Operations for Amazon Web Services Account Management
", @@ -138,12 +141,6 @@ "smithy.rules#endpointRuleSet": { "version": "1.0", "parameters": { - "Region": { - "builtIn": "AWS::Region", - "required": false, - "documentation": "The AWS region used to dispatch the request.", - "type": "String" - }, "UseDualStack": { "builtIn": "AWS::UseDualStack", "required": true, @@ -163,6 +160,12 @@ "required": false, "documentation": "Override the endpoint used to send this request", "type": "String" + }, + "Region": { + "builtIn": "AWS::Region", + "required": false, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" } }, "rules": [ @@ -194,263 +197,235 @@ "type": "error" }, { - "conditions": [ + "conditions": [], + "rules": [ { - "fn": "booleanEquals", - "argv": [ + "conditions": [ { - "ref": "UseDualStack" + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" }, - true - ] + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" - }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "type": "tree" } ], "type": "tree" }, { - "conditions": [ - { - "fn": "isSet", - "argv": [ - { - "ref": "Region" - } - ] - } - ], + "conditions": [], "rules": [ { "conditions": [ { - "fn": "aws.partition", + "fn": "isSet", "argv": [ { "ref": "Region" } - ], - "assign": "PartitionResult" + ] } ], "rules": [ { "conditions": [ { - "fn": "stringEquals", + "fn": "aws.partition", "argv": [ { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "name" - ] - }, - "aws" - ] - }, - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - false - ] - }, - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - false - ] + "ref": "Region" + } + ], + "assign": "PartitionResult" } ], - "endpoint": { - "url": "https://account.us-east-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "account", - "signingRegion": "us-east-1" - } - ] - }, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [ + "rules": [ { - "fn": "stringEquals", - "argv": [ + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseFIPS" }, - "name" + true ] }, - "aws-cn" - ] - }, - { - "fn": "booleanEquals", - "argv": [ { - "ref": "UseFIPS" - }, - false - ] - }, - { - "fn": "booleanEquals", - "argv": [ + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "rules": [ { - "ref": "UseDualStack" + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://account-fips.{PartitionResult#implicitGlobalRegion}.{PartitionResult#dualStackDnsSuffix}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "{PartitionResult#implicitGlobalRegion}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" }, - false - ] - } - ], - "endpoint": { - "url": "https://account.cn-northwest-1.amazonaws.com.cn", - "properties": { - "authSchemes": [ { - "name": "sigv4", - "signingName": "account", - "signingRegion": "cn-northwest-1" + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" } - ] - }, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] + ], + "type": "tree" }, - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } + "ref": "UseFIPS" + }, + true ] }, { "fn": "booleanEquals", "argv": [ - true, { - "fn": "getAttr", + "ref": "UseDualStack" + }, + false + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] }, - "supportsDualStack" + true ] } - ] - } - ], - "rules": [ + ], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://account-fips.{PartitionResult#implicitGlobalRegion}.{PartitionResult#dnsSuffix}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "{PartitionResult#implicitGlobalRegion}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + }, { "conditions": [], - "endpoint": { - "url": "https://account-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" } ], "type": "tree" }, { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } - ], - "type": "tree" - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ + "conditions": [ { - "ref": "UseFIPS" + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + false + ] }, - true - ] - } - ], - "rules": [ - { - "conditions": [ { "fn": "booleanEquals", "argv": [ { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] + "ref": "UseDualStack" }, true ] @@ -458,127 +433,130 @@ ], "rules": [ { - "conditions": [], - "endpoint": { - "url": "https://account-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ], - "type": "tree" - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ + true, { - "ref": "PartitionResult" - }, - "supportsDualStack" + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } ] } - ] - } - ], - "rules": [ + ], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://account.{PartitionResult#implicitGlobalRegion}.{PartitionResult#dualStackDnsSuffix}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "{PartitionResult#implicitGlobalRegion}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + }, { "conditions": [], - "endpoint": { - "url": "https://account.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ], "type": "tree" }, { "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" + "endpoint": { + "url": "https://account.{PartitionResult#implicitGlobalRegion}.{PartitionResult#dnsSuffix}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "{PartitionResult#implicitGlobalRegion}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" } ], "type": "tree" - }, - { - "conditions": [], - "endpoint": { - "url": "https://account.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" } ], "type": "tree" + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" } ], "type": "tree" - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] }, "smithy.rules#endpointTests": { "testCases": [ { - "documentation": "For region aws-global with FIPS disabled and DualStack disabled", + "documentation": "For custom endpoint with region not set and fips disabled", "expect": { "endpoint": { - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "account", - "signingRegion": "us-east-1" - } - ] - }, - "url": "https://account.us-east-1.amazonaws.com" + "url": "https://example.com" } }, "params": { - "Region": "aws-global", + "Endpoint": "https://example.com", + "UseFIPS": false + } + }, + { + "documentation": "For custom endpoint with fips enabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "Endpoint": "https://example.com", + "UseFIPS": true + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "Endpoint": "https://example.com", "UseFIPS": false, - "UseDualStack": false + "UseDualStack": true } }, { "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-east-1" + } + ] + }, "url": "https://account-fips.us-east-1.api.aws" } }, @@ -592,6 +570,14 @@ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-east-1" + } + ] + }, "url": "https://account-fips.us-east-1.amazonaws.com" } }, @@ -605,6 +591,14 @@ "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-east-1" + } + ] + }, "url": "https://account.us-east-1.api.aws" } }, @@ -622,7 +616,6 @@ "authSchemes": [ { "name": "sigv4", - "signingName": "account", "signingRegion": "us-east-1" } ] @@ -637,75 +630,76 @@ } }, { - "documentation": "For region aws-cn-global with FIPS disabled and DualStack disabled", + "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { "properties": { "authSchemes": [ { "name": "sigv4", - "signingName": "account", "signingRegion": "cn-northwest-1" } ] }, - "url": "https://account.cn-northwest-1.amazonaws.com.cn" + "url": "https://account-fips.cn-northwest-1.api.amazonwebservices.com.cn" } }, "params": { - "Region": "aws-cn-global", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://account-fips.cn-north-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "Region": "cn-north-1", + "Region": "cn-northwest-1", "UseFIPS": true, "UseDualStack": true } }, { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://account-fips.cn-north-1.amazonaws.com.cn" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "cn-northwest-1" + } + ] + }, + "url": "https://account-fips.cn-northwest-1.amazonaws.com.cn" } }, "params": { - "Region": "cn-north-1", + "Region": "cn-northwest-1", "UseFIPS": true, "UseDualStack": false } }, { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://account.cn-north-1.api.amazonwebservices.com.cn" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "cn-northwest-1" + } + ] + }, + "url": "https://account.cn-northwest-1.api.amazonwebservices.com.cn" } }, "params": { - "Region": "cn-north-1", + "Region": "cn-northwest-1", "UseFIPS": false, "UseDualStack": true } }, { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { "properties": { "authSchemes": [ { "name": "sigv4", - "signingName": "account", "signingRegion": "cn-northwest-1" } ] @@ -714,59 +708,91 @@ } }, "params": { - "Region": "cn-north-1", + "Region": "cn-northwest-1", "UseFIPS": false, "UseDualStack": false } }, { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://account-fips.us-gov-east-1.api.aws" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-gov-west-1" + } + ] + }, + "url": "https://account-fips.us-gov-west-1.api.aws" } }, "params": { - "Region": "us-gov-east-1", + "Region": "us-gov-west-1", "UseFIPS": true, "UseDualStack": true } }, { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://account-fips.us-gov-east-1.amazonaws.com" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-gov-west-1" + } + ] + }, + "url": "https://account-fips.us-gov-west-1.amazonaws.com" } }, "params": { - "Region": "us-gov-east-1", + "Region": "us-gov-west-1", "UseFIPS": true, "UseDualStack": false } }, { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://account.us-gov-east-1.api.aws" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-gov-west-1" + } + ] + }, + "url": "https://account.us-gov-west-1.api.aws" } }, "params": { - "Region": "us-gov-east-1", + "Region": "us-gov-west-1", "UseFIPS": false, "UseDualStack": true } }, { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://account.us-gov-east-1.amazonaws.com" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-gov-west-1" + } + ] + }, + "url": "https://account.us-gov-west-1.amazonaws.com" } }, "params": { - "Region": "us-gov-east-1", + "Region": "us-gov-west-1", "UseFIPS": false, "UseDualStack": false } @@ -786,6 +812,14 @@ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-iso-east-1" + } + ] + }, "url": "https://account-fips.us-iso-east-1.c2s.ic.gov" } }, @@ -810,6 +844,14 @@ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-iso-east-1" + } + ] + }, "url": "https://account.us-iso-east-1.c2s.ic.gov" } }, @@ -834,6 +876,14 @@ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-isob-east-1" + } + ] + }, "url": "https://account-fips.us-isob-east-1.sc2s.sgov.gov" } }, @@ -858,6 +908,14 @@ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-isob-east-1" + } + ] + }, "url": "https://account.us-isob-east-1.sc2s.sgov.gov" } }, @@ -868,54 +926,131 @@ } }, { - "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", + "documentation": "For region eu-isoe-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "eu-isoe-west-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region eu-isoe-west-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://example.com" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "eu-isoe-west-1" + } + ] + }, + "url": "https://account-fips.eu-isoe-west-1.cloud.adc-e.uk" } }, "params": { - "Region": "us-east-1", + "Region": "eu-isoe-west-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-isoe-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "eu-isoe-west-1", "UseFIPS": false, - "UseDualStack": false, - "Endpoint": "https://example.com" + "UseDualStack": true } }, { - "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", + "documentation": "For region eu-isoe-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://example.com" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "eu-isoe-west-1" + } + ] + }, + "url": "https://account.eu-isoe-west-1.cloud.adc-e.uk" } }, "params": { + "Region": "eu-isoe-west-1", "UseFIPS": false, - "UseDualStack": false, - "Endpoint": "https://example.com" + "UseDualStack": false } }, { - "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "documentation": "For region us-isof-south-1 with FIPS enabled and DualStack enabled", "expect": { - "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "Region": "us-east-1", + "Region": "us-isof-south-1", "UseFIPS": true, - "UseDualStack": false, - "Endpoint": "https://example.com" + "UseDualStack": true } }, { - "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "documentation": "For region us-isof-south-1 with FIPS enabled and DualStack disabled", "expect": { - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-isof-south-1" + } + ] + }, + "url": "https://account-fips.us-isof-south-1.csp.hci.ic.gov" + } }, "params": { - "Region": "us-east-1", + "Region": "us-isof-south-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-isof-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-isof-south-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-isof-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingRegion": "us-isof-south-1" + } + ] + }, + "url": "https://account.us-isof-south-1.csp.hci.ic.gov" + } + }, + "params": { + "Region": "us-isof-south-1", "UseFIPS": false, - "UseDualStack": true, - "Endpoint": "https://example.com" + "UseDualStack": false } }, { diff --git a/codegen/sdk/aws-models/amplify.json b/codegen/sdk/aws-models/amplify.json index 45ba331ec0a..61be8fba947 100644 --- a/codegen/sdk/aws-models/amplify.json +++ b/codegen/sdk/aws-models/amplify.json @@ -1100,14 +1100,14 @@ "createTime": { "target": "com.amazonaws.amplify#CreateTime", "traits": { - "smithy.api#documentation": "Creates a date and time for the Amplify app.
", + "smithy.api#documentation": "A timestamp of when Amplify created the application.
", "smithy.api#required": {} } }, "updateTime": { "target": "com.amazonaws.amplify#UpdateTime", "traits": { - "smithy.api#documentation": "Updates the date and time for the Amplify app.
", + "smithy.api#documentation": "A timestamp of when Amplify updated the application.
", "smithy.api#required": {} } }, @@ -1210,6 +1210,18 @@ "traits": { "smithy.api#documentation": "The cache configuration for the Amplify app. If you don't specify the\n cache configuration type, Amplify uses the default\n AMPLIFY_MANAGED setting.
A timestamp of when Amplify created the webhook in your Git repository.
" + } + }, + "wafConfiguration": { + "target": "com.amazonaws.amplify#WafConfiguration", + "traits": { + "smithy.api#documentation": "Describes the Firewall configuration for the Amplify app. Firewall support enables you to protect your hosted applications with a direct integration\n with WAF.
" + } } }, "traits": { @@ -1587,14 +1599,14 @@ "createTime": { "target": "com.amazonaws.amplify#CreateTime", "traits": { - "smithy.api#documentation": "The creation date and time for a branch that is part of an Amplify app.
", + "smithy.api#documentation": "A timestamp of when Amplify created the branch.
", "smithy.api#required": {} } }, "updateTime": { "target": "com.amazonaws.amplify#UpdateTime", "traits": { - "smithy.api#documentation": "The last updated date and time for a branch that is part of an Amplify app.
", + "smithy.api#documentation": "A timestamp for the last updated time for a branch.
", "smithy.api#required": {} } }, @@ -4169,6 +4181,12 @@ "com.amazonaws.amplify#JobStatus": { "type": "enum", "members": { + "CREATED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CREATED" + } + }, "PENDING": { "target": "smithy.api#Unit", "traits": { @@ -4253,7 +4271,7 @@ "commitTime": { "target": "com.amazonaws.amplify#CommitTime", "traits": { - "smithy.api#documentation": "The commit date and time for the job.
", + "smithy.api#documentation": "The commit date and time for the job.
", "smithy.api#required": {} } }, @@ -6686,6 +6704,77 @@ "com.amazonaws.amplify#Verified": { "type": "boolean" }, + "com.amazonaws.amplify#WafConfiguration": { + "type": "structure", + "members": { + "webAclArn": { + "target": "com.amazonaws.amplify#WebAclArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the web ACL associated with an Amplify app.
" + } + }, + "wafStatus": { + "target": "com.amazonaws.amplify#WafStatus", + "traits": { + "smithy.api#documentation": "The status of the process to associate or disassociate a web ACL to an Amplify app.
" + } + }, + "statusReason": { + "target": "com.amazonaws.amplify#StatusReason", + "traits": { + "smithy.api#documentation": "The reason for the current status of the Firewall configuration.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes the Firewall configuration for a hosted Amplify application.\n Firewall support enables you to protect your web applications with a direct integration\n with WAF. For more information about using WAF protections for an Amplify application, see\n Firewall support for hosted sites in the Amplify\n User Guide.
" + } + }, + "com.amazonaws.amplify#WafStatus": { + "type": "enum", + "members": { + "ASSOCIATING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ASSOCIATING" + } + }, + "ASSOCIATION_FAILED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ASSOCIATION_FAILED" + } + }, + "ASSOCIATION_SUCCESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ASSOCIATION_SUCCESS" + } + }, + "DISASSOCIATING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISASSOCIATING" + } + }, + "DISASSOCIATION_FAILED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISASSOCIATION_FAILED" + } + } + } + }, + "com.amazonaws.amplify#WebAclArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 512 + }, + "smithy.api#pattern": "^arn:aws:wafv2:" + } + }, "com.amazonaws.amplify#Webhook": { "type": "structure", "members": { @@ -6727,14 +6816,14 @@ "createTime": { "target": "com.amazonaws.amplify#CreateTime", "traits": { - "smithy.api#documentation": "The create date and time for a webhook.
", + "smithy.api#documentation": "A timestamp of when Amplify created the webhook in your Git repository.
", "smithy.api#required": {} } }, "updateTime": { "target": "com.amazonaws.amplify#UpdateTime", "traits": { - "smithy.api#documentation": "Updates the date and time for a webhook.
", + "smithy.api#documentation": "A timestamp of when Amplify updated the webhook in your Git repository.
", "smithy.api#required": {} } } @@ -6776,6 +6865,9 @@ "member": { "target": "com.amazonaws.amplify#Webhook" } + }, + "com.amazonaws.amplify#webhookCreateTime": { + "type": "timestamp" } } } diff --git a/codegen/sdk/aws-models/appstream.json b/codegen/sdk/aws-models/appstream.json index f60bb59d4dd..11b0cb92d3e 100644 --- a/codegen/sdk/aws-models/appstream.json +++ b/codegen/sdk/aws-models/appstream.json @@ -8186,6 +8186,12 @@ "traits": { "smithy.api#enumValue": "RHEL8" } + }, + "ROCKY_LINUX8": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ROCKY_LINUX8" + } } } }, diff --git a/codegen/sdk/aws-models/appsync.json b/codegen/sdk/aws-models/appsync.json index 728d9ec457a..e1dbedc20bd 100644 --- a/codegen/sdk/aws-models/appsync.json +++ b/codegen/sdk/aws-models/appsync.json @@ -10207,7 +10207,8 @@ "authenticationType": { "target": "com.amazonaws.appsync#AuthenticationType", "traits": { - "smithy.api#documentation": "The new authentication type for the GraphqlApi object.
The new authentication type for the GraphqlApi object.
The timezone in which the schedule expression is set. By default, \n ScheduleExpressions are in UTC. You can modify this to a specified timezone.
" } + }, + "IndexActions": { + "target": "com.amazonaws.backup#IndexActions", + "traits": { + "smithy.api#documentation": "IndexActions is an array you use to specify how backup data should \n be indexed.
\neEach BackupRule can have 0 or 1 IndexAction, as each backup can have up \n to one index associated with it.
\nWithin the array is ResourceType. Only one will be accepted for each BackupRule.
" + } } }, "traits": { @@ -813,6 +819,12 @@ "traits": { "smithy.api#documentation": "The timezone in which the schedule expression is set. By default, \n ScheduleExpressions are in UTC. You can modify this to a specified timezone.
" } + }, + "IndexActions": { + "target": "com.amazonaws.backup#IndexActions", + "traits": { + "smithy.api#documentation": "There can up to one IndexAction in each BackupRule, as each backup \n can have 0 or 1 backup index associated with it.
\nWithin the array is ResourceTypes. Only 1 resource type will \n be accepted for each BackupRule. Valid values:
\n\n EBS for Amazon Elastic Block Store
\n S3 for Amazon Simple Storage Service (Amazon S3)
The type of vault in which the described recovery point is stored.
" } + }, + "IndexStatus": { + "target": "com.amazonaws.backup#IndexStatus", + "traits": { + "smithy.api#documentation": "This is the current status for the backup index associated with the specified recovery\n point.
\nStatuses are: PENDING | ACTIVE | FAILED |\n DELETING\n
A recovery point with an index that has the status of ACTIVE can be\n included in a search.
A string in the form of a detailed message explaining the status of a backup index\n associated with the recovery point.
" + } } }, "traits": { @@ -6717,6 +6750,124 @@ "smithy.api#output": {} } }, + "com.amazonaws.backup#GetRecoveryPointIndexDetails": { + "type": "operation", + "input": { + "target": "com.amazonaws.backup#GetRecoveryPointIndexDetailsInput" + }, + "output": { + "target": "com.amazonaws.backup#GetRecoveryPointIndexDetailsOutput" + }, + "errors": [ + { + "target": "com.amazonaws.backup#InvalidParameterValueException" + }, + { + "target": "com.amazonaws.backup#MissingParameterValueException" + }, + { + "target": "com.amazonaws.backup#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.backup#ServiceUnavailableException" + } + ], + "traits": { + "smithy.api#documentation": "This operation returns the metadata and details specific to \n the backup index associated with the specified recovery point.
", + "smithy.api#http": { + "method": "GET", + "uri": "/backup-vaults/{BackupVaultName}/recovery-points/{RecoveryPointArn}/index", + "code": 200 + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.backup#GetRecoveryPointIndexDetailsInput": { + "type": "structure", + "members": { + "BackupVaultName": { + "target": "com.amazonaws.backup#BackupVaultName", + "traits": { + "smithy.api#documentation": "The name of a logical container where backups are stored. Backup vaults are identified\n by names that are unique to the account used to create them and the Region where they are\n created.
\nAccepted characters include lowercase letters, numbers, and hyphens.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "RecoveryPointArn": { + "target": "com.amazonaws.backup#ARN", + "traits": { + "smithy.api#documentation": "An ARN that uniquely identifies a recovery point; for example,\n arn:aws:backup:us-east-1:123456789012:recovery-point:1EB3B5E7-9EB0-435A-A80B-108B488B0D45.
An ARN that uniquely identifies a recovery point; for example,\n arn:aws:backup:us-east-1:123456789012:recovery-point:1EB3B5E7-9EB0-435A-A80B-108B488B0D45.
An ARN that uniquely identifies the backup vault where the recovery \n point index is stored.
\nFor example,\n arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault.
A string of the Amazon Resource Name (ARN) that uniquely identifies \n the source resource.
" + } + }, + "IndexCreationDate": { + "target": "com.amazonaws.backup#timestamp", + "traits": { + "smithy.api#documentation": "The date and time that a backup index was created, in Unix format and Coordinated\n Universal Time (UTC). The value of CreationDate is accurate to milliseconds.\n For example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
The date and time that a backup index was deleted, in Unix format and Coordinated\n Universal Time (UTC). The value of CreationDate is accurate to milliseconds.\n For example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
The date and time that a backup index finished creation, in Unix format and Coordinated\n Universal Time (UTC). The value of CreationDate is accurate to milliseconds.\n For example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
This is the current status for the backup index associated \n with the specified recovery point.
\nStatuses are: PENDING | ACTIVE | FAILED | DELETING\n
A recovery point with an index that has the status of ACTIVE \n can be included in a search.
A detailed message explaining the status of a backup index associated \n with the recovery point.
" + } + }, + "TotalItemsIndexed": { + "target": "com.amazonaws.backup#Long", + "traits": { + "smithy.api#documentation": "Count of items within the backup index associated with the \n recovery point.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.backup#GetRecoveryPointRestoreMetadata": { "type": "operation", "input": { @@ -7133,6 +7284,140 @@ "com.amazonaws.backup#IAMRoleArn": { "type": "string" }, + "com.amazonaws.backup#Index": { + "type": "enum", + "members": { + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + }, + "DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLED" + } + } + } + }, + "com.amazonaws.backup#IndexAction": { + "type": "structure", + "members": { + "ResourceTypes": { + "target": "com.amazonaws.backup#ResourceTypes", + "traits": { + "smithy.api#documentation": "0 or 1 index action will be accepted for each BackupRule.
\nValid values:
\n\n EBS for Amazon Elastic Block Store
\n S3 for Amazon Simple Storage Service (Amazon S3)
This is an optional array within a BackupRule.
\nIndexAction consists of one ResourceTypes.
" + } + }, + "com.amazonaws.backup#IndexActions": { + "type": "list", + "member": { + "target": "com.amazonaws.backup#IndexAction" + } + }, + "com.amazonaws.backup#IndexStatus": { + "type": "enum", + "members": { + "PENDING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PENDING" + } + }, + "ACTIVE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACTIVE" + } + }, + "FAILED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FAILED" + } + }, + "DELETING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DELETING" + } + } + } + }, + "com.amazonaws.backup#IndexedRecoveryPoint": { + "type": "structure", + "members": { + "RecoveryPointArn": { + "target": "com.amazonaws.backup#ARN", + "traits": { + "smithy.api#documentation": "An ARN that uniquely identifies a recovery point; for example,\n arn:aws:backup:us-east-1:123456789012:recovery-point:1EB3B5E7-9EB0-435A-A80B-108B488B0D45\n
A string of the Amazon Resource Name (ARN) that uniquely identifies \n the source resource.
" + } + }, + "IamRoleArn": { + "target": "com.amazonaws.backup#ARN", + "traits": { + "smithy.api#documentation": "This specifies the IAM role ARN used for this operation.
\nFor example, arn:aws:iam::123456789012:role/S3Access
" + } + }, + "BackupCreationDate": { + "target": "com.amazonaws.backup#timestamp", + "traits": { + "smithy.api#documentation": "The date and time that a backup was created, in Unix format and Coordinated\n Universal Time (UTC). The value of CreationDate is accurate to milliseconds.\n For example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
The resource type of the indexed recovery point.
\n\n EBS for Amazon Elastic Block Store
\n S3 for Amazon Simple Storage Service (Amazon S3)
The date and time that a backup index was created, in Unix format and Coordinated\n Universal Time (UTC). The value of CreationDate is accurate to milliseconds.\n For example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
This is the current status for the backup index associated \n with the specified recovery point.
\nStatuses are: PENDING | ACTIVE | FAILED | DELETING\n
A recovery point with an index that has the status of ACTIVE \n can be included in a search.
A string in the form of a detailed message explaining the status of a backup index associated \n with the recovery point.
" + } + }, + "BackupVaultArn": { + "target": "com.amazonaws.backup#ARN", + "traits": { + "smithy.api#documentation": "An ARN that uniquely identifies the backup vault where the recovery \n point index is stored.
\nFor example,\n arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault.
This is a recovery point that has an associated backup index.
\nOnly recovery points with a backup index can be \n included in a search.
" + } + }, + "com.amazonaws.backup#IndexedRecoveryPointList": { + "type": "list", + "member": { + "target": "com.amazonaws.backup#IndexedRecoveryPoint" + } + }, "com.amazonaws.backup#InvalidParameterValueException": { "type": "structure", "members": { @@ -8422,6 +8707,118 @@ "smithy.api#output": {} } }, + "com.amazonaws.backup#ListIndexedRecoveryPoints": { + "type": "operation", + "input": { + "target": "com.amazonaws.backup#ListIndexedRecoveryPointsInput" + }, + "output": { + "target": "com.amazonaws.backup#ListIndexedRecoveryPointsOutput" + }, + "errors": [ + { + "target": "com.amazonaws.backup#InvalidParameterValueException" + }, + { + "target": "com.amazonaws.backup#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.backup#ServiceUnavailableException" + } + ], + "traits": { + "smithy.api#documentation": "This operation returns a list of recovery points that have an \n associated index, belonging to the specified account.
\nOptional parameters you can include are: MaxResults; \n NextToken; SourceResourceArns; CreatedBefore; CreatedAfter; \n and ResourceType.
", + "smithy.api#http": { + "method": "GET", + "uri": "/indexes/recovery-point", + "code": 200 + }, + "smithy.api#idempotent": {}, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "IndexedRecoveryPoints", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.backup#ListIndexedRecoveryPointsInput": { + "type": "structure", + "members": { + "NextToken": { + "target": "com.amazonaws.backup#string", + "traits": { + "smithy.api#documentation": "The next item following a partial list of returned recovery points.
\nFor example, if a request\n is made to return MaxResults number of indexed recovery points, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
The maximum number of resource list items to be returned.
", + "smithy.api#httpQuery": "maxResults" + } + }, + "SourceResourceArn": { + "target": "com.amazonaws.backup#ARN", + "traits": { + "smithy.api#documentation": "A string of the Amazon Resource Name (ARN) that uniquely identifies \n the source resource.
", + "smithy.api#httpQuery": "sourceResourceArn" + } + }, + "CreatedBefore": { + "target": "com.amazonaws.backup#timestamp", + "traits": { + "smithy.api#documentation": "Returns only indexed recovery points that were created before the \n specified date.
", + "smithy.api#httpQuery": "createdBefore" + } + }, + "CreatedAfter": { + "target": "com.amazonaws.backup#timestamp", + "traits": { + "smithy.api#documentation": "Returns only indexed recovery points that were created after the \n specified date.
", + "smithy.api#httpQuery": "createdAfter" + } + }, + "ResourceType": { + "target": "com.amazonaws.backup#ResourceType", + "traits": { + "smithy.api#documentation": "Returns a list of indexed recovery points for the specified \n resource type(s).
\nAccepted values include:
\n\n EBS for Amazon Elastic Block Store
\n S3 for Amazon Simple Storage Service (Amazon S3)
Include this parameter to filter the returned list by \n the indicated statuses.
\nAccepted values: PENDING | ACTIVE | FAILED | DELETING\n
A recovery point with an index that has the status of ACTIVE \n can be included in a search.
This is a list of recovery points that have an \n associated index, belonging to the specified account.
" + } + }, + "NextToken": { + "target": "com.amazonaws.backup#string", + "traits": { + "smithy.api#documentation": "The next item following a partial list of returned recovery points.
\nFor example, if a request\n is made to return MaxResults number of indexed recovery points, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
The type of vault in which the described recovery point is stored.
" } + }, + "IndexStatus": { + "target": "com.amazonaws.backup#IndexStatus", + "traits": { + "smithy.api#documentation": "This is the current status for the backup index associated \n with the specified recovery point.
\nStatuses are: PENDING | ACTIVE | FAILED |\n DELETING\n
A recovery point with an index that has the status of ACTIVE \n can be included in a search.
A string in the form of a detailed message explaining the status of a backup index associated \n with the recovery point.
" + } } }, "traits": { @@ -10397,6 +10806,18 @@ "traits": { "smithy.api#documentation": "The type of vault in which the described recovery point is \n stored.
" } + }, + "IndexStatus": { + "target": "com.amazonaws.backup#IndexStatus", + "traits": { + "smithy.api#documentation": "This is the current status for the backup index associated \n with the specified recovery point.
\nStatuses are: PENDING | ACTIVE | FAILED | DELETING\n
A recovery point with an index that has the status of ACTIVE \n can be included in a search.
A string in the form of a detailed message explaining the status of a backup index\n associated with the recovery point.
" + } } }, "traits": { @@ -11851,6 +12272,12 @@ "traits": { "smithy.api#documentation": "The backup option for a selected resource. This option is only available for\n Windows Volume Shadow Copy Service (VSS) backup jobs.
\nValid values: Set to \"WindowsVSS\":\"enabled\" to enable the\n WindowsVSS backup option and create a Windows VSS backup. Set to\n \"WindowsVSS\"\"disabled\" to create a regular backup. The\n WindowsVSS option is not enabled by default.
Include this parameter to enable index creation if your backup \n job has a resource type that supports backup indexes.
\nResource types that support backup indexes include:
\n\n EBS for Amazon Elastic Block Store
\n S3 for Amazon Simple Storage Service (Amazon S3)
Index can have 1 of 2 possible values, either ENABLED or \n DISABLED.
To create a backup index for an eligible ACTIVE recovery point \n that does not yet have a backup index, set value to ENABLED.
To delete a backup index, set value to DISABLED.
This operation updates the settings of a recovery point index.
\nRequired: BackupVaultName, RecoveryPointArn, and IAMRoleArn
", + "smithy.api#http": { + "method": "POST", + "uri": "/backup-vaults/{BackupVaultName}/recovery-points/{RecoveryPointArn}/index", + "code": 200 + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.backup#UpdateRecoveryPointIndexSettingsInput": { + "type": "structure", + "members": { + "BackupVaultName": { + "target": "com.amazonaws.backup#BackupVaultName", + "traits": { + "smithy.api#documentation": "The name of a logical container where backups are stored. Backup vaults are identified\n by names that are unique to the account used to create them and the Region where they are\n created.
\nAccepted characters include lowercase letters, numbers, and hyphens.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "RecoveryPointArn": { + "target": "com.amazonaws.backup#ARN", + "traits": { + "smithy.api#documentation": "An ARN that uniquely identifies a recovery point; for example,\n arn:aws:backup:us-east-1:123456789012:recovery-point:1EB3B5E7-9EB0-435A-A80B-108B488B0D45.
This specifies the IAM role ARN used for this operation.
\nFor example, arn:aws:iam::123456789012:role/S3Access
" + } + }, + "Index": { + "target": "com.amazonaws.backup#Index", + "traits": { + "smithy.api#documentation": "Index can have 1 of 2 possible values, either ENABLED or \n DISABLED.
To create a backup index for an eligible ACTIVE recovery point \n that does not yet have a backup index, set value to ENABLED.
To delete a backup index, set value to DISABLED.
The name of a logical container where backups are stored. Backup vaults are identified\n by names that are unique to the account used to create them and the Region where they are\n created.
" + } + }, + "RecoveryPointArn": { + "target": "com.amazonaws.backup#ARN", + "traits": { + "smithy.api#documentation": "An ARN that uniquely identifies a recovery point; for example,\n arn:aws:backup:us-east-1:123456789012:recovery-point:1EB3B5E7-9EB0-435A-A80B-108B488B0D45.
This is the current status for the backup index associated \n with the specified recovery point.
\nStatuses are: PENDING | ACTIVE | FAILED | DELETING\n
A recovery point with an index that has the status of ACTIVE \n can be included in a search.
Index can have 1 of 2 possible values, either ENABLED or\n DISABLED.
A value of ENABLED means a backup index for an eligible ACTIVE\n recovery point has been created.
A value of DISABLED means a backup index was deleted.
User does not have sufficient access to perform this action.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "You do not have sufficient access to perform this action.
", + "smithy.api#error": "client", + "smithy.api#httpError": 403 + } + }, + "com.amazonaws.backupsearch#BackupCreationTimeFilter": { + "type": "structure", + "members": { + "CreatedAfter": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "This timestamp includes recovery points only \n created after the specified time.
" + } + }, + "CreatedBefore": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "This timestamp includes recovery points only \n created before the specified time.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This filters by recovery points within the CreatedAfter \n and CreatedBefore timestamps.
" + } + }, + "com.amazonaws.backupsearch#ConflictException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Updating or deleting a resource can cause an inconsistent state.
", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Identifier of the resource affected.
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Type of the resource affected.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "This exception occurs when a conflict with a previous successful\n operation is detected. This generally occurs when the previous \n operation did not have time to propagate to the host serving the \n current request.
\nA retry (with appropriate backoff logic) is the recommended \n response to this exception.
", + "smithy.api#error": "client", + "smithy.api#httpError": 409 + } + }, + "com.amazonaws.backupsearch#CryoBackupSearchService": { + "type": "service", + "version": "2018-05-10", + "operations": [ + { + "target": "com.amazonaws.backupsearch#ListSearchJobBackups" + }, + { + "target": "com.amazonaws.backupsearch#ListSearchJobResults" + }, + { + "target": "com.amazonaws.backupsearch#ListTagsForResource" + }, + { + "target": "com.amazonaws.backupsearch#TagResource" + }, + { + "target": "com.amazonaws.backupsearch#UntagResource" + } + ], + "resources": [ + { + "target": "com.amazonaws.backupsearch#SearchJob" + }, + { + "target": "com.amazonaws.backupsearch#SearchResultExportJob" + } + ], + "errors": [ + { + "target": "com.amazonaws.backupsearch#AccessDeniedException" + }, + { + "target": "com.amazonaws.backupsearch#InternalServerException" + }, + { + "target": "com.amazonaws.backupsearch#ThrottlingException" + }, + { + "target": "com.amazonaws.backupsearch#ValidationException" + } + ], + "traits": { + "aws.api#service": { + "sdkId": "BackupSearch", + "arnNamespace": "backup-search", + "endpointPrefix": "backup-search", + "cloudTrailEventSource": "backup.amazonaws.com" + }, + "aws.auth#sigv4": { + "name": "backup-search" + }, + "aws.endpoints#dualStackOnlyEndpoints": {}, + "aws.endpoints#standardPartitionalEndpoints": { + "endpointPatternType": "service_region_dnsSuffix" + }, + "aws.protocols#restJson1": {}, + "smithy.api#cors": { + "additionalAllowedHeaders": [ + "*", + "Authorization", + "Date", + "X-Amz-Date", + "X-Amz-Security-Token", + "X-Amz-Target", + "content-type", + "x-amz-content-sha256", + "x-amz-user-agent", + "x-amzn-platform-id", + "x-amzn-trace-id" + ], + "additionalExposedHeaders": [ + "x-amzn-errortype", + "x-amzn-requestid", + "x-amzn-errormessage", + "x-amzn-trace-id", + "x-amzn-requestid", + "x-amz-apigw-id", + "date" + ] + }, + "smithy.api#documentation": "Backup Search is the recovery point and item level search for Backup.
\nFor additional information, see:
\n\n Backup API Reference\n
\nThis number is the sum of all backups that \n have been scanned so far during a search job.
" + } + }, + "ItemsScannedCount": { + "target": "smithy.api#Long", + "traits": { + "smithy.api#documentation": "This number is the sum of all items that \n have been scanned so far during a search job.
" + } + }, + "ItemsMatchedCount": { + "target": "smithy.api#Long", + "traits": { + "smithy.api#documentation": "This number is the sum of all items that match \n the item filters in a search job in progress.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This contains information results retrieved from \n a search job that may not have completed.
" + } + }, + "com.amazonaws.backupsearch#EBSItemFilter": { + "type": "structure", + "members": { + "FilePaths": { + "target": "com.amazonaws.backupsearch#StringConditionList", + "traits": { + "smithy.api#documentation": "You can include 1 to 10 values.
\nIf one file path is included, the results will \n return only items that match the file path.
\nIf more than one file path is included, the \n results will return all items that match any of the \n file paths.
" + } + }, + "Sizes": { + "target": "com.amazonaws.backupsearch#LongConditionList", + "traits": { + "smithy.api#documentation": "You can include 1 to 10 values.
\nIf one is included, the results will \n return only items that match.
\nIf more than one is included, the \n results will return all items that match any of \n the included values.
" + } + }, + "CreationTimes": { + "target": "com.amazonaws.backupsearch#TimeConditionList", + "traits": { + "smithy.api#documentation": "You can include 1 to 10 values.
\nIf one is included, the results will \n return only items that match.
\nIf more than one is included, the \n results will return all items that match any of \n the included values.
" + } + }, + "LastModificationTimes": { + "target": "com.amazonaws.backupsearch#TimeConditionList", + "traits": { + "smithy.api#documentation": "You can include 1 to 10 values.
\nIf one is included, the results will \n return only items that match.
\nIf more than one is included, the \n results will return all items that match any of \n the included values.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This contains arrays of objects, which may include \n CreationTimes time condition objects, FilePaths \n string objects, LastModificationTimes time \n condition objects,
" + } + }, + "com.amazonaws.backupsearch#EBSItemFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.backupsearch#EBSItemFilter" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 10 + } + } + }, + "com.amazonaws.backupsearch#EBSResultItem": { + "type": "structure", + "members": { + "BackupResourceArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "These are one or more items in the \n results that match values for the Amazon Resource \n Name (ARN) of recovery points returned in a search \n of Amazon EBS backup metadata.
" + } + }, + "SourceResourceArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "These are one or more items in the \n results that match values for the Amazon Resource \n Name (ARN) of source resources returned in a search \n of Amazon EBS backup metadata.
" + } + }, + "BackupVaultName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the backup vault.
" + } + }, + "FileSystemIdentifier": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "These are one or more items in the \n results that match values for file systems returned \n in a search of Amazon EBS backup metadata.
" + } + }, + "FilePath": { + "target": "com.amazonaws.backupsearch#FilePath", + "traits": { + "smithy.api#documentation": "These are one or more items in the \n results that match values for file paths returned \n in a search of Amazon EBS backup metadata.
" + } + }, + "FileSize": { + "target": "smithy.api#Long", + "traits": { + "smithy.api#documentation": "These are one or more items in the \n results that match values for file sizes returned \n in a search of Amazon EBS backup metadata.
" + } + }, + "CreationTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "These are one or more items in the \n results that match values for creation times returned \n in a search of Amazon EBS backup metadata.
" + } + }, + "LastModifiedTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "These are one or more items in the \n results that match values for Last Modified Time returned \n in a search of Amazon EBS backup metadata.
" + } + } + }, + "traits": { + "smithy.api#documentation": "These are the items returned in the results of \n a search of Amazon EBS backup metadata.
" + } + }, + "com.amazonaws.backupsearch#EncryptionKeyArn": { + "type": "string", + "traits": { + "aws.api#arnReference": { + "type": "AWS::KMS::Key" + } + } + }, + "com.amazonaws.backupsearch#ExportJobArn": { + "type": "string", + "traits": { + "aws.api#arnReference": { + "service": "com.amazonaws.backupsearch#CryoBackupSearchService" + } + } + }, + "com.amazonaws.backupsearch#ExportJobStatus": { + "type": "enum", + "members": { + "RUNNING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RUNNING" + } + }, + "FAILED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FAILED" + } + }, + "COMPLETED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "COMPLETED" + } + } + } + }, + "com.amazonaws.backupsearch#ExportJobSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.backupsearch#ExportJobSummary" + } + }, + "com.amazonaws.backupsearch#ExportJobSummary": { + "type": "structure", + "members": { + "ExportJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId", + "traits": { + "smithy.api#documentation": "This is the unique string that identifies a \n specific export job.
", + "smithy.api#required": {} + } + }, + "ExportJobArn": { + "target": "com.amazonaws.backupsearch#ExportJobArn", + "traits": { + "smithy.api#documentation": "This is the unique ARN (Amazon Resource Name) that \n belongs to the new export job.
" + } + }, + "Status": { + "target": "com.amazonaws.backupsearch#ExportJobStatus", + "traits": { + "smithy.api#documentation": "The status of the export job is one of the \n following:
\n\n CREATED; RUNNING; \n FAILED; or COMPLETED.
This is a timestamp of the time the export job \n was created.
" + } + }, + "CompletionTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "This is a timestamp of the time the export job \n compeleted.
" + } + }, + "StatusMessage": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "A status message is a string that is returned for an export\n job.
\nA status message is included for any status other \n than COMPLETED without issues.
The unique string that identifies the Amazon Resource \n Name (ARN) of the specified search job.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This is the summary of an export job.
" + } + }, + "com.amazonaws.backupsearch#ExportSpecification": { + "type": "union", + "members": { + "s3ExportSpecification": { + "target": "com.amazonaws.backupsearch#S3ExportSpecification", + "traits": { + "smithy.api#documentation": "This specifies the destination Amazon S3 \n bucket for the export job. And, if included, it also \n specifies the destination prefix.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This contains the export specification object.
