Information for an HTTP method condition. Specify only when Field is http-request-method.
[Network Load Balancers] The IPv6 address.
", + "SubnetMapping$IPv6Address": "[Network Load Balancers] The IPv6 address.
" + } + }, "IncompatibleProtocolsException": { "base": "The specified configuration is not valid with this protocol.
", "refs": { @@ -767,10 +774,12 @@ "IpAddressType": { "base": null, "refs": { - "CreateLoadBalancerInput$IpAddressType": "[Application Load Balancers] The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use ipv4.
The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use ipv4.
The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses).
The IP address type. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use ipv4.
The IP address type.
" + "SetIpAddressTypeInput$IpAddressType": "The IP address type. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use ipv4. You can’t specify dualstack for a load balancer with a UDP or TCP_UDP listener.
The IP address type.
", + "SetSubnetsInput$IpAddressType": "[Network Load Balancers] The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses). You can’t specify dualstack for a load balancer with a UDP or TCP_UDP listener. Internal load balancers must use ipv4.
[Network Load Balancers] The IP address type.
" } }, "IsDefault": { @@ -892,7 +901,7 @@ "LoadBalancerAttributeKey": { "base": null, "refs": { - "LoadBalancerAttribute$Key": "The name of the attribute.
The following attribute is supported by all load balancers:
deletion_protection.enabled - Indicates whether deletion protection is enabled. The value is true or false. The default is false.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
access_logs.s3.enabled - Indicates whether access logs are enabled. The value is true or false. The default is false.
access_logs.s3.bucket - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
access_logs.s3.prefix - The prefix for the location in the S3 bucket for the access logs.
The following attributes are supported by only Application Load Balancers:
idle_timeout.timeout_seconds - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.
routing.http.desync_mitigation_mode - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are monitor, defensive, and strictest. The default is defensive.
routing.http.drop_invalid_header_fields.enabled - Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false). The default is false.
routing.http2.enabled - Indicates whether HTTP/2 is enabled. The value is true or false. The default is true. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.
The following attribute is supported by Network Load Balancers and Gateway Load Balancers:
load_balancing.cross_zone.enabled - Indicates whether cross-zone load balancing is enabled. The value is true or false. The default is false.
The name of the attribute.
The following attribute is supported by all load balancers:
deletion_protection.enabled - Indicates whether deletion protection is enabled. The value is true or false. The default is false.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
access_logs.s3.enabled - Indicates whether access logs are enabled. The value is true or false. The default is false.
access_logs.s3.bucket - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
access_logs.s3.prefix - The prefix for the location in the S3 bucket for the access logs.
The following attributes are supported by only Application Load Balancers:
idle_timeout.timeout_seconds - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.
routing.http.desync_mitigation_mode - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are monitor, defensive, and strictest. The default is defensive.
routing.http.drop_invalid_header_fields.enabled - Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true) or routed to targets (false). The default is false.
routing.http2.enabled - Indicates whether HTTP/2 is enabled. The value is true or false. The default is true. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.
waf.fail_open.enabled - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The value is true or false. The default is false.
The following attribute is supported by Network Load Balancers and Gateway Load Balancers:
load_balancing.cross_zone.enabled - Indicates whether cross-zone load balancing is enabled. The value is true or false. The default is false.
The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You cannot specify a protocol for a Gateway Load Balancer.
", + "CreateListenerInput$Protocol": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer.
", "CreateTargetGroupInput$Protocol": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.
", "CreateTargetGroupInput$HealthCheckProtocol": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
", "Listener$Protocol": "The protocol for connections from clients to the load balancer.
", - "ModifyListenerInput$Protocol": "The protocol for connections from clients to the load balancer. Application Load Balancers support the HTTP and HTTPS protocols. Network Load Balancers support the TCP, TLS, UDP, and TCP_UDP protocols. You cannot specify a protocol for a Gateway Load Balancer.
", + "ModifyListenerInput$Protocol": "The protocol for connections from clients to the load balancer. Application Load Balancers support the HTTP and HTTPS protocols. Network Load Balancers support the TCP, TLS, UDP, and TCP_UDP protocols. You can’t change the protocol to UDP or TCP_UDP if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer.
", "ModifyTargetGroupInput$HealthCheckProtocol": "The protocol the load balancer uses when performing health checks on targets. The TCP protocol is supported for health checks only if the protocol of the target group is TCP, TLS, UDP, or TCP_UDP. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
With Network Load Balancers, you can't modify this setting.
", "TargetGroup$Protocol": "The protocol to use for routing traffic to the targets.
", "TargetGroup$HealthCheckProtocol": "The protocol to use to connect with the target. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
" @@ -1452,8 +1461,8 @@ "SubnetMappings": { "base": null, "refs": { - "CreateLoadBalancerInput$SubnetMappings": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet.
