From 92025c1345bb150afbd8e5acd1ed904d281f5d1a Mon Sep 17 00:00:00 2001 From: AWS SDK for Ruby Date: Thu, 13 Aug 2020 18:04:39 +0000 Subject: [PATCH] Updated service API models for release. --- CHANGELOG.md | 14 + README.md | 7 +- .../apis/appsync/2017-07-25/docs-2.json | 6 +- .../apis/braket/2019-09-01/api-2.json | 584 ++++++++++++++++++ .../apis/braket/2019-09-01/docs-2.json | 336 ++++++++++ .../apis/braket/2019-09-01/examples-1.json | 5 + .../apis/braket/2019-09-01/paginators-1.json | 16 + .../apis/cognito-idp/2016-04-18/api-2.json | 39 +- .../apis/cognito-idp/2016-04-18/docs-2.json | 110 ++-- aws-sdk-core/apis/ec2/2016-11-15/api-2.json | 8 +- aws-sdk-core/apis/ec2/2016-11-15/docs-2.json | 3 + aws-sdk-core/apis/eks/2017-11-01/api-2.json | 14 +- aws-sdk-core/apis/eks/2017-11-01/docs-2.json | 55 +- .../apis/macie2/2020-01-01/docs-2.json | 28 +- aws-sdk-core/apis/rds/2014-10-31/api-2.json | 14 +- aws-sdk-core/apis/rds/2014-10-31/docs-2.json | 66 +- aws-sdk-core/lib/aws-sdk-core.rb | 1 + aws-sdk-core/lib/aws-sdk-core/braket.rb | 6 + aws-sdk-core/service-models.json | 4 + 19 files changed, 1201 insertions(+), 115 deletions(-) create mode 100644 aws-sdk-core/apis/braket/2019-09-01/api-2.json create mode 100644 aws-sdk-core/apis/braket/2019-09-01/docs-2.json create mode 100644 aws-sdk-core/apis/braket/2019-09-01/examples-1.json create mode 100644 aws-sdk-core/apis/braket/2019-09-01/paginators-1.json create mode 100644 aws-sdk-core/lib/aws-sdk-core/braket.rb diff --git a/CHANGELOG.md b/CHANGELOG.md index d216b5b1e46..54dcfb82a4e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,20 @@ Unreleased Changes ------------------ +* Feature - Aws::AppSync - Updated the documentation for AWS AppSync. + +* Feature - Aws::CognitoIdentityProvider - Updated the API, and documentation for Amazon Cognito Identity Provider. + +* Feature - Aws::EC2 - Updated the API, and documentation for Amazon Elastic Compute Cloud. + +* Feature - Aws::EKS - Updated the API, and documentation for Amazon Elastic Kubernetes Service. + +* Feature - Aws::Macie2 - Updated the documentation for Amazon Macie 2. + +* Feature - Aws::RDS - Updated the API, and documentation for Amazon Relational Database Service. + +* Feature - Aws::Braket - Added support for a new service, Braket. + 2.11.565 (2020-08-12) ------------------ diff --git a/README.md b/README.md index e046417641a..4d1524d80e8 100644 --- a/README.md +++ b/README.md @@ -318,8 +318,8 @@ to be backwards compatible. | AWS IoT Things Graph | IoTThingsGraph | 2018-09-06 | | AWS Key Management Service | KMS | 2014-11-01 | | AWS Lake Formation | LakeFormation | 2017-03-31 | -| AWS Lambda | LambdaPreview | 2014-11-11 | | AWS Lambda | Lambda | 2015-03-31 | +| AWS Lambda | LambdaPreview | 2014-11-11 | | AWS License Manager | LicenseManager | 2018-08-01 | | AWS Marketplace Catalog Service | MarketplaceCatalog | 2018-09-17 | | AWS Marketplace Commerce Analytics | MarketplaceCommerceAnalytics | 2015-07-01 | @@ -418,8 +418,8 @@ to be backwards compatible. | Amazon Inspector | Inspector | 2016-02-16 | | Amazon Interactive Video Service | IVS | 2020-07-14 | | Amazon Kinesis | Kinesis | 2013-12-02 | -| Amazon Kinesis Analytics | KinesisAnalytics | 2015-08-14 | | Amazon Kinesis Analytics | KinesisAnalyticsV2 | 2018-05-23 | +| Amazon Kinesis Analytics | KinesisAnalytics | 2015-08-14 | | Amazon Kinesis Firehose | Firehose | 2015-08-04 | | Amazon Kinesis Video Signaling Channels | KinesisVideoSignalingChannels | 2019-12-04 | | Amazon Kinesis Video Streams | KinesisVideo | 2017-09-30 | @@ -452,8 +452,8 @@ to be backwards compatible. | Amazon Route 53 Resolver | Route53Resolver | 2018-04-01 | | Amazon SageMaker Runtime | SageMakerRuntime | 2017-05-13 | | Amazon SageMaker Service | SageMaker | 2017-07-24 | -| Amazon Simple Email Service | SES | 2010-12-01 | | Amazon Simple Email Service | SESV2 | 2019-09-27 | +| Amazon Simple Email Service | SES | 2010-12-01 | | Amazon Simple Notification Service | SNS | 2010-03-31 | | Amazon Simple Queue Service | SQS | 2012-11-05 | | Amazon Simple Storage Service | S3 | 2006-03-01 | @@ -473,6 +473,7 @@ to be backwards compatible. | AmazonMQ | MQ | 2017-11-27 | | Application Auto Scaling | ApplicationAutoScaling | 2016-02-06 | | Auto Scaling | AutoScaling | 2011-01-01 | +| Braket | Braket | 2019-09-01 | | CodeArtifact | CodeArtifact | 2018-09-22 | | EC2 Image Builder | Imagebuilder | 2019-12-02 | | Elastic Load Balancing | ElasticLoadBalancing | 2012-06-01 | diff --git a/aws-sdk-core/apis/appsync/2017-07-25/docs-2.json b/aws-sdk-core/apis/appsync/2017-07-25/docs-2.json index 732a952ba39..2fc1d989f4e 100644 --- a/aws-sdk-core/apis/appsync/2017-07-25/docs-2.json +++ b/aws-sdk-core/apis/appsync/2017-07-25/docs-2.json @@ -194,7 +194,7 @@ "CachingKeys": { "base": null, "refs": { - "CachingConfig$cachingKeys": "

The caching keys for a resolver that has caching enabled.

Valid values are entries from the $context.identity and $context.arguments maps.

" + "CachingConfig$cachingKeys": "

The caching keys for a resolver that has caching enabled.

Valid values are entries from the $context.arguments, $context.source, and $context.identity maps.

" } }, "CognitoUserPoolConfig": { @@ -703,7 +703,7 @@ "refs": { "CreateFunctionRequest$requestMappingTemplate": "

The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.

", "CreateFunctionRequest$responseMappingTemplate": "

The Function response mapping template.

", - "CreateResolverRequest$requestMappingTemplate": "

The mapping template to be used for requests.

A resolver uses a request mapping template to convert a GraphQL expression into a format that a data source can understand. Mapping templates are written in Apache Velocity Template Language (VTL).

", + "CreateResolverRequest$requestMappingTemplate": "

The mapping template to be used for requests.

A resolver uses a request mapping template to convert a GraphQL expression into a format that a data source can understand. Mapping templates are written in Apache Velocity Template Language (VTL).

VTL request mapping templates are optional when using a Lambda data source. For all other data sources, VTL request and response mapping templates are required.

", "CreateResolverRequest$responseMappingTemplate": "

The mapping template to be used for responses from the data source.

", "FunctionConfiguration$requestMappingTemplate": "

The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.

", "FunctionConfiguration$responseMappingTemplate": "

The Function response mapping template.

", @@ -711,7 +711,7 @@ "Resolver$responseMappingTemplate": "

The response mapping template.

", "UpdateFunctionRequest$requestMappingTemplate": "

The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.

", "UpdateFunctionRequest$responseMappingTemplate": "

The Function request mapping template.

", - "UpdateResolverRequest$requestMappingTemplate": "

The new request mapping template.

", + "UpdateResolverRequest$requestMappingTemplate": "

The new request mapping template.

A resolver uses a request mapping template to convert a GraphQL expression into a format that a data source can understand. Mapping templates are written in Apache Velocity Template Language (VTL).

VTL request mapping templates are optional when using a Lambda data source. For all other data sources, VTL request and response mapping templates are required.

", "UpdateResolverRequest$responseMappingTemplate": "

The new response mapping template.

" } }, diff --git a/aws-sdk-core/apis/braket/2019-09-01/api-2.json b/aws-sdk-core/apis/braket/2019-09-01/api-2.json new file mode 100644 index 00000000000..7662bba8c01 --- /dev/null +++ b/aws-sdk-core/apis/braket/2019-09-01/api-2.json @@ -0,0 +1,584 @@ +{ + "version":"2.0", + "metadata":{ + "apiVersion":"2019-09-01", + "endpointPrefix":"braket", + "jsonVersion":"1.1", + "protocol":"rest-json", + "serviceFullName":"Braket", + "serviceId":"Braket", + "signatureVersion":"v4", + "signingName":"braket", + "uid":"braket-2019-09-01" + }, + "operations":{ + "CancelQuantumTask":{ + "name":"CancelQuantumTask", + "http":{ + "method":"PUT", + "requestUri":"/quantum-task/{quantumTaskArn}/cancel", + "responseCode":200 + }, + "input":{"shape":"CancelQuantumTaskRequest"}, + "output":{"shape":"CancelQuantumTaskResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"}, + {"shape":"ValidationException"} + ], + "idempotent":true + }, + "CreateQuantumTask":{ + "name":"CreateQuantumTask", + "http":{ + "method":"POST", + "requestUri":"/quantum-task", + "responseCode":201 + }, + "input":{"shape":"CreateQuantumTaskRequest"}, + "output":{"shape":"CreateQuantumTaskResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"DeviceOfflineException"}, + {"shape":"InternalServiceException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"ValidationException"} + ] + }, + "GetDevice":{ + "name":"GetDevice", + "http":{ + "method":"GET", + "requestUri":"/device/{deviceArn}", + "responseCode":200 + }, + "input":{"shape":"GetDeviceRequest"}, + "output":{"shape":"GetDeviceResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"}, + {"shape":"ValidationException"} + ] + }, + "GetQuantumTask":{ + "name":"GetQuantumTask", + "http":{ + "method":"GET", + "requestUri":"/quantum-task/{quantumTaskArn}", + "responseCode":200 + }, + "input":{"shape":"GetQuantumTaskRequest"}, + "output":{"shape":"GetQuantumTaskResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"}, + {"shape":"ValidationException"} + ] + }, + "SearchDevices":{ + "name":"SearchDevices", + "http":{ + "method":"POST", + "requestUri":"/devices", + "responseCode":200 + }, + "input":{"shape":"SearchDevicesRequest"}, + "output":{"shape":"SearchDevicesResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"}, + {"shape":"ValidationException"} + ] + }, + "SearchQuantumTasks":{ + "name":"SearchQuantumTasks", + "http":{ + "method":"POST", + "requestUri":"/quantum-tasks", + "responseCode":200 + }, + "input":{"shape":"SearchQuantumTasksRequest"}, + "output":{"shape":"SearchQuantumTasksResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"}, + {"shape":"ValidationException"} + ] + } + }, + "shapes":{ + "AccessDeniedException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":403, + "senderFault":true + }, + "exception":true + }, + "CancelQuantumTaskRequest":{ + "type":"structure", + "required":[ + "clientToken", + "quantumTaskArn" + ], + "members":{ + "clientToken":{ + "shape":"String64", + "idempotencyToken":true + }, + "quantumTaskArn":{ + "shape":"QuantumTaskArn", + "location":"uri", + "locationName":"quantumTaskArn" + } + } + }, + "CancelQuantumTaskResponse":{ + "type":"structure", + "required":[ + "cancellationStatus", + "quantumTaskArn" + ], + "members":{ + "cancellationStatus":{"shape":"CancellationStatus"}, + "quantumTaskArn":{"shape":"QuantumTaskArn"} + } + }, + "CancellationStatus":{ + "type":"string", + "enum":[ + "CANCELLED", + "CANCELLING" + ] + }, + "ConflictException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":409, + "senderFault":true + }, + "exception":true + }, + "CreateQuantumTaskRequest":{ + "type":"structure", + "required":[ + "action", + "clientToken", + "deviceArn", + "outputS3Bucket", + "outputS3KeyPrefix", + "shots" + ], + "members":{ + "action":{ + "shape":"JsonValue", + "jsonvalue":true + }, + "clientToken":{ + "shape":"String64", + "idempotencyToken":true + }, + "deviceArn":{"shape":"DeviceArn"}, + "deviceParameters":{ + "shape":"CreateQuantumTaskRequestdeviceParametersJsonValue", + "jsonvalue":true + }, + "outputS3Bucket":{"shape":"CreateQuantumTaskRequestoutputS3BucketString"}, + "outputS3KeyPrefix":{"shape":"CreateQuantumTaskRequestoutputS3KeyPrefixString"}, + "shots":{"shape":"CreateQuantumTaskRequestshotsLong"} + } + }, + "CreateQuantumTaskRequestdeviceParametersJsonValue":{ + "type":"string", + "max":2048, + "min":1 + }, + "CreateQuantumTaskRequestoutputS3BucketString":{ + "type":"string", + "max":63, + "min":3 + }, + "CreateQuantumTaskRequestoutputS3KeyPrefixString":{ + "type":"string", + "max":1024, + "min":1 + }, + "CreateQuantumTaskRequestshotsLong":{ + "type":"long", + "box":true, + "min":0 + }, + "CreateQuantumTaskResponse":{ + "type":"structure", + "required":["quantumTaskArn"], + "members":{ + "quantumTaskArn":{"shape":"QuantumTaskArn"} + } + }, + "DeviceArn":{ + "type":"string", + "max":256, + "min":1 + }, + "DeviceOfflineException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":424, + "senderFault":true + }, + "exception":true + }, + "DeviceStatus":{ + "type":"string", + "enum":[ + "QPU", + "SIMULATOR" + ] + }, + "DeviceSummary":{ + "type":"structure", + "required":[ + "deviceArn", + "deviceName", + "deviceStatus", + "deviceType", + "providerName" + ], + "members":{ + "deviceArn":{"shape":"DeviceArn"}, + "deviceName":{"shape":"String"}, + "deviceStatus":{"shape":"DeviceStatus"}, + "deviceType":{"shape":"DeviceType"}, + "providerName":{"shape":"String"} + } + }, + "DeviceSummaryList":{ + "type":"list", + "member":{"shape":"DeviceSummary"} + }, + "DeviceType":{ + "type":"string", + "enum":[ + "OFFLINE", + "ONLINE" + ] + }, + "GetDeviceRequest":{ + "type":"structure", + "required":["deviceArn"], + "members":{ + "deviceArn":{ + "shape":"DeviceArn", + "location":"uri", + "locationName":"deviceArn" + } + } + }, + "GetDeviceResponse":{ + "type":"structure", + "required":[ + "deviceArn", + "deviceCapabilities", + "deviceName", + "deviceStatus", + "deviceType", + "providerName" + ], + "members":{ + "deviceArn":{"shape":"DeviceArn"}, + "deviceCapabilities":{ + "shape":"JsonValue", + "jsonvalue":true + }, + "deviceName":{"shape":"String"}, + "deviceStatus":{"shape":"DeviceStatus"}, + "deviceType":{"shape":"DeviceType"}, + "providerName":{"shape":"String"} + } + }, + "GetQuantumTaskRequest":{ + "type":"structure", + "required":["quantumTaskArn"], + "members":{ + "quantumTaskArn":{ + "shape":"QuantumTaskArn", + "location":"uri", + "locationName":"quantumTaskArn" + } + } + }, + "GetQuantumTaskResponse":{ + "type":"structure", + "required":[ + "createdAt", + "deviceArn", + "deviceParameters", + "outputS3Bucket", + "outputS3Directory", + "quantumTaskArn", + "shots", + "status" + ], + "members":{ + "createdAt":{"shape":"SyntheticTimestamp_date_time"}, + "deviceArn":{"shape":"DeviceArn"}, + "deviceParameters":{ + "shape":"JsonValue", + "jsonvalue":true + }, + "endedAt":{"shape":"SyntheticTimestamp_date_time"}, + "failureReason":{"shape":"String"}, + "outputS3Bucket":{"shape":"String"}, + "outputS3Directory":{"shape":"String"}, + "quantumTaskArn":{"shape":"QuantumTaskArn"}, + "shots":{"shape":"Long"}, + "status":{"shape":"QuantumTaskStatus"} + } + }, + "InternalServiceException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{"httpStatusCode":500}, + "exception":true, + "fault":true + }, + "JsonValue":{"type":"string"}, + "Long":{ + "type":"long", + "box":true + }, + "QuantumTaskArn":{ + "type":"string", + "max":256, + "min":1 + }, + "QuantumTaskStatus":{ + "type":"string", + "enum":[ + "CANCELLED", + "CANCELLING", + "COMPLETED", + "CREATED", + "FAILED", + "QUEUED", + "RUNNING" + ] + }, + "QuantumTaskSummary":{ + "type":"structure", + "required":[ + "createdAt", + "deviceArn", + "outputS3Bucket", + "outputS3Directory", + "quantumTaskArn", + "shots", + "status" + ], + "members":{ + "createdAt":{"shape":"SyntheticTimestamp_date_time"}, + "deviceArn":{"shape":"DeviceArn"}, + "endedAt":{"shape":"SyntheticTimestamp_date_time"}, + "outputS3Bucket":{"shape":"String"}, + "outputS3Directory":{"shape":"String"}, + "quantumTaskArn":{"shape":"QuantumTaskArn"}, + "shots":{"shape":"Long"}, + "status":{"shape":"QuantumTaskStatus"} + } + }, + "QuantumTaskSummaryList":{ + "type":"list", + "member":{"shape":"QuantumTaskSummary"} + }, + "ResourceNotFoundException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":404, + "senderFault":true + }, + "exception":true + }, + "SearchDevicesFilter":{ + "type":"structure", + "required":[ + "name", + "values" + ], + "members":{ + "name":{"shape":"SearchDevicesFilternameString"}, + "values":{"shape":"SearchDevicesFiltervaluesString256List"} + } + }, + "SearchDevicesFilternameString":{ + "type":"string", + "max":64, + "min":1 + }, + "SearchDevicesFiltervaluesString256List":{ + "type":"list", + "member":{"shape":"String256"}, + "max":10, + "min":1 + }, + "SearchDevicesRequest":{ + "type":"structure", + "required":["filters"], + "members":{ + "filters":{"shape":"SearchDevicesRequestfiltersSearchDevicesFilterList"}, + "maxResults":{"shape":"SearchDevicesRequestmaxResultsInteger"}, + "nextToken":{"shape":"String"} + } + }, + "SearchDevicesRequestfiltersSearchDevicesFilterList":{ + "type":"list", + "member":{"shape":"SearchDevicesFilter"}, + "max":10, + "min":0 + }, + "SearchDevicesRequestmaxResultsInteger":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "SearchDevicesResponse":{ + "type":"structure", + "required":["devices"], + "members":{ + "devices":{"shape":"DeviceSummaryList"}, + "nextToken":{"shape":"String"} + } + }, + "SearchQuantumTasksFilter":{ + "type":"structure", + "required":[ + "name", + "operator", + "values" + ], + "members":{ + "name":{"shape":"String64"}, + "operator":{"shape":"SearchQuantumTasksFilterOperator"}, + "values":{"shape":"SearchQuantumTasksFiltervaluesString256List"} + } + }, + "SearchQuantumTasksFilterOperator":{ + "type":"string", + "enum":[ + "BETWEEN", + "EQUAL", + "GT", + "GTE", + "LT", + "LTE" + ] + }, + "SearchQuantumTasksFiltervaluesString256List":{ + "type":"list", + "member":{"shape":"String256"}, + "max":10, + "min":1 + }, + "SearchQuantumTasksRequest":{ + "type":"structure", + "required":["filters"], + "members":{ + "filters":{"shape":"SearchQuantumTasksRequestfiltersSearchQuantumTasksFilterList"}, + "maxResults":{"shape":"SearchQuantumTasksRequestmaxResultsInteger"}, + "nextToken":{"shape":"String"} + } + }, + "SearchQuantumTasksRequestfiltersSearchQuantumTasksFilterList":{ + "type":"list", + "member":{"shape":"SearchQuantumTasksFilter"}, + "max":10, + "min":0 + }, + "SearchQuantumTasksRequestmaxResultsInteger":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "SearchQuantumTasksResponse":{ + "type":"structure", + "required":["quantumTasks"], + "members":{ + "nextToken":{"shape":"String"}, + "quantumTasks":{"shape":"QuantumTaskSummaryList"} + } + }, + "ServiceQuotaExceededException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":402, + "senderFault":true + }, + "exception":true + }, + "String":{"type":"string"}, + "String256":{ + "type":"string", + "max":256, + "min":1 + }, + "String64":{ + "type":"string", + "max":64, + "min":1 + }, + "SyntheticTimestamp_date_time":{ + "type":"timestamp", + "timestampFormat":"iso8601" + }, + "ThrottlingException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":429, + "senderFault":true + }, + "exception":true + }, + "ValidationException":{ + "type":"structure", + "members":{ + "message":{"shape":"String"} + }, + "error":{ + "httpStatusCode":400, + "senderFault":true + }, + "exception":true + } + } +} diff --git a/aws-sdk-core/apis/braket/2019-09-01/docs-2.json b/aws-sdk-core/apis/braket/2019-09-01/docs-2.json new file mode 100644 index 00000000000..950abd15758 --- /dev/null +++ b/aws-sdk-core/apis/braket/2019-09-01/docs-2.json @@ -0,0 +1,336 @@ +{ + "version": "2.0", + "service": "

The Amazon Braket API Reference provides information about the operations and structures supported in Amazon Braket.