" + } + }, + "com.amazonaws.backupsearch#FilePath": { + "type": "string", + "traits": { + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.backupsearch#GenericId": { + "type": "string" + }, + "com.amazonaws.backupsearch#GetSearchJob": { + "type": "operation", + "input": { + "target": "com.amazonaws.backupsearch#GetSearchJobInput" + }, + "output": { + "target": "com.amazonaws.backupsearch#GetSearchJobOutput" + }, + "errors": [ + { + "target": "com.amazonaws.backupsearch#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "This operation retrieves metadata of a search job, \n including its progress.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/search-jobs/{SearchJobIdentifier}" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.backupsearch#GetSearchJobInput": { + "type": "structure", + "members": { + "SearchJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId", + "traits": { + "smithy.api#documentation": "Required unique string that specifies the \n search job.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#GetSearchJobOutput": { + "type": "structure", + "members": { + "Name": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Returned name of the specified search job.
" + } + }, + "SearchScopeSummary": { + "target": "com.amazonaws.backupsearch#SearchScopeSummary", + "traits": { + "smithy.api#documentation": "Returned summary of the specified search job scope, \n including:\n
\nTotalBackupsToScanCount, the number of \n recovery points returned by the search.
\nTotalItemsToScanCount, the number of \n items returned by the search.
\nReturns numbers representing BackupsScannedCount, \n ItemsScanned, and ItemsMatched.
" + } + }, + "StatusMessage": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "A status message will be returned for either a \n earch job with a status of ERRORED or a status of \n COMPLETED jobs with issues.
For example, a message may say that a search \n contained recovery points unable to be scanned because \n of a permissions issue.
" + } + }, + "EncryptionKeyArn": { + "target": "com.amazonaws.backupsearch#EncryptionKeyArn", + "traits": { + "smithy.api#documentation": "The encryption key for the specified \n search job.
\nExample: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.
The date and time that a search job completed, in Unix format and Coordinated\n Universal Time (UTC). The value of CompletionTime is accurate to milliseconds.\n For example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
The current status of the specified search job.
\nA search job may have one of the following statuses: \n RUNNING; COMPLETED; STOPPED; \n FAILED; TIMED_OUT; or EXPIRED\n .
The search scope is all backup \n properties input into a search.
", + "smithy.api#required": {} + } + }, + "ItemFilters": { + "target": "com.amazonaws.backupsearch#ItemFilters", + "traits": { + "smithy.api#documentation": "Item Filters represent all input item \n properties specified when the search was \n created.
", + "smithy.api#required": {} + } + }, + "CreationTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The date and time that a search job was created, in Unix format and Coordinated\n Universal Time (UTC). The value of CompletionTime is accurate to milliseconds.\n For example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
The unique string that identifies the specified search job.
", + "smithy.api#required": {} + } + }, + "SearchJobArn": { + "target": "com.amazonaws.backupsearch#SearchJobArn", + "traits": { + "smithy.api#documentation": "The unique string that identifies the Amazon Resource \n Name (ARN) of the specified search job.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.backupsearch#GetSearchResultExportJob": { + "type": "operation", + "input": { + "target": "com.amazonaws.backupsearch#GetSearchResultExportJobInput" + }, + "output": { + "target": "com.amazonaws.backupsearch#GetSearchResultExportJobOutput" + }, + "errors": [ + { + "target": "com.amazonaws.backupsearch#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "This operation retrieves the metadata of an export job.
\nAn export job is an operation that transmits the results \n of a search job to a specified S3 bucket in a \n .csv file.
\nAn export job allows you to retain results of a search \n beyond the search job's scheduled retention of 7 days.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/export-search-jobs/{ExportJobIdentifier}" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.backupsearch#GetSearchResultExportJobInput": { + "type": "structure", + "members": { + "ExportJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId", + "traits": { + "smithy.api#documentation": "This is the unique string that identifies a \n specific export job.
\nRequired for this operation.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#GetSearchResultExportJobOutput": { + "type": "structure", + "members": { + "ExportJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId", + "traits": { + "smithy.api#documentation": "This is the unique string that identifies the \n specified export job.
", + "smithy.api#required": {} + } + }, + "ExportJobArn": { + "target": "com.amazonaws.backupsearch#ExportJobArn", + "traits": { + "smithy.api#documentation": "The unique Amazon Resource Name (ARN) that uniquely identifies \n the export job.
" + } + }, + "Status": { + "target": "com.amazonaws.backupsearch#ExportJobStatus", + "traits": { + "smithy.api#documentation": "This is the current status of the export job.
" + } + }, + "CreationTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The date and time that an export job was created, in Unix format and Coordinated Universal\n Time (UTC). The value of CreationTime is accurate to milliseconds. For\n example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
The date and time that an export job completed, in Unix format and Coordinated Universal\n Time (UTC). The value of CreationTime is accurate to milliseconds. For\n example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
A status message is a string that is returned for search job \n with a status of FAILED, along with steps to remedy \n and retry the operation.
The export specification consists of the destination \n S3 bucket to which the search results were exported, along \n with the destination prefix.
" + } + }, + "SearchJobArn": { + "target": "com.amazonaws.backupsearch#SearchJobArn", + "traits": { + "smithy.api#documentation": "The unique string that identifies the Amazon Resource \n Name (ARN) of the specified search job.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.backupsearch#IamRoleArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 20, + "max": 2048 + }, + "smithy.api#pattern": "^arn:(?:aws|aws-cn|aws-us-gov):iam::[a-z0-9-]+:role/(.+)$" + } + }, + "com.amazonaws.backupsearch#InternalServerException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Unexpected error during processing of request.
", + "smithy.api#required": {} + } + }, + "retryAfterSeconds": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "Retry the call after number of seconds.
", + "smithy.api#httpHeader": "Retry-After" + } + } + }, + "traits": { + "smithy.api#documentation": "An internal server error occurred. Retry your request.
", + "smithy.api#error": "server", + "smithy.api#httpError": 500, + "smithy.api#retryable": {} + } + }, + "com.amazonaws.backupsearch#ItemFilters": { + "type": "structure", + "members": { + "S3ItemFilters": { + "target": "com.amazonaws.backupsearch#S3ItemFilters", + "traits": { + "smithy.api#documentation": "This array can contain CreationTimes, ETags, \n ObjectKeys, Sizes, or VersionIds objects.
" + } + }, + "EBSItemFilters": { + "target": "com.amazonaws.backupsearch#EBSItemFilters", + "traits": { + "smithy.api#documentation": "This array can contain CreationTimes, \n FilePaths, LastModificationTimes, or Sizes objects.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Item Filters represent all input item \n properties specified when the search was \n created.
\nContains either EBSItemFilters or \n S3ItemFilters
" + } + }, + "com.amazonaws.backupsearch#ListSearchJobBackups": { + "type": "operation", + "input": { + "target": "com.amazonaws.backupsearch#ListSearchJobBackupsInput" + }, + "output": { + "target": "com.amazonaws.backupsearch#ListSearchJobBackupsOutput" + }, + "errors": [ + { + "target": "com.amazonaws.backupsearch#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "This operation returns a list of all backups (recovery \n points) in a paginated format that were included in \n the search job.
\nIf a search does not display an expected backup in \n the results, you can call this operation to display each \n backup included in the search. Any backups that were not \n included because they have a FAILED status \n from a permissions issue will be displayed, along with a \n status message.
Only recovery points with a backup index that has \n a status of ACTIVE will be included in search results. \n If the index has any other status, its status will be \n displayed along with a status message.
The unique string that specifies the search job.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The next item following a partial list of returned backups \n included in a search job.
\nFor example, if a request\n is made to return MaxResults number of backups, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
The maximum number of resource list items to be returned.
", + "smithy.api#httpQuery": "maxResults", + "smithy.api#range": { + "min": 1, + "max": 1000 + } + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#ListSearchJobBackupsOutput": { + "type": "structure", + "members": { + "Results": { + "target": "com.amazonaws.backupsearch#SearchJobBackupsResults", + "traits": { + "smithy.api#documentation": "The recovery points returned the results of a \n search job
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The next item following a partial list of returned backups \n included in a search job.
\nFor example, if a request\n is made to return MaxResults number of backups, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
This operation returns a list of a specified search job.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/search-jobs/{SearchJobIdentifier}/search-results" + }, + "smithy.api#paginated": { + "items": "Results" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.backupsearch#ListSearchJobResultsInput": { + "type": "structure", + "members": { + "SearchJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId", + "traits": { + "smithy.api#documentation": "The unique string that specifies the search job.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The next item following a partial list of returned \n search job results.
\nFor example, if a request\n is made to return MaxResults number of \n search job results, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
The maximum number of resource list items to be returned.
", + "smithy.api#httpQuery": "maxResults", + "smithy.api#range": { + "min": 1, + "max": 1000 + } + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#ListSearchJobResultsOutput": { + "type": "structure", + "members": { + "Results": { + "target": "com.amazonaws.backupsearch#Results", + "traits": { + "smithy.api#documentation": "The results consist of either EBSResultItem or S3ResultItem.
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The next item following a partial list of \n search job results.
\nFor example, if a request\n is made to return MaxResults number of backups, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
This operation returns a list of search jobs belonging \n to an account.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/search-jobs" + }, + "smithy.api#paginated": { + "items": "SearchJobs" + }, + "smithy.api#readonly": {}, + "smithy.test#smokeTests": [ + { + "id": "ListSearchJobsSuccess", + "params": {}, + "expect": { + "success": {} + }, + "vendorParamsShape": "aws.test#AwsVendorParams", + "vendorParams": { + "region": "us-east-1" + } + } + ] + } + }, + "com.amazonaws.backupsearch#ListSearchJobsInput": { + "type": "structure", + "members": { + "ByStatus": { + "target": "com.amazonaws.backupsearch#SearchJobState", + "traits": { + "smithy.api#documentation": "Include this parameter to filter list by search \n job status.
", + "smithy.api#httpQuery": "Status", + "smithy.api#notProperty": {} + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The next item following a partial list of returned \n search jobs.
\nFor example, if a request\n is made to return MaxResults number of backups, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
The maximum number of resource list items to be returned.
", + "smithy.api#httpQuery": "MaxResults", + "smithy.api#notProperty": {}, + "smithy.api#range": { + "min": 1, + "max": 1000 + } + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#ListSearchJobsOutput": { + "type": "structure", + "members": { + "SearchJobs": { + "target": "com.amazonaws.backupsearch#SearchJobs", + "traits": { + "smithy.api#documentation": "The search jobs among the list, with details of \n the returned search jobs.
", + "smithy.api#notProperty": {}, + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The next item following a partial list of returned backups \n included in a search job.
\nFor example, if a request\n is made to return MaxResults number of backups, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
This operation exports search results of a search job \n to a specified destination S3 bucket.
", + "smithy.api#http": { + "code": 200, + "method": "GET", + "uri": "/export-search-jobs" + }, + "smithy.api#paginated": { + "items": "ExportJobs" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.backupsearch#ListSearchResultExportJobsInput": { + "type": "structure", + "members": { + "Status": { + "target": "com.amazonaws.backupsearch#ExportJobStatus", + "traits": { + "smithy.api#documentation": "The search jobs to be included in the export job \n can be filtered by including this parameter.
", + "smithy.api#httpQuery": "Status", + "smithy.api#notProperty": {} + } + }, + "SearchJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId", + "traits": { + "smithy.api#documentation": "The unique string that specifies the search job.
", + "smithy.api#httpQuery": "SearchJobIdentifier", + "smithy.api#notProperty": {} + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The next item following a partial list of returned backups \n included in a search job.
\nFor example, if a request\n is made to return MaxResults number of backups, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
The maximum number of resource list items to be returned.
", + "smithy.api#httpQuery": "MaxResults", + "smithy.api#notProperty": {}, + "smithy.api#range": { + "min": 1, + "max": 1000 + } + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#ListSearchResultExportJobsOutput": { + "type": "structure", + "members": { + "ExportJobs": { + "target": "com.amazonaws.backupsearch#ExportJobSummaries", + "traits": { + "smithy.api#documentation": "The operation returns the included export jobs.
", + "smithy.api#notProperty": {}, + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The next item following a partial list of returned backups \n included in a search job.
\nFor example, if a request\n is made to return MaxResults number of backups, NextToken\n allows you to return more items in your list starting at the location pointed to by the\n next token.
This operation returns the tags for a resource type.
", + "smithy.api#http": { + "uri": "/tags/{ResourceArn}", + "method": "GET" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.backupsearch#ListTagsForResourceRequest": { + "type": "structure", + "members": { + "ResourceArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) that uniquely identifies \n the resource.>
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#ListTagsForResourceResponse": { + "type": "structure", + "members": { + "Tags": { + "target": "com.amazonaws.backupsearch#TagMap", + "traits": { + "smithy.api#documentation": "List of tags returned by the operation.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.backupsearch#LongCondition": { + "type": "structure", + "members": { + "Value": { + "target": "smithy.api#Long", + "traits": { + "smithy.api#documentation": "The value of an item included in one of the search \n item filters.
", + "smithy.api#required": {} + } + }, + "Operator": { + "target": "com.amazonaws.backupsearch#LongConditionOperator", + "traits": { + "smithy.api#default": "EQUALS_TO", + "smithy.api#documentation": "A string that defines what values will be \n returned.
\nIf this is included, avoid combinations of \n operators that will return all possible values. \n For example, including both EQUALS_TO \n and NOT_EQUALS_TO with a value of 4 \n will return all values.
The long condition contains a Value \n and can optionally contain an Operator.
Request references a resource which does not exist.
", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Hypothetical identifier of the resource affected.
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Hypothetical type of the resource affected.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The resource was not found for this request.
\nConfirm the resource information, such as the ARN or type is correct \n and exists, then retry the request.
", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, + "com.amazonaws.backupsearch#ResourceType": { + "type": "enum", + "members": { + "S3": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3" + } + }, + "EBS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EBS" + } + } + } + }, + "com.amazonaws.backupsearch#ResourceTypeList": { + "type": "list", + "member": { + "target": "com.amazonaws.backupsearch#ResourceType" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, + "com.amazonaws.backupsearch#ResultItem": { + "type": "union", + "members": { + "S3ResultItem": { + "target": "com.amazonaws.backupsearch#S3ResultItem", + "traits": { + "smithy.api#documentation": "These are items returned in the search results \n of an Amazon S3 search.
" + } + }, + "EBSResultItem": { + "target": "com.amazonaws.backupsearch#EBSResultItem", + "traits": { + "smithy.api#documentation": "These are items returned in the search results \n of an Amazon EBS search.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This is an object representing the item \n returned in the results of a search for a specific \n resource type.
" + } + }, + "com.amazonaws.backupsearch#Results": { + "type": "list", + "member": { + "target": "com.amazonaws.backupsearch#ResultItem" + } + }, + "com.amazonaws.backupsearch#S3ExportSpecification": { + "type": "structure", + "members": { + "DestinationBucket": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "This specifies the destination Amazon S3 \n bucket for the export job.
", + "smithy.api#required": {} + } + }, + "DestinationPrefix": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "This specifies the prefix for the destination \n Amazon S3 bucket for the export job.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This specification contains a required string of the \n destination bucket; optionally, you can include the \n destination prefix.
" + } + }, + "com.amazonaws.backupsearch#S3ItemFilter": { + "type": "structure", + "members": { + "ObjectKeys": { + "target": "com.amazonaws.backupsearch#StringConditionList", + "traits": { + "smithy.api#documentation": "You can include 1 to 10 values.
\nIf one value is included, the results will \n return only items that match the value.
\nIf more than one value is included, the \n results will return all items that match any of the \n values.
" + } + }, + "Sizes": { + "target": "com.amazonaws.backupsearch#LongConditionList", + "traits": { + "smithy.api#documentation": "You can include 1 to 10 values.
\nIf one value is included, the results will \n return only items that match the value.
\nIf more than one value is included, the \n results will return all items that match any of the \n values.
" + } + }, + "CreationTimes": { + "target": "com.amazonaws.backupsearch#TimeConditionList", + "traits": { + "smithy.api#documentation": "You can include 1 to 10 values.
\nIf one value is included, the results will \n return only items that match the value.
\nIf more than one value is included, the \n results will return all items that match any of the \n values.
" + } + }, + "VersionIds": { + "target": "com.amazonaws.backupsearch#StringConditionList", + "traits": { + "smithy.api#documentation": "You can include 1 to 10 values.
\nIf one value is included, the results will \n return only items that match the value.
\nIf more than one value is included, the \n results will return all items that match any of the \n values.
" + } + }, + "ETags": { + "target": "com.amazonaws.backupsearch#StringConditionList", + "traits": { + "smithy.api#documentation": "You can include 1 to 10 values.
\nIf one value is included, the results will \n return only items that match the value.
\nIf more than one value is included, the \n results will return all items that match any of the \n values.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This contains arrays of objects, which may include \n ObjectKeys, Sizes, CreationTimes, VersionIds, and/or \n Etags.
" + } + }, + "com.amazonaws.backupsearch#S3ItemFilters": { + "type": "list", + "member": { + "target": "com.amazonaws.backupsearch#S3ItemFilter" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 10 + } + } + }, + "com.amazonaws.backupsearch#S3ResultItem": { + "type": "structure", + "members": { + "BackupResourceArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "These are items in the returned results that match \n recovery point Amazon Resource Names (ARN) input during \n a search of Amazon S3 backup metadata.
" + } + }, + "SourceResourceArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "These are items in the returned results that match \n source Amazon Resource Names (ARN) input during \n a search of Amazon S3 backup metadata.
" + } + }, + "BackupVaultName": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The name of the backup vault.
" + } + }, + "ObjectKey": { + "target": "com.amazonaws.backupsearch#ObjectKey", + "traits": { + "smithy.api#documentation": "This is one or more items \n returned in the results of a search of Amazon S3 \n backup metadata that match the values input for \n object key.
" + } + }, + "ObjectSize": { + "target": "smithy.api#Long", + "traits": { + "smithy.api#documentation": "These are items in the returned results that match \n values for object size(s) input during a search of \n Amazon S3 backup metadata.
" + } + }, + "CreationTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "These are one or more items in the returned results \n that match values for item creation time input during \n a search of Amazon S3 backup metadata.
" + } + }, + "ETag": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "These are one or more items in the returned results \n that match values for ETags input during \n a search of Amazon S3 backup metadata.
" + } + }, + "VersionId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "These are one or more items in the returned results \n that match values for version IDs input during \n a search of Amazon S3 backup metadata.
" + } + } + }, + "traits": { + "smithy.api#documentation": "These are the items returned in the results of \n a search of Amazon S3 backup metadata.
" + } + }, + "com.amazonaws.backupsearch#SearchJob": { + "type": "resource", + "identifiers": { + "SearchJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId" + } + }, + "properties": { + "Status": { + "target": "com.amazonaws.backupsearch#SearchJobState" + }, + "Name": { + "target": "smithy.api#String" + }, + "EncryptionKeyArn": { + "target": "com.amazonaws.backupsearch#EncryptionKeyArn" + }, + "SearchScope": { + "target": "com.amazonaws.backupsearch#SearchScope" + }, + "ItemFilters": { + "target": "com.amazonaws.backupsearch#ItemFilters" + }, + "CreationTime": { + "target": "smithy.api#Timestamp" + }, + "CompletionTime": { + "target": "smithy.api#Timestamp" + }, + "SearchScopeSummary": { + "target": "com.amazonaws.backupsearch#SearchScopeSummary" + }, + "CurrentSearchProgress": { + "target": "com.amazonaws.backupsearch#CurrentSearchProgress" + }, + "StatusMessage": { + "target": "smithy.api#String" + }, + "ClientToken": { + "target": "smithy.api#String" + }, + "Tags": { + "target": "com.amazonaws.backupsearch#TagMap" + }, + "SearchJobArn": { + "target": "com.amazonaws.backupsearch#SearchJobArn" + } + }, + "create": { + "target": "com.amazonaws.backupsearch#StartSearchJob" + }, + "read": { + "target": "com.amazonaws.backupsearch#GetSearchJob" + }, + "update": { + "target": "com.amazonaws.backupsearch#StopSearchJob" + }, + "list": { + "target": "com.amazonaws.backupsearch#ListSearchJobs" + } + }, + "com.amazonaws.backupsearch#SearchJobArn": { + "type": "string", + "traits": { + "aws.api#arnReference": { + "service": "com.amazonaws.backupsearch#CryoBackupSearchService" + } + } + }, + "com.amazonaws.backupsearch#SearchJobBackupsResult": { + "type": "structure", + "members": { + "Status": { + "target": "com.amazonaws.backupsearch#SearchJobState", + "traits": { + "smithy.api#documentation": "This is the status of the search job backup result.
" + } + }, + "StatusMessage": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "This is the status message included with the results.
" + } + }, + "ResourceType": { + "target": "com.amazonaws.backupsearch#ResourceType", + "traits": { + "smithy.api#documentation": "This is the resource type of the search.
" + } + }, + "BackupResourceArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) that uniquely identifies \n the backup resources.
" + } + }, + "SourceResourceArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) that uniquely identifies \n the source resources.
" + } + }, + "IndexCreationTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "This is the creation time of the backup index.
" + } + }, + "BackupCreationTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "This is the creation time of the backup (recovery point).
" + } + } + }, + "traits": { + "smithy.api#documentation": "This contains the information about recovery \n points returned in results of a search job.
" + } + }, + "com.amazonaws.backupsearch#SearchJobBackupsResults": { + "type": "list", + "member": { + "target": "com.amazonaws.backupsearch#SearchJobBackupsResult" + } + }, + "com.amazonaws.backupsearch#SearchJobState": { + "type": "enum", + "members": { + "RUNNING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RUNNING" + } + }, + "COMPLETED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "COMPLETED" + } + }, + "STOPPING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "STOPPING" + } + }, + "STOPPED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "STOPPED" + } + }, + "FAILED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FAILED" + } + } + } + }, + "com.amazonaws.backupsearch#SearchJobSummary": { + "type": "structure", + "members": { + "SearchJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId", + "traits": { + "smithy.api#documentation": "The unique string that specifies the search job.
" + } + }, + "SearchJobArn": { + "target": "com.amazonaws.backupsearch#SearchJobArn", + "traits": { + "smithy.api#documentation": "The unique string that identifies the Amazon Resource \n Name (ARN) of the specified search job.
" + } + }, + "Name": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "This is the name of the search job.
" + } + }, + "Status": { + "target": "com.amazonaws.backupsearch#SearchJobState", + "traits": { + "smithy.api#documentation": "This is the status of the search job.
" + } + }, + "CreationTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "This is the creation time of the search job.
" + } + }, + "CompletionTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "This is the completion time of the search job.
" + } + }, + "SearchScopeSummary": { + "target": "com.amazonaws.backupsearch#SearchScopeSummary", + "traits": { + "smithy.api#documentation": "Returned summary of the specified search job scope, \n including:\n
\nTotalBackupsToScanCount, the number of \n recovery points returned by the search.
\nTotalItemsToScanCount, the number of \n items returned by the search.
\nA status message will be returned for either a \n earch job with a status of ERRORED or a status of \n COMPLETED jobs with issues.
For example, a message may say that a search \n contained recovery points unable to be scanned because \n of a permissions issue.
" + } + } + }, + "traits": { + "smithy.api#documentation": "This is information pertaining to a search job.
" + } + }, + "com.amazonaws.backupsearch#SearchJobs": { + "type": "list", + "member": { + "target": "com.amazonaws.backupsearch#SearchJobSummary" + } + }, + "com.amazonaws.backupsearch#SearchResultExportJob": { + "type": "resource", + "identifiers": { + "ExportJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId" + } + }, + "properties": { + "ExportJobArn": { + "target": "com.amazonaws.backupsearch#ExportJobArn" + }, + "SearchJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId" + }, + "SearchJobArn": { + "target": "com.amazonaws.backupsearch#SearchJobArn" + }, + "Status": { + "target": "com.amazonaws.backupsearch#ExportJobStatus" + }, + "StatusMessage": { + "target": "smithy.api#String" + }, + "CreationTime": { + "target": "smithy.api#Timestamp" + }, + "CompletionTime": { + "target": "smithy.api#Timestamp" + }, + "ExportSpecification": { + "target": "com.amazonaws.backupsearch#ExportSpecification" + }, + "ClientToken": { + "target": "smithy.api#String" + }, + "Tags": { + "target": "com.amazonaws.backupsearch#TagMap" + }, + "RoleArn": { + "target": "com.amazonaws.backupsearch#IamRoleArn" + } + }, + "create": { + "target": "com.amazonaws.backupsearch#StartSearchResultExportJob" + }, + "read": { + "target": "com.amazonaws.backupsearch#GetSearchResultExportJob" + }, + "list": { + "target": "com.amazonaws.backupsearch#ListSearchResultExportJobs" + } + }, + "com.amazonaws.backupsearch#SearchScope": { + "type": "structure", + "members": { + "BackupResourceTypes": { + "target": "com.amazonaws.backupsearch#ResourceTypeList", + "traits": { + "smithy.api#documentation": "The resource types included in a search.
\nEligible resource types include S3 and EBS.
", + "smithy.api#required": {} + } + }, + "BackupResourceCreationTime": { + "target": "com.amazonaws.backupsearch#BackupCreationTimeFilter", + "traits": { + "smithy.api#documentation": "This is the time a backup resource was created.
" + } + }, + "SourceResourceArns": { + "target": "com.amazonaws.backupsearch#ResourceArnList", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) that uniquely identifies \n the source resources.
" + } + }, + "BackupResourceArns": { + "target": "com.amazonaws.backupsearch#RecoveryPointArnList", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) that uniquely identifies \n the backup resources.
" + } + }, + "BackupResourceTags": { + "target": "com.amazonaws.backupsearch#TagMap", + "traits": { + "smithy.api#documentation": "These are one or more tags on the backup (recovery \n point).
" + } + } + }, + "traits": { + "smithy.api#documentation": "The search scope is all backup \n properties input into a search.
" + } + }, + "com.amazonaws.backupsearch#SearchScopeSummary": { + "type": "structure", + "members": { + "TotalRecoveryPointsToScanCount": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "This is the count of the total number of backups \n that will be scanned in a search.
" + } + }, + "TotalItemsToScanCount": { + "target": "smithy.api#Long", + "traits": { + "smithy.api#documentation": "This is the count of the total number of items \n that will be scanned in a search.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The summary of the specified search job scope, \n including:\n
\nTotalBackupsToScanCount, the number of \n recovery points returned by the search.
\nTotalItemsToScanCount, the number of \n items returned by the search.
\nThis request was not successful due to a service quota exceeding limits.
", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Identifier of the resource.
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Type of resource.
", + "smithy.api#required": {} + } + }, + "serviceCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "This is the code unique to the originating service with the quota.
", + "smithy.api#required": {} + } + }, + "quotaCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "This is the code specific to the quota type.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The request denied due to exceeding the quota limits permitted.
", + "smithy.api#error": "client", + "smithy.api#httpError": 402 + } + }, + "com.amazonaws.backupsearch#StartSearchJob": { + "type": "operation", + "input": { + "target": "com.amazonaws.backupsearch#StartSearchJobInput" + }, + "output": { + "target": "com.amazonaws.backupsearch#StartSearchJobOutput" + }, + "errors": [ + { + "target": "com.amazonaws.backupsearch#ConflictException" + }, + { + "target": "com.amazonaws.backupsearch#ServiceQuotaExceededException" + } + ], + "traits": { + "smithy.api#documentation": "This operation creates a search job which returns \n recovery points filtered by SearchScope and items \n filtered by ItemFilters.
\nYou can optionally include ClientToken, \n EncryptionKeyArn, Name, and/or Tags.
", + "smithy.api#http": { + "code": 200, + "method": "PUT", + "uri": "/search-jobs" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.backupsearch#StartSearchJobInput": { + "type": "structure", + "members": { + "Tags": { + "target": "com.amazonaws.backupsearch#TagMap", + "traits": { + "smithy.api#documentation": "List of tags returned by the operation.
" + } + }, + "Name": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Include alphanumeric characters to create a \n name for this search job.
", + "smithy.api#length": { + "max": 500 + } + } + }, + "EncryptionKeyArn": { + "target": "com.amazonaws.backupsearch#EncryptionKeyArn", + "traits": { + "smithy.api#documentation": "The encryption key for the specified \n search job.
" + } + }, + "ClientToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Include this parameter to allow multiple identical \n calls for idempotency.
\nA client token is valid for 8 hours after the first \n request that uses it is completed. After this time,\n any request with the same token is treated as a \n new request.
" + } + }, + "SearchScope": { + "target": "com.amazonaws.backupsearch#SearchScope", + "traits": { + "smithy.api#documentation": "This object can contain BackupResourceTypes, \n BackupResourceArns, BackupResourceCreationTime, \n BackupResourceTags, and SourceResourceArns to \n filter the recovery points returned by the search \n job.
", + "smithy.api#required": {} + } + }, + "ItemFilters": { + "target": "com.amazonaws.backupsearch#ItemFilters", + "traits": { + "smithy.api#documentation": "Item Filters represent all input item \n properties specified when the search was \n created.
\nContains either EBSItemFilters or \n S3ItemFilters
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#StartSearchJobOutput": { + "type": "structure", + "members": { + "SearchJobArn": { + "target": "com.amazonaws.backupsearch#SearchJobArn", + "traits": { + "smithy.api#documentation": "The unique string that identifies the Amazon Resource \n Name (ARN) of the specified search job.
" + } + }, + "CreationTime": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The date and time that a job was created, in Unix format and Coordinated\n Universal Time (UTC). The value of CompletionTime is accurate to milliseconds.\n For example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.
The unique string that specifies the search job.
", + "smithy.api#notProperty": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.backupsearch#StartSearchResultExportJob": { + "type": "operation", + "input": { + "target": "com.amazonaws.backupsearch#StartSearchResultExportJobInput" + }, + "output": { + "target": "com.amazonaws.backupsearch#StartSearchResultExportJobOutput" + }, + "errors": [ + { + "target": "com.amazonaws.backupsearch#ConflictException" + }, + { + "target": "com.amazonaws.backupsearch#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.backupsearch#ServiceQuotaExceededException" + } + ], + "traits": { + "smithy.api#documentation": "This operations starts a job to export the results \n of search job to a designated S3 bucket.
", + "smithy.api#http": { + "code": 200, + "method": "PUT", + "uri": "/export-search-jobs" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.backupsearch#StartSearchResultExportJobInput": { + "type": "structure", + "members": { + "SearchJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId", + "traits": { + "smithy.api#documentation": "The unique string that specifies the search job.
", + "smithy.api#required": {} + } + }, + "ExportSpecification": { + "target": "com.amazonaws.backupsearch#ExportSpecification", + "traits": { + "smithy.api#documentation": "This specification contains a required string of the \n destination bucket; optionally, you can include the \n destination prefix.
", + "smithy.api#required": {} + } + }, + "ClientToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Include this parameter to allow multiple identical \n calls for idempotency.
\nA client token is valid for 8 hours after the first \n request that uses it is completed. After this time,\n any request with the same token is treated as a \n new request.
" + } + }, + "Tags": { + "target": "com.amazonaws.backupsearch#TagMap", + "traits": { + "smithy.api#documentation": "Optional tags to include. A tag is a key-value pair you can use to manage, \n filter, and search for your resources. Allowed characters include UTF-8 letters, \n numbers, spaces, and the following characters: + - = . _ : /.
" + } + }, + "RoleArn": { + "target": "com.amazonaws.backupsearch#IamRoleArn", + "traits": { + "smithy.api#documentation": "This parameter specifies the role ARN used to start \n the search results export jobs.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#StartSearchResultExportJobOutput": { + "type": "structure", + "members": { + "ExportJobArn": { + "target": "com.amazonaws.backupsearch#ExportJobArn", + "traits": { + "smithy.api#documentation": "This is the unique ARN (Amazon Resource Name) that \n belongs to the new export job.
" + } + }, + "ExportJobIdentifier": { + "target": "com.amazonaws.backupsearch#GenericId", + "traits": { + "smithy.api#documentation": "This is the unique identifier that \n specifies the new export job.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.backupsearch#StopSearchJob": { + "type": "operation", + "input": { + "target": "com.amazonaws.backupsearch#StopSearchJobInput" + }, + "output": { + "target": "com.amazonaws.backupsearch#StopSearchJobOutput" + }, + "errors": [ + { + "target": "com.amazonaws.backupsearch#ConflictException" + }, + { + "target": "com.amazonaws.backupsearch#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "This operations ends a search job.
\nOnly a search job with a status of RUNNING \n can be stopped.
The unique string that specifies the search job.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#StopSearchJobOutput": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.backupsearch#StringCondition": { + "type": "structure", + "members": { + "Value": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The value of the string.
", + "smithy.api#required": {} + } + }, + "Operator": { + "target": "com.amazonaws.backupsearch#StringConditionOperator", + "traits": { + "smithy.api#default": "EQUALS_TO", + "smithy.api#documentation": "A string that defines what values will be \n returned.
\nIf this is included, avoid combinations of \n operators that will return all possible values. \n For example, including both EQUALS_TO \n and NOT_EQUALS_TO with a value of 4 \n will return all values.
This contains the value of the string and can contain \n one or more operators.
" + } + }, + "com.amazonaws.backupsearch#StringConditionList": { + "type": "list", + "member": { + "target": "com.amazonaws.backupsearch#StringCondition" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 10 + } + } + }, + "com.amazonaws.backupsearch#StringConditionOperator": { + "type": "enum", + "members": { + "EQUALS_TO": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EQUALS_TO" + } + }, + "NOT_EQUALS_TO": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NOT_EQUALS_TO" + } + }, + "CONTAINS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CONTAINS" + } + }, + "DOES_NOT_CONTAIN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DOES_NOT_CONTAIN" + } + }, + "BEGINS_WITH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "BEGINS_WITH" + } + }, + "ENDS_WITH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENDS_WITH" + } + }, + "DOES_NOT_BEGIN_WITH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DOES_NOT_BEGIN_WITH" + } + }, + "DOES_NOT_END_WITH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DOES_NOT_END_WITH" + } + } + } + }, + "com.amazonaws.backupsearch#TagKeys": { + "type": "list", + "member": { + "target": "smithy.api#String" + } + }, + "com.amazonaws.backupsearch#TagMap": { + "type": "map", + "key": { + "target": "smithy.api#String" + }, + "value": { + "target": "smithy.api#String" + }, + "traits": { + "smithy.api#sparse": {} + } + }, + "com.amazonaws.backupsearch#TagResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.backupsearch#TagResourceRequest" + }, + "output": { + "target": "com.amazonaws.backupsearch#TagResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.backupsearch#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "This operation puts tags on the resource you indicate.
", + "smithy.api#http": { + "uri": "/tags/{ResourceArn}", + "method": "POST" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.backupsearch#TagResourceRequest": { + "type": "structure", + "members": { + "ResourceArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) that uniquely identifies \n the resource.
\nThis is the resource that will have the indicated tags.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "Tags": { + "target": "com.amazonaws.backupsearch#TagMap", + "traits": { + "smithy.api#documentation": "Required tags to include. A tag is a key-value pair you can use to manage, \n filter, and search for your resources. Allowed characters include UTF-8 letters, \n numbers, spaces, and the following characters: + - = . _ : /.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#TagResourceResponse": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.backupsearch#ThrottlingException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "Request was unsuccessful due to request throttling.
", + "smithy.api#required": {} + } + }, + "serviceCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "This is the code unique to the originating service.
" + } + }, + "quotaCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "This is the code unique to the originating service with the quota.
" + } + }, + "retryAfterSeconds": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "Retry the call after number of seconds.
", + "smithy.api#httpHeader": "Retry-After" + } + } + }, + "traits": { + "smithy.api#documentation": "The request was denied due to request throttling.
", + "smithy.api#error": "client", + "smithy.api#httpError": 429, + "smithy.api#retryable": { + "throttling": true + } + } + }, + "com.amazonaws.backupsearch#TimeCondition": { + "type": "structure", + "members": { + "Value": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "This is the timestamp value of the time condition.
", + "smithy.api#required": {} + } + }, + "Operator": { + "target": "com.amazonaws.backupsearch#TimeConditionOperator", + "traits": { + "smithy.api#default": "EQUALS_TO", + "smithy.api#documentation": "A string that defines what values will be \n returned.
\nIf this is included, avoid combinations of \n operators that will return all possible values. \n For example, including both EQUALS_TO \n and NOT_EQUALS_TO with a value of 4 \n will return all values.
A time condition denotes a creation time, last modification time, \n or other time.
" + } + }, + "com.amazonaws.backupsearch#TimeConditionList": { + "type": "list", + "member": { + "target": "com.amazonaws.backupsearch#TimeCondition" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 10 + } + } + }, + "com.amazonaws.backupsearch#TimeConditionOperator": { + "type": "enum", + "members": { + "EQUALS_TO": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EQUALS_TO" + } + }, + "NOT_EQUALS_TO": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NOT_EQUALS_TO" + } + }, + "LESS_THAN_EQUAL_TO": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LESS_THAN_EQUAL_TO" + } + }, + "GREATER_THAN_EQUAL_TO": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "GREATER_THAN_EQUAL_TO" + } + } + } + }, + "com.amazonaws.backupsearch#UntagResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.backupsearch#UntagResourceRequest" + }, + "output": { + "target": "com.amazonaws.backupsearch#UntagResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.backupsearch#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "This operation removes tags from the specified resource.
", + "smithy.api#http": { + "uri": "/tags/{ResourceArn}", + "method": "DELETE" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.backupsearch#UntagResourceRequest": { + "type": "structure", + "members": { + "ResourceArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) that uniquely identifies \n the resource where you want to remove tags.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "TagKeys": { + "target": "com.amazonaws.backupsearch#TagKeys", + "traits": { + "smithy.api#documentation": "This required parameter contains the tag keys you \n want to remove from the source.
", + "smithy.api#httpQuery": "tagKeys", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.backupsearch#UntagResourceResponse": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.backupsearch#ValidationException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "The input fails to satisfy the constraints specified by an Amazon service.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The input fails to satisfy the constraints specified by a service.
", + "smithy.api#error": "client", + "smithy.api#httpError": 400 + } + } + } +} \ No newline at end of file diff --git a/codegen/sdk/aws-models/batch.json b/codegen/sdk/aws-models/batch.json index b7de037903c..7319b98ad97 100644 --- a/codegen/sdk/aws-models/batch.json +++ b/codegen/sdk/aws-models/batch.json @@ -1810,27 +1810,27 @@ "allocationStrategy": { "target": "com.amazonaws.batch#CRAllocationStrategy", "traits": { - "smithy.api#documentation": "The allocation strategy to use for the compute resource if not enough instances of the best\n fitting instance type can be allocated. This might be because of availability of the instance\n type in the Region or Amazon EC2 service limits. For more\n information, see Allocation strategies in the Batch User Guide.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nBatch selects an instance type that best fits the needs of the jobs with a preference\n for the lowest-cost instance type. If additional instances of the selected instance type\n aren't available, Batch waits for the additional instances to be available. If there aren't\n enough instances available or the user is reaching Amazon EC2 service limits,\n additional jobs aren't run until the currently running jobs are completed. This allocation\n strategy keeps costs lower but can limit scaling. If you're using Spot Fleets with\n BEST_FIT, the Spot Fleet IAM Role must be specified. Compute resources that use\n a BEST_FIT allocation strategy don't support infrastructure updates and can't\n update some parameters. For more information, see Updating compute environments in\n the Batch User Guide.
Batch selects additional instance types that are large enough to meet the requirements\n of the jobs in the queue. Its preference is for instance types with lower cost vCPUs. If\n additional instances of the previously selected instance types aren't available, Batch\n selects new instance types.
\nBatch selects one or more instance types that are large enough to meet the requirements\n of the jobs in the queue. Its preference is for instance types that are less likely to be\n interrupted. This allocation strategy is only available for Spot Instance compute\n resources.
\nThe price and capacity optimized allocation strategy looks at both price and capacity to\n select the Spot Instance pools that are the least likely to be interrupted and have the lowest\n possible price. This allocation strategy is only available for Spot Instance compute\n resources.
\nWith BEST_FIT_PROGRESSIVE,SPOT_CAPACITY_OPTIMIZED and\n SPOT_PRICE_CAPACITY_OPTIMIZED\n (recommended) strategies using On-Demand or Spot Instances, and the\n BEST_FIT strategy using Spot Instances, Batch might need to exceed\n maxvCpus to meet your capacity requirements. In this event, Batch never exceeds\n maxvCpus by more than a single instance.
The allocation strategy to use for the compute resource if not enough instances of the best\n fitting instance type can be allocated. This might be because of availability of the instance\n type in the Region or Amazon EC2 service limits. For more\n information, see Allocation strategies in the Batch User Guide.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nBatch selects an instance type that best fits the needs of the jobs with a preference\n for the lowest-cost instance type. If additional instances of the selected instance type\n aren't available, Batch waits for the additional instances to be available. If there aren't\n enough instances available or the user is reaching Amazon EC2 service limits,\n additional jobs aren't run until the currently running jobs are completed. This allocation\n strategy keeps costs lower but can limit scaling. If you're using Spot Fleets with\n BEST_FIT, the Spot Fleet IAM Role must be specified. Compute resources that use\n a BEST_FIT allocation strategy don't support infrastructure updates and can't\n update some parameters. For more information, see Updating compute environments in\n the Batch User Guide.
Batch selects additional instance types that are large enough to meet the requirements\n of the jobs in the queue. Its preference is for instance types with lower cost vCPUs. If\n additional instances of the previously selected instance types aren't available, Batch\n selects new instance types.