[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP addresses for your subnets.
", - "SetSubnetsInput$SubnetMappings": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.
[Network Load Balancers] You can specify subnets from one or more Availability Zones. If you need static IP addresses for your internet-facing load balancer, you can specify one Elastic IP address per subnet. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet.
" + "CreateLoadBalancerInput$SubnetMappings": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.
[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP addresses for your subnets.
", + "SetSubnetsInput$SubnetMappings": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.
" } }, "SubnetNotFoundException": { @@ -1465,7 +1474,7 @@ "base": null, "refs": { "CreateLoadBalancerInput$Subnets": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones.
[Gateway Load Balancers] You can specify subnets from one or more Availability Zones.
", - "SetSubnetsInput$Subnets": "The IDs of the public subnets. You must specify subnets from at least two Availability Zones. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
" + "SetSubnetsInput$Subnets": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings.
[Application Load Balancers] You must specify subnets from at least two Availability Zones.
[Application Load Balancers on Outposts] You must specify one Outpost subnet.
[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
[Network Load Balancers] You can specify subnets from one or more Availability Zones.
" } }, "Tag": { @@ -1573,7 +1582,7 @@ "TargetGroupAttributeKey": { "base": null, "refs": { - "TargetGroupAttribute$Key": "The name of the attribute.
The following attribute is supported by all load balancers:
deregistration_delay.timeout_seconds - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
stickiness.enabled - Indicates whether sticky sessions are enabled. The value is true or false. The default is false.
stickiness.type - The type of sticky sessions. The possible values are lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
The following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:
load_balancing.algorithm.type - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is round_robin or least_outstanding_requests. The default is round_robin.
slow_start.duration_seconds - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).
stickiness.lb_cookie.duration_seconds - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).
The following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:
lambda.multi_value_headers.enabled - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is true or false. The default is false. If the value is false and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.
The following attribute is supported only by Network Load Balancers:
proxy_protocol_v2.enabled - Indicates whether Proxy Protocol version 2 is enabled. The value is true or false. The default is false.
The name of the attribute.
The following attribute is supported by all load balancers:
deregistration_delay.timeout_seconds - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
stickiness.enabled - Indicates whether sticky sessions are enabled. The value is true or false. The default is false.
stickiness.type - The type of sticky sessions. The possible values are lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.
The following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:
load_balancing.algorithm.type - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is round_robin or least_outstanding_requests. The default is round_robin.
slow_start.duration_seconds - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).
stickiness.lb_cookie.duration_seconds - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).
The following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:
lambda.multi_value_headers.enabled - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is true or false. The default is false. If the value is false and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.
The following attributes are supported only by Network Load Balancers:
deregistration_delay.connection_termination.enabled - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is true or false. The default is false.
proxy_protocol_v2.enabled - Indicates whether Proxy Protocol version 2 is enabled. The value is true or false. The default is false.
Adds health-based detection to the Shield Advanced protection for a resource. Shield Advanced health-based detection uses the health of your AWS resource to improve responsiveness and accuracy in attack detection and mitigation.
You define the health check in Route 53 and then associate it with your Shield Advanced protection. For more information, see Shield Advanced Health-Based Detection in the AWS WAF and AWS Shield Developer Guide.
", "AssociateProactiveEngagementDetails": "Initializes proactive engagement and sets the list of contacts for the DDoS Response Team (DRT) to use. You must provide at least one phone number in the emergency contact list.
After you have initialized proactive engagement using this call, to disable or enable proactive engagement, use the calls DisableProactiveEngagement and EnableProactiveEngagement.
This call defines the list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you for escalations to the DRT and to initiate proactive customer support.
The contacts that you provide in the request replace any contacts that were already defined. If you already have contacts defined and want to use them, retrieve the list using DescribeEmergencyContactSettings and then provide it to this call.
Enables AWS Shield Advanced for a specific AWS resource. The resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, AWS Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.
You can add protection to only a single resource with each CreateProtection request. If you want to add protection to multiple resources at once, use the AWS WAF console. For more information see Getting Started with AWS Shield Advanced and Add AWS Shield Advanced Protection to more AWS Resources.
", + "CreateProtectionGroup": "Creates a grouping of protected resources so they can be handled as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
", "CreateSubscription": "Activates AWS Shield Advanced for an account.
When you initally create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period. You can change this by submitting an UpdateSubscription request.
Deletes an AWS Shield Advanced Protection.
", + "DeleteProtectionGroup": "Removes the specified protection group.
", "DeleteSubscription": "Removes AWS Shield Advanced from an account. AWS Shield Advanced requires a 1-year subscription commitment. You cannot delete a subscription prior to the completion of that commitment.
", "DescribeAttack": "Describes the details of a DDoS attack.