", + "operations": { + "CancelQuantumTask": "

Cancels the specified task.

", + "CreateQuantumTask": "

Creates a quantum task.

", + "GetDevice": "

Retrieves the devices available in Amazon Braket.

", + "GetQuantumTask": "

Retrieves the specified quantum task.

", + "SearchDevices": "

Searches for devices using the specified filters.

", + "SearchQuantumTasks": "

Searches for tasks that match the specified filter values.

" + }, + "shapes": { + "AccessDeniedException": { + "base": "

You do not have sufficient access to perform this action.

", + "refs": { + } + }, + "CancelQuantumTaskRequest": { + "base": null, + "refs": { + } + }, + "CancelQuantumTaskResponse": { + "base": null, + "refs": { + } + }, + "CancellationStatus": { + "base": null, + "refs": { + "CancelQuantumTaskResponse$cancellationStatus": "

The status of the cancellation request.

" + } + }, + "ConflictException": { + "base": "

An error occurred due to a conflict.

", + "refs": { + } + }, + "CreateQuantumTaskRequest": { + "base": null, + "refs": { + } + }, + "CreateQuantumTaskRequestdeviceParametersJsonValue": { + "base": null, + "refs": { + "CreateQuantumTaskRequest$deviceParameters": "

The parameters for the device to run the task on.

" + } + }, + "CreateQuantumTaskRequestoutputS3BucketString": { + "base": null, + "refs": { + "CreateQuantumTaskRequest$outputS3Bucket": "

The S3 bucket to store task result files in.

" + } + }, + "CreateQuantumTaskRequestoutputS3KeyPrefixString": { + "base": null, + "refs": { + "CreateQuantumTaskRequest$outputS3KeyPrefix": "

The key prefix for the location in the S3 bucket to store task results in.

" + } + }, + "CreateQuantumTaskRequestshotsLong": { + "base": null, + "refs": { + "CreateQuantumTaskRequest$shots": "

The number of shots to use for the task.

" + } + }, + "CreateQuantumTaskResponse": { + "base": null, + "refs": { + } + }, + "DeviceArn": { + "base": null, + "refs": { + "CreateQuantumTaskRequest$deviceArn": "

The ARN of the device to run the task on.

", + "DeviceSummary$deviceArn": "

The ARN of the device.

", + "GetDeviceRequest$deviceArn": "

The ARN of the device to retrieve.

", + "GetDeviceResponse$deviceArn": "

The ARN of the device.

", + "GetQuantumTaskResponse$deviceArn": "

The ARN of the device the task was run on.

", + "QuantumTaskSummary$deviceArn": "

The ARN of the device the task ran on.

" + } + }, + "DeviceOfflineException": { + "base": "

The specified device is currently offline.

", + "refs": { + } + }, + "DeviceStatus": { + "base": null, + "refs": { + "DeviceSummary$deviceStatus": "

The status of the device.

", + "GetDeviceResponse$deviceStatus": "

The status of the device.

" + } + }, + "DeviceSummary": { + "base": "

Includes information about the device.

", + "refs": { + "DeviceSummaryList$member": null + } + }, + "DeviceSummaryList": { + "base": null, + "refs": { + "SearchDevicesResponse$devices": "

An array of DeviceSummary objects for devices that match the specified filter values.

" + } + }, + "DeviceType": { + "base": null, + "refs": { + "DeviceSummary$deviceType": "

The type of the device.

", + "GetDeviceResponse$deviceType": "

The type of the device.

" + } + }, + "GetDeviceRequest": { + "base": null, + "refs": { + } + }, + "GetDeviceResponse": { + "base": null, + "refs": { + } + }, + "GetQuantumTaskRequest": { + "base": null, + "refs": { + } + }, + "GetQuantumTaskResponse": { + "base": null, + "refs": { + } + }, + "InternalServiceException": { + "base": "

The request processing has failed because of an unknown error, exception or failure.

", + "refs": { + } + }, + "JsonValue": { + "base": null, + "refs": { + "CreateQuantumTaskRequest$action": "

The action associated with the task.

", + "GetDeviceResponse$deviceCapabilities": "

Details about the capabilities of the device.

", + "GetQuantumTaskResponse$deviceParameters": "

The parameters for the device on which the task ran.

" + } + }, + "Long": { + "base": null, + "refs": { + "GetQuantumTaskResponse$shots": "

The number of shots used in the task.

", + "QuantumTaskSummary$shots": "

The shots used for the task.

" + } + }, + "QuantumTaskArn": { + "base": null, + "refs": { + "CancelQuantumTaskRequest$quantumTaskArn": "

The ARN of the task to cancel.

", + "CancelQuantumTaskResponse$quantumTaskArn": "

The ARN of the task.

", + "CreateQuantumTaskResponse$quantumTaskArn": "

The ARN of the task created by the request.

", + "GetQuantumTaskRequest$quantumTaskArn": "

the ARN of the task to retrieve.

", + "GetQuantumTaskResponse$quantumTaskArn": "

The ARN of the task.

", + "QuantumTaskSummary$quantumTaskArn": "

The ARN of the task.

" + } + }, + "QuantumTaskStatus": { + "base": null, + "refs": { + "GetQuantumTaskResponse$status": "

The status of the task.

", + "QuantumTaskSummary$status": "

The status of the task.

" + } + }, + "QuantumTaskSummary": { + "base": "

Includes information about a quantum task.

", + "refs": { + "QuantumTaskSummaryList$member": null + } + }, + "QuantumTaskSummaryList": { + "base": null, + "refs": { + "SearchQuantumTasksResponse$quantumTasks": "

An array of QuantumTaskSummary objects for tasks that match the specified filters.

" + } + }, + "ResourceNotFoundException": { + "base": "

The specified resource was not found.

", + "refs": { + } + }, + "SearchDevicesFilter": { + "base": "

The filter to use for searching devices.

", + "refs": { + "SearchDevicesRequestfiltersSearchDevicesFilterList$member": null + } + }, + "SearchDevicesFilternameString": { + "base": null, + "refs": { + "SearchDevicesFilter$name": "

The name to use to filter results.

" + } + }, + "SearchDevicesFiltervaluesString256List": { + "base": null, + "refs": { + "SearchDevicesFilter$values": "

The values to use to filter results.

" + } + }, + "SearchDevicesRequest": { + "base": null, + "refs": { + } + }, + "SearchDevicesRequestfiltersSearchDevicesFilterList": { + "base": null, + "refs": { + "SearchDevicesRequest$filters": "

The filter values to use to search for a device.

" + } + }, + "SearchDevicesRequestmaxResultsInteger": { + "base": null, + "refs": { + "SearchDevicesRequest$maxResults": "

The maximum number of results to return in the response.

" + } + }, + "SearchDevicesResponse": { + "base": null, + "refs": { + } + }, + "SearchQuantumTasksFilter": { + "base": "

A filter to use to search for tasks.

", + "refs": { + "SearchQuantumTasksRequestfiltersSearchQuantumTasksFilterList$member": null + } + }, + "SearchQuantumTasksFilterOperator": { + "base": null, + "refs": { + "SearchQuantumTasksFilter$operator": "

An operator to use in the filter.

" + } + }, + "SearchQuantumTasksFiltervaluesString256List": { + "base": null, + "refs": { + "SearchQuantumTasksFilter$values": "

The values to use for the filter.

" + } + }, + "SearchQuantumTasksRequest": { + "base": null, + "refs": { + } + }, + "SearchQuantumTasksRequestfiltersSearchQuantumTasksFilterList": { + "base": null, + "refs": { + "SearchQuantumTasksRequest$filters": "

Array of SearchQuantumTasksFilter objects.

" + } + }, + "SearchQuantumTasksRequestmaxResultsInteger": { + "base": null, + "refs": { + "SearchQuantumTasksRequest$maxResults": "

Maximum number of results to return in the response.

" + } + }, + "SearchQuantumTasksResponse": { + "base": null, + "refs": { + } + }, + "ServiceQuotaExceededException": { + "base": "

The request failed because a service quota is met.

", + "refs": { + } + }, + "String": { + "base": null, + "refs": { + "AccessDeniedException$message": null, + "ConflictException$message": null, + "DeviceOfflineException$message": null, + "DeviceSummary$deviceName": "

The name of the device.

", + "DeviceSummary$providerName": "

The provider of the device.

", + "GetDeviceResponse$deviceName": "

The name of the device.

", + "GetDeviceResponse$providerName": "

The name of the partner company for the device.

", + "GetQuantumTaskResponse$failureReason": "

The reason that a task failed.

", + "GetQuantumTaskResponse$outputS3Bucket": "

The S3 bucket where task results are stored.

", + "GetQuantumTaskResponse$outputS3Directory": "

The folder in the S3 bucket where task results are stored.

", + "InternalServiceException$message": null, + "QuantumTaskSummary$outputS3Bucket": "

The S3 bucket where the task result file is stored..

", + "QuantumTaskSummary$outputS3Directory": "

The folder in the S3 bucket where the task result file is stored.

", + "ResourceNotFoundException$message": null, + "SearchDevicesRequest$nextToken": "

A token used for pagination of results returned in the response. Use the token returned from the previous request continue results where the previous request ended.

", + "SearchDevicesResponse$nextToken": "

A token used for pagination of results, or null if there are no additional results. Use the token value in a subsequent request to continue results where the previous request ended.

", + "SearchQuantumTasksRequest$nextToken": "

A token used for pagination of results returned in the response. Use the token returned from the previous request continue results where the previous request ended.

", + "SearchQuantumTasksResponse$nextToken": "

A token used for pagination of results, or null if there are no additional results. Use the token value in a subsequent request to continue results where the previous request ended.

", + "ServiceQuotaExceededException$message": null, + "ThrottlingException$message": null, + "ValidationException$message": null + } + }, + "String256": { + "base": null, + "refs": { + "SearchDevicesFiltervaluesString256List$member": null, + "SearchQuantumTasksFiltervaluesString256List$member": null + } + }, + "String64": { + "base": null, + "refs": { + "CancelQuantumTaskRequest$clientToken": "

The client token associated with the request.

", + "CreateQuantumTaskRequest$clientToken": "

The client token associated with the request.

", + "SearchQuantumTasksFilter$name": "

The name of the device used for the task.

" + } + }, + "SyntheticTimestamp_date_time": { + "base": null, + "refs": { + "GetQuantumTaskResponse$createdAt": "

The time at which the task was created.

", + "GetQuantumTaskResponse$endedAt": "

The time at which the task ended.

", + "QuantumTaskSummary$createdAt": "

The time at which the task was created.

", + "QuantumTaskSummary$endedAt": "

The time at which the task finished.

" + } + }, + "ThrottlingException": { + "base": "

The throttling rate limit is met.

", + "refs": { + } + }, + "ValidationException": { + "base": "

The input fails to satisfy the constraints specified by an AWS service.

", + "refs": { + } + } + } +} diff --git a/aws-sdk-core/apis/braket/2019-09-01/examples-1.json b/aws-sdk-core/apis/braket/2019-09-01/examples-1.json new file mode 100644 index 00000000000..0ea7e3b0bbe --- /dev/null +++ b/aws-sdk-core/apis/braket/2019-09-01/examples-1.json @@ -0,0 +1,5 @@ +{ + "version": "1.0", + "examples": { + } +} diff --git a/aws-sdk-core/apis/braket/2019-09-01/paginators-1.json b/aws-sdk-core/apis/braket/2019-09-01/paginators-1.json new file mode 100644 index 00000000000..f4dd4a1ee67 --- /dev/null +++ b/aws-sdk-core/apis/braket/2019-09-01/paginators-1.json @@ -0,0 +1,16 @@ +{ + "pagination": { + "SearchDevices": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "devices" + }, + "SearchQuantumTasks": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "quantumTasks" + } + } +} diff --git a/aws-sdk-core/apis/cognito-idp/2016-04-18/api-2.json b/aws-sdk-core/apis/cognito-idp/2016-04-18/api-2.json index 38e7c60cac4..6a034c12b17 100644 --- a/aws-sdk-core/apis/cognito-idp/2016-04-18/api-2.json +++ b/aws-sdk-core/apis/cognito-idp/2016-04-18/api-2.json @@ -536,6 +536,7 @@ "input":{"shape":"AssociateSoftwareTokenRequest"}, "output":{"shape":"AssociateSoftwareTokenResponse"}, "errors":[ + {"shape":"ConcurrentModificationException"}, {"shape":"InvalidParameterException"}, {"shape":"NotAuthorizedException"}, {"shape":"ResourceNotFoundException"}, @@ -1890,6 +1891,11 @@ }, "shapes":{ "AWSAccountIdType":{"type":"string"}, + "AccessTokenValidityType":{ + "type":"integer", + "max":86400, + "min":1 + }, "AccountRecoverySettingType":{ "type":"structure", "members":{ @@ -2961,6 +2967,9 @@ "ClientName":{"shape":"ClientNameType"}, "GenerateSecret":{"shape":"GenerateSecret"}, "RefreshTokenValidity":{"shape":"RefreshTokenValidityType"}, + "AccessTokenValidity":{"shape":"AccessTokenValidityType"}, + "IdTokenValidity":{"shape":"IdTokenValidityType"}, + "TokenValidityUnits":{"shape":"TokenValidityUnitsType"}, "ReadAttributes":{"shape":"ClientPermissionListType"}, "WriteAttributes":{"shape":"ClientPermissionListType"}, "ExplicitAuthFlows":{"shape":"ExplicitAuthFlowsListType"}, @@ -3753,6 +3762,11 @@ "type":"list", "member":{"shape":"HttpHeader"} }, + "IdTokenValidityType":{ + "type":"integer", + "max":86400, + "min":1 + }, "IdentityProviderType":{ "type":"structure", "members":{ @@ -4336,7 +4350,7 @@ }, "RefreshTokenValidityType":{ "type":"integer", - "max":3650, + "max":315360000, "min":0 }, "ResendConfirmationCodeRequest":{ @@ -4819,11 +4833,28 @@ "max":365, "min":0 }, + "TimeUnitsType":{ + "type":"string", + "enum":[ + "seconds", + "minutes", + "hours", + "days" + ] + }, "TokenModelType":{ "type":"string", "pattern":"[A-Za-z0-9-_=.]+", "sensitive":true }, + "TokenValidityUnitsType":{ + "type":"structure", + "members":{ + "AccessToken":{"shape":"TimeUnitsType"}, + "IdToken":{"shape":"TimeUnitsType"}, + "RefreshToken":{"shape":"TimeUnitsType"} + } + }, "TooManyFailedAttemptsException":{ "type":"structure", "members":{ @@ -5017,6 +5048,9 @@ "ClientId":{"shape":"ClientIdType"}, "ClientName":{"shape":"ClientNameType"}, "RefreshTokenValidity":{"shape":"RefreshTokenValidityType"}, + "AccessTokenValidity":{"shape":"AccessTokenValidityType"}, + "IdTokenValidity":{"shape":"IdTokenValidityType"}, + "TokenValidityUnits":{"shape":"TokenValidityUnitsType"}, "ReadAttributes":{"shape":"ClientPermissionListType"}, "WriteAttributes":{"shape":"ClientPermissionListType"}, "ExplicitAuthFlows":{"shape":"ExplicitAuthFlowsListType"}, @@ -5211,6 +5245,9 @@ "LastModifiedDate":{"shape":"DateType"}, "CreationDate":{"shape":"DateType"}, "RefreshTokenValidity":{"shape":"RefreshTokenValidityType"}, + "AccessTokenValidity":{"shape":"AccessTokenValidityType"}, + "IdTokenValidity":{"shape":"IdTokenValidityType"}, + "TokenValidityUnits":{"shape":"TokenValidityUnitsType"}, "ReadAttributes":{"shape":"ClientPermissionListType"}, "WriteAttributes":{"shape":"ClientPermissionListType"}, "ExplicitAuthFlows":{"shape":"ExplicitAuthFlowsListType"}, diff --git a/aws-sdk-core/apis/cognito-idp/2016-04-18/docs-2.json b/aws-sdk-core/apis/cognito-idp/2016-04-18/docs-2.json index 1b7bc15ea7d..bd7170bd243 100644 --- a/aws-sdk-core/apis/cognito-idp/2016-04-18/docs-2.json +++ b/aws-sdk-core/apis/cognito-idp/2016-04-18/docs-2.json @@ -5,17 +5,17 @@ "AddCustomAttributes": "

Adds additional user attributes to the user pool schema.

", "AdminAddUserToGroup": "

Adds the specified user to the specified group.

Calling this action requires developer credentials.

", "AdminConfirmSignUp": "

Confirms user registration as an admin without using a confirmation code. Works on any user.

Calling this action requires developer credentials.

", - "AdminCreateUser": "

Creates a new user in the specified user pool.

If MessageAction is not set, the default is to send a welcome message via email or phone (SMS).

This message is based on a template that you configured in your call to or . This template includes your custom sign-up instructions and placeholders for user name and temporary password.

Alternatively, you can call AdminCreateUser with “SUPPRESS” for the MessageAction parameter, and Amazon Cognito will not send any email.

In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change their password.

AdminCreateUser requires developer credentials.

", + "AdminCreateUser": "

Creates a new user in the specified user pool.

If MessageAction is not set, the default is to send a welcome message via email or phone (SMS).

This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for user name and temporary password.

Alternatively, you can call AdminCreateUser with “SUPPRESS” for the MessageAction parameter, and Amazon Cognito will not send any email.

In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change their password.

AdminCreateUser requires developer credentials.

", "AdminDeleteUser": "

Deletes a user as an administrator. Works on any user.

Calling this action requires developer credentials.

", "AdminDeleteUserAttributes": "

Deletes the user attributes in a user pool as an administrator. Works on any user.

Calling this action requires developer credentials.

", - "AdminDisableProviderForUser": "

Disables the user from signing in with the specified external (SAML or social) identity provider. If the user to disable is a Cognito User Pools native username + password user, they are not permitted to use their password to sign-in. If the user to disable is a linked external IdP user, any link between that user and an existing user is removed. The next time the external user (no longer attached to the previously linked DestinationUser) signs in, they must create a new user account. See .

This action is enabled only for admin access and requires developer credentials.

The ProviderName must match the value specified when creating an IdP for the pool.

To disable a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject, with the ProviderAttributeValue being the name that is used in the user pool for the user.

The ProviderAttributeName must always be Cognito_Subject for social identity providers. The ProviderAttributeValue must always be the exact subject that was used when the user was originally linked as a source user.

For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign-in, the ProviderAttributeName and ProviderAttributeValue must be the same values that were used for the SourceUser when the identities were originally linked in the call. (If the linking was done with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.

