster_snapshot_deleted | {Client#describe_db_cluster_snapshots} | 30 | 60 | # | db_instance_available | {Client#describe_db_instances} | 30 | 60 | @@ -22678,6 +22513,8 @@ def waiter(waiter_name, options = {}) def waiters { + db_cluster_available: Waiters::DBClusterAvailable, + db_cluster_deleted: Waiters::DBClusterDeleted, db_cluster_snapshot_available: Waiters::DBClusterSnapshotAvailable, db_cluster_snapshot_deleted: Waiters::DBClusterSnapshotDeleted, db_instance_available: Waiters::DBInstanceAvailable, diff --git a/gems/aws-sdk-rds/lib/aws-sdk-rds/db_cluster.rb b/gems/aws-sdk-rds/lib/aws-sdk-rds/db_cluster.rb index 4db7a86758c..e6b3eda425b 100644 --- a/gems/aws-sdk-rds/lib/aws-sdk-rds/db_cluster.rb +++ b/gems/aws-sdk-rds/lib/aws-sdk-rds/db_cluster.rb @@ -579,24 +579,8 @@ def performance_insights_kms_key_id data[:performance_insights_kms_key_id] end - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting is only for non-Aurora Multi-AZ DB clusters. # @return [Integer] @@ -1091,25 +1075,25 @@ def wait_until(options = {}, &block) # # Valid for: Aurora DB clusters and Multi-AZ DB clusters # @option options [String] :pre_signed_url - # When you are replicating a DB cluster from one Amazon Web Services - # GovCloud (US) Region to another, an URL that contains a Signature - # Version 4 signed request for the `CreateDBCluster` operation to be - # called in the source Amazon Web Services Region where the DB cluster - # is replicated from. Specify `PreSignedUrl` only when you are - # performing cross-Region replication from an encrypted DB cluster. - # - # The presigned URL must be a valid request for the `CreateDBCluster` - # API operation that can run in the source Amazon Web Services Region - # that contains the encrypted DB cluster to copy. - # - # The presigned URL request must contain the following parameter values: - # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB cluster in the destination Amazon Web - # Services Region. This should refer to the same KMS key for both the - # `CreateDBCluster` operation that is called in the destination Amazon - # Web Services Region, and the operation contained in the presigned - # URL. + # A URL that contains a Signature Version 4 signed request for the + # `CreateDBCluster` action to be called in the source Amazon Web + # Services Region where the DB cluster is replicated from. Specify + # `PreSignedUrl` only when you are performing cross-Region replication + # from an encrypted DB cluster. + # + # The pre-signed URL must be a valid request for the `CreateDBCluster` + # API action that can be executed in the source Amazon Web Services + # Region that contains the encrypted DB cluster to be copied. + # + # The pre-signed URL request must contain the following parameter + # values: + # + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the KMS + # key to use to encrypt the copy of the DB cluster in the destination + # Amazon Web Services Region. This should refer to the same KMS key + # for both the `CreateDBCluster` action that is called in the + # destination Amazon Web Services Region, and the action contained in + # the pre-signed URL. # # * `DestinationRegion` - The name of the Amazon Web Services Region # that Aurora read replica will be created in. @@ -1130,8 +1114,9 @@ def wait_until(options = {}, &block) # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # @@ -1147,7 +1132,7 @@ def wait_until(options = {}, &block) # accounts. By default, mapping isn't enabled. # # For more information, see [ IAM Database Authentication][1] in the - # *Amazon Aurora User Guide*. + # *Amazon Aurora User Guide.*. # # Valid for: Aurora DB clusters only # @@ -1218,9 +1203,6 @@ def wait_until(options = {}, &block) # The `multimaster` engine mode only applies for DB clusters created # with Aurora MySQL version 5.6.10a. # - # The `serverless` engine mode only applies for Aurora Serverless v1 DB - # clusters. - # # For Aurora PostgreSQL, the `global` engine mode isn't required, and # both the `parallelquery` and the `multimaster` engine modes currently # aren't supported. @@ -1229,25 +1211,22 @@ def wait_until(options = {}, &block) # information, see the following sections in the *Amazon Aurora User # Guide*\: # - # * [Limitations of Aurora Serverless v1][1] + # * [ Limitations of Aurora Serverless v1][1] # - # * [Requirements for Aurora Serverless v2][2] + # * [ Limitations of Parallel Query][2] # - # * [Limitations of Parallel Query][3] + # * [ Limitations of Aurora Global Databases][3] # - # * [Limitations of Aurora Global Databases][4] - # - # * [Limitations of Multi-Master Clusters][5] + # * [ Limitations of Multi-Master Clusters][4] # # Valid for: Aurora DB clusters only # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html - # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations - # [4]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations - # [5]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations + # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations + # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations + # [4]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations # @option options [Types::ScalingConfiguration] :scaling_configuration # For DB clusters in `serverless` DB engine mode, the scaling properties # of the DB cluster. @@ -1470,27 +1449,8 @@ def wait_until(options = {}, &block) # # Valid for: Multi-AZ DB clusters only # @option options [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # Valid for: Multi-AZ DB clusters only # @option options [Types::ServerlessV2ScalingConfiguration] :serverless_v2_scaling_configuration @@ -2106,27 +2066,8 @@ def failover(options = {}) # # Valid for: Multi-AZ DB clusters only # @option options [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # Valid for: Multi-AZ DB clusters only # @option options [Types::ServerlessV2ScalingConfiguration] :serverless_v2_scaling_configuration @@ -2366,7 +2307,7 @@ def modify(options = {}) # # For more information about exporting CloudWatch Logs for Amazon RDS, # see [Publishing Database Logs to Amazon CloudWatch Logs][1] in the - # *Amazon RDS User Guide*. + # *Amazon RDS User Guide.*. # # For more information about exporting CloudWatch Logs for Amazon # Aurora, see [Publishing Database Logs to Amazon CloudWatch Logs][2] in diff --git a/gems/aws-sdk-rds/lib/aws-sdk-rds/db_cluster_snapshot.rb b/gems/aws-sdk-rds/lib/aws-sdk-rds/db_cluster_snapshot.rb index fdfa61b9728..25afbc872b4 100644 --- a/gems/aws-sdk-rds/lib/aws-sdk-rds/db_cluster_snapshot.rb +++ b/gems/aws-sdk-rds/lib/aws-sdk-rds/db_cluster_snapshot.rb @@ -408,30 +408,26 @@ def create(options = {}) # If you copy an unencrypted DB cluster snapshot and specify a value for # the `KmsKeyId` parameter, an error is returned. # @option options [String] :pre_signed_url - # When you are copying a DB cluster snapshot from one Amazon Web - # Services GovCloud (US) Region to another, the URL that contains a - # Signature Version 4 signed request for the `CopyDBClusterSnapshot` API - # operation in the Amazon Web Services Region that contains the source - # DB cluster snapshot to copy. Use the `PreSignedUrl` parameter when - # copying an encrypted DB cluster snapshot from another Amazon Web - # Services Region. Don't specify `PreSignedUrl` when copying an - # encrypted DB cluster snapshot in the same Amazon Web Services Region. - # - # This setting applies only to Amazon Web Services GovCloud (US) - # Regions. It's ignored in other Amazon Web Services Regions. - # - # The presigned URL must be a valid request for the - # `CopyDBClusterSnapshot` API operation that can run in the source + # The URL that contains a Signature Version 4 signed request for the + # `CopyDBClusterSnapshot` API action in the Amazon Web Services Region + # that contains the source DB cluster snapshot to copy. The + # `PreSignedUrl` parameter must be used when copying an encrypted DB + # cluster snapshot from another Amazon Web Services Region. Don't + # specify `PreSignedUrl` when you are copying an encrypted DB cluster + # snapshot in the same Amazon Web Services Region. + # + # The pre-signed URL must be a valid request for the + # `CopyDBClusterSnapshot` API action that can be executed in the source # Amazon Web Services Region that contains the encrypted DB cluster - # snapshot to copy. The presigned URL request must contain the following - # parameter values: + # snapshot to be copied. The pre-signed URL request must contain the + # following parameter values: # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB cluster snapshot in the destination - # Amazon Web Services Region. This is the same identifier for both the - # `CopyDBClusterSnapshot` operation that is called in the destination - # Amazon Web Services Region, and the operation contained in the - # presigned URL. + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the KMS + # key to use to encrypt the copy of the DB cluster snapshot in the + # destination Amazon Web Services Region. This is the same identifier + # for both the `CopyDBClusterSnapshot` action that is called in the + # destination Amazon Web Services Region, and the action contained in + # the pre-signed URL. # # * `DestinationRegion` - The name of the Amazon Web Services Region # that the DB cluster snapshot is to be created in. @@ -453,8 +449,9 @@ def create(options = {}) # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # @@ -746,7 +743,7 @@ def delete(options = {}) # # For more information about exporting CloudWatch Logs for Amazon RDS, # see [Publishing Database Logs to Amazon CloudWatch Logs][1] in the - # *Amazon RDS User Guide*. + # *Amazon RDS User Guide.*. # # For more information about exporting CloudWatch Logs for Amazon # Aurora, see [Publishing Database Logs to Amazon CloudWatch Logs][2] in diff --git a/gems/aws-sdk-rds/lib/aws-sdk-rds/db_instance.rb b/gems/aws-sdk-rds/lib/aws-sdk-rds/db_instance.rb index df9cd51955b..a3ee64342dc 100644 --- a/gems/aws-sdk-rds/lib/aws-sdk-rds/db_instance.rb +++ b/gems/aws-sdk-rds/lib/aws-sdk-rds/db_instance.rb @@ -483,24 +483,8 @@ def performance_insights_kms_key_id data[:performance_insights_kms_key_id] end - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # @return [Integer] def performance_insights_retention_period data[:performance_insights_retention_period] @@ -1135,16 +1119,14 @@ def wait_until(options = {}, &block) # * Web and Express editions: Must be an integer from 20 to 1024. # @option options [required, String] :db_instance_class # The compute and memory capacity of the DB instance, for example - # db.m5.large. Not all DB instance classes are available in all Amazon + # db.m4.large. Not all DB instance classes are available in all Amazon # Web Services Regions, or for all database engines. For the full list # of DB instance classes, and availability for your engine, see [DB - # instance classes][1] in the *Amazon RDS User Guide* or [Aurora DB - # instance classes][2] in the *Amazon Aurora User Guide*. + # Instance Class][1] in the *Amazon RDS User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html # @option options [required, String] :engine # The name of the database engine to be used for this instance. # @@ -1239,9 +1221,7 @@ def wait_until(options = {}, &block) # @option options [Array] :db_security_groups # A list of DB security groups to associate with this DB instance. # - # This setting applies to the legacy EC2-Classic platform, which is no - # longer used to create new DB instances. Use the `VpcSecurityGroupIds` - # setting instead. + # Default: The default DB security group for the database engine. # @option options [Array] :vpc_security_group_ids # A list of Amazon EC2 VPC security groups to associate with this DB # instance. @@ -1335,7 +1315,7 @@ def wait_until(options = {}, &block) # # * Can't be set to 0 if the DB instance is a source to read replicas # - # * Can't be set to 0 for an RDS Custom for Oracle DB instance + # * Can't be set to 0 or 35 for an RDS Custom for Oracle DB instance # @option options [String] :preferred_backup_window # The daily time range during which automated backups are created if # automated backups are enabled, using the `BackupRetentionPeriod` @@ -1414,16 +1394,11 @@ def wait_until(options = {}, &block) # instance is a Multi-AZ deployment. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. DB instance Availability Zones (AZs) are managed by - # the DB cluster. # @option options [String] :engine_version # The version number of the database engine to use. # # For a list of valid engine versions, use the - # `DescribeDBEngineVersions` operation. + # `DescribeDBEngineVersions` action. # # The following are the database engines and links to information about # the major and minor versions that are available with Amazon RDS. Not @@ -1496,10 +1471,6 @@ def wait_until(options = {}, &block) # `general-public-license` # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @option options [Integer] :iops # The amount of Provisioned IOPS (input/output operations per second) to # be initially allocated for the DB instance. For information about @@ -1511,10 +1482,6 @@ def wait_until(options = {}, &block) # instance. For SQL Server DB instances, must be a multiple between 1 # and 50 of the storage amount for the DB instance. # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS @@ -1528,10 +1495,6 @@ def wait_until(options = {}, &block) # instance. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @option options [String] :character_set_name # For supported engines, this value indicates that the DB instance # should be associated with the specified `CharacterSet`. @@ -1596,19 +1559,11 @@ def wait_until(options = {}, &block) # parameter. # # Default: `io1` if the `Iops` parameter is specified, otherwise `gp2` - # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. # @option options [String] :tde_credential_arn # The ARN from the key store with which to associate the instance for # TDE encryption. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @option options [String] :tde_credential_password # The password for the given ARN from the key store in order to access # the device. @@ -1662,10 +1617,6 @@ def wait_until(options = {}, &block) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. The domain is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html @@ -1709,10 +1660,6 @@ def wait_until(options = {}, &block) # the Directory Service. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. The domain is managed by the DB cluster. # @option options [Integer] :promotion_tier # A value that specifies the order in which an Aurora Replica is # promoted to the primary instance after a failure of the existing @@ -1740,16 +1687,13 @@ def wait_until(options = {}, &block) # Services Identity and Access Management (IAM) accounts to database # accounts. By default, mapping isn't enabled. # + # This setting doesn't apply to RDS Custom or Amazon Aurora. In Aurora, + # mapping Amazon Web Services IAM accounts to database accounts is + # managed by the DB cluster. + # # For more information, see [ IAM Database Authentication for MySQL and # PostgreSQL][1] in the *Amazon RDS User Guide*. # - # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. Mapping Amazon Web Services IAM accounts to database - # accounts is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html @@ -1777,27 +1721,8 @@ def wait_until(options = {}, &block) # # This setting doesn't apply to RDS Custom. # @option options [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @option options [Array] :enable_cloudwatch_logs_exports @@ -1843,10 +1768,6 @@ def wait_until(options = {}, &block) # instance class of the DB instance. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @option options [Boolean] :deletion_protection # A value that indicates whether the DB instance has deletion protection # enabled. The database can't be deleted when deletion protection is @@ -1873,10 +1794,6 @@ def wait_until(options = {}, &block) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling @@ -2081,7 +1998,7 @@ def create(options = {}) # specified DB engine for a cross-Region read replica. # # Specifying a parameter group for this operation is only supported for - # MySQL and Oracle DB instances. It isn't supported for RDS Custom. + # Oracle DB instances. It isn't supported for RDS Custom. # # Constraints: # @@ -2210,16 +2127,9 @@ def create(options = {}) # This setting doesn't apply to RDS Custom, which uses the same KMS key # as the primary replica. # @option options [String] :pre_signed_url - # When you are creating a read replica from one Amazon Web Services - # GovCloud (US) Region to another or from one China Amazon Web Services - # Region to another, the URL that contains a Signature Version 4 signed - # request for the `CreateDBInstanceReadReplica` API operation in the - # source Amazon Web Services Region that contains the source DB - # instance. - # - # This setting applies only to Amazon Web Services GovCloud (US) Regions - # and China Amazon Web Services Regions. It's ignored in other Amazon - # Web Services Regions. + # The URL that contains a Signature Version 4 signed request for the + # `CreateDBInstanceReadReplica` API action in the source Amazon Web + # Services Region that contains the source DB instance. # # You must specify this parameter when you create an encrypted read # replica from another Amazon Web Services Region by using the Amazon @@ -2227,31 +2137,32 @@ def create(options = {}) # encrypted read replica in the same Amazon Web Services Region. # # The presigned URL must be a valid request for the - # `CreateDBInstanceReadReplica` API operation that can run in the source - # Amazon Web Services Region that contains the encrypted source DB - # instance. The presigned URL request must contain the following + # `CreateDBInstanceReadReplica` API action that can be executed in the + # source Amazon Web Services Region that contains the encrypted source + # DB instance. The presigned URL request must contain the following # parameter values: # # * `DestinationRegion` - The Amazon Web Services Region that the # encrypted read replica is created in. This Amazon Web Services # Region is the same one where the `CreateDBInstanceReadReplica` - # operation is called that contains this presigned URL. + # action is called that contains this presigned URL. # # For example, if you create an encrypted DB instance in the us-west-1 # Amazon Web Services Region, from a source DB instance in the # us-east-2 Amazon Web Services Region, then you call the - # `CreateDBInstanceReadReplica` operation in the us-east-1 Amazon Web + # `CreateDBInstanceReadReplica` action in the us-east-1 Amazon Web # Services Region and provide a presigned URL that contains a call to - # the `CreateDBInstanceReadReplica` operation in the us-west-2 Amazon - # Web Services Region. For this example, the `DestinationRegion` in - # the presigned URL must be set to the us-east-1 Amazon Web Services + # the `CreateDBInstanceReadReplica` action in the us-west-2 Amazon Web + # Services Region. For this example, the `DestinationRegion` in the + # presigned URL must be set to the us-east-1 Amazon Web Services # Region. # - # * `KmsKeyId` - The KMS key identifier for the key to use to encrypt - # the read replica in the destination Amazon Web Services Region. This - # is the same identifier for both the `CreateDBInstanceReadReplica` - # operation that is called in the destination Amazon Web Services - # Region, and the operation contained in the presigned URL. + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the key + # to use to encrypt the read replica in the destination Amazon Web + # Services Region. This is the same identifier for both the + # `CreateDBInstanceReadReplica` action that is called in the + # destination Amazon Web Services Region, and the action contained in + # the presigned URL. # # * `SourceDBInstanceIdentifier` - The DB instance identifier for the # encrypted DB instance to be replicated. This identifier must be in @@ -2270,10 +2181,11 @@ def create(options = {}) # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # operation that can be executed in the source Amazon Web Services + # Region. # - # `SourceRegion` isn't supported for SQL Server, because Amazon RDS for - # SQL Server doesn't support cross-Region read replicas. + # `SourceRegion` isn't supported for SQL Server, because SQL Server on + # Amazon RDS doesn't support cross-Region read replicas. # # # @@ -2323,27 +2235,8 @@ def create(options = {}) # # This setting doesn't apply to RDS Custom. # @option options [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @option options [Array] :enable_cloudwatch_logs_exports @@ -2668,11 +2561,10 @@ def delete(options = {}) # `CreateDBInstance`. # @option options [String] :db_instance_class # The new compute and memory capacity of the DB instance, for example - # db.m5.large. Not all DB instance classes are available in all Amazon + # db.m4.large. Not all DB instance classes are available in all Amazon # Web Services Regions, or for all database engines. For the full list # of DB instance classes, and availability for your engine, see [DB - # instance classes][1] in the *Amazon RDS User Guide* or [Aurora DB - # instance classes][2] in the *Amazon Aurora User Guide*. + # Instance Class][1] in the *Amazon RDS User Guide*. # # If you modify the DB instance class, an outage occurs during the # change. The change is applied during the next maintenance window, @@ -2685,7 +2577,6 @@ def delete(options = {}) # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html # @option options [String] :db_subnet_group_name # The new DB subnet group for the DB instance. You can use this # parameter to move your DB instance to a different VPC. If your DB @@ -2792,7 +2683,7 @@ def delete(options = {}) # # Constraints: Must contain from 8 to 128 characters. # - # Amazon RDS API operations never return the password, so this action + # Amazon RDS API actions never return the password, so this action # provides a way to regain access to a primary instance user if the # password is lost. This includes restoring privileges that might have # been accidentally revoked. @@ -2842,8 +2733,8 @@ def delete(options = {}) # Constraints: # # * It must be a value from 0 to 35. It can't be set to 0 if the DB - # instance is a source to read replicas. It can't be set to 0 for an - # RDS Custom for Oracle DB instance. + # instance is a source to read replicas. It can't be set to 0 or 35 + # for an RDS Custom for Oracle DB instance. # # * It can be specified for a MySQL read replica only if the source is # running MySQL 5.6 or later. @@ -3231,7 +3122,7 @@ def delete(options = {}) # DB instance. # # For more information, see [Using Amazon Performance Insights][1] in - # the *Amazon RDS User Guide*. + # the *Amazon RDS User Guide.*. # # This setting doesn't apply to RDS Custom. # @@ -3252,27 +3143,8 @@ def delete(options = {}) # # This setting doesn't apply to RDS Custom. # @option options [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @option options [Types::CloudwatchLogsExportConfiguration] :cloudwatch_logs_export_configuration diff --git a/gems/aws-sdk-rds/lib/aws-sdk-rds/db_snapshot.rb b/gems/aws-sdk-rds/lib/aws-sdk-rds/db_snapshot.rb index c31b602cfc9..979a8f277b4 100644 --- a/gems/aws-sdk-rds/lib/aws-sdk-rds/db_snapshot.rb +++ b/gems/aws-sdk-rds/lib/aws-sdk-rds/db_snapshot.rb @@ -478,46 +478,39 @@ def create(options = {}) # A value that indicates whether to copy all tags from the source DB # snapshot to the target DB snapshot. By default, tags are not copied. # @option options [String] :pre_signed_url - # When you are copying a snapshot from one Amazon Web Services GovCloud - # (US) Region to another, the URL that contains a Signature Version 4 - # signed request for the `CopyDBSnapshot` API operation in the source - # Amazon Web Services Region that contains the source DB snapshot to - # copy. - # - # This setting applies only to Amazon Web Services GovCloud (US) - # Regions. It's ignored in other Amazon Web Services Regions. + # The URL that contains a Signature Version 4 signed request for the + # `CopyDBSnapshot` API action in the source Amazon Web Services Region + # that contains the source DB snapshot to copy. # # You must specify this parameter when you copy an encrypted DB snapshot # from another Amazon Web Services Region by using the Amazon RDS API. # Don't specify `PreSignedUrl` when you are copying an encrypted DB # snapshot in the same Amazon Web Services Region. # - # The presigned URL must be a valid request for the - # `CopyDBClusterSnapshot` API operation that can run in the source - # Amazon Web Services Region that contains the encrypted DB cluster - # snapshot to copy. The presigned URL request must contain the following - # parameter values: + # The presigned URL must be a valid request for the `CopyDBSnapshot` API + # action that can be executed in the source Amazon Web Services Region + # that contains the encrypted DB snapshot to be copied. The presigned + # URL request must contain the following parameter values: # # * `DestinationRegion` - The Amazon Web Services Region that the # encrypted DB snapshot is copied to. This Amazon Web Services Region - # is the same one where the `CopyDBSnapshot` operation is called that + # is the same one where the `CopyDBSnapshot` action is called that # contains this presigned URL. # # For example, if you copy an encrypted DB snapshot from the us-west-2 # Amazon Web Services Region to the us-east-1 Amazon Web Services - # Region, then you call the `CopyDBSnapshot` operation in the - # us-east-1 Amazon Web Services Region and provide a presigned URL - # that contains a call to the `CopyDBSnapshot` operation in the - # us-west-2 Amazon Web Services Region. For this example, the - # `DestinationRegion` in the presigned URL must be set to the - # us-east-1 Amazon Web Services Region. - # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB snapshot in the destination Amazon Web - # Services Region. This is the same identifier for both the - # `CopyDBSnapshot` operation that is called in the destination Amazon - # Web Services Region, and the operation contained in the presigned - # URL. + # Region, then you call the `CopyDBSnapshot` action in the us-east-1 + # Amazon Web Services Region and provide a presigned URL that contains + # a call to the `CopyDBSnapshot` action in the us-west-2 Amazon Web + # Services Region. For this example, the `DestinationRegion` in the + # presigned URL must be set to the us-east-1 Amazon Web Services + # Region. + # + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the KMS + # key to use to encrypt the copy of the DB snapshot in the destination + # Amazon Web Services Region. This is the same identifier for both the + # `CopyDBSnapshot` action that is called in the destination Amazon Web + # Services Region, and the action contained in the presigned URL. # # * `SourceDBSnapshotIdentifier` - The DB snapshot identifier for the # encrypted snapshot to be copied. This identifier must be in the @@ -534,8 +527,9 @@ def create(options = {}) # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # diff --git a/gems/aws-sdk-rds/lib/aws-sdk-rds/resource.rb b/gems/aws-sdk-rds/lib/aws-sdk-rds/resource.rb index 1a21745e957..d1746c8488c 100644 --- a/gems/aws-sdk-rds/lib/aws-sdk-rds/resource.rb +++ b/gems/aws-sdk-rds/lib/aws-sdk-rds/resource.rb @@ -390,25 +390,25 @@ def client # # Valid for: Aurora DB clusters and Multi-AZ DB clusters # @option options [String] :pre_signed_url - # When you are replicating a DB cluster from one Amazon Web Services - # GovCloud (US) Region to another, an URL that contains a Signature - # Version 4 signed request for the `CreateDBCluster` operation to be - # called in the source Amazon Web Services Region where the DB cluster - # is replicated from. Specify `PreSignedUrl` only when you are - # performing cross-Region replication from an encrypted DB cluster. - # - # The presigned URL must be a valid request for the `CreateDBCluster` - # API operation that can run in the source Amazon Web Services Region - # that contains the encrypted DB cluster to copy. - # - # The presigned URL request must contain the following parameter values: - # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB cluster in the destination Amazon Web - # Services Region. This should refer to the same KMS key for both the - # `CreateDBCluster` operation that is called in the destination Amazon - # Web Services Region, and the operation contained in the presigned - # URL. + # A URL that contains a Signature Version 4 signed request for the + # `CreateDBCluster` action to be called in the source Amazon Web + # Services Region where the DB cluster is replicated from. Specify + # `PreSignedUrl` only when you are performing cross-Region replication + # from an encrypted DB cluster. + # + # The pre-signed URL must be a valid request for the `CreateDBCluster` + # API action that can be executed in the source Amazon Web Services + # Region that contains the encrypted DB cluster to be copied. + # + # The pre-signed URL request must contain the following parameter + # values: + # + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the KMS + # key to use to encrypt the copy of the DB cluster in the destination + # Amazon Web Services Region. This should refer to the same KMS key + # for both the `CreateDBCluster` action that is called in the + # destination Amazon Web Services Region, and the action contained in + # the pre-signed URL. # # * `DestinationRegion` - The name of the Amazon Web Services Region # that Aurora read replica will be created in. @@ -429,8 +429,9 @@ def client # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # @@ -446,7 +447,7 @@ def client # accounts. By default, mapping isn't enabled. # # For more information, see [ IAM Database Authentication][1] in the - # *Amazon Aurora User Guide*. + # *Amazon Aurora User Guide.