", + "DescribeAttackStatistics": "Provides information about the number and type of attacks AWS Shield has detected in the last year for all resources that belong to your account, regardless of whether you've defined Shield protections for them. This operation is available to Shield customers as well as to Shield Advanced customers.
The operation returns data for the time range of midnight UTC, one year ago, to midnight UTC, today. For example, if the current time is 2020-10-26 15:39:32 PDT, equal to 2020-10-26 22:39:32 UTC, then the time range for the attack data returned is from 2019-10-26 00:00:00 UTC to 2020-10-26 00:00:00 UTC.
The time range indicates the period covered by the attack statistics data items.
", "DescribeDRTAccess": "Returns the current role and list of Amazon S3 log buckets used by the DDoS Response Team (DRT) to access your AWS account while assisting with attack mitigation.
", "DescribeEmergencyContactSettings": "A list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you if you have proactive engagement enabled, for escalations to the DRT and to initiate proactive customer support.
", "DescribeProtection": "Lists the details of a Protection object.
", + "DescribeProtectionGroup": "Returns the specification for the specified protection group.
", "DescribeSubscription": "Provides details about the AWS Shield Advanced subscription for an account.
", "DisableProactiveEngagement": "Removes authorization from the DDoS Response Team (DRT) to notify contacts about escalations to the DRT and to initiate proactive customer support.
", "DisassociateDRTLogBucket": "Removes the DDoS Response Team's (DRT) access to the specified Amazon S3 bucket containing your AWS WAF logs.
To make a DisassociateDRTLogBucket request, you must be subscribed to the Business Support plan or the Enterprise Support plan. However, if you are not subscribed to one of these support plans, but had been previously and had granted the DRT access to your account, you can submit a DisassociateDRTLogBucket request to remove this access.
Authorizes the DDoS Response Team (DRT) to use email and phone to notify contacts about escalations to the DRT and to initiate proactive customer support.
", "GetSubscriptionState": "Returns the SubscriptionState, either Active or Inactive.
Returns all ongoing DDoS attacks or all DDoS attacks during a specified time period.
", + "ListProtectionGroups": "Retrieves the ProtectionGroup objects for the account.
", "ListProtections": "Lists all Protection objects for the account.
", + "ListResourcesInProtectionGroup": "Retrieves the resources that are included in the protection group.
", "UpdateEmergencyContactSettings": "Updates the details of the list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you if you have proactive engagement enabled, for escalations to the DRT and to initiate proactive customer support.
", + "UpdateProtectionGroup": "Updates an existing protection group. A protection group is a grouping of protected resources so they can be handled as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
", "UpdateSubscription": "Updates the details of an existing subscription. Only enter values for parameters you want to change. Empty parameters are not updated.
" }, "shapes": { @@ -114,6 +121,18 @@ "AttackProperty$AttackPropertyIdentifier": "Defines the DDoS attack property information that is provided. The WORDPRESS_PINGBACK_REFLECTOR and WORDPRESS_PINGBACK_SOURCE values are valid only for WordPress reflective pingback DDoS attacks.
A single attack statistics data record. This is returned by DescribeAttackStatistics along with a time range indicating the time period that the attack statistics apply to.
", + "refs": { + "AttackStatisticsDataList$member": null + } + }, + "AttackStatisticsDataList": { + "base": null, + "refs": { + "DescribeAttackStatisticsResponse$DataItems": "The data that describes the attacks detected during the time period.
" + } + }, "AttackSummaries": { "base": null, "refs": { @@ -149,6 +168,20 @@ "AttackSummary$AttackVectors": "The list of attacks for a specified time period.
" } }, + "AttackVolume": { + "base": "Information about the volume of attacks during the time period, included in an AttackStatisticsDataItem. If the accompanying AttackCount in the statistics object is zero, this setting might be empty.
Information about the volume of attacks during the time period. If the accompanying AttackCount is zero, this setting might be empty.
Statistics objects for the various data types in AttackVolume.
", + "refs": { + "AttackVolume$BitsPerSecond": "A statistics object that uses bits per second as the unit. This is included for network level attacks.
", + "AttackVolume$PacketsPerSecond": "A statistics object that uses packets per second as the unit. This is included for network level attacks.
", + "AttackVolume$RequestsPerSecond": "A statistics object that uses requests per second as the unit. This is included for application level attacks, and is only available for accounts that are subscribed to Shield Advanced.