", + "AdminDisableProviderForUser": "

Disables the user from signing in with the specified external (SAML or social) identity provider. If the user to disable is a Cognito User Pools native username + password user, they are not permitted to use their password to sign-in. If the user to disable is a linked external IdP user, any link between that user and an existing user is removed. The next time the external user (no longer attached to the previously linked DestinationUser) signs in, they must create a new user account. See AdminLinkProviderForUser.

This action is enabled only for admin access and requires developer credentials.

The ProviderName must match the value specified when creating an IdP for the pool.

To disable a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject, with the ProviderAttributeValue being the name that is used in the user pool for the user.

The ProviderAttributeName must always be Cognito_Subject for social identity providers. The ProviderAttributeValue must always be the exact subject that was used when the user was originally linked as a source user.

For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign-in, the ProviderAttributeName and ProviderAttributeValue must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.

", "AdminDisableUser": "

Disables the specified user.

Calling this action requires developer credentials.

", "AdminEnableUser": "

Enables the specified user as an administrator. Works on any user.

Calling this action requires developer credentials.

", "AdminForgetDevice": "

Forgets the device, as an administrator.

Calling this action requires developer credentials.

", "AdminGetDevice": "

Gets the device, as an administrator.

Calling this action requires developer credentials.

", "AdminGetUser": "

Gets the specified user by user name in a user pool as an administrator. Works on any user.

Calling this action requires developer credentials.

", "AdminInitiateAuth": "

Initiates the authentication flow, as an administrator.

Calling this action requires developer credentials.

", - "AdminLinkProviderForUser": "

Links an existing user account in a user pool (DestinationUser) to an identity from an external identity provider (SourceUser) based on a specified attribute name and value from the external identity provider. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in, so that the federated user identity can be used to sign in as the existing user account.

For example, if there is an existing user with a username and password, this API links that user to a federated user identity, so that when the federated user identity is used, the user signs in as the existing user account.

Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external identity providers and provider attributes that have been trusted by the application owner.

See also .

This action is enabled only for admin access and requires developer credentials.

", + "AdminLinkProviderForUser": "

Links an existing user account in a user pool (DestinationUser) to an identity from an external identity provider (SourceUser) based on a specified attribute name and value from the external identity provider. This allows you to create a link from the existing user account to an external federated user identity that has not yet been used to sign in, so that the federated user identity can be used to sign in as the existing user account.

For example, if there is an existing user with a username and password, this API links that user to a federated user identity, so that when the federated user identity is used, the user signs in as the existing user account.

The maximum number of federated identities linked to a user is 5.

Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external identity providers and provider attributes that have been trusted by the application owner.

This action is enabled only for admin access and requires developer credentials.

", "AdminListDevices": "

Lists devices, as an administrator.

Calling this action requires developer credentials.

", "AdminListGroupsForUser": "

Lists the groups that the user belongs to.

Calling this action requires developer credentials.

", "AdminListUserAuthEvents": "

Lists a history of user activity and any risks detected as part of Amazon Cognito advanced security.

", @@ -24,7 +24,7 @@ "AdminRespondToAuthChallenge": "

Responds to an authentication challenge, as an administrator.

Calling this action requires developer credentials.

", "AdminSetUserMFAPreference": "

Sets the user's multi-factor authentication (MFA) preference, including which MFA options are enabled and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are enabled. If multiple options are enabled and no preference is set, a challenge to choose an MFA option will be returned during sign in.

", "AdminSetUserPassword": "

Sets the specified user's password in a user pool as an administrator. Works on any user.

The password can be temporary or permanent. If it is temporary, the user status will be placed into the FORCE_CHANGE_PASSWORD state. When the user next tries to sign in, the InitiateAuth/AdminInitiateAuth response will contain the NEW_PASSWORD_REQUIRED challenge. If the user does not sign in before it expires, the user will not be able to sign in and their password will need to be reset by an administrator.

Once the user has set a new password, or the password is permanent, the user status will be set to Confirmed.

", - "AdminSetUserSettings": "

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use the AdminSetUserMFAPreference action instead.

", + "AdminSetUserSettings": "

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.

", "AdminUpdateAuthEventFeedback": "

Provides feedback for an authentication event as to whether it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

", "AdminUpdateDeviceStatus": "

Updates the device status as an administrator.

Calling this action requires developer credentials.

", "AdminUpdateUserAttributes": "

Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user.

For custom attributes, you must prepend the custom: prefix to the attribute name.

In addition to updating user attributes, this API can also be used to mark phone and email as verified.

Calling this action requires developer credentials.

", @@ -57,7 +57,7 @@ "DescribeUserPoolClient": "

Client method for returning the configuration information and metadata of the specified user pool app client.

", "DescribeUserPoolDomain": "

Gets information about a domain.

", "ForgetDevice": "

Forgets the specified device.

", - "ForgotPassword": "

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. If neither a verified phone number nor a verified email exists, an InvalidParameterException is thrown. To use the confirmation code for resetting the password, call .

", + "ForgotPassword": "

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the specified AccountRecoverySetting. For more information, see Recovering User Accounts in the Amazon Cognito Developer Guide. If neither a verified phone number nor a verified email exists, an InvalidParameterException is thrown. To use the confirmation code for resetting the password, call ConfirmForgotPassword.

", "GetCSVHeader": "

Gets the header information for the .csv file to be used as input for the user import job.

", "GetDevice": "

Gets the device.

", "GetGroup": "

Gets a group.

Calling this action requires developer credentials.

", @@ -81,11 +81,11 @@ "ListUsersInGroup": "

Lists the users in the specified group.

Calling this action requires developer credentials.

", "ResendConfirmationCode": "

Resends the confirmation (for confirmation of registration) to a specific user in the user pool.

", "RespondToAuthChallenge": "

Responds to the authentication challenge.

", - "SetRiskConfiguration": "

Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

To enable Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

See .

", + "SetRiskConfiguration": "

Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

To enable Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

", "SetUICustomization": "

Sets the UI customization information for a user pool's built-in app UI.

You can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to ALL). If you specify ALL, the default configuration will be used for every client that has no UI customization set previously. If you specify UI customization settings for a particular client, it will no longer fall back to the ALL configuration.

To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.

", "SetUserMFAPreference": "

Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are enabled and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are enabled. If multiple options are enabled and no preference is set, a challenge to choose an MFA option will be returned during sign in.

", "SetUserPoolMfaConfig": "

Set the user pool multi-factor authentication (MFA) configuration.

", - "SetUserSettings": "

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use the SetUserMFAPreference action instead.

", + "SetUserSettings": "

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either type of MFA, use SetUserMFAPreference instead.

", "SignUp": "

Registers the user in the specified user pool and creates a user name, password, and user attributes.

", "StartUserImportJob": "

Starts the user import.

", "StopUserImportJob": "

Stops the user import job.

", @@ -97,8 +97,8 @@ "UpdateIdentityProvider": "

Updates identity provider information for a user pool.

", "UpdateResourceServer": "

Updates the name and scopes of resource server. All other fields are read-only.

If you don't provide a value for an attribute, it will be set to the default value.

", "UpdateUserAttributes": "

Allows a user to update a specific attribute (one at a time).

", - "UpdateUserPool": "

Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings with .

If you don't provide a value for an attribute, it will be set to the default value.

", - "UpdateUserPoolClient": "

Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings with .

If you don't provide a value for an attribute, it will be set to the default value.

", + "UpdateUserPool": "

Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using DescribeUserPool.

If you don't provide a value for an attribute, it will be set to the default value.

", + "UpdateUserPoolClient": "

Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using DescribeUserPoolClient.

If you don't provide a value for an attribute, it will be set to the default value.

", "UpdateUserPoolDomain": "

Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.

You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You cannot use it to change the domain for a user pool.

A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you manage with AWS Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.

Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically.

However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito.

When you add your new certificate in ACM, you must choose US East (N. Virginia) as the AWS Region.

After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.

For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.

", "VerifySoftwareToken": "

Use this API to register a user's entered TOTP code and mark the user's software token MFA status as \"verified\" if successful. The request takes an access token or a session string, but not both.

", "VerifyUserAttribute": "

Verifies the specified user attributes in the user pool.

" @@ -110,10 +110,18 @@ "DomainDescriptionType$AWSAccountId": "

The AWS account ID for the user pool owner.

" } }, + "AccessTokenValidityType": { + "base": null, + "refs": { + "CreateUserPoolClientRequest$AccessTokenValidity": "

The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. This value will be overridden if you have entered a value in TokenValidityUnits.

", + "UpdateUserPoolClientRequest$AccessTokenValidity": "

The time limit, after which the access token is no longer valid and cannot be used.

", + "UserPoolClientType$AccessTokenValidity": "

The time limit, specified by tokenValidityUnits, defaulting to hours, after which the access token is no longer valid and cannot be used.

" + } + }, "AccountRecoverySettingType": { "base": "

The data type for AccountRecoverySetting.

", "refs": { - "CreateUserPoolRequest$AccountRecoverySetting": "

Use this setting to define which verified available method a user can use to recover their password when they call ForgotPassword. It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email.

Starting February 1, 2020, the value of AccountRecoverySetting will default to verified_email first and verified_phone_number as the second option for newly created user pools if no value is provided.

", + "CreateUserPoolRequest$AccountRecoverySetting": "

Use this setting to define which verified available method a user can use to recover their password when they call ForgotPassword. It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email.

", "UpdateUserPoolRequest$AccountRecoverySetting": "

Use this setting to define which verified available method a user can use to recover their password when they call ForgotPassword. It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email.

", "UserPoolType$AccountRecoverySetting": "

Use this setting to define which verified available method a user can use to recover their password when they call ForgotPassword. It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email.

" } @@ -440,10 +448,10 @@ } }, "AnalyticsConfigurationType": { - "base": "

The Amazon Pinpoint analytics configuration for collecting metrics for a user pool.

Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the region in which the user pool resides.

", + "base": "

The Amazon Pinpoint analytics configuration for collecting metrics for a user pool.

In regions where Pinpoint is not available, Cognito User Pools only supports sending events to Amazon Pinpoint projects in us-east-1. In regions where Pinpoint is available, Cognito User Pools will support sending events to Amazon Pinpoint projects within that same region.

", "refs": { - "CreateUserPoolClientRequest$AnalyticsConfiguration": "

The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.

Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the region in which the user pool resides.

", - "UpdateUserPoolClientRequest$AnalyticsConfiguration": "

The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.

Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the region in which the user pool resides.

", + "CreateUserPoolClientRequest$AnalyticsConfiguration": "

The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.

In regions where Pinpoint is not available, Cognito User Pools only supports sending events to Amazon Pinpoint projects in us-east-1. In regions where Pinpoint is available, Cognito User Pools will support sending events to Amazon Pinpoint projects within that same region.

", + "UpdateUserPoolClientRequest$AnalyticsConfiguration": "

The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.

In regions where Pinpoint is not available, Cognito User Pools only supports sending events to Amazon Pinpoint projects in us-east-1. In regions where Pinpoint is available, Cognito User Pools will support sending events to Amazon Pinpoint projects within that same region.

", "UserPoolClientType$AnalyticsConfiguration": "

The Amazon Pinpoint analytics configuration for the user pool client.

Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the region in which the user pool resides.

" } }, @@ -509,7 +517,7 @@ "AttributeListType": { "base": null, "refs": { - "AdminCreateUserRequest$UserAttributes": "

An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than Username. However, any attributes that you specify as required (in or in the Attributes tab of the console) must be supplied either by you (in your call to AdminCreateUser) or by the user (when he or she signs up in response to your welcome message).

For custom attributes, you must prepend the custom: prefix to the attribute name.

To send a message inviting the user to sign up, you must specify the user's email address or phone number. This can be done in your call to AdminCreateUser or in the Users tab of the Amazon Cognito console for managing your user pools.

In your call to AdminCreateUser, you can set the email_verified attribute to True, and you can set the phone_number_verified attribute to True. (You can also do this by calling .)

", + "AdminCreateUserRequest$UserAttributes": "

An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes other than Username. However, any attributes that you specify as required (when creating a user pool or in the Attributes tab of the console) must be supplied either by you (in your call to AdminCreateUser) or by the user (when he or she signs up in response to your welcome message).

For custom attributes, you must prepend the custom: prefix to the attribute name.

To send a message inviting the user to sign up, you must specify the user's email address or phone number. This can be done in your call to AdminCreateUser or in the Users tab of the Amazon Cognito console for managing your user pools.

In your call to AdminCreateUser, you can set the email_verified attribute to True, and you can set the phone_number_verified attribute to True. (You can also do this by calling AdminUpdateUserAttributes.)

", "AdminCreateUserRequest$ValidationData": "

The user's validation data. This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the types of user accounts that can be registered. For example, you might choose to allow or disallow user sign-up based on the user's domain.

To configure custom validation, you must create a Pre Sign-up Lambda trigger for the user pool as described in the Amazon Cognito Developer Guide. The Lambda trigger receives the validation data and uses it in the validation process.

The user's validation data is not persisted.

", "AdminGetUserResponse$UserAttributes": "

An array of name-value pairs representing user attributes.

", "AdminUpdateUserAttributesRequest$UserAttributes": "

An array of name-value pairs representing user attributes.

For custom attributes, you must prepend the custom: prefix to the attribute name.

", @@ -588,8 +596,8 @@ "AuthParametersType": { "base": null, "refs": { - "AdminInitiateAuthRequest$AuthParameters": "

The authentication parameters. These are inputs corresponding to the AuthFlow that you are invoking. The required values depend on the value of AuthFlow:

", - "InitiateAuthRequest$AuthParameters": "

The authentication parameters. These are inputs corresponding to the AuthFlow that you are invoking. The required values depend on the value of AuthFlow:

" + "AdminInitiateAuthRequest$AuthParameters": "

The authentication parameters. These are inputs corresponding to the AuthFlow that you are invoking. The required values depend on the value of AuthFlow:

", + "InitiateAuthRequest$AuthParameters": "

The authentication parameters. These are inputs corresponding to the AuthFlow that you are invoking. The required values depend on the value of AuthFlow:

" } }, "AuthenticationResultType": { @@ -624,7 +632,7 @@ "PasswordPolicyType$RequireSymbols": "

In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.

", "SMSMfaSettingsType$Enabled": "

Specifies whether SMS text message MFA is enabled.

", "SMSMfaSettingsType$PreferredMfa": "

Specifies whether SMS is the preferred MFA method.

", - "SchemaAttributeType$DeveloperOnlyAttribute": "

We recommend that you use WriteAttributes in the user pool client to control how attributes can be mutated for new use cases instead of using DeveloperOnlyAttribute.

Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users will not be able to modify this attribute using their access token. For example, DeveloperOnlyAttribute can be modified using the API but cannot be updated using the API.

", + "SchemaAttributeType$DeveloperOnlyAttribute": "

We recommend that you use WriteAttributes in the user pool client to control how attributes can be mutated for new use cases instead of using DeveloperOnlyAttribute.

Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users will not be able to modify this attribute using their access token. For example, DeveloperOnlyAttribute can be modified using AdminUpdateUserAttributes but cannot be updated using UpdateUserAttributes.

", "SchemaAttributeType$Mutable": "

Specifies whether the value of the attribute can be changed.

For any user pool attribute that's mapped to an identity provider attribute, you must set this parameter to true. Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see Specifying Identity Provider Attribute Mappings for Your User Pool.

", "SchemaAttributeType$Required": "

Specifies whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail.

", "SignUpResponse$UserConfirmed": "

A response from the server indicating that a user registration has been confirmed.

", @@ -667,20 +675,20 @@ "base": null, "refs": { "AdminInitiateAuthResponse$ChallengeName": "

The name of the challenge which you are responding to with this call. This is returned to you in the AdminInitiateAuth response if you need to pass another challenge.

", - "AdminRespondToAuthChallengeRequest$ChallengeName": "

The challenge name. For more information, see .

", - "AdminRespondToAuthChallengeResponse$ChallengeName": "

The name of the challenge. For more information, see .

", + "AdminRespondToAuthChallengeRequest$ChallengeName": "

The challenge name. For more information, see AdminInitiateAuth.

", + "AdminRespondToAuthChallengeResponse$ChallengeName": "

The name of the challenge. For more information, see AdminInitiateAuth.

", "InitiateAuthResponse$ChallengeName": "

The name of the challenge which you are responding to with this call. This is returned to you in the AdminInitiateAuth response if you need to pass another challenge.

Valid values include the following. Note that all of these challenges require USERNAME and SECRET_HASH (if applicable) in the parameters.

", - "RespondToAuthChallengeRequest$ChallengeName": "

The challenge name. For more information, see .

ADMIN_NO_SRP_AUTH is not a valid value.

", - "RespondToAuthChallengeResponse$ChallengeName": "

The challenge name. For more information, see .

" + "RespondToAuthChallengeRequest$ChallengeName": "

The challenge name. For more information, see InitiateAuth.

ADMIN_NO_SRP_AUTH is not a valid value.

", + "RespondToAuthChallengeResponse$ChallengeName": "

The challenge name. For more information, see InitiateAuth.

" } }, "ChallengeParametersType": { "base": null, "refs": { "AdminInitiateAuthResponse$ChallengeParameters": "

The challenge parameters. These are returned to you in the AdminInitiateAuth response if you need to pass another challenge. The responses in this parameter should be used to compute inputs to the next call (AdminRespondToAuthChallenge).

All challenges require USERNAME and SECRET_HASH (if applicable).

The value of the USER_ID_FOR_SRP attribute will be the user's actual username, not an alias (such as email address or phone number), even if you specified an alias in your call to AdminInitiateAuth. This is because, in the AdminRespondToAuthChallenge API ChallengeResponses, the USERNAME attribute cannot be an alias.

", - "AdminRespondToAuthChallengeResponse$ChallengeParameters": "

The challenge parameters. For more information, see .

", + "AdminRespondToAuthChallengeResponse$ChallengeParameters": "

The challenge parameters. For more information, see AdminInitiateAuth.

", "InitiateAuthResponse$ChallengeParameters": "

The challenge parameters. These are returned to you in the InitiateAuth response if you need to pass another challenge. The responses in this parameter should be used to compute inputs to the next call (RespondToAuthChallenge).

All challenges require USERNAME and SECRET_HASH (if applicable).

", - "RespondToAuthChallengeResponse$ChallengeParameters": "

The challenge parameters. For more information, see .

" + "RespondToAuthChallengeResponse$ChallengeParameters": "

The challenge parameters. For more information, see InitiateAuth.

" } }, "ChallengeResponse": { @@ -884,7 +892,7 @@ "ConfirmationCodeType": { "base": null, "refs": { - "ConfirmForgotPasswordRequest$ConfirmationCode": "

The confirmation code sent by a user's request to retrieve a forgotten password. For more information, see

", + "ConfirmForgotPasswordRequest$ConfirmationCode": "

The confirmation code sent by a user's request to retrieve a forgotten password. For more information, see ForgotPassword.

", "ConfirmSignUpRequest$ConfirmationCode": "

The confirmation code sent by a user's request to confirm registration.

", "VerifyUserAttributeRequest$Code": "

The verification code in the request to verify user attributes.

" } @@ -1585,6 +1593,14 @@ "ContextDataType$HttpHeaders": "

HttpHeaders received on your server in same order.

" } }, + "IdTokenValidityType": { + "base": null, + "refs": { + "CreateUserPoolClientRequest$IdTokenValidity": "

The time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. This value will be overridden if you have entered a value in TokenValidityUnits.

", + "UpdateUserPoolClientRequest$IdTokenValidity": "

The time limit, after which the ID token is no longer valid and cannot be used.

", + "UserPoolClientType$IdTokenValidity": "

The time limit, specified by tokenValidityUnits, defaulting to hours, after which the refresh token is no longer valid and cannot be used.

" + } + }, "IdentityProviderType": { "base": "

A container for information about an identity provider.

", "refs": { @@ -1847,15 +1863,15 @@ "MFAOptionListType": { "base": null, "refs": { - "AdminGetUserResponse$MFAOptions": "

This response parameter is no longer supported. It provides information only about SMS MFA configurations. It doesn't provide information about TOTP software token MFA configurations. To look up information about either type of MFA configuration, use the AdminGetUserResponse$UserMFASettingList response instead.