*. # # Valid for: Aurora DB clusters only # @@ -517,9 +518,6 @@ def client # The `multimaster` engine mode only applies for DB clusters created # with Aurora MySQL version 5.6.10a. # - # The `serverless` engine mode only applies for Aurora Serverless v1 DB - # clusters. - # # For Aurora PostgreSQL, the `global` engine mode isn't required, and # both the `parallelquery` and the `multimaster` engine modes currently # aren't supported. @@ -528,25 +526,22 @@ def client # information, see the following sections in the *Amazon Aurora User # Guide*\: # - # * [Limitations of Aurora Serverless v1][1] - # - # * [Requirements for Aurora Serverless v2][2] + # * [ Limitations of Aurora Serverless v1][1] # - # * [Limitations of Parallel Query][3] + # * [ Limitations of Parallel Query][2] # - # * [Limitations of Aurora Global Databases][4] + # * [ Limitations of Aurora Global Databases][3] # - # * [Limitations of Multi-Master Clusters][5] + # * [ Limitations of Multi-Master Clusters][4] # # Valid for: Aurora DB clusters only # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html - # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations - # [4]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations - # [5]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations + # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations + # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations + # [4]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations # @option options [Types::ScalingConfiguration] :scaling_configuration # For DB clusters in `serverless` DB engine mode, the scaling properties # of the DB cluster. @@ -769,27 +764,8 @@ def client # # Valid for: Multi-AZ DB clusters only # @option options [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # Valid for: Multi-AZ DB clusters only # @option options [Types::ServerlessV2ScalingConfiguration] :serverless_v2_scaling_configuration @@ -1203,16 +1179,14 @@ def create_db_cluster_parameter_group(options = {}) # * Web and Express editions: Must be an integer from 20 to 1024. # @option options [required, String] :db_instance_class # The compute and memory capacity of the DB instance, for example - # db.m5.large. Not all DB instance classes are available in all Amazon + # db.m4.large. Not all DB instance classes are available in all Amazon # Web Services Regions, or for all database engines. For the full list # of DB instance classes, and availability for your engine, see [DB - # instance classes][1] in the *Amazon RDS User Guide* or [Aurora DB - # instance classes][2] in the *Amazon Aurora User Guide*. + # Instance Class][1] in the *Amazon RDS User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html # @option options [required, String] :engine # The name of the database engine to be used for this instance. # @@ -1307,9 +1281,7 @@ def create_db_cluster_parameter_group(options = {}) # @option options [Array] :db_security_groups # A list of DB security groups to associate with this DB instance. # - # This setting applies to the legacy EC2-Classic platform, which is no - # longer used to create new DB instances. Use the `VpcSecurityGroupIds` - # setting instead. + # Default: The default DB security group for the database engine. # @option options [Array] :vpc_security_group_ids # A list of Amazon EC2 VPC security groups to associate with this DB # instance. @@ -1403,7 +1375,7 @@ def create_db_cluster_parameter_group(options = {}) # # * Can't be set to 0 if the DB instance is a source to read replicas # - # * Can't be set to 0 for an RDS Custom for Oracle DB instance + # * Can't be set to 0 or 35 for an RDS Custom for Oracle DB instance # @option options [String] :preferred_backup_window # The daily time range during which automated backups are created if # automated backups are enabled, using the `BackupRetentionPeriod` @@ -1482,16 +1454,11 @@ def create_db_cluster_parameter_group(options = {}) # instance is a Multi-AZ deployment. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. DB instance Availability Zones (AZs) are managed by - # the DB cluster. # @option options [String] :engine_version # The version number of the database engine to use. # # For a list of valid engine versions, use the - # `DescribeDBEngineVersions` operation. + # `DescribeDBEngineVersions` action. # # The following are the database engines and links to information about # the major and minor versions that are available with Amazon RDS. Not @@ -1564,10 +1531,6 @@ def create_db_cluster_parameter_group(options = {}) # `general-public-license` # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @option options [Integer] :iops # The amount of Provisioned IOPS (input/output operations per second) to # be initially allocated for the DB instance. For information about @@ -1579,10 +1542,6 @@ def create_db_cluster_parameter_group(options = {}) # instance. For SQL Server DB instances, must be a multiple between 1 # and 50 of the storage amount for the DB instance. # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS @@ -1596,10 +1555,6 @@ def create_db_cluster_parameter_group(options = {}) # instance. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @option options [String] :character_set_name # For supported engines, this value indicates that the DB instance # should be associated with the specified `CharacterSet`. @@ -1664,19 +1619,11 @@ def create_db_cluster_parameter_group(options = {}) # parameter. # # Default: `io1` if the `Iops` parameter is specified, otherwise `gp2` - # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. # @option options [String] :tde_credential_arn # The ARN from the key store with which to associate the instance for # TDE encryption. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @option options [String] :tde_credential_password # The password for the given ARN from the key store in order to access # the device. @@ -1730,10 +1677,6 @@ def create_db_cluster_parameter_group(options = {}) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. The domain is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html @@ -1777,10 +1720,6 @@ def create_db_cluster_parameter_group(options = {}) # the Directory Service. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. The domain is managed by the DB cluster. # @option options [Integer] :promotion_tier # A value that specifies the order in which an Aurora Replica is # promoted to the primary instance after a failure of the existing @@ -1808,16 +1747,13 @@ def create_db_cluster_parameter_group(options = {}) # Services Identity and Access Management (IAM) accounts to database # accounts. By default, mapping isn't enabled. # + # This setting doesn't apply to RDS Custom or Amazon Aurora. In Aurora, + # mapping Amazon Web Services IAM accounts to database accounts is + # managed by the DB cluster. + # # For more information, see [ IAM Database Authentication for MySQL and # PostgreSQL][1] in the *Amazon RDS User Guide*. # - # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. Mapping Amazon Web Services IAM accounts to database - # accounts is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html @@ -1845,27 +1781,8 @@ def create_db_cluster_parameter_group(options = {}) # # This setting doesn't apply to RDS Custom. # @option options [Integer] :performance_insights_retention_period - # The number of days to retain Performance Insights data. The default is - # 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @option options [Array] :enable_cloudwatch_logs_exports @@ -1911,10 +1828,6 @@ def create_db_cluster_parameter_group(options = {}) # instance class of the DB instance. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @option options [Boolean] :deletion_protection # A value that indicates whether the DB instance has deletion protection # enabled. The database can't be deleted when deletion protection is @@ -1941,10 +1854,6 @@ def create_db_cluster_parameter_group(options = {}) # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling diff --git a/gems/aws-sdk-rds/lib/aws-sdk-rds/types.rb b/gems/aws-sdk-rds/lib/aws-sdk-rds/types.rb index 9c3784becd0..cde03f7ba9b 100644 --- a/gems/aws-sdk-rds/lib/aws-sdk-rds/types.rb +++ b/gems/aws-sdk-rds/lib/aws-sdk-rds/types.rb @@ -1116,31 +1116,26 @@ class CopyDBClusterParameterGroupResult < Struct.new( # @return [String] # # @!attribute [rw] pre_signed_url - # When you are copying a DB cluster snapshot from one Amazon Web - # Services GovCloud (US) Region to another, the URL that contains a - # Signature Version 4 signed request for the `CopyDBClusterSnapshot` - # API operation in the Amazon Web Services Region that contains the - # source DB cluster snapshot to copy. Use the `PreSignedUrl` parameter - # when copying an encrypted DB cluster snapshot from another Amazon - # Web Services Region. Don't specify `PreSignedUrl` when copying an - # encrypted DB cluster snapshot in the same Amazon Web Services - # Region. - # - # This setting applies only to Amazon Web Services GovCloud (US) - # Regions. It's ignored in other Amazon Web Services Regions. - # - # The presigned URL must be a valid request for the - # `CopyDBClusterSnapshot` API operation that can run in the source - # Amazon Web Services Region that contains the encrypted DB cluster - # snapshot to copy. The presigned URL request must contain the - # following parameter values: - # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB cluster snapshot in the destination - # Amazon Web Services Region. This is the same identifier for both - # the `CopyDBClusterSnapshot` operation that is called in the - # destination Amazon Web Services Region, and the operation - # contained in the presigned URL. + # The URL that contains a Signature Version 4 signed request for the + # `CopyDBClusterSnapshot` API action in the Amazon Web Services Region + # that contains the source DB cluster snapshot to copy. The + # `PreSignedUrl` parameter must be used when copying an encrypted DB + # cluster snapshot from another Amazon Web Services Region. Don't + # specify `PreSignedUrl` when you are copying an encrypted DB cluster + # snapshot in the same Amazon Web Services Region. + # + # The pre-signed URL must be a valid request for the + # `CopyDBClusterSnapshot` API action that can be executed in the + # source Amazon Web Services Region that contains the encrypted DB + # cluster snapshot to be copied. The pre-signed URL request must + # contain the following parameter values: + # + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the + # KMS key to use to encrypt the copy of the DB cluster snapshot in + # the destination Amazon Web Services Region. This is the same + # identifier for both the `CopyDBClusterSnapshot` action that is + # called in the destination Amazon Web Services Region, and the + # action contained in the pre-signed URL. # # * `DestinationRegion` - The name of the Amazon Web Services Region # that the DB cluster snapshot is to be created in. @@ -1162,8 +1157,9 @@ class CopyDBClusterParameterGroupResult < Struct.new( # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # @@ -1344,7 +1340,9 @@ class CopyDBParameterGroupResult < Struct.new( # must be the Amazon Resource Name (ARN) of the shared DB snapshot. # # If you are copying an encrypted snapshot this parameter must be in - # the ARN format for the source Amazon Web Services Region. + # the ARN format for the source Amazon Web Services Region, and must + # match the `SourceDBSnapshotIdentifier` in the `PreSignedUrl` + # parameter. # # Constraints: # @@ -1415,46 +1413,40 @@ class CopyDBParameterGroupResult < Struct.new( # @return [Boolean] # # @!attribute [rw] pre_signed_url - # When you are copying a snapshot from one Amazon Web Services - # GovCloud (US) Region to another, the URL that contains a Signature - # Version 4 signed request for the `CopyDBSnapshot` API operation in - # the source Amazon Web Services Region that contains the source DB - # snapshot to copy. - # - # This setting applies only to Amazon Web Services GovCloud (US) - # Regions. It's ignored in other Amazon Web Services Regions. + # The URL that contains a Signature Version 4 signed request for the + # `CopyDBSnapshot` API action in the source Amazon Web Services Region + # that contains the source DB snapshot to copy. # # You must specify this parameter when you copy an encrypted DB # snapshot from another Amazon Web Services Region by using the Amazon # RDS API. Don't specify `PreSignedUrl` when you are copying an # encrypted DB snapshot in the same Amazon Web Services Region. # - # The presigned URL must be a valid request for the - # `CopyDBClusterSnapshot` API operation that can run in the source - # Amazon Web Services Region that contains the encrypted DB cluster - # snapshot to copy. The presigned URL request must contain the - # following parameter values: + # The presigned URL must be a valid request for the `CopyDBSnapshot` + # API action that can be executed in the source Amazon Web Services + # Region that contains the encrypted DB snapshot to be copied. The + # presigned URL request must contain the following parameter values: # # * `DestinationRegion` - The Amazon Web Services Region that the # encrypted DB snapshot is copied to. This Amazon Web Services - # Region is the same one where the `CopyDBSnapshot` operation is - # called that contains this presigned URL. + # Region is the same one where the `CopyDBSnapshot` action is called + # that contains this presigned URL. # # For example, if you copy an encrypted DB snapshot from the # us-west-2 Amazon Web Services Region to the us-east-1 Amazon Web - # Services Region, then you call the `CopyDBSnapshot` operation in - # the us-east-1 Amazon Web Services Region and provide a presigned - # URL that contains a call to the `CopyDBSnapshot` operation in the + # Services Region, then you call the `CopyDBSnapshot` action in the + # us-east-1 Amazon Web Services Region and provide a presigned URL + # that contains a call to the `CopyDBSnapshot` action in the # us-west-2 Amazon Web Services Region. For this example, the # `DestinationRegion` in the presigned URL must be set to the # us-east-1 Amazon Web Services Region. # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB snapshot in the destination Amazon Web - # Services Region. This is the same identifier for both the - # `CopyDBSnapshot` operation that is called in the destination - # Amazon Web Services Region, and the operation contained in the - # presigned URL. + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the + # KMS key to use to encrypt the copy of the DB snapshot in the + # destination Amazon Web Services Region. This is the same + # identifier for both the `CopyDBSnapshot` action that is called in + # the destination Amazon Web Services Region, and the action + # contained in the presigned URL. # # * `SourceDBSnapshotIdentifier` - The DB snapshot identifier for the # encrypted snapshot to be copied. This identifier must be in the @@ -1472,8 +1464,9 @@ class CopyDBParameterGroupResult < Struct.new( # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # @@ -2206,26 +2199,25 @@ class CreateDBClusterEndpointMessage < Struct.new( # @return [String] # # @!attribute [rw] pre_signed_url - # When you are replicating a DB cluster from one Amazon Web Services - # GovCloud (US) Region to another, an URL that contains a Signature - # Version 4 signed request for the `CreateDBCluster` operation to be - # called in the source Amazon Web Services Region where the DB cluster - # is replicated from. Specify `PreSignedUrl` only when you are - # performing cross-Region replication from an encrypted DB cluster. - # - # The presigned URL must be a valid request for the `CreateDBCluster` - # API operation that can run in the source Amazon Web Services Region - # that contains the encrypted DB cluster to copy. - # - # The presigned URL request must contain the following parameter + # A URL that contains a Signature Version 4 signed request for the + # `CreateDBCluster` action to be called in the source Amazon Web + # Services Region where the DB cluster is replicated from. Specify + # `PreSignedUrl` only when you are performing cross-Region replication + # from an encrypted DB cluster. + # + # The pre-signed URL must be a valid request for the `CreateDBCluster` + # API action that can be executed in the source Amazon Web Services + # Region that contains the encrypted DB cluster to be copied. + # + # The pre-signed URL request must contain the following parameter # values: # - # * `KmsKeyId` - The KMS key identifier for the KMS key to use to - # encrypt the copy of the DB cluster in the destination Amazon Web - # Services Region. This should refer to the same KMS key for both - # the `CreateDBCluster` operation that is called in the destination - # Amazon Web Services Region, and the operation contained in the - # presigned URL. + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the + # KMS key to use to encrypt the copy of the DB cluster in the + # destination Amazon Web Services Region. This should refer to the + # same KMS key for both the `CreateDBCluster` action that is called + # in the destination Amazon Web Services Region, and the action + # contained in the pre-signed URL. # # * `DestinationRegion` - The name of the Amazon Web Services Region # that Aurora read replica will be created in. @@ -2246,8 +2238,9 @@ class CreateDBClusterEndpointMessage < Struct.new( # If you are using an Amazon Web Services SDK tool or the CLI, you can # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # autogenerates a pre-signed URL that is a valid request for the + # operation that can be executed in the source Amazon Web Services + # Region. # # # @@ -2265,7 +2258,7 @@ class CreateDBClusterEndpointMessage < Struct.new( # accounts. By default, mapping isn't enabled. # # For more information, see [ IAM Database Authentication][1] in the - # *Amazon Aurora User Guide*. + # *Amazon Aurora User Guide.*. # # Valid for: Aurora DB clusters only # @@ -2342,9 +2335,6 @@ class CreateDBClusterEndpointMessage < Struct.new( # The `multimaster` engine mode only applies for DB clusters created # with Aurora MySQL version 5.6.10a. # - # The `serverless` engine mode only applies for Aurora Serverless v1 - # DB clusters. - # # For Aurora PostgreSQL, the `global` engine mode isn't required, and # both the `parallelquery` and the `multimaster` engine modes # currently aren't supported. @@ -2353,25 +2343,22 @@ class CreateDBClusterEndpointMessage < Struct.new( # information, see the following sections in the *Amazon Aurora User # Guide*\: # - # * [Limitations of Aurora Serverless v1][1] - # - # * [Requirements for Aurora Serverless v2][2] + # * [ Limitations of Aurora Serverless v1][1] # - # * [Limitations of Parallel Query][3] + # * [ Limitations of Parallel Query][2] # - # * [Limitations of Aurora Global Databases][4] + # * [ Limitations of Aurora Global Databases][3] # - # * [Limitations of Multi-Master Clusters][5] + # * [ Limitations of Multi-Master Clusters][4] # # Valid for: Aurora DB clusters only # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html - # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations - # [4]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations - # [5]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations + # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations + # [3]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations + # [4]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations # @return [String] # # @!attribute [rw] scaling_configuration @@ -2635,27 +2622,8 @@ class CreateDBClusterEndpointMessage < Struct.new( # @return [String] # # @!attribute [rw] performance_insights_retention_period - # The number of days to retain Performance Insights data. The default - # is 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # Valid for: Multi-AZ DB clusters only # @return [Integer] @@ -3261,16 +3229,14 @@ class CreateDBClusterSnapshotResult < Struct.new( # # @!attribute [rw] db_instance_class # The compute and memory capacity of the DB instance, for example - # db.m5.large. Not all DB instance classes are available in all Amazon + # db.m4.large. Not all DB instance classes are available in all Amazon # Web Services Regions, or for all database engines. For the full list # of DB instance classes, and availability for your engine, see [DB - # instance classes][1] in the *Amazon RDS User Guide* or [Aurora DB - # instance classes][2] in the *Amazon Aurora User Guide*. + # Instance Class][1] in the *Amazon RDS User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html # @return [String] # # @!attribute [rw] engine @@ -3373,9 +3339,7 @@ class CreateDBClusterSnapshotResult < Struct.new( # @!attribute [rw] db_security_groups # A list of DB security groups to associate with this DB instance. # - # This setting applies to the legacy EC2-Classic platform, which is no - # longer used to create new DB instances. Use the - # `VpcSecurityGroupIds` setting instead. + # Default: The default DB security group for the database engine. # @return [Array] # # @!attribute [rw] vpc_security_group_ids @@ -3481,7 +3445,7 @@ class CreateDBClusterSnapshotResult < Struct.new( # # * Can't be set to 0 if the DB instance is a source to read replicas # - # * Can't be set to 0 for an RDS Custom for Oracle DB instance + # * Can't be set to 0 or 35 for an RDS Custom for Oracle DB instance # @return [Integer] # # @!attribute [rw] preferred_backup_window @@ -3567,18 +3531,13 @@ class CreateDBClusterSnapshotResult < Struct.new( # DB instance is a Multi-AZ deployment. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. DB instance Availability Zones (AZs) are managed by - # the DB cluster. # @return [Boolean] # # @!attribute [rw] engine_version # The version number of the database engine to use. # # For a list of valid engine versions, use the - # `DescribeDBEngineVersions` operation. + # `DescribeDBEngineVersions` action. # # The following are the database engines and links to information # about the major and minor versions that are available with Amazon @@ -3655,10 +3614,6 @@ class CreateDBClusterSnapshotResult < Struct.new( # `general-public-license` # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @return [String] # # @!attribute [rw] iops @@ -3672,10 +3627,6 @@ class CreateDBClusterSnapshotResult < Struct.new( # amount for the DB instance. For SQL Server DB instances, must be a # multiple between 1 and 50 of the storage amount for the DB instance. # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS @@ -3691,10 +3642,6 @@ class CreateDBClusterSnapshotResult < Struct.new( # associated with a DB instance. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @return [String] # # @!attribute [rw] character_set_name @@ -3772,10 +3719,6 @@ class CreateDBClusterSnapshotResult < Struct.new( # parameter. # # Default: `io1` if the `Iops` parameter is specified, otherwise `gp2` - # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. # @return [String] # # @!attribute [rw] tde_credential_arn @@ -3783,10 +3726,6 @@ class CreateDBClusterSnapshotResult < Struct.new( # TDE encryption. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @return [String] # # @!attribute [rw] tde_credential_password @@ -3850,10 +3789,6 @@ class CreateDBClusterSnapshotResult < Struct.new( # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. The domain is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html @@ -3905,10 +3840,6 @@ class CreateDBClusterSnapshotResult < Struct.new( # the Directory Service. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. The domain is managed by the DB cluster. # @return [String] # # @!attribute [rw] promotion_tier @@ -3942,16 +3873,13 @@ class CreateDBClusterSnapshotResult < Struct.new( # Services Identity and Access Management (IAM) accounts to database # accounts. By default, mapping isn't enabled. # + # This setting doesn't apply to RDS Custom or Amazon Aurora. In + # Aurora, mapping Amazon Web Services IAM accounts to database + # accounts is managed by the DB cluster. + # # For more information, see [ IAM Database Authentication for MySQL # and PostgreSQL][1] in the *Amazon RDS User Guide*. # - # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. Mapping Amazon Web Services IAM accounts to database - # accounts is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html @@ -3986,27 +3914,8 @@ class CreateDBClusterSnapshotResult < Struct.new( # @return [String] # # @!attribute [rw] performance_insights_retention_period - # The number of days to retain Performance Insights data. The default - # is 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @return [Integer] @@ -4057,10 +3966,6 @@ class CreateDBClusterSnapshotResult < Struct.new( # DB instance class of the DB instance. # # This setting doesn't apply to RDS Custom. - # - # **Amazon Aurora** - # - # Not applicable. # @return [Array] # # @!attribute [rw] deletion_protection @@ -4091,10 +3996,6 @@ class CreateDBClusterSnapshotResult < Struct.new( # # This setting doesn't apply to RDS Custom. # - # **Amazon Aurora** - # - # Not applicable. Storage is managed by the DB cluster. - # # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling @@ -4420,8 +4321,7 @@ class CreateDBInstanceMessage < Struct.new( # specified DB engine for a cross-Region read replica. # # Specifying a parameter group for this operation is only supported - # for MySQL and Oracle DB instances. It isn't supported for RDS - # Custom. + # for Oracle DB instances. It isn't supported for RDS Custom. # # Constraints: # @@ -4572,16 +4472,9 @@ class CreateDBInstanceMessage < Struct.new( # @return [String] # # @!attribute [rw] pre_signed_url - # When you are creating a read replica from one Amazon Web Services - # GovCloud (US) Region to another or from one China Amazon Web - # Services Region to another, the URL that contains a Signature - # Version 4 signed request for the `CreateDBInstanceReadReplica` API - # operation in the source Amazon Web Services Region that contains the - # source DB instance. - # - # This setting applies only to Amazon Web Services GovCloud (US) - # Regions and China Amazon Web Services Regions. It's ignored in - # other Amazon Web Services Regions. + # The URL that contains a Signature Version 4 signed request for the + # `CreateDBInstanceReadReplica` API action in the source Amazon Web + # Services Region that contains the source DB instance. # # You must specify this parameter when you create an encrypted read # replica from another Amazon Web Services Region by using the Amazon @@ -4589,7 +4482,7 @@ class CreateDBInstanceMessage < Struct.new( # encrypted read replica in the same Amazon Web Services Region. # # The presigned URL must be a valid request for the - # `CreateDBInstanceReadReplica` API operation that can run in the + # `CreateDBInstanceReadReplica` API action that can be executed in the # source Amazon Web Services Region that contains the encrypted source # DB instance. The presigned URL request must contain the following # parameter values: @@ -4597,24 +4490,24 @@ class CreateDBInstanceMessage < Struct.new( # * `DestinationRegion` - The Amazon Web Services Region that the # encrypted read replica is created in. This Amazon Web Services # Region is the same one where the `CreateDBInstanceReadReplica` - # operation is called that contains this presigned URL. + # action is called that contains this presigned URL. # # For example, if you create an encrypted DB instance in the # us-west-1 Amazon Web Services Region, from a source DB instance in # the us-east-2 Amazon Web Services Region, then you call the - # `CreateDBInstanceReadReplica` operation in the us-east-1 Amazon - # Web Services Region and provide a presigned URL that contains a - # call to the `CreateDBInstanceReadReplica` operation in the - # us-west-2 Amazon Web Services Region. For this example, the + # `CreateDBInstanceReadReplica` action in the us-east-1 Amazon Web + # Services Region and provide a presigned URL that contains a call + # to the `CreateDBInstanceReadReplica` action in the us-west-2 + # Amazon Web Services Region. For this example, the # `DestinationRegion` in the presigned URL must be set to the # us-east-1 Amazon Web Services Region. # - # * `KmsKeyId` - The KMS key identifier for the key to use to encrypt - # the read replica in the destination Amazon Web Services Region. - # This is the same identifier for both the - # `CreateDBInstanceReadReplica` operation that is called in the - # destination Amazon Web Services Region, and the operation - # contained in the presigned URL. + # * `KmsKeyId` - The Amazon Web Services KMS key identifier for the + # key to use to encrypt the read replica in the destination Amazon + # Web Services Region. This is the same identifier for both the + # `CreateDBInstanceReadReplica` action that is called in the + # destination Amazon Web Services Region, and the action contained + # in the presigned URL. # # * `SourceDBInstanceIdentifier` - The DB instance identifier for the # encrypted DB instance to be replicated. This identifier must be in @@ -4634,10 +4527,11 @@ class CreateDBInstanceMessage < Struct.new( # specify `SourceRegion` (or `--source-region` for the CLI) instead of # specifying `PreSignedUrl` manually. Specifying `SourceRegion` # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. + # operation that can be executed in the source Amazon Web Services + # Region. # - # `SourceRegion` isn't supported for SQL Server, because Amazon RDS - # for SQL Server doesn't support cross-Region read replicas. + # `SourceRegion` isn't supported for SQL Server, because SQL Server + # on Amazon RDS doesn't support cross-Region read replicas. # # # @@ -4696,27 +4590,8 @@ class CreateDBInstanceMessage < Struct.new( # @return [String] # # @!attribute [rw] performance_insights_retention_period - # The number of days to retain Performance Insights data. The default - # is 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @return [Integer] @@ -5647,7 +5522,7 @@ class CreateEventSubscriptionResult < Struct.new( # @return [Boolean] # # @!attribute [rw] database_name - # The name for your database of up to 64 alphanumeric characters. If + # The name for your database of up to 64 alpha-numeric characters. If # you do not provide a name, Amazon Aurora will not create a database # in the global database cluster you are creating. # @return [String] @@ -6258,24 +6133,8 @@ class CustomDBEngineVersionQuotaExceededFault < Aws::EmptyStructure; end # @return [String] # # @!attribute [rw] performance_insights_retention_period - # The number of days to retain Performance Insights data. The default - # is 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting is only for non-Aurora Multi-AZ DB clusters. # @return [Integer] @@ -7687,24 +7546,8 @@ class DBEngineVersionMessage < Struct.new( # @return [String] # # @!attribute [rw] performance_insights_retention_period - # The number of days to retain Performance Insights data. The default - # is 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # @return [Integer] # # @!attribute [rw] enabled_cloudwatch_logs_exports @@ -13450,12 +13293,8 @@ class EngineDefaults < Struct.new( include Aws::Structure end - # This data type is used as a response element in the - # [DescribeEvents][1] action. - # - # - # - # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEvents.html + # This data type is used as a response element in the `DescribeEvents` + # action. # # @!attribute [rw] source_identifier # Provides the identifier for the source of the event. @@ -13495,11 +13334,7 @@ class Event < Struct.new( end # Contains the results of a successful invocation of the - # [DescribeEventCategories][1] operation. - # - # - # - # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeEventCategories.html + # `DescribeEventCategories` operation. # # @!attribute [rw] source_type # The source type that the returned categories belong to @@ -15240,27 +15075,8 @@ class ModifyDBClusterEndpointMessage < Struct.new( # @return [String] # # @!attribute [rw] performance_insights_retention_period - # The number of days to retain Performance Insights data. The default - # is 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # Valid for: Multi-AZ DB clusters only # @return [Integer] @@ -15436,7 +15252,7 @@ class ModifyDBClusterResult < Struct.new( # `restore`. # # To view the list of attributes available to modify, use the - # DescribeDBClusterSnapshotAttributes API operation. + # DescribeDBClusterSnapshotAttributes API action. # # # @return [String] @@ -15585,11 +15401,10 @@ class ModifyDBClusterSnapshotAttributeResult < Struct.new( # # @!attribute [rw] db_instance_class # The new compute and memory capacity of the DB instance, for example - # db.m5.large. Not all DB instance classes are available in all Amazon + # db.m4.large. Not all DB instance classes are available in all Amazon # Web Services Regions, or for all database engines. For the full list # of DB instance classes, and availability for your engine, see [DB - # instance classes][1] in the *Amazon RDS User Guide* or [Aurora DB - # instance classes][2] in the *Amazon Aurora User Guide*. + # Instance Class][1] in the *Amazon RDS User Guide*. # # If you modify the DB instance class, an outage occurs during the # change. The change is applied during the next maintenance window, @@ -15602,7 +15417,6 @@ class ModifyDBClusterSnapshotAttributeResult < Struct.new( # # # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html - # [2]: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html # @return [String] # # @!attribute [rw] db_subnet_group_name @@ -15720,7 +15534,7 @@ class ModifyDBClusterSnapshotAttributeResult < Struct.new( # # Constraints: Must contain from 8 to 128 characters. # - # Amazon RDS API operations never return the password, so this action + # Amazon RDS API actions never return the password, so this action # provides a way to regain access to a primary instance user if the # password is lost. This includes restoring privileges that might have # been accidentally revoked. @@ -15775,8 +15589,8 @@ class ModifyDBClusterSnapshotAttributeResult < Struct.new( # Constraints: # # * It must be a value from 0 to 35. It can't be set to 0 if the DB - # instance is a source to read replicas. It can't be set to 0 for - # an RDS Custom for Oracle DB instance. + # instance is a source to read replicas. It can't be set to 0 or 35 + # for an RDS Custom for Oracle DB instance. # # * It can be specified for a MySQL read replica only if the source is # running MySQL 5.6 or later. @@ -16219,7 +16033,7 @@ class ModifyDBClusterSnapshotAttributeResult < Struct.new( # the DB instance. # # For more information, see [Using Amazon Performance Insights][1] in - # the *Amazon RDS User Guide*. + # the *Amazon RDS User Guide.*. # # This setting doesn't apply to RDS Custom. # @@ -16245,27 +16059,8 @@ class ModifyDBClusterSnapshotAttributeResult < Struct.new( # @return [String] # # @!attribute [rw] performance_insights_retention_period - # The number of days to retain Performance Insights data. The default - # is 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # # This setting doesn't apply to RDS Custom. # @return [Integer] @@ -16754,11 +16549,11 @@ class ModifyDBProxyResponse < Struct.new( # } # # @!attribute [rw] target_group_name - # The name of the target group to modify. + # The name of the new target group to assign to the proxy. # @return [String] # # @!attribute [rw] db_proxy_name - # The name of the proxy. + # The name of the new proxy to which to assign the target group. # @return [String] # # @!attribute [rw] connection_pool_config @@ -16817,7 +16612,7 @@ class ModifyDBProxyTargetGroupResponse < Struct.new( # copy or restore a manual DB snapshot, set this value to `restore`. # # To view the list of attributes available to modify, use the - # DescribeDBSnapshotAttributes API operation. + # DescribeDBSnapshotAttributes API action. # # # @return [String] @@ -19544,9 +19339,9 @@ class ResourcePendingMaintenanceActions < Struct.new( # @!attribute [rw] engine # The name of the database engine to be used for this DB cluster. # - # Valid Values: `aurora` (for MySQL 5.6-compatible Aurora) and + # Valid Values: `aurora` (for MySQL 5.6-compatible Aurora), # `aurora-mysql` (for MySQL 5.7-compatible and MySQL 8.0-compatible - # Aurora) + # Aurora), and `aurora-postgresql` # @return [String] # # @!attribute [rw] engine_version @@ -19565,10 +19360,20 @@ class ResourcePendingMaintenanceActions < Struct.new( # `aws rds describe-db-engine-versions --engine aurora-mysql --query # "DBEngineVersions[].EngineVersion"` # + # To list all of the available engine versions for + # `aurora-postgresql`, use the following command: + # + # `aws rds describe-db-engine-versions --engine aurora-postgresql + # --query "DBEngineVersions[].EngineVersion"` + # # **Aurora MySQL** # - # Example: `5.6.10a`, `5.6.mysql_aurora.1.19.2`, - # `5.7.mysql_aurora.2.07.1`, `8.0.mysql_aurora.3.02.0` + # Example: `5.6.10a`, `5.6.mysql_aurora.1.19.2`, `5.7.12`, + # `5.7.mysql_aurora.2.04.5`, `8.0.mysql_aurora.3.01.0` + # + # **Aurora PostgreSQL** + # + # Example: `9.6.3`, `10.7` # @return [String] # # @!attribute [rw] port @@ -20180,7 +19985,7 @@ class RestoreDBClusterFromS3Result < Struct.new( # # For more information about exporting CloudWatch Logs for Amazon RDS, # see [Publishing Database Logs to Amazon CloudWatch Logs][1] in the - # *Amazon RDS User Guide*. + # *Amazon RDS User Guide.*. # # For more information about exporting CloudWatch Logs for Amazon # Aurora, see [Publishing Database Logs to Amazon CloudWatch Logs][2] @@ -20699,7 +20504,7 @@ class RestoreDBClusterFromSnapshotResult < Struct.new( # # For more information about exporting CloudWatch Logs for Amazon RDS, # see [Publishing Database Logs to Amazon CloudWatch Logs][1] in the - # *Amazon RDS User Guide*. + # *Amazon RDS User Guide.*. # # For more information about exporting CloudWatch Logs for Amazon # Aurora, see [Publishing Database Logs to Amazon CloudWatch Logs][2] @@ -21921,7 +21726,7 @@ class RestoreDBInstanceFromDBSnapshotResult < Struct.new( # the DB instance. # # For more information, see [Using Amazon Performance Insights][1] in - # the *Amazon RDS User Guide*. + # the *Amazon RDS User Guide.*. # # # @@ -21943,27 +21748,8 @@ class RestoreDBInstanceFromDBSnapshotResult < Struct.new( # @return [String] # # @!attribute [rw] performance_insights_retention_period - # The number of days to retain Performance Insights data. The default - # is 7 days. The following values are valid: - # - # * 7 - # - # * *month* * 31, where *month* is a number of months from 1-23 - # - # * 731 - # - # For example, the following values are valid: - # - # * 93 (3 months * 31) - # - # * 341 (11 months * 31) - # - # * 589 (19 months * 31) - # - # * 731 - # - # If you specify a retention period such as 94, which isn't a valid - # value, RDS issues an error. + # The amount of time, in days, to retain Performance Insights data. + # Valid values are 7 or 731 (2 years). # @return [Integer] # # @!attribute [rw] enable_cloudwatch_logs_exports @@ -23298,35 +23084,13 @@ class StartDBClusterResult < Struct.new( # @return [String] # # @!attribute [rw] pre_signed_url - # In an Amazon Web Services GovCloud (US) Region, an URL that contains - # a Signature Version 4 signed request for the - # `StartDBInstanceAutomatedBackupsReplication` operation to call in + # A URL that contains a Signature Version 4 signed request for the + # StartDBInstanceAutomatedBackupsReplication action to be called in # the Amazon Web Services Region of the source DB instance. The # presigned URL must be a valid request for the - # `StartDBInstanceAutomatedBackupsReplication` API operation that can - # run in the Amazon Web Services Region that contains the source DB - # instance. - # - # This setting applies only to Amazon Web Services GovCloud (US) - # Regions. It's ignored in other Amazon Web Services Regions. - # - # To learn how to generate a Signature Version 4 signed request, see [ - # Authenticating Requests: Using Query Parameters (Amazon Web Services - # Signature Version 4)][1] and [ Signature Version 4 Signing - # Process][2]. - # - # If you are using an Amazon Web Services SDK tool or the CLI, you can - # specify `SourceRegion` (or `--source-region` for the CLI) instead of - # specifying `PreSignedUrl` manually. Specifying `SourceRegion` - # autogenerates a presigned URL that is a valid request for the - # operation that can run in the source Amazon Web Services Region. - # - # - # - # - # - # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html - # [2]: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html + # StartDBInstanceAutomatedBackupsReplication API action that can be + # executed in the Amazon Web Services Region that contains the source + # DB instance. # @return [String] # # @!attribute [rw] source_region @@ -24092,9 +23856,7 @@ class ValidStorageOptions < Struct.new( # @return [String] # # @!attribute [rw] status - # The membership status of the VPC security group. - # - # Currently, the only valid status is `active`. + # The status of the VPC security group. # @return [String] # # @see http://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/VpcSecurityGroupMembership AWS API Documentation diff --git a/gems/aws-sdk-rds/lib/aws-sdk-rds/waiters.rb b/gems/aws-sdk-rds/lib/aws-sdk-rds/waiters.rb index 48332b2bfca..8df71aa35a9 100644 --- a/gems/aws-sdk-rds/lib/aws-sdk-rds/waiters.rb +++ b/gems/aws-sdk-rds/lib/aws-sdk-rds/waiters.rb @@ -69,6 +69,8 @@ module Aws::RDS # # | waiter_name | params | :delay | :max_attempts | # | ----------------------------- | -------------------------------------- | -------- | ------------- | + # | db_cluster_available | {Client#describe_db_clusters} | 30 | 60 | + # | db_cluster_deleted | {Client#describe_db_clusters} | 30 | 60 | # | db_cluster_snapshot_available | {Client#describe_db_cluster_snapshots} | 30 | 60 | # | db_cluster_snapshot_deleted | {Client#describe_db_cluster_snapshots} | 30 | 60 | # | db_instance_available | {Client#describe_db_instances} | 30 | 60 | @@ -78,6 +80,141 @@ module Aws::RDS # module Waiters + class DBClusterAvailable + + # @param [Hash] options + # @option options [required, Client] :client + # @option options [Integer] :max_attempts (60) + # @option options [Integer] :delay (30) + # @option options [Proc] :before_attempt + # @option options [Proc] :before_wait + def initialize(options) + @client = options.fetch(:client) + @waiter = Aws::Waiters::Waiter.new({ + max_attempts: 60, + delay: 30, + poller: Aws::Waiters::Poller.new( + operation_name: :describe_db_clusters, + acceptors: [ + { + "expected" => "available", + "matcher" => "pathAll", + "state" => "success", + "argument" => "db_clusters[].status" + }, + { + "expected" => "deleted", + "matcher" => "pathAny", + "state" => "failure", + "argument" => "db_clusters[].status" + }, + { + "expected" => "deleting", + "matcher" => "pathAny", + "state" => "failure", + "argument" => "db_clusters[].status" + }, + { + "expected" => "failed", + "matcher" => "pathAny", + "state" => "failure", + "argument" => "db_clusters[].status" + }, + { + "expected" => "incompatible-restore", + "matcher" => "pathAny", + "state" => "failure", + "argument" => "db_clusters[].status" + }, + { + "expected" => "incompatible-parameters", + "matcher" => "pathAny", + "state" => "failure", + "argument" => "db_clusters[].status" + } + ] + ) + }.merge(options)) + end + + # @option (see Client#describe_db_clusters) + # @return (see Client#describe_db_clusters) + def wait(params = {}) + @waiter.wait(client: @client, params: params) + end + + # @api private + attr_reader :waiter + + end + + class DBClusterDeleted + + # @param [Hash] options + # @option options [required, Client] :client + # @option options [Integer] :max_attempts (60) + # @option options [Integer] :delay (30) + # @option options [Proc] :before_attempt + # @option options [Proc] :before_wait + def initialize(options) + @client = options.fetch(:client) + @waiter = Aws::Waiters::Waiter.new({ + max_attempts: 60, + delay: 30, + poller: Aws::Waiters::Poller.new( + operation_name: :describe_db_clusters, + acceptors: [ + { + "expected" => true, + "matcher" => "path", + "state" => "success", + "argument" => "length(db_clusters) == `0`" + }, + { + "expected" => "DBClusterNotFoundFault", + "matcher" => "error", + "state" => "success" + }, + { + "expected" => "creating", + "matcher" => "pathAny", + "state" => "failure", + "argument" => "db_clusters[].status" + }, + { + "expected" => "modifying", + "matcher" => "pathAny", + "state" => "failure", + "argument" => "db_clusters[].status" + }, + { + "expected" => "rebooting", + "matcher" => "pathAny", + "state" => "failure", + "argument" => "db_clusters[].status" + }, + { + "expected" => "resetting-master-credentials", + "matcher" => "pathAny", + "state" => "failure", + "argument" => "db_clusters[].status" + } + ] + ) + }.merge(options)) + end + + # @option (see Client#describe_db_clusters) + # @return (see Client#describe_db_clusters) + def wait(params = {}) + @waiter.wait(client: @client, params: params) + end + + # @api private + attr_reader :waiter + + end + class DBClusterSnapshotAvailable # @param [Hash] options diff --git a/gems/aws-sdk-resources/CHANGELOG.md b/gems/aws-sdk-resources/CHANGELOG.md index b0fc8bf57b0..eb1cfd262c7 100644 --- a/gems/aws-sdk-resources/CHANGELOG.md +++ b/gems/aws-sdk-resources/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +3.136.0 (2022-07-05) +------------------ + +* Feature - Added a dependency on the new `aws-sdk-rolesanywhere` gem. + 3.135.0 (2022-06-17) ------------------ diff --git a/gems/aws-sdk-resources/VERSION b/gems/aws-sdk-resources/VERSION index 2ab0dc8a78d..9846821604c 100644 --- a/gems/aws-sdk-resources/VERSION +++ b/gems/aws-sdk-resources/VERSION @@ -1 +1 @@ -3.135.0 +3.136.0 diff --git a/gems/aws-sdk-resources/aws-sdk-resources.gemspec b/gems/aws-sdk-resources/aws-sdk-resources.gemspec index d052a4bc196..98ae27556e2 100644 --- a/gems/aws-sdk-resources/aws-sdk-resources.gemspec +++ b/gems/aws-sdk-resources/aws-sdk-resources.gemspec @@ -264,6 +264,7 @@ Gem::Specification.new do |spec| spec.add_dependency('aws-sdk-resourcegroups', '~> 1') spec.add_dependency('aws-sdk-resourcegroupstaggingapi', '~> 1') spec.add_dependency('aws-sdk-robomaker', '~> 1') + spec.add_dependency('aws-sdk-rolesanywhere', '~> 1') spec.add_dependency('aws-sdk-route53', '~> 1') spec.add_dependency('aws-sdk-route53domains', '~> 1') spec.add_dependency('aws-sdk-route53recoverycluster', '~> 1') diff --git a/gems/aws-sdk-resources/lib/aws-sdk-resources.rb b/gems/aws-sdk-resources/lib/aws-sdk-resources.rb index f8c6c34c98b..c2f6c1e485c 100644 --- a/gems/aws-sdk-resources/lib/aws-sdk-resources.rb +++ b/gems/aws-sdk-resources/lib/aws-sdk-resources.rb @@ -254,6 +254,7 @@ module Aws autoload :ResourceGroups, 'aws-sdk-resourcegroups' autoload :ResourceGroupsTaggingAPI, 'aws-sdk-resourcegroupstaggingapi' autoload :RoboMaker, 'aws-sdk-robomaker' + autoload :RolesAnywhere, 'aws-sdk-rolesanywhere' autoload :Route53, 'aws-sdk-route53' autoload :Route53Domains, 'aws-sdk-route53domains' autoload :Route53RecoveryCluster, 'aws-sdk-route53recoverycluster' diff --git a/gems/aws-sdk-rolesanywhere/CHANGELOG.md b/gems/aws-sdk-rolesanywhere/CHANGELOG.md new file mode 100644 index 00000000000..649c9b496d6 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/CHANGELOG.md @@ -0,0 +1,8 @@ +Unreleased Changes +------------------ + +1.0.0 (2022-07-05) +------------------ + +* Feature - Initial release of `aws-sdk-rolesanywhere`. + diff --git a/gems/aws-sdk-rolesanywhere/LICENSE.txt b/gems/aws-sdk-rolesanywhere/LICENSE.txt new file mode 100644 index 00000000000..d6456956733 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/LICENSE.txt @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/gems/aws-sdk-rolesanywhere/VERSION b/gems/aws-sdk-rolesanywhere/VERSION new file mode 100644 index 00000000000..3eefcb9dd5b --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/VERSION @@ -0,0 +1 @@ +1.0.0 diff --git a/gems/aws-sdk-rolesanywhere/aws-sdk-rolesanywhere.gemspec b/gems/aws-sdk-rolesanywhere/aws-sdk-rolesanywhere.gemspec new file mode 100644 index 00000000000..b3587d001c8 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/aws-sdk-rolesanywhere.gemspec @@ -0,0 +1,32 @@ +# frozen_string_literal: true + +# WARNING ABOUT GENERATED CODE +# +# This file is generated. See the contributing guide for more information: +# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md +# +# WARNING ABOUT GENERATED CODE + +Gem::Specification.new do |spec| + + spec.name = 'aws-sdk-rolesanywhere' + spec.version = File.read(File.expand_path('../VERSION', __FILE__)).strip + spec.summary = 'AWS SDK for Ruby - IAM Roles Anywhere' + spec.description = 'Official AWS Ruby gem for IAM Roles Anywhere. This gem is part of the AWS SDK for Ruby.' + spec.author = 'Amazon Web Services' + spec.homepage = 'https://github.com/aws/aws-sdk-ruby' + spec.license = 'Apache-2.0' + spec.email = ['aws-dr-rubygems@amazon.com'] + spec.require_paths = ['lib'] + spec.files = Dir['LICENSE.txt', 'CHANGELOG.md', 'VERSION', 'lib/**/*.rb'] + + spec.metadata = { + 'source_code_uri' => 'https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-rolesanywhere', + 'changelog_uri' => 'https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-rolesanywhere/CHANGELOG.md' + } + + spec.add_dependency('aws-sdk-core', '~> 3', '>= 3.127.0') + spec.add_dependency('aws-sigv4', '~> 1.1') + + spec.required_ruby_version = '>= 2.3' +end diff --git a/gems/aws-sdk-rolesanywhere/features/env.rb b/gems/aws-sdk-rolesanywhere/features/env.rb new file mode 100644 index 00000000000..fd0ba26cfe7 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/features/env.