" + } + }, "AutoRenew": { "base": null, "refs": { @@ -168,6 +201,16 @@ "TopContributors$member": null } }, + "CreateProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "CreateProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "CreateProtectionRequest": { "base": null, "refs": { @@ -188,6 +231,16 @@ "refs": { } }, + "DeleteProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "DeleteProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "DeleteProtectionRequest": { "base": null, "refs": { @@ -218,6 +271,16 @@ "refs": { } }, + "DescribeAttackStatisticsRequest": { + "base": null, + "refs": { + } + }, + "DescribeAttackStatisticsResponse": { + "base": null, + "refs": { + } + }, "DescribeDRTAccessRequest": { "base": null, "refs": { @@ -238,6 +301,16 @@ "refs": { } }, + "DescribeProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "DescribeProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "DescribeProtectionRequest": { "base": null, "refs": { @@ -301,6 +374,7 @@ "Double": { "base": null, "refs": { + "AttackVolumeStatistics$Max": "The maximum attack volume observed for the given unit.
", "SummarizedCounter$Max": "The maximum value of the counter for a specified time period.
", "SummarizedCounter$Average": "The average value of the counter for a specified time period.
", "SummarizedCounter$Sum": "The total of counter values for a specified time period.
" @@ -393,7 +467,7 @@ } }, "InvalidParameterException": { - "base": "Exception that indicates that the parameters passed to the API are invalid.
", + "base": "Exception that indicates that the parameters passed to the API are invalid. If available, this exception includes details in additional properties.
", "refs": { } }, @@ -423,6 +497,7 @@ "Limits": { "base": null, "refs": { + "ProtectionLimits$ProtectedResourceTypeLimits": "The maximum number of resource types that you can specify in a protection.
", "Subscription$Limits": "Specifies how many protections of a given type you can create.
" } }, @@ -441,6 +516,16 @@ "refs": { } }, + "ListProtectionGroupsRequest": { + "base": null, + "refs": { + } + }, + "ListProtectionGroupsResponse": { + "base": null, + "refs": { + } + }, "ListProtectionsRequest": { "base": null, "refs": { @@ -451,6 +536,16 @@ "refs": { } }, + "ListResourcesInProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "ListResourcesInProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "LockedSubscriptionException": { "base": "You are trying to update a subscription that has not yet completed the 1-year commitment. You can change the AutoRenew parameter during the last 30 days of your subscription. This exception indicates that you are attempting to change AutoRenew prior to that period.
The total contributions made to this attack by all contributors, not just the five listed in the TopContributors list.
The number of attacks detected during the time period. This is always present, but might be zero.
", "Contributor$Value": "The contribution of this contributor expressed in Protection units. For example 10,000.
The maximum number of protections that can be created for the specified Type.
The maximum number of protections that can be created for the specified Type.
The maximum number of resources you can specify for a single arbitrary pattern in a protection group.
", + "ProtectionGroupLimits$MaxProtectionGroups": "The maximum number of protection groups that you can have at one time.
" } }, "MaxResults": { "base": null, "refs": { - "ListAttacksRequest$MaxResults": "The maximum number of AttackSummary objects to be returned. If this is left blank, the first 20 results will be returned.
This is a maximum value; it is possible that AWS WAF will return the results in smaller batches. That is, the number of AttackSummary objects returned could be less than MaxResults, even if there are still more AttackSummary objects yet to return. If there are more AttackSummary objects to return, AWS WAF will always also return a NextToken.
The maximum number of Protection objects to be returned. If this is left blank the first 20 results will be returned.
This is a maximum value; it is possible that AWS WAF will return the results in smaller batches. That is, the number of Protection objects returned could be less than MaxResults, even if there are still more Protection objects yet to return. If there are more Protection objects to return, AWS WAF will always also return a NextToken.
The maximum number of AttackSummary objects to return. If you leave this blank, Shield Advanced returns the first 20 results.
This is a maximum value. Shield Advanced might return the results in smaller batches. That is, the number of objects returned could be less than MaxResults, even if there are still more objects yet to return. If there are more objects to return, Shield Advanced returns a value in NextToken that you can use in your next request, to get the next batch of objects.
The maximum number of ProtectionGroup objects to return. If you leave this blank, Shield Advanced returns the first 20 results.
This is a maximum value. Shield Advanced might return the results in smaller batches. That is, the number of objects returned could be less than MaxResults, even if there are still more objects yet to return. If there are more objects to return, Shield Advanced returns a value in NextToken that you can use in your next request, to get the next batch of objects.
The maximum number of Protection objects to return. If you leave this blank, Shield Advanced returns the first 20 results.
This is a maximum value. Shield Advanced might return the results in smaller batches. That is, the number of objects returned could be less than MaxResults, even if there are still more objects yet to return. If there are more objects to return, Shield Advanced returns a value in NextToken that you can use in your next request, to get the next batch of objects.
The maximum number of resource ARN objects to return. If you leave this blank, Shield Advanced returns the first 20 results.
This is a maximum value. Shield Advanced might return the results in smaller batches. That is, the number of objects returned could be less than MaxResults, even if there are still more objects yet to return. If there are more objects to return, Shield Advanced returns a value in NextToken that you can use in your next request, to get the next batch of objects.