", + "AdminGetUserResponse$MFAOptions": "

This response parameter is no longer supported. It provides information only about SMS MFA configurations. It doesn't provide information about TOTP software token MFA configurations. To look up information about either type of MFA configuration, use UserMFASettingList instead.

", "AdminSetUserSettingsRequest$MFAOptions": "

You can use this parameter only to set an SMS configuration that uses SMS for delivery.

", - "GetUserResponse$MFAOptions": "

This response parameter is no longer supported. It provides information only about SMS MFA configurations. It doesn't provide information about TOTP software token MFA configurations. To look up information about either type of MFA configuration, use the use the GetUserResponse$UserMFASettingList response instead.

", + "GetUserResponse$MFAOptions": "

This response parameter is no longer supported. It provides information only about SMS MFA configurations. It doesn't provide information about TOTP software token MFA configurations. To look up information about either type of MFA configuration, use UserMFASettingList instead.

", "SetUserSettingsRequest$MFAOptions": "

You can use this parameter only to set an SMS configuration that uses SMS for delivery.

", "UserType$MFAOptions": "

The MFA options for the user.

" } }, "MFAOptionType": { - "base": "

This data type is no longer supported. You can use it only for SMS MFA configurations. You can't use it for TOTP software token MFA configurations.

To set either type of MFA configuration, use the AdminSetUserMFAPreference or SetUserMFAPreference actions.

To look up information about either type of MFA configuration, use the AdminGetUserResponse$UserMFASettingList or GetUserResponse$UserMFASettingList responses.

", + "base": "

This data type is no longer supported. You can use it only for SMS MFA configurations. You can't use it for TOTP software token MFA configurations.

", "refs": { "MFAOptionListType$member": null } @@ -2033,7 +2049,7 @@ "refs": { "CreateGroupRequest$Precedence": "

A nonnegative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN will be used in the cognito:roles and cognito:preferred_role claims in the user's tokens.

Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim is not set in users' tokens.

The default Precedence value is null.

", "GroupType$Precedence": "

A nonnegative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. If a user belongs to two or more groups, it is the group with the highest precedence whose role ARN will be used in the cognito:roles and cognito:preferred_role claims in the user's tokens. Groups with higher Precedence values take precedence over groups with lower Precedence values or with null Precedence values.

Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim is not set in users' tokens.

The default Precedence value is null.

", - "UpdateGroupRequest$Precedence": "

The new precedence value for the group. For more information about this parameter, see .

" + "UpdateGroupRequest$Precedence": "

The new precedence value for the group. For more information about this parameter, see CreateGroup.

" } }, "PreconditionNotMetException": { @@ -2044,9 +2060,9 @@ "PreventUserExistenceErrorTypes": { "base": null, "refs": { - "CreateUserPoolClientRequest$PreventUserExistenceErrors": "

Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.

Valid values include:

This setting affects the behavior of following APIs:

After February 15th 2020, the value of PreventUserExistenceErrors will default to ENABLED for newly created user pool clients if no value is provided.

", - "UpdateUserPoolClientRequest$PreventUserExistenceErrors": "

Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.

Valid values include:

This setting affects the behavior of following APIs:

After February 15th 2020, the value of PreventUserExistenceErrors will default to ENABLED for newly created user pool clients if no value is provided.

", - "UserPoolClientType$PreventUserExistenceErrors": "

Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.

Valid values include:

This setting affects the behavior of following APIs:

After February 15th 2020, the value of PreventUserExistenceErrors will default to ENABLED for newly created user pool clients if no value is provided.

" + "CreateUserPoolClientRequest$PreventUserExistenceErrors": "

Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.

Valid values include:

After February 15th 2020, the value of PreventUserExistenceErrors will default to ENABLED for newly created user pool clients if no value is provided.

", + "UpdateUserPoolClientRequest$PreventUserExistenceErrors": "

Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.

Valid values include:

After February 15th 2020, the value of PreventUserExistenceErrors will default to ENABLED for newly created user pool clients if no value is provided.

", + "UserPoolClientType$PreventUserExistenceErrors": "

Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool.

Valid values include:

After February 15th 2020, the value of PreventUserExistenceErrors will default to ENABLED for newly created user pool clients if no value is provided.

" } }, "PriorityType": { @@ -2064,8 +2080,8 @@ "ProviderDetailsType": { "base": null, "refs": { - "CreateIdentityProviderRequest$ProviderDetails": "

The identity provider details. The following list describes the provider detail keys for each identity provider type.

", - "IdentityProviderType$ProviderDetails": "

The identity provider details. The following list describes the provider detail keys for each identity provider type.

", + "CreateIdentityProviderRequest$ProviderDetails": "

The identity provider details. The following list describes the provider detail keys for each identity provider type.

", + "IdentityProviderType$ProviderDetails": "

The identity provider details. The following list describes the provider detail keys for each identity provider type.

", "UpdateIdentityProviderRequest$ProviderDetails": "

The identity provider details to be updated, such as MetadataURL and MetadataFile.

" } }, @@ -2355,12 +2371,12 @@ "refs": { "AdminInitiateAuthResponse$Session": "

The session which should be passed both ways in challenge-response calls to the service. If AdminInitiateAuth or AdminRespondToAuthChallenge API call determines that the caller needs to go through another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next AdminRespondToAuthChallenge API call.

", "AdminRespondToAuthChallengeRequest$Session": "

The session which should be passed both ways in challenge-response calls to the service. If InitiateAuth or RespondToAuthChallenge API call determines that the caller needs to go through another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge API call.

", - "AdminRespondToAuthChallengeResponse$Session": "

The session which should be passed both ways in challenge-response calls to the service. If the or API call determines that the caller needs to go through another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge API call.

", + "AdminRespondToAuthChallengeResponse$Session": "

The session which should be passed both ways in challenge-response calls to the service. If the caller needs to go through another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge API call.

", "AssociateSoftwareTokenRequest$Session": "

The session which should be passed both ways in challenge-response calls to the service. This allows authentication of the user as part of the MFA setup process.

", "AssociateSoftwareTokenResponse$Session": "

The session which should be passed both ways in challenge-response calls to the service. This allows authentication of the user as part of the MFA setup process.

", - "InitiateAuthResponse$Session": "

The session which should be passed both ways in challenge-response calls to the service. If the or API call determines that the caller needs to go through another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge API call.

", + "InitiateAuthResponse$Session": "

The session which should be passed both ways in challenge-response calls to the service. If the caller needs to go through another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge API call.

", "RespondToAuthChallengeRequest$Session": "

The session which should be passed both ways in challenge-response calls to the service. If InitiateAuth or RespondToAuthChallenge API call determines that the caller needs to go through another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge API call.

", - "RespondToAuthChallengeResponse$Session": "

The session which should be passed both ways in challenge-response calls to the service. If the or API call determines that the caller needs to go through another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge API call.

", + "RespondToAuthChallengeResponse$Session": "

The session which should be passed both ways in challenge-response calls to the service. If the caller needs to go through another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge API call.

", "VerifySoftwareTokenRequest$Session": "

The session which should be passed both ways in challenge-response calls to the service.

", "VerifySoftwareTokenResponse$Session": "

The session which should be passed both ways in challenge-response calls to the service.

" } @@ -2470,7 +2486,7 @@ "SoftwareTokenMFAUserCodeType": { "base": null, "refs": { - "VerifySoftwareTokenRequest$UserCode": "

The one time password computed using the secret code returned by

" + "VerifySoftwareTokenRequest$UserCode": "

The one time password computed using the secret code returned by AssociateSoftwareToken\".

" } }, "SoftwareTokenMfaConfigType": { @@ -2619,6 +2635,14 @@ "PasswordPolicyType$TemporaryPasswordValidityDays": "

In the password policy you have set, refers to the number of days a temporary password is valid. If the user does not sign-in during this time, their password will need to be reset by an administrator.

When you set TemporaryPasswordValidityDays for a user pool, you will no longer be able to set the deprecated UnusedAccountValidityDays value for that user pool.

" } }, + "TimeUnitsType": { + "base": null, + "refs": { + "TokenValidityUnitsType$AccessToken": "

A time unit in “seconds”, “minutes”, “hours” or “days” for the value in AccessTokenValidity, defaults to hours.

", + "TokenValidityUnitsType$IdToken": "

A time unit in “seconds”, “minutes”, “hours” or “days” for the value in IdTokenValidity, defaults to hours.

", + "TokenValidityUnitsType$RefreshToken": "

A time unit in “seconds”, “minutes”, “hours” or “days” for the value in RefreshTokenValidity, defaults to days.

" + } + }, "TokenModelType": { "base": null, "refs": { @@ -2645,6 +2669,14 @@ "VerifyUserAttributeRequest$AccessToken": "

Represents the access token of the request to verify user attributes.

" } }, + "TokenValidityUnitsType": { + "base": "

The data type for TokenValidityUnits that specifics the time measurements for token validity.

", + "refs": { + "CreateUserPoolClientRequest$TokenValidityUnits": "

The units in which the validity times are represented in. Default for RefreshToken is days, and default for ID and access tokens are hours.

", + "UpdateUserPoolClientRequest$TokenValidityUnits": "

The units in which the validity times are represented in. Default for RefreshToken is days, and default for ID and access tokens are hours.

", + "UserPoolClientType$TokenValidityUnits": "

The time units used to specify the token validity times of their respective token.

" + } + }, "TooManyFailedAttemptsException": { "base": "

This exception is thrown when the user has made too many failed attempts for a given action (e.g., sign in).

", "refs": { @@ -3075,8 +3107,8 @@ "UsernameConfigurationType": { "base": "

The username configuration type.

", "refs": { - "CreateUserPoolRequest$UsernameConfiguration": "

You can choose to set case sensitivity on the username input for the selected sign-in option. For example, when this is set to False, users will be able to sign in using either \"username\" or \"Username\". This configuration is immutable once it has been set. For more information, see .

", - "UserPoolType$UsernameConfiguration": "

You can choose to enable case sensitivity on the username input for the selected sign-in option. For example, when this is set to False, users will be able to sign in using either \"username\" or \"Username\". This configuration is immutable once it has been set. For more information, see .

" + "CreateUserPoolRequest$UsernameConfiguration": "

You can choose to set case sensitivity on the username input for the selected sign-in option. For example, when this is set to False, users will be able to sign in using either \"username\" or \"Username\". This configuration is immutable once it has been set. For more information, see UsernameConfigurationType.

", + "UserPoolType$UsernameConfiguration": "

You can choose to enable case sensitivity on the username input for the selected sign-in option. For example, when this is set to False, users will be able to sign in using either \"username\" or \"Username\". This configuration is immutable once it has been set. For more information, see UsernameConfigurationType.

" } }, "UsernameExistsException": { diff --git a/aws-sdk-core/apis/ec2/2016-11-15/api-2.json b/aws-sdk-core/apis/ec2/2016-11-15/api-2.json index 7a1bfeb9e56..4820017c65a 100644 --- a/aws-sdk-core/apis/ec2/2016-11-15/api-2.json +++ b/aws-sdk-core/apis/ec2/2016-11-15/api-2.json @@ -21180,7 +21180,9 @@ "SubnetId":{ "shape":"SubnetId", "locationName":"subnetId" - } + }, + "MapCustomerOwnedIpOnLaunch":{"shape":"AttributeBooleanValue"}, + "CustomerOwnedIpv4Pool":{"shape":"CoipPoolId"} } }, "ModifyTrafficMirrorFilterNetworkServicesRequest":{ @@ -22062,6 +22064,10 @@ "shape":"String", "locationName":"publicIp" }, + "CustomerOwnedIp":{ + "shape":"String", + "locationName":"customerOwnedIp" + }, "CarrierIp":{ "shape":"String", "locationName":"carrierIp" diff --git a/aws-sdk-core/apis/ec2/2016-11-15/docs-2.json b/aws-sdk-core/apis/ec2/2016-11-15/docs-2.json index cedda49b072..60e0a0cd548 100644 --- a/aws-sdk-core/apis/ec2/2016-11-15/docs-2.json +++ b/aws-sdk-core/apis/ec2/2016-11-15/docs-2.json @@ -883,6 +883,7 @@ "ModifyNetworkInterfaceAttributeRequest$SourceDestCheck": "

Indicates whether source/destination checking is enabled. A value of true means checking is enabled, and false means checking is disabled. This value must be false for a NAT instance to perform NAT. For more information, see NAT Instances in the Amazon Virtual Private Cloud User Guide.

", "ModifySubnetAttributeRequest$AssignIpv6AddressOnCreation": "

Specify true to indicate that network interfaces created in the specified subnet should be assigned an IPv6 address. This includes a network interface that's created when launching an instance into the subnet (the instance therefore receives an IPv6 address).

If you enable the IPv6 addressing feature for your subnet, your network interface or instance only receives an IPv6 address if it's created using version 2016-11-15 or later of the Amazon EC2 API.

", "ModifySubnetAttributeRequest$MapPublicIpOnLaunch": "

Specify true to indicate that network interfaces attached to instances created in the specified subnet should be assigned a public IPv4 address.

", + "ModifySubnetAttributeRequest$MapCustomerOwnedIpOnLaunch": "

Specify true to indicate that network interfaces attached to instances created in the specified subnet should be assigned a customer-owned IPv4 address.

When this value is true, you must specify the customer-owned IP pool using CustomerOwnedIpv4Pool.

", "ModifyVolumeAttributeRequest$AutoEnableIO": "

Indicates whether the volume should be auto-enabled for I/O operations.

", "ModifyVpcAttributeRequest$EnableDnsHostnames": "

Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not.

You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute. You can only enable DNS hostnames if you've enabled DNS support.

", "ModifyVpcAttributeRequest$EnableDnsSupport": "

Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled.

You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute.

" @@ -2323,6 +2324,7 @@ "CoipPool$PoolId": "

The ID of the address pool.

", "CoipPoolIdSet$member": null, "GetCoipPoolUsageRequest$PoolId": "

The ID of the address pool.

", + "ModifySubnetAttributeRequest$CustomerOwnedIpv4Pool": "

The customer-owned IPv4 address pool associated with the subnet.

You must set this value when you specify true for MapCustomerOwnedIpOnLaunch.

", "Subnet$CustomerOwnedIpv4Pool": "

The customer-owned IPv4 address pool associated with the subnet.

" } }, @@ -13259,6 +13261,7 @@ "NetworkInterfaceAssociation$IpOwnerId": "

The ID of the Elastic IP address owner.

", "NetworkInterfaceAssociation$PublicDnsName": "

The public DNS name.

", "NetworkInterfaceAssociation$PublicIp": "

The address of the Elastic IP address or Carrier IP address bound to the network interface.

", + "NetworkInterfaceAssociation$CustomerOwnedIp": "

The customer-owned IP address associated with the network interface.

", "NetworkInterfaceAssociation$CarrierIp": "

The carrier IP address associated with the network interface.

This option is only available when the network interface is in a subnet which is associated with a Wavelength Zone.

", "NetworkInterfaceAttachment$AttachmentId": "

The ID of the network interface attachment.

", "NetworkInterfaceAttachment$InstanceId": "

The ID of the instance.

", diff --git a/aws-sdk-core/apis/eks/2017-11-01/api-2.json b/aws-sdk-core/apis/eks/2017-11-01/api-2.json index f893de9c86f..5efa209326e 100644 --- a/aws-sdk-core/apis/eks/2017-11-01/api-2.json +++ b/aws-sdk-core/apis/eks/2017-11-01/api-2.json @@ -349,7 +349,8 @@ "type":"string", "enum":[ "AL2_x86_64", - "AL2_x86_64_GPU" + "AL2_x86_64_GPU", + "AL2_ARM_64" ] }, "AutoScalingGroup":{ @@ -521,6 +522,7 @@ "shape":"String", "idempotencyToken":true }, + "launchTemplate":{"shape":"LaunchTemplateSpecification"}, "version":{"shape":"String"}, "releaseVersion":{"shape":"String"} } @@ -820,6 +822,14 @@ "type":"list", "member":{"shape":"Issue"} }, + "LaunchTemplateSpecification":{ + "type":"structure", + "members":{ + "name":{"shape":"String"}, + "version":{"shape":"String"}, + "id":{"shape":"String"} + } + }, "ListClustersRequest":{ "type":"structure", "members":{ @@ -1018,6 +1028,7 @@ "resources":{"shape":"NodegroupResources"}, "diskSize":{"shape":"BoxedInteger"}, "health":{"shape":"NodegroupHealth"}, + "launchTemplate":{"shape":"LaunchTemplateSpecification"}, "tags":{"shape":"TagMap"} } }, @@ -1353,6 +1364,7 @@ }, "version":{"shape":"String"}, "releaseVersion":{"shape":"String"}, + "launchTemplate":{"shape":"LaunchTemplateSpecification"}, "force":{"shape":"Boolean"}, "clientRequestToken":{ "shape":"String", diff --git a/aws-sdk-core/apis/eks/2017-11-01/docs-2.json b/aws-sdk-core/apis/eks/2017-11-01/docs-2.json index 2de0f0824d4..557c1a36f73 100644 --- a/aws-sdk-core/apis/eks/2017-11-01/docs-2.json +++ b/aws-sdk-core/apis/eks/2017-11-01/docs-2.json @@ -4,7 +4,7 @@ "operations": { "CreateCluster": "

Creates an Amazon EKS control plane.

The Amazon EKS control plane consists of control plane instances that run the Kubernetes software, such as etcd and the API server. The control plane runs in an account managed by AWS, and the Kubernetes API is exposed via the Amazon EKS API server endpoint. Each Amazon EKS cluster control plane is single-tenant and unique and runs on its own set of Amazon EC2 instances.

The cluster control plane is provisioned across multiple Availability Zones and fronted by an Elastic Load Balancing Network Load Balancer. Amazon EKS also provisions elastic network interfaces in your VPC subnets to provide connectivity from the control plane instances to the worker nodes (for example, to support kubectl exec, logs, and proxy data flows).

Amazon EKS worker nodes run in your AWS account and connect to your cluster's control plane via the Kubernetes API server endpoint and a certificate file that is created for your cluster.

You can use the endpointPublicAccess and endpointPrivateAccess parameters to enable or disable public and private access to your cluster's Kubernetes API server endpoint. By default, public access is enabled, and private access is disabled. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

You can use the logging parameter to enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster Control Plane Logs in the Amazon EKS User Guide .

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to exported control plane logs. For more information, see Amazon CloudWatch Pricing.

Cluster creation typically takes between 10 and 15 minutes. After you create an Amazon EKS cluster, you must configure your Kubernetes tooling to communicate with the API server and launch worker nodes into your cluster. For more information, see Managing Cluster Authentication and Launching Amazon EKS Worker Nodes in the Amazon EKS User Guide.

", "CreateFargateProfile": "

Creates an AWS Fargate profile for your Amazon EKS cluster. You must have at least one Fargate profile in a cluster to be able to run pods on Fargate.

The Fargate profile allows an administrator to declare which pods run on Fargate and specify which pods run on which Fargate profile. This declaration is done through the profile’s selectors. Each profile can have up to five selectors that contain a namespace and labels. A namespace is required for every selector. The label field consists of multiple optional key-value pairs. Pods that match the selectors are scheduled on Fargate. If a to-be-scheduled pod matches any of the selectors in the Fargate profile, then that pod is run on Fargate.

When you create a Fargate profile, you must specify a pod execution role to use with the pods that are scheduled with the profile. This role is added to the cluster's Kubernetes Role Based Access Control (RBAC) for authorization so that the kubelet that is running on the Fargate infrastructure can register with your Amazon EKS cluster so that it can appear in your cluster as a node. The pod execution role also provides IAM permissions to the Fargate infrastructure to allow read access to Amazon ECR image repositories. For more information, see Pod Execution Role in the Amazon EKS User Guide.

Fargate profiles are immutable. However, you can create a new updated profile to replace an existing profile and then delete the original after the updated profile has finished creating.

If any Fargate profiles in a cluster are in the DELETING status, you must wait for that Fargate profile to finish deleting before you can create any other profiles in that cluster.

For more information, see AWS Fargate Profile in the Amazon EKS User Guide.

", - "CreateNodegroup": "

Creates a managed worker node group for an Amazon EKS cluster. You can only create a node group for your cluster that is equal to the current Kubernetes version for the cluster. All node groups are created with the latest AMI release version for the respective minor Kubernetes version of the cluster.