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +# WARNING ABOUT GENERATED CODE +# +# This file is generated. See the contributing guide for more information: +# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md +# +# WARNING ABOUT GENERATED CODE + +$:.unshift(File.expand_path('../../lib', __FILE__)) +$:.unshift(File.expand_path('../../../aws-sdk-core/features', __FILE__)) +$:.unshift(File.expand_path('../../../aws-sdk-core/lib', __FILE__)) +$:.unshift(File.expand_path('../../../aws-sigv4/lib', __FILE__)) + +require 'features_helper' +require 'aws-sdk-rolesanywhere' + +Aws::RolesAnywhere::Client.add_plugin(ApiCallTracker) diff --git a/gems/aws-sdk-rolesanywhere/features/step_definitions.rb b/gems/aws-sdk-rolesanywhere/features/step_definitions.rb new file mode 100644 index 00000000000..d5847700a19 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/features/step_definitions.rb @@ -0,0 +1,8 @@ +Before("@rolesanywhere") do + @service = Aws::RolesAnywhere::Resource.new + @client = @service.client +end + +After("@rolesanywhere") do + # shared cleanup logic +end diff --git a/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere.rb b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere.rb new file mode 100644 index 00000000000..b900b3f75d7 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere.rb @@ -0,0 +1,53 @@ +# frozen_string_literal: true + +# WARNING ABOUT GENERATED CODE +# +# This file is generated. See the contributing guide for more information: +# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md +# +# WARNING ABOUT GENERATED CODE + + +require 'aws-sdk-core' +require 'aws-sigv4' + +require_relative 'aws-sdk-rolesanywhere/types' +require_relative 'aws-sdk-rolesanywhere/client_api' +require_relative 'aws-sdk-rolesanywhere/client' +require_relative 'aws-sdk-rolesanywhere/errors' +require_relative 'aws-sdk-rolesanywhere/resource' +require_relative 'aws-sdk-rolesanywhere/customizations' + +# This module provides support for IAM Roles Anywhere. This module is available in the +# `aws-sdk-rolesanywhere` gem. +# +# # Client +# +# The {Client} class provides one method for each API operation. Operation +# methods each accept a hash of request parameters and return a response +# structure. +# +# roles_anywhere = Aws::RolesAnywhere::Client.new +# resp = roles_anywhere.create_profile(params) +# +# See {Client} for more information. +# +# # Errors +# +# Errors returned from IAM Roles Anywhere are defined in the +# {Errors} module and all extend {Errors::ServiceError}. +# +# begin +# # do stuff +# rescue Aws::RolesAnywhere::Errors::ServiceError +# # rescues all IAM Roles Anywhere API errors +# end +# +# See {Errors} for more information. +# +# @!group service +module Aws::RolesAnywhere + + GEM_VERSION = '1.0.0' + +end diff --git a/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/client.rb b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/client.rb new file mode 100644 index 00000000000..2d7e144ac8d --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/client.rb @@ -0,0 +1,1627 @@ +# frozen_string_literal: true + +# WARNING ABOUT GENERATED CODE +# +# This file is generated. See the contributing guide for more information: +# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md +# +# WARNING ABOUT GENERATED CODE + +require 'seahorse/client/plugins/content_length.rb' +require 'aws-sdk-core/plugins/credentials_configuration.rb' +require 'aws-sdk-core/plugins/logging.rb' +require 'aws-sdk-core/plugins/param_converter.rb' +require 'aws-sdk-core/plugins/param_validator.rb' +require 'aws-sdk-core/plugins/user_agent.rb' +require 'aws-sdk-core/plugins/helpful_socket_errors.rb' +require 'aws-sdk-core/plugins/retry_errors.rb' +require 'aws-sdk-core/plugins/global_configuration.rb' +require 'aws-sdk-core/plugins/regional_endpoint.rb' +require 'aws-sdk-core/plugins/endpoint_discovery.rb' +require 'aws-sdk-core/plugins/endpoint_pattern.rb' +require 'aws-sdk-core/plugins/response_paging.rb' +require 'aws-sdk-core/plugins/stub_responses.rb' +require 'aws-sdk-core/plugins/idempotency_token.rb' +require 'aws-sdk-core/plugins/jsonvalue_converter.rb' +require 'aws-sdk-core/plugins/client_metrics_plugin.rb' +require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb' +require 'aws-sdk-core/plugins/transfer_encoding.rb' +require 'aws-sdk-core/plugins/http_checksum.rb' +require 'aws-sdk-core/plugins/checksum_algorithm.rb' +require 'aws-sdk-core/plugins/defaults_mode.rb' +require 'aws-sdk-core/plugins/recursion_detection.rb' +require 'aws-sdk-core/plugins/signature_v4.rb' +require 'aws-sdk-core/plugins/protocols/rest_json.rb' + +Aws::Plugins::GlobalConfiguration.add_identifier(:rolesanywhere) + +module Aws::RolesAnywhere + # An API client for RolesAnywhere. To construct a client, you need to configure a `:region` and `:credentials`. + # + # client = Aws::RolesAnywhere::Client.new( + # region: region_name, + # credentials: credentials, + # # ... + # ) + # + # For details on configuring region and credentials see + # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html). + # + # See {#initialize} for a full list of supported configuration options. + class Client < Seahorse::Client::Base + + include Aws::ClientStubs + + @identifier = :rolesanywhere + + set_api(ClientApi::API) + + add_plugin(Seahorse::Client::Plugins::ContentLength) + add_plugin(Aws::Plugins::CredentialsConfiguration) + add_plugin(Aws::Plugins::Logging) + add_plugin(Aws::Plugins::ParamConverter) + add_plugin(Aws::Plugins::ParamValidator) + add_plugin(Aws::Plugins::UserAgent) + add_plugin(Aws::Plugins::HelpfulSocketErrors) + add_plugin(Aws::Plugins::RetryErrors) + add_plugin(Aws::Plugins::GlobalConfiguration) + add_plugin(Aws::Plugins::RegionalEndpoint) + add_plugin(Aws::Plugins::EndpointDiscovery) + add_plugin(Aws::Plugins::EndpointPattern) + add_plugin(Aws::Plugins::ResponsePaging) + add_plugin(Aws::Plugins::StubResponses) + add_plugin(Aws::Plugins::IdempotencyToken) + add_plugin(Aws::Plugins::JsonvalueConverter) + add_plugin(Aws::Plugins::ClientMetricsPlugin) + add_plugin(Aws::Plugins::ClientMetricsSendPlugin) + add_plugin(Aws::Plugins::TransferEncoding) + add_plugin(Aws::Plugins::HttpChecksum) + add_plugin(Aws::Plugins::ChecksumAlgorithm) + add_plugin(Aws::Plugins::DefaultsMode) + add_plugin(Aws::Plugins::RecursionDetection) + add_plugin(Aws::Plugins::SignatureV4) + add_plugin(Aws::Plugins::Protocols::RestJson) + + # @overload initialize(options) + # @param [Hash] options + # @option options [required, Aws::CredentialProvider] :credentials + # Your AWS credentials. This can be an instance of any one of the + # following classes: + # + # * `Aws::Credentials` - Used for configuring static, non-refreshing + # credentials. + # + # * `Aws::SharedCredentials` - Used for loading static credentials from a + # shared file, such as `~/.aws/config`. + # + # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role. + # + # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to + # assume a role after providing credentials via the web. + # + # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an + # access token generated from `aws login`. + # + # * `Aws::ProcessCredentials` - Used for loading credentials from a + # process that outputs to stdout. + # + # * `Aws::InstanceProfileCredentials` - Used for loading credentials + # from an EC2 IMDS on an EC2 instance. + # + # * `Aws::ECSCredentials` - Used for loading credentials from + # instances running in ECS. + # + # * `Aws::CognitoIdentityCredentials` - Used for loading credentials + # from the Cognito Identity service. + # + # When `:credentials` are not configured directly, the following + # locations will be searched for credentials: + # + # * `Aws.config[:credentials]` + # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options. + # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'] + # * `~/.aws/credentials` + # * `~/.aws/config` + # * EC2/ECS IMDS instance profile - When used by default, the timeouts + # are very aggressive. Construct and pass an instance of + # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to + # enable retries and extended timeouts. Instance profile credential + # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED'] + # to true. + # + # @option options [required, String] :region + # The AWS region to connect to. The configured `:region` is + # used to determine the service `:endpoint`. When not passed, + # a default `:region` is searched for in the following locations: + # + # * `Aws.config[:region]` + # * `ENV['AWS_REGION']` + # * `ENV['AMAZON_REGION']` + # * `ENV['AWS_DEFAULT_REGION']` + # * `~/.aws/credentials` + # * `~/.aws/config` + # + # @option options [String] :access_key_id + # + # @option options [Boolean] :active_endpoint_cache (false) + # When set to `true`, a thread polling for endpoints will be running in + # the background every 60 secs (default). Defaults to `false`. + # + # @option options [Boolean] :adaptive_retry_wait_to_fill (true) + # Used only in `adaptive` retry mode. When true, the request will sleep + # until there is sufficent client side capacity to retry the request. + # When false, the request will raise a `RetryCapacityNotAvailableError` and will + # not retry instead of sleeping. + # + # @option options [Boolean] :client_side_monitoring (false) + # When `true`, client-side metrics will be collected for all API requests from + # this client. + # + # @option options [String] :client_side_monitoring_client_id ("") + # Allows you to provide an identifier for this client which will be attached to + # all generated client side metrics. Defaults to an empty string. + # + # @option options [String] :client_side_monitoring_host ("127.0.0.1") + # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client + # side monitoring agent is running on, where client metrics will be published via UDP. + # + # @option options [Integer] :client_side_monitoring_port (31000) + # Required for publishing client metrics. The port that the client side monitoring + # agent is running on, where client metrics will be published via UDP. + # + # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher) + # Allows you to provide a custom client-side monitoring publisher class. By default, + # will use the Client Side Monitoring Agent Publisher. + # + # @option options [Boolean] :convert_params (true) + # When `true`, an attempt is made to coerce request parameters into + # the required types. + # + # @option options [Boolean] :correct_clock_skew (true) + # Used only in `standard` and adaptive retry modes. Specifies whether to apply + # a clock skew correction and retry requests with skewed client clocks. + # + # @option options [String] :defaults_mode ("legacy") + # See {Aws::DefaultsModeConfiguration} for a list of the + # accepted modes and the configuration defaults that are included. + # + # @option options [Boolean] :disable_host_prefix_injection (false) + # Set to true to disable SDK automatically adding host prefix + # to default service endpoint when available. + # + # @option options [String] :endpoint + # The client endpoint is normally constructed from the `:region` + # option. You should only configure an `:endpoint` when connecting + # to test or custom endpoints. This should be a valid HTTP(S) URI. + # + # @option options [Integer] :endpoint_cache_max_entries (1000) + # Used for the maximum size limit of the LRU cache storing endpoints data + # for endpoint discovery enabled operations. Defaults to 1000. + # + # @option options [Integer] :endpoint_cache_max_threads (10) + # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10. + # + # @option options [Integer] :endpoint_cache_poll_interval (60) + # When :endpoint_discovery and :active_endpoint_cache is enabled, + # Use this option to config the time interval in seconds for making + # requests fetching endpoints information. Defaults to 60 sec. + # + # @option options [Boolean] :endpoint_discovery (false) + # When set to `true`, endpoint discovery will be enabled for operations when available. + # + # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default) + # The log formatter. + # + # @option options [Symbol] :log_level (:info) + # The log level to send messages to the `:logger` at. + # + # @option options [Logger] :logger + # The Logger instance to send log messages to. If this option + # is not set, logging will be disabled. + # + # @option options [Integer] :max_attempts (3) + # An integer representing the maximum number attempts that will be made for + # a single request, including the initial attempt. For example, + # setting this value to 5 will result in a request being retried up to + # 4 times. Used in `standard` and `adaptive` retry modes. + # + # @option options [String] :profile ("default") + # Used when loading credentials from the shared credentials file + # at HOME/.aws/credentials. When not specified, 'default' is used. + # + # @option options [Proc] :retry_backoff + # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay. + # This option is only used in the `legacy` retry mode. + # + # @option options [Float] :retry_base_delay (0.3) + # The base delay in seconds used by the default backoff function. This option + # is only used in the `legacy` retry mode. + # + # @option options [Symbol] :retry_jitter (:none) + # A delay randomiser function used by the default backoff function. + # Some predefined functions can be referenced by name - :none, :equal, :full, + # otherwise a Proc that takes and returns a number. This option is only used + # in the `legacy` retry mode. + # + # @see https://www.awsarchitectureblog.com/2015/03/backoff.html + # + # @option options [Integer] :retry_limit (3) + # The maximum number of times to retry failed requests. Only + # ~ 500 level server errors and certain ~ 400 level client errors + # are retried. Generally, these are throttling errors, data + # checksum errors, networking errors, timeout errors, auth errors, + # endpoint discovery, and errors from expired credentials. + # This option is only used in the `legacy` retry mode. + # + # @option options [Integer] :retry_max_delay (0) + # The maximum number of seconds to delay between retries (0 for no limit) + # used by the default backoff function. This option is only used in the + # `legacy` retry mode. + # + # @option options [String] :retry_mode ("legacy") + # Specifies which retry algorithm to use. Values are: + # + # * `legacy` - The pre-existing retry behavior. This is default value if + # no retry mode is provided. + # + # * `standard` - A standardized set of retry rules across the AWS SDKs. + # This includes support for retry quotas, which limit the number of + # unsuccessful retries a client can make. + # + # * `adaptive` - An experimental retry mode that includes all the + # functionality of `standard` mode along with automatic client side + # throttling. This is a provisional mode that may change behavior + # in the future. + # + # + # @option options [String] :secret_access_key + # + # @option options [String] :session_token + # + # @option options [Boolean] :stub_responses (false) + # Causes the client to return stubbed responses. By default + # fake responses are generated and returned. You can specify + # the response data to return or errors to raise by calling + # {ClientStubs#stub_responses}. See {ClientStubs} for more information. + # + # ** Please note ** When response stubbing is enabled, no HTTP + # requests are made, and retries are disabled. + # + # @option options [Boolean] :use_dualstack_endpoint + # When set to `true`, dualstack enabled endpoints (with `.aws` TLD) + # will be used if available. + # + # @option options [Boolean] :use_fips_endpoint + # When set to `true`, fips compatible endpoints will be used if available. + # When a `fips` region is used, the region is normalized and this config + # is set to `true`. + # + # @option options [Boolean] :validate_params (true) + # When `true`, request parameters are validated before + # sending the request. + # + # @option options [URI::HTTP,String] :http_proxy A proxy to send + # requests through. Formatted like 'http://proxy.com:123'. + # + # @option options [Float] :http_open_timeout (15) The number of + # seconds to wait when opening a HTTP session before raising a + # `Timeout::Error`. + # + # @option options [Float] :http_read_timeout (60) The default + # number of seconds to wait for response data. This value can + # safely be set per-request on the session. + # + # @option options [Float] :http_idle_timeout (5) The number of + # seconds a connection is allowed to sit idle before it is + # considered stale. Stale connections are closed and removed + # from the pool before making a request. + # + # @option options [Float] :http_continue_timeout (1) The number of + # seconds to wait for a 100-continue response before sending the + # request body. This option has no effect unless the request has + # "Expect" header set to "100-continue". Defaults to `nil` which + # disables this behaviour. This value can safely be set per + # request on the session. + # + # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout + # in seconds. + # + # @option options [Boolean] :http_wire_trace (false) When `true`, + # HTTP debug output will be sent to the `:logger`. + # + # @option options [Boolean] :ssl_verify_peer (true) When `true`, + # SSL peer certificates are verified when establishing a + # connection. + # + # @option options [String] :ssl_ca_bundle Full path to the SSL + # certificate authority bundle file that should be used when + # verifying peer certificates. If you do not pass + # `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default + # will be used if available. + # + # @option options [String] :ssl_ca_directory Full path of the + # directory that contains the unbundled SSL certificate + # authority files for verifying peer certificates. If you do + # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the + # system default will be used if available. + # + def initialize(*args) + super + end + + # @!group API Operations + + # Creates a profile. A profile is configuration resource to list the + # roles that RolesAnywhere service is trusted to assume. In addition, by + # applying a profile you can intersect permissions with IAM managed + # policies. + # + # Required permissions: `rolesanywhere:CreateProfile`. + # + # @option params [Integer] :duration_seconds + # The number of seconds the vended session credentials are valid for. + # + # @option params [Boolean] :enabled + # Specifies whether the profile is enabled. + # + # @option params [Array] :managed_policy_arns + # A list of managed policy ARNs that apply to the vended session + # credentials. + # + # @option params [required, String] :name + # The name of the profile. + # + # @option params [Boolean] :require_instance_properties + # Specifies whether instance properties are required in + # [CreateSession][1] requests with this profile. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # + # @option params [required, Array] :role_arns + # A list of IAM roles that this profile can assume in a + # [CreateSession][1] operation. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # + # @option params [String] :session_policy + # A session policy that applies to the trust boundary of the vended + # session credentials. + # + # @option params [Array] :tags + # The tags to attach to the profile. + # + # @return [Types::ProfileDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ProfileDetailResponse#profile #profile} => Types::ProfileDetail + # + # @example Request syntax with placeholder values + # + # resp = client.create_profile({ + # duration_seconds: 1, + # enabled: false, + # managed_policy_arns: ["ManagedPolicyListMemberString"], + # name: "ResourceName", # required + # require_instance_properties: false, + # role_arns: ["RoleArn"], # required + # session_policy: "String", + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # }) + # + # @example Response structure + # + # resp.profile.created_at #=> Time + # resp.profile.created_by #=> String + # resp.profile.duration_seconds #=> Integer + # resp.profile.enabled #=> Boolean + # resp.profile.managed_policy_arns #=> Array + # resp.profile.managed_policy_arns[0] #=> String + # resp.profile.name #=> String + # resp.profile.profile_arn #=> String + # resp.profile.profile_id #=> String + # resp.profile.require_instance_properties #=> Boolean + # resp.profile.role_arns #=> Array + # resp.profile.role_arns[0] #=> String + # resp.profile.session_policy #=> String + # resp.profile.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/CreateProfile AWS API Documentation + # + # @overload create_profile(params = {}) + # @param [Hash] params ({}) + def create_profile(params = {}, options = {}) + req = build_request(:create_profile, params) + req.send_request(options) + end + + # Creates a trust anchor. You establish trust between IAM Roles Anywhere + # and your certificate authority (CA) by configuring a trust anchor. A + # Trust Anchor is defined either as a reference to a AWS Certificate + # Manager Private Certificate Authority (ACM PCA), or by uploading a + # Certificate Authority (CA) certificate. Your AWS workloads can + # authenticate with the trust anchor using certificates issued by the + # trusted Certificate Authority (CA) in exchange for temporary AWS + # credentials. + # + # Required permissions: `rolesanywhere:CreateTrustAnchor`. + # + # @option params [Boolean] :enabled + # Specifies whether the trust anchor is enabled. + # + # @option params [required, String] :name + # The name of the trust anchor. + # + # @option params [required, Types::Source] :source + # The trust anchor type and its related certificate data. + # + # @option params [Array] :tags + # The tags to attach to the trust anchor. + # + # @return [Types::TrustAnchorDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::TrustAnchorDetailResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail + # + # @example Request syntax with placeholder values + # + # resp = client.create_trust_anchor({ + # enabled: false, + # name: "ResourceName", # required + # source: { # required + # source_data: { + # acm_pca_arn: "String", + # x509_certificate_data: "String", + # }, + # source_type: "AWS_ACM_PCA", # accepts AWS_ACM_PCA, CERTIFICATE_BUNDLE, SELF_SIGNED_REPOSITORY + # }, + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # }) + # + # @example Response structure + # + # resp.trust_anchor.created_at #=> Time + # resp.trust_anchor.enabled #=> Boolean + # resp.trust_anchor.name #=> String + # resp.trust_anchor.source.source_data.acm_pca_arn #=> String + # resp.trust_anchor.source.source_data.x509_certificate_data #=> String + # resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY" + # resp.trust_anchor.trust_anchor_arn #=> String + # resp.trust_anchor.trust_anchor_id #=> String + # resp.trust_anchor.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/CreateTrustAnchor AWS API Documentation + # + # @overload create_trust_anchor(params = {}) + # @param [Hash] params ({}) + def create_trust_anchor(params = {}, options = {}) + req = build_request(:create_trust_anchor, params) + req.send_request(options) + end + + # Deletes a certificate revocation list (CRL). + # + # Required permissions: `rolesanywhere:DeleteCrl`. + # + # @option params [required, String] :crl_id + # The unique identifier of the certificate revocation list (CRL). + # + # @return [Types::CrlDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CrlDetailResponse#crl #crl} => Types::CrlDetail + # + # @example Request syntax with placeholder values + # + # resp = client.delete_crl({ + # crl_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.crl.created_at #=> Time + # resp.crl.crl_arn #=> String + # resp.crl.crl_data #=> String + # resp.crl.crl_id #=> String + # resp.crl.enabled #=> Boolean + # resp.crl.name #=> String + # resp.crl.trust_anchor_arn #=> String + # resp.crl.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/DeleteCrl AWS API Documentation + # + # @overload delete_crl(params = {}) + # @param [Hash] params ({}) + def delete_crl(params = {}, options = {}) + req = build_request(:delete_crl, params) + req.send_request(options) + end + + # Deletes a profile. + # + # Required permissions: `rolesanywhere:DeleteProfile`. + # + # @option params [required, String] :profile_id + # The unique identifier of the profile. + # + # @return [Types::ProfileDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ProfileDetailResponse#profile #profile} => Types::ProfileDetail + # + # @example Request syntax with placeholder values + # + # resp = client.delete_profile({ + # profile_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.profile.created_at #=> Time + # resp.profile.created_by #=> String + # resp.profile.duration_seconds #=> Integer + # resp.profile.enabled #=> Boolean + # resp.profile.managed_policy_arns #=> Array + # resp.profile.managed_policy_arns[0] #=> String + # resp.profile.name #=> String + # resp.profile.profile_arn #=> String + # resp.profile.profile_id #=> String + # resp.profile.require_instance_properties #=> Boolean + # resp.profile.role_arns #=> Array + # resp.profile.role_arns[0] #=> String + # resp.profile.session_policy #=> String + # resp.profile.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/DeleteProfile AWS API Documentation + # + # @overload delete_profile(params = {}) + # @param [Hash] params ({}) + def delete_profile(params = {}, options = {}) + req = build_request(:delete_profile, params) + req.send_request(options) + end + + # Deletes a trust anchor. + # + # Required permissions: `rolesanywhere:DeleteTrustAnchor`. + # + # @option params [required, String] :trust_anchor_id + # The unique identifier of the trust anchor. + # + # @return [Types::TrustAnchorDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::TrustAnchorDetailResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail + # + # @example Request syntax with placeholder values + # + # resp = client.delete_trust_anchor({ + # trust_anchor_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.trust_anchor.created_at #=> Time + # resp.trust_anchor.enabled #=> Boolean + # resp.trust_anchor.name #=> String + # resp.trust_anchor.source.source_data.acm_pca_arn #=> String + # resp.trust_anchor.source.source_data.x509_certificate_data #=> String + # resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY" + # resp.trust_anchor.trust_anchor_arn #=> String + # resp.trust_anchor.trust_anchor_id #=> String + # resp.trust_anchor.