If ENABLED, the DDoS Response Team (DRT) will use email and phone to notify contacts about escalations to the DRT and to initiate proactive customer support.
If PENDING, you have requested proactive engagement and the request is pending. The status changes to ENABLED when your request is fully processed.
If DISABLED, the DRT will not proactively notify contacts about escalations or to initiate proactive customer support.
The resource type to include in the protection group. All protected resources of this type are included in the protection group. Newly protected resources of this type are automatically added to the group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.
The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.
The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.
An object that represents a resource that is under DDoS protection.
", "refs": { @@ -526,6 +634,72 @@ "Protections$member": null } }, + "ProtectionGroup": { + "base": "A grouping of protected resources that you and AWS Shield Advanced can monitor as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
", + "refs": { + "DescribeProtectionGroupResponse$ProtectionGroup": "A grouping of protected resources that you and AWS Shield Advanced can monitor as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
", + "ProtectionGroups$member": null + } + }, + "ProtectionGroupAggregation": { + "base": null, + "refs": { + "CreateProtectionGroupRequest$Aggregation": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include CloudFront distributions and origin resources for CloudFront distributions.
Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include CloudFront distributions and origin resources for CloudFront distributions.
Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include CloudFront distributions and origin resources for CloudFront distributions.
Limits settings on protection groups with arbitrary pattern type.
", + "refs": { + "ProtectionGroupPatternTypeLimits$ArbitraryPatternLimits": "Limits settings on protection groups with arbitrary pattern type.
" + } + }, + "ProtectionGroupId": { + "base": null, + "refs": { + "CreateProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "DeleteProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "DescribeProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "ListResourcesInProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "ProtectionGroup$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
", + "UpdateProtectionGroupRequest$ProtectionGroupId": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.
" + } + }, + "ProtectionGroupLimits": { + "base": "Limits settings on protection groups for your subscription.
", + "refs": { + "SubscriptionLimits$ProtectionGroupLimits": "Limits settings on protection groups for your subscription.
" + } + }, + "ProtectionGroupMembers": { + "base": null, + "refs": { + "CreateProtectionGroupRequest$Members": "The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.
The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.
The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.
The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type.
", + "ProtectionGroup$Pattern": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type.
", + "UpdateProtectionGroupRequest$Pattern": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type.
" + } + }, + "ProtectionGroupPatternTypeLimits": { + "base": "Limits settings by pattern type in the protection groups for your subscription.
", + "refs": { + "ProtectionGroupLimits$PatternTypeLimits": "Limits settings by pattern type in the protection groups for your subscription.
" + } + }, + "ProtectionGroups": { + "base": null, + "refs": { + "ListProtectionGroupsResponse$ProtectionGroups": "" + } + }, "ProtectionId": { "base": null, "refs": { @@ -537,11 +711,17 @@ "Protection$Id": "The unique identifier (ID) of the protection.
" } }, + "ProtectionLimits": { + "base": "Limits settings on protections for your subscription.
", + "refs": { + "SubscriptionLimits$ProtectionLimits": "Limits settings on protections for your subscription.
" + } + }, "ProtectionName": { "base": null, "refs": { "CreateProtectionRequest$Name": "Friendly name for the Protection you are creating.
The friendly name of the protection. For example, My CloudFront distributions.
The name of the protection. For example, My CloudFront distributions.
Exception indicating the specified resource already exists.
", + "base": "Exception indicating the specified resource already exists. If available, this exception includes details in additional properties.
", "refs": { } }, @@ -562,7 +742,9 @@ "CreateProtectionRequest$ResourceArn": "The ARN (Amazon Resource Name) of the resource to be protected.
The ARN should be in one of the following formats:
For an Application Load Balancer: arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
For an Elastic Load Balancer (Classic Load Balancer): arn:aws:elasticloadbalancing:region:account-id:loadbalancer/load-balancer-name
For an AWS CloudFront distribution: arn:aws:cloudfront::account-id:distribution/distribution-id
For an AWS Global Accelerator accelerator: arn:aws:globalaccelerator::account-id:accelerator/accelerator-id
For Amazon Route 53: arn:aws:route53:::hostedzone/hosted-zone-id
For an Elastic IP address: arn:aws:ec2:region:account-id:eip-allocation/allocation-id
The ARN (Amazon Resource Name) of the AWS resource for the Protection object that is described. When submitting the DescribeProtection request you must provide either the ResourceArn or the ProtectionID, but not both.
The ARN (Amazon Resource Name) of the AWS resource that is protected.
", - "ResourceArnFilterList$member": null + "ProtectionGroupMembers$member": null, + "ResourceArnFilterList$member": null, + "ResourceArnList$member": null } }, "ResourceArnFilterList": { @@ -571,8 +753,14 @@ "ListAttacksRequest$ResourceArns": "The ARN (Amazon Resource Name) of the resource that was attacked. If this is left blank, all applicable resources for this account will be included.