An Amazon EKS managed node group is an Amazon EC2 Auto Scaling group and associated Amazon EC2 instances that are managed by AWS for an Amazon EKS cluster. Each node group uses a version of the Amazon EKS-optimized Amazon Linux 2 AMI. For more information, see Managed Node Groups in the Amazon EKS User Guide.

", + "CreateNodegroup": "

Creates a managed worker node group for an Amazon EKS cluster. You can only create a node group for your cluster that is equal to the current Kubernetes version for the cluster. All node groups are created with the latest AMI release version for the respective minor Kubernetes version of the cluster, unless you deploy a custom AMI using a launch template. For more information about using launch templates, see Launch template support.

An Amazon EKS managed node group is an Amazon EC2 Auto Scaling group and associated Amazon EC2 instances that are managed by AWS for an Amazon EKS cluster. Each node group uses a version of the Amazon EKS-optimized Amazon Linux 2 AMI. For more information, see Managed Node Groups in the Amazon EKS User Guide.

", "DeleteCluster": "

Deletes the Amazon EKS cluster control plane.

If you have active services in your cluster that are associated with a load balancer, you must delete those services before deleting the cluster so that the load balancers are deleted properly. Otherwise, you can have orphaned resources in your VPC that prevent you from being able to delete the VPC. For more information, see Deleting a Cluster in the Amazon EKS User Guide.

If you have managed node groups or Fargate profiles attached to the cluster, you must delete them first. For more information, see DeleteNodegroup and DeleteFargateProfile.

", "DeleteFargateProfile": "

Deletes an AWS Fargate profile.

When you delete a Fargate profile, any pods running on Fargate that were created with the profile are deleted. If those pods match another Fargate profile, then they are scheduled on Fargate with that profile. If they no longer match any Fargate profiles, then they are not scheduled on Fargate and they may remain in a pending state.

Only one Fargate profile in a cluster can be in the DELETING status at a time. You must wait for a Fargate profile to finish deleting before you can delete any other profiles in that cluster.

", "DeleteNodegroup": "

Deletes an Amazon EKS node group for a cluster.

", @@ -22,14 +22,14 @@ "UpdateClusterConfig": "

Updates an Amazon EKS cluster configuration. Your cluster continues to function during the update. The response output includes an update ID that you can use to track the status of your cluster update with the DescribeUpdate API operation.

You can use this API operation to enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster Control Plane Logs in the Amazon EKS User Guide .

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to exported control plane logs. For more information, see Amazon CloudWatch Pricing.

You can also use this API operation to enable or disable public and private access to your cluster's Kubernetes API server endpoint. By default, public access is enabled, and private access is disabled. For more information, see Amazon EKS Cluster Endpoint Access Control in the Amazon EKS User Guide .

At this time, you can not update the subnets or security group IDs for an existing cluster.

Cluster updates are asynchronous, and they should finish within a few minutes. During an update, the cluster status moves to UPDATING (this status transition is eventually consistent). When the update is complete (either Failed or Successful), the cluster status moves to Active.

", "UpdateClusterVersion": "

Updates an Amazon EKS cluster to the specified Kubernetes version. Your cluster continues to function during the update. The response output includes an update ID that you can use to track the status of your cluster update with the DescribeUpdate API operation.

Cluster updates are asynchronous, and they should finish within a few minutes. During an update, the cluster status moves to UPDATING (this status transition is eventually consistent). When the update is complete (either Failed or Successful), the cluster status moves to Active.

If your cluster has managed node groups attached to it, all of your node groups’ Kubernetes versions must match the cluster’s Kubernetes version in order to update the cluster to a new Kubernetes version.

", "UpdateNodegroupConfig": "

Updates an Amazon EKS managed node group configuration. Your node group continues to function during the update. The response output includes an update ID that you can use to track the status of your node group update with the DescribeUpdate API operation. Currently you can update the Kubernetes labels for a node group or the scaling configuration.

", - "UpdateNodegroupVersion": "

Updates the Kubernetes version or AMI version of an Amazon EKS managed node group.

You can update to the latest available AMI version of a node group's current Kubernetes version by not specifying a Kubernetes version in the request. You can update to the latest AMI version of your cluster's current Kubernetes version by specifying your cluster's Kubernetes version in the request. For more information, see Amazon EKS-Optimized Linux AMI Versions in the Amazon EKS User Guide.

You cannot roll back a node group to an earlier Kubernetes version or AMI version.

When a node in a managed node group is terminated due to a scaling action or update, the pods in that node are drained first. Amazon EKS attempts to drain the nodes gracefully and will fail if it is unable to do so. You can force the update if Amazon EKS is unable to drain the nodes as a result of a pod disruption budget issue.

" + "UpdateNodegroupVersion": "

Updates the Kubernetes version or AMI version of an Amazon EKS managed node group.

You can update a node group using a launch template only if the node group was originally deployed with a launch template. If you need to update a custom AMI in a node group that was deployed with a launch template, then update your custom AMI, specify the new ID in a new version of the launch template, and then update the node group to the new version of the launch template.

If you update without a launch template, then you can update to the latest available AMI version of a node group's current Kubernetes version by not specifying a Kubernetes version in the request. You can update to the latest AMI version of your cluster's current Kubernetes version by specifying your cluster's Kubernetes version in the request. For more information, see Amazon EKS-Optimized Linux AMI Versions in the Amazon EKS User Guide.

You cannot roll back a node group to an earlier Kubernetes version or AMI version.

When a node in a managed node group is terminated due to a scaling action or update, the pods in that node are drained first. Amazon EKS attempts to drain the nodes gracefully and will fail if it is unable to do so. You can force the update if Amazon EKS is unable to drain the nodes as a result of a pod disruption budget issue.

" }, "shapes": { "AMITypes": { "base": null, "refs": { - "CreateNodegroupRequest$amiType": "

The AMI type for your node group. GPU instance types should use the AL2_x86_64_GPU AMI type, which uses the Amazon EKS-optimized Linux AMI with GPU support. Non-GPU instances should use the AL2_x86_64 AMI type, which uses the Amazon EKS-optimized Linux AMI.

", - "Nodegroup$amiType": "

The AMI type associated with your node group. GPU instance types should use the AL2_x86_64_GPU AMI type, which uses the Amazon EKS-optimized Linux AMI with GPU support. Non-GPU instances should use the AL2_x86_64 AMI type, which uses the Amazon EKS-optimized Linux AMI.

" + "CreateNodegroupRequest$amiType": "

The AMI type for your node group. GPU instance types should use the AL2_x86_64_GPU AMI type, which uses the Amazon EKS-optimized Linux AMI with GPU support. Non-GPU instances should use the AL2_x86_64 AMI type, which uses the Amazon EKS-optimized Linux AMI. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", + "Nodegroup$amiType": "

If the node group was deployed using a launch template with a custom AMI, then this is CUSTOM. For node groups that weren't deployed using a launch template, this is the AMI type that was specified in the node group configuration.

" } }, "AutoScalingGroup": { @@ -68,8 +68,8 @@ "BoxedInteger": { "base": null, "refs": { - "CreateNodegroupRequest$diskSize": "

The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB.

", - "Nodegroup$diskSize": "

The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB.

" + "CreateNodegroupRequest$diskSize": "

The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", + "Nodegroup$diskSize": "

If the node group wasn't deployed with a launch template, then this is the disk size in the node group configuration. If the node group was deployed with a launch template, then diskSize is null.

" } }, "Capacity": { @@ -309,6 +309,14 @@ "NodegroupHealth$issues": "

Any issues that are associated with the node group.

" } }, + "LaunchTemplateSpecification": { + "base": "

An object representing a node group launch template specification. The launch template cannot include SubnetId , IamInstanceProfile , RequestSpotInstances , HibernationOptions , or TerminateInstances , or the node group deployment or update will fail. For more information about launch templates, see CreateLaunchTemplate in the Amazon EC2 API Reference. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Specify either name or id, but not both.

", + "refs": { + "CreateNodegroupRequest$launchTemplate": "

An object representing a node group's launch template specification. If specified, then do not specify instanceTypes, diskSize, or remoteAccess. If specified, make sure that the launch template meets the requirements in launchTemplateSpecification.

", + "Nodegroup$launchTemplate": "

If a launch template was used to create the node group, then this is the launch template that was used.

", + "UpdateNodegroupVersionRequest$launchTemplate": "

An object representing a node group's launch template specification. You can only update a node group using a launch template if the node group was originally deployed with a launch template.

" + } + }, "ListClustersRequest": { "base": null, "refs": { @@ -426,7 +434,7 @@ "NodegroupIssueCode": { "base": null, "refs": { - "Issue$code": "

A brief description of the error.

" + "Issue$code": "

A brief description of the error.

" } }, "NodegroupResources": { @@ -436,7 +444,7 @@ } }, "NodegroupScalingConfig": { - "base": "

An object representing the scaling configuration details for the Auto Scaling group that is associated with your node group.

", + "base": "

An object representing the scaling configuration details for the Auto Scaling group that is associated with your node group. If you specify a value for any property, then you must specify values for all of the properties.

", "refs": { "CreateNodegroupRequest$scalingConfig": "

The scaling configuration details for the Auto Scaling group that is created for your node group.

", "Nodegroup$scalingConfig": "

The scaling configuration details for the Auto Scaling group that is associated with your node group.

", @@ -469,8 +477,8 @@ "RemoteAccessConfig": { "base": "

An object representing the remote access configuration for the managed node group.

", "refs": { - "CreateNodegroupRequest$remoteAccess": "

The remote access (SSH) configuration to use with your node group.

", - "Nodegroup$remoteAccess": "

The remote access (SSH) configuration that is associated with the node group.

" + "CreateNodegroupRequest$remoteAccess": "

The remote access (SSH) configuration to use with your node group. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", + "Nodegroup$remoteAccess": "

If the node group wasn't deployed with a launch template, then this is the remote access configuration that is associated with the node group. If the node group was deployed with a launch template, then remoteAccess is null.

" } }, "ResourceInUseException": { @@ -515,7 +523,7 @@ "Cluster$clientRequestToken": "

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

", "Cluster$platformVersion": "

The platform version of your Amazon EKS cluster. For more information, see Platform Versions in the Amazon EKS User Guide .

", "CreateClusterRequest$version": "

The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used.

", - "CreateClusterRequest$roleArn": "

The Amazon Resource Name (ARN) of the IAM role that provides permissions for Amazon EKS to make calls to other AWS API operations on your behalf. For more information, see Amazon EKS Service IAM Role in the Amazon EKS User Guide .

", + "CreateClusterRequest$roleArn": "

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see Amazon EKS Service IAM Role in the Amazon EKS User Guide .

", "CreateClusterRequest$clientRequestToken": "

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

", "CreateFargateProfileRequest$fargateProfileName": "

The name of the Fargate profile.

", "CreateFargateProfileRequest$clusterName": "

The name of the Amazon EKS cluster to apply the Fargate profile to.

", @@ -523,10 +531,10 @@ "CreateFargateProfileRequest$clientRequestToken": "

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

", "CreateNodegroupRequest$clusterName": "

The name of the cluster to create the node group in.

", "CreateNodegroupRequest$nodegroupName": "

The unique name to give your node group.

", - "CreateNodegroupRequest$nodeRole": "

The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to AWS APIs on your behalf. Worker nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch worker nodes and register them into a cluster, you must create an IAM role for those worker nodes to use when they are launched. For more information, see Amazon EKS Worker Node IAM Role in the Amazon EKS User Guide .

", + "CreateNodegroupRequest$nodeRole": "

The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to AWS APIs on your behalf. Worker nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch worker nodes and register them into a cluster, you must create an IAM role for those worker nodes to use when they are launched. For more information, see Amazon EKS Worker Node IAM Role in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", "CreateNodegroupRequest$clientRequestToken": "

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

", - "CreateNodegroupRequest$version": "

The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value.

", - "CreateNodegroupRequest$releaseVersion": "

The AMI version of the Amazon EKS-optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see Amazon EKS-Optimized Linux AMI Versions in the Amazon EKS User Guide.

", + "CreateNodegroupRequest$version": "

The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", + "CreateNodegroupRequest$releaseVersion": "

The AMI version of the Amazon EKS-optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see Amazon EKS-Optimized Linux AMI Versions in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", "DeleteClusterRequest$name": "

The name of the cluster to delete.

", "DeleteFargateProfileRequest$clusterName": "

The name of the Amazon EKS cluster associated with the Fargate profile to delete.

", "DeleteFargateProfileRequest$fargateProfileName": "

The name of the Fargate profile to delete.

", @@ -556,6 +564,9 @@ "InvalidRequestException$nodegroupName": "

The Amazon EKS managed node group associated with the exception.

", "InvalidRequestException$message": null, "Issue$message": "

The error message associated with the issue.

", + "LaunchTemplateSpecification$name": "

The name of the launch template.

", + "LaunchTemplateSpecification$version": "

The version of the launch template to use. If no version is specified, then the template's default version is used.

", + "LaunchTemplateSpecification$id": "

The ID of the launch template.

", "ListClustersRequest$nextToken": "

The nextToken value returned from a previous paginated ListClusters request where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value.

This token should be treated as an opaque identifier that is used only to retrieve the next items in a list and not for other programmatic purposes.

", "ListClustersResponse$nextToken": "

The nextToken value to include in a future ListClusters request. When the results of a ListClusters request exceed maxResults, you can use this value to retrieve the next page of results. This value is null when there are no more results to return.

", "ListFargateProfilesRequest$clusterName": "

The name of the Amazon EKS cluster that you would like to listFargate profiles in.

", @@ -573,8 +584,8 @@ "Nodegroup$nodegroupArn": "

The Amazon Resource Name (ARN) associated with the managed node group.

", "Nodegroup$clusterName": "

The name of the cluster that the managed node group resides in.

", "Nodegroup$version": "

The Kubernetes version of the managed node group.

", - "Nodegroup$releaseVersion": "

The AMI version of the managed node group. For more information, see Amazon EKS-Optimized Linux AMI Versions in the Amazon EKS User Guide.

", - "Nodegroup$nodeRole": "

The IAM role associated with your node group. The Amazon EKS worker node kubelet daemon makes calls to AWS APIs on your behalf. Worker nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch worker nodes and register them into a cluster, you must create an IAM role for those worker nodes to use when they are launched. For more information, see Amazon EKS Worker Node IAM Role in the Amazon EKS User Guide .

", + "Nodegroup$releaseVersion": "

If the node group was deployed using a launch template with a custom AMI, then this is the AMI ID that was specified in the launch template. For node groups that weren't deployed using a launch template, this is the version of the Amazon EKS-optimized AMI that the node group was deployed with.

", + "Nodegroup$nodeRole": "

The IAM role associated with your node group. The Amazon EKS worker node kubelet daemon makes calls to AWS APIs on your behalf. Worker nodes receive permissions for these API calls through an IAM instance profile and associated policies.

", "NodegroupResources$remoteAccessSecurityGroup": "

The remote access security group associated with the node group. This security group controls SSH access to the worker nodes.

", "NotFoundException$message": null, "OIDC$issuer": "

The issuer URL for the OpenID Connect identity provider.

", @@ -611,8 +622,8 @@ "UpdateNodegroupConfigRequest$clientRequestToken": "

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

", "UpdateNodegroupVersionRequest$clusterName": "

The name of the Amazon EKS cluster that is associated with the managed node group to update.

", "UpdateNodegroupVersionRequest$nodegroupName": "

The name of the managed node group to update.

", - "UpdateNodegroupVersionRequest$version": "

The Kubernetes version to update to. If no version is specified, then the Kubernetes version of the node group does not change. You can specify the Kubernetes version of the cluster to update the node group to the latest AMI version of the cluster's Kubernetes version.

", - "UpdateNodegroupVersionRequest$releaseVersion": "

The AMI version of the Amazon EKS-optimized AMI to use for the update. By default, the latest available AMI version for the node group's Kubernetes version is used. For more information, see Amazon EKS-Optimized Linux AMI Versions in the Amazon EKS User Guide.

", + "UpdateNodegroupVersionRequest$version": "

The Kubernetes version to update to. If no version is specified, then the Kubernetes version of the node group does not change. You can specify the Kubernetes version of the cluster to update the node group to the latest AMI version of the cluster's Kubernetes version. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group update will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", + "UpdateNodegroupVersionRequest$releaseVersion": "

The AMI version of the Amazon EKS-optimized AMI to use for the update. By default, the latest available AMI version for the node group's Kubernetes version is used. For more information, see Amazon EKS-Optimized Linux AMI Versions in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group update will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", "UpdateNodegroupVersionRequest$clientRequestToken": "

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

", "UpdateParam$value": "

The value of the keys submitted as part of an update request.

", "VpcConfigResponse$clusterSecurityGroupId": "

The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication.

", @@ -624,8 +635,8 @@ "base": null, "refs": { "CreateFargateProfileRequest$subnets": "

The IDs of subnets to launch your pods into. At this time, pods running on Fargate are not assigned public IP addresses, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.

", - "CreateNodegroupRequest$subnets": "

The subnets to use for the Auto Scaling group that is created for your node group. These subnets must have the tag key kubernetes.io/cluster/CLUSTER_NAME with a value of shared, where CLUSTER_NAME is replaced with the name of your cluster.

", - "CreateNodegroupRequest$instanceTypes": "

The instance type to use for your node group. Currently, you can specify a single instance type for a node group. The default value for this parameter is t3.medium. If you choose a GPU instance type, be sure to specify the AL2_x86_64_GPU with the amiType parameter.

", + "CreateNodegroupRequest$subnets": "

The subnets to use for the Auto Scaling group that is created for your node group. These subnets must have the tag key kubernetes.io/cluster/CLUSTER_NAME with a value of shared, where CLUSTER_NAME is replaced with the name of your cluster. If you specify launchTemplate, then don't specify SubnetId in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", + "CreateNodegroupRequest$instanceTypes": "

The instance type to use for your node group. You can specify a single instance type for a node group. The default value for instanceTypes is t3.medium. If you choose a GPU instance type, be sure to specify AL2_x86_64_GPU with the amiType parameter. If you specify launchTemplate, then don't specify instanceTypes, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

", "EncryptionConfig$resources": "

Specifies the resources to be encrypted. The only supported value is \"secrets\".

", "ErrorDetail$resourceIds": "

An optional field that contains the resource IDs associated with the error.

", "FargateProfile$subnets": "

The IDs of subnets to launch pods into.

", @@ -634,8 +645,8 @@ "ListFargateProfilesResponse$fargateProfileNames": "

A list of all of the Fargate profiles associated with the specified cluster.

", "ListNodegroupsResponse$nodegroups": "

A list of all of the node groups associated with the specified cluster.

", "ListUpdatesResponse$updateIds": "

A list of all the updates for the specified cluster and Region.

", - "Nodegroup$instanceTypes": "

The instance types associated with your node group.

", - "Nodegroup$subnets": "

The subnets allowed for the Auto Scaling group that is associated with your node group. These subnets must have the following tag: kubernetes.io/cluster/CLUSTER_NAME, where CLUSTER_NAME is replaced with the name of your cluster.

", + "Nodegroup$instanceTypes": "

If the node group wasn't deployed with a launch template, then this is the instance type that is associated with the node group. If the node group was deployed with a launch template, then instanceTypes is null.

", + "Nodegroup$subnets": "

The subnets that were specified for the Auto Scaling group that is associated with your node group.

", "RemoteAccessConfig$sourceSecurityGroups": "

The security groups that are allowed SSH access (port 22) to the worker nodes. If you specify an Amazon EC2 SSH key but do not specify a source security group when you create a managed node group, then port 22 on the worker nodes is opened to the internet (0.0.0.0/0). For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.

", "UnsupportedAvailabilityZoneException$validZones": "

The supported Availability Zones for your account. Choose subnets in these Availability Zones for your cluster.

", "VpcConfigRequest$subnetIds": "

Specify subnets for your Amazon EKS worker nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your worker nodes and the Kubernetes control plane.