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/DeleteTrustAnchor AWS API Documentation + # + # @overload delete_trust_anchor(params = {}) + # @param [Hash] params ({}) + def delete_trust_anchor(params = {}, options = {}) + req = build_request(:delete_trust_anchor, params) + req.send_request(options) + end + + # Disables a certificate revocation list (CRL). + # + # Required permissions: `rolesanywhere:DisableCrl`. + # + # @option params [required, String] :crl_id + # The unique identifier of the certificate revocation list (CRL). + # + # @return [Types::CrlDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CrlDetailResponse#crl #crl} => Types::CrlDetail + # + # @example Request syntax with placeholder values + # + # resp = client.disable_crl({ + # crl_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.crl.created_at #=> Time + # resp.crl.crl_arn #=> String + # resp.crl.crl_data #=> String + # resp.crl.crl_id #=> String + # resp.crl.enabled #=> Boolean + # resp.crl.name #=> String + # resp.crl.trust_anchor_arn #=> String + # resp.crl.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/DisableCrl AWS API Documentation + # + # @overload disable_crl(params = {}) + # @param [Hash] params ({}) + def disable_crl(params = {}, options = {}) + req = build_request(:disable_crl, params) + req.send_request(options) + end + + # Disables a profile. When disabled, [CreateSession][1] requests with + # this profile fail. + # + # Required permissions: `rolesanywhere:DisableProfile`. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # + # @option params [required, String] :profile_id + # The unique identifier of the profile. + # + # @return [Types::ProfileDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ProfileDetailResponse#profile #profile} => Types::ProfileDetail + # + # @example Request syntax with placeholder values + # + # resp = client.disable_profile({ + # profile_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.profile.created_at #=> Time + # resp.profile.created_by #=> String + # resp.profile.duration_seconds #=> Integer + # resp.profile.enabled #=> Boolean + # resp.profile.managed_policy_arns #=> Array + # resp.profile.managed_policy_arns[0] #=> String + # resp.profile.name #=> String + # resp.profile.profile_arn #=> String + # resp.profile.profile_id #=> String + # resp.profile.require_instance_properties #=> Boolean + # resp.profile.role_arns #=> Array + # resp.profile.role_arns[0] #=> String + # resp.profile.session_policy #=> String + # resp.profile.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/DisableProfile AWS API Documentation + # + # @overload disable_profile(params = {}) + # @param [Hash] params ({}) + def disable_profile(params = {}, options = {}) + req = build_request(:disable_profile, params) + req.send_request(options) + end + + # Disables a trust anchor. When disabled, [CreateSession][1] requests + # specifying this trust anchor are unauthorized. + # + # Required permissions: `rolesanywhere:DisableTrustAnchor`. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # + # @option params [required, String] :trust_anchor_id + # The unique identifier of the trust anchor. + # + # @return [Types::TrustAnchorDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::TrustAnchorDetailResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail + # + # @example Request syntax with placeholder values + # + # resp = client.disable_trust_anchor({ + # trust_anchor_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.trust_anchor.created_at #=> Time + # resp.trust_anchor.enabled #=> Boolean + # resp.trust_anchor.name #=> String + # resp.trust_anchor.source.source_data.acm_pca_arn #=> String + # resp.trust_anchor.source.source_data.x509_certificate_data #=> String + # resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY" + # resp.trust_anchor.trust_anchor_arn #=> String + # resp.trust_anchor.trust_anchor_id #=> String + # resp.trust_anchor.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/DisableTrustAnchor AWS API Documentation + # + # @overload disable_trust_anchor(params = {}) + # @param [Hash] params ({}) + def disable_trust_anchor(params = {}, options = {}) + req = build_request(:disable_trust_anchor, params) + req.send_request(options) + end + + # Enables a certificate revocation list (CRL). When enabled, + # certificates stored in the CRL are unauthorized to receive session + # credentials. + # + # Required permissions: `rolesanywhere:EnableCrl`. + # + # @option params [required, String] :crl_id + # The unique identifier of the certificate revocation list (CRL). + # + # @return [Types::CrlDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CrlDetailResponse#crl #crl} => Types::CrlDetail + # + # @example Request syntax with placeholder values + # + # resp = client.enable_crl({ + # crl_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.crl.created_at #=> Time + # resp.crl.crl_arn #=> String + # resp.crl.crl_data #=> String + # resp.crl.crl_id #=> String + # resp.crl.enabled #=> Boolean + # resp.crl.name #=> String + # resp.crl.trust_anchor_arn #=> String + # resp.crl.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/EnableCrl AWS API Documentation + # + # @overload enable_crl(params = {}) + # @param [Hash] params ({}) + def enable_crl(params = {}, options = {}) + req = build_request(:enable_crl, params) + req.send_request(options) + end + + # Enables the roles in a profile to receive session credentials in + # [CreateSession][1]. + # + # Required permissions: `rolesanywhere:EnableProfile`. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # + # @option params [required, String] :profile_id + # The unique identifier of the profile. + # + # @return [Types::ProfileDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ProfileDetailResponse#profile #profile} => Types::ProfileDetail + # + # @example Request syntax with placeholder values + # + # resp = client.enable_profile({ + # profile_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.profile.created_at #=> Time + # resp.profile.created_by #=> String + # resp.profile.duration_seconds #=> Integer + # resp.profile.enabled #=> Boolean + # resp.profile.managed_policy_arns #=> Array + # resp.profile.managed_policy_arns[0] #=> String + # resp.profile.name #=> String + # resp.profile.profile_arn #=> String + # resp.profile.profile_id #=> String + # resp.profile.require_instance_properties #=> Boolean + # resp.profile.role_arns #=> Array + # resp.profile.role_arns[0] #=> String + # resp.profile.session_policy #=> String + # resp.profile.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/EnableProfile AWS API Documentation + # + # @overload enable_profile(params = {}) + # @param [Hash] params ({}) + def enable_profile(params = {}, options = {}) + req = build_request(:enable_profile, params) + req.send_request(options) + end + + # Enables a trust anchor. When enabled, certificates in the trust anchor + # chain are authorized for trust validation. + # + # Required permissions: `rolesanywhere:EnableTrustAnchor`. + # + # @option params [required, String] :trust_anchor_id + # The unique identifier of the trust anchor. + # + # @return [Types::TrustAnchorDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::TrustAnchorDetailResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail + # + # @example Request syntax with placeholder values + # + # resp = client.enable_trust_anchor({ + # trust_anchor_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.trust_anchor.created_at #=> Time + # resp.trust_anchor.enabled #=> Boolean + # resp.trust_anchor.name #=> String + # resp.trust_anchor.source.source_data.acm_pca_arn #=> String + # resp.trust_anchor.source.source_data.x509_certificate_data #=> String + # resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY" + # resp.trust_anchor.trust_anchor_arn #=> String + # resp.trust_anchor.trust_anchor_id #=> String + # resp.trust_anchor.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/EnableTrustAnchor AWS API Documentation + # + # @overload enable_trust_anchor(params = {}) + # @param [Hash] params ({}) + def enable_trust_anchor(params = {}, options = {}) + req = build_request(:enable_trust_anchor, params) + req.send_request(options) + end + + # Gets a certificate revocation list (CRL). + # + # Required permissions: `rolesanywhere:GetCrl`. + # + # @option params [required, String] :crl_id + # The unique identifier of the certificate revocation list (CRL). + # + # @return [Types::CrlDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CrlDetailResponse#crl #crl} => Types::CrlDetail + # + # @example Request syntax with placeholder values + # + # resp = client.get_crl({ + # crl_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.crl.created_at #=> Time + # resp.crl.crl_arn #=> String + # resp.crl.crl_data #=> String + # resp.crl.crl_id #=> String + # resp.crl.enabled #=> Boolean + # resp.crl.name #=> String + # resp.crl.trust_anchor_arn #=> String + # resp.crl.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/GetCrl AWS API Documentation + # + # @overload get_crl(params = {}) + # @param [Hash] params ({}) + def get_crl(params = {}, options = {}) + req = build_request(:get_crl, params) + req.send_request(options) + end + + # Gets a profile. + # + # Required permissions: `rolesanywhere:GetProfile`. + # + # @option params [required, String] :profile_id + # The unique identifier of the profile. + # + # @return [Types::ProfileDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ProfileDetailResponse#profile #profile} => Types::ProfileDetail + # + # @example Request syntax with placeholder values + # + # resp = client.get_profile({ + # profile_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.profile.created_at #=> Time + # resp.profile.created_by #=> String + # resp.profile.duration_seconds #=> Integer + # resp.profile.enabled #=> Boolean + # resp.profile.managed_policy_arns #=> Array + # resp.profile.managed_policy_arns[0] #=> String + # resp.profile.name #=> String + # resp.profile.profile_arn #=> String + # resp.profile.profile_id #=> String + # resp.profile.require_instance_properties #=> Boolean + # resp.profile.role_arns #=> Array + # resp.profile.role_arns[0] #=> String + # resp.profile.session_policy #=> String + # resp.profile.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/GetProfile AWS API Documentation + # + # @overload get_profile(params = {}) + # @param [Hash] params ({}) + def get_profile(params = {}, options = {}) + req = build_request(:get_profile, params) + req.send_request(options) + end + + # Gets a Subject. A Subject associates a certificate identity with + # authentication attempts by CreateSession. The Subject resources stores + # audit information such as status of the last authentication attempt, + # the certificate data used in the attempt, and the last time the + # associated identity attempted authentication. + # + # Required permissions: `rolesanywhere:GetSubject`. + # + # @option params [required, String] :subject_id + # The unique identifier of the subject. + # + # @return [Types::SubjectDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::SubjectDetailResponse#subject #subject} => Types::SubjectDetail + # + # @example Request syntax with placeholder values + # + # resp = client.get_subject({ + # subject_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.subject.created_at #=> Time + # resp.subject.credentials #=> Array + # resp.subject.credentials[0].enabled #=> Boolean + # resp.subject.credentials[0].failed #=> Boolean + # resp.subject.credentials[0].issuer #=> String + # resp.subject.credentials[0].seen_at #=> Time + # resp.subject.credentials[0].serial_number #=> String + # resp.subject.credentials[0].x509_certificate_data #=> String + # resp.subject.enabled #=> Boolean + # resp.subject.instance_properties #=> Array + # resp.subject.instance_properties[0].failed #=> Boolean + # resp.subject.instance_properties[0].properties #=> Hash + # resp.subject.instance_properties[0].properties["InstancePropertyMapKeyString"] #=> String + # resp.subject.instance_properties[0].seen_at #=> Time + # resp.subject.last_seen_at #=> Time + # resp.subject.subject_arn #=> String + # resp.subject.subject_id #=> String + # resp.subject.updated_at #=> Time + # resp.subject.x509_subject #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/GetSubject AWS API Documentation + # + # @overload get_subject(params = {}) + # @param [Hash] params ({}) + def get_subject(params = {}, options = {}) + req = build_request(:get_subject, params) + req.send_request(options) + end + + # Gets a trust anchor. + # + # Required permissions: `rolesanywhere:GetTrustAnchor`. + # + # @option params [required, String] :trust_anchor_id + # The unique identifier of the trust anchor. + # + # @return [Types::TrustAnchorDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::TrustAnchorDetailResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail + # + # @example Request syntax with placeholder values + # + # resp = client.get_trust_anchor({ + # trust_anchor_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.trust_anchor.created_at #=> Time + # resp.trust_anchor.enabled #=> Boolean + # resp.trust_anchor.name #=> String + # resp.trust_anchor.source.source_data.acm_pca_arn #=> String + # resp.trust_anchor.source.source_data.x509_certificate_data #=> String + # resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY" + # resp.trust_anchor.trust_anchor_arn #=> String + # resp.trust_anchor.trust_anchor_id #=> String + # resp.trust_anchor.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/GetTrustAnchor AWS API Documentation + # + # @overload get_trust_anchor(params = {}) + # @param [Hash] params ({}) + def get_trust_anchor(params = {}, options = {}) + req = build_request(:get_trust_anchor, params) + req.send_request(options) + end + + # Imports the certificate revocation list (CRL). CRl is a list of + # certificates that have been revoked by the issuing certificate + # Authority (CA). IAM Roles Anywhere validates against the crl list + # before issuing credentials. + # + # Required permissions: `rolesanywhere:ImportCrl`. + # + # @option params [required, String, StringIO, File] :crl_data + # The x509 v3 specified certificate revocation list + # + # @option params [Boolean] :enabled + # Specifies whether the certificate revocation list (CRL) is enabled. + # + # @option params [required, String] :name + # The name of the certificate revocation list (CRL). + # + # @option params [Array] :tags + # A list of tags to attach to the certificate revocation list (CRL). + # + # @option params [required, String] :trust_anchor_arn + # The ARN of the TrustAnchor the certificate revocation list (CRL) will + # provide revocation for. + # + # @return [Types::CrlDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CrlDetailResponse#crl #crl} => Types::CrlDetail + # + # @example Request syntax with placeholder values + # + # resp = client.import_crl({ + # crl_data: "data", # required + # enabled: false, + # name: "ResourceName", # required + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # trust_anchor_arn: "TrustAnchorArn", # required + # }) + # + # @example Response structure + # + # resp.crl.created_at #=> Time + # resp.crl.crl_arn #=> String + # resp.crl.crl_data #=> String + # resp.crl.crl_id #=> String + # resp.crl.enabled #=> Boolean + # resp.crl.name #=> String + # resp.crl.trust_anchor_arn #=> String + # resp.crl.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ImportCrl AWS API Documentation + # + # @overload import_crl(params = {}) + # @param [Hash] params ({}) + def import_crl(params = {}, options = {}) + req = build_request(:import_crl, params) + req.send_request(options) + end + + # Lists all Crls in the authenticated account and Amazon Web Services + # Region. + # + # Required permissions: `rolesanywhere:ListCrls`. + # + # @option params [String] :next_token + # A token that indicates where the output should continue from, if a + # previous operation did not show all results. To get the next results, + # call the operation again with this value. + # + # @option params [Integer] :page_size + # The number of resources in the paginated list. + # + # @return [Types::ListCrlsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ListCrlsResponse#crls #crls} => Array<Types::CrlDetail> + # * {Types::ListCrlsResponse#next_token #next_token} => String + # + # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. + # + # @example Request syntax with placeholder values + # + # resp = client.list_crls({ + # next_token: "ListRequestNextTokenString", + # page_size: 1, + # }) + # + # @example Response structure + # + # resp.crls #=> Array + # resp.crls[0].created_at #=> Time + # resp.crls[0].crl_arn #=> String + # resp.crls[0].crl_data #=> String + # resp.crls[0].crl_id #=> String + # resp.crls[0].enabled #=> Boolean + # resp.crls[0].name #=> String + # resp.crls[0].trust_anchor_arn #=> String + # resp.crls[0].updated_at #=> Time + # resp.next_token #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListCrls AWS API Documentation + # + # @overload list_crls(params = {}) + # @param [Hash] params ({}) + def list_crls(params = {}, options = {}) + req = build_request(:list_crls, params) + req.send_request(options) + end + + # Lists all profiles in the authenticated account and Amazon Web + # Services Region. + # + # Required permissions: `rolesanywhere:ListProfiles`. + # + # @option params [String] :next_token + # A token that indicates where the output should continue from, if a + # previous operation did not show all results. To get the next results, + # call the operation again with this value. + # + # @option params [Integer] :page_size + # The number of resources in the paginated list. + # + # @return [Types::ListProfilesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ListProfilesResponse#next_token #next_token} => String + # * {Types::ListProfilesResponse#profiles #profiles} => Array<Types::ProfileDetail> + # + # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. + # + # @example Request syntax with placeholder values + # + # resp = client.list_profiles({ + # next_token: "ListRequestNextTokenString", + # page_size: 1, + # }) + # + # @example Response structure + # + # resp.next_token #=> String + # resp.profiles #=> Array + # resp.profiles[0].created_at #=> Time + # resp.profiles[0].created_by #=> String + # resp.profiles[0].duration_seconds #=> Integer + # resp.profiles[0].enabled #=> Boolean + # resp.profiles[0].managed_policy_arns #=> Array + # resp.profiles[0].managed_policy_arns[0] #=> String + # resp.profiles[0].name #=> String + # resp.profiles[0].profile_arn #=> String + # resp.profiles[0].profile_id #=> String + # resp.profiles[0].require_instance_properties #=> Boolean + # resp.profiles[0].role_arns #=> Array + # resp.profiles[0].role_arns[0] #=> String + # resp.profiles[0].session_policy #=> String + # resp.profiles[0].updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListProfiles AWS API Documentation + # + # @overload list_profiles(params = {}) + # @param [Hash] params ({}) + def list_profiles(params = {}, options = {}) + req = build_request(:list_profiles, params) + req.send_request(options) + end + + # Lists the subjects in the authenticated account and Amazon Web + # Services Region. + # + # Required permissions: `rolesanywhere:ListSubjects`. + # + # @option params [String] :next_token + # A token that indicates where the output should continue from, if a + # previous operation did not show all results. To get the next results, + # call the operation again with this value. + # + # @option params [Integer] :page_size + # The number of resources in the paginated list. + # + # @return [Types::ListSubjectsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ListSubjectsResponse#next_token #next_token} => String + # * {Types::ListSubjectsResponse#subjects #subjects} => Array<Types::SubjectSummary> + # + # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. + # + # @example Request syntax with placeholder values + # + # resp = client.list_subjects({ + # next_token: "ListRequestNextTokenString", + # page_size: 1, + # }) + # + # @example Response structure + # + # resp.next_token #=> String + # resp.subjects #=> Array + # resp.subjects[0].created_at #=> Time + # resp.subjects[0].enabled #=> Boolean + # resp.subjects[0].last_seen_at #=> Time + # resp.subjects[0].subject_arn #=> String + # resp.subjects[0].subject_id #=> String + # resp.subjects[0].updated_at #=> Time + # resp.subjects[0].x509_subject #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListSubjects AWS API Documentation + # + # @overload list_subjects(params = {}) + # @param [Hash] params ({}) + def list_subjects(params = {}, options = {}) + req = build_request(:list_subjects, params) + req.send_request(options) + end + + # Lists the tags attached to the resource. + # + # Required permissions: `rolesanywhere:ListTagsForResource`. + # + # @option params [required, String] :resource_arn + # The ARN of the resource. + # + # @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ListTagsForResourceResponse#tags #tags} => Array<Types::Tag> + # + # @example Request syntax with placeholder values + # + # resp = client.list_tags_for_resource({ + # resource_arn: "AmazonResourceName", # required + # }) + # + # @example Response structure + # + # resp.tags #=> Array + # resp.tags[0].key #=> String + # resp.tags[0].value #=> String + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListTagsForResource AWS API Documentation + # + # @overload list_tags_for_resource(params = {}) + # @param [Hash] params ({}) + def list_tags_for_resource(params = {}, options = {}) + req = build_request(:list_tags_for_resource, params) + req.send_request(options) + end + + # Lists the trust anchors in the authenticated account and Amazon Web + # Services Region. + # + # Required permissions: `rolesanywhere:ListTrustAnchors`. + # + # @option params [String] :next_token + # A token that indicates where the output should continue from, if a + # previous operation did not show all results. To get the next results, + # call the operation again with this value. + # + # @option params [Integer] :page_size + # The number of resources in the paginated list. + # + # @return [Types::ListTrustAnchorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ListTrustAnchorsResponse#next_token #next_token} => String + # * {Types::ListTrustAnchorsResponse#trust_anchors #trust_anchors} => Array<Types::TrustAnchorDetail> + # + # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. + # + # @example Request syntax with placeholder values + # + # resp = client.list_trust_anchors({ + # next_token: "ListRequestNextTokenString", + # page_size: 1, + # }) + # + # @example Response structure + # + # resp.next_token #=> String + # resp.trust_anchors #=> Array + # resp.trust_anchors[0].created_at #=> Time + # resp.trust_anchors[0].enabled #=> Boolean + # resp.trust_anchors[0].name #=> String + # resp.trust_anchors[0].source.source_data.acm_pca_arn #=> String + # resp.trust_anchors[0].source.source_data.x509_certificate_data #=> String + # resp.trust_anchors[0].source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY" + # resp.trust_anchors[0].trust_anchor_arn #=> String + # resp.trust_anchors[0].trust_anchor_id #=> String + # resp.trust_anchors[0].updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListTrustAnchors AWS API Documentation + # + # @overload list_trust_anchors(params = {}) + # @param [Hash] params ({}) + def list_trust_anchors(params = {}, options = {}) + req = build_request(:list_trust_anchors, params) + req.send_request(options) + end + + # Attaches tags to a resource. + # + # Required permissions: `rolesanywhere:TagResource`. + # + # @option params [required, String] :resource_arn + # The ARN of the resource. + # + # @option params [required, Array] :tags + # The tags to attach to the resource. + # + # @return [Struct] Returns an empty {Seahorse::Client::Response response}. + # + # @example Request syntax with placeholder values + # + # resp = client.tag_resource({ + # resource_arn: "AmazonResourceName", # required + # tags: [ # required + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # }) + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/TagResource AWS API Documentation + # + # @overload tag_resource(params = {}) + # @param [Hash] params ({}) + def tag_resource(params = {}, options = {}) + req = build_request(:tag_resource, params) + req.send_request(options) + end + + # Removes tags from the resource. + # + # Required permissions: `rolesanywhere:UntagResource`. + # + # @option params [required, String] :resource_arn + # The ARN of the resource. + # + # @option params [required, Array] :tag_keys + # A list of keys. Tag keys are the unique identifiers of tags. + # + # @return [Struct] Returns an empty {Seahorse::Client::Response response}. + # + # @example Request syntax with placeholder values + # + # resp = client.untag_resource({ + # resource_arn: "AmazonResourceName", # required + # tag_keys: ["TagKey"], # required + # }) + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/UntagResource AWS API Documentation + # + # @overload untag_resource(params = {}) + # @param [Hash] params ({}) + def untag_resource(params = {}, options = {}) + req = build_request(:untag_resource, params) + req.send_request(options) + end + + # Updates the certificate revocation list (CRL). CRl is a list of + # certificates that have been revoked by the issuing certificate + # Authority (CA). IAM Roles Anywhere validates against the crl list + # before issuing credentials. + # + # Required permissions: `rolesanywhere:UpdateCrl`. + # + # @option params [String, StringIO, File] :crl_data + # The x509 v3 specified certificate revocation list + # + # @option params [required, String] :crl_id + # The unique identifier of the certificate revocation list (CRL). + # + # @option params [String] :name + # The name of the Crl. + # + # @return [Types::CrlDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::CrlDetailResponse#crl #crl} => Types::CrlDetail + # + # @example Request syntax with placeholder values + # + # resp = client.update_crl({ + # crl_data: "data", + # crl_id: "Uuid", # required + # name: "ResourceName", + # }) + # + # @example Response structure + # + # resp.crl.created_at #=> Time + # resp.crl.crl_arn #=> String + # resp.crl.crl_data #=> String + # resp.crl.crl_id #=> String + # resp.crl.enabled #=> Boolean + # resp.crl.name #=> String + # resp.crl.trust_anchor_arn #=> String + # resp.crl.