" } }, + "ResourceArnList": { + "base": null, + "refs": { + "ListResourcesInProtectionGroupResponse$ResourceArns": "The Amazon Resource Names (ARNs) of the resources that are included in the protection group.
" + } + }, "ResourceNotFoundException": { - "base": "Exception indicating the specified resource does not exist.
", + "base": "Exception indicating the specified resource does not exist. If available, this exception includes details in additional properties.
", "refs": { } }, @@ -592,10 +780,14 @@ "Contributor$Name": "The name of the contributor. This is dependent on the AttackPropertyIdentifier. For example, if the AttackPropertyIdentifier is SOURCE_COUNTRY, the Name could be United States.
The type of protection.
", "Mitigation$MitigationName": "The name of the mitigation taken for this attack.
", + "ResourceAlreadyExistsException$resourceType": "The type of resource that already exists.
", + "ResourceNotFoundException$resourceType": "Type of resource.
", "SubResourceSummary$Id": "The unique identifier (ID) of the SubResource.
The attack type, for example, SNMP reflection or SYN flood.
", "SummarizedCounter$Name": "The counter name.
", - "SummarizedCounter$Unit": "The unit of the counters.
" + "SummarizedCounter$Unit": "The unit of the counters.
", + "ValidationExceptionField$name": "The name of the parameter that failed validation.
", + "ValidationExceptionField$message": "The message describing why the parameter failed validation.
" } }, "SubResourceSummary": { @@ -622,6 +814,12 @@ "DescribeSubscriptionResponse$Subscription": "The AWS Shield Advanced subscription details for an account.
" } }, + "SubscriptionLimits": { + "base": "Limits settings for your subscription.
", + "refs": { + "Subscription$SubscriptionLimits": "Limits settings for your subscription.
" + } + }, "SubscriptionState": { "base": null, "refs": { @@ -655,8 +853,9 @@ } }, "TimeRange": { - "base": "The time range.
", + "base": "The time range.
", "refs": { + "DescribeAttackStatisticsResponse$TimeRange": null, "ListAttacksRequest$StartTime": "The start of the time period for the attacks. This is a timestamp type. The sample request above indicates a number type because the default used by WAF is Unix time in seconds. However any valid timestamp format is allowed.
The end of the time period for the attacks. This is a timestamp type. The sample request above indicates a number type because the default used by WAF is Unix time in seconds. However any valid timestamp format is allowed.
The ListAttacksRequest.NextMarker value from a previous call to ListAttacksRequest. Pass null if this is the first call.
The token returned by a previous call to indicate that there is more data available. If not null, more results are available. Pass this value for the NextMarker parameter in a subsequent call to ListAttacks to retrieve the next set of items.
AWS WAF might return the list of AttackSummary objects in batches smaller than the number specified by MaxResults. If there are more AttackSummary objects to return, AWS WAF will always also return a NextToken.
The token returned by a previous call to indicate that there is more data available. If not null, more results are available. Pass this value for the NextMarker parameter in a subsequent call to ListAttacks to retrieve the next set of items.
Shield Advanced might return the list of AttackSummary objects in batches smaller than the number specified by MaxResults. If there are more attack summary objects to return, Shield Advanced will always also return a NextToken.
The next token value from a previous call to ListProtectionGroups. Pass null if this is the first call.
If you specify a value for MaxResults and you have more protection groups than the value of MaxResults, AWS Shield Advanced returns this token that you can use in your next request, to get the next batch of objects.
The ListProtectionsRequest.NextToken value from a previous call to ListProtections. Pass null if this is the first call.
If you specify a value for MaxResults and you have more Protections than the value of MaxResults, AWS Shield Advanced returns a NextToken value in the response that allows you to list another group of Protections. For the second and subsequent ListProtections requests, specify the value of NextToken from the previous response to get information about another batch of Protections.
AWS WAF might return the list of Protection objects in batches smaller than the number specified by MaxResults. If there are more Protection objects to return, AWS WAF will always also return a NextToken.
If you specify a value for MaxResults and you have more Protections than the value of MaxResults, AWS Shield Advanced returns a NextToken value in the response that allows you to list another group of Protections. For the second and subsequent ListProtections requests, specify the value of NextToken from the previous response to get information about another batch of Protections.
Shield Advanced might return the list of Protection objects in batches smaller than the number specified by MaxResults. If there are more Protection objects to return, Shield Advanced will always also return a NextToken.
The next token value from a previous call to ListResourcesInProtectionGroup. Pass null if this is the first call.
If you specify a value for MaxResults and you have more resources in the protection group than the value of MaxResults, AWS Shield Advanced returns this token that you can use in your next request, to get the next batch of objects.