", diff --git a/aws-sdk-core/apis/macie2/2020-01-01/docs-2.json b/aws-sdk-core/apis/macie2/2020-01-01/docs-2.json index 795b3d7cfe1..28fc581392e 100644 --- a/aws-sdk-core/apis/macie2/2020-01-01/docs-2.json +++ b/aws-sdk-core/apis/macie2/2020-01-01/docs-2.json @@ -987,10 +987,10 @@ "TagMap" : { "base" : "

A string-to-string map of key-value pairs that specifies the tags (keys and values) for a classification job, custom data identifier, findings filter, or member account.

", "refs" : { - "CreateClassificationJobRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the job.

A job can have a maximum of 50 tags. Each tag consists of a required tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

", - "CreateCustomDataIdentifierRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the custom data identifier.

A custom data identifier can have a maximum of 50 tags. Each tag consists of a required tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

", - "CreateFindingsFilterRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the filter.

A findings filter can have a maximum of 50 tags. Each tag consists of a required tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

", - "CreateMemberRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.

An account can have a maximum of 50 tags. Each tag consists of a required tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

", + "CreateClassificationJobRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the job.

A job can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

", + "CreateCustomDataIdentifierRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the custom data identifier.

A custom data identifier can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

", + "CreateFindingsFilterRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the filter.

A findings filter can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

", + "CreateMemberRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.

An account can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

", "DescribeClassificationJobResponse$Tags" : "

A map of key-value pairs that identifies the tags (keys and values) that are associated with the classification job.

", "FindingsFilterListItem$Tags" : "

A map of key-value pairs that identifies the tags (keys and values) that are associated with the filter.

", "GetCustomDataIdentifierResponse$Tags" : "

A map of key-value pairs that identifies the tags (keys and values) that are associated with the custom data identifier.

", @@ -998,7 +998,7 @@ "GetMemberResponse$Tags" : "

A map of key-value pairs that identifies the tags (keys and values) that are associated with the member account in Amazon Macie.

", "ListTagsForResourceResponse$Tags" : "

A map of key-value pairs that identifies the tags (keys and values) that are associated with the resource.

", "Member$Tags" : "

A map of key-value pairs that identifies the tags (keys and values) that are associated with the account in Amazon Macie.

", - "TagResourceRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the resource.

A resource can have a maximum of 50 tags. Each tag consists of a required tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

" + "TagResourceRequest$Tags" : "

A map of key-value pairs that specifies the tags to associate with the resource.

A resource can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

" } }, "TagResourceRequest" : { @@ -1012,7 +1012,7 @@ "TagScopeTerm" : { "base" : "

Specifies a tag-based condition that determines whether an object is included or excluded from a classification job.

", "refs" : { - "JobScopeTerm$TagScopeTerm" : "

A tag-based condition that defines the operator and a tag key or tag keys and values for including or excluding an object from the job.

" + "JobScopeTerm$TagScopeTerm" : "

A tag-based condition that defines an operator and a tag key and value for including or excluding an object from the job.

" } }, "TagTarget" : { @@ -1203,11 +1203,11 @@ "__integer" : { "base" : null, "refs" : { - "CreateClassificationJobRequest$SamplingPercentage" : "

The sampling depth, as a percentage, to apply when processing objects. This value determines the percentage of eligible objects that the job analyzes. If the value is less than 100, Amazon Macie randomly selects the objects to analyze, up to the specified percentage.

", + "CreateClassificationJobRequest$SamplingPercentage" : "

The sampling depth, as a percentage, to apply when processing objects. This value determines the percentage of eligible objects that the job analyzes. If this value is less than 100, Amazon Macie selects the objects to analyze at random, up to the specified percentage, and analyzes all the data in those objects.

", "CreateCustomDataIdentifierRequest$MaximumMatchDistance" : "

The maximum number of characters that can exist between text that matches the regex pattern and the character sequences specified by the keywords array. Macie includes or excludes a result based on the proximity of a keyword to text that matches the regex pattern. The distance can be 1 - 300 characters. The default value is 50.

", "CreateFindingsFilterRequest$Position" : "

The position of the filter in the list of saved filters on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to the findings.

", "DescribeBucketsRequest$MaxResults" : "

The maximum number of items to include in each page of the response. The default value is 50.

", - "DescribeClassificationJobResponse$SamplingPercentage" : "

The sampling depth, as a percentage, that the job applies when it processes objects.

", + "DescribeClassificationJobResponse$SamplingPercentage" : "

The sampling depth, as a percentage, that determines the number of objects that the job processes.

", "GetCustomDataIdentifierResponse$MaximumMatchDistance" : "

The maximum number of characters that can exist between text that matches the regex pattern and the character sequences specified by the keywords array. Macie includes or excludes a result based on the proximity of a keyword to text that matches the regex pattern.

", "GetFindingStatisticsRequest$Size" : "

The maximum number of items to include in each page of the response.

", "GetFindingsFilterResponse$Position" : "

The position of the filter in the list of saved filters on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to the findings.

", @@ -1359,24 +1359,24 @@ "BucketCriteriaAdditionalProperties$Eq" : "

An equal to condition to apply to a specified attribute value for buckets.

", "BucketCriteriaAdditionalProperties$Neq" : "

A not equal to condition to apply to a specified attribute value for buckets.

", "CreateClassificationJobRequest$CustomDataIdentifierIds" : "

The custom data identifiers to use for data analysis and classification.

", - "CreateCustomDataIdentifierRequest$IgnoreWords" : "

An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression is the same as any string in this array, Amazon Macie ignores it. The array can contain as many as 10 ignore words. Each ignore word can contain 4 - 90 characters.

", - "CreateCustomDataIdentifierRequest$Keywords" : "

An array that lists specific character sequences (keywords), one of which must be within proximity (maximumMatchDistance) of the regular expression to match. The array can contain as many as 50 keywords. Each keyword can contain 4 - 90 characters.

", + "CreateCustomDataIdentifierRequest$IgnoreWords" : "

An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression is the same as any string in this array, Amazon Macie ignores it. The array can contain as many as 10 ignore words. Each ignore word can contain 4 - 90 characters. Ignore words are case sensitive.

", + "CreateCustomDataIdentifierRequest$Keywords" : "

An array that lists specific character sequences (keywords), one of which must be within proximity (maximumMatchDistance) of the regular expression to match. The array can contain as many as 50 keywords. Each keyword can contain 4 - 90 characters. Keywords aren't case sensitive.

", "CreateInvitationsRequest$AccountIds" : "

An array that lists AWS account IDs, one for each account to send the invitation to.

", "CriterionAdditionalProperties$Eq" : "

An equal to condition to apply to a specified property value for findings.

", "CriterionAdditionalProperties$Neq" : "

A not equal to condition to apply to a specified property value for findings.

", "DeclineInvitationsRequest$AccountIds" : "

An array that lists AWS account IDs, one for each account that sent an invitation to decline.

", "DeleteInvitationsRequest$AccountIds" : "

An array that lists AWS account IDs, one for each account that sent an invitation to delete.

", "DescribeClassificationJobResponse$CustomDataIdentifierIds" : "

The custom data identifiers that the job uses to analyze data.

", - "GetCustomDataIdentifierResponse$IgnoreWords" : "

An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression is the same as any string in this array, Amazon Macie ignores it.

", - "GetCustomDataIdentifierResponse$Keywords" : "

An array that lists specific character sequences (keywords), one of which must be within proximity (maximumMatchDistance) of the regular expression to match.

", + "GetCustomDataIdentifierResponse$IgnoreWords" : "

An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression is the same as any string in this array, Amazon Macie ignores it. Ignore words are case sensitive.

", + "GetCustomDataIdentifierResponse$Keywords" : "

An array that lists specific character sequences (keywords), one of which must be within proximity (maximumMatchDistance) of the regular expression to match. Keywords aren't case sensitive.

", "GetFindingsRequest$FindingIds" : "

An array of strings that lists the unique identifiers for the findings to retrieve information about.

", "ListFindingsResponse$FindingIds" : "

An array of strings, where each string is the unique identifier for a finding that meets the filter criteria specified in the request.

", "ListJobsFilterTerm$Values" : "

An array that lists one or more values to use to filter the results.

", "ReplicationDetails$ReplicationAccounts" : "

An array of AWS account IDs, one for each AWS account that the bucket is configured to replicate one or more objects to.

", "S3BucketDefinitionForJob$Buckets" : "

An array that lists the names of the buckets.

", "SimpleScopeTerm$Values" : "

An array that lists one or more values to use in the condition.

", - "TestCustomDataIdentifierRequest$IgnoreWords" : "

An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression is the same as any string in this array, Amazon Macie ignores it. The array can contain as many as 10 ignore words. Each ignore word can contain 4 - 90 characters.

", - "TestCustomDataIdentifierRequest$Keywords" : "

An array that lists specific character sequences (keywords), one of which must be within proximity (maximumMatchDistance) of the regular expression to match. The array can contain as many as 50 keywords. Each keyword can contain 4 - 90 characters.

", + "TestCustomDataIdentifierRequest$IgnoreWords" : "

An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression is the same as any string in this array, Amazon Macie ignores it. The array can contain as many as 10 ignore words. Each ignore word can contain 4 - 90 characters. Ignore words are case sensitive.

", + "TestCustomDataIdentifierRequest$Keywords" : "

An array that lists specific character sequences (keywords), one of which must be within proximity (maximumMatchDistance) of the regular expression to match. The array can contain as many as 50 keywords. Each keyword can contain 4 - 90 characters. Keywords aren't case sensitive.

", "UsageStatisticsFilter$Values" : "

An array that lists values to use in the condition, based on the value for the field specified by the key property. If the value for the key property is accountId, this array can specify multiple values. Otherwise, this array can specify only one value.

Valid values for each supported field are:

" } }, diff --git a/aws-sdk-core/apis/rds/2014-10-31/api-2.json b/aws-sdk-core/apis/rds/2014-10-31/api-2.json index 8b064b99202..41042948e2c 100644 --- a/aws-sdk-core/apis/rds/2014-10-31/api-2.json +++ b/aws-sdk-core/apis/rds/2014-10-31/api-2.json @@ -2912,7 +2912,8 @@ "UseDefaultProcessorFeatures":{"shape":"BooleanOptional"}, "DeletionProtection":{"shape":"BooleanOptional"}, "Domain":{"shape":"String"}, - "DomainIAMRoleName":{"shape":"String"} + "DomainIAMRoleName":{"shape":"String"}, + "ReplicaMode":{"shape":"ReplicaMode"} } }, "CreateDBInstanceReadReplicaResult":{ @@ -3640,6 +3641,7 @@ "ReadReplicaSourceDBInstanceIdentifier":{"shape":"String"}, "ReadReplicaDBInstanceIdentifiers":{"shape":"ReadReplicaDBInstanceIdentifierList"}, "ReadReplicaDBClusterIdentifiers":{"shape":"ReadReplicaDBClusterIdentifierList"}, + "ReplicaMode":{"shape":"ReplicaMode"}, "LicenseModel":{"shape":"String"}, "Iops":{"shape":"IntegerOptional"}, "OptionGroupMemberships":{"shape":"OptionGroupMembershipList"}, @@ -5999,7 +6001,8 @@ "UseDefaultProcessorFeatures":{"shape":"BooleanOptional"}, "DeletionProtection":{"shape":"BooleanOptional"}, "MaxAllocatedStorage":{"shape":"IntegerOptional"}, - "CertificateRotationRestart":{"shape":"BooleanOptional"} + "CertificateRotationRestart":{"shape":"BooleanOptional"}, + "ReplicaMode":{"shape":"ReplicaMode"} } }, "ModifyDBInstanceResult":{ @@ -6753,6 +6756,13 @@ "TagKeys":{"shape":"KeyList"} } }, + "ReplicaMode":{ + "type":"string", + "enum":[ + "open-read-only", + "mounted" + ] + }, "ReservedDBInstance":{ "type":"structure", "members":{ diff --git a/aws-sdk-core/apis/rds/2014-10-31/docs-2.json b/aws-sdk-core/apis/rds/2014-10-31/docs-2.json index ab0d3ce0a32..994f38d4d17 100644 --- a/aws-sdk-core/apis/rds/2014-10-31/docs-2.json +++ b/aws-sdk-core/apis/rds/2014-10-31/docs-2.json @@ -27,7 +27,7 @@ "CreateDBSecurityGroup": "

Creates a new DB security group. DB security groups control access to a DB instance.

A DB security group controls access to EC2-Classic DB instances that are not in a VPC.

", "CreateDBSnapshot": "

Creates a DBSnapshot. The source DBInstance must be in \"available\" state.

", "CreateDBSubnetGroup": "

Creates a new DB subnet group. DB subnet groups must contain at least one subnet in at least two AZs in the AWS Region.

", - "CreateEventSubscription": "

Creates an RDS event notification subscription. This action requires a topic Amazon Resource Name (ARN) created by either the RDS console, the SNS console, or the SNS API. To obtain an ARN with SNS, you must create a topic in Amazon SNS and subscribe to the topic. The ARN is displayed in the SNS console.

You can specify the type of source (SourceType) you want to be notified of, provide a list of RDS sources (SourceIds) that triggers the events, and provide a list of event categories (EventCategories) for events you want to be notified of. For example, you can specify SourceType = db-instance, SourceIds = mydbinstance1, mydbinstance2 and EventCategories = Availability, Backup.

If you specify both the SourceType and SourceIds, such as SourceType = db-instance and SourceIdentifier = myDBInstance1, you are notified of all the db-instance events for the specified source. If you specify a SourceType but do not specify a SourceIdentifier, you receive notice of the events for that source type for all your RDS sources. If you don't specify either the SourceType or the SourceIdentifier, you are notified of events generated from all RDS sources belonging to your customer account.

RDS event notification is only available for unencrypted SNS topics. If you specify an encrypted SNS topic, event notifications aren't sent for the topic.

", + "CreateEventSubscription": "

Creates an RDS event notification subscription. This action requires a topic Amazon Resource Name (ARN) created by either the RDS console, the SNS console, or the SNS API. To obtain an ARN with SNS, you must create a topic in Amazon SNS and subscribe to the topic. The ARN is displayed in the SNS console.

You can specify the type of source (SourceType) that you want to be notified of and provide a list of RDS sources (SourceIds) that triggers the events. You can also provide a list of event categories (EventCategories) for events that you want to be notified of. For example, you can specify SourceType = db-instance, SourceIds = mydbinstance1, mydbinstance2 and EventCategories = Availability, Backup.

If you specify both the SourceType and SourceIds, such as SourceType = db-instance and SourceIdentifier = myDBInstance1, you are notified of all the db-instance events for the specified source. If you specify a SourceType but do not specify a SourceIdentifier, you receive notice of the events for that source type for all your RDS sources. If you don't specify either the SourceType or the SourceIdentifier, you are notified of events generated from all RDS sources belonging to your customer account.

RDS event notification is only available for unencrypted SNS topics. If you specify an encrypted SNS topic, event notifications aren't sent for the topic.

", "CreateGlobalCluster": "

Creates an Aurora global database spread across multiple regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem.

You can create a global database that is initially empty, and then add a primary cluster and a secondary cluster to it. Or you can specify an existing Aurora cluster during the create operation, and this cluster becomes the primary cluster of the global database.

This action only applies to Aurora DB clusters.

", "CreateOptionGroup": "

Creates a new option group. You can create up to 20 option groups.

", "DeleteCustomAvailabilityZone": "

Deletes a custom Availability Zone (AZ).

A custom AZ is an on-premises AZ that is integrated with a VMware vSphere cluster.

For more information about RDS on VMware, see the RDS on VMware User Guide.

", @@ -72,9 +72,9 @@ "DescribeDBSubnetGroups": "

Returns a list of DBSubnetGroup descriptions. If a DBSubnetGroupName is specified, the list will contain only the descriptions of the specified DBSubnetGroup.

For an overview of CIDR ranges, go to the Wikipedia Tutorial.

", "DescribeEngineDefaultClusterParameters": "

Returns the default engine and system parameter information for the cluster database engine.

For more information on Amazon Aurora, see What Is Amazon Aurora? in the Amazon Aurora User Guide.

", "DescribeEngineDefaultParameters": "

Returns the default engine and system parameter information for the specified database engine.

", - "DescribeEventCategories": "

Displays a list of categories for all event source types, or, if specified, for a specified source type. You can see a list of the event categories and source types in the Events topic in the Amazon RDS User Guide.

", - "DescribeEventSubscriptions": "

Lists all the subscription descriptions for a customer account. The description for a subscription includes SubscriptionName, SNSTopicARN, CustomerID, SourceType, SourceID, CreationTime, and Status.

If you specify a SubscriptionName, lists the description for that subscription.

", - "DescribeEvents": "

Returns events related to DB instances, DB security groups, DB snapshots, and DB parameter groups for the past 14 days. Events specific to a particular DB instance, DB security group, database snapshot, or DB parameter group can be obtained by providing the name as a parameter. By default, the past hour of events are returned.

", + "DescribeEventCategories": "

Displays a list of categories for all event source types, or, if specified, for a specified source type. You can see a list of the event categories and source types in Events in the Amazon RDS User Guide.

", + "DescribeEventSubscriptions": "

Lists all the subscription descriptions for a customer account. The description for a subscription includes SubscriptionName, SNSTopicARN, CustomerID, SourceType, SourceID, CreationTime, and Status.

If you specify a SubscriptionName, lists the description for that subscription.

", + "DescribeEvents": "

Returns events related to DB instances, DB clusters, DB parameter groups, DB security groups, DB snapshots, and DB cluster snapshots for the past 14 days. Events specific to a particular DB instances, DB clusters, DB parameter groups, DB security groups, DB snapshots, and DB cluster snapshots group can be obtained by providing the name as a parameter. By default, the past hour of events are returned.

", "DescribeExportTasks": "

Returns information about a snapshot export to Amazon S3. This API operation supports pagination.

", "DescribeGlobalClusters": "

Returns information about Aurora global database clusters. This API supports pagination.

For more information on Amazon Aurora, see What Is Amazon Aurora? in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters.

", "DescribeInstallationMedia": "

Describes the available installation media for a DB engine that requires an on-premises customer provided license, such as Microsoft SQL Server.

", @@ -103,7 +103,7 @@ "ModifyDBSnapshot": "

Updates a manual DB snapshot with a new engine version. The snapshot can be encrypted or unencrypted, but not shared or public.

Amazon RDS supports upgrading DB snapshots for MySQL, Oracle, and PostgreSQL.

", "ModifyDBSnapshotAttribute": "

Adds an attribute and values to, or removes an attribute and values from, a manual DB snapshot.

To share a manual DB snapshot with other AWS accounts, specify restore as the AttributeName and use the ValuesToAdd parameter to add a list of IDs of the AWS accounts that are authorized to restore the manual DB snapshot. Uses the value all to make the manual DB snapshot public, which means it can be copied or restored by all AWS accounts.

Don't add the all value for any manual DB snapshots that contain private information that you don't want available to all AWS accounts.

If the manual DB snapshot is encrypted, it can be shared, but only by specifying a list of authorized AWS account IDs for the ValuesToAdd parameter. You can't use all as a value for that parameter in this case.

To view which AWS accounts have access to copy or restore a manual DB snapshot, or whether a manual DB snapshot public or private, use the DescribeDBSnapshotAttributes API action. The accounts are returned as values for the restore attribute.

", "ModifyDBSubnetGroup": "

Modifies an existing DB subnet group. DB subnet groups must contain at least one subnet in at least two AZs in the AWS Region.

", - "ModifyEventSubscription": "

Modifies an existing RDS event notification subscription. You can't modify the source identifiers using this call. To change source identifiers for a subscription, use the AddSourceIdentifierToSubscription and RemoveSourceIdentifierFromSubscription calls.

You can see a list of the event categories for a given SourceType in the Events topic in the Amazon RDS User Guide or by using the DescribeEventCategories action.

", + "ModifyEventSubscription": "

Modifies an existing RDS event notification subscription. You can't modify the source identifiers using this call. To change source identifiers for a subscription, use the AddSourceIdentifierToSubscription and RemoveSourceIdentifierFromSubscription calls.

You can see a list of the event categories for a given source type (SourceType) in Events in the Amazon RDS User Guide or by using the DescribeEventCategories operation.

", "ModifyGlobalCluster": "

Modify a setting for an Amazon Aurora global cluster. You can change one or more database configuration parameters by specifying these parameters and the new values in the request. For more information on Amazon Aurora, see What Is Amazon Aurora? in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters.