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/UpdateCrl AWS API Documentation + # + # @overload update_crl(params = {}) + # @param [Hash] params ({}) + def update_crl(params = {}, options = {}) + req = build_request(:update_crl, params) + req.send_request(options) + end + + # Updates the profile. A profile is configuration resource to list the + # roles that RolesAnywhere service is trusted to assume. In addition, by + # applying a profile you can scope-down permissions with IAM managed + # policies. + # + # Required permissions: `rolesanywhere:UpdateProfile`. + # + # @option params [Integer] :duration_seconds + # The number of seconds the vended session credentials are valid for. + # + # @option params [Array] :managed_policy_arns + # A list of managed policy ARNs that apply to the vended session + # credentials. + # + # @option params [String] :name + # The name of the profile. + # + # @option params [required, String] :profile_id + # The unique identifier of the profile. + # + # @option params [Array] :role_arns + # A list of IAM roles that this profile can assume in a + # [CreateSession][1] operation. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # + # @option params [String] :session_policy + # A session policy that applies to the trust boundary of the vended + # session credentials. + # + # @return [Types::ProfileDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::ProfileDetailResponse#profile #profile} => Types::ProfileDetail + # + # @example Request syntax with placeholder values + # + # resp = client.update_profile({ + # duration_seconds: 1, + # managed_policy_arns: ["ManagedPolicyListMemberString"], + # name: "ResourceName", + # profile_id: "Uuid", # required + # role_arns: ["RoleArn"], + # session_policy: "UpdateProfileRequestSessionPolicyString", + # }) + # + # @example Response structure + # + # resp.profile.created_at #=> Time + # resp.profile.created_by #=> String + # resp.profile.duration_seconds #=> Integer + # resp.profile.enabled #=> Boolean + # resp.profile.managed_policy_arns #=> Array + # resp.profile.managed_policy_arns[0] #=> String + # resp.profile.name #=> String + # resp.profile.profile_arn #=> String + # resp.profile.profile_id #=> String + # resp.profile.require_instance_properties #=> Boolean + # resp.profile.role_arns #=> Array + # resp.profile.role_arns[0] #=> String + # resp.profile.session_policy #=> String + # resp.profile.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/UpdateProfile AWS API Documentation + # + # @overload update_profile(params = {}) + # @param [Hash] params ({}) + def update_profile(params = {}, options = {}) + req = build_request(:update_profile, params) + req.send_request(options) + end + + # Updates the trust anchor.You establish trust between IAM Roles + # Anywhere and your certificate authority (CA) by configuring a trust + # anchor. A Trust Anchor is defined either as a reference to a AWS + # Certificate Manager Private Certificate Authority (ACM PCA), or by + # uploading a Certificate Authority (CA) certificate. Your AWS workloads + # can authenticate with the trust anchor using certificates issued by + # the trusted Certificate Authority (CA) in exchange for temporary AWS + # credentials. + # + # Required permissions: `rolesanywhere:UpdateTrustAnchor`. + # + # @option params [String] :name + # The name of the trust anchor. + # + # @option params [Types::Source] :source + # The trust anchor type and its related certificate data. + # + # @option params [required, String] :trust_anchor_id + # The unique identifier of the trust anchor. + # + # @return [Types::TrustAnchorDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: + # + # * {Types::TrustAnchorDetailResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail + # + # @example Request syntax with placeholder values + # + # resp = client.update_trust_anchor({ + # name: "ResourceName", + # source: { + # source_data: { + # acm_pca_arn: "String", + # x509_certificate_data: "String", + # }, + # source_type: "AWS_ACM_PCA", # accepts AWS_ACM_PCA, CERTIFICATE_BUNDLE, SELF_SIGNED_REPOSITORY + # }, + # trust_anchor_id: "Uuid", # required + # }) + # + # @example Response structure + # + # resp.trust_anchor.created_at #=> Time + # resp.trust_anchor.enabled #=> Boolean + # resp.trust_anchor.name #=> String + # resp.trust_anchor.source.source_data.acm_pca_arn #=> String + # resp.trust_anchor.source.source_data.x509_certificate_data #=> String + # resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY" + # resp.trust_anchor.trust_anchor_arn #=> String + # resp.trust_anchor.trust_anchor_id #=> String + # resp.trust_anchor.updated_at #=> Time + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/UpdateTrustAnchor AWS API Documentation + # + # @overload update_trust_anchor(params = {}) + # @param [Hash] params ({}) + def update_trust_anchor(params = {}, options = {}) + req = build_request(:update_trust_anchor, params) + req.send_request(options) + end + + # @!endgroup + + # @param params ({}) + # @api private + def build_request(operation_name, params = {}) + handlers = @handlers.for(operation_name) + context = Seahorse::Client::RequestContext.new( + operation_name: operation_name, + operation: config.api.operation(operation_name), + client: self, + params: params, + config: config) + context[:gem_name] = 'aws-sdk-rolesanywhere' + context[:gem_version] = '1.0.0' + Seahorse::Client::Request.new(handlers, context) + end + + # @api private + # @deprecated + def waiter_names + [] + end + + class << self + + # @api private + attr_reader :identifier + + # @api private + def errors_module + Errors + end + + end + end +end diff --git a/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/client_api.rb b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/client_api.rb new file mode 100644 index 00000000000..60e523eeab1 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/client_api.rb @@ -0,0 +1,617 @@ +# frozen_string_literal: true + +# WARNING ABOUT GENERATED CODE +# +# This file is generated. See the contributing guide for more information: +# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md +# +# WARNING ABOUT GENERATED CODE + +module Aws::RolesAnywhere + # @api private + module ClientApi + + include Seahorse::Model + + AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException') + AmazonResourceName = Shapes::StringShape.new(name: 'AmazonResourceName') + Blob = Shapes::BlobShape.new(name: 'Blob') + Boolean = Shapes::BooleanShape.new(name: 'Boolean') + CreateProfileRequest = Shapes::StructureShape.new(name: 'CreateProfileRequest') + CreateProfileRequestDurationSecondsInteger = Shapes::IntegerShape.new(name: 'CreateProfileRequestDurationSecondsInteger') + CreateTrustAnchorRequest = Shapes::StructureShape.new(name: 'CreateTrustAnchorRequest') + CredentialSummaries = Shapes::ListShape.new(name: 'CredentialSummaries') + CredentialSummary = Shapes::StructureShape.new(name: 'CredentialSummary') + CrlDetail = Shapes::StructureShape.new(name: 'CrlDetail') + CrlDetailResponse = Shapes::StructureShape.new(name: 'CrlDetailResponse') + CrlDetails = Shapes::ListShape.new(name: 'CrlDetails') + ImportCrlRequest = Shapes::StructureShape.new(name: 'ImportCrlRequest') + ImportCrlRequestCrlDataBlob = Shapes::BlobShape.new(name: 'ImportCrlRequestCrlDataBlob') + InstanceProperties = Shapes::ListShape.new(name: 'InstanceProperties') + InstanceProperty = Shapes::StructureShape.new(name: 'InstanceProperty') + InstancePropertyMap = Shapes::MapShape.new(name: 'InstancePropertyMap') + InstancePropertyMapKeyString = Shapes::StringShape.new(name: 'InstancePropertyMapKeyString') + InstancePropertyMapValueString = Shapes::StringShape.new(name: 'InstancePropertyMapValueString') + Integer = Shapes::IntegerShape.new(name: 'Integer') + ListCrlsResponse = Shapes::StructureShape.new(name: 'ListCrlsResponse') + ListProfilesResponse = Shapes::StructureShape.new(name: 'ListProfilesResponse') + ListRequest = Shapes::StructureShape.new(name: 'ListRequest') + ListRequestNextTokenString = Shapes::StringShape.new(name: 'ListRequestNextTokenString') + ListSubjectsResponse = Shapes::StructureShape.new(name: 'ListSubjectsResponse') + ListTagsForResourceRequest = Shapes::StructureShape.new(name: 'ListTagsForResourceRequest') + ListTagsForResourceResponse = Shapes::StructureShape.new(name: 'ListTagsForResourceResponse') + ListTrustAnchorsResponse = Shapes::StructureShape.new(name: 'ListTrustAnchorsResponse') + ManagedPolicyList = Shapes::ListShape.new(name: 'ManagedPolicyList') + ManagedPolicyListMemberString = Shapes::StringShape.new(name: 'ManagedPolicyListMemberString') + ProfileArn = Shapes::StringShape.new(name: 'ProfileArn') + ProfileDetail = Shapes::StructureShape.new(name: 'ProfileDetail') + ProfileDetailResponse = Shapes::StructureShape.new(name: 'ProfileDetailResponse') + ProfileDetails = Shapes::ListShape.new(name: 'ProfileDetails') + ResourceName = Shapes::StringShape.new(name: 'ResourceName') + ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException') + RoleArn = Shapes::StringShape.new(name: 'RoleArn') + RoleArnList = Shapes::ListShape.new(name: 'RoleArnList') + ScalarCrlRequest = Shapes::StructureShape.new(name: 'ScalarCrlRequest') + ScalarProfileRequest = Shapes::StructureShape.new(name: 'ScalarProfileRequest') + ScalarSubjectRequest = Shapes::StructureShape.new(name: 'ScalarSubjectRequest') + ScalarTrustAnchorRequest = Shapes::StructureShape.new(name: 'ScalarTrustAnchorRequest') + Source = Shapes::StructureShape.new(name: 'Source') + SourceData = Shapes::UnionShape.new(name: 'SourceData') + String = Shapes::StringShape.new(name: 'String') + SubjectDetail = Shapes::StructureShape.new(name: 'SubjectDetail') + SubjectDetailResponse = Shapes::StructureShape.new(name: 'SubjectDetailResponse') + SubjectSummaries = Shapes::ListShape.new(name: 'SubjectSummaries') + SubjectSummary = Shapes::StructureShape.new(name: 'SubjectSummary') + SyntheticTimestamp_date_time = Shapes::TimestampShape.new(name: 'SyntheticTimestamp_date_time', timestampFormat: "iso8601") + Tag = Shapes::StructureShape.new(name: 'Tag') + TagKey = Shapes::StringShape.new(name: 'TagKey') + TagKeyList = Shapes::ListShape.new(name: 'TagKeyList') + TagList = Shapes::ListShape.new(name: 'TagList') + TagResourceRequest = Shapes::StructureShape.new(name: 'TagResourceRequest') + TagResourceResponse = Shapes::StructureShape.new(name: 'TagResourceResponse') + TagValue = Shapes::StringShape.new(name: 'TagValue') + TooManyTagsException = Shapes::StructureShape.new(name: 'TooManyTagsException') + TrustAnchorArn = Shapes::StringShape.new(name: 'TrustAnchorArn') + TrustAnchorDetail = Shapes::StructureShape.new(name: 'TrustAnchorDetail') + TrustAnchorDetailResponse = Shapes::StructureShape.new(name: 'TrustAnchorDetailResponse') + TrustAnchorDetails = Shapes::ListShape.new(name: 'TrustAnchorDetails') + TrustAnchorType = Shapes::StringShape.new(name: 'TrustAnchorType') + UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest') + UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse') + UpdateCrlRequest = Shapes::StructureShape.new(name: 'UpdateCrlRequest') + UpdateCrlRequestCrlDataBlob = Shapes::BlobShape.new(name: 'UpdateCrlRequestCrlDataBlob') + UpdateProfileRequest = Shapes::StructureShape.new(name: 'UpdateProfileRequest') + UpdateProfileRequestDurationSecondsInteger = Shapes::IntegerShape.new(name: 'UpdateProfileRequestDurationSecondsInteger') + UpdateProfileRequestSessionPolicyString = Shapes::StringShape.new(name: 'UpdateProfileRequestSessionPolicyString') + UpdateTrustAnchorRequest = Shapes::StructureShape.new(name: 'UpdateTrustAnchorRequest') + Uuid = Shapes::StringShape.new(name: 'Uuid') + ValidationException = Shapes::StructureShape.new(name: 'ValidationException') + + AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message")) + AccessDeniedException.struct_class = Types::AccessDeniedException + + CreateProfileRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: CreateProfileRequestDurationSecondsInteger, location_name: "durationSeconds")) + CreateProfileRequest.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled")) + CreateProfileRequest.add_member(:managed_policy_arns, Shapes::ShapeRef.new(shape: ManagedPolicyList, location_name: "managedPolicyArns")) + CreateProfileRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, required: true, location_name: "name")) + CreateProfileRequest.add_member(:require_instance_properties, Shapes::ShapeRef.new(shape: Boolean, location_name: "requireInstanceProperties")) + CreateProfileRequest.add_member(:role_arns, Shapes::ShapeRef.new(shape: RoleArnList, required: true, location_name: "roleArns")) + CreateProfileRequest.add_member(:session_policy, Shapes::ShapeRef.new(shape: String, location_name: "sessionPolicy")) + CreateProfileRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tags")) + CreateProfileRequest.struct_class = Types::CreateProfileRequest + + CreateTrustAnchorRequest.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled")) + CreateTrustAnchorRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, required: true, location_name: "name")) + CreateTrustAnchorRequest.add_member(:source, Shapes::ShapeRef.new(shape: Source, required: true, location_name: "source")) + CreateTrustAnchorRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tags")) + CreateTrustAnchorRequest.struct_class = Types::CreateTrustAnchorRequest + + CredentialSummaries.member = Shapes::ShapeRef.new(shape: CredentialSummary) + + CredentialSummary.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled")) + CredentialSummary.add_member(:failed, Shapes::ShapeRef.new(shape: Boolean, location_name: "failed")) + CredentialSummary.add_member(:issuer, Shapes::ShapeRef.new(shape: String, location_name: "issuer")) + CredentialSummary.add_member(:seen_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "seenAt")) + CredentialSummary.add_member(:serial_number, Shapes::ShapeRef.new(shape: String, location_name: "serialNumber")) + CredentialSummary.add_member(:x509_certificate_data, Shapes::ShapeRef.new(shape: String, location_name: "x509CertificateData")) + CredentialSummary.struct_class = Types::CredentialSummary + + CrlDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt")) + CrlDetail.add_member(:crl_arn, Shapes::ShapeRef.new(shape: String, location_name: "crlArn")) + CrlDetail.add_member(:crl_data, Shapes::ShapeRef.new(shape: Blob, location_name: "crlData")) + CrlDetail.add_member(:crl_id, Shapes::ShapeRef.new(shape: Uuid, location_name: "crlId")) + CrlDetail.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled")) + CrlDetail.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name")) + CrlDetail.add_member(:trust_anchor_arn, Shapes::ShapeRef.new(shape: String, location_name: "trustAnchorArn")) + CrlDetail.add_member(:updated_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "updatedAt")) + CrlDetail.struct_class = Types::CrlDetail + + CrlDetailResponse.add_member(:crl, Shapes::ShapeRef.new(shape: CrlDetail, required: true, location_name: "crl")) + CrlDetailResponse.struct_class = Types::CrlDetailResponse + + CrlDetails.member = Shapes::ShapeRef.new(shape: CrlDetail) + + ImportCrlRequest.add_member(:crl_data, Shapes::ShapeRef.new(shape: ImportCrlRequestCrlDataBlob, required: true, location_name: "crlData")) + ImportCrlRequest.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled")) + ImportCrlRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, required: true, location_name: "name")) + ImportCrlRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tags")) + ImportCrlRequest.add_member(:trust_anchor_arn, Shapes::ShapeRef.new(shape: TrustAnchorArn, required: true, location_name: "trustAnchorArn")) + ImportCrlRequest.struct_class = Types::ImportCrlRequest + + InstanceProperties.member = Shapes::ShapeRef.new(shape: InstanceProperty) + + InstanceProperty.add_member(:failed, Shapes::ShapeRef.new(shape: Boolean, location_name: "failed")) + InstanceProperty.add_member(:properties, Shapes::ShapeRef.new(shape: InstancePropertyMap, location_name: "properties")) + InstanceProperty.add_member(:seen_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "seenAt")) + InstanceProperty.struct_class = Types::InstanceProperty + + InstancePropertyMap.key = Shapes::ShapeRef.new(shape: InstancePropertyMapKeyString) + InstancePropertyMap.value = Shapes::ShapeRef.new(shape: InstancePropertyMapValueString) + + ListCrlsResponse.add_member(:crls, Shapes::ShapeRef.new(shape: CrlDetails, location_name: "crls")) + ListCrlsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken")) + ListCrlsResponse.struct_class = Types::ListCrlsResponse + + ListProfilesResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken")) + ListProfilesResponse.add_member(:profiles, Shapes::ShapeRef.new(shape: ProfileDetails, location_name: "profiles")) + ListProfilesResponse.struct_class = Types::ListProfilesResponse + + ListRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: ListRequestNextTokenString, location: "querystring", location_name: "nextToken")) + ListRequest.add_member(:page_size, Shapes::ShapeRef.new(shape: Integer, location: "querystring", location_name: "pageSize")) + ListRequest.struct_class = Types::ListRequest + + ListSubjectsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken")) + ListSubjectsResponse.add_member(:subjects, Shapes::ShapeRef.new(shape: SubjectSummaries, location_name: "subjects")) + ListSubjectsResponse.struct_class = Types::ListSubjectsResponse + + ListTagsForResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: AmazonResourceName, required: true, location: "querystring", location_name: "resourceArn")) + ListTagsForResourceRequest.struct_class = Types::ListTagsForResourceRequest + + ListTagsForResourceResponse.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tags")) + ListTagsForResourceResponse.struct_class = Types::ListTagsForResourceResponse + + ListTrustAnchorsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken")) + ListTrustAnchorsResponse.add_member(:trust_anchors, Shapes::ShapeRef.new(shape: TrustAnchorDetails, location_name: "trustAnchors")) + ListTrustAnchorsResponse.struct_class = Types::ListTrustAnchorsResponse + + ManagedPolicyList.member = Shapes::ShapeRef.new(shape: ManagedPolicyListMemberString) + + ProfileDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt")) + ProfileDetail.add_member(:created_by, Shapes::ShapeRef.new(shape: String, location_name: "createdBy")) + ProfileDetail.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: Integer, location_name: "durationSeconds")) + ProfileDetail.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled")) + ProfileDetail.add_member(:managed_policy_arns, Shapes::ShapeRef.new(shape: ManagedPolicyList, location_name: "managedPolicyArns")) + ProfileDetail.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, location_name: "name")) + ProfileDetail.add_member(:profile_arn, Shapes::ShapeRef.new(shape: ProfileArn, location_name: "profileArn")) + ProfileDetail.add_member(:profile_id, Shapes::ShapeRef.new(shape: Uuid, location_name: "profileId")) + ProfileDetail.add_member(:require_instance_properties, Shapes::ShapeRef.new(shape: Boolean, location_name: "requireInstanceProperties")) + ProfileDetail.add_member(:role_arns, Shapes::ShapeRef.new(shape: RoleArnList, location_name: "roleArns")) + ProfileDetail.add_member(:session_policy, Shapes::ShapeRef.new(shape: String, location_name: "sessionPolicy")) + ProfileDetail.add_member(:updated_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "updatedAt")) + ProfileDetail.struct_class = Types::ProfileDetail + + ProfileDetailResponse.add_member(:profile, Shapes::ShapeRef.new(shape: ProfileDetail, location_name: "profile")) + ProfileDetailResponse.struct_class = Types::ProfileDetailResponse + + ProfileDetails.member = Shapes::ShapeRef.new(shape: ProfileDetail) + + ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message")) + ResourceNotFoundException.struct_class = Types::ResourceNotFoundException + + RoleArnList.member = Shapes::ShapeRef.new(shape: RoleArn) + + ScalarCrlRequest.add_member(:crl_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location: "uri", location_name: "crlId")) + ScalarCrlRequest.struct_class = Types::ScalarCrlRequest + + ScalarProfileRequest.add_member(:profile_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location: "uri", location_name: "profileId")) + ScalarProfileRequest.struct_class = Types::ScalarProfileRequest + + ScalarSubjectRequest.add_member(:subject_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location: "uri", location_name: "subjectId")) + ScalarSubjectRequest.struct_class = Types::ScalarSubjectRequest + + ScalarTrustAnchorRequest.add_member(:trust_anchor_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location: "uri", location_name: "trustAnchorId")) + ScalarTrustAnchorRequest.struct_class = Types::ScalarTrustAnchorRequest + + Source.add_member(:source_data, Shapes::ShapeRef.new(shape: SourceData, location_name: "sourceData")) + Source.add_member(:source_type, Shapes::ShapeRef.new(shape: TrustAnchorType, location_name: "sourceType")) + Source.struct_class = Types::Source + + SourceData.add_member(:acm_pca_arn, Shapes::ShapeRef.new(shape: String, location_name: "acmPcaArn")) + SourceData.add_member(:x509_certificate_data, Shapes::ShapeRef.new(shape: String, location_name: "x509CertificateData")) + SourceData.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown')) + SourceData.add_member_subclass(:acm_pca_arn, Types::SourceData::AcmPcaArn) + SourceData.add_member_subclass(:x509_certificate_data, Types::SourceData::X509CertificateData) + SourceData.add_member_subclass(:unknown, Types::SourceData::Unknown) + SourceData.struct_class = Types::SourceData + + SubjectDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt")) + SubjectDetail.add_member(:credentials, Shapes::ShapeRef.new(shape: CredentialSummaries, location_name: "credentials")) + SubjectDetail.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled")) + SubjectDetail.add_member(:instance_properties, Shapes::ShapeRef.new(shape: InstanceProperties, location_name: "instanceProperties")) + SubjectDetail.add_member(:last_seen_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "lastSeenAt")) + SubjectDetail.add_member(:subject_arn, Shapes::ShapeRef.new(shape: String, location_name: "subjectArn")) + SubjectDetail.add_member(:subject_id, Shapes::ShapeRef.new(shape: Uuid, location_name: "subjectId")) + SubjectDetail.add_member(:updated_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "updatedAt")) + SubjectDetail.add_member(:x509_subject, Shapes::ShapeRef.new(shape: String, location_name: "x509Subject")) + SubjectDetail.struct_class = Types::SubjectDetail + + SubjectDetailResponse.add_member(:subject, Shapes::ShapeRef.new(shape: SubjectDetail, location_name: "subject")) + SubjectDetailResponse.struct_class = Types::SubjectDetailResponse + + SubjectSummaries.member = Shapes::ShapeRef.new(shape: SubjectSummary) + + SubjectSummary.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt")) + SubjectSummary.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled")) + SubjectSummary.add_member(:last_seen_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "lastSeenAt")) + SubjectSummary.add_member(:subject_arn, Shapes::ShapeRef.new(shape: String, location_name: "subjectArn")) + SubjectSummary.add_member(:subject_id, Shapes::ShapeRef.new(shape: Uuid, location_name: "subjectId")) + SubjectSummary.add_member(:updated_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "updatedAt")) + SubjectSummary.add_member(:x509_subject, Shapes::ShapeRef.new(shape: String, location_name: "x509Subject")) + SubjectSummary.struct_class = Types::SubjectSummary + + Tag.add_member(:key, Shapes::ShapeRef.new(shape: TagKey, required: true, location_name: "key")) + Tag.add_member(:value, Shapes::ShapeRef.new(shape: TagValue, required: true, location_name: "value")) + Tag.struct_class = Types::Tag + + TagKeyList.member = Shapes::ShapeRef.new(shape: TagKey) + + TagList.member = Shapes::ShapeRef.new(shape: Tag) + + TagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: AmazonResourceName, required: true, location_name: "resourceArn")) + TagResourceRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, required: true, location_name: "tags")) + TagResourceRequest.struct_class = Types::TagResourceRequest + + TagResourceResponse.struct_class = Types::TagResourceResponse + + TooManyTagsException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message")) + TooManyTagsException.struct_class = Types::TooManyTagsException + + TrustAnchorDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt")) + TrustAnchorDetail.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled")) + TrustAnchorDetail.