\nBatch selects one or more instance types that are large enough to meet the requirements\n of the jobs in the queue. Its preference is for instance types that are less likely to be\n interrupted. This allocation strategy is only available for Spot Instance compute\n resources.
\nThe price and capacity optimized allocation strategy looks at both price and capacity to\n select the Spot Instance pools that are the least likely to be interrupted and have the lowest\n possible price. This allocation strategy is only available for Spot Instance compute\n resources.
\nWith BEST_FIT_PROGRESSIVE,SPOT_CAPACITY_OPTIMIZED and\n SPOT_PRICE_CAPACITY_OPTIMIZED (recommended) strategies using On-Demand or Spot \n Instances, and the BEST_FIT strategy using Spot Instances, Batch might need to \n exceed maxvCpus to meet your capacity requirements. In this event, Batch never \n exceeds maxvCpus by more than a single instance.
The minimum number of\n vCPUs that\n a\n compute\n environment should maintain (even if the compute environment is DISABLED).
This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe minimum number of vCPUs that a compute environment should maintain (even if the compute \n environment is DISABLED).
This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe maximum number of\n vCPUs that a\n compute environment can\n support.
\nWith BEST_FIT_PROGRESSIVE,SPOT_CAPACITY_OPTIMIZED and\n SPOT_PRICE_CAPACITY_OPTIMIZED\n (recommended) strategies using On-Demand or Spot Instances, and the\n BEST_FIT strategy using Spot Instances, Batch might need to exceed\n maxvCpus to meet your capacity requirements. In this event, Batch never exceeds\n maxvCpus by more than a single instance.
The maximum number of vCPUs that a compute environment can support.
\nWith BEST_FIT_PROGRESSIVE,SPOT_CAPACITY_OPTIMIZED and\n SPOT_PRICE_CAPACITY_OPTIMIZED (recommended) strategies using On-Demand or Spot Instances, \n and the BEST_FIT strategy using Spot Instances, Batch might need to exceed\n maxvCpus to meet your capacity requirements. In this event, Batch never exceeds\n maxvCpus by more than a single instance.
The desired number of\n vCPUS in the\n compute environment. Batch modifies this value between the minimum and maximum values based on\n job queue demand.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe desired number of vCPUS in the compute environment. Batch modifies this value between \n the minimum and maximum values based on job queue demand.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe maximum percentage that a Spot Instance price can be when compared with the On-Demand\n price for that instance type before instances are launched. For example, if your maximum\n percentage is 20%, then the Spot price must be less than 20% of the current On-Demand price for\n that Amazon EC2 instance. You always pay the lowest (market) price and never more than your maximum\n percentage. If you leave this field empty, the default value is 100% of the On-Demand\n price. For most use cases,\n we recommend leaving this field empty.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe maximum percentage that a Spot Instance price can be when compared with the On-Demand\n price for that instance type before instances are launched. For example, if your maximum\n percentage is 20%, then the Spot price must be less than 20% of the current On-Demand price for\n that Amazon EC2 instance. You always pay the lowest (market) price and never more than your maximum\n percentage. If you leave this field empty, the default value is 100% of the On-Demand\n price. For most use cases, we recommend leaving this field empty.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe minimum number of\n vCPUs that\n an environment should maintain (even if the compute environment is DISABLED).
This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe minimum number of vCPUs that an environment should maintain (even if the compute environment \n is DISABLED).
This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe maximum number of Amazon EC2 vCPUs that an environment can reach.
\nWith BEST_FIT_PROGRESSIVE,SPOT_CAPACITY_OPTIMIZED and\n SPOT_PRICE_CAPACITY_OPTIMIZED\n (recommended) strategies using On-Demand or Spot Instances, and the\n BEST_FIT strategy using Spot Instances, Batch might need to exceed\n maxvCpus to meet your capacity requirements. In this event, Batch never exceeds\n maxvCpus by more than a single instance.
The maximum number of Amazon EC2 vCPUs that an environment can reach.
\nWith BEST_FIT_PROGRESSIVE,SPOT_CAPACITY_OPTIMIZED and\n SPOT_PRICE_CAPACITY_OPTIMIZED (recommended) strategies using On-Demand or Spot \n Instances, and the BEST_FIT strategy using Spot Instances, Batch might need to \n exceed maxvCpus to meet your capacity requirements. In this event, Batch never \n exceeds maxvCpus by more than a single instance.
The desired number of\n vCPUS in the\n compute environment. Batch modifies this value between the minimum and maximum values based on\n job queue demand.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nBatch doesn't support changing the desired number of vCPUs of an existing compute\n environment. Don't specify this parameter for compute environments using Amazon EKS clusters.
\nWhen you update the desiredvCpus setting, the value must be between the\n minvCpus and maxvCpus values.
Additionally, the updated desiredvCpus value must be greater than or equal to\n the current desiredvCpus value. For more information, see Troubleshooting\n Batch in the Batch User Guide.
The desired number of vCPUS in the compute environment. Batch modifies this value between \n the minimum and maximum values based on job queue demand.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nBatch doesn't support changing the desired number of vCPUs of an existing compute\n environment. Don't specify this parameter for compute environments using Amazon EKS clusters.
\nWhen you update the desiredvCpus setting, the value must be between the\n minvCpus and maxvCpus values.
Additionally, the updated desiredvCpus value must be greater than or equal to\n the current desiredvCpus value. For more information, see Troubleshooting\n Batch in the Batch User Guide.
The allocation strategy to use for the compute resource if there's not enough instances of\n the best fitting instance type that can be allocated. This might be because of availability of\n the instance type in the Region or Amazon EC2 service limits. For more\n information, see Allocation strategies in the Batch User Guide.
\nWhen updating a compute environment, changing the allocation strategy requires an\n infrastructure update of the compute environment. For more information, see Updating compute\n environments in the Batch User Guide. BEST_FIT isn't\n supported when updating a compute environment.
This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nBatch selects additional instance types that are large enough to meet the requirements\n of the jobs in the queue. Its preference is for instance types with lower cost vCPUs. If\n additional instances of the previously selected instance types aren't available, Batch\n selects new instance types.
\nBatch selects one or more instance types that are large enough to meet the requirements\n of the jobs in the queue. Its preference is for instance types that are less likely to be\n interrupted. This allocation strategy is only available for Spot Instance compute\n resources.
\nThe price and capacity optimized allocation strategy looks at both price and capacity to\n select the Spot Instance pools that are the least likely to be interrupted and have the lowest\n possible price. This allocation strategy is only available for Spot Instance compute\n resources.
\nWith BEST_FIT_PROGRESSIVE,SPOT_CAPACITY_OPTIMIZED and\n SPOT_PRICE_CAPACITY_OPTIMIZED\n (recommended) strategies using On-Demand or Spot Instances, and the\n BEST_FIT strategy using Spot Instances, Batch might need to exceed\n maxvCpus to meet your capacity requirements. In this event, Batch never exceeds\n maxvCpus by more than a single instance.
The allocation strategy to use for the compute resource if there's not enough instances of\n the best fitting instance type that can be allocated. This might be because of availability of\n the instance type in the Region or Amazon EC2 service limits. For more\n information, see Allocation strategies in the Batch User Guide.
\nWhen updating a compute environment, changing the allocation strategy requires an\n infrastructure update of the compute environment. For more information, see Updating compute\n environments in the Batch User Guide. BEST_FIT isn't\n supported when updating a compute environment.
This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nBatch selects additional instance types that are large enough to meet the requirements\n of the jobs in the queue. Its preference is for instance types with lower cost vCPUs. If\n additional instances of the previously selected instance types aren't available, Batch\n selects new instance types.
\nBatch selects one or more instance types that are large enough to meet the requirements\n of the jobs in the queue. Its preference is for instance types that are less likely to be\n interrupted. This allocation strategy is only available for Spot Instance compute\n resources.
\nThe price and capacity optimized allocation strategy looks at both price and capacity to\n select the Spot Instance pools that are the least likely to be interrupted and have the lowest\n possible price. This allocation strategy is only available for Spot Instance compute\n resources.
\nWith BEST_FIT_PROGRESSIVE,SPOT_CAPACITY_OPTIMIZED and\n SPOT_PRICE_CAPACITY_OPTIMIZED (recommended) strategies using On-Demand or Spot Instances, \n and the BEST_FIT strategy using Spot Instances, Batch might need to exceed\n maxvCpus to meet your capacity requirements. In this event, Batch never exceeds\n maxvCpus by more than a single instance.
The Amazon ECS instance profile applied to Amazon EC2 instances in a compute environment.\n Required for Amazon EC2\n instances. You can specify the short name or full Amazon Resource Name (ARN) of an instance\n profile. For example, \n ecsInstanceRole\n or\n arn:aws:iam::.\n For more information, see Amazon ECS instance role in the Batch User Guide.
When updating a compute environment, changing this setting requires an infrastructure update\n of the compute environment. For more information, see Updating compute environments in the\n Batch User Guide.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe Amazon ECS instance profile applied to Amazon EC2 instances in a compute environment.\n Required for Amazon EC2 instances. You can specify the short name or full Amazon Resource Name (ARN) of an instance\n profile. For example, \n ecsInstanceRole\n or\n arn:aws:iam::.\n For more information, see Amazon ECS instance role in the Batch User Guide.
When updating a compute environment, changing this setting requires an infrastructure update\n of the compute environment. For more information, see Updating compute environments in the\n Batch User Guide.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe maximum percentage that a Spot Instance price can be when compared with the On-Demand\n price for that instance type before instances are launched. For example, if your maximum\n percentage is 20%, the Spot price must be less than 20% of the current On-Demand price for that\n Amazon EC2 instance. You always pay the lowest (market) price and never more than your maximum\n percentage. For most use\n cases, we recommend leaving this field empty.
\nWhen updating a compute environment, changing the bid percentage requires an infrastructure\n update of the compute environment. For more information, see Updating compute environments in the\n Batch User Guide.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe maximum percentage that a Spot Instance price can be when compared with the On-Demand\n price for that instance type before instances are launched. For example, if your maximum\n percentage is 20%, the Spot price must be less than 20% of the current On-Demand price for that\n Amazon EC2 instance. You always pay the lowest (market) price and never more than your maximum\n percentage. For most use cases, we recommend leaving this field empty.
\nWhen updating a compute environment, changing the bid percentage requires an infrastructure\n update of the compute environment. For more information, see Updating compute environments in the\n Batch User Guide.
\nThis parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.
\nThe Amazon Resource Name (ARN) of the\n execution\n role that Batch can assume. For more information,\n see Batch execution IAM\n role in the Batch User Guide.
" + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the execution role that Batch can assume. For more information,\n see Batch execution IAM\n role in the Batch User Guide.
" } }, "volumes": { @@ -2263,7 +2263,7 @@ "image": { "target": "com.amazonaws.batch#String", "traits": { - "smithy.api#documentation": "Required.\n The image used to start a container. This string is passed directly to the\n Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are\n specified with\n \n repository-url/image:tag\n .\n It can be 255 characters long. It can contain uppercase and lowercase letters, numbers,\n hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to Image in the\n Create a container section of the Docker Remote API and the IMAGE\n parameter of docker run.
Docker image architecture must match the processor architecture of the compute resources\n that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based\n compute resources.
\nImages in Amazon ECR Public repositories use the full registry/repository[:tag] or\n registry/repository[@digest] naming conventions. For example,\n public.ecr.aws/registry_alias/my-web-app:latest\n .
Images in Amazon ECR repositories use the full registry and repository URI (for example,\n 123456789012.dkr.ecr.).
Images in official repositories on Docker Hub use a single name (for example,\n ubuntu or mongo).
Images in other repositories on Docker Hub are qualified with an organization name (for\n example, amazon/amazon-ecs-agent).
Images in other online repositories are qualified further by a domain name (for example,\n quay.io/assemblyline/ubuntu).
Required. The image used to start a container. This string is passed directly to the\n Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are\n specified with\n \n repository-url/image:tag\n .\n It can be 255 characters long. It can contain uppercase and lowercase letters, numbers,\n hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to Image in the\n Create a container section of the Docker Remote API and the IMAGE\n parameter of docker run.
Docker image architecture must match the processor architecture of the compute resources\n that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based\n compute resources.
\nImages in Amazon ECR Public repositories use the full registry/repository[:tag] or\n registry/repository[@digest] naming conventions. For example,\n public.ecr.aws/registry_alias/my-web-app:latest\n .
Images in Amazon ECR repositories use the full registry and repository URI (for example,\n 123456789012.dkr.ecr.).
Images in official repositories on Docker Hub use a single name (for example,\n ubuntu or mongo).
Images in other repositories on Docker Hub are qualified with an organization name (for\n example, amazon/amazon-ecs-agent).
Images in other online repositories are qualified further by a domain name (for example,\n quay.io/assemblyline/ubuntu).
Container properties are used\n for\n Amazon ECS based job definitions. These properties to describe the container that's\n launched as part of a job.
" + "smithy.api#documentation": "Container properties are used for Amazon ECS based job definitions. These properties to describe the \n container that's launched as part of a job.
" } }, "com.amazonaws.batch#ContainerSummary": { @@ -2446,7 +2446,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates an Batch compute environment. You can create MANAGED or\n UNMANAGED compute environments. MANAGED compute environments can\n use Amazon EC2 or Fargate resources. UNMANAGED compute environments can only use\n EC2 resources.
In a managed compute environment, Batch manages the capacity and instance types of the\n compute resources within the environment. This is based on the compute resource specification\n that you define or the launch template that you\n specify when you create the compute environment. Either, you can choose to use EC2 On-Demand\n Instances and EC2 Spot Instances. Or, you can use Fargate and Fargate Spot capacity in\n your managed compute environment. You can optionally set a maximum price so that Spot\n Instances only launch when the Spot Instance price is less than a specified percentage of the\n On-Demand price.
\nMulti-node parallel jobs aren't supported on Spot Instances.
\nIn an unmanaged compute environment, you can manage your own EC2 compute resources and\n have flexibility with how you configure your compute resources. For example, you can use\n custom AMIs. However, you must verify that each of your AMIs meet the Amazon ECS container instance\n AMI specification. For more information, see container instance AMIs in the\n Amazon Elastic Container Service Developer Guide. After you created your unmanaged compute environment,\n you can use the DescribeComputeEnvironments operation to find the Amazon ECS\n cluster that's associated with it. Then, launch your container instances into that Amazon ECS\n cluster. For more information, see Launching an Amazon ECS container\n instance in the Amazon Elastic Container Service Developer Guide.
\nTo create a compute environment that uses EKS resources, the caller must have\n permissions to call eks:DescribeCluster.
Batch doesn't automatically upgrade the AMIs in a compute environment after it's\n created. For example, it also doesn't update the AMIs in your compute environment when a\n newer version of the Amazon ECS optimized AMI is available. You're responsible for the management\n of the guest operating system. This includes any updates and security patches. You're also\n responsible for any additional application software or utilities that you install on the\n compute resources. There are two ways to use a new AMI for your Batch jobs. The original\n method is to complete these steps:
\nCreate a new compute environment with the new AMI.
\nAdd the compute environment to an existing job queue.
\nRemove the earlier compute environment from your job queue.
\nDelete the earlier compute environment.
\nIn April 2022, Batch added enhanced support for updating compute environments. For\n more information, see Updating compute environments.\n To use the enhanced updating of compute environments to update AMIs, follow these\n rules:
\nEither don't set the service role (serviceRole) parameter or set it to\n the AWSBatchServiceRole service-linked role.
Set the allocation strategy (allocationStrategy) parameter to\n BEST_FIT_PROGRESSIVE, SPOT_CAPACITY_OPTIMIZED, or\n SPOT_PRICE_CAPACITY_OPTIMIZED.
Set the update to latest image version (updateToLatestImageVersion)\n parameter to\n true.\n The updateToLatestImageVersion parameter is used when you update a compute\n environment. This parameter is ignored when you create a compute\n environment.
Don't specify an AMI ID in imageId, imageIdOverride (in\n \n ec2Configuration\n ), or in the launch template\n (launchTemplate). In that case, Batch selects the latest Amazon ECS\n optimized AMI that's supported by Batch at the time the infrastructure update is\n initiated. Alternatively, you can specify the AMI ID in the imageId or\n imageIdOverride parameters, or the launch template identified by the\n LaunchTemplate properties. Changing any of these properties starts an\n infrastructure update. If the AMI ID is specified in the launch template, it can't be\n replaced by specifying an AMI ID in either the imageId or\n imageIdOverride parameters. It can only be replaced by specifying a\n different launch template, or if the launch template version is set to\n $Default or $Latest, by setting either a new default version\n for the launch template (if $Default) or by adding a new version to the\n launch template (if $Latest).
If these rules are followed, any update that starts an infrastructure update causes the\n AMI ID to be re-selected. If the version setting in the launch template\n (launchTemplate) is set to $Latest or $Default, the\n latest or default version of the launch template is evaluated up at the time of the\n infrastructure update, even if the launchTemplate wasn't updated.
Creates an Batch compute environment. You can create MANAGED or\n UNMANAGED compute environments. MANAGED compute environments can\n use Amazon EC2 or Fargate resources. UNMANAGED compute environments can only use\n EC2 resources.
In a managed compute environment, Batch manages the capacity and instance types of the\n compute resources within the environment. This is based on the compute resource specification\n that you define or the launch template that you\n specify when you create the compute environment. Either, you can choose to use EC2 On-Demand\n Instances and EC2 Spot Instances. Or, you can use Fargate and Fargate Spot capacity in\n your managed compute environment. You can optionally set a maximum price so that Spot\n Instances only launch when the Spot Instance price is less than a specified percentage of the\n On-Demand price.
\nMulti-node parallel jobs aren't supported on Spot Instances.
\nIn an unmanaged compute environment, you can manage your own EC2 compute resources and\n have flexibility with how you configure your compute resources. For example, you can use\n custom AMIs. However, you must verify that each of your AMIs meet the Amazon ECS container instance\n AMI specification. For more information, see container instance AMIs in the\n Amazon Elastic Container Service Developer Guide. After you created your unmanaged compute environment,\n you can use the DescribeComputeEnvironments operation to find the Amazon ECS\n cluster that's associated with it. Then, launch your container instances into that Amazon ECS\n cluster. For more information, see Launching an Amazon ECS container\n instance in the Amazon Elastic Container Service Developer Guide.
\nTo create a compute environment that uses EKS resources, the caller must have\n permissions to call eks:DescribeCluster.
Batch doesn't automatically upgrade the AMIs in a compute environment after it's\n created. For example, it also doesn't update the AMIs in your compute environment when a\n newer version of the Amazon ECS optimized AMI is available. You're responsible for the management\n of the guest operating system. This includes any updates and security patches. You're also\n responsible for any additional application software or utilities that you install on the\n compute resources. There are two ways to use a new AMI for your Batch jobs. The original\n method is to complete these steps:
\nCreate a new compute environment with the new AMI.
\nAdd the compute environment to an existing job queue.
\nRemove the earlier compute environment from your job queue.
\nDelete the earlier compute environment.
\nIn April 2022, Batch added enhanced support for updating compute environments. For\n more information, see Updating compute environments.\n To use the enhanced updating of compute environments to update AMIs, follow these\n rules:
\nEither don't set the service role (serviceRole) parameter or set it to\n the AWSBatchServiceRole service-linked role.
Set the allocation strategy (allocationStrategy) parameter to\n BEST_FIT_PROGRESSIVE, SPOT_CAPACITY_OPTIMIZED, or\n SPOT_PRICE_CAPACITY_OPTIMIZED.
Set the update to latest image version (updateToLatestImageVersion)\n parameter to true. The updateToLatestImageVersion parameter \n is used when you update a compute environment. This parameter is ignored when you create \n a compute environment.
Don't specify an AMI ID in imageId, imageIdOverride (in\n \n ec2Configuration\n ), or in the launch template\n (launchTemplate). In that case, Batch selects the latest Amazon ECS\n optimized AMI that's supported by Batch at the time the infrastructure update is\n initiated. Alternatively, you can specify the AMI ID in the imageId or\n imageIdOverride parameters, or the launch template identified by the\n LaunchTemplate properties. Changing any of these properties starts an\n infrastructure update. If the AMI ID is specified in the launch template, it can't be\n replaced by specifying an AMI ID in either the imageId or\n imageIdOverride parameters. It can only be replaced by specifying a\n different launch template, or if the launch template version is set to\n $Default or $Latest, by setting either a new default version\n for the launch template (if $Default) or by adding a new version to the\n launch template (if $Latest).
If these rules are followed, any update that starts an infrastructure update causes the\n AMI ID to be re-selected. If the version setting in the launch template\n (launchTemplate) is set to $Latest or $Default, the\n latest or default version of the launch template is evaluated up at the time of the\n infrastructure update, even if the launchTemplate wasn't updated.
The properties for a task definition that describes the container and volume definitions of\n an Amazon ECS task. You can specify which Docker images to use, the required resources, and other\n configurations related to launching the task definition through an Amazon ECS service or task.
" } }, + "com.amazonaws.batch#EksAnnotationsMap": { + "type": "map", + "key": { + "target": "com.amazonaws.batch#String" + }, + "value": { + "target": "com.amazonaws.batch#String" + } + }, "com.amazonaws.batch#EksAttemptContainerDetail": { "type": "structure", "members": { @@ -4420,6 +4429,12 @@ "smithy.api#documentation": "The path on the container where the volume is mounted.
" } }, + "subPath": { + "target": "com.amazonaws.batch#String", + "traits": { + "smithy.api#documentation": "A sub-path inside the referenced volume instead of its root.
" + } + }, "readOnly": { "target": "com.amazonaws.batch#Boolean", "traits": { @@ -4503,10 +4518,44 @@ "traits": { "smithy.api#documentation": "Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63\n uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be\n added or modified at any time. Each resource can have multiple labels, but each key must be\n unique for a given object.
" } + }, + "annotations": { + "target": "com.amazonaws.batch#EksAnnotationsMap", + "traits": { + "smithy.api#documentation": "Key-value pairs used to attach arbitrary, non-identifying metadata to Kubernetes objects. \n Valid annotation keys have two segments: an optional prefix and a name, separated by a \n slash (/).
\nThe prefix is optional and must be 253 characters or less. If specified, the prefix \n must be a DNS subdomain− a series of DNS labels separated by dots (.), and it must \n end with a slash (/).
\nThe name segment is required and must be 63 characters or less. It can include alphanumeric \n characters ([a-z0-9A-Z]), dashes (-), underscores (_), and dots (.), but must begin and end \n with an alphanumeric character.
\nAnnotation values must be 255 characters or less.
\nAnnotations can be added or modified at any time. Each resource can have multiple annotations.
" + } + }, + "namespace": { + "target": "com.amazonaws.batch#String", + "traits": { + "smithy.api#documentation": "The namespace of the Amazon EKS cluster. In Kubernetes, namespaces provide a mechanism for isolating \n groups of resources within a single cluster. Names of resources need to be unique within a namespace, \n but not across namespaces. Batch places Batch Job pods in this namespace. If this field is provided, \n the value can't be empty or null. It must meet the following requirements:
\n1-63 characters long
\nCan't be set to default
\nCan't start with kube\n
Must match the following regular expression:\n ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$\n
\n For more information, see \n Namespaces in the Kubernetes documentation. This namespace can be \n different from the kubernetesNamespace set in the compute environment's \n EksConfiguration, but must have identical role-based access control (RBAC) roles as \n the compute environment's kubernetesNamespace. For multi-node parallel jobs,\n the same value must be provided across all the node ranges.
Describes and uniquely identifies Kubernetes resources. For example, the compute environment that\n a pod runs in or the jobID for a job running in the pod. For more information, see\n Understanding Kubernetes Objects in the Kubernetes documentation.
Describes and uniquely identifies Kubernetes resources. For example, the compute environment that\n a pod runs in or the jobID for a job running in the pod. For more information, see\n \n Understanding Kubernetes Objects in the Kubernetes documentation.
The name of the persistentVolumeClaim bounded to a persistentVolume. \n For more information, see \n Persistent Volume Claims in the Kubernetes documentation.
An optional boolean value indicating if the mount is read only. Default is false. For more\n information, see \n Read Only Mounts in the Kubernetes documentation.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A persistentVolumeClaim volume is used to mount a PersistentVolume\n into a Pod. PersistentVolumeClaims are a way for users to \"claim\" durable storage without knowing \n the details of the particular cloud environment. See the information about PersistentVolumes\n in the Kubernetes documentation.
Metadata about the\n Kubernetes\n pod. For\n more information, see Understanding Kubernetes Objects in the Kubernetes\n documentation.
" + "smithy.api#documentation": "Metadata about the Kubernetes pod. For more information, see Understanding Kubernetes Objects in the Kubernetes\n documentation.
" } }, "shareProcessNamespace": { @@ -4663,7 +4712,7 @@ "metadata": { "target": "com.amazonaws.batch#EksMetadata", "traits": { - "smithy.api#documentation": "Metadata about the\n overrides for the container that's used on the Amazon EKS pod.
" + "smithy.api#documentation": "Metadata about the overrides for the container that's used on the Amazon EKS pod.
" } } }, @@ -4772,6 +4821,12 @@ "traits": { "smithy.api#documentation": "Specifies the configuration of a Kubernetes secret volume. For more information, see\n secret in the\n Kubernetes documentation.
Specifies the configuration of a Kubernetes persistentVolumeClaim bounded to a \n persistentVolume. For more information, see \n Persistent Volume Claims in the Kubernetes documentation.
Contains a glob pattern to match against the StatusReason returned for a job.\n The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.),\n colons (:), and white spaces (including spaces or tabs).\n It can\n optionally end with an asterisk (*) so that only the start of the string needs to be an exact\n match.
Contains a glob pattern to match against the StatusReason returned for a job.\n The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.),\n colons (:), and white spaces (including spaces or tabs). It can optionally end with an asterisk (*) \n so that only the start of the string needs to be an exact match.
The operating system for the compute environment.\n Valid values are:\n LINUX (default), WINDOWS_SERVER_2019_CORE,\n WINDOWS_SERVER_2019_FULL, WINDOWS_SERVER_2022_CORE, and\n WINDOWS_SERVER_2022_FULL.
The following parameters can’t be set for Windows containers: linuxParameters,\n privileged, user, ulimits,\n readonlyRootFilesystem,\n and efsVolumeConfiguration.
The Batch Scheduler checks\n the compute environments\n that are attached to the job queue before registering a task definition with\n Fargate. In this\n scenario, the job queue is where the job is submitted. If the job requires a\n Windows container and the first compute environment is LINUX, the compute\n environment is skipped and the next compute environment is checked until a Windows-based compute\n environment is found.
Fargate Spot is not supported for\n ARM64 and\n Windows-based containers on Fargate. A job queue will be blocked if a\n Fargate\n ARM64 or\n Windows job is submitted to a job queue with only Fargate Spot compute environments.\n However, you can attach both FARGATE and\n FARGATE_SPOT compute environments to the same job queue.
The operating system for the compute environment. Valid values are:\n LINUX (default), WINDOWS_SERVER_2019_CORE,\n WINDOWS_SERVER_2019_FULL, WINDOWS_SERVER_2022_CORE, and\n WINDOWS_SERVER_2022_FULL.
The following parameters can’t be set for Windows containers: linuxParameters,\n privileged, user, ulimits,\n readonlyRootFilesystem, and efsVolumeConfiguration.
The Batch Scheduler checks the compute environments that are attached to the job queue before \n registering a task definition with Fargate. In this scenario, the job queue is where the job is \n submitted. If the job requires a Windows container and the first compute environment is LINUX, \n the compute environment is skipped and the next compute environment is checked until a Windows-based \n compute environment is found.
Fargate Spot is not supported for ARM64 and Windows-based containers on Fargate. \n A job queue will be blocked if a Fargate ARM64 or Windows job is submitted to a job \n queue with only Fargate Spot compute environments. However, you can attach both FARGATE and\n FARGATE_SPOT compute environments to the same job queue.
The vCPU architecture. The default value is X86_64. Valid values are\n X86_64 and ARM64.
This parameter must be set to\n X86_64\n for Windows containers.
Fargate Spot is not supported for ARM64 and Windows-based containers on\n Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is\n submitted to a job queue with only Fargate Spot compute environments. However, you can attach\n both FARGATE and FARGATE_SPOT compute environments to the same job\n queue.
The vCPU architecture. The default value is X86_64. Valid values are\n X86_64 and ARM64.
This parameter must be set to X86_64 for Windows containers.
Fargate Spot is not supported for ARM64 and Windows-based containers on\n Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is\n submitted to a job queue with only Fargate Spot compute environments. However, you can attach\n both FARGATE and FARGATE_SPOT compute environments to the same job\n queue.
The scheduling priority for the job. This only affects jobs in job queues with a fair\n share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower\n scheduling priority.\n This\n overrides any scheduling priority in the job definition and works only within a single share\n identifier.
\nThe minimum supported value is 0 and the maximum supported value is 9999.
" + "smithy.api#documentation": "The scheduling priority for the job. This only affects jobs in job queues with a fair\n share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower\n scheduling priority. This overrides any scheduling priority in the job definition and works only \n within a single share identifier.
\nThe minimum supported value is 0 and the maximum supported value is 9999.
" } }, "arrayProperties": { diff --git a/codegen/sdk/aws-models/bcm-pricing-calculator.json b/codegen/sdk/aws-models/bcm-pricing-calculator.json index e1576c97812..5e283231c20 100644 --- a/codegen/sdk/aws-models/bcm-pricing-calculator.json +++ b/codegen/sdk/aws-models/bcm-pricing-calculator.json @@ -3737,6 +3737,9 @@ "target": "com.amazonaws.bcmpricingcalculator#DeleteBillEstimateResponse" }, "errors": [ + { + "target": "com.amazonaws.bcmpricingcalculator#ConflictException" + }, { "target": "com.amazonaws.bcmpricingcalculator#DataUnavailableException" } diff --git a/codegen/sdk/aws-models/bedrock-agent-runtime.json b/codegen/sdk/aws-models/bedrock-agent-runtime.json index 9cea6ed60e1..2627baf336f 100644 --- a/codegen/sdk/aws-models/bedrock-agent-runtime.json +++ b/codegen/sdk/aws-models/bedrock-agent-runtime.json @@ -225,7 +225,7 @@ "parentActionGroupSignature": { "target": "com.amazonaws.bedrockagentruntime#ActionGroupSignature", "traits": { - "smithy.api#documentation": "\n To allow your agent to request the user for additional information when trying to complete a task, set this field to AMAZON.UserInput. \n You must leave the description, apiSchema, and actionGroupExecutor fields blank for this action group.\n
To allow your agent to generate, run, and troubleshoot code when trying to complete a task, set this field to AMAZON.CodeInterpreter. You must \n leave the description, apiSchema, and actionGroupExecutor fields blank for this action group.
During orchestration, if your agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request,\n it will invoke this action group instead and return an Observation reprompting the user for more information.
" + "smithy.api#documentation": "\n To allow your agent to request the user for additional information when trying to complete a task, set this field to AMAZON.UserInput. \n You must leave the description, apiSchema, and actionGroupExecutor fields blank for this action group.\n
To allow your agent to generate, run, and troubleshoot code when trying to complete a task, set this field to AMAZON.CodeInterpreter. You must \n leave the description, apiSchema, and actionGroupExecutor fields blank for this action group.
During orchestration, if your agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request,\n it will invoke this action group instead and return an Observation reprompting the user for more information.
" } }, "actionGroupExecutor": { @@ -1279,10 +1279,10 @@ "smithy.api#documentation": "Controls the API operations or functions to invoke based on the user confirmation.
" } }, - "responseBody": { - "target": "com.amazonaws.bedrockagentruntime#ResponseBody", + "responseState": { + "target": "com.amazonaws.bedrockagentruntime#ResponseState", "traits": { - "smithy.api#documentation": "The response body from the API operation. The key of the object is the content type (currently, only TEXT is supported). The response may be returned directly or from the Lambda function.
Controls the final response state returned to end user when API/Function execution failed. When this state is FAILURE, the request would fail with dependency failure exception. When this state is REPROMPT, the API/function response will be sent to model for re-prompt
" } }, "httpStatusCode": { @@ -1291,10 +1291,10 @@ "smithy.api#documentation": "http status code from API execution response (for example: 200, 400, 500).
" } }, - "responseState": { - "target": "com.amazonaws.bedrockagentruntime#ResponseState", + "responseBody": { + "target": "com.amazonaws.bedrockagentruntime#ResponseBody", "traits": { - "smithy.api#documentation": "Controls the final response state returned to end user when API/Function execution failed. When this state is FAILURE, the request would fail with dependency failure exception. When this state is REPROMPT, the API/function response will be sent to model for re-prompt
" + "smithy.api#documentation": "The response body from the API operation. The key of the object is the content type (currently, only TEXT is supported). The response may be returned directly or from the Lambda function.
The performance configuration for the model.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Settings for a model called with InvokeAgent.
" + } + }, "com.amazonaws.bedrockagentruntime#BedrockRerankingConfiguration": { "type": "structure", "members": { @@ -1873,6 +1887,13 @@ "smithy.api#documentation": "The unique identifier of the memory.
", "smithy.api#httpQuery": "memoryId" } + }, + "sessionId": { + "target": "com.amazonaws.bedrockagentruntime#SessionId", + "traits": { + "smithy.api#documentation": "The unique session identifier of the memory.
", + "smithy.api#httpQuery": "sessionId" + } } }, "traits": { @@ -2004,6 +2025,12 @@ "traits": { "smithy.api#documentation": "Additional model parameters and their corresponding values not included in the textInferenceConfig structure for an external source. Takes in custom model parameters specific to the language model being used.
" } + }, + "performanceConfig": { + "target": "com.amazonaws.bedrockagentruntime#PerformanceConfiguration", + "traits": { + "smithy.api#documentation": "The latency configuration for the model.
" + } } }, "traits": { @@ -3098,6 +3125,12 @@ "traits": { "smithy.api#documentation": "Additional model parameters and corresponding values not included in the textInferenceConfig structure for a knowledge base. This allows users to provide custom model parameters specific to the language model being used.
" } + }, + "performanceConfig": { + "target": "com.amazonaws.bedrockagentruntime#PerformanceConfiguration", + "traits": { + "smithy.api#documentation": "The latency configuration for the model.
" + } } }, "traits": { @@ -4308,6 +4341,20 @@ "smithy.api#sensitive": {} } }, + "com.amazonaws.bedrockagentruntime#InlineBedrockModelConfigurations": { + "type": "structure", + "members": { + "performanceConfig": { + "target": "com.amazonaws.bedrockagentruntime#PerformanceConfiguration", + "traits": { + "smithy.api#documentation": "The latency configuration for the model.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Settings for a model called with InvokeInlineAgent.
" + } + }, "com.amazonaws.bedrockagentruntime#InlineSessionState": { "type": "structure", "members": { @@ -4593,6 +4640,9 @@ { "target": "com.amazonaws.bedrockagentruntime#InternalServerException" }, + { + "target": "com.amazonaws.bedrockagentruntime#ModelNotReadyException" + }, { "target": "com.amazonaws.bedrockagentruntime#ResourceNotFoundException" }, @@ -4607,7 +4657,7 @@ } ], "traits": { - "smithy.api#documentation": "The CLI doesn't support streaming operations in Amazon Bedrock, including InvokeAgent.
Sends a prompt for the agent to process and respond to. Note the following fields for the request:
\nTo continue the same conversation with an agent, use the same sessionId value in the request.
To activate trace enablement, turn enableTrace to true. Trace enablement helps you follow the agent's reasoning process that led it to the information it processed, the actions it took, and the final result it yielded. For more information, see Trace enablement.
End a conversation by setting endSession to true.
In the sessionState object, you can include attributes for the session or prompt or, if you configured an action group to return control, results from invocation of the action group.
The response is returned in the bytes field of the chunk object.
The attribution object contains citations for parts of the response.
If you set enableTrace to true in the request, you can trace the agent's steps and reasoning process that led it to the response.
If the action predicted was configured to return control, the response returns parameters for the action, elicited from the user, in the returnControl field.
Errors are also surfaced in the response.
\nThe CLI doesn't support streaming operations in Amazon Bedrock, including InvokeAgent.
Sends a prompt for the agent to process and respond to. Note the following fields for the request:
\nTo continue the same conversation with an agent, use the same sessionId value in the request.
To activate trace enablement, turn enableTrace to true. Trace enablement helps you follow the agent's reasoning process that led it to the information it processed, the actions it took, and the final result it yielded. For more information, see Trace enablement.
To stream agent responses, make sure that only orchestration prompt is enabled. Agent streaming is not supported for the following steps:\n
\n\n Pre-processing\n
\n Post-processing\n
Agent with 1 Knowledge base and User Input not enabled
End a conversation by setting endSession to true.
In the sessionState object, you can include attributes for the session or prompt or, if you configured an action group to return control, results from invocation of the action group.
The response is returned in the bytes field of the chunk object.
The attribution object contains citations for parts of the response.
If you set enableTrace to true in the request, you can trace the agent's steps and reasoning process that led it to the response.
If the action predicted was configured to return control, the response returns parameters for the action, elicited from the user, in the returnControl field.
Errors are also surfaced in the response.
\nThe unique identifier of the agent memory.
" } }, + "bedrockModelConfigurations": { + "target": "com.amazonaws.bedrockagentruntime#BedrockModelConfigurations", + "traits": { + "smithy.api#documentation": "Model performance settings for the request.
" + } + }, "streamingConfigurations": { "target": "com.amazonaws.bedrockagentruntime#StreamingConfigurations", "traits": { - "smithy.api#documentation": "\n Specifies the configurations for streaming.\n
" + "smithy.api#documentation": "\n Specifies the configurations for streaming.\n
\nTo use agent streaming, you need permissions to perform the bedrock:InvokeModelWithResponseStream action.
Specifies whether to return the trace for the flow or not. Traces track inputs and outputs for nodes in the flow. For more information, see Track each step in your prompt flow by viewing its trace in Amazon Bedrock.
" } + }, + "modelPerformanceConfiguration": { + "target": "com.amazonaws.bedrockagentruntime#ModelPerformanceConfiguration", + "traits": { + "smithy.api#documentation": "Model performance settings for the request.
" + } } }, "traits": { @@ -4958,6 +5020,12 @@ "traits": { "smithy.api#documentation": "\n Configurations for advanced prompts used to override the default prompts to enhance the accuracy of the inline agent.\n
" } + }, + "bedrockModelConfigurations": { + "target": "com.amazonaws.bedrockagentruntime#InlineBedrockModelConfigurations", + "traits": { + "smithy.api#documentation": "Model settings for the request.
" + } } }, "traits": { @@ -5607,6 +5675,33 @@ "smithy.api#sensitive": {} } }, + "com.amazonaws.bedrockagentruntime#ModelNotReadyException": { + "type": "structure", + "members": { + "message": { + "target": "com.amazonaws.bedrockagentruntime#NonBlankString" + } + }, + "traits": { + "smithy.api#documentation": "\n The model specified in the request is not ready to serve inference requests. The AWS SDK\n will automatically retry the operation up to 5 times. For information about configuring\n automatic retries, see Retry behavior in the AWS SDKs and Tools\n reference guide.\n
", + "smithy.api#error": "client", + "smithy.api#httpError": 424 + } + }, + "com.amazonaws.bedrockagentruntime#ModelPerformanceConfiguration": { + "type": "structure", + "members": { + "performanceConfig": { + "target": "com.amazonaws.bedrockagentruntime#PerformanceConfiguration", + "traits": { + "smithy.api#documentation": "The latency configuration for the model.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The performance configuration for a model called with InvokeFlow.
" + } + }, "com.amazonaws.bedrockagentruntime#Name": { "type": "string", "traits": { @@ -5952,6 +6047,12 @@ "traits": { "smithy.api#documentation": "To split up the prompt and retrieve multiple sources, set the transformation type to\n QUERY_DECOMPOSITION.
The latency configuration for the model.
" + } } }, "traits": { @@ -6246,6 +6347,38 @@ } } }, + "com.amazonaws.bedrockagentruntime#PerformanceConfigLatency": { + "type": "enum", + "members": { + "STANDARD": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "standard" + } + }, + "OPTIMIZED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "optimized" + } + } + } + }, + "com.amazonaws.bedrockagentruntime#PerformanceConfiguration": { + "type": "structure", + "members": { + "latency": { + "target": "com.amazonaws.bedrockagentruntime#PerformanceConfigLatency", + "traits": { + "smithy.api#default": "standard", + "smithy.api#documentation": "To use a latency-optimized version of the model, set to optimized.
Performance settings for a model.
" + } + }, "com.amazonaws.bedrockagentruntime#PostProcessingModelInvocationOutput": { "type": "structure", "members": { @@ -7251,6 +7384,12 @@ "smithy.api#documentation": "There was an issue with a dependency due to a server issue. Retry your request.
" } }, + "modelNotReadyException": { + "target": "com.amazonaws.bedrockagentruntime#ModelNotReadyException", + "traits": { + "smithy.api#documentation": "\n The model specified in the request is not ready to serve Inference requests. The AWS SDK\n will automatically retry the operation up to 5 times. For information about configuring\n automatic retries, see Retry behavior in the AWS SDKs and Tools\n reference guide.\n
" + } + }, "files": { "target": "com.amazonaws.bedrockagentruntime#FilePart", "traits": { @@ -8721,7 +8860,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Configurations for streaming.\n
" + "smithy.api#documentation": "\n Configurations for streaming.