", "ModifyOptionGroup": "

Modifies an existing option group.

", "PromoteReadReplica": "

Promotes a read replica DB instance to a standalone DB instance.

", @@ -118,7 +118,7 @@ "RemoveTagsFromResource": "

Removes metadata tags from an Amazon RDS resource.

For an overview on tagging an Amazon RDS resource, see Tagging Amazon RDS Resources in the Amazon RDS User Guide.

", "ResetDBClusterParameterGroup": "

Modifies the parameters of a DB cluster parameter group to the default value. To reset specific parameters submit a list of the following: ParameterName and ApplyMethod. To reset the entire DB cluster parameter group, specify the DBClusterParameterGroupName and ResetAllParameters parameters.

When resetting the entire group, dynamic parameters are updated immediately and static parameters are set to pending-reboot to take effect on the next DB instance restart or RebootDBInstance request. You must call RebootDBInstance for every DB instance in your DB cluster that you want the updated static parameter to apply to.

For more information on Amazon Aurora, see What Is Amazon Aurora? in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters.

", "ResetDBParameterGroup": "

Modifies the parameters of a DB parameter group to the engine/system default value. To reset specific parameters, provide a list of the following: ParameterName and ApplyMethod. To reset the entire DB parameter group, specify the DBParameterGroup name and ResetAllParameters parameters. When resetting the entire group, dynamic parameters are updated immediately and static parameters are set to pending-reboot to take effect on the next DB instance restart or RebootDBInstance request.

", - "RestoreDBClusterFromS3": "

Creates an Amazon Aurora DB cluster from data stored in an Amazon S3 bucket. Amazon RDS must be authorized to access the Amazon S3 bucket and the data must be created using the Percona XtraBackup utility as described in Migrating Data to an Amazon Aurora MySQL DB Cluster in the Amazon Aurora User Guide.

This action only restores the DB cluster, not the DB instances for that DB cluster. You must invoke the CreateDBInstance action to create DB instances for the restored DB cluster, specifying the identifier of the restored DB cluster in DBClusterIdentifier. You can create DB instances only after the RestoreDBClusterFromS3 action has completed and the DB cluster is available.

For more information on Amazon Aurora, see What Is Amazon Aurora? in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters.

", + "RestoreDBClusterFromS3": "

Creates an Amazon Aurora DB cluster from MySQL data stored in an Amazon S3 bucket. Amazon RDS must be authorized to access the Amazon S3 bucket and the data must be created using the Percona XtraBackup utility as described in Migrating Data from MySQL by Using an Amazon S3 Bucket in the Amazon Aurora User Guide.

This action only restores the DB cluster, not the DB instances for that DB cluster. You must invoke the CreateDBInstance action to create DB instances for the restored DB cluster, specifying the identifier of the restored DB cluster in DBClusterIdentifier. You can create DB instances only after the RestoreDBClusterFromS3 action has completed and the DB cluster is available.

For more information on Amazon Aurora, see What Is Amazon Aurora? in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters. The source DB engine must be MySQL.

", "RestoreDBClusterFromSnapshot": "

Creates a new DB cluster from a DB snapshot or DB cluster snapshot. This action only applies to Aurora DB clusters.

The target DB cluster is created from the source snapshot with a default configuration. If you don't specify a security group, the new DB cluster is associated with the default security group.

This action only restores the DB cluster, not the DB instances for that DB cluster. You must invoke the CreateDBInstance action to create DB instances for the restored DB cluster, specifying the identifier of the restored DB cluster in DBClusterIdentifier. You can create DB instances only after the RestoreDBClusterFromSnapshot action has completed and the DB cluster is available.

For more information on Amazon Aurora, see What Is Amazon Aurora? in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters.

", "RestoreDBClusterToPointInTime": "

Restores a DB cluster to an arbitrary point in time. Users can restore to any point in time before LatestRestorableTime for up to BackupRetentionPeriod days. The target DB cluster is created from the source DB cluster with the same configuration as the original DB cluster, except that the new DB cluster is created with the default DB security group.

This action only restores the DB cluster, not the DB instances for that DB cluster. You must invoke the CreateDBInstance action to create DB instances for the restored DB cluster, specifying the identifier of the restored DB cluster in DBClusterIdentifier. You can create DB instances only after the RestoreDBClusterToPointInTime action has completed and the DB cluster is available.

For more information on Amazon Aurora, see What Is Amazon Aurora? in the Amazon Aurora User Guide.

This action only applies to Aurora DB clusters.

", "RestoreDBInstanceFromDBSnapshot": "

Creates a new DB instance from a DB snapshot. The target database is created from the source database restore point with the most of original configuration with the default security group and the default DB parameter group. By default, the new DB instance is created as a single-AZ deployment except when the instance is a SQL Server instance that has an option group that is associated with mirroring; in this case, the instance becomes a mirrored AZ deployment and not a single-AZ deployment.

If your intent is to replace your original DB instance with the new, restored DB instance, then rename your original DB instance before you call the RestoreDBInstanceFromDBSnapshot action. RDS doesn't allow two DB instances with the same name. Once you have renamed your original DB instance with a different identifier, then you can pass the original name of the DB instance as the DBInstanceIdentifier in the call to the RestoreDBInstanceFromDBSnapshot action. The result is that you will replace the original DB instance with the DB instance created from the snapshot.

If you are restoring from a shared manual DB snapshot, the DBSnapshotIdentifier must be the ARN of the shared DB snapshot.

This command doesn't apply to Aurora MySQL and Aurora PostgreSQL. For Aurora, use RestoreDBClusterFromSnapshot.

", @@ -1917,16 +1917,16 @@ "EventCategoriesList": { "base": null, "refs": { - "CreateEventSubscriptionMessage$EventCategories": "

A list of event categories for a SourceType that you want to subscribe to. You can see a list of the categories for a given SourceType in the Events topic in the Amazon RDS User Guide or by using the DescribeEventCategories action.

", + "CreateEventSubscriptionMessage$EventCategories": "

A list of event categories for a particular source type (SourceType) that you want to subscribe to. You can see a list of the categories for a given source type in Events in the Amazon RDS User Guide or by using the DescribeEventCategories operation.

", "DescribeEventsMessage$EventCategories": "

A list of event categories that trigger notifications for a event notification subscription.

", "Event$EventCategories": "

Specifies the category for the event.

", "EventCategoriesMap$EventCategories": "

The event categories for the specified source type

", "EventSubscription$EventCategoriesList": "

A list of event categories for the RDS event notification subscription.

", - "ModifyEventSubscriptionMessage$EventCategories": "

A list of event categories for a SourceType that you want to subscribe to. You can see a list of the categories for a given SourceType in the Events topic in the Amazon RDS User Guide or by using the DescribeEventCategories action.

" + "ModifyEventSubscriptionMessage$EventCategories": "

A list of event categories for a source type (SourceType) that you want to subscribe to. You can see a list of the categories for a given source type in Events in the Amazon RDS User Guide or by using the DescribeEventCategories operation.

" } }, "EventCategoriesMap": { - "base": "

Contains the results of a successful invocation of the DescribeEventCategories action.

", + "base": "

Contains the results of a successful invocation of the DescribeEventCategories operation.

", "refs": { "EventCategoriesMapList$member": null } @@ -1938,7 +1938,7 @@ } }, "EventCategoriesMessage": { - "base": "

Data returned from the DescribeEventCategories action.

", + "base": "

Data returned from the DescribeEventCategories operation.

", "refs": { } }, @@ -2035,7 +2035,7 @@ "DescribeCertificatesMessage$Filters": "

This parameter isn't currently supported.

", "DescribeCustomAvailabilityZonesMessage$Filters": "

A filter that specifies one or more custom AZs to describe.

", "DescribeDBClusterBacktracksMessage$Filters": "

A filter that specifies one or more DB clusters to describe. Supported filters include the following:

", - "DescribeDBClusterEndpointsMessage$Filters": "

A set of name-value pairs that define which endpoints to include in the output. The filters are specified as name-value pairs, in the format Name=endpoint_type,Values=endpoint_type1,endpoint_type2,.... Name can be one of: db-cluster-endpoint-type, db-cluster-endpoint-custom-type, db-cluster-endpoint-id, db-cluster-endpoint-status. Values for the db-cluster-endpoint-type filter can be one or more of: reader, writer, custom. Values for the db-cluster-endpoint-custom-type filter can be one or more of: reader, any. Values for the db-cluster-endpoint-status filter can be one or more of: available, creating, deleting, modifying.

", + "DescribeDBClusterEndpointsMessage$Filters": "

A set of name-value pairs that define which endpoints to include in the output. The filters are specified as name-value pairs, in the format Name=endpoint_type,Values=endpoint_type1,endpoint_type2,.... Name can be one of: db-cluster-endpoint-type, db-cluster-endpoint-custom-type, db-cluster-endpoint-id, db-cluster-endpoint-status. Values for the db-cluster-endpoint-type filter can be one or more of: reader, writer, custom. Values for the db-cluster-endpoint-custom-type filter can be one or more of: reader, any. Values for the db-cluster-endpoint-status filter can be one or more of: available, creating, deleting, inactive, modifying.

", "DescribeDBClusterParameterGroupsMessage$Filters": "

This parameter isn't currently supported.

", "DescribeDBClusterParametersMessage$Filters": "

This parameter isn't currently supported.

", "DescribeDBClusterSnapshotsMessage$Filters": "

A filter that specifies one or more DB cluster snapshots to describe.

Supported filters:

", @@ -3083,6 +3083,14 @@ "refs": { } }, + "ReplicaMode": { + "base": null, + "refs": { + "CreateDBInstanceReadReplicaMessage$ReplicaMode": "

The open mode of the replica database: mounted or read-only.

This parameter is only supported for Oracle DB instances.

Mounted DB replicas are included in Oracle Enterprise Edition. The main use case for mounted replicas is cross-Region disaster recovery. The primary database doesn't use Active Data Guard to transmit information to the mounted replica. Because it doesn't accept user connections, a mounted replica can't serve a read-only workload.

You can create a combination of mounted and read-only DB replicas for the same primary DB instance. For more information, see Working with Oracle Read Replicas for Amazon RDS in the Amazon RDS User Guide.

", + "DBInstance$ReplicaMode": "

The open mode of an Oracle read replica. The default is open-read-only. For more information, see Working with Oracle Read Replicas for Amazon RDS in the Amazon RDS User Guide.

This attribute is only supported in RDS for Oracle.

", + "ModifyDBInstanceMessage$ReplicaMode": "

A value that sets the open mode of a replica database to either mounted or read-only.

Currently, this parameter is only supported for Oracle DB instances.

Mounted DB replicas are included in Oracle Enterprise Edition. The main use case for mounted replicas is cross-Region disaster recovery. The primary database doesn't use Active Data Guard to transmit information to the mounted replica. Because it doesn't accept user connections, a mounted replica can't serve a read-only workload. For more information, see Working with Oracle Read Replicas for Amazon RDS in the Amazon RDS User Guide.

" + } + }, "ReservedDBInstance": { "base": "

This data type is used as a response element in the DescribeReservedDBInstances and PurchaseReservedDBInstancesOffering actions.

", "refs": { @@ -3278,7 +3286,7 @@ "SourceIdsList": { "base": null, "refs": { - "CreateEventSubscriptionMessage$SourceIds": "

The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.

Constraints:

", + "CreateEventSubscriptionMessage$SourceIds": "

The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.

Constraints:

", "EventSubscription$SourceIdsList": "

A list of source IDs for the RDS event notification subscription.

" } }, @@ -3397,7 +3405,7 @@ "AddRoleToDBInstanceMessage$RoleArn": "

The Amazon Resource Name (ARN) of the IAM role to associate with the DB instance, for example arn:aws:iam::123456789012:role/AccessRole.

", "AddRoleToDBInstanceMessage$FeatureName": "

The name of the feature for the DB instance that the IAM role is to be associated with. For the list of supported feature names, see DBEngineVersion.

", "AddSourceIdentifierToSubscriptionMessage$SubscriptionName": "

The name of the RDS event notification subscription you want to add a source identifier to.

", - "AddSourceIdentifierToSubscriptionMessage$SourceIdentifier": "

The identifier of the event source to be added.

Constraints:

", + "AddSourceIdentifierToSubscriptionMessage$SourceIdentifier": "

The identifier of the event source to be added.

Constraints:

", "AddTagsToResourceMessage$ResourceName": "

The Amazon RDS resource that the tags are added to. This value is an Amazon Resource Name (ARN). For information about creating an ARN, see Constructing an RDS Amazon Resource Name (ARN).

", "ApplyPendingMaintenanceActionMessage$ResourceIdentifier": "

The RDS Amazon Resource Name (ARN) of the resource that the pending maintenance action applies to. For information about creating an ARN, see Constructing an RDS Amazon Resource Name (ARN).

", "ApplyPendingMaintenanceActionMessage$ApplyAction": "

The pending maintenance action to apply to this resource.

Valid values: system-update, db-upgrade, hardware-maintenance, ca-certificate-rotation

", @@ -3473,7 +3481,7 @@ "CreateDBClusterParameterGroupMessage$Description": "

The description for the DB cluster parameter group.

", "CreateDBClusterSnapshotMessage$DBClusterSnapshotIdentifier": "

The identifier of the DB cluster snapshot. This parameter is stored as a lowercase string.

Constraints:

Example: my-cluster1-snapshot1

", "CreateDBClusterSnapshotMessage$DBClusterIdentifier": "

The identifier of the DB cluster to create a snapshot for. This parameter isn't case-sensitive.

Constraints:

Example: my-cluster1

", - "CreateDBInstanceMessage$DBName": "

The meaning of this parameter differs according to the database engine you use.

MySQL

The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.

Constraints:

MariaDB

The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.

Constraints:

PostgreSQL

The name of the database to create when the DB instance is created. If this parameter isn't specified, the default \"postgres\" database is created in the DB instance.

Constraints:

Oracle

The Oracle System ID (SID) of the created DB instance. If you specify null, the default value ORCL is used. You can't specify the string NULL, or any other reserved word, for DBName.

Default: ORCL

Constraints:

SQL Server

Not applicable. Must be null.

Amazon Aurora

The name of the database to create when the primary instance of the DB cluster is created. If this parameter isn't specified, no database is created in the DB instance.

Constraints:

", + "CreateDBInstanceMessage$DBName": "

The meaning of this parameter differs according to the database engine you use.

MySQL

The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.

Constraints:

MariaDB

The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.

Constraints:

PostgreSQL

The name of the database to create when the DB instance is created. If this parameter isn't specified, the default \"postgres\" database is created in the DB instance.

Constraints:

Oracle

The Oracle System ID (SID) of the created DB instance. If you specify null, the default value ORCL is used. You can't specify the string NULL, or any other reserved word, for DBName.

Default: ORCL

Constraints:

SQL Server

Not applicable. Must be null.

Amazon Aurora

The name of the database to create when the primary instance of the DB cluster is created. If this parameter isn't specified, no database is created in the DB instance.

Constraints:

", "CreateDBInstanceMessage$DBInstanceIdentifier": "

The DB instance identifier. This parameter is stored as a lowercase string.

Constraints:

Example: mydbinstance

", "CreateDBInstanceMessage$DBInstanceClass": "

The compute and memory capacity of the DB instance, for example, db.m4.large. Not all DB instance classes are available in all AWS Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.

", "CreateDBInstanceMessage$Engine": "

The name of the database engine to be used for this instance.

Not every database engine is available for every AWS Region.

Valid Values:

", @@ -3493,7 +3501,7 @@ "CreateDBInstanceMessage$TdeCredentialArn": "

The ARN from the key store with which to associate the instance for TDE encryption.

", "CreateDBInstanceMessage$TdeCredentialPassword": "

The password for the given ARN from the key store in order to access the device.

", "CreateDBInstanceMessage$KmsKeyId": "

The AWS KMS key identifier for an encrypted DB instance.

The KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a DB instance with the same AWS account that owns the KMS encryption key used to encrypt the new DB instance, then you can use the KMS key alias instead of the ARN for the KM encryption key.

Amazon Aurora

Not applicable. The KMS key identifier is managed by the DB cluster. For more information, see CreateDBCluster.

If StorageEncrypted is enabled, and you do not specify a value for the KmsKeyId parameter, then Amazon RDS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.

", - "CreateDBInstanceMessage$Domain": "

The Active Directory directory ID to create the DB instance in. Currently, only Microsoft SQL Server and Oracle DB instances can be created in an Active Directory Domain.

For Microsoft SQL Server DB instances, Amazon RDS can use Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.

For Oracle DB instances, Amazon RDS can use Kerberos Authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.

", + "CreateDBInstanceMessage$Domain": "

The Active Directory directory ID to create the DB instance in. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

For more information, see Kerberos Authentication in the Amazon RDS User Guide.

", "CreateDBInstanceMessage$MonitoringRoleArn": "

The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, go to Setting Up and Enabling Enhanced Monitoring in the Amazon RDS User Guide.

If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value.

", "CreateDBInstanceMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

", "CreateDBInstanceMessage$Timezone": "

The time zone of the DB instance. The time zone parameter is currently supported only by Microsoft SQL Server.

", @@ -3510,7 +3518,7 @@ "CreateDBInstanceReadReplicaMessage$KmsKeyId": "

The AWS KMS key ID for an encrypted read replica. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key.

If you create an encrypted read replica in the same AWS Region as the source DB instance, then you do not have to specify a value for this parameter. The read replica is encrypted with the same KMS key as the source DB instance.

If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the AWS Region that they are created in, and you can't use encryption keys from one AWS Region in another AWS Region.

You can't create an encrypted read replica from an unencrypted DB instance.

", "CreateDBInstanceReadReplicaMessage$PreSignedUrl": "

The URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica API action in the source AWS Region that contains the source DB instance.

You must specify this parameter when you create an encrypted read replica from another AWS Region by using the Amazon RDS API. Don't specify PreSignedUrl when you are creating an encrypted read replica in the same AWS Region.

The presigned URL must be a valid request for the CreateDBInstanceReadReplica API action that can be executed in the source AWS Region that contains the encrypted source DB instance. The presigned URL request must contain the following parameter values:

To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (AWS Signature Version 4) and Signature Version 4 Signing Process.

If you are using an AWS SDK tool or the AWS CLI, you can specify SourceRegion (or --source-region for the AWS CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can be executed in the source AWS Region.

SourceRegion isn't supported for SQL Server, because SQL Server on Amazon RDS doesn't support cross-region read replicas.

", "CreateDBInstanceReadReplicaMessage$PerformanceInsightsKMSKeyId": "

The AWS KMS key identifier for encryption of Performance Insights data. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key.

If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.

", - "CreateDBInstanceReadReplicaMessage$Domain": "

The Active Directory directory ID to create the DB instance in.

For Oracle DB instances, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.

For Microsoft SQL Server DB instances, Amazon RDS can use Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.

", + "CreateDBInstanceReadReplicaMessage$Domain": "

The Active Directory directory ID to create the DB instance in. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

For more information, see Kerberos Authentication in the Amazon RDS User Guide.

", "CreateDBInstanceReadReplicaMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

", "CreateDBParameterGroupMessage$DBParameterGroupName": "

The name of the DB parameter group.

Constraints:

This value is stored as a lowercase string.

", "CreateDBParameterGroupMessage$DBParameterGroupFamily": "

The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.

To list all of the available parameter group families, use the following command:

aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"

The output contains duplicates.

", @@ -3525,7 +3533,7 @@ "CreateDBSubnetGroupMessage$DBSubnetGroupDescription": "

The description for the DB subnet group.

", "CreateEventSubscriptionMessage$SubscriptionName": "

The name of the subscription.

Constraints: The name must be less than 255 characters.

", "CreateEventSubscriptionMessage$SnsTopicArn": "

The Amazon Resource Name (ARN) of the SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.

", - "CreateEventSubscriptionMessage$SourceType": "

The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you would set this parameter to db-instance. if this value isn't specified, all events are returned.

Valid values: db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot

", + "CreateEventSubscriptionMessage$SourceType": "

The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to db-instance. If this value isn't specified, all events are returned.

Valid values: db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot

", "CreateGlobalClusterMessage$GlobalClusterIdentifier": "

The cluster identifier of the new global database cluster.