The array of Contributor objects that includes the top five contributors to an attack.
" + "AttackProperty$TopContributors": "The array of contributor objects that includes the top five contributors to an attack.
" } }, "Unit": { @@ -699,6 +902,16 @@ "refs": { } }, + "UpdateProtectionGroupRequest": { + "base": null, + "refs": { + } + }, + "UpdateProtectionGroupResponse": { + "base": null, + "refs": { + } + }, "UpdateSubscriptionRequest": { "base": null, "refs": { @@ -709,6 +922,24 @@ "refs": { } }, + "ValidationExceptionField": { + "base": "Provides information about a particular parameter passed inside a request that resulted in an exception.
", + "refs": { + "ValidationExceptionFieldList$member": null + } + }, + "ValidationExceptionFieldList": { + "base": null, + "refs": { + "InvalidParameterException$fields": "Fields that caused the exception.
" + } + }, + "ValidationExceptionReason": { + "base": null, + "refs": { + "InvalidParameterException$reason": "Additional information about the exception.
" + } + }, "errorMessage": { "base": null, "refs": { diff --git a/aws-sdk-core/apis/shield/2016-06-02/paginators-1.json b/aws-sdk-core/apis/shield/2016-06-02/paginators-1.json index cffb14b6819..362ad5d7198 100644 --- a/aws-sdk-core/apis/shield/2016-06-02/paginators-1.json +++ b/aws-sdk-core/apis/shield/2016-06-02/paginators-1.json @@ -6,11 +6,21 @@ "output_token": "NextToken", "result_key": "AttackSummaries" }, + "ListProtectionGroups": { + "input_token": "NextToken", + "limit_key": "MaxResults", + "output_token": "NextToken" + }, "ListProtections": { "input_token": "NextToken", "limit_key": "MaxResults", "output_token": "NextToken", "result_key": "Protections" + }, + "ListResourcesInProtectionGroup": { + "input_token": "NextToken", + "limit_key": "MaxResults", + "output_token": "NextToken" } } } \ No newline at end of file diff --git a/aws-sdk-core/apis/textract/2018-06-27/api-2.json b/aws-sdk-core/apis/textract/2018-06-27/api-2.json index 58972b2eb01..4e2e88d31cf 100644 --- a/aws-sdk-core/apis/textract/2018-06-27/api-2.json +++ b/aws-sdk-core/apis/textract/2018-06-27/api-2.json @@ -100,6 +100,7 @@ "errors":[ {"shape":"InvalidParameterException"}, {"shape":"InvalidS3ObjectException"}, + {"shape":"InvalidKMSKeyException"}, {"shape":"UnsupportedDocumentException"}, {"shape":"DocumentTooLargeException"}, {"shape":"BadDocumentException"}, @@ -122,6 +123,7 @@ "errors":[ {"shape":"InvalidParameterException"}, {"shape":"InvalidS3ObjectException"}, + {"shape":"InvalidKMSKeyException"}, {"shape":"UnsupportedDocumentException"}, {"shape":"DocumentTooLargeException"}, {"shape":"BadDocumentException"}, @@ -174,6 +176,7 @@ "BlockType":{"shape":"BlockType"}, "Confidence":{"shape":"Percent"}, "Text":{"shape":"String"}, + "TextType":{"shape":"TextType"}, "RowIndex":{"shape":"UInteger"}, "ColumnIndex":{"shape":"UInteger"}, "RowSpan":{"shape":"UInteger"}, @@ -432,6 +435,12 @@ }, "exception":true }, + "InvalidKMSKeyException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, "InvalidParameterException":{ "type":"structure", "members":{ @@ -465,6 +474,12 @@ "min":1, "pattern":"[a-zA-Z0-9_.\\-:]+" }, + "KMSKeyId":{ + "type":"string", + "max":2048, + "min":1, + "pattern":"^[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,2048}$" + }, "LimitExceededException":{ "type":"structure", "members":{ @@ -606,7 +621,8 @@ "ClientRequestToken":{"shape":"ClientRequestToken"}, "JobTag":{"shape":"JobTag"}, "NotificationChannel":{"shape":"NotificationChannel"}, - "OutputConfig":{"shape":"OutputConfig"} + "OutputConfig":{"shape":"OutputConfig"}, + "KMSKeyId":{"shape":"KMSKeyId"} } }, "StartDocumentAnalysisResponse":{ @@ -623,7 +639,8 @@ "ClientRequestToken":{"shape":"ClientRequestToken"}, "JobTag":{"shape":"JobTag"}, "NotificationChannel":{"shape":"NotificationChannel"}, - "OutputConfig":{"shape":"OutputConfig"} + "OutputConfig":{"shape":"OutputConfig"}, + "KMSKeyId":{"shape":"KMSKeyId"} } }, "StartDocumentTextDetectionResponse":{ @@ -634,6 +651,13 @@ }, "StatusMessage":{"type":"string"}, "String":{"type":"string"}, + "TextType":{ + "type":"string", + "enum":[ + "HANDWRITING", + "PRINTED" + ] + }, "ThrottlingException":{ "type":"structure", "members":{ diff --git a/aws-sdk-core/apis/textract/2018-06-27/docs-2.json b/aws-sdk-core/apis/textract/2018-06-27/docs-2.json index 342a017144e..d4fc187b6cd 100644 --- a/aws-sdk-core/apis/textract/2018-06-27/docs-2.json +++ b/aws-sdk-core/apis/textract/2018-06-27/docs-2.json @@ -110,7 +110,7 @@ } }, "DocumentTooLargeException": { - "base": "The document can't be processed because it's too large. The maximum document size for synchronous operations 5 MB. The maximum document size for asynchronous operations is 500 MB for PDF files.