" } }, "com.amazonaws.bedrockagentruntime#SummaryText": { diff --git a/codegen/sdk/aws-models/bedrock-agent.json b/codegen/sdk/aws-models/bedrock-agent.json index e6601004b99..3a4a7368899 100644 --- a/codegen/sdk/aws-models/bedrock-agent.json +++ b/codegen/sdk/aws-models/bedrock-agent.json @@ -11871,6 +11871,14 @@ "smithy.api#documentation": "Details about a malformed input expression in a node.
" } }, + "com.amazonaws.bedrockagent#MaxRecentSessions": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1 + } + } + }, "com.amazonaws.bedrockagent#MaxResults": { "type": "integer", "traits": { @@ -11905,6 +11913,12 @@ "smithy.api#default": 30, "smithy.api#documentation": "The number of days the agent is configured to retain the conversational context.
" } + }, + "sessionSummaryConfiguration": { + "target": "com.amazonaws.bedrockagent#SessionSummaryConfiguration", + "traits": { + "smithy.api#documentation": "Contains the configuration for SESSION_SUMMARY memory type enabled for the agent.
" + } } }, "traits": { @@ -13571,6 +13585,12 @@ "traits": { "smithy.api#enumValue": "KNOWLEDGE_BASE_RESPONSE_GENERATION" } + }, + "MEMORY_SUMMARIZATION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MEMORY_SUMMARIZATION" + } } } }, @@ -14744,6 +14764,21 @@ "smithy.api#httpError": 402 } }, + "com.amazonaws.bedrockagent#SessionSummaryConfiguration": { + "type": "structure", + "members": { + "maxRecentSessions": { + "target": "com.amazonaws.bedrockagent#MaxRecentSessions", + "traits": { + "smithy.api#default": null, + "smithy.api#documentation": "Maximum number of recent session summaries to include in the agent's prompt context.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Configuration for SESSION_SUMMARY memory type enabled for the agent.
" + } + }, "com.amazonaws.bedrockagent#SessionTTL": { "type": "integer", "traits": { @@ -14761,6 +14796,12 @@ "traits": { "smithy.api#enumValue": "OAUTH2_CLIENT_CREDENTIALS" } + }, + "OAUTH2_SHAREPOINT_APP_ONLY_CLIENT_CREDENTIALS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OAUTH2_SHAREPOINT_APP_ONLY_CLIENT_CREDENTIALS" + } } } }, @@ -15200,7 +15241,7 @@ "smithy.api#default": 30, "smithy.api#range": { "min": 0, - "max": 30 + "max": 365 } } }, @@ -17332,6 +17373,16 @@ "smithy.api#documentation": "The configuration of web URLs that you want to crawl. \n You should be authorized to crawl the URLs.
" } }, + "com.amazonaws.bedrockagent#UserAgent": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 15, + "max": 40 + }, + "smithy.api#sensitive": {} + } + }, "com.amazonaws.bedrockagent#ValidateFlowDefinition": { "type": "operation", "input": { @@ -17547,6 +17598,12 @@ "traits": { "smithy.api#documentation": "The scope of what is crawled for your URLs.
\nYou can choose to crawl only web pages that belong to the same host or primary \n domain. For example, only web pages that contain the seed URL \n \"https://docs.aws.amazon.com/bedrock/latest/userguide/\" and no other domains. \n You can choose to include sub domains in addition to the host or primary domain. \n For example, web pages that contain \"aws.amazon.com\" can also include sub domain \n \"docs.aws.amazon.com\".
" } + }, + "userAgent": { + "target": "com.amazonaws.bedrockagent#UserAgent", + "traits": { + "smithy.api#documentation": "A string used for identifying the crawler or a bot when it accesses a web server. By default, \n this is set to bedrockbot_UUID for your crawler. You can optionally append a custom \n string to bedrockbot_UUID to allowlist a specific user agent permitted to access your source URLs. \n
\n The max number of web pages crawled from your source URLs, up to 25,000 pages. If \n the web pages exceed this limit, the data source sync will fail and no web pages will be ingested.\n
", + "smithy.api#range": { + "min": 1 + } + } } }, "traits": { diff --git a/codegen/sdk/aws-models/bedrock-data-automation-runtime.json b/codegen/sdk/aws-models/bedrock-data-automation-runtime.json index 9b1ef3fa06f..e6257f5d67f 100644 --- a/codegen/sdk/aws-models/bedrock-data-automation-runtime.json +++ b/codegen/sdk/aws-models/bedrock-data-automation-runtime.json @@ -33,7 +33,7 @@ "name": "bedrock" }, "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "Amazon Bedrock Keystone Runtime", + "smithy.api#documentation": "Amazon Bedrock Data Automation Runtime", "smithy.api#title": "Runtime for Amazon Bedrock Data Automation", "smithy.rules#endpointRuleSet": { "version": "1.0", diff --git a/codegen/sdk/aws-models/bedrock-data-automation.json b/codegen/sdk/aws-models/bedrock-data-automation.json index 2c2c8ab2dfb..625c2b8853a 100644 --- a/codegen/sdk/aws-models/bedrock-data-automation.json +++ b/codegen/sdk/aws-models/bedrock-data-automation.json @@ -41,7 +41,7 @@ "name": "bedrock" }, "aws.protocols#restJson1": {}, - "smithy.api#documentation": "Amazon Bedrock Keystone Build", + "smithy.api#documentation": "Amazon Bedrock Data Automation BuildTime", "smithy.api#title": "Data Automation for Amazon Bedrock", "smithy.rules#endpointRuleSet": { "version": "1.0", @@ -1148,7 +1148,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates an Amazon Bedrock Keystone Blueprint", + "smithy.api#documentation": "Creates an Amazon Bedrock Data Automation Blueprint", "smithy.api#http": { "code": 201, "method": "PUT", @@ -1241,7 +1241,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new version of an existing Amazon Bedrock Keystone Blueprint", + "smithy.api#documentation": "Creates a new version of an existing Amazon Bedrock Data Automation Blueprint", "smithy.api#http": { "code": 201, "method": "POST", @@ -1318,7 +1318,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates an Amazon Bedrock Keystone DataAutomationProject", + "smithy.api#documentation": "Creates an Amazon Bedrock Data Automation Project", "smithy.api#http": { "code": 201, "method": "PUT", @@ -1669,7 +1669,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an existing Amazon Bedrock Keystone Blueprint", + "smithy.api#documentation": "Deletes an existing Amazon Bedrock Data Automation Blueprint", "smithy.api#http": { "code": 204, "method": "DELETE", @@ -1736,7 +1736,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an existing Amazon Bedrock Keystone DataAutomationProject", + "smithy.api#documentation": "Deletes an existing Amazon Bedrock Data Automation Project", "smithy.api#http": { "code": 204, "method": "DELETE", @@ -2037,7 +2037,7 @@ } ], "traits": { - "smithy.api#documentation": "Gets an existing Amazon Bedrock Keystone Blueprint", + "smithy.api#documentation": "Gets an existing Amazon Bedrock Data Automation Blueprint", "smithy.api#http": { "code": 200, "method": "POST", @@ -2117,7 +2117,7 @@ } ], "traits": { - "smithy.api#documentation": "Gets an existing Amazon Bedrock Keystone DataAutomationProject", + "smithy.api#documentation": "Gets an existing Amazon Bedrock Data Automation Project", "smithy.api#http": { "code": 200, "method": "POST", @@ -2363,7 +2363,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists all existing Amazon Bedrock Keystone Blueprints", + "smithy.api#documentation": "Lists all existing Amazon Bedrock Data Automation Blueprints", "smithy.api#http": { "code": 200, "method": "POST", @@ -2449,7 +2449,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists all existing Amazon Bedrock Keystone DataAutomationProjects", + "smithy.api#documentation": "Lists all existing Amazon Bedrock Data Automation Projects", "smithy.api#http": { "code": 200, "method": "POST", @@ -2704,7 +2704,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates an existing Amazon Bedrock Blueprint", + "smithy.api#documentation": "Updates an existing Amazon Bedrock Data Automation Blueprint", "smithy.api#http": { "code": 200, "method": "PUT", @@ -2783,7 +2783,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates an existing Amazon Bedrock DataAutomationProject", + "smithy.api#documentation": "Updates an existing Amazon Bedrock Data Automation Project", "smithy.api#http": { "code": 200, "method": "PUT", diff --git a/codegen/sdk/aws-models/billing.json b/codegen/sdk/aws-models/billing.json index 5b6c49d7f85..4e4f50ad2c8 100644 --- a/codegen/sdk/aws-models/billing.json +++ b/codegen/sdk/aws-models/billing.json @@ -5,8 +5,35 @@ "type": "service", "version": "2023-09-07", "operations": [ + { + "target": "com.amazonaws.billing#CreateBillingView" + }, + { + "target": "com.amazonaws.billing#DeleteBillingView" + }, + { + "target": "com.amazonaws.billing#GetBillingView" + }, + { + "target": "com.amazonaws.billing#GetResourcePolicy" + }, { "target": "com.amazonaws.billing#ListBillingViews" + }, + { + "target": "com.amazonaws.billing#ListSourceViewsForBillingView" + }, + { + "target": "com.amazonaws.billing#ListTagsForResource" + }, + { + "target": "com.amazonaws.billing#TagResource" + }, + { + "target": "com.amazonaws.billing#UntagResource" + }, + { + "target": "com.amazonaws.billing#UpdateBillingView" } ], "traits": { @@ -543,7 +570,86 @@ "com.amazonaws.billing#BillingViewArn": { "type": "string", "traits": { - "smithy.api#pattern": "^arn:aws[a-z-]*:(billing)::[0-9]{12}:billingview/[a-zA-Z0-9_\\+=\\.\\-@]{1,43}$" + "smithy.api#pattern": "^arn:aws[a-z-]*:(billing)::[0-9]{12}:billingview/[a-zA-Z0-9/:_\\+=\\.\\-@]{0,59}[a-zA-Z0-9]$" + } + }, + "com.amazonaws.billing#BillingViewArnList": { + "type": "list", + "member": { + "target": "com.amazonaws.billing#BillingViewArn" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 10 + } + } + }, + "com.amazonaws.billing#BillingViewDescription": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 1024 + }, + "smithy.api#pattern": "^([ a-zA-Z0-9_\\+=\\.\\-@]+)?$", + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.billing#BillingViewElement": { + "type": "structure", + "members": { + "arn": { + "target": "com.amazonaws.billing#BillingViewArn", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) that can be used to uniquely identify the billing view.\n
" + } + }, + "name": { + "target": "com.amazonaws.billing#BillingViewName", + "traits": { + "smithy.api#documentation": "\n A list of names of the billing view.\n
" + } + }, + "description": { + "target": "com.amazonaws.billing#BillingViewDescription", + "traits": { + "smithy.api#documentation": "\n The description of the billing view.\n
" + } + }, + "billingViewType": { + "target": "com.amazonaws.billing#BillingViewType", + "traits": { + "smithy.api#documentation": "The type of billing group.\n
" + } + }, + "ownerAccountId": { + "target": "com.amazonaws.billing#AccountId", + "traits": { + "smithy.api#documentation": "\n The list of owners of the billing view.\n
" + } + }, + "dataFilterExpression": { + "target": "com.amazonaws.billing#Expression", + "traits": { + "smithy.api#documentation": "\n See Expression. Billing view only supports LINKED_ACCOUNT and Tags.\n
The time when the billing view was created.\n
" + } + }, + "updatedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the billing view was last updated.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "The metadata associated to the billing view.\n
" } }, "com.amazonaws.billing#BillingViewList": { @@ -567,6 +673,12 @@ "smithy.api#documentation": "\n A list of names of the Billing view.\n
" } }, + "description": { + "target": "com.amazonaws.billing#BillingViewDescription", + "traits": { + "smithy.api#documentation": "\n The description of the billing view.\n
" + } + }, "ownerAccountId": { "target": "com.amazonaws.billing#AccountId", "traits": { @@ -587,10 +699,26 @@ "com.amazonaws.billing#BillingViewName": { "type": "string", "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + }, "smithy.api#pattern": "^[ a-zA-Z0-9_\\+=\\.\\-@]+$", "smithy.api#sensitive": {} } }, + "com.amazonaws.billing#BillingViewSourceViewsList": { + "type": "list", + "member": { + "target": "com.amazonaws.billing#BillingViewArn" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1 + } + } + }, "com.amazonaws.billing#BillingViewType": { "type": "enum", "members": { @@ -605,9 +733,21 @@ "traits": { "smithy.api#enumValue": "BILLING_GROUP" } + }, + "CUSTOM": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CUSTOM" + } } } }, + "com.amazonaws.billing#BillingViewTypeList": { + "type": "list", + "member": { + "target": "com.amazonaws.billing#BillingViewType" + } + }, "com.amazonaws.billing#BillingViewsMaxResults": { "type": "integer", "traits": { @@ -617,23 +757,13 @@ } } }, - "com.amazonaws.billing#ErrorMessage": { - "type": "string", - "traits": { - "smithy.api#length": { - "max": 1024 - } - } - }, - "com.amazonaws.billing#FieldName": { + "com.amazonaws.billing#ClientToken": { "type": "string", "traits": { - "smithy.api#length": { - "max": 100 - } + "smithy.api#pattern": "^[a-zA-Z0-9-]+$" } }, - "com.amazonaws.billing#InternalServerException": { + "com.amazonaws.billing#ConflictException": { "type": "structure", "members": { "message": { @@ -641,33 +771,53 @@ "traits": { "smithy.api#required": {} } + }, + "resourceId": { + "target": "com.amazonaws.billing#ResourceId", + "traits": { + "smithy.api#documentation": "\n The identifier for the service resource associated with the request.\n
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "com.amazonaws.billing#ResourceType", + "traits": { + "smithy.api#documentation": "\n The type of resource associated with the request.\n
", + "smithy.api#required": {} + } } }, "traits": { "aws.protocols#awsQueryError": { - "code": "BillingInternalServer", - "httpResponseCode": 500 + "code": "BillingConflict", + "httpResponseCode": 409 }, - "smithy.api#documentation": "The request processing failed because of an unknown error, exception, or failure.\n
", - "smithy.api#error": "server", - "smithy.api#httpError": 500 + "smithy.api#documentation": "\n The requested operation would cause a conflict with the current state of a service resource associated with the request. Resolve the conflict before retrying this request.\n
", + "smithy.api#error": "client", + "smithy.api#httpError": 409 } }, - "com.amazonaws.billing#ListBillingViews": { + "com.amazonaws.billing#CreateBillingView": { "type": "operation", "input": { - "target": "com.amazonaws.billing#ListBillingViewsRequest" + "target": "com.amazonaws.billing#CreateBillingViewRequest" }, "output": { - "target": "com.amazonaws.billing#ListBillingViewsResponse" + "target": "com.amazonaws.billing#CreateBillingViewResponse" }, "errors": [ { "target": "com.amazonaws.billing#AccessDeniedException" }, + { + "target": "com.amazonaws.billing#ConflictException" + }, { "target": "com.amazonaws.billing#InternalServerException" }, + { + "target": "com.amazonaws.billing#ServiceQuotaExceededException" + }, { "target": "com.amazonaws.billing#ThrottlingException" }, @@ -676,97 +826,75 @@ } ], "traits": { - "smithy.api#documentation": "Lists the billing views available for a given time period.\n
\nEvery Amazon Web Services account has a unique PRIMARY billing view that represents the billing data available by default. Accounts that use Billing Conductor also have BILLING_GROUP billing views representing pro forma costs associated with each created billing group.
\nCreates a billing view with the specified billing view attributes.\n
", "smithy.api#examples": [ { - "title": "Invoke ListBillingViews", + "title": "Invoke CreateBillingView", "input": { - "activeTimeRange": { - "activeAfterInclusive": 1719792000, - "activeBeforeInclusive": 1.722470399999E9 + "name": "Example Custom Billing View", + "sourceViews": [ + "arn:aws:billing::123456789101:billingview/primary" + ], + "description": "Custom Billing View Example", + "dataFilterExpression": { + "dimensions": { + "key": "LINKED_ACCOUNT", + "values": [ + "000000000000" + ] + } } }, "output": { - "billingViews": [ - { - "arn": "arn:aws:billing::123456789101:billingview/primary", - "billingViewType": "PRIMARY", - "name": "Primary Billing View Account 123456789101", - "ownerAccountId": "123456789101" - } - ] + "arn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899", + "createdAt": 1719792001 } - }, - { - "title": "Error example for ListBillingViews", - "input": { - "activeTimeRange": { - "activeAfterInclusive": 1719792001, - "activeBeforeInclusive": 1719792000 - } - }, - "error": { - "shapeId": "com.amazonaws.billing#ValidationException", - "content": { - "message": "Failed to get billing view data for an invalid time range.", - "reason": "other" - } - }, - "allowConstraintErrors": true } ], - "smithy.api#http": { - "method": "POST", - "uri": "/", - "code": 200 - }, - "smithy.api#paginated": { - "inputToken": "nextToken", - "outputToken": "nextToken", - "pageSize": "maxResults", - "items": "billingViews" - }, - "smithy.api#readonly": {}, - "smithy.test#smokeTests": [ - { - "id": "ListBillingViewsSuccess", - "params": { - "activeTimeRange": { - "activeAfterInclusive": 1719792000, - "activeBeforeInclusive": 1.722470399999E9 - } - }, - "expect": { - "success": {} - }, - "vendorParamsShape": "aws.test#AwsVendorParams", - "vendorParams": { - "region": "us-east-1" - } - } - ] + "smithy.api#idempotent": {} } }, - "com.amazonaws.billing#ListBillingViewsRequest": { + "com.amazonaws.billing#CreateBillingViewRequest": { "type": "structure", "members": { - "activeTimeRange": { - "target": "com.amazonaws.billing#ActiveTimeRange", + "name": { + "target": "com.amazonaws.billing#BillingViewName", "traits": { - "smithy.api#documentation": "\n The time range for the billing views listed. PRIMARY billing view is always listed. BILLING_GROUP billing views are listed for time ranges when the associated billing group resource in Billing Conductor is active. The time range must be within one calendar month.\n
\n The name of the billing view.\n
", "smithy.api#required": {} } }, - "maxResults": { - "target": "com.amazonaws.billing#BillingViewsMaxResults", + "description": { + "target": "com.amazonaws.billing#BillingViewDescription", "traits": { - "smithy.api#documentation": "The maximum number of billing views to retrieve. Default is 100.\n
" + "smithy.api#documentation": "\n The description of the billing view.\n
" } }, - "nextToken": { - "target": "com.amazonaws.billing#PageToken", + "sourceViews": { + "target": "com.amazonaws.billing#BillingViewSourceViewsList", "traits": { - "smithy.api#documentation": "The pagination token that is used on subsequent calls to list billing views.
" + "smithy.api#documentation": "A list of billing views used as the data source for the custom billing view.
", + "smithy.api#required": {} + } + }, + "dataFilterExpression": { + "target": "com.amazonaws.billing#Expression", + "traits": { + "smithy.api#documentation": "\n See Expression. Billing view only supports LINKED_ACCOUNT and Tags.\n
A unique, case-sensitive identifier you specify to ensure idempotency of the request. Idempotency ensures that an API request completes no more than one time. If the original request completes successfully, any subsequent retries complete successfully without performing any further actions with an idempotent request.\n
", + "smithy.api#httpHeader": "X-Amzn-Client-Token", + "smithy.api#idempotencyToken": {} + } + }, + "resourceTags": { + "target": "com.amazonaws.billing#ResourceTagList", + "traits": { + "smithy.api#documentation": "A list of key value map specifying tags associated to the billing view being created.\n
" } } }, @@ -774,20 +902,20 @@ "smithy.api#input": {} } }, - "com.amazonaws.billing#ListBillingViewsResponse": { + "com.amazonaws.billing#CreateBillingViewResponse": { "type": "structure", "members": { - "billingViews": { - "target": "com.amazonaws.billing#BillingViewList", + "arn": { + "target": "com.amazonaws.billing#BillingViewArn", "traits": { - "smithy.api#documentation": "A list of BillingViewListElement retrieved.
\n The Amazon Resource Name (ARN) that can be used to uniquely identify the billing view.\n
", "smithy.api#required": {} } }, - "nextToken": { - "target": "com.amazonaws.billing#PageToken", + "createdAt": { + "target": "smithy.api#Timestamp", "traits": { - "smithy.api#documentation": "The pagination token to use on subsequent calls to list billing views.\n
" + "smithy.api#documentation": "\n The time when the billing view was created.\n
" } } }, @@ -795,35 +923,1166 @@ "smithy.api#output": {} } }, - "com.amazonaws.billing#PageToken": { - "type": "string", - "traits": { - "smithy.api#length": { - "min": 1, - "max": 2047 - } - } - }, - "com.amazonaws.billing#ThrottlingException": { - "type": "structure", - "members": { - "message": { - "target": "com.amazonaws.billing#ErrorMessage", - "traits": { - "smithy.api#required": {} - } - } + "com.amazonaws.billing#DeleteBillingView": { + "type": "operation", + "input": { + "target": "com.amazonaws.billing#DeleteBillingViewRequest" }, - "traits": { - "aws.protocols#awsQueryError": { - "code": "BillingThrottling", - "httpResponseCode": 429 + "output": { + "target": "com.amazonaws.billing#DeleteBillingViewResponse" + }, + "errors": [ + { + "target": "com.amazonaws.billing#AccessDeniedException" }, - "smithy.api#documentation": "The request was denied due to request throttling.\n
", - "smithy.api#error": "client", + { + "target": "com.amazonaws.billing#ConflictException" + }, + { + "target": "com.amazonaws.billing#InternalServerException" + }, + { + "target": "com.amazonaws.billing#ThrottlingException" + }, + { + "target": "com.amazonaws.billing#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Deletes the specified billing view.
", + "smithy.api#examples": [ + { + "title": "Invoke DeleteBillingView", + "input": { + "arn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899" + }, + "output": { + "arn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899" + } + } + ], + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.billing#DeleteBillingViewRequest": { + "type": "structure", + "members": { + "arn": { + "target": "com.amazonaws.billing#BillingViewArn", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) that can be used to uniquely identify the billing view.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.billing#DeleteBillingViewResponse": { + "type": "structure", + "members": { + "arn": { + "target": "com.amazonaws.billing#BillingViewArn", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) that can be used to uniquely identify the billing view.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.billing#Dimension": { + "type": "enum", + "members": { + "LINKED_ACCOUNT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LINKED_ACCOUNT" + } + } + } + }, + "com.amazonaws.billing#DimensionValues": { + "type": "structure", + "members": { + "key": { + "target": "com.amazonaws.billing#Dimension", + "traits": { + "smithy.api#documentation": "\n The names of the metadata types that you can use to filter and group your results. \n
", + "smithy.api#required": {} + } + }, + "values": { + "target": "com.amazonaws.billing#Values", + "traits": { + "smithy.api#documentation": "\n The metadata values that you can use to filter and group your results. \n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "\n The metadata that you can use to filter and group your results.\n
" + } + }, + "com.amazonaws.billing#ErrorMessage": { + "type": "string", + "traits": { + "smithy.api#length": { + "max": 1024 + } + } + }, + "com.amazonaws.billing#Expression": { + "type": "structure", + "members": { + "dimensions": { + "target": "com.amazonaws.billing#DimensionValues", + "traits": { + "smithy.api#documentation": "\n The specific Dimension to use for Expression.\n
\n The specific Tag to use for Expression.\n
\n See Expression. Billing view only supports LINKED_ACCOUNT and Tags.\n
Returns the metadata associated to the specified billing view ARN.\n
", + "smithy.api#examples": [ + { + "title": "Invoke GetBillingView", + "input": { + "arn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899" + }, + "output": { + "billingView": { + "arn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899", + "name": "Example Custom Billing View", + "description": "Custom Billing View Example -- updated description", + "dataFilterExpression": { + "dimensions": { + "key": "LINKED_ACCOUNT", + "values": [ + "000000000000" + ] + } + }, + "ownerAccountId": "123456789101", + "billingViewType": "CUSTOM" + } + } + } + ], + "smithy.api#readonly": {} + } + }, + "com.amazonaws.billing#GetBillingViewRequest": { + "type": "structure", + "members": { + "arn": { + "target": "com.amazonaws.billing#BillingViewArn", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) that can be used to uniquely identify the billing view.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.billing#GetBillingViewResponse": { + "type": "structure", + "members": { + "billingView": { + "target": "com.amazonaws.billing#BillingViewElement", + "traits": { + "smithy.api#documentation": "The billing view element associated with the specified ARN.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.billing#GetResourcePolicy": { + "type": "operation", + "input": { + "target": "com.amazonaws.billing#GetResourcePolicyRequest" + }, + "output": { + "target": "com.amazonaws.billing#GetResourcePolicyResponse" + }, + "errors": [ + { + "target": "com.amazonaws.billing#AccessDeniedException" + }, + { + "target": "com.amazonaws.billing#InternalServerException" + }, + { + "target": "com.amazonaws.billing#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.billing#ThrottlingException" + }, + { + "target": "com.amazonaws.billing#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Returns the resource-based policy document attached to the resource in JSON format.\n
The Amazon Resource Name (ARN) of the billing view resource to which the policy is attached to.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.billing#GetResourcePolicyResponse": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.billing#ResourceArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the billing view resource to which the policy is attached to.\n
", + "smithy.api#required": {} + } + }, + "policy": { + "target": "com.amazonaws.billing#PolicyDocument", + "traits": { + "smithy.api#documentation": "The resource-based policy document attached to the resource in JSON format.\n
The request processing failed because of an unknown error, exception, or failure.\n
", + "smithy.api#error": "server", + "smithy.api#httpError": 500 + } + }, + "com.amazonaws.billing#ListBillingViews": { + "type": "operation", + "input": { + "target": "com.amazonaws.billing#ListBillingViewsRequest" + }, + "output": { + "target": "com.amazonaws.billing#ListBillingViewsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.billing#AccessDeniedException" + }, + { + "target": "com.amazonaws.billing#InternalServerException" + }, + { + "target": "com.amazonaws.billing#ThrottlingException" + }, + { + "target": "com.amazonaws.billing#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Lists the billing views available for a given time period.\n
\nEvery Amazon Web Services account has a unique PRIMARY billing view that represents the billing data available by default. Accounts that use Billing Conductor also have BILLING_GROUP billing views representing pro forma costs associated with each created billing group.
\n The time range for the billing views listed. PRIMARY billing view is always listed. BILLING_GROUP billing views are listed for time ranges when the associated billing group resource in Billing Conductor is active. The time range must be within one calendar month.\n
The Amazon Resource Name (ARN) that can be used to uniquely identify the billing view.\n
" + } + }, + "billingViewTypes": { + "target": "com.amazonaws.billing#BillingViewTypeList", + "traits": { + "smithy.api#documentation": "The type of billing view.
" + } + }, + "ownerAccountId": { + "target": "com.amazonaws.billing#AccountId", + "traits": { + "smithy.api#documentation": "\n The list of owners of the billing view.\n
" + } + }, + "maxResults": { + "target": "com.amazonaws.billing#BillingViewsMaxResults", + "traits": { + "smithy.api#documentation": "The maximum number of billing views to retrieve. Default is 100.\n
" + } + }, + "nextToken": { + "target": "com.amazonaws.billing#PageToken", + "traits": { + "smithy.api#documentation": "The pagination token that is used on subsequent calls to list billing views.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.billing#ListBillingViewsResponse": { + "type": "structure", + "members": { + "billingViews": { + "target": "com.amazonaws.billing#BillingViewList", + "traits": { + "smithy.api#documentation": "A list of BillingViewListElement retrieved.
The pagination token to use on subsequent calls to list billing views.\n
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.billing#ListSourceViewsForBillingView": { + "type": "operation", + "input": { + "target": "com.amazonaws.billing#ListSourceViewsForBillingViewRequest" + }, + "output": { + "target": "com.amazonaws.billing#ListSourceViewsForBillingViewResponse" + }, + "errors": [ + { + "target": "com.amazonaws.billing#AccessDeniedException" + }, + { + "target": "com.amazonaws.billing#InternalServerException" + }, + { + "target": "com.amazonaws.billing#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.billing#ThrottlingException" + }, + { + "target": "com.amazonaws.billing#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Lists the source views (managed Amazon Web Services billing views) associated with the billing view.\n
", + "smithy.api#examples": [ + { + "title": "Invoke ListSourceViewsForBillingView", + "input": { + "arn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899" + }, + "output": { + "sourceViews": [ + "arn:aws:billing::123456789101:billingview/primary" + ] + } + } + ], + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "pageSize": "maxResults", + "items": "sourceViews" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.billing#ListSourceViewsForBillingViewRequest": { + "type": "structure", + "members": { + "arn": { + "target": "com.amazonaws.billing#BillingViewArn", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) that can be used to uniquely identify the billing view.\n
", + "smithy.api#required": {} + } + }, + "maxResults": { + "target": "com.amazonaws.billing#BillingViewsMaxResults", + "traits": { + "smithy.api#documentation": "\n The number of entries a paginated response contains.\n
" + } + }, + "nextToken": { + "target": "com.amazonaws.billing#PageToken", + "traits": { + "smithy.api#documentation": "\n The pagination token that is used on subsequent calls to list billing views.\n
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.billing#ListSourceViewsForBillingViewResponse": { + "type": "structure", + "members": { + "sourceViews": { + "target": "com.amazonaws.billing#BillingViewSourceViewsList", + "traits": { + "smithy.api#documentation": "A list of billing views used as the data source for the custom billing view.\n
", + "smithy.api#required": {} + } + }, + "nextToken": { + "target": "com.amazonaws.billing#PageToken", + "traits": { + "smithy.api#documentation": "\n The pagination token that is used on subsequent calls to list billing views.\n
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.billing#ListTagsForResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.billing#ListTagsForResourceRequest" + }, + "output": { + "target": "com.amazonaws.billing#ListTagsForResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.billing#AccessDeniedException" + }, + { + "target": "com.amazonaws.billing#InternalServerException" + }, + { + "target": "com.amazonaws.billing#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.billing#ThrottlingException" + }, + { + "target": "com.amazonaws.billing#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Lists tags associated with the billing view resource.\n
", + "smithy.api#examples": [ + { + "title": "Invoke ListTagsForResource", + "input": { + "resourceArn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899" + }, + "output": { + "resourceTags": [ + { + "key": "ExampleTagKey", + "value": "ExampleTagValue" + } + ] + } + } + ], + "smithy.api#readonly": {} + } + }, + "com.amazonaws.billing#ListTagsForResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.billing#ResourceArn", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) of the resource. \n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.billing#ListTagsForResourceResponse": { + "type": "structure", + "members": { + "resourceTags": { + "target": "com.amazonaws.billing#ResourceTagList", + "traits": { + "smithy.api#documentation": "\n A list of tag key value pairs that are associated with the resource.\n
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.billing#PageToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2047 + } + } + }, + "com.amazonaws.billing#PolicyDocument": { + "type": "string" + }, + "com.amazonaws.billing#QuotaCode": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1024 + } + } + }, + "com.amazonaws.billing#ResourceArn": { + "type": "string", + "traits": { + "smithy.api#pattern": "^arn:aws[a-z-]*:(billing)::[0-9]{12}:[a-zA-Z0-9/:_\\+=\\.\\@-]{0,70}[a-zA-Z0-9]$" + } + }, + "com.amazonaws.billing#ResourceId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1024 + } + } + }, + "com.amazonaws.billing#ResourceNotFoundException": { + "type": "structure", + "members": { + "message": { + "target": "com.amazonaws.billing#ErrorMessage", + "traits": { + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "com.amazonaws.billing#ResourceId", + "traits": { + "smithy.api#documentation": "\n Value is a list of resource IDs that were not found.\n
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "com.amazonaws.billing#ResourceType", + "traits": { + "smithy.api#documentation": "\n Value is the type of resource that was not found.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "aws.protocols#awsQueryError": { + "code": "BillingResourceNotFound", + "httpResponseCode": 404 + }, + "smithy.api#documentation": "\n The specified ARN in the request doesn't exist.\n
", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, + "com.amazonaws.billing#ResourceTag": { + "type": "structure", + "members": { + "key": { + "target": "com.amazonaws.billing#ResourceTagKey", + "traits": { + "smithy.api#documentation": "\n The key that's associated with the tag.\n
", + "smithy.api#required": {} + } + }, + "value": { + "target": "com.amazonaws.billing#ResourceTagValue", + "traits": { + "smithy.api#documentation": "\n The value that's associated with the tag.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\n The tag structure that contains a tag key and value.\n
" + } + }, + "com.amazonaws.billing#ResourceTagKey": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + } + } + }, + "com.amazonaws.billing#ResourceTagKeyList": { + "type": "list", + "member": { + "target": "com.amazonaws.billing#ResourceTagKey" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 200 + } + } + }, + "com.amazonaws.billing#ResourceTagList": { + "type": "list", + "member": { + "target": "com.amazonaws.billing#ResourceTag" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 200 + } + } + }, + "com.amazonaws.billing#ResourceTagValue": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 256 + } + } + }, + "com.amazonaws.billing#ResourceType": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1024 + } + } + }, + "com.amazonaws.billing#ServiceCode": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1024 + } + } + }, + "com.amazonaws.billing#ServiceQuotaExceededException": { + "type": "structure", + "members": { + "message": { + "target": "com.amazonaws.billing#ErrorMessage", + "traits": { + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "com.amazonaws.billing#ResourceId", + "traits": { + "smithy.api#documentation": "\n The ID of the resource.\n
", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "com.amazonaws.billing#ResourceType", + "traits": { + "smithy.api#documentation": "\n The type of Amazon Web Services resource.\n
", + "smithy.api#required": {} + } + }, + "serviceCode": { + "target": "com.amazonaws.billing#ServiceCode", + "traits": { + "smithy.api#documentation": "\n The container for the serviceCode.\n
\n The container for the quotaCode.\n
\n You've reached the limit of resources you can create, or exceeded the size of an individual resource.\n
", + "smithy.api#error": "client", + "smithy.api#httpError": 402 + } + }, + "com.amazonaws.billing#TagKey": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 1024 + }, + "smithy.api#pattern": "^[\\S\\s]*$" + } + }, + "com.amazonaws.billing#TagResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.billing#TagResourceRequest" + }, + "output": { + "target": "com.amazonaws.billing#TagResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.billing#AccessDeniedException" + }, + { + "target": "com.amazonaws.billing#InternalServerException" + }, + { + "target": "com.amazonaws.billing#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.billing#ThrottlingException" + }, + { + "target": "com.amazonaws.billing#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "\n An API operation for adding one or more tags (key-value pairs) to a resource.\n
", + "smithy.api#examples": [ + { + "title": "Invoke TagResource", + "input": { + "resourceArn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899", + "resourceTags": [ + { + "key": "ExampleTagKey", + "value": "ExampleTagValue" + } + ] + }, + "output": {} + } + ] + } + }, + "com.amazonaws.billing#TagResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.billing#ResourceArn", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) of the resource.\n
", + "smithy.api#required": {} + } + }, + "resourceTags": { + "target": "com.amazonaws.billing#ResourceTagList", + "traits": { + "smithy.api#documentation": "\n A list of tag key value pairs that are associated with the resource.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.billing#TagResourceResponse": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.billing#TagValues": { + "type": "structure", + "members": { + "key": { + "target": "com.amazonaws.billing#TagKey", + "traits": { + "smithy.api#documentation": "\n The key for the tag.\n
", + "smithy.api#required": {} + } + }, + "values": { + "target": "com.amazonaws.billing#Values", + "traits": { + "smithy.api#documentation": "\n The specific value of the tag.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "\n The values that are available for a tag.\n
" + } + }, + "com.amazonaws.billing#ThrottlingException": { + "type": "structure", + "members": { + "message": { + "target": "com.amazonaws.billing#ErrorMessage", + "traits": { + "smithy.api#required": {} + } + } + }, + "traits": { + "aws.protocols#awsQueryError": { + "code": "BillingThrottling", + "httpResponseCode": 429 + }, + "smithy.api#documentation": "The request was denied due to request throttling.\n
", + "smithy.api#error": "client", "smithy.api#httpError": 429 } }, + "com.amazonaws.billing#UntagResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.billing#UntagResourceRequest" + }, + "output": { + "target": "com.amazonaws.billing#UntagResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.billing#AccessDeniedException" + }, + { + "target": "com.amazonaws.billing#InternalServerException" + }, + { + "target": "com.amazonaws.billing#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.billing#ThrottlingException" + }, + { + "target": "com.amazonaws.billing#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "\n Removes one or more tags from a resource. Specify only tag keys in your request. Don't specify the value.\n
", + "smithy.api#examples": [ + { + "title": "Invoke UntagResource", + "input": { + "resourceArn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899", + "resourceTagKeys": [ + "ExampleTagKey" + ] + }, + "output": {} + } + ] + } + }, + "com.amazonaws.billing#UntagResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.billing#ResourceArn", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) of the resource.\n
", + "smithy.api#required": {} + } + }, + "resourceTagKeys": { + "target": "com.amazonaws.billing#ResourceTagKeyList", + "traits": { + "smithy.api#documentation": "\n A list of tag key value pairs that are associated with the resource.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.billing#UntagResourceResponse": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.billing#UpdateBillingView": { + "type": "operation", + "input": { + "target": "com.amazonaws.billing#UpdateBillingViewRequest" + }, + "output": { + "target": "com.amazonaws.billing#UpdateBillingViewResponse" + }, + "errors": [ + { + "target": "com.amazonaws.billing#AccessDeniedException" + }, + { + "target": "com.amazonaws.billing#ConflictException" + }, + { + "target": "com.amazonaws.billing#InternalServerException" + }, + { + "target": "com.amazonaws.billing#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.billing#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.billing#ThrottlingException" + }, + { + "target": "com.amazonaws.billing#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "An API to update the attributes of the billing view.\n
", + "smithy.api#examples": [ + { + "title": "Invoke UpdateBillingView", + "input": { + "name": "Example Custom Billing View", + "arn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899", + "description": "Custom Billing View Example -- updated description", + "dataFilterExpression": { + "dimensions": { + "key": "LINKED_ACCOUNT", + "values": [ + "000000000000" + ] + } + } + }, + "output": { + "arn": "arn:aws:billing::123456789101:billingview/custom-46f47cb2-a11d-43f3-983d-470b5708a899", + "updatedAt": 1719792001 + } + } + ], + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.billing#UpdateBillingViewRequest": { + "type": "structure", + "members": { + "arn": { + "target": "com.amazonaws.billing#BillingViewArn", + "traits": { + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) that can be used to uniquely identify the billing view.\n
", + "smithy.api#required": {} + } + }, + "name": { + "target": "com.amazonaws.billing#BillingViewName", + "traits": { + "smithy.api#documentation": "\n The name of the billing view.\n
" + } + }, + "description": { + "target": "com.amazonaws.billing#BillingViewDescription", + "traits": { + "smithy.api#documentation": "\n The description of the billing view.\n
" + } + }, + "dataFilterExpression": { + "target": "com.amazonaws.billing#Expression", + "traits": { + "smithy.api#documentation": "See Expression. Billing view only supports LINKED_ACCOUNT and Tags.\n
\n The Amazon Resource Name (ARN) that can be used to uniquely identify the billing view.\n
", + "smithy.api#required": {} + } + }, + "updatedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "\n The time when the billing view was last updated.\n
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.billing#ValidationException": { "type": "structure", "members": { @@ -913,6 +2172,28 @@ } } } + }, + "com.amazonaws.billing#Value": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 1024 + }, + "smithy.api#pattern": "^[\\S\\s]*$" + } + }, + "com.amazonaws.billing#Values": { + "type": "list", + "member": { + "target": "com.amazonaws.billing#Value" + }, + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + } + } } } } \ No newline at end of file diff --git a/codegen/sdk/aws-models/budgets.json b/codegen/sdk/aws-models/budgets.json index 0fea2c0505a..abf52523d08 100644 --- a/codegen/sdk/aws-models/budgets.json +++ b/codegen/sdk/aws-models/budgets.json @@ -340,6 +340,108 @@ }, "type": "endpoint" }, + { + "conditions": [ + { + "fn": "stringEquals", + "argv": [ + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "name" + ] + }, + "aws-iso" + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + false + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + false + ] + } + ], + "endpoint": { + "url": "https://budgets.c2s.ic.gov", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "budgets", + "signingRegion": "us-iso-east-1" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [ + { + "fn": "stringEquals", + "argv": [ + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "name" + ] + }, + "aws-iso-b" + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + false + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + false + ] + } + ], + "endpoint": { + "url": "https://budgets.global.sc2s.sgov.gov", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "budgets", + "signingRegion": "us-isob-east-1" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + }, { "conditions": [ { @@ -864,6 +966,28 @@ "UseDualStack": false } }, + { + "documentation": "For region aws-iso-global with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "budgets", + "signingRegion": "us-iso-east-1" + } + ] + }, + "url": "https://budgets.c2s.ic.gov" + } + }, + "params": { + "Region": "aws-iso-global", + "UseFIPS": false, + "UseDualStack": false + } + }, { "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", "expect": { @@ -903,7 +1027,16 @@ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://budgets.us-iso-east-1.c2s.ic.gov" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "budgets", + "signingRegion": "us-iso-east-1" + } + ] + }, + "url": "https://budgets.c2s.ic.gov" } }, "params": { @@ -912,6 +1045,28 @@ "UseDualStack": false } }, + { + "documentation": "For region aws-iso-b-global with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "budgets", + "signingRegion": "us-isob-east-1" + } + ] + }, + "url": "https://budgets.global.sc2s.sgov.gov" + } + }, + "params": { + "Region": "aws-iso-b-global", + "UseFIPS": false, + "UseDualStack": false + } + }, { "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", "expect": { @@ -951,7 +1106,16 @@ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://budgets.us-isob-east-1.sc2s.sgov.gov" + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "budgets", + "signingRegion": "us-isob-east-1" + } + ] + }, + "url": "https://budgets.global.sc2s.sgov.gov" } }, "params": { diff --git a/codegen/sdk/aws-models/cleanroomsml.json b/codegen/sdk/aws-models/cleanroomsml.json index 04abfdca6d4..3ed70e8c21c 100644 --- a/codegen/sdk/aws-models/cleanroomsml.json +++ b/codegen/sdk/aws-models/cleanroomsml.json @@ -1034,6 +1034,9 @@ "traits": { "smithy.api#documentation": "The protected SQL query parameters.