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, location_name: "name")) + TrustAnchorDetail.add_member(:source, Shapes::ShapeRef.new(shape: Source, location_name: "source")) + TrustAnchorDetail.add_member(:trust_anchor_arn, Shapes::ShapeRef.new(shape: String, location_name: "trustAnchorArn")) + TrustAnchorDetail.add_member(:trust_anchor_id, Shapes::ShapeRef.new(shape: Uuid, location_name: "trustAnchorId")) + TrustAnchorDetail.add_member(:updated_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "updatedAt")) + TrustAnchorDetail.struct_class = Types::TrustAnchorDetail + + TrustAnchorDetailResponse.add_member(:trust_anchor, Shapes::ShapeRef.new(shape: TrustAnchorDetail, required: true, location_name: "trustAnchor")) + TrustAnchorDetailResponse.struct_class = Types::TrustAnchorDetailResponse + + TrustAnchorDetails.member = Shapes::ShapeRef.new(shape: TrustAnchorDetail) + + UntagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: AmazonResourceName, required: true, location_name: "resourceArn")) + UntagResourceRequest.add_member(:tag_keys, Shapes::ShapeRef.new(shape: TagKeyList, required: true, location_name: "tagKeys")) + UntagResourceRequest.struct_class = Types::UntagResourceRequest + + UntagResourceResponse.struct_class = Types::UntagResourceResponse + + UpdateCrlRequest.add_member(:crl_data, Shapes::ShapeRef.new(shape: UpdateCrlRequestCrlDataBlob, location_name: "crlData")) + UpdateCrlRequest.add_member(:crl_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location: "uri", location_name: "crlId")) + UpdateCrlRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, location_name: "name")) + UpdateCrlRequest.struct_class = Types::UpdateCrlRequest + + UpdateProfileRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: UpdateProfileRequestDurationSecondsInteger, location_name: "durationSeconds")) + UpdateProfileRequest.add_member(:managed_policy_arns, Shapes::ShapeRef.new(shape: ManagedPolicyList, location_name: "managedPolicyArns")) + UpdateProfileRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, location_name: "name")) + UpdateProfileRequest.add_member(:profile_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location: "uri", location_name: "profileId")) + UpdateProfileRequest.add_member(:role_arns, Shapes::ShapeRef.new(shape: RoleArnList, location_name: "roleArns")) + UpdateProfileRequest.add_member(:session_policy, Shapes::ShapeRef.new(shape: UpdateProfileRequestSessionPolicyString, location_name: "sessionPolicy")) + UpdateProfileRequest.struct_class = Types::UpdateProfileRequest + + UpdateTrustAnchorRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, location_name: "name")) + UpdateTrustAnchorRequest.add_member(:source, Shapes::ShapeRef.new(shape: Source, location_name: "source")) + UpdateTrustAnchorRequest.add_member(:trust_anchor_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location: "uri", location_name: "trustAnchorId")) + UpdateTrustAnchorRequest.struct_class = Types::UpdateTrustAnchorRequest + + ValidationException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message")) + ValidationException.struct_class = Types::ValidationException + + + # @api private + API = Seahorse::Model::Api.new.tap do |api| + + api.version = "2018-05-10" + + api.metadata = { + "apiVersion" => "2018-05-10", + "endpointPrefix" => "rolesanywhere", + "jsonVersion" => "1.1", + "protocol" => "rest-json", + "serviceFullName" => "IAM Roles Anywhere", + "serviceId" => "RolesAnywhere", + "signatureVersion" => "v4", + "signingName" => "rolesanywhere", + "uid" => "rolesanywhere-2018-05-10", + } + + api.add_operation(:create_profile, Seahorse::Model::Operation.new.tap do |o| + o.name = "CreateProfile" + o.http_method = "POST" + o.http_request_uri = "/profiles" + o.input = Shapes::ShapeRef.new(shape: CreateProfileRequest) + o.output = Shapes::ShapeRef.new(shape: ProfileDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:create_trust_anchor, Seahorse::Model::Operation.new.tap do |o| + o.name = "CreateTrustAnchor" + o.http_method = "POST" + o.http_request_uri = "/trustanchors" + o.input = Shapes::ShapeRef.new(shape: CreateTrustAnchorRequest) + o.output = Shapes::ShapeRef.new(shape: TrustAnchorDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:delete_crl, Seahorse::Model::Operation.new.tap do |o| + o.name = "DeleteCrl" + o.http_method = "DELETE" + o.http_request_uri = "/crl/{crlId}" + o.input = Shapes::ShapeRef.new(shape: ScalarCrlRequest) + o.output = Shapes::ShapeRef.new(shape: CrlDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:delete_profile, Seahorse::Model::Operation.new.tap do |o| + o.name = "DeleteProfile" + o.http_method = "DELETE" + o.http_request_uri = "/profile/{profileId}" + o.input = Shapes::ShapeRef.new(shape: ScalarProfileRequest) + o.output = Shapes::ShapeRef.new(shape: ProfileDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:delete_trust_anchor, Seahorse::Model::Operation.new.tap do |o| + o.name = "DeleteTrustAnchor" + o.http_method = "DELETE" + o.http_request_uri = "/trustanchor/{trustAnchorId}" + o.input = Shapes::ShapeRef.new(shape: ScalarTrustAnchorRequest) + o.output = Shapes::ShapeRef.new(shape: TrustAnchorDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:disable_crl, Seahorse::Model::Operation.new.tap do |o| + o.name = "DisableCrl" + o.http_method = "POST" + o.http_request_uri = "/crl/{crlId}/disable" + o.input = Shapes::ShapeRef.new(shape: ScalarCrlRequest) + o.output = Shapes::ShapeRef.new(shape: CrlDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:disable_profile, Seahorse::Model::Operation.new.tap do |o| + o.name = "DisableProfile" + o.http_method = "POST" + o.http_request_uri = "/profile/{profileId}/disable" + o.input = Shapes::ShapeRef.new(shape: ScalarProfileRequest) + o.output = Shapes::ShapeRef.new(shape: ProfileDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:disable_trust_anchor, Seahorse::Model::Operation.new.tap do |o| + o.name = "DisableTrustAnchor" + o.http_method = "POST" + o.http_request_uri = "/trustanchor/{trustAnchorId}/disable" + o.input = Shapes::ShapeRef.new(shape: ScalarTrustAnchorRequest) + o.output = Shapes::ShapeRef.new(shape: TrustAnchorDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:enable_crl, Seahorse::Model::Operation.new.tap do |o| + o.name = "EnableCrl" + o.http_method = "POST" + o.http_request_uri = "/crl/{crlId}/enable" + o.input = Shapes::ShapeRef.new(shape: ScalarCrlRequest) + o.output = Shapes::ShapeRef.new(shape: CrlDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:enable_profile, Seahorse::Model::Operation.new.tap do |o| + o.name = "EnableProfile" + o.http_method = "POST" + o.http_request_uri = "/profile/{profileId}/enable" + o.input = Shapes::ShapeRef.new(shape: ScalarProfileRequest) + o.output = Shapes::ShapeRef.new(shape: ProfileDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:enable_trust_anchor, Seahorse::Model::Operation.new.tap do |o| + o.name = "EnableTrustAnchor" + o.http_method = "POST" + o.http_request_uri = "/trustanchor/{trustAnchorId}/enable" + o.input = Shapes::ShapeRef.new(shape: ScalarTrustAnchorRequest) + o.output = Shapes::ShapeRef.new(shape: TrustAnchorDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:get_crl, Seahorse::Model::Operation.new.tap do |o| + o.name = "GetCrl" + o.http_method = "GET" + o.http_request_uri = "/crl/{crlId}" + o.input = Shapes::ShapeRef.new(shape: ScalarCrlRequest) + o.output = Shapes::ShapeRef.new(shape: CrlDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + end) + + api.add_operation(:get_profile, Seahorse::Model::Operation.new.tap do |o| + o.name = "GetProfile" + o.http_method = "GET" + o.http_request_uri = "/profile/{profileId}" + o.input = Shapes::ShapeRef.new(shape: ScalarProfileRequest) + o.output = Shapes::ShapeRef.new(shape: ProfileDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:get_subject, Seahorse::Model::Operation.new.tap do |o| + o.name = "GetSubject" + o.http_method = "GET" + o.http_request_uri = "/subject/{subjectId}" + o.input = Shapes::ShapeRef.new(shape: ScalarSubjectRequest) + o.output = Shapes::ShapeRef.new(shape: SubjectDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:get_trust_anchor, Seahorse::Model::Operation.new.tap do |o| + o.name = "GetTrustAnchor" + o.http_method = "GET" + o.http_request_uri = "/trustanchor/{trustAnchorId}" + o.input = Shapes::ShapeRef.new(shape: ScalarTrustAnchorRequest) + o.output = Shapes::ShapeRef.new(shape: TrustAnchorDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:import_crl, Seahorse::Model::Operation.new.tap do |o| + o.name = "ImportCrl" + o.http_method = "POST" + o.http_request_uri = "/crls" + o.input = Shapes::ShapeRef.new(shape: ImportCrlRequest) + o.output = Shapes::ShapeRef.new(shape: CrlDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:list_crls, Seahorse::Model::Operation.new.tap do |o| + o.name = "ListCrls" + o.http_method = "GET" + o.http_request_uri = "/crls" + o.input = Shapes::ShapeRef.new(shape: ListRequest) + o.output = Shapes::ShapeRef.new(shape: ListCrlsResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + o[:pager] = Aws::Pager.new( + tokens: { + "next_token" => "next_token" + } + ) + end) + + api.add_operation(:list_profiles, Seahorse::Model::Operation.new.tap do |o| + o.name = "ListProfiles" + o.http_method = "GET" + o.http_request_uri = "/profiles" + o.input = Shapes::ShapeRef.new(shape: ListRequest) + o.output = Shapes::ShapeRef.new(shape: ListProfilesResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + o[:pager] = Aws::Pager.new( + tokens: { + "next_token" => "next_token" + } + ) + end) + + api.add_operation(:list_subjects, Seahorse::Model::Operation.new.tap do |o| + o.name = "ListSubjects" + o.http_method = "GET" + o.http_request_uri = "/subjects" + o.input = Shapes::ShapeRef.new(shape: ListRequest) + o.output = Shapes::ShapeRef.new(shape: ListSubjectsResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + o[:pager] = Aws::Pager.new( + tokens: { + "next_token" => "next_token" + } + ) + end) + + api.add_operation(:list_tags_for_resource, Seahorse::Model::Operation.new.tap do |o| + o.name = "ListTagsForResource" + o.http_method = "GET" + o.http_request_uri = "/ListTagsForResource" + o.input = Shapes::ShapeRef.new(shape: ListTagsForResourceRequest) + o.output = Shapes::ShapeRef.new(shape: ListTagsForResourceResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:list_trust_anchors, Seahorse::Model::Operation.new.tap do |o| + o.name = "ListTrustAnchors" + o.http_method = "GET" + o.http_request_uri = "/trustanchors" + o.input = Shapes::ShapeRef.new(shape: ListRequest) + o.output = Shapes::ShapeRef.new(shape: ListTrustAnchorsResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + o[:pager] = Aws::Pager.new( + tokens: { + "next_token" => "next_token" + } + ) + end) + + api.add_operation(:tag_resource, Seahorse::Model::Operation.new.tap do |o| + o.name = "TagResource" + o.http_method = "POST" + o.http_request_uri = "/TagResource" + o.input = Shapes::ShapeRef.new(shape: TagResourceRequest) + o.output = Shapes::ShapeRef.new(shape: TagResourceResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + o.errors << Shapes::ShapeRef.new(shape: TooManyTagsException) + end) + + api.add_operation(:untag_resource, Seahorse::Model::Operation.new.tap do |o| + o.name = "UntagResource" + o.http_method = "POST" + o.http_request_uri = "/UntagResource" + o.input = Shapes::ShapeRef.new(shape: UntagResourceRequest) + o.output = Shapes::ShapeRef.new(shape: UntagResourceResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:update_crl, Seahorse::Model::Operation.new.tap do |o| + o.name = "UpdateCrl" + o.http_method = "PATCH" + o.http_request_uri = "/crl/{crlId}" + o.input = Shapes::ShapeRef.new(shape: UpdateCrlRequest) + o.output = Shapes::ShapeRef.new(shape: CrlDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:update_profile, Seahorse::Model::Operation.new.tap do |o| + o.name = "UpdateProfile" + o.http_method = "PATCH" + o.http_request_uri = "/profile/{profileId}" + o.input = Shapes::ShapeRef.new(shape: UpdateProfileRequest) + o.output = Shapes::ShapeRef.new(shape: ProfileDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + + api.add_operation(:update_trust_anchor, Seahorse::Model::Operation.new.tap do |o| + o.name = "UpdateTrustAnchor" + o.http_method = "PATCH" + o.http_request_uri = "/trustanchor/{trustAnchorId}" + o.input = Shapes::ShapeRef.new(shape: UpdateTrustAnchorRequest) + o.output = Shapes::ShapeRef.new(shape: TrustAnchorDetailResponse) + o.errors << Shapes::ShapeRef.new(shape: ValidationException) + o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException) + o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException) + end) + end + + end +end diff --git a/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/customizations.rb b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/customizations.rb new file mode 100644 index 00000000000..e69de29bb2d diff --git a/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/errors.rb b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/errors.rb new file mode 100644 index 00000000000..1f24ce5d904 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/errors.rb @@ -0,0 +1,102 @@ +# frozen_string_literal: true + +# WARNING ABOUT GENERATED CODE +# +# This file is generated. See the contributing guide for more information: +# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md +# +# WARNING ABOUT GENERATED CODE + +module Aws::RolesAnywhere + + # When RolesAnywhere returns an error response, the Ruby SDK constructs and raises an error. + # These errors all extend Aws::RolesAnywhere::Errors::ServiceError < {Aws::Errors::ServiceError} + # + # You can rescue all RolesAnywhere errors using ServiceError: + # + # begin + # # do stuff + # rescue Aws::RolesAnywhere::Errors::ServiceError + # # rescues all RolesAnywhere API errors + # end + # + # + # ## Request Context + # ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns + # information about the request that generated the error. + # See {Seahorse::Client::RequestContext} for more information. + # + # ## Error Classes + # * {AccessDeniedException} + # * {ResourceNotFoundException} + # * {TooManyTagsException} + # * {ValidationException} + # + # Additionally, error classes are dynamically generated for service errors based on the error code + # if they are not defined above. + module Errors + + extend Aws::Errors::DynamicErrors + + class AccessDeniedException < ServiceError + + # @param [Seahorse::Client::RequestContext] context + # @param [String] message + # @param [Aws::RolesAnywhere::Types::AccessDeniedException] data + def initialize(context, message, data = Aws::EmptyStructure.new) + super(context, message, data) + end + + # @return [String] + def message + @message || @data[:message] + end + end + + class ResourceNotFoundException < ServiceError + + # @param [Seahorse::Client::RequestContext] context + # @param [String] message + # @param [Aws::RolesAnywhere::Types::ResourceNotFoundException] data + def initialize(context, message, data = Aws::EmptyStructure.new) + super(context, message, data) + end + + # @return [String] + def message + @message || @data[:message] + end + end + + class TooManyTagsException < ServiceError + + # @param [Seahorse::Client::RequestContext] context + # @param [String] message + # @param [Aws::RolesAnywhere::Types::TooManyTagsException] data + def initialize(context, message, data = Aws::EmptyStructure.new) + super(context, message, data) + end + + # @return [String] + def message + @message || @data[:message] + end + end + + class ValidationException < ServiceError + + # @param [Seahorse::Client::RequestContext] context + # @param [String] message + # @param [Aws::RolesAnywhere::Types::ValidationException] data + def initialize(context, message, data = Aws::EmptyStructure.new) + super(context, message, data) + end + + # @return [String] + def message + @message || @data[:message] + end + end + + end +end diff --git a/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/resource.rb b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/resource.rb new file mode 100644 index 00000000000..9e587322e4b --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/resource.rb @@ -0,0 +1,26 @@ +# frozen_string_literal: true + +# WARNING ABOUT GENERATED CODE +# +# This file is generated. See the contributing guide for more information: +# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md +# +# WARNING ABOUT GENERATED CODE + +module Aws::RolesAnywhere + + class Resource + + # @param options ({}) + # @option options [Client] :client + def initialize(options = {}) + @client = options[:client] || Client.new(options) + end + + # @return [Client] + def client + @client + end + + end +end diff --git a/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/types.rb b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/types.rb new file mode 100644 index 00000000000..a31110bc957 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/lib/aws-sdk-rolesanywhere/types.rb @@ -0,0 +1,1158 @@ +# frozen_string_literal: true + +# WARNING ABOUT GENERATED CODE +# +# This file is generated. See the contributing guide for more information: +# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md +# +# WARNING ABOUT GENERATED CODE + +module Aws::RolesAnywhere + module Types + + # You do not have sufficient access to perform this action. + # + # @!attribute [rw] message + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/AccessDeniedException AWS API Documentation + # + class AccessDeniedException < Struct.new( + :message) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass CreateProfileRequest + # data as a hash: + # + # { + # duration_seconds: 1, + # enabled: false, + # managed_policy_arns: ["ManagedPolicyListMemberString"], + # name: "ResourceName", # required + # require_instance_properties: false, + # role_arns: ["RoleArn"], # required + # session_policy: "String", + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # } + # + # @!attribute [rw] duration_seconds + # The number of seconds the vended session credentials are valid for. + # @return [Integer] + # + # @!attribute [rw] enabled + # Specifies whether the profile is enabled. + # @return [Boolean] + # + # @!attribute [rw] managed_policy_arns + # A list of managed policy ARNs that apply to the vended session + # credentials. + # @return [Array] + # + # @!attribute [rw] name + # The name of the profile. + # @return [String] + # + # @!attribute [rw] require_instance_properties + # Specifies whether instance properties are required in + # [CreateSession][1] requests with this profile. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Boolean] + # + # @!attribute [rw] role_arns + # A list of IAM roles that this profile can assume in a + # [CreateSession][1] operation. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Array] + # + # @!attribute [rw] session_policy + # A session policy that applies to the trust boundary of the vended + # session credentials. + # @return [String] + # + # @!attribute [rw] tags + # The tags to attach to the profile. + # @return [Array] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/CreateProfileRequest AWS API Documentation + # + class CreateProfileRequest < Struct.new( + :duration_seconds, + :enabled, + :managed_policy_arns, + :name, + :require_instance_properties, + :role_arns, + :session_policy, + :tags) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass CreateTrustAnchorRequest + # data as a hash: + # + # { + # enabled: false, + # name: "ResourceName", # required + # source: { # required + # source_data: { + # acm_pca_arn: "String", + # x509_certificate_data: "String", + # }, + # source_type: "AWS_ACM_PCA", # accepts AWS_ACM_PCA, CERTIFICATE_BUNDLE, SELF_SIGNED_REPOSITORY + # }, + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # } + # + # @!attribute [rw] enabled + # Specifies whether the trust anchor is enabled. + # @return [Boolean] + # + # @!attribute [rw] name + # The name of the trust anchor. + # @return [String] + # + # @!attribute [rw] source + # The trust anchor type and its related certificate data. + # @return [Types::Source] + # + # @!attribute [rw] tags + # The tags to attach to the trust anchor. + # @return [Array] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/CreateTrustAnchorRequest AWS API Documentation + # + class CreateTrustAnchorRequest < Struct.new( + :enabled, + :name, + :source, + :tags) + SENSITIVE = [] + include Aws::Structure + end + + # A record of a presented X509 credential to [CreateSession][1]. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # + # @!attribute [rw] enabled + # Indicates whether the credential is enabled. + # @return [Boolean] + # + # @!attribute [rw] failed + # Indicates whether the [CreateSession][1] operation was successful. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Boolean] + # + # @!attribute [rw] issuer + # The fully qualified domain name of the issuing certificate for the + # presented end-entity certificate. + # @return [String] + # + # @!attribute [rw] seen_at + # The ISO-8601 time stamp of when the certificate was last used in a + # [CreateSession][1] operation. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Time] + # + # @!attribute [rw] serial_number + # The serial number of the certificate. + # @return [String] + # + # @!attribute [rw] x509_certificate_data + # The PEM-encoded data of the certificate. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/CredentialSummary AWS API Documentation + # + class CredentialSummary < Struct.new( + :enabled, + :failed, + :issuer, + :seen_at, + :serial_number, + :x509_certificate_data) + SENSITIVE = [] + include Aws::Structure + end + + # The state of the certificate revocation list (CRL) after a read or + # write operation. + # + # @!attribute [rw] created_at + # The ISO-8601 timestamp when the certificate revocation list (CRL) + # was created. + # @return [Time] + # + # @!attribute [rw] crl_arn + # The ARN of the certificate revocation list (CRL). + # @return [String] + # + # @!attribute [rw] crl_data + # The state of the certificate revocation list (CRL) after a read or + # write operation. + # @return [String] + # + # @!attribute [rw] crl_id + # The unique identifier of the certificate revocation list (CRL). + # @return [String] + # + # @!attribute [rw] enabled + # Indicates whether the certificate revocation list (CRL) is enabled. + # @return [Boolean] + # + # @!attribute [rw] name + # The name of the certificate revocation list (CRL). + # @return [String] + # + # @!attribute [rw] trust_anchor_arn + # The ARN of the TrustAnchor the certificate revocation list (CRL) + # will provide revocation for. + # @return [String] + # + # @!attribute [rw] updated_at + # The ISO-8601 timestamp when the certificate revocation list (CRL) + # was last updated. + # @return [Time] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/CrlDetail AWS API Documentation + # + class CrlDetail < Struct.new( + :created_at, + :crl_arn, + :crl_data, + :crl_id, + :enabled, + :name, + :trust_anchor_arn, + :updated_at) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] crl + # The state of the certificate revocation list (CRL) after a read or + # write operation. + # @return [Types::CrlDetail] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/CrlDetailResponse AWS API Documentation + # + class CrlDetailResponse < Struct.new( + :crl) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass ImportCrlRequest + # data as a hash: + # + # { + # crl_data: "data", # required + # enabled: false, + # name: "ResourceName", # required + # tags: [ + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # trust_anchor_arn: "TrustAnchorArn", # required + # } + # + # @!attribute [rw] crl_data + # The x509 v3 specified certificate revocation list + # @return [String] + # + # @!attribute [rw] enabled + # Specifies whether the certificate revocation list (CRL) is enabled. + # @return [Boolean] + # + # @!attribute [rw] name + # The name of the certificate revocation list (CRL). + # @return [String] + # + # @!attribute [rw] tags + # A list of tags to attach to the certificate revocation list (CRL). + # @return [Array] + # + # @!attribute [rw] trust_anchor_arn + # The ARN of the TrustAnchor the certificate revocation list (CRL) + # will provide revocation for. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ImportCrlRequest AWS API Documentation + # + class ImportCrlRequest < Struct.new( + :crl_data, + :enabled, + :name, + :tags, + :trust_anchor_arn) + SENSITIVE = [] + include Aws::Structure + end + + # A key-value pair you set that identifies a property of the + # authenticating instance. + # + # @!attribute [rw] failed + # Indicates whether the [CreateSession][1] operation was successful. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Boolean] + # + # @!attribute [rw] properties + # A list of instanceProperty objects. + # @return [Hash] + # + # @!attribute [rw] seen_at + # The ISO-8601 time stamp of when the certificate was last used in a + # [CreateSession][1] operation. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Time] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/InstanceProperty AWS API Documentation + # + class InstanceProperty < Struct.new( + :failed, + :properties, + :seen_at) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] crls + # A list of certificate revocation lists (CRL). + # @return [Array] + # + # @!attribute [rw] next_token + # A token that indicates where the output should continue from, if a + # previous operation did not show all results. To get the next + # results, call the operation again with this value. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListCrlsResponse AWS API Documentation + # + class ListCrlsResponse < Struct.new( + :crls, + :next_token) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] next_token + # A token that indicates where the output should continue from, if a + # previous operation did not show all results. To get the next + # results, call the operation again with this value. + # @return [String] + # + # @!attribute [rw] profiles + # A list of profiles. + # @return [Array] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListProfilesResponse AWS API Documentation + # + class ListProfilesResponse < Struct.new( + :next_token, + :profiles) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass ListRequest + # data as a hash: + # + # { + # next_token: "ListRequestNextTokenString", + # page_size: 1, + # } + # + # @!attribute [rw] next_token + # A token that indicates where the output should continue from, if a + # previous operation did not show all results. To get the next + # results, call the operation again with this value. + # @return [String] + # + # @!attribute [rw] page_size + # The number of resources in the paginated list. + # @return [Integer] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListRequest AWS API Documentation + # + class ListRequest < Struct.new( + :next_token, + :page_size) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] next_token + # A token that indicates where the output should continue from, if a + # previous operation did not show all results. To get the next + # results, call the operation again with this value. + # @return [String] + # + # @!attribute [rw] subjects + # A list of subjects. + # @return [Array] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListSubjectsResponse AWS API Documentation + # + class ListSubjectsResponse < Struct.new( + :next_token, + :subjects) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass ListTagsForResourceRequest + # data as a hash: + # + # { + # resource_arn: "AmazonResourceName", # required + # } + # + # @!attribute [rw] resource_arn + # The ARN of the resource. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListTagsForResourceRequest AWS API Documentation + # + class ListTagsForResourceRequest < Struct.new( + :resource_arn) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] tags + # A list of tags attached to the resource. + # @return [Array] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListTagsForResourceResponse AWS API Documentation + # + class ListTagsForResourceResponse < Struct.new( + :tags) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] next_token + # A token that indicates where the output should continue from, if a + # previous operation did not show all results. To get the next + # results, call the operation again with this value. + # @return [String] + # + # @!attribute [rw] trust_anchors + # A list of trust anchors. + # @return [Array] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListTrustAnchorsResponse AWS API Documentation + # + class ListTrustAnchorsResponse < Struct.new( + :next_token, + :trust_anchors) + SENSITIVE = [] + include Aws::Structure + end + + # The state of the profile after a read or write operation. + # + # @!attribute [rw] created_at + # The ISO-8601 timestamp when the profile was created. + # @return [Time] + # + # @!attribute [rw] created_by + # The Amazon Web Services account that created the profile. + # @return [String] + # + # @!attribute [rw] duration_seconds + # The number of seconds the vended session credentials are valid for. + # @return [Integer] + # + # @!attribute [rw] enabled + # Indicates whether the profile is enabled. + # @return [Boolean] + # + # @!attribute [rw] managed_policy_arns + # A list of managed policy ARNs that apply to the vended session + # credentials. + # @return [Array] + # + # @!attribute [rw] name + # The name of the profile. + # @return [String] + # + # @!attribute [rw] profile_arn + # The ARN of the profile. + # @return [String] + # + # @!attribute [rw] profile_id + # The unique identifier of the profile. + # @return [String] + # + # @!attribute [rw] require_instance_properties + # Specifies whether instance properties are required in + # [CreateSession][1] requests with this profile. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Boolean] + # + # @!attribute [rw] role_arns + # A list of IAM roles that this profile can assume in a + # [CreateSession][1] operation. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Array] + # + # @!attribute [rw] session_policy + # A session policy that applies to the trust boundary of the vended + # session credentials. + # @return [String] + # + # @!attribute [rw] updated_at + # The ISO-8601 timestamp when the profile was last updated. + # @return [Time] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ProfileDetail AWS API Documentation + # + class ProfileDetail < Struct.new( + :created_at, + :created_by, + :duration_seconds, + :enabled, + :managed_policy_arns, + :name, + :profile_arn, + :profile_id, + :require_instance_properties, + :role_arns, + :session_policy, + :updated_at) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] profile + # The state of the profile after a read or write operation. + # @return [Types::ProfileDetail] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ProfileDetailResponse AWS API Documentation + # + class ProfileDetailResponse < Struct.new( + :profile) + SENSITIVE = [] + include Aws::Structure + end + + # The resource could not be found. + # + # @!attribute [rw] message + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ResourceNotFoundException AWS API Documentation + # + class ResourceNotFoundException < Struct.new( + :message) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass ScalarCrlRequest + # data as a hash: + # + # { + # crl_id: "Uuid", # required + # } + # + # @!attribute [rw] crl_id + # The unique identifier of the certificate revocation list (CRL). + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ScalarCrlRequest AWS API Documentation + # + class ScalarCrlRequest < Struct.new( + :crl_id) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass ScalarProfileRequest + # data as a hash: + # + # { + # profile_id: "Uuid", # required + # } + # + # @!attribute [rw] profile_id + # The unique identifier of the profile. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ScalarProfileRequest AWS API Documentation + # + class ScalarProfileRequest < Struct.new( + :profile_id) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass ScalarSubjectRequest + # data as a hash: + # + # { + # subject_id: "Uuid", # required + # } + # + # @!attribute [rw] subject_id + # The unique identifier of the subject. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ScalarSubjectRequest AWS API Documentation + # + class ScalarSubjectRequest < Struct.new( + :subject_id) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass ScalarTrustAnchorRequest + # data as a hash: + # + # { + # trust_anchor_id: "Uuid", # required + # } + # + # @!attribute [rw] trust_anchor_id + # The unique identifier of the trust anchor. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ScalarTrustAnchorRequest AWS API Documentation + # + class ScalarTrustAnchorRequest < Struct.new( + :trust_anchor_id) + SENSITIVE = [] + include Aws::Structure + end + + # The trust anchor type and its related certificate data. + # + # @note When making an API call, you may pass Source + # data as a hash: + # + # { + # source_data: { + # acm_pca_arn: "String", + # x509_certificate_data: "String", + # }, + # source_type: "AWS_ACM_PCA", # accepts AWS_ACM_PCA, CERTIFICATE_BUNDLE, SELF_SIGNED_REPOSITORY + # } + # + # @!attribute [rw] source_data + # The data field of the trust anchor depending on its type. + # @return [Types::SourceData] + # + # @!attribute [rw] source_type + # The type of the trust anchor. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/Source AWS API Documentation + # + class Source < Struct.new( + :source_data, + :source_type) + SENSITIVE = [] + include Aws::Structure + end + + # The data field of the trust anchor depending on its type. + # + # @note SourceData is a union - when making an API calls you must set exactly one of the members. + # + # @note SourceData is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of SourceData corresponding to the set member. + # + # @!attribute [rw] acm_pca_arn + # The root certificate of the Certificate Manager Private Certificate + # Authority specified by this ARN is used in trust validation for + # [CreateSession][1] operations. Included for trust anchors of type + # `AWS_ACM_PCA`. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [String] + # + # @!attribute [rw] x509_certificate_data + # The PEM-encoded data for the certificate anchor. Included for trust + # anchors of type `CERTIFICATE_BUNDLE`. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/SourceData AWS API Documentation + # + class SourceData < Struct.new( + :acm_pca_arn, + :x509_certificate_data, + :unknown) + SENSITIVE = [] + include Aws::Structure + include Aws::Structure::Union + + class AcmPcaArn < SourceData; end + class X509CertificateData < SourceData; end + class Unknown < SourceData; end + end + + # The state of the subject after a read or write operation. + # + # @!attribute [rw] created_at + # The ISO-8601 timestamp when the subject was created. + # @return [Time] + # + # @!attribute [rw] credentials + # The temporary session credentials vended at the last authenticating + # call with this Subject. + # @return [Array] + # + # @!attribute [rw] enabled + # The enabled status of the subject. + # @return [Boolean] + # + # @!attribute [rw] instance_properties + # The specified instance properties associated with the request. + # @return [Array] + # + # @!attribute [rw] last_seen_at + # The ISO-8601 timestamp of the last time this Subject requested + # temporary session credentials. + # @return [Time] + # + # @!attribute [rw] subject_arn + # The ARN of the resource. + # @return [String] + # + # @!attribute [rw] subject_id + # The id of the resource + # @return [String] + # + # @!attribute [rw] updated_at + # The ISO-8601 timestamp when the subject was last updated. + # @return [Time] + # + # @!attribute [rw] x509_subject + # The x509 principal identifier of the authenticating certificate. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/SubjectDetail AWS API Documentation + # + class SubjectDetail < Struct.new( + :created_at, + :credentials, + :enabled, + :instance_properties, + :last_seen_at, + :subject_arn, + :subject_id, + :updated_at, + :x509_subject) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] subject + # The state of the subject after a read or write operation. + # @return [Types::SubjectDetail] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/SubjectDetailResponse AWS API Documentation + # + class SubjectDetailResponse < Struct.new( + :subject) + SENSITIVE = [] + include Aws::Structure + end + + # A summary representation of Subject resources returned in read + # operations; primarily ListSubjects. + # + # @!attribute [rw] created_at + # The ISO-8601 time stamp of when the certificate was first used in a + # [CreateSession][1] operation. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Time] + # + # @!attribute [rw] enabled + # The enabled status of the Subject. + # @return [Boolean] + # + # @!attribute [rw] last_seen_at + # The ISO-8601 time stamp of when the certificate was last used in a + # [CreateSession][1] operation. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Time] + # + # @!attribute [rw] subject_arn + # The ARN of the resource. + # @return [String] + # + # @!attribute [rw] subject_id + # The id of the resource. + # @return [String] + # + # @!attribute [rw] updated_at + # The ISO-8601 timestamp when the subject was last updated. + # @return [Time] + # + # @!attribute [rw] x509_subject + # The x509 principal identifier of the authenticating certificate. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/SubjectSummary AWS API Documentation + # + class SubjectSummary < Struct.new( + :created_at, + :enabled, + :last_seen_at, + :subject_arn, + :subject_id, + :updated_at, + :x509_subject) + SENSITIVE = [] + include Aws::Structure + end + + # A label that consists of a key and value you define. + # + # @note When making an API call, you may pass Tag + # data as a hash: + # + # { + # key: "TagKey", # required + # value: "TagValue", # required + # } + # + # @!attribute [rw] key + # The tag key. + # @return [String] + # + # @!attribute [rw] value + # The tag value. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/Tag AWS API Documentation + # + class Tag < Struct.new( + :key, + :value) + SENSITIVE = [:key, :value] + include Aws::Structure + end + + # @note When making an API call, you may pass TagResourceRequest + # data as a hash: + # + # { + # resource_arn: "AmazonResourceName", # required + # tags: [ # required + # { + # key: "TagKey", # required + # value: "TagValue", # required + # }, + # ], + # } + # + # @!attribute [rw] resource_arn + # The ARN of the resource. + # @return [String] + # + # @!attribute [rw] tags + # The tags to attach to the resource. + # @return [Array] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/TagResourceRequest AWS API Documentation + # + class TagResourceRequest < Struct.new( + :resource_arn, + :tags) + SENSITIVE = [] + include Aws::Structure + end + + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/TagResourceResponse AWS API Documentation + # + class TagResourceResponse < Aws::EmptyStructure; end + + # Too many tags. + # + # @!attribute [rw] message + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/TooManyTagsException AWS API Documentation + # + class TooManyTagsException < Struct.new( + :message) + SENSITIVE = [] + include Aws::Structure + end + + # The state of the trust anchor after a read or write operation. + # + # @!attribute [rw] created_at + # The ISO-8601 timestamp when the trust anchor was created. + # @return [Time] + # + # @!attribute [rw] enabled + # Indicates whether the trust anchor is enabled. + # @return [Boolean] + # + # @!attribute [rw] name + # The name of the trust anchor. + # @return [String] + # + # @!attribute [rw] source + # The trust anchor type and its related certificate data. + # @return [Types::Source] + # + # @!attribute [rw] trust_anchor_arn + # The ARN of the trust anchor. + # @return [String] + # + # @!attribute [rw] trust_anchor_id + # The unique identifier of the trust anchor. + # @return [String] + # + # @!attribute [rw] updated_at + # The ISO-8601 timestamp when the trust anchor was last updated. + # @return [Time] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/TrustAnchorDetail AWS API Documentation + # + class TrustAnchorDetail < Struct.new( + :created_at, + :enabled, + :name, + :source, + :trust_anchor_arn, + :trust_anchor_id, + :updated_at) + SENSITIVE = [] + include Aws::Structure + end + + # @!attribute [rw] trust_anchor + # The state of the trust anchor after a read or write operation. + # @return [Types::TrustAnchorDetail] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/TrustAnchorDetailResponse AWS API Documentation + # + class TrustAnchorDetailResponse < Struct.new( + :trust_anchor) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass UntagResourceRequest + # data as a hash: + # + # { + # resource_arn: "AmazonResourceName", # required + # tag_keys: ["TagKey"], # required + # } + # + # @!attribute [rw] resource_arn + # The ARN of the resource. + # @return [String] + # + # @!attribute [rw] tag_keys + # A list of keys. Tag keys are the unique identifiers of tags. + # @return [Array] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/UntagResourceRequest AWS API Documentation + # + class UntagResourceRequest < Struct.new( + :resource_arn, + :tag_keys) + SENSITIVE = [] + include Aws::Structure + end + + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/UntagResourceResponse AWS API Documentation + # + class UntagResourceResponse < Aws::EmptyStructure; end + + # @note When making an API call, you may pass UpdateCrlRequest + # data as a hash: + # + # { + # crl_data: "data", + # crl_id: "Uuid", # required + # name: "ResourceName", + # } + # + # @!attribute [rw] crl_data + # The x509 v3 specified certificate revocation list + # @return [String] + # + # @!attribute [rw] crl_id + # The unique identifier of the certificate revocation list (CRL). + # @return [String] + # + # @!attribute [rw] name + # The name of the Crl. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/UpdateCrlRequest AWS API Documentation + # + class UpdateCrlRequest < Struct.new( + :crl_data, + :crl_id, + :name) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass UpdateProfileRequest + # data as a hash: + # + # { + # duration_seconds: 1, + # managed_policy_arns: ["ManagedPolicyListMemberString"], + # name: "ResourceName", + # profile_id: "Uuid", # required + # role_arns: ["RoleArn"], + # session_policy: "UpdateProfileRequestSessionPolicyString", + # } + # + # @!attribute [rw] duration_seconds + # The number of seconds the vended session credentials are valid for. + # @return [Integer] + # + # @!attribute [rw] managed_policy_arns + # A list of managed policy ARNs that apply to the vended session + # credentials. + # @return [Array] + # + # @!attribute [rw] name + # The name of the profile. + # @return [String] + # + # @!attribute [rw] profile_id + # The unique identifier of the profile. + # @return [String] + # + # @!attribute [rw] role_arns + # A list of IAM roles that this profile can assume in a + # [CreateSession][1] operation. + # + # + # + # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html + # @return [Array] + # + # @!attribute [rw] session_policy + # A session policy that applies to the trust boundary of the vended + # session credentials. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/UpdateProfileRequest AWS API Documentation + # + class UpdateProfileRequest < Struct.new( + :duration_seconds, + :managed_policy_arns, + :name, + :profile_id, + :role_arns, + :session_policy) + SENSITIVE = [] + include Aws::Structure + end + + # @note When making an API call, you may pass UpdateTrustAnchorRequest + # data as a hash: + # + # { + # name: "ResourceName", + # source: { + # source_data: { + # acm_pca_arn: "String", + # x509_certificate_data: "String", + # }, + # source_type: "AWS_ACM_PCA", # accepts AWS_ACM_PCA, CERTIFICATE_BUNDLE, SELF_SIGNED_REPOSITORY + # }, + # trust_anchor_id: "Uuid", # required + # } + # + # @!attribute [rw] name + # The name of the trust anchor. + # @return [String] + # + # @!attribute [rw] source + # The trust anchor type and its related certificate data. + # @return [Types::Source] + # + # @!attribute [rw] trust_anchor_id + # The unique identifier of the trust anchor. + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/UpdateTrustAnchorRequest AWS API Documentation + # + class UpdateTrustAnchorRequest < Struct.new( + :name, + :source, + :trust_anchor_id) + SENSITIVE = [] + include Aws::Structure + end + + # Validation exception error. + # + # @!attribute [rw] message + # @return [String] + # + # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ValidationException AWS API Documentation + # + class ValidationException < Struct.new( + :message) + SENSITIVE = [] + include Aws::Structure + end + + end +end diff --git a/gems/aws-sdk-rolesanywhere/spec/spec_helper.rb b/gems/aws-sdk-rolesanywhere/spec/spec_helper.rb new file mode 100644 index 00000000000..584fa1bc723 --- /dev/null +++ b/gems/aws-sdk-rolesanywhere/spec/spec_helper.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +# WARNING ABOUT GENERATED CODE +# +# This file is generated. See the contributing guide for more information: +# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md +# +# WARNING ABOUT GENERATED CODE + +require_relative '../../aws-sdk-core/spec/shared_spec_helper' + +$:.unshift(File.expand_path('../../lib', __FILE__)) +$:.unshift(File.expand_path('../../../aws-sdk-core/lib', __FILE__)) +$:.unshift(File.expand_path('../../../aws-sigv4/lib', __FILE__)) + +require 'rspec' +require 'webmock/rspec' +require 'aws-sdk-rolesanywhere' diff --git a/gems/aws-sdk-ssmincidents/CHANGELOG.md b/gems/aws-sdk-ssmincidents/CHANGELOG.md index 366739ff05e..8a3e28f26fe 100644 --- a/gems/aws-sdk-ssmincidents/CHANGELOG.md +++ b/gems/aws-sdk-ssmincidents/CHANGELOG.md @@ -1,6 +1,11 @@ Unreleased Changes ------------------ +1.15.0 (2022-07-05) +------------------ + +* Feature - Adds support for tagging incident-record on creation by providing incident tags in the template within a response-plan. + 1.14.0 (2022-05-12) ------------------ diff --git a/gems/aws-sdk-ssmincidents/VERSION b/gems/aws-sdk-ssmincidents/VERSION index 850e742404b..141f2e805be 100644 --- a/gems/aws-sdk-ssmincidents/VERSION +++ b/gems/aws-sdk-ssmincidents/VERSION @@ -1 +1 @@ -1.14.0 +1.15.0 diff --git a/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents.rb b/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents.rb index 6b1828991c0..8c40c4a7d66 100644 --- a/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents.rb +++ b/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents.rb @@ -49,6 +49,6 @@ # @!group service module Aws::SSMIncidents - GEM_VERSION = '1.14.0' + GEM_VERSION = '1.15.0' end diff --git a/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/client.rb b/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/client.rb index b90db756a6d..7843c5f63ce 100644 --- a/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/client.rb +++ b/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/client.rb @@ -464,6 +464,9 @@ def create_replication_set(params = {}, options = {}) # incident_template: { # required # dedupe_string: "DedupeString", # impact: 1, # required + # incident_tags: { + # "TagKey" => "TagValue", + # }, # notification_targets: [ # { # sns_topic_arn: "Arn", @@ -854,6 +857,8 @@ def get_resource_policies(params = {}, options = {}) # resp.engagements[0] #=> String # resp.incident_template.dedupe_string #=> String # resp.incident_template.impact #=> Integer + # resp.incident_template.incident_tags #=> Hash + # resp.incident_template.incident_tags["TagKey"] #=> String # resp.incident_template.notification_targets #=> Array # resp.incident_template.notification_targets[0].sns_topic_arn #=> String # resp.incident_template.summary #=> String @@ -1706,6 +1711,11 @@ def update_replication_set(params = {}, options = {}) # A brief summary of the incident. This typically contains what has # happened, what's currently happening, and next steps. # + # @option params [Hash] :incident_template_tags + # Tags to apply to an incident when calling the `StartIncident` API + # action. To call this action, you must also have permission to call the + # `TagResource` API action for the incident record resource. + # # @option params [String] :incident_template_title # The short format name of the incident. The title can't contain # spaces. @@ -1750,6 +1760,9 @@ def update_replication_set(params = {}, options = {}) # }, # ], # incident_template_summary: "IncidentSummary", + # incident_template_tags: { + # "TagKey" => "TagValue", + # }, # incident_template_title: "IncidentTitle", # }) # @@ -1824,7 +1837,7 @@ def build_request(operation_name, params = {}) params: params, config: config) context[:gem_name] = 'aws-sdk-ssmincidents' - context[:gem_version] = '1.14.0' + context[:gem_version] = '1.15.0' Seahorse::Client::Request.new(handlers, context) end diff --git a/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/client_api.rb b/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/client_api.rb index 297d56ceddd..33af32708f9 100644 --- a/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/client_api.rb +++ b/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/client_api.rb @@ -150,6 +150,7 @@ module ClientApi TagKey = Shapes::StringShape.new(name: 'TagKey') TagKeyList = Shapes::ListShape.new(name: 'TagKeyList') TagMap = Shapes::MapShape.new(name: 'TagMap') + TagMapUpdate = Shapes::MapShape.new(name: 'TagMapUpdate') TagResourceRequest = Shapes::StructureShape.new(name: 'TagResourceRequest') TagResourceResponse = Shapes::StructureShape.new(name: 'TagResourceResponse') TagValue = Shapes::StringShape.new(name: 'TagValue') @@ -401,6 +402,7 @@ module ClientApi IncidentTemplate.add_member(:dedupe_string, Shapes::ShapeRef.new(shape: DedupeString, location_name: "dedupeString")) IncidentTemplate.add_member(:impact, Shapes::ShapeRef.new(shape: Impact, required: true, location_name: "impact")) + IncidentTemplate.add_member(:incident_tags, Shapes::ShapeRef.new(shape: TagMap, location_name: "incidentTags")) IncidentTemplate.add_member(:notification_targets, Shapes::ShapeRef.new(shape: NotificationTargetSet, location_name: "notificationTargets")) IncidentTemplate.add_member(:summary, Shapes::ShapeRef.new(shape: IncidentSummary, location_name: "summary")) IncidentTemplate.add_member(:title, Shapes::ShapeRef.new(shape: IncidentTitle, required: true, location_name: "title")) @@ -590,6 +592,9 @@ module ClientApi TagMap.key = Shapes::ShapeRef.new(shape: TagKey) TagMap.value = Shapes::ShapeRef.new(shape: TagValue) + TagMapUpdate.key = Shapes::ShapeRef.new(shape: TagKey) + TagMapUpdate.value = Shapes::ShapeRef.new(shape: TagValue) + TagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "resourceArn")) TagResourceRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagMap, required: true, location_name: "tags")) TagResourceRequest.struct_class = Types::TagResourceRequest @@ -674,6 +679,7 @@ module ClientApi UpdateResponsePlanInput.add_member(:incident_template_impact, Shapes::ShapeRef.new(shape: Impact, location_name: "incidentTemplateImpact")) UpdateResponsePlanInput.add_member(:incident_template_notification_targets, Shapes::ShapeRef.new(shape: NotificationTargetSet, location_name: "incidentTemplateNotificationTargets")) UpdateResponsePlanInput.add_member(:incident_template_summary, Shapes::ShapeRef.new(shape: IncidentSummary, location_name: "incidentTemplateSummary")) + UpdateResponsePlanInput.add_member(:incident_template_tags, Shapes::ShapeRef.new(shape: TagMapUpdate, location_name: "incidentTemplateTags")) UpdateResponsePlanInput.add_member(:incident_template_title, Shapes::ShapeRef.new(shape: IncidentTitle, location_name: "incidentTemplateTitle")) UpdateResponsePlanInput.struct_class = Types::UpdateResponsePlanInput diff --git a/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/types.rb b/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/types.rb index 782f6aec18c..d6e0d40be19 100644 --- a/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/types.rb +++ b/gems/aws-sdk-ssmincidents/lib/aws-sdk-ssmincidents/types.rb @@ -302,6 +302,9 @@ class CreateReplicationSetOutput < Struct.new( # incident_template: { # required # dedupe_string: "DedupeString", # impact: 1, # required + # incident_tags: { + # "TagKey" => "TagValue", + # }, # notification_targets: [ # { # sns_topic_arn: "Arn", @@ -1094,6 +1097,9 @@ class IncidentRecordSummary < Struct.new( # { # dedupe_string: "DedupeString", # impact: 1, # required + # incident_tags: { + # "TagKey" => "TagValue", + # }, # notification_targets: [ # { # sns_topic_arn: "Arn", @@ -1112,6 +1118,11 @@ class IncidentRecordSummary < Struct.new( # The impact of the incident on your customers and applications. # @return [Integer] # + # @!attribute [rw] incident_tags + # Tags to apply to an incident when calling the `StartIncident` API + # action. + # @return [Hash] + # # @!attribute [rw] notification_targets # The Amazon SNS targets that are notified when updates are made to an # incident. @@ -1131,6 +1142,7 @@ class IncidentRecordSummary < Struct.new( class IncidentTemplate < Struct.new( :dedupe_string, :impact, + :incident_tags, :notification_targets, :summary, :title) @@ -2557,6 +2569,9 @@ class UpdateReplicationSetOutput < Aws::EmptyStructure; end # }, # ], # incident_template_summary: "IncidentSummary", + # incident_template_tags: { + # "TagKey" => "TagValue", + # }, # incident_template_title: "IncidentTitle", # } # @@ -2626,6 +2641,12 @@ class UpdateReplicationSetOutput < Aws::EmptyStructure; end # happened, what's currently happening, and next steps. # @return [String] # + # @!attribute [rw] incident_template_tags + # Tags to apply to an incident when calling the `StartIncident` API + # action. To call this action, you must also have permission to call + # the `TagResource` API action for the incident record resource. + # @return [Hash] + # # @!attribute [rw] incident_template_title # The short format name of the incident. The title can't contain # spaces. @@ -2644,6 +2665,7 @@ class UpdateResponsePlanInput < Struct.new( :incident_template_impact, :incident_template_notification_targets, :incident_template_summary, + :incident_template_tags, :incident_template_title) SENSITIVE = [] include Aws::Structure diff --git a/services.json b/services.json index d2a2020c80f..df7e3d88bbf 100644 --- a/services.json +++ b/services.json @@ -805,6 +805,9 @@ "RoboMaker": { "models": "robomaker/2018-06-29" }, + "RolesAnywhere": { + "models": "rolesanywhere/2018-05-10" + }, "Route53": { "models": "route53/2013-04-01", "addPlugins": [