", "CreateGlobalClusterMessage$SourceDBClusterIdentifier": "

The Amazon Resource Name (ARN) to use as the primary cluster of the global database. This parameter is optional.

", "CreateGlobalClusterMessage$Engine": "

Provides the name of the database engine to be used for this DB cluster.

", @@ -3572,7 +3580,7 @@ "DBClusterEndpoint$DBClusterIdentifier": "

The DB cluster identifier of the DB cluster associated with the endpoint. This parameter is stored as a lowercase string.

", "DBClusterEndpoint$DBClusterEndpointResourceIdentifier": "

A unique system-generated identifier for an endpoint. It remains the same for the whole life of the endpoint.

", "DBClusterEndpoint$Endpoint": "

The DNS address of the endpoint.

", - "DBClusterEndpoint$Status": "

The current status of the endpoint. One of: creating, available, deleting, modifying.

", + "DBClusterEndpoint$Status": "

The current status of the endpoint. One of: creating, available, deleting, inactive, modifying. The inactive state applies to an endpoint that can't be used for a certain kind of cluster, such as a writer endpoint for a read-only secondary cluster in a global database.

", "DBClusterEndpoint$EndpointType": "

The type of the endpoint. One of: READER, WRITER, CUSTOM.

", "DBClusterEndpoint$CustomEndpointType": "

The type associated with a custom endpoint. One of: READER, WRITER, ANY.

", "DBClusterEndpoint$DBClusterEndpointArn": "

The Amazon Resource Name (ARN) for the endpoint.

", @@ -3808,10 +3816,10 @@ "DescribeEngineDefaultClusterParametersMessage$Marker": "

An optional pagination token provided by a previous DescribeEngineDefaultClusterParameters request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.

", "DescribeEngineDefaultParametersMessage$DBParameterGroupFamily": "

The name of the DB parameter group family.

", "DescribeEngineDefaultParametersMessage$Marker": "

An optional pagination token provided by a previous DescribeEngineDefaultParameters request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.

", - "DescribeEventCategoriesMessage$SourceType": "

The type of source that is generating the events.

Valid values: db-instance | db-parameter-group | db-security-group | db-snapshot

", + "DescribeEventCategoriesMessage$SourceType": "

The type of source that is generating the events.

Valid values: db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot

", "DescribeEventSubscriptionsMessage$SubscriptionName": "

The name of the RDS event notification subscription you want to describe.

", "DescribeEventSubscriptionsMessage$Marker": "

An optional pagination token provided by a previous DescribeOrderableDBInstanceOptions request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords .

", - "DescribeEventsMessage$SourceIdentifier": "

The identifier of the event source for which events are returned. If not specified, then all sources are included in the response.

Constraints:

", + "DescribeEventsMessage$SourceIdentifier": "

The identifier of the event source for which events are returned. If not specified, then all sources are included in the response.

Constraints:

", "DescribeEventsMessage$Marker": "

An optional pagination token provided by a previous DescribeEvents request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.

", "DescribeExportTasksMessage$ExportTaskIdentifier": "

The identifier of the snapshot export task to be described.

", "DescribeExportTasksMessage$SourceArn": "

The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3.

", @@ -3943,7 +3951,7 @@ "ModifyDBClusterMessage$PreferredMaintenanceWindow": "

The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).

Format: ddd:hh24:mi-ddd:hh24:mi

The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide.

Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.

Constraints: Minimum 30-minute window.

", "ModifyDBClusterMessage$EngineVersion": "

The version number of the database engine to which you want to upgrade. Changing this parameter results in an outage. The change is applied during the next maintenance window unless ApplyImmediately is enabled.

To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:

aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"

To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible Aurora), use the following command:

aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"

To list all of the available engine versions for aurora-postgresql, use the following command:

aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"

", "ModifyDBClusterMessage$DBInstanceParameterGroupName": "

The name of the DB parameter group to apply to all instances of the DB cluster.

When you apply a parameter group using the DBInstanceParameterGroupName parameter, the DB cluster isn't rebooted automatically. Also, parameter changes aren't applied during the next maintenance window but instead are applied immediately.

Default: The existing name setting

Constraints:

", - "ModifyDBClusterMessage$Domain": "

The Active Directory directory ID to move the DB cluster to. Specify none to remove the cluster from its current domain. The domain must be created prior to this operation.

", + "ModifyDBClusterMessage$Domain": "

The Active Directory directory ID to move the DB cluster to. Specify none to remove the cluster from its current domain. The domain must be created prior to this operation.

For more information, see Kerberos Authentication in the Amazon Aurora User Guide.

", "ModifyDBClusterMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

", "ModifyDBClusterParameterGroupMessage$DBClusterParameterGroupName": "

The name of the DB cluster parameter group to modify.

", "ModifyDBClusterSnapshotAttributeMessage$DBClusterSnapshotIdentifier": "

The identifier for the DB cluster snapshot to modify the attributes for.

", @@ -3963,7 +3971,7 @@ "ModifyDBInstanceMessage$TdeCredentialArn": "

The ARN from the key store with which to associate the instance for TDE encryption.

", "ModifyDBInstanceMessage$TdeCredentialPassword": "

The password for the given ARN from the key store in order to access the device.

", "ModifyDBInstanceMessage$CACertificateIdentifier": "

Indicates the certificate that needs to be associated with the instance.

", - "ModifyDBInstanceMessage$Domain": "

The Active Directory directory ID to move the DB instance to. Specify none to remove the instance from its current domain. The domain must be created prior to this operation. Currently, only Microsoft SQL Server and Oracle DB instances can be created in an Active Directory Domain.

For Microsoft SQL Server DB instances, Amazon RDS can use Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.

For Oracle DB instances, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.

", + "ModifyDBInstanceMessage$Domain": "

The Active Directory directory ID to move the DB instance to. Specify none to remove the instance from its current domain. The domain must be created prior to this operation. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

For more information, see Kerberos Authentication in the Amazon RDS User Guide.

", "ModifyDBInstanceMessage$MonitoringRoleArn": "

The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, go to To create an IAM role for Amazon RDS Enhanced Monitoring in the Amazon RDS User Guide.

If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value.

", "ModifyDBInstanceMessage$DomainIAMRoleName": "

The name of the IAM role to use when making API calls to the Directory Service.

", "ModifyDBInstanceMessage$PerformanceInsightsKMSKeyId": "

The AWS KMS key identifier for encryption of Performance Insights data. The KMS key ID is the Amazon Resource Name (ARN), KMS key identifier, or the KMS key alias for the KMS encryption key.

If you do not specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.

", @@ -3983,7 +3991,7 @@ "ModifyDBSubnetGroupMessage$DBSubnetGroupDescription": "

The description for the DB subnet group.

", "ModifyEventSubscriptionMessage$SubscriptionName": "

The name of the RDS event notification subscription.

", "ModifyEventSubscriptionMessage$SnsTopicArn": "

The Amazon Resource Name (ARN) of the SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.

", - "ModifyEventSubscriptionMessage$SourceType": "

The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you would set this parameter to db-instance. If this value isn't specified, all events are returned.

Valid values: db-instance | db-parameter-group | db-security-group | db-snapshot

", + "ModifyEventSubscriptionMessage$SourceType": "

The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you would set this parameter to db-instance. If this value isn't specified, all events are returned.

Valid values: db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot

", "ModifyGlobalClusterMessage$GlobalClusterIdentifier": "

The DB cluster identifier for the global cluster being modified. This parameter isn't case-sensitive.

Constraints:

", "ModifyGlobalClusterMessage$NewGlobalClusterIdentifier": "

The new cluster identifier for the global database cluster when modifying a global database cluster. This value is stored as a lowercase string.

Constraints:

Example: my-cluster2

", "ModifyOptionGroupMessage$OptionGroupName": "

The name of the option group to be modified.

Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group, and that option group can't be removed from a DB instance once it is associated with a DB instance

", @@ -4101,7 +4109,7 @@ "RestoreDBClusterFromS3Message$DBClusterIdentifier": "

The name of the DB cluster to create from the source data in the Amazon S3 bucket. This parameter isn't case-sensitive.

Constraints:

Example: my-cluster1

", "RestoreDBClusterFromS3Message$DBClusterParameterGroupName": "

The name of the DB cluster parameter group to associate with the restored DB cluster. If this argument is omitted, default.aurora5.6 is used.

Constraints:

", "RestoreDBClusterFromS3Message$DBSubnetGroupName": "

A DB subnet group to associate with the restored DB cluster.

Constraints: If supplied, must match the name of an existing DBSubnetGroup.

Example: mySubnetgroup

", - "RestoreDBClusterFromS3Message$Engine": "

The name of the database engine to be used for the restored DB cluster.

Valid Values: aurora, aurora-postgresql

", + "RestoreDBClusterFromS3Message$Engine": "

The name of the database engine to be used for this DB cluster.

Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for MySQL 5.7-compatible Aurora), and aurora-postgresql

", "RestoreDBClusterFromS3Message$EngineVersion": "

The version number of the database engine to use.

To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:

aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"

To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible Aurora), use the following command:

aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"

To list all of the available engine versions for aurora-postgresql, use the following command:

aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"

Aurora MySQL

Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.12, 5.7.mysql_aurora.2.04.5

Aurora PostgreSQL

Example: 9.6.3, 10.7

", "RestoreDBClusterFromS3Message$MasterUsername": "

The name of the master user for the restored DB cluster.

Constraints:

", "RestoreDBClusterFromS3Message$MasterUserPassword": "

The password for the master database user. This password can contain any printable ASCII character except \"/\", \"\"\", or \"@\".

Constraints: Must contain from 8 to 41 characters.

", @@ -4110,7 +4118,7 @@ "RestoreDBClusterFromS3Message$PreferredMaintenanceWindow": "

The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).

Format: ddd:hh24:mi-ddd:hh24:mi

The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred Maintenance Window in the Amazon Aurora User Guide.

Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.

Constraints: Minimum 30-minute window.

", "RestoreDBClusterFromS3Message$KmsKeyId": "

The AWS KMS key identifier for an encrypted DB cluster.

The KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a DB cluster with the same AWS account that owns the KMS encryption key used to encrypt the new DB cluster, then you can use the KMS key alias instead of the ARN for the KM encryption key.

If the StorageEncrypted parameter is enabled, and you do not specify a value for the KmsKeyId parameter, then Amazon RDS will use your default encryption key. AWS KMS creates the default encryption key for your AWS account. Your AWS account has a different default encryption key for each AWS Region.

", "RestoreDBClusterFromS3Message$SourceEngine": "

The identifier for the database engine that was backed up to create the files stored in the Amazon S3 bucket.

Valid values: mysql

", - "RestoreDBClusterFromS3Message$SourceEngineVersion": "

The version of the database that the backup files were created from.

MySQL versions 5.5, 5.6, and 5.7 are supported.

Example: 5.6.40

", + "RestoreDBClusterFromS3Message$SourceEngineVersion": "

The version of the database that the backup files were created from.

MySQL versions 5.5, 5.6, and 5.7 are supported.

Example: 5.6.40, 5.7.28

", "RestoreDBClusterFromS3Message$S3BucketName": "

The name of the Amazon S3 bucket that contains the data used to create the Amazon Aurora DB cluster.

", "RestoreDBClusterFromS3Message$S3Prefix": "

The prefix for all of the file names that contain the data used to create the Amazon Aurora DB cluster. If you do not specify a SourceS3Prefix value, then the Amazon Aurora DB cluster is created by using all of the files in the Amazon S3 bucket.

", "RestoreDBClusterFromS3Message$S3IngestionRoleArn": "

The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that authorizes Amazon RDS to access the Amazon S3 bucket on your behalf.

", @@ -4126,7 +4134,7 @@ "RestoreDBClusterFromSnapshotMessage$KmsKeyId": "

The AWS KMS key identifier to use when restoring an encrypted DB cluster from a DB snapshot or DB cluster snapshot.

The KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are restoring a DB cluster with the same AWS account that owns the KMS encryption key used to encrypt the new DB cluster, then you can use the KMS key alias instead of the ARN for the KMS encryption key.

If you don't specify a value for the KmsKeyId parameter, then the following occurs:

", "RestoreDBClusterFromSnapshotMessage$EngineMode": "

The DB engine mode of the DB cluster, either provisioned, serverless, parallelquery, global, or multimaster.

", "RestoreDBClusterFromSnapshotMessage$DBClusterParameterGroupName": "

The name of the DB cluster parameter group to associate with this DB cluster. If this argument is omitted, the default DB cluster parameter group for the specified engine is used.

Constraints:

", - "RestoreDBClusterFromSnapshotMessage$Domain": "

Specify the Active Directory directory ID to restore the DB cluster in. The domain must be created prior to this operation.

", + "RestoreDBClusterFromSnapshotMessage$Domain": "

Specify the Active Directory directory ID to restore the DB cluster in. The domain must be created prior to this operation. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

For more information, see Kerberos Authentication in the Amazon RDS User Guide.

", "RestoreDBClusterFromSnapshotMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

", "RestoreDBClusterToPointInTimeMessage$DBClusterIdentifier": "

The name of the new DB cluster to be created.

Constraints:

", "RestoreDBClusterToPointInTimeMessage$RestoreType": "

The type of restore to be performed. You can specify one of the following values:

Constraints: You can't specify copy-on-write if the engine version of the source DB cluster is earlier than 1.11.

If you don't specify a RestoreType value, then the new DB cluster is restored as a full copy of the source DB cluster.

", @@ -4149,7 +4157,7 @@ "RestoreDBInstanceFromDBSnapshotMessage$StorageType": "

Specifies the storage type to be associated with the DB instance.

Valid values: standard | gp2 | io1

If you specify io1, you must also include a value for the Iops parameter.

Default: io1 if the Iops parameter is specified, otherwise gp2

", "RestoreDBInstanceFromDBSnapshotMessage$TdeCredentialArn": "

The ARN from the key store with which to associate the instance for TDE encryption.

", "RestoreDBInstanceFromDBSnapshotMessage$TdeCredentialPassword": "

The password for the given ARN from the key store in order to access the device.

", - "RestoreDBInstanceFromDBSnapshotMessage$Domain": "

Specify the Active Directory directory ID to restore the DB instance in. The domain must be created prior to this operation. Currently, only Microsoft SQL Server and Oracle DB instances can be created in an Active Directory Domain.

For Microsoft SQL Server DB instances, Amazon RDS can use Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.

For Oracle DB instances, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.

", + "RestoreDBInstanceFromDBSnapshotMessage$Domain": "

Specify the Active Directory directory ID to restore the DB instance in. The domain must be created prior to this operation. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

For more information, see Kerberos Authentication in the Amazon RDS User Guide.

", "RestoreDBInstanceFromDBSnapshotMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

", "RestoreDBInstanceFromDBSnapshotMessage$DBParameterGroupName": "

The name of the DB parameter group to associate with this DB instance.

If you do not specify a value for DBParameterGroupName, then the default DBParameterGroup for the specified DB engine is used.

Constraints:

", "RestoreDBInstanceFromS3Message$DBName": "

The name of the database to create when the DB instance is created. Follow the naming rules specified in CreateDBInstance.

", @@ -4187,7 +4195,7 @@ "RestoreDBInstanceToPointInTimeMessage$StorageType": "

Specifies the storage type to be associated with the DB instance.

Valid values: standard | gp2 | io1

If you specify io1, you must also include a value for the Iops parameter.

Default: io1 if the Iops parameter is specified, otherwise gp2

", "RestoreDBInstanceToPointInTimeMessage$TdeCredentialArn": "

The ARN from the key store with which to associate the instance for TDE encryption.

", "RestoreDBInstanceToPointInTimeMessage$TdeCredentialPassword": "

The password for the given ARN from the key store in order to access the device.

", - "RestoreDBInstanceToPointInTimeMessage$Domain": "

Specify the Active Directory directory ID to restore the DB instance in. The domain must be created prior to this operation. Currently, only Microsoft SQL Server and Oracle DB instances can be created in an Active Directory Domain.

For Microsoft SQL Server DB instances, Amazon RDS can use Windows Authentication to authenticate users that connect to the DB instance. For more information, see Using Windows Authentication with an Amazon RDS DB Instance Running Microsoft SQL Server in the Amazon RDS User Guide.

For Oracle DB instances, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB instance. For more information, see Using Kerberos Authentication with Amazon RDS for Oracle in the Amazon RDS User Guide.

", + "RestoreDBInstanceToPointInTimeMessage$Domain": "

Specify the Active Directory directory ID to restore the DB instance in. The domain must be created prior to this operation. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

For more information, see Kerberos Authentication in the Amazon RDS User Guide.

", "RestoreDBInstanceToPointInTimeMessage$DomainIAMRoleName": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

", "RestoreDBInstanceToPointInTimeMessage$DBParameterGroupName": "

The name of the DB parameter group to associate with this DB instance.

If you do not specify a value for DBParameterGroupName, then the default DBParameterGroup for the specified DB engine is used.

Constraints:

", "RestoreDBInstanceToPointInTimeMessage$SourceDbiResourceId": "

The resource ID of the source DB instance from which to restore.

", @@ -4213,7 +4221,7 @@ "StartExportTaskMessage$SourceArn": "

The Amazon Resource Name (ARN) of the snapshot to export to Amazon S3.

", "StartExportTaskMessage$S3BucketName": "

The name of the Amazon S3 bucket to export the snapshot to.

", "StartExportTaskMessage$IamRoleArn": "

The name of the IAM role to use for writing to the Amazon S3 bucket when exporting a snapshot.

", - "StartExportTaskMessage$KmsKeyId": "

The ID of the AWS KMS key to use to encrypt the snapshot exported to Amazon S3. The KMS key ID is the Amazon Resource Name (ARN), the KMS key identifier, or the KMS key alias for the KMS encryption key. The IAM role used for the snapshot export must have encryption and decryption permissions to use this KMS key.

", + "StartExportTaskMessage$KmsKeyId": "

The ID of the AWS KMS key to use to encrypt the snapshot exported to Amazon S3. The KMS key ID is the Amazon Resource Name (ARN), the KMS key identifier, or the KMS key alias for the KMS encryption key. The caller of this operation must be authorized to execute the following operations. These can be set in the KMS key policy:

", "StartExportTaskMessage$S3Prefix": "

The Amazon S3 bucket prefix to use as the file name and path of the exported snapshot.

", "StopActivityStreamRequest$ResourceArn": "

The Amazon Resource Name (ARN) of the DB cluster for the database activity stream. For example, arn:aws:rds:us-east-1:12345667890:cluster:das-cluster.

", "StopActivityStreamResponse$KmsKeyId": "

The AWS KMS key identifier used for encrypting messages in the database activity stream.

", diff --git a/aws-sdk-core/lib/aws-sdk-core.rb b/aws-sdk-core/lib/aws-sdk-core.rb index 28f2236ebaf..0f8f406a1a3 100644 --- a/aws-sdk-core/lib/aws-sdk-core.rb +++ b/aws-sdk-core/lib/aws-sdk-core.rb @@ -44,6 +44,7 @@ module Aws AutoScalingPlans Backup Batch + Braket Budgets Chime Cloud9 diff --git a/aws-sdk-core/lib/aws-sdk-core/braket.rb b/aws-sdk-core/lib/aws-sdk-core/braket.rb new file mode 100644 index 00000000000..aadc111e1b4 --- /dev/null +++ b/aws-sdk-core/lib/aws-sdk-core/braket.rb @@ -0,0 +1,6 @@ +Aws.add_service(:Braket, { + api: "#{Aws::API_DIR}/braket/2019-09-01/api-2.json", + docs: "#{Aws::API_DIR}/braket/2019-09-01/docs-2.json", + examples: "#{Aws::API_DIR}/braket/2019-09-01/examples-1.json", + paginators: "#{Aws::API_DIR}/braket/2019-09-01/paginators-1.json", +}) diff --git a/aws-sdk-core/service-models.json b/aws-sdk-core/service-models.json index b3f7b7ece03..12afe6d05d6 100644 --- a/aws-sdk-core/service-models.json +++ b/aws-sdk-core/service-models.json @@ -83,6 +83,10 @@ "models": "batch/2016-08-10", "endpoint": "batch" }, + "Braket": { + "models": "braket/2019-09-01", + "endpoint": "braket" + }, "Budgets": { "models": "budgets/2016-10-20", "endpoint": "budgets"