" } + }, + "sqlComputeConfiguration": { + "target": "com.amazonaws.cleanroomsml#ComputeConfiguration" } }, "traits": { @@ -9925,7 +9928,7 @@ "dataSource": { "target": "com.amazonaws.cleanroomsml#ModelInferenceDataSource", "traits": { - "smithy.api#documentation": "Defines he data source that is used for the trained model inference job.
", + "smithy.api#documentation": "Defines the data source that is used for the trained model inference job.
", "smithy.api#required": {} } }, diff --git a/codegen/sdk/aws-models/cloud9.json b/codegen/sdk/aws-models/cloud9.json index b5b96a0925c..806df005d26 100644 --- a/codegen/sdk/aws-models/cloud9.json +++ b/codegen/sdk/aws-models/cloud9.json @@ -85,7 +85,7 @@ "name": "cloud9" }, "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "Cloud9 is a collection of tools that you can use to code, build, run, test, debug, and\n release software in the cloud.
\nFor more information about Cloud9, see the Cloud9 User Guide.
\nCloud9 supports these operations:
\n\n CreateEnvironmentEC2: Creates an Cloud9 development environment, launches\n an Amazon EC2 instance, and then connects from the instance to the environment.
\n CreateEnvironmentMembership: Adds an environment member to an\n environment.
\n DeleteEnvironment: Deletes an environment. If an Amazon EC2 instance is\n connected to the environment, also terminates the instance.
\n DeleteEnvironmentMembership: Deletes an environment member from an\n environment.
\n DescribeEnvironmentMemberships: Gets information about environment\n members for an environment.
\n DescribeEnvironments: Gets information about environments.
\n DescribeEnvironmentStatus: Gets status information for an\n environment.
\n ListEnvironments: Gets a list of environment identifiers.
\n ListTagsForResource: Gets the tags for an environment.
\n TagResource: Adds tags to an environment.
\n UntagResource: Removes tags from an environment.
\n UpdateEnvironment: Changes the settings of an existing\n environment.
\n UpdateEnvironmentMembership: Changes the settings of an existing\n environment member for an environment.
Cloud9 is a collection of tools that you can use to code, build, run, test, debug, and\n release software in the cloud.
\nFor more information about Cloud9, see the Cloud9 User Guide.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nCloud9 supports these operations:
\n\n CreateEnvironmentEC2: Creates an Cloud9 development environment, launches\n an Amazon EC2 instance, and then connects from the instance to the environment.
\n CreateEnvironmentMembership: Adds an environment member to an\n environment.
\n DeleteEnvironment: Deletes an environment. If an Amazon EC2 instance is\n connected to the environment, also terminates the instance.
\n DeleteEnvironmentMembership: Deletes an environment member from an\n environment.
\n DescribeEnvironmentMemberships: Gets information about environment\n members for an environment.
\n DescribeEnvironments: Gets information about environments.
\n DescribeEnvironmentStatus: Gets status information for an\n environment.
\n ListEnvironments: Gets a list of environment identifiers.
\n ListTagsForResource: Gets the tags for an environment.
\n TagResource: Adds tags to an environment.
\n UntagResource: Removes tags from an environment.
\n UpdateEnvironment: Changes the settings of an existing\n environment.
\n UpdateEnvironmentMembership: Changes the settings of an existing\n environment member for an environment.
Creates an Cloud9 development environment, launches an Amazon Elastic Compute Cloud (Amazon EC2) instance, and\n then connects from the instance to the environment.
", + "smithy.api#documentation": "Creates an Cloud9 development environment, launches an Amazon Elastic Compute Cloud (Amazon EC2) instance, and\n then connects from the instance to the environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nThe identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance.\n To choose an AMI for the instance, you must specify a valid AMI alias or a valid Amazon EC2 Systems Manager (SSM)\n path.
\nFrom December 04, 2023, you will be required to include the imageId parameter\n for the CreateEnvironmentEC2 action. This change will be reflected across all\n direct methods of communicating with the API, such as Amazon Web Services SDK, Amazon Web Services CLI and Amazon Web Services\n CloudFormation. This change will only affect direct API consumers, and not Cloud9 console\n users.
We recommend using Amazon Linux 2023 as the AMI to create your environment as it is fully\n supported.
\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.
\n\n AMI aliases \n
\nAmazon Linux 2: amazonlinux-2-x86_64\n
Amazon Linux 2023 (recommended): amazonlinux-2023-x86_64\n
Ubuntu 18.04: ubuntu-18.04-x86_64\n
Ubuntu 22.04: ubuntu-22.04-x86_64\n
\n SSM paths\n
\nAmazon Linux 2:\n resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64\n
Amazon Linux 2023 (recommended): resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64\n
Ubuntu 18.04:\n resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64\n
Ubuntu 22.04:\n resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64\n
The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance.\n To choose an AMI for the instance, you must specify a valid AMI alias or a valid Amazon EC2 Systems Manager (SSM)\n path.
\n \nWe recommend using Amazon Linux 2023 as the AMI to create your environment as it is fully\n supported.
\nFrom December 16, 2024, Ubuntu 18.04 will be removed from the list of available\n imageIds for Cloud9. This change is necessary as Ubuntu 18.04 has ended standard\n support on May 31, 2023. This change will only affect direct API consumers, and not Cloud9\n console users.
Since Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose\n Ubuntu 22.04.
\n\n AMI aliases \n
\nAmazon Linux 2: amazonlinux-2-x86_64\n
Amazon Linux 2023 (recommended): amazonlinux-2023-x86_64\n
Ubuntu 18.04: ubuntu-18.04-x86_64\n
Ubuntu 22.04: ubuntu-22.04-x86_64\n
\n SSM paths\n
\nAmazon Linux 2:\n resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64\n
Amazon Linux 2023 (recommended):\n resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64\n
Ubuntu 18.04:\n resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64\n
Ubuntu 22.04:\n resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64\n
Adds an environment member to an Cloud9 development environment.
", + "smithy.api#documentation": "Adds an environment member to an Cloud9 development environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nDeletes an Cloud9 development environment. If an Amazon EC2 instance is connected to the\n environment, also terminates the instance.
", + "smithy.api#documentation": "Deletes an Cloud9 development environment. If an Amazon EC2 instance is connected to the\n environment, also terminates the instance.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nDeletes an environment member from a development environment.
", + "smithy.api#documentation": "Deletes an environment member from a development environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nGets information about environment members for an Cloud9 development environment.
", + "smithy.api#documentation": "Gets information about environment members for an Cloud9 development environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nGets status information for an Cloud9 development environment.
", + "smithy.api#documentation": "Gets status information for an Cloud9 development environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nGets information about Cloud9 development environments.
", + "smithy.api#documentation": "Gets information about Cloud9 development environments.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nGets a list of Cloud9 development environment identifiers.
", + "smithy.api#documentation": "Gets a list of Cloud9 development environment identifiers.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nGets a list of the tags associated with an Cloud9 development environment.
" + "smithy.api#documentation": "Gets a list of the tags associated with an Cloud9 development environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nAdds tags to an Cloud9 development environment.
\nTags that you add to an Cloud9 environment by using this method will NOT be\n automatically propagated to underlying resources.
\nAdds tags to an Cloud9 development environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nTags that you add to an Cloud9 environment by using this method will NOT be\n automatically propagated to underlying resources.
\nRemoves tags from an Cloud9 development environment.
" + "smithy.api#documentation": "Removes tags from an Cloud9 development environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nChanges the settings of an existing Cloud9 development environment.
", + "smithy.api#documentation": "Changes the settings of an existing Cloud9 development environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nChanges the settings of an existing environment member for an Cloud9 development\n environment.
", + "smithy.api#documentation": "Changes the settings of an existing environment member for an Cloud9 development\n environment.
\nCloud9 is no longer available to new customers. Existing customers of \n Cloud9 can continue to use the service as normal. \n Learn more\"\n
\nSpecifies how long, in seconds, CloudFront waits for a response from the origin. This is\n\t\t\talso known as the origin response timeout. The minimum timeout is 1\n\t\t\tsecond, the maximum is 60 seconds, and the default (if you don't specify otherwise) is\n\t\t\t30 seconds.
\nFor more information, see Origin Response Timeout in the\n\t\t\t\tAmazon CloudFront Developer Guide.
" + "smithy.api#documentation": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is\n\t\t\talso known as the origin response timeout. The minimum timeout is 1\n\t\t\tsecond, the maximum is 60 seconds, and the default (if you don't specify otherwise) is\n\t\t\t30 seconds.
\nFor more information, see Response timeout (custom origins only) in the\n\t\t\t\tAmazon CloudFront Developer Guide.
" } }, "OriginKeepaliveTimeout": { "target": "com.amazonaws.cloudfront#integer", "traits": { - "smithy.api#documentation": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The\n\t\t\tminimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't\n\t\t\tspecify otherwise) is 5 seconds.
\nFor more information, see Origin Keep-alive Timeout in the\n\t\t\t\tAmazon CloudFront Developer Guide.
" + "smithy.api#documentation": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The\n\t\t\tminimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't\n\t\t\tspecify otherwise) is 5 seconds.
\nFor more information, see Keep-alive timeout (custom origins only) in the\n\t\t\t\tAmazon CloudFront Developer Guide.
" } } }, @@ -7079,7 +7079,7 @@ "DefaultRootObject": { "target": "com.amazonaws.cloudfront#string", "traits": { - "smithy.api#documentation": "The object that you want CloudFront to request from your origin (for example,\n\t\t\t\tindex.html) when a viewer requests the root URL for your distribution\n\t\t\t\t(https://www.example.com) instead of an object in your distribution\n\t\t\t\t(https://www.example.com/product-description.html). Specifying a\n\t\t\tdefault root object avoids exposing the contents of your distribution.
Specify only the object name, for example, index.html. Don't add a\n\t\t\t\t/ before the object name.
If you don't want to specify a default root object when you create a distribution,\n\t\t\tinclude an empty DefaultRootObject element.
To delete the default root object from an existing distribution, update the\n\t\t\tdistribution configuration and include an empty DefaultRootObject\n\t\t\telement.
To replace the default root object, update the distribution configuration and specify\n\t\t\tthe new object.
\nFor more information about the default root object, see Creating a\n\t\t\t\tDefault Root Object in the Amazon CloudFront Developer Guide.
" + "smithy.api#documentation": "When a viewer requests the root URL for your distribution, the default root object is the\n\t\t\tobject that you want CloudFront to request from your origin. For example, if your root URL is\n\t\t\t\thttps://www.example.com, you can specify CloudFront to return the\n\t\t\t\tindex.html file as the default root object. You can specify a default\n\t\t\troot object so that viewers see a specific file or object, instead of another object in\n\t\t\tyour distribution (for example,\n\t\t\t\thttps://www.example.com/product-description.html). A default root\n\t\t\tobject avoids exposing the contents of your distribution.
You can specify the object name or a path to the object name (for example,\n\t\t\t\tindex.html or exampleFolderName/index.html). Your string\n\t\t\tcan't begin with a forward slash (/). Only specify the object name or the\n\t\t\tpath to the object.
If you don't want to specify a default root object when you create a distribution,\n\t\t\tinclude an empty DefaultRootObject element.
To delete the default root object from an existing distribution, update the\n\t\t\tdistribution configuration and include an empty DefaultRootObject\n\t\t\telement.
To replace the default root object, update the distribution configuration and specify\n\t\t\tthe new object.
\nFor more information about the default root object, see Specify a default root object in the Amazon CloudFront Developer Guide.
" } }, "Origins": { @@ -20477,6 +20477,18 @@ "smithy.api#documentation": "The VPC origin ID.
", "smithy.api#required": {} } + }, + "OriginReadTimeout": { + "target": "com.amazonaws.cloudfront#integer", + "traits": { + "smithy.api#documentation": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is\n\t\t\talso known as the origin response timeout. The minimum timeout is 1\n\t\t\tsecond, the maximum is 60 seconds, and the default (if you don't specify otherwise) is\n\t\t\t30 seconds.
\nFor more information, see Response timeout (custom origins only) in the\n\t\t\tAmazon CloudFront Developer Guide.
" + } + }, + "OriginKeepaliveTimeout": { + "target": "com.amazonaws.cloudfront#integer", + "traits": { + "smithy.api#documentation": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The\n\t\t\tminimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't\n\t\t\tspecify otherwise) is 5 seconds.
\nFor more information, see Keep-alive timeout (custom origins only) in the\n\t\t\tAmazon CloudFront Developer Guide.
" + } } }, "traits": { diff --git a/codegen/sdk/aws-models/cloudhsm-v2.json b/codegen/sdk/aws-models/cloudhsm-v2.json index 18c34751c07..fcfcb58bb69 100644 --- a/codegen/sdk/aws-models/cloudhsm-v2.json +++ b/codegen/sdk/aws-models/cloudhsm-v2.json @@ -1437,6 +1437,12 @@ "smithy.api#documentation": "The type of HSM that the cluster contains.
" } }, + "HsmTypeRollbackExpiration": { + "target": "com.amazonaws.cloudhsmv2#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp until when the cluster can be rolled back to its original HSM type.
" + } + }, "PreCoPassword": { "target": "com.amazonaws.cloudhsmv2#PreCoPassword", "traits": { @@ -1482,7 +1488,7 @@ "NetworkType": { "target": "com.amazonaws.cloudhsmv2#NetworkType", "traits": { - "smithy.api#documentation": "The cluster's NetworkType can be set to either IPV4 (which is the default) or DUALSTACK.\n When set to IPV4, communication between your application and the Hardware Security Modules (HSMs) is restricted to the IPv4 protocol only.\n In contrast, the DUALSTACK network type enables communication over both the IPv4 and IPv6 protocols.\n To use the DUALSTACK option, you'll need to configure your Virtual Private Cloud (VPC) and subnets to support both IPv4 and IPv6. This involves adding IPv6 Classless Inter-Domain Routing (CIDR) blocks to the existing IPv4 CIDR blocks in your subnets.\n The choice between IPV4 and DUALSTACK network types determines the flexibility of the network addressing setup for your cluster. The DUALSTACK option provides more flexibility by allowing both IPv4 and IPv6 communication.
" + "smithy.api#documentation": "The cluster's NetworkType can be IPv4 (the default) or DUALSTACK.\n The IPv4 NetworkType restricts communication between your application and the hardware security modules (HSMs) to the IPv4 protocol only. The DUALSTACK NetworkType enables communication over both IPv4 and IPv6 protocols.\n To use DUALSTACK, configure your virtual private cloud (VPC) and subnets to support both IPv4 and IPv6.\n This configuration involves adding IPv6 Classless Inter-Domain Routing (CIDR) blocks to the existing IPv4 CIDR blocks in your subnets.\n The NetworkType you choose affects the network addressing options for your cluster. DUALSTACK provides more flexibility by supporting both IPv4 and IPv6 communication.
" } }, "Certificates": { @@ -2483,6 +2489,12 @@ "smithy.api#required": {} } }, + "HsmType": { + "target": "com.amazonaws.cloudhsmv2#HsmType", + "traits": { + "smithy.api#documentation": "The type of HSM.
" + } + }, "State": { "target": "com.amazonaws.cloudhsmv2#HsmState", "traits": { @@ -2838,11 +2850,16 @@ "com.amazonaws.cloudhsmv2#ModifyClusterRequest": { "type": "structure", "members": { + "HsmType": { + "target": "com.amazonaws.cloudhsmv2#HsmType", + "traits": { + "smithy.api#documentation": "The desired HSM type of the cluster.
" + } + }, "BackupRetentionPolicy": { "target": "com.amazonaws.cloudhsmv2#BackupRetentionPolicy", "traits": { - "smithy.api#documentation": "A policy that defines how the service retains backups.
", - "smithy.api#required": {} + "smithy.api#documentation": "A policy that defines how the service retains backups.
" } }, "ClusterId": { diff --git a/codegen/sdk/aws-models/codepipeline.json b/codegen/sdk/aws-models/codepipeline.json index 2181eea8e1c..edbae106e55 100644 --- a/codegen/sdk/aws-models/codepipeline.json +++ b/codegen/sdk/aws-models/codepipeline.json @@ -1155,7 +1155,7 @@ "category": { "target": "com.amazonaws.codepipeline#ActionCategory", "traits": { - "smithy.api#documentation": "A category defines what kind of action can be taken in the stage, and constrains\n the provider type for the action. Valid categories are limited to one of the following\n values.
\nSource
\nBuild
\nTest
\nDeploy
\nInvoke
\nApproval
\nA category defines what kind of action can be taken in the stage, and constrains\n the provider type for the action. Valid categories are limited to one of the following\n values.
\nSource
\nBuild
\nTest
\nDeploy
\nInvoke
\nApproval
\nCompute
\nThe condition for the stage. A condition is made up of the rules and the result for\n the condition.
" + "smithy.api#documentation": "The condition for the stage. A condition is made up of the rules and the result for\n the condition. For more information about conditions, see Stage conditions.\n For more information about rules, see the CodePipeline rule\n reference.
" } }, "com.amazonaws.codepipeline#ConditionExecution": { @@ -4024,7 +4024,7 @@ "category": { "target": "com.amazonaws.codepipeline#ActionCategory", "traits": { - "smithy.api#documentation": "Defines what kind of action can be taken in the stage. The following are the valid\n values:
\n\n Source\n
\n Build\n
\n Test\n
\n Deploy\n
\n Approval\n
\n Invoke\n
Defines what kind of action can be taken in the stage. The following are the valid\n values:
\n\n Source\n
\n Build\n
\n Test\n
\n Deploy\n
\n Approval\n
\n Invoke\n
\n Compute\n
Lists the rules for the condition.
" + "smithy.api#documentation": "Lists the rules for the condition. For more information about conditions, see Stage\n conditions. For more information about rules, see the CodePipeline rule reference.
" } }, "com.amazonaws.codepipeline#ListRuleTypesInput": { @@ -8057,7 +8057,7 @@ "name": { "target": "com.amazonaws.codepipeline#RuleName", "traits": { - "smithy.api#documentation": "The name of the rule that is created for the condition, such as\n CheckAllResults.
", + "smithy.api#documentation": "The name of the rule that is created for the condition, such as\n VariableCheck.
The action configuration fields for the rule.
" } }, + "commands": { + "target": "com.amazonaws.codepipeline#CommandList", + "traits": { + "smithy.api#documentation": "The shell commands to run with your commands rule in CodePipeline. All commands\n are supported except multi-line formats. While CodeBuild logs and permissions\n are used, you do not need to create any resources in CodeBuild.
\nUsing compute time for this action will incur separate charges in CodeBuild.
\nRepresents information about the rule to be created for an associated condition. An\n example would be creating a new rule for an entry condition, such as a rule that checks\n for a test result before allowing the run to enter the deployment stage.
" + "smithy.api#documentation": "Represents information about the rule to be created for an associated condition. An\n example would be creating a new rule for an entry condition, such as a rule that checks\n for a test result before allowing the run to enter the deployment stage. For more\n information about conditions, see Stage conditions.\n For more information about rules, see the CodePipeline rule\n reference.
" } }, "com.amazonaws.codepipeline#RuleDeclarationList": { diff --git a/codegen/sdk/aws-models/connect.json b/codegen/sdk/aws-models/connect.json index b7d3ffc65e4..0dd364d082b 100644 --- a/codegen/sdk/aws-models/connect.json +++ b/codegen/sdk/aws-models/connect.json @@ -1630,6 +1630,9 @@ { "target": "com.amazonaws.connect#UpdateInstanceStorageConfig" }, + { + "target": "com.amazonaws.connect#UpdateParticipantAuthentication" + }, { "target": "com.amazonaws.connect#UpdateParticipantRoleConfig" }, @@ -4127,6 +4130,12 @@ "smithy.api#documentation": "The proficiency level of the condition.
" } }, + "Range": { + "target": "com.amazonaws.connect#Range", + "traits": { + "smithy.api#documentation": "An Object to define the minimum and maximum proficiency levels.
" + } + }, "MatchCriteria": { "target": "com.amazonaws.connect#MatchCriteria", "traits": { @@ -4224,6 +4233,28 @@ "smithy.api#default": 0 } }, + "com.amazonaws.connect#AuthenticationError": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + }, + "smithy.api#pattern": "^[\\x20-\\x21\\x23-\\x5B\\x5D-\\x7E]*$", + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.connect#AuthenticationErrorDescription": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + }, + "smithy.api#pattern": "^[\\x20-\\x21\\x23-\\x5B\\x5D-\\x7E]*$", + "smithy.api#sensitive": {} + } + }, "com.amazonaws.connect#AuthenticationProfile": { "type": "structure", "members": { @@ -4383,6 +4414,16 @@ "target": "com.amazonaws.connect#AuthenticationProfileSummary" } }, + "com.amazonaws.connect#AuthorizationCode": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + }, + "smithy.api#sensitive": {} + } + }, "com.amazonaws.connect#AutoAccept": { "type": "boolean", "traits": { @@ -5656,6 +5697,12 @@ "smithy.api#documentation": "Information about Amazon Connect Wisdom.
" } }, + "CustomerId": { + "target": "com.amazonaws.connect#CustomerId", + "traits": { + "smithy.api#documentation": "The customer's identification number. For example, the CustomerId may be a\n customer number from your CRM. You can create a Lambda function to pull the unique customer ID of\n the caller from your CRM system. If you enable Amazon Connect Voice ID capability, this\n attribute is populated with the CustomerSpeakerId of the caller.
Creates registration for a device token and a chat contact to receive real-time push\n notifications. For more information about push notifications, see Set up push\n notifications in Amazon Connect for mobile chat in the Amazon Connect\n Administrator Guide.
", + "smithy.api#documentation": "Creates registration for a device token and a chat contact to receive real-time push\n notifications. For more information about push notifications, see Set up push\n notifications in Amazon Connect for mobile chat in the Amazon Connect\n Administrator Guide.
", "smithy.api#http": { "method": "PUT", "uri": "/push-notification/{InstanceId}/registrations", @@ -10489,6 +10536,25 @@ "smithy.api#documentation": "Information about the Customer on the contact.
" } }, + "com.amazonaws.connect#CustomerId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 128 + } + } + }, + "com.amazonaws.connect#CustomerIdNonEmpty": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + }, + "smithy.api#sensitive": {} + } + }, "com.amazonaws.connect#CustomerProfileAttributesSerialized": { "type": "string" }, @@ -10594,7 +10660,7 @@ "ComparisonType": { "target": "com.amazonaws.connect#DateComparisonType", "traits": { - "smithy.api#documentation": "An object to specify the hours of operation override date condition\n comparisonType.
An object to specify the hours of operation override date condition\n comparisonType.
List of routing expressions which will be OR-ed together.
" } + }, + "NotAttributeCondition": { + "target": "com.amazonaws.connect#AttributeCondition" } }, "traits": { @@ -20957,6 +21026,12 @@ "traits": { "smithy.api#enumValue": "ENHANCED_CHAT_MONITORING" } + }, + "MULTI_PARTY_CHAT_CONFERENCE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MULTI_PARTY_CHAT_CONFERENCE" + } } } }, @@ -21439,6 +21514,12 @@ "traits": { "smithy.api#enumValue": "CALL_TRANSFER_CONNECTOR" } + }, + "COGNITO_USER_POOL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "COGNITO_USER_POOL" + } } } }, @@ -22331,7 +22412,7 @@ } ], "traits": { - "smithy.api#documentation": "This API is in preview release for Amazon Connect and is subject to change.
\nFor the specified version of Amazon Lex, returns a paginated list of all the Amazon Lex bots currently associated with the instance. Use this API to returns both Amazon Lex V1 and V2 bots.
", + "smithy.api#documentation": "This API is in preview release for Amazon Connect and is subject to change.
\nFor the specified version of Amazon Lex, returns a paginated list of all the Amazon Lex bots currently associated with the instance. Use this API to return both Amazon Lex V1 and V2 bots.
", "smithy.api#http": { "method": "GET", "uri": "/instance/{InstanceId}/bots", @@ -31069,6 +31150,26 @@ } } }, + "com.amazonaws.connect#Range": { + "type": "structure", + "members": { + "MinProficiencyLevel": { + "target": "com.amazonaws.connect#NullableProficiencyLevel", + "traits": { + "smithy.api#documentation": "The minimum proficiency level of the range.
" + } + }, + "MaxProficiencyLevel": { + "target": "com.amazonaws.connect#NullableProficiencyLevel", + "traits": { + "smithy.api#documentation": "The maximum proficiency level of the range.
" + } + } + }, + "traits": { + "smithy.api#documentation": "An Object to define the minimum and maximum proficiency levels.
" + } + }, "com.amazonaws.connect#ReadOnlyFieldInfo": { "type": "structure", "members": { @@ -36808,7 +36909,7 @@ "UploadUrlMetadata": { "target": "com.amazonaws.connect#UploadUrlMetadata", "traits": { - "smithy.api#documentation": "Information to be used while uploading the attached file.
" + "smithy.api#documentation": "The headers to be provided while uploading the file to the URL.
" } } }, @@ -36923,6 +37024,12 @@ "traits": { "smithy.api#documentation": "A set of system defined key-value pairs stored on individual contact segments using an\n attribute map. The attributes are standard Amazon Connect attributes. They can be accessed in\n flows.
\nAttribute keys can include only alphanumeric, -, and _.
\nThis field can be used to show channel subtype, such as connect:Guide.
The types application/vnd.amazonaws.connect.message.interactive and\n application/vnd.amazonaws.connect.message.interactive.response must be present in\n the SupportedMessagingContentTypes field of this API in order to set\n SegmentAttributes as { \"connect:Subtype\": {\"valueString\" : \"connect:Guide\"\n }}.
The customer's identification number. For example, the CustomerId may be a\n customer number from your CRM.
Instructs Amazon Connect to resume the authentication process. The subsequent actions\n depend on the request body contents:
\n\n If a code is provided: Connect retrieves the identity\n information from Amazon Cognito and imports it into Connect Customer Profiles.
\n\n If an error is provided: The error branch of the\n Authenticate Customer block is executed.
\nThe API returns a success response to acknowledge the request. However, the interaction and\n exchange of identity information occur asynchronously after the response is returned.
\nThe state query parameter that was provided by Cognito in the\n redirectUri. This will also match the state parameter provided in the\n AuthenticationUrl from the GetAuthenticationUrl\n response.
The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.
", + "smithy.api#required": {} + } + }, + "Code": { + "target": "com.amazonaws.connect#AuthorizationCode", + "traits": { + "smithy.api#documentation": "The code query parameter provided by Cognito in the\n redirectUri.
The error query parameter provided by Cognito in the\n redirectUri.
The error_description parameter provided by Cognito in the\n redirectUri.
Identifies which IVR track is being recorded.
" + "smithy.api#documentation": "Identifies which IVR track is being recorded.
\nOne and only one of the track configurations should be presented in the request.
" } } }, diff --git a/codegen/sdk/aws-models/connectparticipant.json b/codegen/sdk/aws-models/connectparticipant.json index 2992b78527b..809c6b5ce86 100644 --- a/codegen/sdk/aws-models/connectparticipant.json +++ b/codegen/sdk/aws-models/connectparticipant.json @@ -52,6 +52,9 @@ "type": "service", "version": "2018-09-07", "operations": [ + { + "target": "com.amazonaws.connectparticipant#CancelParticipantAuthentication" + }, { "target": "com.amazonaws.connectparticipant#CompleteAttachmentUpload" }, @@ -67,6 +70,9 @@ { "target": "com.amazonaws.connectparticipant#GetAttachment" }, + { + "target": "com.amazonaws.connectparticipant#GetAuthenticationUrl" + }, { "target": "com.amazonaws.connectparticipant#GetTranscript" }, @@ -92,7 +98,7 @@ "name": "execute-api" }, "aws.protocols#restJson1": {}, - "smithy.api#documentation": "Amazon Connect is an easy-to-use omnichannel cloud contact center service that\n enables companies of any size to deliver superior customer service at a lower cost.\n Amazon Connect communications capabilities make it easy for companies to deliver\n personalized interactions across communication channels, including chat.
\nUse the Amazon Connect Participant Service to manage participants (for example,\n agents, customers, and managers listening in), and to send messages and events within a\n chat contact. The APIs in the service enable the following: sending chat messages,\n attachment sharing, managing a participant's connection state and message events, and\n retrieving chat transcripts.
", + "smithy.api#documentation": "Amazon Connect is an easy-to-use omnichannel cloud contact center service that\n enables companies of any size to deliver superior customer service at a lower cost.\n Amazon Connect communications capabilities make it easy for companies to deliver\n personalized interactions across communication channels, including chat.
\nUse the Amazon Connect Participant Service to manage participants (for example,\n agents, customers, and managers listening in), and to send messages and events within a\n chat contact. The APIs in the service enable the following: sending chat messages,\n attachment sharing, managing a participant's connection state and message events, and\n retrieving chat transcripts.
", "smithy.api#title": "Amazon Connect Participant Service", "smithy.rules#endpointRuleSet": { "version": "1.0", @@ -875,9 +881,79 @@ "target": "com.amazonaws.connectparticipant#AttachmentItem" } }, + "com.amazonaws.connectparticipant#AuthenticationUrl": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2083 + } + } + }, "com.amazonaws.connectparticipant#Bool": { "type": "boolean" }, + "com.amazonaws.connectparticipant#CancelParticipantAuthentication": { + "type": "operation", + "input": { + "target": "com.amazonaws.connectparticipant#CancelParticipantAuthenticationRequest" + }, + "output": { + "target": "com.amazonaws.connectparticipant#CancelParticipantAuthenticationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.connectparticipant#AccessDeniedException" + }, + { + "target": "com.amazonaws.connectparticipant#InternalServerException" + }, + { + "target": "com.amazonaws.connectparticipant#ThrottlingException" + }, + { + "target": "com.amazonaws.connectparticipant#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Cancels the authentication session. The opted out branch of the Authenticate Customer\n flow block will be taken.
\nThe current supported channel is chat. This API is not supported for Apple\n Messages for Business, WhatsApp, or SMS chats.
\nThe sessionId provided in the authenticationInitiated\n event.
The authentication token associated with the participant's connection.
", + "smithy.api#httpHeader": "X-Amz-Bearer", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.connectparticipant#CancelParticipantAuthenticationResponse": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.connectparticipant#ChatContent": { "type": "string", "traits": { @@ -1020,7 +1096,7 @@ } ], "traits": { - "smithy.api#documentation": "Allows you to confirm that the attachment has been uploaded using the pre-signed URL\n provided in StartAttachmentUpload API. A conflict exception is thrown when an attachment\n with that identifier is already being uploaded.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", + "smithy.api#documentation": "Allows you to confirm that the attachment has been uploaded using the pre-signed URL\n provided in StartAttachmentUpload API. A conflict exception is thrown when an attachment\n with that identifier is already being uploaded.
\nFor security recommendations, see Amazon Connect Chat security best practices.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", "smithy.api#http": { "method": "POST", "uri": "/participant/complete-attachment-upload", @@ -1077,7 +1153,7 @@ } }, "traits": { - "smithy.api#documentation": "The requested operation conflicts with the current state of a service\n resource associated with the request.
", + "smithy.api#documentation": "The requested operation conflicts with the current state of a service resource\n associated with the request.
", "smithy.api#error": "client", "smithy.api#httpError": 409 } @@ -1171,7 +1247,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates the participant's connection.
\n\n ParticipantToken is used for invoking this API instead of\n ConnectionToken.
The participant token is valid for the lifetime of the participant – until they are\n part of a contact.
\nThe response URL for WEBSOCKET Type has a connect expiry timeout of 100s.\n Clients must manually connect to the returned websocket URL and subscribe to the desired\n topic.
For chat, you need to publish the following on the established websocket\n connection:
\n\n {\"topic\":\"aws/subscribe\",\"content\":{\"topics\":[\"aws/chat\"]}}\n
Upon websocket URL expiry, as specified in the response ConnectionExpiry parameter,\n clients need to call this API again to obtain a new websocket URL and perform the same\n steps as before.
\n\n Message streaming support: This API can also be used\n together with the StartContactStreaming API to create a participant connection for chat\n contacts that are not using a websocket. For more information about message streaming,\n Enable real-time chat\n message streaming in the Amazon Connect Administrator\n Guide.
\n\n Feature specifications: For information about feature\n specifications, such as the allowed number of open websocket connections per\n participant, see Feature specifications in the Amazon Connect Administrator\n Guide.
\nThe Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
\nCreates the participant's connection.
\nFor security recommendations, see Amazon Connect Chat security best practices.
\n\n ParticipantToken is used for invoking this API instead of\n ConnectionToken.
The participant token is valid for the lifetime of the participant – until they are\n part of a contact.
\nThe response URL for WEBSOCKET Type has a connect expiry timeout of 100s.\n Clients must manually connect to the returned websocket URL and subscribe to the desired\n topic.
For chat, you need to publish the following on the established websocket\n connection:
\n\n {\"topic\":\"aws/subscribe\",\"content\":{\"topics\":[\"aws/chat\"]}}\n
Upon websocket URL expiry, as specified in the response ConnectionExpiry parameter,\n clients need to call this API again to obtain a new websocket URL and perform the same\n steps as before.
\n\n Message streaming support: This API can also be used\n together with the StartContactStreaming API to create a participant connection for chat\n contacts that are not using a websocket. For more information about message streaming,\n Enable real-time chat\n message streaming in the Amazon Connect Administrator\n Guide.
\n\n Feature specifications: For information about feature\n specifications, such as the allowed number of open websocket connections per\n participant, see Feature specifications in the Amazon Connect Administrator\n Guide.
\nThe Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
\nRetrieves the view for the specified view token.
", + "smithy.api#documentation": "Retrieves the view for the specified view token.
\nFor security recommendations, see Amazon Connect Chat security best practices.
", "smithy.api#http": { "method": "GET", "uri": "/participant/views/{ViewToken}", @@ -1322,7 +1398,7 @@ } ], "traits": { - "smithy.api#documentation": "Disconnects a participant.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", + "smithy.api#documentation": "Disconnects a participant.
\nFor security recommendations, see Amazon Connect Chat security best practices.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", "smithy.api#http": { "method": "POST", "uri": "/participant/disconnect", @@ -1392,7 +1468,7 @@ } ], "traits": { - "smithy.api#documentation": "Provides a pre-signed URL for download of a completed attachment. This is an\n asynchronous API for use with active contacts.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", + "smithy.api#documentation": "Provides a pre-signed URL for download of a completed attachment. This is an\n asynchronous API for use with active contacts.
\nFor security recommendations, see Amazon Connect Chat security best practices.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", "smithy.api#http": { "method": "POST", "uri": "/participant/attachment", @@ -1417,6 +1493,12 @@ "smithy.api#httpHeader": "X-Amz-Bearer", "smithy.api#required": {} } + }, + "UrlExpiryInSeconds": { + "target": "com.amazonaws.connectparticipant#URLExpiryInSeconds", + "traits": { + "smithy.api#documentation": "The expiration time of the URL in ISO timestamp. It's specified in ISO 8601 format:\n yyyy-MM-ddThh:mm:ss.SSSZ. For example, 2019-11-08T02:41:28.172Z.
" + } } }, "traits": { @@ -1437,6 +1519,89 @@ "traits": { "smithy.api#documentation": "The expiration time of the URL in ISO timestamp. It's specified in ISO 8601 format: yyyy-MM-ddThh:mm:ss.SSSZ. For example, 2019-11-08T02:41:28.172Z.
" } + }, + "AttachmentSizeInBytes": { + "target": "com.amazonaws.connectparticipant#AttachmentSizeInBytes", + "traits": { + "smithy.api#default": null, + "smithy.api#documentation": "The size of the attachment in bytes.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.connectparticipant#GetAuthenticationUrl": { + "type": "operation", + "input": { + "target": "com.amazonaws.connectparticipant#GetAuthenticationUrlRequest" + }, + "output": { + "target": "com.amazonaws.connectparticipant#GetAuthenticationUrlResponse" + }, + "errors": [ + { + "target": "com.amazonaws.connectparticipant#AccessDeniedException" + }, + { + "target": "com.amazonaws.connectparticipant#InternalServerException" + }, + { + "target": "com.amazonaws.connectparticipant#ThrottlingException" + }, + { + "target": "com.amazonaws.connectparticipant#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves the AuthenticationUrl for the current authentication session for the\n AuthenticateCustomer flow block.
\nFor security recommendations, see Amazon Connect Chat security best practices.
\nThis API can only be called within one minute of receiving the\n authenticationInitiated event.
\nThe current supported channel is chat. This API is not supported for Apple\n Messages for Business, WhatsApp, or SMS chats.
\nThe sessionId provided in the authenticationInitiated event.
", + "smithy.api#required": {} + } + }, + "RedirectUri": { + "target": "com.amazonaws.connectparticipant#RedirectURI", + "traits": { + "smithy.api#documentation": "The URL where the customer will be redirected after Amazon Cognito authorizes the\n user.
", + "smithy.api#required": {} + } + }, + "ConnectionToken": { + "target": "com.amazonaws.connectparticipant#ParticipantToken", + "traits": { + "smithy.api#documentation": "The authentication token associated with the participant's connection.
", + "smithy.api#httpHeader": "X-Amz-Bearer", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.connectparticipant#GetAuthenticationUrlResponse": { + "type": "structure", + "members": { + "AuthenticationUrl": { + "target": "com.amazonaws.connectparticipant#AuthenticationUrl", + "traits": { + "smithy.api#documentation": "The URL where the customer will sign in to the identity provider. This URL contains\n the authorize endpoint for the Cognito UserPool used in the authentication.
" + } } }, "traits": { @@ -1466,7 +1631,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves a transcript of the session, including details about any attachments. For\n information about accessing past chat contact transcripts for a persistent chat, see\n Enable persistent chat.
\nIf you have a process that consumes events in the transcript of an chat that has ended, note that chat\n transcripts contain the following event content types if the event has occurred\n during the chat session:
\n\n application/vnd.amazonaws.connect.event.participant.left\n
\n application/vnd.amazonaws.connect.event.participant.joined\n
\n application/vnd.amazonaws.connect.event.chat.ended\n
\n application/vnd.amazonaws.connect.event.transfer.succeeded\n
\n application/vnd.amazonaws.connect.event.transfer.failed\n
\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", + "smithy.api#documentation": "Retrieves a transcript of the session, including details about any attachments. For\n information about accessing past chat contact transcripts for a persistent chat, see\n Enable persistent chat.
\nFor security recommendations, see Amazon Connect Chat security best practices.
\nIf you have a process that consumes events in the transcript of an chat that has\n ended, note that chat transcripts contain the following event content types if the event\n has occurred during the chat session:
\n\n application/vnd.amazonaws.connect.event.participant.left\n
\n application/vnd.amazonaws.connect.event.participant.joined\n
\n application/vnd.amazonaws.connect.event.chat.ended\n
\n application/vnd.amazonaws.connect.event.transfer.succeeded\n
\n application/vnd.amazonaws.connect.event.transfer.failed\n
\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", "smithy.api#http": { "method": "POST", "uri": "/participant/transcript", @@ -1839,6 +2004,15 @@ "target": "com.amazonaws.connectparticipant#Receipt" } }, + "com.amazonaws.connectparticipant#RedirectURI": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1024 + } + } + }, "com.amazonaws.connectparticipant#ResourceId": { "type": "string" }, @@ -1963,7 +2137,7 @@ } ], "traits": { - "smithy.api#documentation": "The application/vnd.amazonaws.connect.event.connection.acknowledged\n ContentType will no longer be supported starting December 31, 2024. This event has\n been migrated to the CreateParticipantConnection API using the\n ConnectParticipant field.
Sends an event. Message receipts are not supported when there are more than two active\n participants in the chat. Using the SendEvent API for message receipts when a supervisor\n is barged-in will result in a conflict exception.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", + "smithy.api#documentation": "The application/vnd.amazonaws.connect.event.connection.acknowledged\n ContentType will no longer be supported starting December 31, 2024. This event has\n been migrated to the CreateParticipantConnection API using the\n ConnectParticipant field.
Sends an event. Message receipts are not supported when there are more than two active\n participants in the chat. Using the SendEvent API for message receipts when a supervisor\n is barged-in will result in a conflict exception.
\nFor security recommendations, see Amazon Connect Chat security best practices.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", "smithy.api#http": { "method": "POST", "uri": "/participant/event", @@ -2050,7 +2224,7 @@ } ], "traits": { - "smithy.api#documentation": "Sends a message.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", + "smithy.api#documentation": "Sends a message.
\nFor security recommendations, see Amazon Connect Chat security best practices.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", "smithy.api#http": { "method": "POST", "uri": "/participant/message", @@ -2131,6 +2305,15 @@ "smithy.api#httpError": 402 } }, + "com.amazonaws.connectparticipant#SessionId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 36, + "max": 36 + } + } + }, "com.amazonaws.connectparticipant#SortKey": { "type": "enum", "members": { @@ -2174,7 +2357,7 @@ } ], "traits": { - "smithy.api#documentation": "Provides a pre-signed Amazon S3 URL in response for uploading the file directly to\n S3.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", + "smithy.api#documentation": "Provides a pre-signed Amazon S3 URL in response for uploading the file directly to\n S3.