", + "base": "The document can't be processed because it's too large. The maximum document size for synchronous operations 10 MB. The maximum document size for asynchronous operations is 500 MB for PDF files.
", "refs": { } }, @@ -268,6 +268,11 @@ "refs": { } }, + "InvalidKMSKeyException": { + "base": "Indicates you do not have decrypt permissions with the KMS key entered, or the KMS key was entered incorrectly.
", + "refs": { + } + }, "InvalidParameterException": { "base": "An input parameter violated a constraint. For example, in synchronous operations, an InvalidParameterException exception occurs when neither of the S3Object or Bytes values are supplied in the Document request parameter. Validate your parameter before calling the API operation again.
An identifier that you specify that's included in the completion notification published to the Amazon SNS topic. For example, you can use JobTag to identify the type of document that the completion notification corresponds to (such as a tax form or a receipt).
The KMS key used to encrypt the inference results. This can be in either Key ID or Key Alias format. When a KMS key is provided, the KMS key will be used for server-side encryption of the objects in the customer bucket. When this parameter is not enabled, the result will be encrypted server side,using SSE-S3.
", + "StartDocumentTextDetectionRequest$KMSKeyId": "The KMS key used to encrypt the inference results. This can be in either Key ID or Key Alias format. When a KMS key is provided, the KMS key will be used for server-side encryption of the objects in the customer bucket. When this parameter is not enabled, the result will be encrypted server side,using SSE-S3.
" + } + }, "LimitExceededException": { "base": "An Amazon Textract service limit was exceeded. For example, if you start too many asynchronous jobs concurrently, calls to start operations (StartDocumentTextDetection, for example) raise a LimitExceededException exception (HTTP status code: 400) until the number of concurrently running jobs is below the Amazon Textract service limit.
The service code.
" } }, + "TextType": { + "base": null, + "refs": { + "Block$TextType": "The kind of text that Amazon Textract has detected. Can check for handwritten text and printed text.
" + } + }, "ThrottlingException": { "base": "Amazon Textract is temporarily unable to process the request. Try your call again.
", "refs": { diff --git a/aws-sdk-core/endpoints.json b/aws-sdk-core/endpoints.json index 4d783373fa1..563ddd6d05b 100644 --- a/aws-sdk-core/endpoints.json +++ b/aws-sdk-core/endpoints.json @@ -653,6 +653,7 @@ }, "appsync" : { "endpoints" : { + "ap-east-1" : { }, "ap-northeast-1" : { }, "ap-northeast-2" : { }, "ap-south-1" : { }, @@ -665,6 +666,7 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "me-south-1" : { }, "sa-east-1" : { }, "us-east-1" : { }, "us-east-2" : { }, @@ -2851,6 +2853,7 @@ }, "glue" : { "endpoints" : { + "af-south-1" : { }, "ap-east-1" : { }, "ap-northeast-1" : { }, "ap-northeast-2" : { }, @@ -6544,7 +6547,8 @@ }, "appsync" : { "endpoints" : { - "cn-north-1" : { } + "cn-north-1" : { }, + "cn-northwest-1" : { } } }, "athena" : { @@ -8104,6 +8108,17 @@ "us-gov-west-1" : { } } }, + "lakeformation" : { + "endpoints" : { + "fips-us-gov-west-1" : { + "credentialScope" : { + "region" : "us-gov-west-1" + }, + "hostname" : "lakeformation-fips.us-gov-west-1.amazonaws.com" + }, + "us-gov-west-1" : { } + } + }, "lambda" : { "endpoints" : { "fips-us-gov-east-1" : { @@ -9108,6 +9123,14 @@ "us-iso-east-1" : { } } }, + "translate" : { + "defaults" : { + "protocols" : [ "https" ] + }, + "endpoints" : { + "us-iso-east-1" : { } + } + }, "workspaces" : { "endpoints" : { "us-iso-east-1" : { }