\nFor security recommendations, see Amazon Connect Chat security best practices.
\n\n ConnectionToken is used for invoking this API instead of\n ParticipantToken.
The Amazon Connect Participant Service APIs do not use Signature Version 4\n authentication.
", "smithy.api#http": { "method": "POST", "uri": "/participant/start-attachment-upload", @@ -2240,7 +2423,7 @@ "UploadMetadata": { "target": "com.amazonaws.connectparticipant#UploadMetadata", "traits": { - "smithy.api#documentation": "Fields to be used while uploading the attachment.
" + "smithy.api#documentation": "The headers to be provided while uploading the file to the URL.
" } } }, @@ -2297,6 +2480,15 @@ "target": "com.amazonaws.connectparticipant#Item" } }, + "com.amazonaws.connectparticipant#URLExpiryInSeconds": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 5, + "max": 300 + } + } + }, "com.amazonaws.connectparticipant#UploadMetadata": { "type": "structure", "members": { diff --git a/codegen/sdk/aws-models/cost-explorer.json b/codegen/sdk/aws-models/cost-explorer.json index f85925cd1f0..952662ae118 100644 --- a/codegen/sdk/aws-models/cost-explorer.json +++ b/codegen/sdk/aws-models/cost-explorer.json @@ -1529,6 +1529,16 @@ "smithy.api#error": "client" } }, + "com.amazonaws.costexplorer#BillingViewArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 20, + "max": 2048 + }, + "smithy.api#pattern": "^arn:aws[a-z-]*:(billing)::[0-9]{12}:billingview/[-a-zA-Z0-9/:_+=.-@]{1,43}$" + } + }, "com.amazonaws.costexplorer#CommitmentPurchaseAnalysisConfiguration": { "type": "structure", "members": { @@ -4288,6 +4298,9 @@ }, { "target": "com.amazonaws.costexplorer#RequestChangedException" + }, + { + "target": "com.amazonaws.costexplorer#ResourceNotFoundException" } ], "traits": { @@ -4330,6 +4343,12 @@ "smithy.api#documentation": "You can group Amazon Web Services costs using up to two different groups, either\n dimensions, tag keys, cost categories, or any two group by types.
\nValid values for the DIMENSION type are AZ,\n INSTANCE_TYPE, LEGAL_ENTITY_NAME, INVOICING_ENTITY,\n LINKED_ACCOUNT, OPERATION, PLATFORM,\n PURCHASE_TYPE, SERVICE, TENANCY,\n RECORD_TYPE, and USAGE_TYPE.
When you group by the TAG type and include a valid tag key, you get all\n tag values, including empty strings.
The Amazon Resource Name (ARN) that uniquely identifies a specific billing view. The ARN\n is used to specify which particular billing view you want to interact with or retrieve\n information from when making API calls related to Amazon Web Services Billing and Cost\n Management features. The BillingViewArn can be retrieved by calling the ListBillingViews\n API.
" + } + }, "NextPageToken": { "target": "com.amazonaws.costexplorer#NextPageToken", "traits": { @@ -4396,6 +4415,9 @@ }, { "target": "com.amazonaws.costexplorer#RequestChangedException" + }, + { + "target": "com.amazonaws.costexplorer#ResourceNotFoundException" } ], "traits": { @@ -4438,6 +4460,12 @@ "smithy.api#documentation": "You can group Amazon Web Services costs using up to two different groups:\n DIMENSION, TAG, COST_CATEGORY.
The Amazon Resource Name (ARN) that uniquely identifies a specific billing view. The ARN\n is used to specify which particular billing view you want to interact with or retrieve\n information from when making API calls related to Amazon Web Services Billing and Cost\n Management features. The BillingViewArn can be retrieved by calling the ListBillingViews\n API.
" + } + }, "NextPageToken": { "target": "com.amazonaws.costexplorer#NextPageToken", "traits": { @@ -4504,6 +4532,9 @@ }, { "target": "com.amazonaws.costexplorer#RequestChangedException" + }, + { + "target": "com.amazonaws.costexplorer#ResourceNotFoundException" } ], "traits": { @@ -4537,6 +4568,12 @@ "smithy.api#documentation": "The value that you sort the data by.
\nThe key represents the cost and usage metrics. The following values are supported:
\n\n BlendedCost\n
\n UnblendedCost\n
\n AmortizedCost\n
\n NetAmortizedCost\n
\n NetUnblendedCost\n
\n UsageQuantity\n
\n NormalizedUsageAmount\n
The supported key values for the SortOrder value are ASCENDING\n and DESCENDING.
When you use the SortBy value, the NextPageToken and\n SearchString key values aren't supported.
The Amazon Resource Name (ARN) that uniquely identifies a specific billing view. The ARN\n is used to specify which particular billing view you want to interact with or retrieve\n information from when making API calls related to Amazon Web Services Billing and Cost\n Management features. The BillingViewArn can be retrieved by calling the ListBillingViews\n API.
" + } + }, "MaxResults": { "target": "com.amazonaws.costexplorer#MaxResults", "traits": { @@ -4608,6 +4645,9 @@ }, { "target": "com.amazonaws.costexplorer#LimitExceededException" + }, + { + "target": "com.amazonaws.costexplorer#ResourceNotFoundException" } ], "traits": { @@ -4644,6 +4684,12 @@ "smithy.api#documentation": "The filters that you want to use to filter your forecast. The\n GetCostForecast API supports filtering by the following dimensions:
\n AZ\n
\n INSTANCE_TYPE\n
\n LINKED_ACCOUNT\n
\n LINKED_ACCOUNT_NAME\n
\n OPERATION\n
\n PURCHASE_TYPE\n
\n REGION\n
\n SERVICE\n
\n USAGE_TYPE\n
\n USAGE_TYPE_GROUP\n
\n RECORD_TYPE\n
\n OPERATING_SYSTEM\n
\n TENANCY\n
\n SCOPE\n
\n PLATFORM\n
\n SUBSCRIPTION_ID\n
\n LEGAL_ENTITY_NAME\n
\n DEPLOYMENT_OPTION\n
\n DATABASE_ENGINE\n
\n INSTANCE_TYPE_FAMILY\n
\n BILLING_ENTITY\n
\n RESERVATION_ID\n
\n SAVINGS_PLAN_ARN\n
The Amazon Resource Name (ARN) that uniquely identifies a specific billing view. The ARN\n is used to specify which particular billing view you want to interact with or retrieve\n information from when making API calls related to Amazon Web Services Billing and Cost\n Management features. The BillingViewArn can be retrieved by calling the ListBillingViews\n API.
" + } + }, "PredictionIntervalLevel": { "target": "com.amazonaws.costexplorer#PredictionIntervalLevel", "traits": { @@ -4698,6 +4744,9 @@ }, { "target": "com.amazonaws.costexplorer#RequestChangedException" + }, + { + "target": "com.amazonaws.costexplorer#ResourceNotFoundException" } ], "traits": { @@ -4742,6 +4791,12 @@ "smithy.api#documentation": "The value that you want to sort the data by.
\nThe key represents cost and usage metrics. The following values are supported:
\n\n BlendedCost\n
\n UnblendedCost\n
\n AmortizedCost\n
\n NetAmortizedCost\n
\n NetUnblendedCost\n
\n UsageQuantity\n
\n NormalizedUsageAmount\n
The supported values for the SortOrder key are ASCENDING or\n DESCENDING.
When you specify a SortBy paramater, the context must be\n COST_AND_USAGE. Further, when using SortBy,\n NextPageToken and SearchString aren't supported.
The Amazon Resource Name (ARN) that uniquely identifies a specific billing view. The ARN\n is used to specify which particular billing view you want to interact with or retrieve\n information from when making API calls related to Amazon Web Services Billing and Cost\n Management features. The BillingViewArn can be retrieved by calling the ListBillingViews\n API.
" + } + }, "MaxResults": { "target": "com.amazonaws.costexplorer#MaxResults", "traits": { @@ -5685,6 +5740,9 @@ }, { "target": "com.amazonaws.costexplorer#RequestChangedException" + }, + { + "target": "com.amazonaws.costexplorer#ResourceNotFoundException" } ], "traits": { @@ -5722,6 +5780,12 @@ "smithy.api#documentation": "The value that you want to sort the data by.
\nThe key represents cost and usage metrics. The following values are supported:
\n\n BlendedCost\n
\n UnblendedCost\n
\n AmortizedCost\n
\n NetAmortizedCost\n
\n NetUnblendedCost\n
\n UsageQuantity\n
\n NormalizedUsageAmount\n
The supported values for SortOrder are ASCENDING and\n DESCENDING.
When you use SortBy, NextPageToken and SearchString\n aren't supported.
The Amazon Resource Name (ARN) that uniquely identifies a specific billing view. The ARN\n is used to specify which particular billing view you want to interact with or retrieve\n information from when making API calls related to Amazon Web Services Billing and Cost\n Management features. The BillingViewArn can be retrieved by calling the ListBillingViews\n API.
" + } + }, "MaxResults": { "target": "com.amazonaws.costexplorer#MaxResults", "traits": { @@ -5789,6 +5853,9 @@ { "target": "com.amazonaws.costexplorer#LimitExceededException" }, + { + "target": "com.amazonaws.costexplorer#ResourceNotFoundException" + }, { "target": "com.amazonaws.costexplorer#UnresolvableUsageUnitException" } @@ -5827,6 +5894,12 @@ "smithy.api#documentation": "The filters that you want to use to filter your forecast. The\n GetUsageForecast API supports filtering by the following dimensions:
\n AZ\n
\n INSTANCE_TYPE\n
\n LINKED_ACCOUNT\n
\n LINKED_ACCOUNT_NAME\n
\n OPERATION\n
\n PURCHASE_TYPE\n
\n REGION\n
\n SERVICE\n
\n USAGE_TYPE\n
\n USAGE_TYPE_GROUP\n
\n RECORD_TYPE\n
\n OPERATING_SYSTEM\n
\n TENANCY\n
\n SCOPE\n
\n PLATFORM\n
\n SUBSCRIPTION_ID\n
\n LEGAL_ENTITY_NAME\n
\n DEPLOYMENT_OPTION\n
\n DATABASE_ENGINE\n
\n INSTANCE_TYPE_FAMILY\n
\n BILLING_ENTITY\n
\n RESERVATION_ID\n
\n SAVINGS_PLAN_ARN\n
The Amazon Resource Name (ARN) that uniquely identifies a specific billing view. The ARN\n is used to specify which particular billing view you want to interact with or retrieve\n information from when making API calls related to Amazon Web Services Billing and Cost\n Management features. The BillingViewArn can be retrieved by calling the ListBillingViews\n API.
" + } + }, "PredictionIntervalLevel": { "target": "com.amazonaws.costexplorer#PredictionIntervalLevel", "traits": { diff --git a/codegen/sdk/aws-models/datasync.json b/codegen/sdk/aws-models/datasync.json index 4f914e33372..a789c126283 100644 --- a/codegen/sdk/aws-models/datasync.json +++ b/codegen/sdk/aws-models/datasync.json @@ -626,7 +626,7 @@ "Subdirectory": { "target": "com.amazonaws.datasync#EfsSubdirectory", "traits": { - "smithy.api#documentation": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data (depending on if this is a source or destination location)\n on your file system.
\nBy default, DataSync uses the root directory (or access point if you provide one by using\n AccessPointArn). You can also include subdirectories using forward slashes (for\n example, /path/to/folder).
Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).
\nBy default, DataSync uses the root directory (or access point if you provide one by using\n AccessPointArn). You can also include subdirectories using forward slashes (for\n example, /path/to/folder).
The Amazon Resource Name (ARN) for the FSx for Lustre file system.
", + "smithy.api#documentation": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre file system.
", "smithy.api#required": {} } }, "SecurityGroupArns": { "target": "com.amazonaws.datasync#Ec2SecurityGroupArnList", "traits": { - "smithy.api#documentation": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the\n FSx for Lustre file system.
", + "smithy.api#documentation": "Specifies the Amazon Resource Names (ARNs) of up to five security groups that provide access to your\n FSx for Lustre file system.
\nThe security groups must be able to access the file system's ports. The file system must\n also allow access from the security groups. For information about file system access, see the\n \n Amazon FSx for Lustre User Guide\n .
", "smithy.api#required": {} } }, "Subdirectory": { "target": "com.amazonaws.datasync#FsxLustreSubdirectory", "traits": { - "smithy.api#documentation": "A subdirectory in the location's path. This subdirectory in the FSx for Lustre\n file system is used to read data from the FSx for Lustre source location or write\n data to the FSx for Lustre destination.
" + "smithy.api#documentation": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.
\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory (/).
The key-value pair that represents a tag that you want to add to the resource. The value\n can be an empty string. This value helps you manage, filter, and search for your resources. We\n recommend that you create a name tag for your location.
" + "smithy.api#documentation": "Specifies labels that help you categorize, filter, and search for your Amazon Web Services resources. We recommend creating at least a name tag for your location.
" } } }, @@ -748,7 +748,7 @@ "LocationArn": { "target": "com.amazonaws.datasync#LocationArn", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of the FSx for Lustre file system location that's\n created.
" + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the FSx for Lustre file system location that\n you created.
" } } }, @@ -802,7 +802,7 @@ "Subdirectory": { "target": "com.amazonaws.datasync#FsxOntapSubdirectory", "traits": { - "smithy.api#documentation": "Specifies a path to the file share in the SVM where you'll copy your data.
\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file\n shares), or share name (for SMB file shares). For example, your mount path might be\n /vol1, /vol1/tree1, or /share1.
Don't specify a junction path in the SVM's root volume. For more information, see Managing FSx for ONTAP storage virtual machines in the Amazon FSx for NetApp ONTAP User Guide.
\nSpecifies a path to the file share in the SVM where you want to transfer data to or from.
\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file\n shares), or share name (for SMB file shares). For example, your mount path might be\n /vol1, /vol1/tree1, or /share1.
Don't specify a junction path in the SVM's root volume. For more information, see Managing FSx for ONTAP storage virtual machines in the Amazon FSx for NetApp ONTAP User Guide.
\nSpecifies the name of the Microsoft Active Directory domain that the FSx for Windows File Server file system belongs to.
\nIf you have multiple Active Directory domains in your environment, configuring this\n parameter makes sure that DataSync connects to the right file system.
" + "smithy.api#documentation": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.
\nIf you have multiple Active Directory domains in your environment, configuring this\n parameter makes sure that DataSync connects to the right file system.
" } }, "Password": { @@ -1133,7 +1133,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a transfer location for a Network File System (NFS) file\n server. DataSync can use this location as a source or destination for\n transferring data.
\nBefore you begin, make sure that you understand how DataSync\n accesses\n NFS file servers.
\nIf you're copying data to or from an Snowcone device, you can also use\n CreateLocationNfs to create your transfer location. For more information, see\n Configuring transfers with Snowcone.
Creates a transfer location for a Network File System (NFS) file\n server. DataSync can use this location as a source or destination for\n transferring data.
\nBefore you begin, make sure that you understand how DataSync\n accesses\n NFS file servers.
" } }, "com.amazonaws.datasync#CreateLocationNfsRequest": { @@ -4112,6 +4112,21 @@ { "target": "com.amazonaws.datasync#UpdateLocationAzureBlob" }, + { + "target": "com.amazonaws.datasync#UpdateLocationEfs" + }, + { + "target": "com.amazonaws.datasync#UpdateLocationFsxLustre" + }, + { + "target": "com.amazonaws.datasync#UpdateLocationFsxOntap" + }, + { + "target": "com.amazonaws.datasync#UpdateLocationFsxOpenZfs" + }, + { + "target": "com.amazonaws.datasync#UpdateLocationFsxWindows" + }, { "target": "com.amazonaws.datasync#UpdateLocationHdfs" }, @@ -4121,6 +4136,9 @@ { "target": "com.amazonaws.datasync#UpdateLocationObjectStorage" }, + { + "target": "com.amazonaws.datasync#UpdateLocationS3" + }, { "target": "com.amazonaws.datasync#UpdateLocationSmb" }, @@ -5197,7 +5215,7 @@ } }, "traits": { - "smithy.api#documentation": "Specifies the Network File System (NFS) protocol configuration that DataSync\n uses to access your Amazon FSx for OpenZFS or Amazon FSx for NetApp ONTAP file\n system.
" + "smithy.api#documentation": "Specifies the Network File System (NFS) protocol configuration that DataSync\n uses to access your FSx for OpenZFS file system or FSx for ONTAP file\n system's storage virtual machine (SVM).
" } }, "com.amazonaws.datasync#FsxProtocolSmb": { @@ -5206,7 +5224,7 @@ "Domain": { "target": "com.amazonaws.datasync#SmbDomain", "traits": { - "smithy.api#documentation": "Specifies the fully qualified domain name (FQDN) of the Microsoft Active Directory that\n your storage virtual machine (SVM) belongs to.
\nIf you have multiple domains in your environment, configuring this setting makes sure that\n DataSync connects to the right SVM.
" + "smithy.api#documentation": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.
\nIf you have multiple domains in your environment, configuring this setting makes sure that\n DataSync connects to the right SVM.
\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.
" } }, "MountOptions": { @@ -5228,7 +5246,63 @@ } }, "traits": { - "smithy.api#documentation": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your Amazon FSx for NetApp ONTAP file system. For more information, see\n Accessing FSx for ONTAP file systems.
" + "smithy.api#documentation": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your Amazon FSx for NetApp ONTAP file system's storage virtual machine (SVM). For more information, see\n Providing DataSync access to FSx for ONTAP file systems.
" + } + }, + "com.amazonaws.datasync#FsxUpdateProtocol": { + "type": "structure", + "members": { + "NFS": { + "target": "com.amazonaws.datasync#FsxProtocolNfs" + }, + "SMB": { + "target": "com.amazonaws.datasync#FsxUpdateProtocolSmb", + "traits": { + "smithy.api#documentation": "Specifies the Server Message Block (SMB) protocol configuration that DataSync\n uses to access your FSx for ONTAP file system's storage virtual machine (SVM).
" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the data transfer protocol that DataSync uses to access your\n Amazon FSx file system.
\nYou can't update the Network File System (NFS) protocol configuration for FSx for ONTAP locations. DataSync currently only supports NFS version 3 with this location type.
\nSpecifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.
\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.
" + } + }, + "MountOptions": { + "target": "com.amazonaws.datasync#SmbMountOptions" + }, + "Password": { + "target": "com.amazonaws.datasync#SmbPassword", + "traits": { + "smithy.api#documentation": "Specifies the password of a user who has permission to access your SVM.
" + } + }, + "User": { + "target": "com.amazonaws.datasync#SmbUser", + "traits": { + "smithy.api#documentation": "Specifies a user that can mount and access the files, folders, and metadata in your SVM.
\nFor information about choosing a user with the right level of access for your transfer, see Using\n the SMB protocol.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your Amazon FSx for NetApp ONTAP file system's storage virtual machine (SVM). For more information, see\n Providing DataSync access to FSx for ONTAP file systems.
" + } + }, + "com.amazonaws.datasync#FsxUpdateSmbDomain": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 253 + }, + "smithy.api#pattern": "^([A-Za-z0-9]((\\.|-+)?[A-Za-z0-9]){0,252})?$" } }, "com.amazonaws.datasync#FsxWindowsSubdirectory": { @@ -7750,7 +7824,7 @@ } }, "traits": { - "smithy.api#documentation": "Specifies the Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that DataSync uses to access your S3 bucket.
\nFor more information, see Accessing\n S3 buckets.
" + "smithy.api#documentation": "Specifies the Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that DataSync uses to access your S3 bucket.
\nFor more information, see Providing DataSync access to S3 buckets.
" } }, "com.amazonaws.datasync#S3ManifestConfig": { @@ -9174,7 +9248,7 @@ } ], "traits": { - "smithy.api#documentation": "Modifies some configurations of the Microsoft Azure Blob Storage transfer location that you're using with DataSync.
" + "smithy.api#documentation": "Modifies the following configurations of the Microsoft Azure Blob Storage transfer location that you're using with DataSync.
\nFor more information, see Configuring DataSync transfers with Azure Blob Storage.
" } }, "com.amazonaws.datasync#UpdateLocationAzureBlobRequest": { @@ -9235,6 +9309,291 @@ "smithy.api#output": {} } }, + "com.amazonaws.datasync#UpdateLocationEfs": { + "type": "operation", + "input": { + "target": "com.amazonaws.datasync#UpdateLocationEfsRequest" + }, + "output": { + "target": "com.amazonaws.datasync#UpdateLocationEfsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.datasync#InternalException" + }, + { + "target": "com.amazonaws.datasync#InvalidRequestException" + } + ], + "traits": { + "smithy.api#documentation": "Modifies the following configuration parameters of the Amazon EFS transfer location that you're using with DataSync.
\nFor more information, see Configuring DataSync transfers with Amazon EFS.
" + } + }, + "com.amazonaws.datasync#UpdateLocationEfsRequest": { + "type": "structure", + "members": { + "LocationArn": { + "target": "com.amazonaws.datasync#LocationArn", + "traits": { + "smithy.api#documentation": "Specifies the Amazon Resource Name (ARN) of the Amazon EFS transfer location that you're updating.
", + "smithy.api#required": {} + } + }, + "Subdirectory": { + "target": "com.amazonaws.datasync#EfsSubdirectory", + "traits": { + "smithy.api#documentation": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data on your file system (depending on if this is a source or destination location).
\nBy default, DataSync uses the root directory (or access point if you provide one by using\n AccessPointArn). You can also include subdirectories using forward slashes (for\n example, /path/to/folder).
Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses\n to mount your Amazon EFS file system.
\nFor more information, see Accessing restricted Amazon EFS file systems.
" + } + }, + "FileSystemAccessRoleArn": { + "target": "com.amazonaws.datasync#UpdatedEfsIamRoleArn", + "traits": { + "smithy.api#documentation": "Specifies an Identity and Access Management (IAM) role that allows DataSync to access your Amazon EFS file system.
\nFor information on creating this role, see Creating a DataSync IAM role for Amazon EFS file system access.
" + } + }, + "InTransitEncryption": { + "target": "com.amazonaws.datasync#EfsInTransitEncryption", + "traits": { + "smithy.api#documentation": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2\n encryption when it transfers data to or from your Amazon EFS file system.
\nIf you specify an access point using AccessPointArn or an IAM\n role using FileSystemAccessRoleArn, you must set this parameter to\n TLS1_2.
Modifies the following configuration parameters of the Amazon FSx for Lustre transfer location that you're using with DataSync.
\nFor more information, see Configuring DataSync transfers with FSx for Lustre.
" + } + }, + "com.amazonaws.datasync#UpdateLocationFsxLustreRequest": { + "type": "structure", + "members": { + "LocationArn": { + "target": "com.amazonaws.datasync#LocationArn", + "traits": { + "smithy.api#documentation": "Specifies the Amazon Resource Name (ARN) of the FSx for Lustre transfer location that you're updating.
", + "smithy.api#required": {} + } + }, + "Subdirectory": { + "target": "com.amazonaws.datasync#SmbSubdirectory", + "traits": { + "smithy.api#documentation": "Specifies a mount path for your FSx for Lustre file system. The path can include subdirectories.
\nWhen the location is used as a source, DataSync reads data from the mount path. When the location is used as a destination, DataSync writes data to the mount path. If you don't include this parameter, DataSync uses the file system's root directory (/).
Modifies the following configuration parameters of the Amazon FSx for NetApp ONTAP transfer location that you're using with DataSync.
\nFor more information, see Configuring DataSync transfers with FSx for ONTAP.
" + } + }, + "com.amazonaws.datasync#UpdateLocationFsxOntapRequest": { + "type": "structure", + "members": { + "LocationArn": { + "target": "com.amazonaws.datasync#LocationArn", + "traits": { + "smithy.api#documentation": "Specifies the Amazon Resource Name (ARN) of the FSx for ONTAP transfer location that you're updating.
", + "smithy.api#required": {} + } + }, + "Protocol": { + "target": "com.amazonaws.datasync#FsxUpdateProtocol", + "traits": { + "smithy.api#documentation": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.
" + } + }, + "Subdirectory": { + "target": "com.amazonaws.datasync#FsxOntapSubdirectory", + "traits": { + "smithy.api#documentation": "Specifies a path to the file share in the storage virtual machine (SVM) where you want to transfer data to or from.
\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file\n shares), or share name (for SMB file shares). For example, your mount path might be\n /vol1, /vol1/tree1, or /share1.
Don't specify a junction path in the SVM's root volume. For more information, see Managing FSx for ONTAP storage virtual machines in the Amazon FSx for NetApp ONTAP User Guide.
\nModifies the following configuration parameters of the Amazon FSx for OpenZFS transfer location that you're using with DataSync.
\nFor more information, see Configuring DataSync transfers with FSx for OpenZFS.
\nRequest parameters related to SMB aren't supported with the\n UpdateLocationFsxOpenZfs operation.
Specifies the Amazon Resource Name (ARN) of the FSx for OpenZFS transfer location that you're updating.
", + "smithy.api#required": {} + } + }, + "Protocol": { + "target": "com.amazonaws.datasync#FsxProtocol" + }, + "Subdirectory": { + "target": "com.amazonaws.datasync#SmbSubdirectory", + "traits": { + "smithy.api#documentation": "Specifies a subdirectory in the location's path that must begin with /fsx. DataSync uses this subdirectory to read or write data (depending on whether the file\n system is a source or destination location).
Modifies the following configuration parameters of the Amazon FSx for Windows File Server transfer location that you're using with DataSync.
\nFor more information, see Configuring DataSync transfers with FSx for Windows File Server.
" + } + }, + "com.amazonaws.datasync#UpdateLocationFsxWindowsRequest": { + "type": "structure", + "members": { + "LocationArn": { + "target": "com.amazonaws.datasync#LocationArn", + "traits": { + "smithy.api#documentation": "Specifies the ARN of the FSx for Windows File Server transfer location that you're updating.
", + "smithy.api#required": {} + } + }, + "Subdirectory": { + "target": "com.amazonaws.datasync#FsxWindowsSubdirectory", + "traits": { + "smithy.api#documentation": "Specifies a mount path for your file system using forward slashes. DataSync uses this subdirectory to read or write data (depending on whether the file\n system is a source or destination location).
" + } + }, + "Domain": { + "target": "com.amazonaws.datasync#FsxUpdateSmbDomain", + "traits": { + "smithy.api#documentation": "Specifies the name of the Windows domain that your FSx for Windows File Server file system belongs to.
\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.
" + } + }, + "User": { + "target": "com.amazonaws.datasync#SmbUser", + "traits": { + "smithy.api#documentation": "Specifies the user with the permissions to mount and access the files, folders, and file\n metadata in your FSx for Windows File Server file system.
\nFor information about choosing a user with the right level of access for your transfer, see required permissions for FSx for Windows File Server locations.
" + } + }, + "Password": { + "target": "com.amazonaws.datasync#SmbPassword", + "traits": { + "smithy.api#documentation": "Specifies the password of the user with the permissions to mount and access the files,\n folders, and file metadata in your FSx for Windows File Server file system.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.datasync#UpdateLocationFsxWindowsResponse": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.datasync#UpdateLocationHdfs": { "type": "operation", "input": { @@ -9252,7 +9611,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates some parameters of a previously created location for a Hadoop Distributed File\n System cluster.
" + "smithy.api#documentation": "Modifies the following configuration parameters of the Hadoop Distributed File\n System (HDFS) transfer location that you're using with DataSync.
\nFor more information, see Configuring DataSync transfers with an HDFS cluster.
" } }, "com.amazonaws.datasync#UpdateLocationHdfsRequest": { @@ -9366,7 +9725,7 @@ } ], "traits": { - "smithy.api#documentation": "Modifies some configurations of the Network File System (NFS) transfer location that\n you're using with DataSync.
\nFor more information, see Configuring transfers to or from an\n NFS file server.
" + "smithy.api#documentation": "Modifies the following configuration parameters of the Network File System (NFS) transfer location that you're using with DataSync.
\nFor more information, see Configuring transfers with an\n NFS file server.
" } }, "com.amazonaws.datasync#UpdateLocationNfsRequest": { @@ -9420,7 +9779,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates some parameters of an existing DataSync location for an object\n storage system.
" + "smithy.api#documentation": "Modifies the following configuration parameters of the object storage transfer location that you're using with DataSync.
\nFor more information, see Configuring DataSync transfers with an object storage system.
" } }, "com.amazonaws.datasync#UpdateLocationObjectStorageRequest": { @@ -9487,6 +9846,63 @@ "smithy.api#output": {} } }, + "com.amazonaws.datasync#UpdateLocationS3": { + "type": "operation", + "input": { + "target": "com.amazonaws.datasync#UpdateLocationS3Request" + }, + "output": { + "target": "com.amazonaws.datasync#UpdateLocationS3Response" + }, + "errors": [ + { + "target": "com.amazonaws.datasync#InternalException" + }, + { + "target": "com.amazonaws.datasync#InvalidRequestException" + } + ], + "traits": { + "smithy.api#documentation": "Modifies the following configuration parameters of the Amazon S3 transfer location that you're using with DataSync.
\nBefore you begin, make sure that you read the following topics:
\n\n Storage\n class considerations with Amazon S3 locations\n
\nSpecifies the Amazon Resource Name (ARN) of the Amazon S3 transfer location that you're updating.
", + "smithy.api#required": {} + } + }, + "Subdirectory": { + "target": "com.amazonaws.datasync#S3Subdirectory", + "traits": { + "smithy.api#documentation": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to\n (depending on whether the bucket is a source or destination location).
\nDataSync can't transfer objects with a prefix that begins with a slash\n (/) or includes //, /./, or\n /../ patterns. For example:
\n /photos\n
\n photos//2006/January\n
\n photos/./2006/February\n
\n photos/../2006/March\n
Specifies the storage class that you want your objects to use when Amazon S3 is a\n transfer destination.
\nFor buckets in Amazon Web Services Regions, the storage class defaults to\n STANDARD. For buckets on Outposts, the storage class defaults to\n OUTPOSTS.
For more information, see Storage class\n considerations with Amazon S3 transfers.
" + } + }, + "S3Config": { + "target": "com.amazonaws.datasync#S3Config" + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.datasync#UpdateLocationS3Response": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.datasync#UpdateLocationSmb": { "type": "operation", "input": { @@ -9504,7 +9920,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates some of the parameters of a Server Message Block\n (SMB) file server location that you can use for DataSync transfers.
" + "smithy.api#documentation": "Modifies the following configuration parameters of the Server Message Block\n (SMB) transfer location that you're using with DataSync.
\nFor more information, see Configuring DataSync transfers with an SMB file server.
" } }, "com.amazonaws.datasync#UpdateLocationSmbRequest": { @@ -9773,6 +10189,26 @@ "smithy.api#output": {} } }, + "com.amazonaws.datasync#UpdatedEfsAccessPointArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 128 + }, + "smithy.api#pattern": "^(^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):elasticfilesystem:[a-z\\-0-9]+:[0-9]{12}:access-point/fsap-[0-9a-f]{8,40}$)|(^$)$" + } + }, + "com.amazonaws.datasync#UpdatedEfsIamRoleArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 2048 + }, + "smithy.api#pattern": "^(^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):iam::[0-9]{12}:role/.*$)|(^$)$" + } + }, "com.amazonaws.datasync#VerifyMode": { "type": "enum", "members": { diff --git a/codegen/sdk/aws-models/dlm.json b/codegen/sdk/aws-models/dlm.json index 235ee067f33..e6a6e6e1490 100644 --- a/codegen/sdk/aws-models/dlm.json +++ b/codegen/sdk/aws-models/dlm.json @@ -306,7 +306,7 @@ "Location": { "target": "com.amazonaws.dlm#LocationValues", "traits": { - "smithy.api#documentation": "\n [Custom snapshot policies only] Specifies the destination for snapshots created by the policy. To create \n\t\t\tsnapshots in the same Region as the source resource, specify CLOUD. To create \n\t\t\tsnapshots on the same Outpost as the source resource, specify OUTPOST_LOCAL. \n\t\t\tIf you omit this parameter, CLOUD is used by default.
If the policy targets resources in an Amazon Web Services Region, then you must create \n\t\t\tsnapshots in the same Region as the source resource. If the policy targets resources on an \n\t\t\tOutpost, then you can create snapshots on the same Outpost as the source resource, or in \n\t\t\tthe Region of that Outpost.
" + "smithy.api#documentation": "\n [Custom snapshot policies only] Specifies the destination for snapshots created by the policy. The \n\t\t\tallowed destinations depend on the location of the targeted resources.
\nIf the policy targets resources in a Region, then you must create snapshots \n\t\t\t\t\tin the same Region as the source resource.
\nIf the policy targets resources in a Local Zone, you can create snapshots in \n\t\t\t\t\tthe same Local Zone or in its parent Region.
\nIf the policy targets resources on an Outpost, then you can create snapshots \n\t\t\t\t\ton the same Outpost or in its parent Region.
\nSpecify one of the following values:
\nTo create snapshots in the same Region as the source resource, specify \n\t\t\t\t\tCLOUD.
To create snapshots in the same Local Zone as the source resource, specify \n\t\t\t\t\tLOCAL_ZONE.
To create snapshots on the same Outpost as the source resource, specify \n\t\t\t\t\tOUTPOST_LOCAL.
Default: CLOUD\n
The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1\n\t\t\tyear. For more information, see Cron\n\t\t\t\texpressions in the Amazon CloudWatch User Guide.
" + "smithy.api#documentation": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1\n\t\t\tyear. For more information, see the Cron expressions reference in \n\t\t\tthe Amazon EventBridge User Guide.
" } }, "Scripts": { @@ -1204,12 +1204,12 @@ "DefaultPolicy": { "target": "com.amazonaws.dlm#DefaultPolicy", "traits": { - "smithy.api#documentation": "\n [Default policies only] The type of default policy. Values include:
\n\n VOLUME - Default policy for EBS snapshots
\n INSTANCE - Default policy for EBS-backed AMIs
Indicates whether the policy is a default lifecycle policy or a custom \n\t\t\tlifecycle policy.
\n\n true - the policy is a default policy.
\n false - the policy is a custom policy.
\n [Custom policies only] Detailed information about a snapshot, AMI, or event-based lifecycle policy.
" + "smithy.api#documentation": "Information about a lifecycle policy.
" } }, "com.amazonaws.dlm#LifecyclePolicySummary": { @@ -1356,6 +1356,12 @@ "traits": { "smithy.api#enumValue": "OUTPOST_LOCAL" } + }, + "LOCAL_ZONE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LOCAL_ZONE" + } } } }, @@ -1423,7 +1429,7 @@ "PolicyType": { "target": "com.amazonaws.dlm#PolicyTypeValues", "traits": { - "smithy.api#documentation": "\n [Custom policies only] The valid target resource types and actions a policy can manage. Specify EBS_SNAPSHOT_MANAGEMENT \n\t\t\tto create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify IMAGE_MANAGEMENT \n\t\t\tto create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify EVENT_BASED_POLICY \n\t\t\tto create an event-based policy that performs specific actions when a defined event occurs in your Amazon Web Services account.
The default is EBS_SNAPSHOT_MANAGEMENT.
The type of policy. Specify EBS_SNAPSHOT_MANAGEMENT \n\t\t\tto create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify IMAGE_MANAGEMENT \n\t\t\tto create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify EVENT_BASED_POLICY \n\t\t\tto create an event-based policy that performs specific actions when a defined event occurs in your Amazon Web Services account.
The default is EBS_SNAPSHOT_MANAGEMENT.
\n [Custom snapshot and AMI policies only] The location of the resources to backup. If the source resources are located in an \n\t\t\tAmazon Web Services Region, specify CLOUD. If the source resources are located on an Outpost \n\t\t\tin your account, specify OUTPOST.
If you specify OUTPOST, Amazon Data Lifecycle Manager backs up all resources \n\t\t\t\tof the specified type with matching target tags across all of the Outposts in your account.
\n [Custom snapshot and AMI policies only] The location of the resources to backup.
\nIf the source resources are located in a Region, specify CLOUD. In this case, \n\t\t\t\t\tthe policy targets all resources of the specified type with matching target tags across all \n\t\t\t\t\tAvailability Zones in the Region.
\n [Custom snapshot policies only] If the source resources are located in a Local Zone, specify LOCAL_ZONE. \n\t\t\t\t\tIn this case, the policy targets all resources of the specified type with matching target \n\t\t\t\t\ttags across all Local Zones in the Region.
If the source resources are located on an Outpost in your account, specify OUTPOST. \n\t\t\t\t\tIn this case, the policy targets all resources of the specified type with matching target \n\t\t\t\t\ttags across all of the Outposts in your account.
Specifies a rule for copying snapshots or AMIs across regions.
\nYou can't specify cross-Region copy rules for policies that create snapshots on an Outpost. \n\t\t\tIf the policy creates snapshots in a Region, then snapshots can be copied to up to three \n\t\t\tRegions or Outposts.
\nSpecifies a rule for copying snapshots or AMIs across Regions.
\nYou can't specify cross-Region copy rules for policies that create snapshots on an \n\t\t\t\tOutpost or in a Local Zone. If the policy creates snapshots in a Region, then snapshots \n\t\t\t\tcan be copied to up to three Regions or Outposts.
\nThe configuration setting for the log types to be enabled for export to Amazon\n CloudWatch Logs for a specific instance or cluster.
\nThe EnableLogTypes and DisableLogTypes arrays determine\n which logs are exported (or not exported) to CloudWatch Logs. The values within these\n arrays depend on the engine that is being used.
The Amazon Resource Name (ARN) of the secret.
" + } + }, + "SecretStatus": { + "target": "com.amazonaws.docdb#String", + "traits": { + "smithy.api#documentation": "The status of the secret.
\nThe possible status values include the following:
\ncreating - The secret is being created.
\nactive - The secret is available for normal use and rotation.
\nrotating - The secret is being rotated.
\nimpaired - The secret can be used to access database credentials, but it can't be rotated. \n A secret might have this status if, for example, permissions are changed so that Amazon DocumentDB can no longer access either the secret or the KMS key for the secret.
\nWhen a secret has this status, you can correct the condition that caused the status. \n Alternatively, modify the instance to turn off automatic management of database credentials, and then modify the instance again to turn on automatic management of database credentials.
\nThe Amazon Web Services KMS key identifier that is used to encrypt the secret.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains the secret managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the master user password.
" + } + }, "com.amazonaws.docdb#CopyDBClusterParameterGroup": { "type": "operation", "input": { @@ -1998,6 +2024,18 @@ "traits": { "smithy.api#documentation": "The storage type to associate with the DB cluster.
\nFor information on storage types for Amazon DocumentDB clusters, see \n Cluster storage configurations in the Amazon DocumentDB Developer Guide.
\nValid values for storage type - standard | iopt1\n
Default value is standard \n
When you create a DocumentDB DB cluster with the storage type set to iopt1, the storage type is returned\n in the response. The storage type isn't returned when you set it to standard.
Specifies whether to manage the master user password with Amazon Web Services Secrets Manager.
\nConstraint: You can't manage the master user password with Amazon Web Services Secrets Manager if MasterUserPassword is specified.
The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager.\n This setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the DB cluster.
\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. \n To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.
\nIf you don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager KMS key is used to encrypt the secret. \n If the secret is in a different Amazon Web Services account, then you can't use the aws/secretsmanager KMS key to encrypt the secret, and you must use a customer managed KMS key.
There is a default KMS key for your Amazon Web Services account. \n Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
" + } } }, "traits": { @@ -2792,6 +2830,12 @@ "traits": { "smithy.api#documentation": "Storage type associated with your cluster
\nStorage type associated with your cluster
\nFor information on storage types for Amazon DocumentDB clusters, see \n Cluster storage configurations in the Amazon DocumentDB Developer Guide.
\nValid values for storage type - standard | iopt1\n
Default value is standard \n
The secret managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the master user password.
" + } } }, "traits": { @@ -4791,6 +4835,21 @@ "smithy.api#suppress": [ "WaitableTraitInvalidErrorType" ], + "smithy.test#smokeTests": [ + { + "id": "DescribeDBInstancesFailure", + "params": { + "DBInstanceIdentifier": "fake-id" + }, + "vendorParams": { + "region": "us-west-2" + }, + "vendorParamsShape": "aws.test#AwsVendorParams", + "expect": { + "failure": {} + } + } + ], "smithy.waiters#waitable": { "DBInstanceAvailable": { "acceptors": [ @@ -6597,6 +6656,24 @@ "traits": { "smithy.api#documentation": "The storage type to associate with the DB cluster.
\nFor information on storage types for Amazon DocumentDB clusters, see \n Cluster storage configurations in the Amazon DocumentDB Developer Guide.
\nValid values for storage type - standard | iopt1\n
Default value is standard \n
Specifies whether to manage the master user password with Amazon Web Services Secrets Manager.\n If the cluster doesn't manage the master user password with Amazon Web Services Secrets Manager, you can turn on this management. \n In this case, you can't specify MasterUserPassword.\n If the cluster already manages the master user password with Amazon Web Services Secrets Manager, and you specify that the master user password is not managed with Amazon Web Services Secrets Manager, then you must specify MasterUserPassword. \n In this case, Amazon DocumentDB deletes the secret and uses the new password for the master user specified by MasterUserPassword.
The Amazon Web Services KMS key identifier to encrypt a secret that is automatically generated and managed in Amazon Web Services Secrets Manager.
\nThis setting is valid only if both of the following conditions are met:
\nThe cluster doesn't manage the master user password in Amazon Web Services Secrets Manager. \n If the cluster already manages the master user password in Amazon Web Services Secrets Manager, you can't change the KMS key that is used to encrypt the secret.
\nYou are enabling ManageMasterUserPassword to manage the master user password in Amazon Web Services Secrets Manager. \n If you are turning on ManageMasterUserPassword and don't specify MasterUserSecretKmsKeyId, then the aws/secretsmanager KMS key is used to encrypt the secret. \n If the secret is in a different Amazon Web Services account, then you can't use the aws/secretsmanager KMS key to encrypt the secret, and you must use a customer managed KMS key.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. \n To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.
\nThere is a default KMS key for your Amazon Web Services account. \n Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
" + } + }, + "RotateMasterUserPassword": { + "target": "com.amazonaws.docdb#BooleanOptional", + "traits": { + "smithy.api#documentation": "Specifies whether to rotate the secret managed by Amazon Web Services Secrets Manager for the master user password.
\nThis setting is valid only if the master user password is managed by Amazon DocumentDB in Amazon Web Services Secrets Manager for the cluster. \n The secret value contains the updated password.
\nConstraint: You must apply the change immediately when rotating the master user password.
" + } } }, "traits": { diff --git a/codegen/sdk/aws-models/dynamodb.json b/codegen/sdk/aws-models/dynamodb.json index f5cf40a15a9..464a6e071c3 100644 --- a/codegen/sdk/aws-models/dynamodb.json +++ b/codegen/sdk/aws-models/dynamodb.json @@ -125,7 +125,7 @@ } }, "traits": { - "smithy.api#documentation": "Represents an attribute for describing the schema for the table and\n indexes.
" + "smithy.api#documentation": "Represents an attribute for describing the schema for the table and indexes.
" } }, "com.amazonaws.dynamodb#AttributeDefinitions": { @@ -1009,7 +1009,7 @@ "Item": { "target": "com.amazonaws.dynamodb#AttributeMap", "traits": { - "smithy.api#documentation": "The item which caused the condition check to fail. This will be set if ReturnValuesOnConditionCheckFailure is specified as ALL_OLD.
The item which caused the condition check to fail. This will be set if\n ReturnValuesOnConditionCheckFailure is specified as ALL_OLD.
Name of the table for the check item request. You can also provide the Amazon Resource Name (ARN) of the table in this parameter.
", + "smithy.api#documentation": "Name of the table for the check item request. You can also provide the Amazon Resource Name (ARN) of\n the table in this parameter.
", "smithy.api#required": {} } }, "ConditionExpression": { "target": "com.amazonaws.dynamodb#ConditionExpression", "traits": { - "smithy.api#documentation": "A condition that must be satisfied in order for a conditional update to\n succeed. For more information, see Condition expressions in the Amazon DynamoDB Developer\n Guide.
", + "smithy.api#documentation": "A condition that must be satisfied in order for a conditional update to succeed. For\n more information, see Condition expressions in the Amazon DynamoDB Developer\n Guide.
", "smithy.api#required": {} } }, "ExpressionAttributeNames": { "target": "com.amazonaws.dynamodb#ExpressionAttributeNameMap", "traits": { - "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. For more information, see\n Expression attribute names \n in the Amazon DynamoDB Developer Guide.
" + "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. For more\n information, see Expression attribute names in the Amazon DynamoDB Developer\n Guide.
" } }, "ExpressionAttributeValues": { "target": "com.amazonaws.dynamodb#ExpressionAttributeValueMap", "traits": { - "smithy.api#documentation": "One or more values that can be substituted in an expression. For more information, see Condition expressions in the Amazon DynamoDB Developer Guide.
" + "smithy.api#documentation": "One or more values that can be substituted in an expression. For more information, see\n Condition expressions in the Amazon DynamoDB Developer\n Guide.
" } }, "ReturnValuesOnConditionCheckFailure": { @@ -1665,7 +1665,7 @@ "TableName": { "target": "com.amazonaws.dynamodb#TableArn", "traits": { - "smithy.api#documentation": "The name of the table that was affected by the operation. If you had specified the Amazon Resource Name (ARN) of a table in the input, you'll see the table ARN in the response.
" + "smithy.api#documentation": "The name of the table that was affected by the operation. If you had specified the\n Amazon Resource Name (ARN) of a table in the input, you'll see the table ARN in the response.
" } }, "CapacityUnits": { @@ -1971,13 +1971,13 @@ "OnDemandThroughput": { "target": "com.amazonaws.dynamodb#OnDemandThroughput", "traits": { - "smithy.api#documentation": "The maximum number of read and write units for the global secondary index being created. If you use this parameter, you must specify MaxReadRequestUnits, MaxWriteRequestUnits, or both.
The maximum number of read and write units for the global secondary index being\n created. If you use this parameter, you must specify MaxReadRequestUnits,\n MaxWriteRequestUnits, or both.
Represents the warm throughput value (in read units per second and write units per second) when creating a secondary index.
" + "smithy.api#documentation": "Represents the warm throughput value (in read units per second and write units per\n second) when creating a secondary index.
" } } }, @@ -2093,7 +2093,7 @@ "OnDemandThroughputOverride": { "target": "com.amazonaws.dynamodb#OnDemandThroughputOverride", "traits": { - "smithy.api#documentation": "The maximum on-demand throughput settings for the specified replica table being created. You can only modify MaxReadRequestUnits, because you can't modify MaxWriteRequestUnits for individual replica tables.\n
The maximum on-demand throughput settings for the specified replica table being\n created. You can only modify MaxReadRequestUnits, because you can't modify\n MaxWriteRequestUnits for individual replica tables.
Name of the table in which the item to be deleted resides. You can also provide the Amazon Resource Name (ARN) of the table in this parameter.
", + "smithy.api#documentation": "Name of the table in which the item to be deleted resides. You can also provide the\n Amazon Resource Name (ARN) of the table in this parameter.
", "smithy.api#required": {} } }, @@ -2885,7 +2885,7 @@ "aws.api#clientDiscoveredEndpoint": { "required": false }, - "smithy.api#documentation": "Checks the status of continuous backups and point in time recovery on the specified\n table. Continuous backups are ENABLED on all tables at table creation. If\n point in time recovery is enabled, PointInTimeRecoveryStatus will be set to\n ENABLED.
After continuous backups and point in time recovery are enabled, you can restore to\n any point in time within EarliestRestorableDateTime and\n LatestRestorableDateTime.
\n LatestRestorableDateTime is typically 5 minutes before the current time.\n You can restore your table to any point in time during the last 35 days.
You can call DescribeContinuousBackups at a maximum rate of 10 times per\n second.
Checks the status of continuous backups and point in time recovery on the specified\n table. Continuous backups are ENABLED on all tables at table creation. If\n point in time recovery is enabled, PointInTimeRecoveryStatus will be set to\n ENABLED.
After continuous backups and point in time recovery are enabled, you can restore to\n any point in time within EarliestRestorableDateTime and\n LatestRestorableDateTime.
\n LatestRestorableDateTime is typically 5 minutes before the current time.\n You can restore your table to any point in time in the last 35 days. You can set the recovery period to any value between 1 and 35 days.
You can call DescribeContinuousBackups at a maximum rate of 10 times per\n second.
Toggle for the precision of Kinesis data stream timestamp. The values are either MILLISECOND or MICROSECOND.
Toggle for the precision of Kinesis data stream timestamp. The values are either\n MILLISECOND or MICROSECOND.
The type of export that was performed. Valid values are FULL_EXPORT or INCREMENTAL_EXPORT.
The type of export that was performed. Valid values are FULL_EXPORT or\n INCREMENTAL_EXPORT.
The type of export that was performed. Valid values are FULL_EXPORT or INCREMENTAL_EXPORT.
The type of export that was performed. Valid values are FULL_EXPORT or\n INCREMENTAL_EXPORT.
The name of the table from which to retrieve the specified item. You can also provide the Amazon Resource Name (ARN) of the table in this parameter.
", + "smithy.api#documentation": "The name of the table from which to retrieve the specified item. You can also provide\n the Amazon Resource Name (ARN) of the table in this parameter.
", "smithy.api#required": {} } }, @@ -7216,13 +7216,13 @@ "OnDemandThroughput": { "target": "com.amazonaws.dynamodb#OnDemandThroughput", "traits": { - "smithy.api#documentation": "The maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify MaxReadRequestUnits, MaxWriteRequestUnits, or both.
The maximum number of read and write units for the specified global secondary index.\n If you use this parameter, you must specify MaxReadRequestUnits,\n MaxWriteRequestUnits, or both.
Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify ReadUnitsPerSecond, WriteUnitsPerSecond, or both.
Represents the warm throughput value (in read units per second and write units per\n second) for the specified secondary index. If you use this parameter, you must specify\n ReadUnitsPerSecond, WriteUnitsPerSecond, or both.
The maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify MaxReadRequestUnits, MaxWriteRequestUnits, or both.
The maximum number of read and write units for the specified global secondary index.\n If you use this parameter, you must specify MaxReadRequestUnits,\n MaxWriteRequestUnits, or both.
Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index.
" + "smithy.api#documentation": "Represents the warm throughput value (in read units per second and write units per\n second) for the specified secondary index.
" } } }, @@ -7417,19 +7417,19 @@ "ReadUnitsPerSecond": { "target": "com.amazonaws.dynamodb#PositiveLongObject", "traits": { - "smithy.api#documentation": "Represents warm throughput read units per second value for a global secondary index.
" + "smithy.api#documentation": "Represents warm throughput read units per second value for a global secondary\n index.
" } }, "WriteUnitsPerSecond": { "target": "com.amazonaws.dynamodb#PositiveLongObject", "traits": { - "smithy.api#documentation": "Represents warm throughput write units per second value for a global secondary index.
" + "smithy.api#documentation": "Represents warm throughput write units per second value for a global secondary\n index.
" } }, "Status": { "target": "com.amazonaws.dynamodb#IndexStatus", "traits": { - "smithy.api#documentation": "Represents the warm throughput status being created or updated on a global secondary index. The status can only be UPDATING or ACTIVE.
Represents the warm throughput status being created or updated on a global secondary\n index. The status can only be UPDATING or ACTIVE.
Time in the past which provides the inclusive start range for the export table's data, counted in seconds from the start of the Unix epoch. The incremental export will reflect the table's state including and after this point in time.
" + "smithy.api#documentation": "Time in the past which provides the inclusive start range for the export table's data,\n counted in seconds from the start of the Unix epoch. The incremental export will reflect\n the table's state including and after this point in time.
" } }, "ExportToTime": { "target": "com.amazonaws.dynamodb#ExportToTime", "traits": { - "smithy.api#documentation": "Time in the past which provides the exclusive end range for the export table's data, counted in seconds from the start of the Unix epoch. The incremental export will reflect the table's state just prior to this point in time. If this is not provided, the latest time with data available will be used.
" + "smithy.api#documentation": "Time in the past which provides the exclusive end range for the export table's data,\n counted in seconds from the start of the Unix epoch. The incremental export will reflect\n the table's state just prior to this point in time. If this is not provided, the latest\n time with data available will be used.
" } }, "ExportViewType": { "target": "com.amazonaws.dynamodb#ExportViewType", "traits": { - "smithy.api#documentation": "The view type that was chosen for the export. Valid values are NEW_AND_OLD_IMAGES and NEW_IMAGES. The default value is NEW_AND_OLD_IMAGES.
The view type that was chosen for the export. Valid values are\n NEW_AND_OLD_IMAGES and NEW_IMAGES. The default value is\n NEW_AND_OLD_IMAGES.
The precision of the Kinesis data stream timestamp. The values are either MILLISECOND or MICROSECOND.
The precision of the Kinesis data stream timestamp. The values are either\n MILLISECOND or MICROSECOND.
Maximum number of read request units for the specified table.
\nTo specify a maximum OnDemandThroughput on your table, set the value of MaxReadRequestUnits as greater than or equal to 1. To remove the maximum OnDemandThroughput that is currently set on your table, set the value of MaxReadRequestUnits to -1.
Maximum number of read request units for the specified table.
\nTo specify a maximum OnDemandThroughput on your table, set the value of\n MaxReadRequestUnits as greater than or equal to 1. To remove the\n maximum OnDemandThroughput that is currently set on your table, set the\n value of MaxReadRequestUnits to -1.
Maximum number of write request units for the specified table.
\nTo specify a maximum OnDemandThroughput on your table, set the value of MaxWriteRequestUnits as greater than or equal to 1. To remove the maximum OnDemandThroughput that is currently set on your table, set the value of MaxWriteRequestUnits to -1.
Maximum number of write request units for the specified table.
\nTo specify a maximum OnDemandThroughput on your table, set the value of\n MaxWriteRequestUnits as greater than or equal to 1. To remove the\n maximum OnDemandThroughput that is currently set on your table, set the\n value of MaxWriteRequestUnits to -1.
Sets the maximum number of read and write units for the specified on-demand table. If you use this parameter, you must specify MaxReadRequestUnits, MaxWriteRequestUnits, or both.
Sets the maximum number of read and write units for the specified on-demand table. If\n you use this parameter, you must specify MaxReadRequestUnits,\n MaxWriteRequestUnits, or both.
Overrides the on-demand throughput settings for this replica table. If you don't specify a value for this parameter, it uses the source table's on-demand throughput settings.
" + "smithy.api#documentation": "Overrides the on-demand throughput settings for this replica table. If you don't\n specify a value for this parameter, it uses the source table's on-demand throughput\n settings.
" } }, "com.amazonaws.dynamodb#ParameterizedStatement": { @@ -9358,7 +9358,7 @@ "ReturnValuesOnConditionCheckFailure": { "target": "com.amazonaws.dynamodb#ReturnValuesOnConditionCheckFailure", "traits": { - "smithy.api#documentation": "An optional parameter that returns the item attributes for a PartiQL\n ParameterizedStatement operation that failed a condition check.
There is no additional cost associated with requesting a return value aside from the\n small network and processing overhead of receiving a larger response. No read capacity\n units are consumed.
" + "smithy.api#documentation": "An optional parameter that returns the item attributes for a PartiQL\n ParameterizedStatement operation that failed a condition check.
There is no additional cost associated with requesting a return value aside from the\n small network and processing overhead of receiving a larger response. No read capacity\n units are consumed.
" } } }, @@ -9423,6 +9423,12 @@ "smithy.api#documentation": "The current state of point in time recovery:
\n\n ENABLED - Point in time recovery is enabled.
\n DISABLED - Point in time recovery is disabled.
The number of preceding days for which continuous backups are taken and maintained.\n Your table data is only recoverable to any point-in-time from within the configured\n recovery period. This parameter is optional. If no value is provided, the value will\n default to 35.
" + } + }, "EarliestRestorableDateTime": { "target": "com.amazonaws.dynamodb#Date", "traits": { @@ -9449,6 +9455,12 @@ "smithy.api#documentation": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the\n table.
", "smithy.api#required": {} } + }, + "RecoveryPeriodInDays": { + "target": "com.amazonaws.dynamodb#RecoveryPeriodInDays", + "traits": { + "smithy.api#documentation": "The number of preceding days for which continuous backups are taken and maintained.\n Your table data is only recoverable to any point-in-time from within the configured\n recovery period. This parameter is optional. If no value is provided, the value will\n default to 35.
" + } } }, "traits": { @@ -9593,14 +9605,14 @@ "ReadCapacityUnits": { "target": "com.amazonaws.dynamodb#PositiveLongObject", "traits": { - "smithy.api#documentation": "The maximum number of strongly consistent reads consumed per second before DynamoDB\n returns a ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
The maximum number of strongly consistent reads consumed per second before DynamoDB\n returns a ThrottlingException. For more information, see Specifying\n Read and Write Requirements in the Amazon DynamoDB Developer\n Guide.
If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
The maximum number of writes consumed per second before DynamoDB returns a\n ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
The maximum number of writes consumed per second before DynamoDB returns a\n ThrottlingException. For more information, see Specifying\n Read and Write Requirements in the Amazon DynamoDB Developer\n Guide.
If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
Name of the table in which to write the item. You can also provide the Amazon Resource Name (ARN) of the table in this parameter.
", + "smithy.api#documentation": "Name of the table in which to write the item. You can also provide the Amazon Resource Name (ARN) of\n the table in this parameter.
", "smithy.api#required": {} } }, @@ -10222,6 +10234,15 @@ "smithy.api#output": {} } }, + "com.amazonaws.dynamodb#RecoveryPeriodInDays": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 35 + } + } + }, "com.amazonaws.dynamodb#RegionName": { "type": "string" }, @@ -10366,7 +10387,7 @@ "OnDemandThroughputOverride": { "target": "com.amazonaws.dynamodb#OnDemandThroughputOverride", "traits": { - "smithy.api#documentation": "Overrides the maximum on-demand throughput settings for the specified replica table.
" + "smithy.api#documentation": "Overrides the maximum on-demand throughput settings for the specified replica\n table.
" } }, "WarmThroughput": { @@ -10420,7 +10441,7 @@ "OnDemandThroughputOverride": { "target": "com.amazonaws.dynamodb#OnDemandThroughputOverride", "traits": { - "smithy.api#documentation": "Overrides the maximum on-demand throughput settings for the specified global secondary index in the specified replica table.
" + "smithy.api#documentation": "Overrides the maximum on-demand throughput settings for the specified global secondary\n index in the specified replica table.
" } } }, @@ -10501,7 +10522,7 @@ "OnDemandThroughputOverride": { "target": "com.amazonaws.dynamodb#OnDemandThroughputOverride", "traits": { - "smithy.api#documentation": "Overrides the maximum on-demand throughput for the specified global secondary index in the specified replica table.
" + "smithy.api#documentation": "Overrides the maximum on-demand throughput for the specified global secondary index in\n the specified replica table.
" } }, "WarmThroughput": { @@ -11121,7 +11142,7 @@ "aws.api#clientDiscoveredEndpoint": { "required": false }, - "smithy.api#documentation": "Restores the specified table to the specified point in time within\n EarliestRestorableDateTime and LatestRestorableDateTime.\n You can restore your table to any point in time during the last 35 days. Any number of\n users can execute up to 50 concurrent restores (any type of restore) in a given account.
When you restore using point in time recovery, DynamoDB restores your table data to\n the state based on the selected date and time (day:hour:minute:second) to a new table.
\nAlong with data, the following are also included on the new restored table using point\n in time recovery:
\nGlobal secondary indexes (GSIs)
\nLocal secondary indexes (LSIs)
\nProvisioned read and write capacity
\nEncryption settings
\nAll these settings come from the current settings of the source table at\n the time of restore.
\nYou must manually set up the following on the restored table:
\nAuto scaling policies
\nIAM policies
\nAmazon CloudWatch metrics and alarms
\nTags
\nStream settings
\nTime to Live (TTL) settings
\nPoint in time recovery settings
\nRestores the specified table to the specified point in time within\n EarliestRestorableDateTime and LatestRestorableDateTime.\n You can restore your table to any point in time in the last 35 days. You can set the recovery period to any value between 1 and 35 days. Any number of\n users can execute up to 50 concurrent restores (any type of restore) in a given account.
When you restore using point in time recovery, DynamoDB restores your table data to\n the state based on the selected date and time (day:hour:minute:second) to a new table.
\nAlong with data, the following are also included on the new restored table using point\n in time recovery:
\nGlobal secondary indexes (GSIs)
\nLocal secondary indexes (LSIs)
\nProvisioned read and write capacity
\nEncryption settings
\nAll these settings come from the current settings of the source table at\n the time of restore.
\nYou must manually set up the following on the restored table:
\nAuto scaling policies
\nIAM policies
\nAmazon CloudWatch metrics and alarms
\nTags
\nStream settings
\nTime to Live (TTL) settings
\nPoint in time recovery settings
\nIndicates whether deletion protection is enabled (true) or disabled (false) on the table.
" + "smithy.api#documentation": "Indicates whether deletion protection is enabled (true) or disabled (false) on the\n table.
" } }, "OnDemandThroughput": { "target": "com.amazonaws.dynamodb#OnDemandThroughput", "traits": { - "smithy.api#documentation": "The maximum number of read and write units for the specified on-demand table. If you use this parameter, you must specify MaxReadRequestUnits, MaxWriteRequestUnits, or both.
The maximum number of read and write units for the specified on-demand table. If you\n use this parameter, you must specify MaxReadRequestUnits,\n MaxWriteRequestUnits, or both.
Represents the warm throughput value (in read units per second and write units per second) of the base table.
" + "smithy.api#documentation": "Represents the warm throughput value (in read units per second and write units per\n second) of the base table.
" } }, "com.amazonaws.dynamodb#Tag": { @@ -12955,7 +12976,7 @@ "TableName": { "target": "com.amazonaws.dynamodb#TableArn", "traits": { - "smithy.api#documentation": "Name of the table for the UpdateItem request. You can also provide the Amazon Resource Name (ARN) of the table in this parameter.
Name of the table for the UpdateItem request. You can also provide the\n Amazon Resource Name (ARN) of the table in this parameter.
\n UpdateContinuousBackups enables or disables point in time recovery for\n the specified table. A successful UpdateContinuousBackups call returns the\n current ContinuousBackupsDescription. Continuous backups are\n ENABLED on all tables at table creation. If point in time recovery is\n enabled, PointInTimeRecoveryStatus will be set to ENABLED.
Once continuous backups and point in time recovery are enabled, you can restore to\n any point in time within EarliestRestorableDateTime and\n LatestRestorableDateTime.
\n LatestRestorableDateTime is typically 5 minutes before the current time.\n You can restore your table to any point in time during the last 35 days.
\n UpdateContinuousBackups enables or disables point in time recovery for\n the specified table. A successful UpdateContinuousBackups call returns the\n current ContinuousBackupsDescription. Continuous backups are\n ENABLED on all tables at table creation. If point in time recovery is\n enabled, PointInTimeRecoveryStatus will be set to ENABLED.
Once continuous backups and point in time recovery are enabled, you can restore to\n any point in time within EarliestRestorableDateTime and\n LatestRestorableDateTime.
\n LatestRestorableDateTime is typically 5 minutes before the current time.\n You can restore your table to any point in time in the last 35 days. You can set the recovery period to any value between 1 and 35 days.
Updates the maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify MaxReadRequestUnits, MaxWriteRequestUnits, or both.
Updates the maximum number of read and write units for the specified global secondary\n index. If you use this parameter, you must specify MaxReadRequestUnits,\n MaxWriteRequestUnits, or both.
Represents the warm throughput value of the new provisioned throughput settings to be applied to a global secondary index.
" + "smithy.api#documentation": "Represents the warm throughput value of the new provisioned throughput settings to be\n applied to a global secondary index.
" } } }, @@ -13972,18 +13993,18 @@ "ReadUnitsPerSecond": { "target": "com.amazonaws.dynamodb#LongObject", "traits": { - "smithy.api#documentation": "Represents the number of read operations your base table can instantaneously support.
" + "smithy.api#documentation": "Represents the number of read operations your base table can instantaneously\n support.
" } }, "WriteUnitsPerSecond": { "target": "com.amazonaws.dynamodb#LongObject", "traits": { - "smithy.api#documentation": "Represents the number of write operations your base table can instantaneously support.
" + "smithy.api#documentation": "Represents the number of write operations your base table can instantaneously\n support.
" } } }, "traits": { - "smithy.api#documentation": "Provides visibility into the number of read and write operations your table or secondary index can instantaneously support. The settings can be modified using the UpdateTable operation to meet the throughput requirements of an upcoming peak event.
Provides visibility into the number of read and write operations your table or\n secondary index can instantaneously support. The settings can be modified using the\n UpdateTable operation to meet the throughput requirements of an\n upcoming peak event.
Creates a snapshot of an EBS volume and stores it in Amazon S3. You can use snapshots for\n \tbackups, to make copies of EBS volumes, and to save data before shutting down an\n \tinstance.
\nYou can create snapshots of volumes in a Region and volumes on an Outpost. If you \n \tcreate a snapshot of a volume in a Region, the snapshot must be stored in the same \n \tRegion as the volume. If you create a snapshot of a volume on an Outpost, the snapshot \n \tcan be stored on the same Outpost as the volume, or in the Region for that Outpost.
\nWhen a snapshot is created, any Amazon Web Services Marketplace product codes that are associated with the\n source volume are propagated to the snapshot.
\nYou can take a snapshot of an attached volume that is in use. However, snapshots only\n capture data that has been written to your Amazon EBS volume at the time the snapshot command is\n issued; this might exclude any data that has been cached by any applications or the operating\n system. If you can pause any file systems on the volume long enough to take a snapshot, your\n snapshot should be complete. However, if you cannot pause all file writes to the volume, you\n should unmount the volume from within the instance, issue the snapshot command, and then\n remount the volume to ensure a consistent and complete snapshot. You may remount and use your\n volume while the snapshot status is pending.
When you create a snapshot for an EBS volume that serves as a root device, we recommend \n that you stop the instance before taking the snapshot.
\nSnapshots that are taken from encrypted volumes are automatically encrypted. Volumes that\n are created from encrypted snapshots are also automatically encrypted. Your encrypted volumes\n and any associated snapshots always remain protected.
\nYou can tag your snapshots during creation. For more information, see Tag your Amazon EC2\n resources in the Amazon EC2 User Guide.
\nFor more information, see Amazon EBS and Amazon EBS encryption in the Amazon EBS User Guide.
", + "smithy.api#documentation": "Creates a snapshot of an EBS volume and stores it in Amazon S3. You can use snapshots for\n \tbackups, to make copies of EBS volumes, and to save data before shutting down an\n \tinstance.
\nThe location of the source EBS volume determines where you can create the snapshot.
\nIf the source volume is in a Region, you must create the snapshot in the same \n Region as the volume.
\nIf the source volume is in a Local Zone, you can create the snapshot in the same \n Local Zone or in parent Amazon Web Services Region.
\nIf the source volume is on an Outpost, you can create the snapshot on the same \n Outpost or in its parent Amazon Web Services Region.
\nWhen a snapshot is created, any Amazon Web Services Marketplace product codes that are associated with the\n source volume are propagated to the snapshot.
\nYou can take a snapshot of an attached volume that is in use. However, snapshots only\n capture data that has been written to your Amazon EBS volume at the time the snapshot command is\n issued; this might exclude any data that has been cached by any applications or the operating\n system. If you can pause any file systems on the volume long enough to take a snapshot, your\n snapshot should be complete. However, if you cannot pause all file writes to the volume, you\n should unmount the volume from within the instance, issue the snapshot command, and then\n remount the volume to ensure a consistent and complete snapshot. You may remount and use your\n volume while the snapshot status is pending.
When you create a snapshot for an EBS volume that serves as a root device, we recommend \n that you stop the instance before taking the snapshot.
\nSnapshots that are taken from encrypted volumes are automatically encrypted. Volumes that\n are created from encrypted snapshots are also automatically encrypted. Your encrypted volumes\n and any associated snapshots always remain protected. For more information, \n Amazon EBS encryption \n in the Amazon EBS User Guide.
", "smithy.api#examples": [ { "title": "To create a snapshot", @@ -19840,7 +19840,7 @@ "OutpostArn": { "target": "com.amazonaws.ec2#String", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Outpost on which to create a local \n \tsnapshot.
\nTo create a snapshot of a volume in a Region, omit this parameter. The snapshot \n \t\t\t\tis created in the same Region as the volume.
\nTo create a snapshot of a volume on an Outpost and store the snapshot in the \n \t\t\t\tRegion, omit this parameter. The snapshot is created in the Region for the \n \t\t\t\tOutpost.
\nTo create a snapshot of a volume on an Outpost and store the snapshot on an \n \t\t\tOutpost, specify the ARN of the destination Outpost. The snapshot must be created on \n \t\t\tthe same Outpost as the volume.
\nFor more information, see Create local snapshots from volumes on an Outpost in the Amazon EBS User Guide.
" + "smithy.api#documentation": "Only supported for volumes on Outposts. If the source volume is not on an Outpost, \n omit this parameter.
\nTo create the snapshot on the same Outpost as the source volume, specify the \n ARN of that Outpost. The snapshot must be created on the same Outpost as the volume.
\nTo create the snapshot in the parent Region of the Outpost, omit this parameter.
\nFor more information, see Create local snapshots from volumes on an Outpost in the Amazon EBS User Guide.
" } }, "VolumeId": { @@ -19858,6 +19858,12 @@ "smithy.api#xmlName": "TagSpecification" } }, + "Location": { + "target": "com.amazonaws.ec2#SnapshotLocationEnum", + "traits": { + "smithy.api#documentation": "Only supported for volumes in Local Zones. If the source volume is not in a Local Zone, \n omit this parameter.
\nTo create a local snapshot in the same Local Zone as the source volume, specify \n local.
To create a regional snapshot in the parent Region of the Local Zone, specify \n regional or omit this parameter.
Default value: regional\n
Creates crash-consistent snapshots of multiple EBS volumes and stores the data in S3.\n Volumes are chosen by specifying an instance. Any attached volumes will produce one snapshot\n each that is crash-consistent across the instance.
\nYou can include all of the volumes currently attached to the instance, or you can exclude \n the root volume or specific data (non-root) volumes from the multi-volume snapshot set.
\nYou can create multi-volume snapshots of instances in a Region and instances on an \n \tOutpost. If you create snapshots from an instance in a Region, the snapshots must be stored \n \tin the same Region as the instance. If you create snapshots from an instance on an Outpost, \n \tthe snapshots can be stored on the same Outpost as the instance, or in the Region for that \n \tOutpost.
" + "smithy.api#documentation": "Creates crash-consistent snapshots of multiple EBS volumes attached to an Amazon EC2 instance.\n Volumes are chosen by specifying an instance. Each volume attached to the specified instance \n will produce one snapshot that is crash-consistent across the instance. You can include all of \n the volumes currently attached to the instance, or you can exclude the root volume or specific \n data (non-root) volumes from the multi-volume snapshot set.
\nThe location of the source instance determines where you can create the snapshots.
\nIf the source instance is in a Region, you must create the snapshots in the same \n Region as the instance.
\nIf the source instance is in a Local Zone, you can create the snapshots in the same \n Local Zone or in parent Amazon Web Services Region.
\nIf the source instance is on an Outpost, you can create the snapshots on the same \n Outpost or in its parent Amazon Web Services Region.
\nThe Amazon Resource Name (ARN) of the Outpost on which to create the local \n \t\tsnapshots.
\nTo create snapshots from an instance in a Region, omit this parameter. The \n \t\t\t\tsnapshots are created in the same Region as the instance.
\nTo create snapshots from an instance on an Outpost and store the snapshots \n \t\t\t\tin the Region, omit this parameter. The snapshots are created in the Region \n \t\t\t\tfor the Outpost.
\nTo create snapshots from an instance on an Outpost and store the snapshots \n \t\t\t\ton an Outpost, specify the ARN of the destination Outpost. The snapshots must \n \t\t\t\tbe created on the same Outpost as the instance.
\nFor more information, see \n \t\tCreate multi-volume local snapshots from instances on an Outpost in the \n \t\tAmazon EBS User Guide.
" + "smithy.api#documentation": "Only supported for instances on Outposts. If the source instance is not on an Outpost, \n omit this parameter.
\nTo create the snapshots on the same Outpost as the source instance, specify the \n ARN of that Outpost. The snapshots must be created on the same Outpost as the instance.
\nTo create the snapshots in the parent Region of the Outpost, omit this parameter.
\nFor more information, see \n Create local snapshots from volumes on an Outpost in the Amazon EBS User Guide.
" } }, "TagSpecifications": { @@ -19924,6 +19930,12 @@ "traits": { "smithy.api#documentation": "Copies the tags from the specified volume to corresponding snapshot.
" } + }, + "Location": { + "target": "com.amazonaws.ec2#SnapshotLocationEnum", + "traits": { + "smithy.api#documentation": "Only supported for instances in Local Zones. If the source instance is not in a Local Zone, \n omit this parameter.
\nTo create local snapshots in the same Local Zone as the source instance, specify \n local.
To create a regional snapshots in the parent Region of the Local Zone, specify \n regional or omit this parameter.
Default value: regional\n
The Availability Zone or Local Zone of the snapshot. For example, us-west-1a \n (Availability Zone) or us-west-2-lax-1a (Local Zone).
Reserved for future use.
", "smithy.api#xmlName": "sseType" } + }, + "AvailabilityZone": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "AvailabilityZone", + "smithy.api#documentation": "The Availability Zone or Local Zone of the snapshots. For example, us-west-1a \n (Availability Zone) or us-west-2-lax-1a (Local Zone).
The encryption type to use.
\nIf you use the KMS encryption type, the contents of the repository will\n be encrypted using server-side encryption with Key Management Service key stored in KMS. When you\n use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key\n for Amazon ECR, or specify your own KMS key, which you already created.
If you use the KMS_DSSE encryption type, the contents of the repository\n will be encrypted with two layers of encryption using server-side encryption with the\n KMS Management Service key stored in KMS. Similar to the KMS encryption type, you\n can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS\n key, which you've already created.
If you use the AES256 encryption type, Amazon ECR uses server-side encryption\n with Amazon S3-managed encryption keys which encrypts the images in the repository using an\n AES256 encryption algorithm.
For more information, see Amazon ECR encryption at\n rest in the Amazon Elastic Container Registry User Guide.
", + "smithy.api#documentation": "The encryption type to use.
\nIf you use the KMS encryption type, the contents of the repository will\n be encrypted using server-side encryption with Key Management Service key stored in KMS. When you\n use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key\n for Amazon ECR, or specify your own KMS key, which you already created.
If you use the KMS_DSSE encryption type, the contents of the repository\n will be encrypted with two layers of encryption using server-side encryption with the\n KMS Management Service key stored in KMS. Similar to the KMS encryption\n type, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your\n own KMS key, which you've already created.
If you use the AES256 encryption type, Amazon ECR uses server-side encryption\n with Amazon S3-managed encryption keys which encrypts the images in the repository using an\n AES256 encryption algorithm.
For more information, see Amazon ECR encryption at\n rest in the Amazon Elastic Container Registry User Guide.
", "smithy.api#required": {} } }, @@ -3784,7 +3784,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves the basic scan type version name.
" + "smithy.api#documentation": "Retrieves the account setting value for the specified setting name.
" } }, "com.amazonaws.ecr#GetAccountSettingRequest": { @@ -3793,7 +3793,7 @@ "name": { "target": "com.amazonaws.ecr#AccountSettingName", "traits": { - "smithy.api#documentation": "Basic scan type version name.
", + "smithy.api#documentation": "The name of the account setting, such as BASIC_SCAN_TYPE_VERSION or\n REGISTRY_POLICY_SCOPE.
Retrieves the basic scan type version name.
" + "smithy.api#documentation": "Retrieves the name of the account setting.
" } }, "value": { "target": "com.amazonaws.ecr#AccountSettingName", "traits": { - "smithy.api#documentation": "Retrieves the value that specifies what basic scan type is being used:\n AWS_NATIVE or CLAIR.
The setting value for the setting name. The following are valid values for the basic scan\n type being used: AWS_NATIVE or CLAIR. The following are valid\n values for the registry policy scope being used: V1 or\n V2.
Allows you to change the basic scan type version by setting the name\n parameter to either CLAIR to AWS_NATIVE.
Allows you to change the basic scan type version or registry policy scope.
" } }, "com.amazonaws.ecr#PutAccountSettingRequest": { @@ -6004,14 +6004,14 @@ "name": { "target": "com.amazonaws.ecr#AccountSettingName", "traits": { - "smithy.api#documentation": "Basic scan type version name.
", + "smithy.api#documentation": "The name of the account setting, such as BASIC_SCAN_TYPE_VERSION or\n REGISTRY_POLICY_SCOPE.
Setting value that determines what basic scan type is being used:\n AWS_NATIVE or CLAIR.
Setting value that is specified. The following are valid values for the basic scan\n type being used: AWS_NATIVE or CLAIR. The following are valid\n values for the registry policy scope being used: V1 or\n V2.
Retrieves the the basic scan type version name.
" + "smithy.api#documentation": "Retrieves the name of the account setting.
" } }, "value": { "target": "com.amazonaws.ecr#AccountSettingValue", "traits": { - "smithy.api#documentation": "Retrieves the basic scan type value, either AWS_NATIVE or\n -.
Retrieves the value of the specified account setting.
" } } }, diff --git a/codegen/sdk/aws-models/ecs.json b/codegen/sdk/aws-models/ecs.json index acd01dd3efe..9173873b692 100644 --- a/codegen/sdk/aws-models/ecs.json +++ b/codegen/sdk/aws-models/ecs.json @@ -1526,14 +1526,14 @@ "subnets": { "target": "com.amazonaws.ecs#StringList", "traits": { - "smithy.api#documentation": "The IDs of the subnets associated with the task or service. There's a limit of 16\n\t\t\tsubnets that can be specified per awsvpcConfiguration.
All specified subnets must be from the same VPC.
\nThe IDs of the subnets associated with the task or service. There's a limit of 16\n\t\t\tsubnets that can be specified.
\nAll specified subnets must be from the same VPC.
\nThe IDs of the security groups associated with the task or service. If you don't\n\t\t\tspecify a security group, the default security group for the VPC is used. There's a\n\t\t\tlimit of 5 security groups that can be specified per\n\t\t\tawsvpcConfiguration.
All specified security groups must be from the same VPC.
\nThe IDs of the security groups associated with the task or service. If you don't\n\t\t\tspecify a security group, the default security group for the VPC is used. There's a\n\t\t\tlimit of 5 security groups that can be specified.
\nAll specified security groups must be from the same VPC.
\nCreates a new capacity provider. Capacity providers are associated with an Amazon ECS\n\t\t\tcluster and are used in capacity provider strategies to facilitate cluster auto\n\t\t\tscaling.
\nOnly capacity providers that use an Auto Scaling group can be created. Amazon ECS tasks on\n\t\t\tFargate use the FARGATE and FARGATE_SPOT capacity providers.\n\t\t\tThese providers are available to all accounts in the Amazon Web Services Regions that Fargate\n\t\t\tsupports.
Creates a new capacity provider. Capacity providers are associated with an Amazon ECS\n\t\t\tcluster and are used in capacity provider strategies to facilitate cluster auto\n\t\t\tscaling.
\nOnly capacity providers that use an Auto Scaling group can be created. Amazon ECS tasks on\n\t\t\tFargate use the FARGATE and FARGATE_SPOT capacity providers.\n\t\t\tThese providers are available to all accounts in the Amazon Web Services Regions that Fargate\n\t\t\tsupports.
Create a task set in the specified cluster and service. This is used when a service\n\t\t\tuses the EXTERNAL deployment controller type. For more information, see\n\t\t\t\tAmazon ECS deployment\n\t\t\t\ttypes in the Amazon Elastic Container Service Developer Guide.
On March 21, 2024, a change was made to resolve the task definition revision before authorization. When a task definition revision is not specified, authorization will occur using the latest revision of a task definition.
\nFor information about the maximum number of task sets and other quotas, see Amazon ECS\n\t\t\t\tservice quotas in the Amazon Elastic Container Service Developer Guide.
" + "smithy.api#documentation": "Create a task set in the specified cluster and service. This is used when a service\n\t\t\tuses the EXTERNAL deployment controller type. For more information, see\n\t\t\t\tAmazon ECS deployment\n\t\t\t\ttypes in the Amazon Elastic Container Service Developer Guide.
On March 21, 2024, a change was made to resolve the task definition revision before authorization. When a task definition revision is not specified, authorization will occur using the latest revision of a task definition.
\nFor information about the maximum number of task sets and other quotas, see Amazon ECS\n\t\t\t\tservice quotas in the Amazon Elastic Container Service Developer Guide.
", + "smithy.api#examples": [ + { + "title": "To create a task set", + "documentation": "This example creates a task set in a service that uses the EXTERNAL deployment controller.", + "input": { + "service": "MyService", + "cluster": "MyCluster", + "taskDefinition": "MyTaskDefinition:2", + "networkConfiguration": { + "awsvpcConfiguration": { + "subnets": [ + "subnet-12344321" + ], + "securityGroups": [ + "sg-12344321" + ] + } + } + }, + "output": { + "taskSet": { + "id": "ecs-svc/1234567890123456789", + "taskSetArn": "arn:aws:ecs:us-west-2:123456789012:task-set/MyCluster/MyService/ecs-svc/1234567890123456789", + "status": "ACTIVE", + "taskDefinition": "arn:aws:ecs:us-west-2:123456789012:task-definition/MyTaskDefinition:2", + "computedDesiredCount": 0, + "pendingCount": 0, + "runningCount": 0, + "createdAt": 1.557128360711E9, + "updatedAt": 1.557128360711E9, + "launchType": "EC2", + "networkConfiguration": { + "awsvpcConfiguration": { + "subnets": [ + "subnet-12344321" + ], + "securityGroups": [ + "sg-12344321" + ], + "assignPublicIp": "DISABLED" + } + }, + "loadBalancers": [], + "serviceRegistries": [], + "scale": { + "value": 0, + "unit": "PERCENT" + }, + "stabilityStatus": "STABILIZING", + "stabilityStatusAt": 1.557128360711E9 + } + } + } + ] } }, "com.amazonaws.ecs#CreateTaskSetRequest": { @@ -3770,7 +3860,30 @@ } ], "traits": { - "smithy.api#documentation": "Deletes one or more custom attributes from an Amazon ECS resource.
" + "smithy.api#documentation": "Deletes one or more custom attributes from an Amazon ECS resource.
", + "smithy.api#examples": [ + { + "title": "To delete a custom attribute from an Amazon ECS instance", + "documentation": "This example deletes an attribute named stack from a container instance. ", + "input": { + "attributes": [ + { + "name": "stack", + "targetId": "aws:ecs:us-west-2:130757420319:container-instance/1c3be8ed-df30-47b4-8f1e-6e68ebd01f34" + } + ] + }, + "output": { + "attributes": [ + { + "name": "stack", + "targetId": "aws:ecs:us-west-2:130757420319:container-instance/1c3be8ed-df30-47b4-8f1e-6e68ebd01f34", + "value": "production" + } + ] + } + } + ] } }, "com.amazonaws.ecs#DeleteAttributesRequest": { @@ -3828,7 +3941,35 @@ } ], "traits": { - "smithy.api#documentation": "Deletes the specified capacity provider.
\nThe FARGATE and FARGATE_SPOT capacity providers are\n\t\t\t\treserved and can't be deleted. You can disassociate them from a cluster using either\n\t\t\t\t\tPutClusterCapacityProviders or by deleting the cluster.
Prior to a capacity provider being deleted, the capacity provider must be removed from\n\t\t\tthe capacity provider strategy from all services. The UpdateService API\n\t\t\tcan be used to remove a capacity provider from a service's capacity provider strategy.\n\t\t\tWhen updating a service, the forceNewDeployment option can be used to\n\t\t\tensure that any tasks using the Amazon EC2 instance capacity provided by the capacity\n\t\t\tprovider are transitioned to use the capacity from the remaining capacity providers.\n\t\t\tOnly capacity providers that aren't associated with a cluster can be deleted. To remove\n\t\t\ta capacity provider from a cluster, you can either use PutClusterCapacityProviders or delete the cluster.
Deletes the specified capacity provider.
\nThe FARGATE and FARGATE_SPOT capacity providers are\n\t\t\t\treserved and can't be deleted. You can disassociate them from a cluster using either\n\t\t\t\t\tPutClusterCapacityProviders or by deleting the cluster.
Prior to a capacity provider being deleted, the capacity provider must be removed from\n\t\t\tthe capacity provider strategy from all services. The UpdateService API\n\t\t\tcan be used to remove a capacity provider from a service's capacity provider strategy.\n\t\t\tWhen updating a service, the forceNewDeployment option can be used to\n\t\t\tensure that any tasks using the Amazon EC2 instance capacity provided by the capacity\n\t\t\tprovider are transitioned to use the capacity from the remaining capacity providers.\n\t\t\tOnly capacity providers that aren't associated with a cluster can be deleted. To remove\n\t\t\ta capacity provider from a cluster, you can either use PutClusterCapacityProviders or delete the cluster.
Deletes one or more task definitions.
\nYou must deregister a task definition revision before you delete it. For more\n\t\t\tinformation, see DeregisterTaskDefinition.
\nWhen you delete a task definition revision, it is immediately transitions from the\n\t\t\t\tINACTIVE to DELETE_IN_PROGRESS. Existing tasks and\n\t\t\tservices that reference a DELETE_IN_PROGRESS task definition revision\n\t\t\tcontinue to run without disruption. Existing services that reference a\n\t\t\t\tDELETE_IN_PROGRESS task definition revision can still scale up or down\n\t\t\tby modifying the service's desired count.
You can't use a DELETE_IN_PROGRESS task definition revision to run new\n\t\t\ttasks or create new services. You also can't update an existing service to reference a\n\t\t\t\tDELETE_IN_PROGRESS task definition revision.
A task definition revision will stay in DELETE_IN_PROGRESS status until\n\t\t\tall the associated tasks and services have been terminated.
When you delete all INACTIVE task definition revisions, the task\n\t\t\tdefinition name is not displayed in the console and not returned in the API. If a task\n\t\t\tdefinition revisions are in the DELETE_IN_PROGRESS state, the task\n\t\t\tdefinition name is displayed in the console and returned in the API. The task definition\n\t\t\tname is retained by Amazon ECS and the revision is incremented the next time you create a\n\t\t\ttask definition with that name.
Deletes one or more task definitions.
\nYou must deregister a task definition revision before you delete it. For more\n\t\t\tinformation, see DeregisterTaskDefinition.
\nWhen you delete a task definition revision, it is immediately transitions from the\n\t\t\t\tINACTIVE to DELETE_IN_PROGRESS. Existing tasks and\n\t\t\tservices that reference a DELETE_IN_PROGRESS task definition revision\n\t\t\tcontinue to run without disruption. Existing services that reference a\n\t\t\t\tDELETE_IN_PROGRESS task definition revision can still scale up or down\n\t\t\tby modifying the service's desired count.
You can't use a DELETE_IN_PROGRESS task definition revision to run new\n\t\t\ttasks or create new services. You also can't update an existing service to reference a\n\t\t\t\tDELETE_IN_PROGRESS task definition revision.
A task definition revision will stay in DELETE_IN_PROGRESS status until\n\t\t\tall the associated tasks and services have been terminated.
When you delete all INACTIVE task definition revisions, the task\n\t\t\tdefinition name is not displayed in the console and not returned in the API. If a task\n\t\t\tdefinition revisions are in the DELETE_IN_PROGRESS state, the task\n\t\t\tdefinition name is displayed in the console and returned in the API. The task definition\n\t\t\tname is retained by Amazon ECS and the revision is incremented the next time you create a\n\t\t\ttask definition with that name.
Deletes a specified task set within a service. This is used when a service uses the\n\t\t\t\tEXTERNAL deployment controller type. For more information, see Amazon ECS deployment types in the Amazon Elastic Container Service Developer Guide.
Deletes a specified task set within a service. This is used when a service uses the\n\t\t\t\tEXTERNAL deployment controller type. For more information, see Amazon ECS deployment types in the Amazon Elastic Container Service Developer Guide.
If a service is using the rolling update (ECS) deployment type, the\n\t\t\t\tmaximumPercent parameter represents an upper limit on the number of\n\t\t\tyour service's tasks that are allowed in the RUNNING or\n\t\t\t\tPENDING state during a deployment, as a percentage of the\n\t\t\t\tdesiredCount (rounded down to the nearest integer). This parameter\n\t\t\tenables you to define the deployment batch size. For example, if your service is using\n\t\t\tthe REPLICA service scheduler and has a desiredCount of four\n\t\t\ttasks and a maximumPercent value of 200%, the scheduler may start four new\n\t\t\ttasks before stopping the four older tasks (provided that the cluster resources required\n\t\t\tto do this are available). The default maximumPercent value for a service\n\t\t\tusing the REPLICA service scheduler is 200%.
The Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting\n\t\t\treplacement tasks first and then stopping the unhealthy tasks, as long as cluster\n\t\t\tresources for starting replacement tasks are available. For more information about how\n\t\t\tthe scheduler replaces unhealthy tasks, see Amazon ECS\n\t\t\tservices.
\nIf a service is using either the blue/green (CODE_DEPLOY) or\n\t\t\t\tEXTERNAL deployment types, and tasks in the service use the\n\t\t\tEC2 launch type, the maximum percent\n\t\t\tvalue is set to the default value. The maximum percent\n\t\t\tvalue is used to define the upper limit on the number of the tasks in the service that\n\t\t\tremain in the RUNNING state while the container instances are in the\n\t\t\t\tDRAINING state.
You can't specify a custom maximumPercent value for a service that\n\t\t\t\tuses either the blue/green (CODE_DEPLOY) or EXTERNAL\n\t\t\t\tdeployment types and has tasks that use the EC2 launch type.
If the tasks in the service use the Fargate launch type, the maximum\n\t\t\tpercent value is not used, although it is returned when describing your service.
" + "smithy.api#documentation": "If a service is using the rolling update (ECS) deployment type, the\n\t\t\t\tmaximumPercent parameter represents an upper limit on the number of\n\t\t\tyour service's tasks that are allowed in the RUNNING or\n\t\t\t\tPENDING state during a deployment, as a percentage of the\n\t\t\t\tdesiredCount (rounded down to the nearest integer). This parameter\n\t\t\tenables you to define the deployment batch size. For example, if your service is using\n\t\t\tthe REPLICA service scheduler and has a desiredCount of four\n\t\t\ttasks and a maximumPercent value of 200%, the scheduler may start four new\n\t\t\ttasks before stopping the four older tasks (provided that the cluster resources required\n\t\t\tto do this are available). The default maximumPercent value for a service\n\t\t\tusing the REPLICA service scheduler is 200%.
The Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting\n\t\t\treplacement tasks first and then stopping the unhealthy tasks, as long as cluster\n\t\t\tresources for starting replacement tasks are available. For more information about how\n\t\t\tthe scheduler replaces unhealthy tasks, see Amazon ECS\n\t\t\tservices.
\nIf a service is using either the blue/green (CODE_DEPLOY) or\n\t\t\t\tEXTERNAL deployment types, and tasks in the service use the\n\t\t\tEC2 launch type, the maximum percent\n\t\t\tvalue is set to the default value. The maximum percent\n\t\t\tvalue is used to define the upper limit on the number of the tasks in the service that\n\t\t\tremain in the RUNNING state while the container instances are in the\n\t\t\t\tDRAINING state.
You can't specify a custom maximumPercent value for a service that\n\t\t\t\tuses either the blue/green (CODE_DEPLOY) or EXTERNAL\n\t\t\t\tdeployment types and has tasks that use the EC2 launch type.
If the service uses either the blue/green (CODE_DEPLOY) or EXTERNAL\n\t\t\tdeployment types, and the tasks in the service use the Fargate launch type, the maximum\n\t\t\tpercent value is not used. The value is still returned when describing your service.
Deregisters the specified task definition by family and revision. Upon deregistration,\n\t\t\tthe task definition is marked as INACTIVE. Existing tasks and services that\n\t\t\treference an INACTIVE task definition continue to run without disruption.\n\t\t\tExisting services that reference an INACTIVE task definition can still\n\t\t\tscale up or down by modifying the service's desired count. If you want to delete a task\n\t\t\tdefinition revision, you must first deregister the task definition revision.
You can't use an INACTIVE task definition to run new tasks or create new\n\t\t\tservices, and you can't update an existing service to reference an INACTIVE\n\t\t\ttask definition. However, there may be up to a 10-minute window following deregistration\n\t\t\twhere these restrictions have not yet taken effect.
At this time, INACTIVE task definitions remain discoverable in your\n\t\t\t\taccount indefinitely. However, this behavior is subject to change in the future. We\n\t\t\t\tdon't recommend that you rely on INACTIVE task definitions persisting\n\t\t\t\tbeyond the lifecycle of any associated tasks and services.
You must deregister a task definition revision before you delete it. For more\n\t\t\tinformation, see DeleteTaskDefinitions.
" + "smithy.api#documentation": "Deregisters the specified task definition by family and revision. Upon deregistration,\n\t\t\tthe task definition is marked as INACTIVE. Existing tasks and services that\n\t\t\treference an INACTIVE task definition continue to run without disruption.\n\t\t\tExisting services that reference an INACTIVE task definition can still\n\t\t\tscale up or down by modifying the service's desired count. If you want to delete a task\n\t\t\tdefinition revision, you must first deregister the task definition revision.
You can't use an INACTIVE task definition to run new tasks or create new\n\t\t\tservices, and you can't update an existing service to reference an INACTIVE\n\t\t\ttask definition. However, there may be up to a 10-minute window following deregistration\n\t\t\twhere these restrictions have not yet taken effect.
At this time, INACTIVE task definitions remain discoverable in your\n\t\t\t\taccount indefinitely. However, this behavior is subject to change in the future. We\n\t\t\t\tdon't recommend that you rely on INACTIVE task definitions persisting\n\t\t\t\tbeyond the lifecycle of any associated tasks and services.
You must deregister a task definition revision before you delete it. For more\n\t\t\tinformation, see DeleteTaskDefinitions.
", + "smithy.api#examples": [ + { + "title": "To deregister a revision of a task definition", + "documentation": "This example deregisters the first revision of the curler task definition", + "input": { + "taskDefinition": "curler:1" + }, + "output": { + "taskDefinition": { + "status": "INACTIVE", + "family": "curler", + "volumes": [], + "taskDefinitionArn": "arn:aws:ecs:us-west-2:123456789012:task-definition/curler:1", + "containerDefinitions": [ + { + "environment": [], + "name": "curler", + "mountPoints": [], + "image": "curl:latest", + "cpu": 100, + "portMappings": [], + "entryPoint": [], + "memory": 256, + "command": [ + "curl -v http://example.com/" + ], + "essential": true, + "volumesFrom": [] + } + ], + "revision": 1 + } + } + } + ] } }, "com.amazonaws.ecs#DeregisterTaskDefinitionRequest": { @@ -4635,7 +4899,82 @@ } ], "traits": { - "smithy.api#documentation": "Describes one or more of your capacity providers.
" + "smithy.api#documentation": "Describes one or more of your capacity providers.
", + "smithy.api#examples": [ + { + "title": "To describe a specific capacity provider", + "documentation": "This example retrieves details about the capacity provider MyCapacityProvider", + "input": { + "capacityProviders": [ + "MyCapacityProvider" + ], + "include": [ + "TAGS" + ] + }, + "output": { + "capacityProviders": [ + { + "capacityProviderArn": "arn:aws:ecs:us-west-2:123456789012:capacity-provider/MyCapacityProvider", + "name": "MyCapacityProvider", + "status": "ACTIVE", + "autoScalingGroupProvider": { + "autoScalingGroupArn": "arn:aws:autoscaling:us-west-2:123456789012:autoScalingGroup:a1b2c3d4-5678-90ab-cdef-EXAMPLE11111:autoScalingGroupName/MyAutoScalingGroup", + "managedScaling": { + "status": "ENABLED", + "targetCapacity": 100, + "minimumScalingStepSize": 1, + "maximumScalingStepSize": 1000 + }, + "managedTerminationProtection": "ENABLED" + }, + "tags": [ + { + "key": "environment", + "value": "production" + } + ] + } + ] + } + }, + { + "title": "To describe all capacity providers", + "documentation": "This example retrieves details about all capacity providers. ", + "output": { + "capacityProviders": [ + { + "capacityProviderArn": "arn:aws:ecs:us-west-2:123456789012:capacity-provider/MyCapacityProvider", + "name": "MyCapacityProvider", + "status": "ACTIVE", + "autoScalingGroupProvider": { + "autoScalingGroupArn": "arn:aws:autoscaling:us-west-2:123456789012:autoScalingGroup:a1b2c3d4-5678-90ab-cdef-EXAMPLE11111:autoScalingGroupName/MyAutoScalingGroup", + "managedScaling": { + "status": "ENABLED", + "targetCapacity": 100, + "minimumScalingStepSize": 1, + "maximumScalingStepSize": 1000 + }, + "managedTerminationProtection": "ENABLED" + }, + "tags": [] + }, + { + "capacityProviderArn": "arn:aws:ecs:us-west-2:123456789012:capacity-provider/FARGATE", + "name": "FARGATE", + "status": "ACTIVE", + "tags": [] + }, + { + "capacityProviderArn": "arn:aws:ecs:us-west-2:123456789012:capacity-provider/FARGATE_SPOT", + "name": "FARGATE_SPOT", + "status": "ACTIVE", + "tags": [] + } + ] + } + } + ] } }, "com.amazonaws.ecs#DescribeCapacityProvidersRequest": { @@ -5426,7 +5765,56 @@ } ], "traits": { - "smithy.api#documentation": "Describes the task sets in the specified cluster and service. This is used when a\n\t\t\tservice uses the EXTERNAL deployment controller type. For more information,\n\t\t\tsee Amazon ECS Deployment\n\t\t\t\tTypes in the Amazon Elastic Container Service Developer Guide.
Describes the task sets in the specified cluster and service. This is used when a\n\t\t\tservice uses the EXTERNAL deployment controller type. For more information,\n\t\t\tsee Amazon ECS Deployment\n\t\t\t\tTypes in the Amazon Elastic Container Service Developer Guide.
Runs a command remotely on a container within a task.
\nIf you use a condition key in your IAM policy to refine the conditions for the\n\t\t\tpolicy statement, for example limit the actions to a specific cluster, you receive an\n\t\t\t\tAccessDeniedException when there is a mismatch between the condition\n\t\t\tkey value and the corresponding parameter value.
For information about required permissions and considerations, see Using Amazon ECS\n\t\t\t\tExec for debugging in the Amazon ECS Developer Guide.\n\t\t
" + "smithy.api#documentation": "Runs a command remotely on a container within a task.
\nIf you use a condition key in your IAM policy to refine the conditions for the\n\t\t\tpolicy statement, for example limit the actions to a specific cluster, you receive an\n\t\t\t\tAccessDeniedException when there is a mismatch between the condition\n\t\t\tkey value and the corresponding parameter value.
For information about required permissions and considerations, see Using Amazon ECS\n\t\t\t\tExec for debugging in the Amazon ECS Developer Guide.\n\t\t
", + "smithy.api#examples": [ + { + "title": "To run a command remotely on a container in a task", + "documentation": "This example runs an interactive /bin/sh command on a container MyContainer. ", + "input": { + "cluster": "MyCluster", + "container": "MyContainer", + "command": "/bin/sh", + "interactive": true, + "task": "arn:aws:ecs:us-east-1:123456789012:task/MyCluster/d789e94343414c25b9f6bd59eEXAMPLE" + }, + "output": { + "clusterArn": "arn:aws:ecs:us-east-1:123456789012:cluster/MyCluster", + "containerArn": "arn:aws:ecs:us-east-1:123456789012:container/MyCluster/d789e94343414c25b9f6bd59eEXAMPLE/43ba4b77-37f7-4a41-b923-69d4abEXAMPLE", + "containerName": "MyContainer", + "interactive": true, + "session": { + "sessionId": "ecs-execute-command-794nnsxobsg4p2hiur6gxu9a9e", + "streamUrl": "wss://ssmmessages.us-east-1.amazonaws.com/v1/data-channel/ecs-execute-command-794nnsxobsg4p2hiur6gxu9a9e?role=publish_subscribe&cell-number=AAEAAfiZG4oybxqsYj3Zhm15s4J0W1k7d9nxVRenNO8Kl5nzAAAAAGdbWGl479/y/4IrTWPadUic3eBrMu3vmB7aPvI+s12lbpDc142y1KZy", + "tokenValue": "AAEAAcVb7ww10N9aNUI5Cl7K7DbHjbD2Ed4Mw6uaGYIc+UFNAAAAAGdbWGmMDaPbGfDkzrVIhyKEsc4CPT2hcToPU6yzlddPm7rRZvYQtpaAgsvQdjbCAd9OB6ohtDYfqZI9gzMqLKegXq0E+KbDcGPnQVODFNHmQxnR1BvC6vNcHqh6HAJuKnQD7RSYx/J5bfYNHj4hCYHuN0HNcueSDOOTRB/MBt5DBDY7Djv2uzs9FD0N1kcsGljZkZWLuPTVKHHyrU3zh0awfrFFC3RXvgaUCBnloIIvZeq2CjTesxn9JJS+3N4I0DVxfkHdWWBbBY/5+wH82JVTJpqN3yOAt74u/W7TvYBd7Xu2lQbvtpuAnEszl++bFG2ZoV3dfnmBkSnfD/qV1FJcEskbxUHKgmqe0Paouv4zwrQKNfWYfcv9xkWskqcExh07IeaxZz1tp/WegZ5D76sD6xYeuH+35TMNXMoY7oudLgxIXsA7b39ElM7orGi4Jy3W2tLyuNIvDoI2JI6ww4tYdEjYZnld9rhKwV9rDHk1Z8wjHMs++3BIkHrFQRsv7BFUWlZ9lyqO9GWlXeBe7dQtOeFNahBuJUE9z/xLHJn1x13VkdROKqUVHTJrT4sXAnI5roWiGPoQPVY7aHVYJnwjSxrPRWJBsgyHiVN3dAWTmeVMjp0VbOiJaLlpBI+AUWs8OeVRzuJSZ+1alETpK7Ukag7ma9K4lxq/N7IxYo2ub0cG/bvX42zQqdJAW+9St9sQ1QMaMvkSq1tdbLoOuY0QjN7JrkuKLFQA5bhs+o1YwItzIp7bNrzQ9Z9IN51qoGL5HDXQzi1kNFfYtAryhwt6BgtQU9Z0k+RpE+V5G+V68E0MMUvb313f0nRBYj1u5VKonWb708wADPbUU+s7nvbWuD5oLp1Z6A4iqI9Om0R4RrFASj/7fVY7r3raNXcIYA=" + }, + "taskArn": "arn:aws:ecs:us-east-1:123456789012:task/MyCluster/d789e94343414c25b9f6bd59eEXAMPLE" + } + } + ] } }, "com.amazonaws.ecs#ExecuteCommandConfiguration": { @@ -7105,6 +7518,27 @@ ], "traits": { "smithy.api#documentation": "Lists the attributes for Amazon ECS resources within a specified target type and cluster.\n\t\t\tWhen you specify a target type and cluster, ListAttributes returns a list\n\t\t\tof attribute objects, one for each attribute on each resource. You can filter the list\n\t\t\tof results to a single attribute name to only return results that have that name. You\n\t\t\tcan also filter the results by attribute name and value. You can do this, for example,\n\t\t\tto see which container instances in a cluster are running a Linux AMI\n\t\t\t\t(ecs.os-type=linux).
This operation lists all the service deployments that meet the specified filter\n\t\t\tcriteria.
\nA service deployment happens when you release a softwre update for the service. You\n\t\t\troute traffic from the running service revisions to the new service revison and control\n\t\t\tthe number of running tasks.
\nThis API returns the values that you use for the request parameters in DescribeServiceRevisions.
" + "smithy.api#documentation": "This operation lists all the service deployments that meet the specified filter\n\t\t\tcriteria.
\nA service deployment happens when you release a software update for the service. You\n\t\t\troute traffic from the running service revisions to the new service revison and control\n\t\t\tthe number of running tasks.
\nThis API returns the values that you use for the request parameters in DescribeServiceRevisions.
", + "smithy.api#examples": [ + { + "title": "To list service deployments that meet the specified criteria", + "documentation": "This example lists all successful service deployments for the service \"sd-example\" in the cluster \"example\".", + "input": { + "service": "sd-example", + "cluster": "example", + "status": [ + "SUCCESSFUL" + ] + }, + "output": { + "serviceDeployments": [ + { + "serviceDeploymentArn": "arn:aws:ecs:us-west-2:123456789012:service-deployment/example/sd-example/NCWGC2ZR-taawPAYrIaU5", + "serviceArn": "arn:aws:ecs:us-west-2:123456789012:service/example/sd-example", + "clusterArn": "arn:aws:ecs:us-west-2:123456789012:cluster/example", + "targetServiceRevisionArn": "arn:aws:ecs:us-west-2:123456789012:service-revision/example/sd-example/4980306466373577095", + "status": "SUCCESSFUL" + } + ] + } + } + ] } }, "com.amazonaws.ecs#ListServiceDeploymentsRequest": { @@ -7422,7 +7880,7 @@ "cluster": { "target": "com.amazonaws.ecs#String", "traits": { - "smithy.api#documentation": "The cluster that hosts the service. This can either be the cluster name or ARN.\n\t\t\tStarting April 15, 2023, Amazon Web Services will not onboard new customers to Amazon\n\t\t\tElastic Inference (EI), and will help current customers migrate their workloads to\n\t\t\toptions that offer better price and performanceIf you don't specify a cluster,\n\t\t\t\tdefault is used.
The cluster that hosts the service. This can either be the cluster name or ARN.\n\t\t\tStarting April 15, 2023, Amazon Web Services will not onboard new customers to Amazon\n\t\t\tElastic Inference (EI), and will help current customers migrate their workloads to\n\t\t\toptions that offer better price and performance. If you don't specify a cluster,\n\t\t\t\tdefault is used.
The configuration options to send to the log driver.
\nThe options you can specify depend on the log driver. Some of the options you can\n\t\t\tspecify when you use the awslogs log driver to route logs to Amazon CloudWatch\n\t\t\tinclude the following:
Required: No
\nSpecify whether you want the log group to be created automatically. If\n\t\t\t\t\t\tthis option isn't specified, it defaults to false.
Your IAM policy must include the logs:CreateLogGroup\n\t\t\t\t\t\t\tpermission before you attempt to use\n\t\t\t\t\t\t\tawslogs-create-group.
Required: Yes
\nSpecify the Amazon Web Services Region that the awslogs log driver is to\n\t\t\t\t\t\tsend your Docker logs to. You can choose to send all of your logs from\n\t\t\t\t\t\tclusters in different Regions to a single region in CloudWatch Logs. This is so that\n\t\t\t\t\t\tthey're all visible in one location. Otherwise, you can separate them by\n\t\t\t\t\t\tRegion for more granularity. Make sure that the specified log group exists\n\t\t\t\t\t\tin the Region that you specify with this option.
Required: Yes
\nMake sure to specify a log group that the awslogs log driver\n\t\t\t\t\t\tsends its log streams to.
Required: Yes, when using the Fargate launch\n\t\t\t\t\t\t\ttype.Optional for the EC2 launch type,\n\t\t\t\t\t\t\trequired for the Fargate launch type.
\nUse the awslogs-stream-prefix option to associate a log\n\t\t\t\t\t\tstream with the specified prefix, the container name, and the ID of the\n\t\t\t\t\t\tAmazon ECS task that the container belongs to. If you specify a prefix with this\n\t\t\t\t\t\toption, then the log stream takes the format\n\t\t\t\t\t\t\tprefix-name/container-name/ecs-task-id.
If you don't specify a prefix with this option, then the log stream is\n\t\t\t\t\t\tnamed after the container ID that's assigned by the Docker daemon on the\n\t\t\t\t\t\tcontainer instance. Because it's difficult to trace logs back to the\n\t\t\t\t\t\tcontainer that sent them with just the Docker container ID (which is only\n\t\t\t\t\t\tavailable on the container instance), we recommend that you specify a prefix\n\t\t\t\t\t\twith this option.
\nFor Amazon ECS services, you can use the service name as the prefix. Doing so,\n\t\t\t\t\t\tyou can trace log streams to the service that the container belongs to, the\n\t\t\t\t\t\tname of the container that sent them, and the ID of the task that the\n\t\t\t\t\t\tcontainer belongs to.
\nYou must specify a stream-prefix for your logs to have your logs appear in\n\t\t\t\t\t\tthe Log pane when using the Amazon ECS console.
\nRequired: No
\nThis option defines a multiline start pattern in Python\n\t\t\t\t\t\t\tstrftime format. A log message consists of a line that\n\t\t\t\t\t\tmatches the pattern and any following lines that don’t match the pattern.\n\t\t\t\t\t\tThe matched line is the delimiter between log messages.
One example of a use case for using this format is for parsing output such\n\t\t\t\t\t\tas a stack dump, which might otherwise be logged in multiple entries. The\n\t\t\t\t\t\tcorrect pattern allows it to be captured in a single entry.
\nFor more information, see awslogs-datetime-format.
\nYou cannot configure both the awslogs-datetime-format and\n\t\t\t\t\t\t\tawslogs-multiline-pattern options.
Multiline logging performs regular expression parsing and matching of\n\t\t\t\t\t\t\tall log messages. This might have a negative impact on logging\n\t\t\t\t\t\t\tperformance.
\nRequired: No
\nThis option defines a multiline start pattern that uses a regular\n\t\t\t\t\t\texpression. A log message consists of a line that matches the pattern and\n\t\t\t\t\t\tany following lines that don’t match the pattern. The matched line is the\n\t\t\t\t\t\tdelimiter between log messages.
\nFor more information, see awslogs-multiline-pattern.
\nThis option is ignored if awslogs-datetime-format is also\n\t\t\t\t\t\tconfigured.
You cannot configure both the awslogs-datetime-format and\n\t\t\t\t\t\t\tawslogs-multiline-pattern options.
Multiline logging performs regular expression parsing and matching of\n\t\t\t\t\t\t\tall log messages. This might have a negative impact on logging\n\t\t\t\t\t\t\tperformance.
\nRequired: No
\nValid values: non-blocking | blocking\n
This option defines the delivery mode of log messages from the container\n\t\t\t\t\t\tto CloudWatch Logs. The delivery mode you choose affects application availability when\n\t\t\t\t\t\tthe flow of logs from container to CloudWatch is interrupted.
\nIf you use the blocking mode and the flow of logs to CloudWatch is\n\t\t\t\t\t\tinterrupted, calls from container code to write to the stdout\n\t\t\t\t\t\tand stderr streams will block. The logging thread of the\n\t\t\t\t\t\tapplication will block as a result. This may cause the application to become\n\t\t\t\t\t\tunresponsive and lead to container healthcheck failure.
If you use the non-blocking mode, the container's logs are\n\t\t\t\t\t\tinstead stored in an in-memory intermediate buffer configured with the\n\t\t\t\t\t\t\tmax-buffer-size option. This prevents the application from\n\t\t\t\t\t\tbecoming unresponsive when logs cannot be sent to CloudWatch. We recommend using\n\t\t\t\t\t\tthis mode if you want to ensure service availability and are okay with some\n\t\t\t\t\t\tlog loss. For more information, see Preventing log loss with non-blocking mode in the awslogs\n\t\t\t\t\t\t\tcontainer log driver.
Required: No
\nDefault value: 1m\n
When non-blocking mode is used, the\n\t\t\t\t\t\t\tmax-buffer-size log option controls the size of the buffer\n\t\t\t\t\t\tthat's used for intermediate message storage. Make sure to specify an\n\t\t\t\t\t\tadequate buffer size based on your application. When the buffer fills up,\n\t\t\t\t\t\tfurther logs cannot be stored. Logs that cannot be stored are lost.
To route logs using the splunk log router, you need to specify a\n\t\t\t\tsplunk-token and a splunk-url.
When you use the awsfirelens log router to route logs to an Amazon Web Services Service\n\t\t\tor Amazon Web Services Partner Network destination for log storage and analytics, you can set the\n\t\t\t\tlog-driver-buffer-limit option to limit the number of events that are\n\t\t\tbuffered in memory, before being sent to the log router container. It can help to\n\t\t\tresolve potential log loss issue because high throughput might result in memory running\n\t\t\tout for the buffer inside of Docker.
Other options you can specify when using awsfirelens to route logs depend\n\t\t\ton the destination. When you export logs to Amazon Data Firehose, you can specify the Amazon Web Services Region\n\t\t\twith region and a name for the log stream with\n\t\t\tdelivery_stream.
When you export logs to Amazon Kinesis Data Streams, you can specify an Amazon Web Services Region with\n\t\t\t\tregion and a data stream name with stream.
When you export logs to Amazon OpenSearch Service, you can specify options like Name,\n\t\t\t\tHost (OpenSearch Service endpoint without protocol), Port,\n\t\t\t\tIndex, Type, Aws_auth,\n\t\t\t\tAws_region, Suppress_Type_Name, and\n\t\t\ttls.
When you export logs to Amazon S3, you can specify the bucket using the bucket\n\t\t\toption. You can also specify region, total_file_size,\n\t\t\t\tupload_timeout, and use_put_object as options.
This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'\n
The configuration options to send to the log driver.
\nThe options you can specify depend on the log driver. Some of the options you can\n\t\t\tspecify when you use the awslogs log driver to route logs to Amazon CloudWatch\n\t\t\tinclude the following:
Required: No
\nSpecify whether you want the log group to be created automatically. If\n\t\t\t\t\t\tthis option isn't specified, it defaults to false.
Your IAM policy must include the logs:CreateLogGroup\n\t\t\t\t\t\t\tpermission before you attempt to use\n\t\t\t\t\t\t\tawslogs-create-group.
Required: Yes
\nSpecify the Amazon Web Services Region that the awslogs log driver is to\n\t\t\t\t\t\tsend your Docker logs to. You can choose to send all of your logs from\n\t\t\t\t\t\tclusters in different Regions to a single region in CloudWatch Logs. This is so that\n\t\t\t\t\t\tthey're all visible in one location. Otherwise, you can separate them by\n\t\t\t\t\t\tRegion for more granularity. Make sure that the specified log group exists\n\t\t\t\t\t\tin the Region that you specify with this option.
Required: Yes
\nMake sure to specify a log group that the awslogs log driver\n\t\t\t\t\t\tsends its log streams to.
Required: Yes, when using the Fargate launch\n\t\t\t\t\t\t\ttype.Optional for the EC2 launch type,\n\t\t\t\t\t\t\trequired for the Fargate launch type.
\nUse the awslogs-stream-prefix option to associate a log\n\t\t\t\t\t\tstream with the specified prefix, the container name, and the ID of the\n\t\t\t\t\t\tAmazon ECS task that the container belongs to. If you specify a prefix with this\n\t\t\t\t\t\toption, then the log stream takes the format\n\t\t\t\t\t\t\tprefix-name/container-name/ecs-task-id.
If you don't specify a prefix with this option, then the log stream is\n\t\t\t\t\t\tnamed after the container ID that's assigned by the Docker daemon on the\n\t\t\t\t\t\tcontainer instance. Because it's difficult to trace logs back to the\n\t\t\t\t\t\tcontainer that sent them with just the Docker container ID (which is only\n\t\t\t\t\t\tavailable on the container instance), we recommend that you specify a prefix\n\t\t\t\t\t\twith this option.
\nFor Amazon ECS services, you can use the service name as the prefix. Doing so,\n\t\t\t\t\t\tyou can trace log streams to the service that the container belongs to, the\n\t\t\t\t\t\tname of the container that sent them, and the ID of the task that the\n\t\t\t\t\t\tcontainer belongs to.
\nYou must specify a stream-prefix for your logs to have your logs appear in\n\t\t\t\t\t\tthe Log pane when using the Amazon ECS console.
\nRequired: No
\nThis option defines a multiline start pattern in Python\n\t\t\t\t\t\t\tstrftime format. A log message consists of a line that\n\t\t\t\t\t\tmatches the pattern and any following lines that don’t match the pattern.\n\t\t\t\t\t\tThe matched line is the delimiter between log messages.
One example of a use case for using this format is for parsing output such\n\t\t\t\t\t\tas a stack dump, which might otherwise be logged in multiple entries. The\n\t\t\t\t\t\tcorrect pattern allows it to be captured in a single entry.
\nFor more information, see awslogs-datetime-format.
\nYou cannot configure both the awslogs-datetime-format and\n\t\t\t\t\t\t\tawslogs-multiline-pattern options.
Multiline logging performs regular expression parsing and matching of\n\t\t\t\t\t\t\tall log messages. This might have a negative impact on logging\n\t\t\t\t\t\t\tperformance.
\nRequired: No
\nThis option defines a multiline start pattern that uses a regular\n\t\t\t\t\t\texpression. A log message consists of a line that matches the pattern and\n\t\t\t\t\t\tany following lines that don’t match the pattern. The matched line is the\n\t\t\t\t\t\tdelimiter between log messages.
\nFor more information, see awslogs-multiline-pattern.
\nThis option is ignored if awslogs-datetime-format is also\n\t\t\t\t\t\tconfigured.
You cannot configure both the awslogs-datetime-format and\n\t\t\t\t\t\t\tawslogs-multiline-pattern options.
Multiline logging performs regular expression parsing and matching of\n\t\t\t\t\t\t\tall log messages. This might have a negative impact on logging\n\t\t\t\t\t\t\tperformance.
\nRequired: No
\nValid values: non-blocking | blocking\n
This option defines the delivery mode of log messages from the container\n\t\t\t\t\t\tto CloudWatch Logs. The delivery mode you choose affects application availability when\n\t\t\t\t\t\tthe flow of logs from container to CloudWatch is interrupted.
\nIf you use the blocking mode and the flow of logs to CloudWatch is\n\t\t\t\t\t\tinterrupted, calls from container code to write to the stdout\n\t\t\t\t\t\tand stderr streams will block. The logging thread of the\n\t\t\t\t\t\tapplication will block as a result. This may cause the application to become\n\t\t\t\t\t\tunresponsive and lead to container healthcheck failure.
If you use the non-blocking mode, the container's logs are\n\t\t\t\t\t\tinstead stored in an in-memory intermediate buffer configured with the\n\t\t\t\t\t\t\tmax-buffer-size option. This prevents the application from\n\t\t\t\t\t\tbecoming unresponsive when logs cannot be sent to CloudWatch. We recommend using\n\t\t\t\t\t\tthis mode if you want to ensure service availability and are okay with some\n\t\t\t\t\t\tlog loss. For more information, see Preventing log loss with non-blocking mode in the awslogs\n\t\t\t\t\t\t\tcontainer log driver.
Required: No
\nDefault value: 1m\n
When non-blocking mode is used, the\n\t\t\t\t\t\t\tmax-buffer-size log option controls the size of the buffer\n\t\t\t\t\t\tthat's used for intermediate message storage. Make sure to specify an\n\t\t\t\t\t\tadequate buffer size based on your application. When the buffer fills up,\n\t\t\t\t\t\tfurther logs cannot be stored. Logs that cannot be stored are lost.
To route logs using the splunk log router, you need to specify a\n\t\t\t\tsplunk-token and a splunk-url.
When you use the awsfirelens log router to route logs to an Amazon Web Services Service\n\t\t\tor Amazon Web Services Partner Network destination for log storage and analytics, you can set the\n\t\t\t\tlog-driver-buffer-limit option to limit the number of events that are\n\t\t\tbuffered in memory, before being sent to the log router container. It can help to\n\t\t\tresolve potential log loss issue because high throughput might result in memory running\n\t\t\tout for the buffer inside of Docker.
Other options you can specify when using awsfirelens to route logs depend\n\t\t\ton the destination. When you export logs to Amazon Data Firehose, you can specify the Amazon Web Services Region\n\t\t\twith region and a name for the log stream with\n\t\t\tdelivery_stream.
When you export logs to Amazon Kinesis Data Streams, you can specify an Amazon Web Services Region with\n\t\t\t\tregion and a data stream name with stream.
When you export logs to Amazon OpenSearch Service, you can specify options like Name,\n\t\t\t\tHost (OpenSearch Service endpoint without protocol), Port,\n\t\t\t\tIndex, Type, Aws_auth,\n\t\t\t\tAws_region, Suppress_Type_Name, and\n\t\t\ttls. For more information, see Under the hood: FireLens for Amazon ECS Tasks.
When you export logs to Amazon S3, you can specify the bucket using the bucket\n\t\t\toption. You can also specify region, total_file_size,\n\t\t\t\tupload_timeout, and use_put_object as options.
This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'\n
Create or update an attribute on an Amazon ECS resource. If the attribute doesn't exist,\n\t\t\tit's created. If the attribute exists, its value is replaced with the specified value.\n\t\t\tTo delete an attribute, use DeleteAttributes. For more information, see Attributes in the Amazon Elastic Container Service Developer Guide.
" + "smithy.api#documentation": "Create or update an attribute on an Amazon ECS resource. If the attribute doesn't exist,\n\t\t\tit's created. If the attribute exists, its value is replaced with the specified value.\n\t\t\tTo delete an attribute, use DeleteAttributes. For more information, see Attributes in the Amazon Elastic Container Service Developer Guide.
", + "smithy.api#examples": [ + { + "title": "To create or update an attribute on a resource", + "documentation": "This example adds an attribute \"stack\" with the value \"production\" to a container instance.", + "input": { + "cluster": "MyCluster", + "attributes": [ + { + "targetId": "arn:aws:ecs:us-west-2:123456789012:container-instance/1c3be8ed-df30-47b4-8f1e-6e68ebd01f34", + "name": "stack", + "value": "production" + } + ] + }, + "output": { + "attributes": [ + { + "name": "stack", + "targetId": "arn:aws:ecs:us-west-2:123456789012:container-instance/1c3be8ed-df30-47b4-8f1e-6e68ebd01f34", + "value": "production" + } + ] + } + } + ] } }, "com.amazonaws.ecs#PutAttributesRequest": { @@ -9312,40 +9795,273 @@ } ], "traits": { - "smithy.api#documentation": "Modifies the available capacity providers and the default capacity provider strategy\n\t\t\tfor a cluster.
\nYou must specify both the available capacity providers and a default capacity provider\n\t\t\tstrategy for the cluster. If the specified cluster has existing capacity providers\n\t\t\tassociated with it, you must specify all existing capacity providers in addition to any\n\t\t\tnew ones you want to add. Any existing capacity providers that are associated with a\n\t\t\tcluster that are omitted from a PutClusterCapacityProviders API call will be disassociated with the\n\t\t\tcluster. You can only disassociate an existing capacity provider from a cluster if it's\n\t\t\tnot being used by any existing tasks.
\nWhen creating a service or running a task on a cluster, if no capacity provider or\n\t\t\tlaunch type is specified, then the cluster's default capacity provider strategy is used.\n\t\t\tWe recommend that you define a default capacity provider strategy for your cluster.\n\t\t\tHowever, you must specify an empty array ([]) to bypass defining a default\n\t\t\tstrategy.
The short name or full Amazon Resource Name (ARN) of the cluster to modify the capacity provider\n\t\t\tsettings for. If you don't specify a cluster, the default cluster is assumed.
", - "smithy.api#required": {} - } - }, - "capacityProviders": { - "target": "com.amazonaws.ecs#StringList", - "traits": { - "smithy.api#documentation": "The name of one or more capacity providers to associate with the cluster.
\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity\n\t\t\tprovider must already be created. New capacity providers can be created with the CreateCapacityProvider API operation.
\nTo use a Fargate capacity provider, specify either the FARGATE or\n\t\t\t\tFARGATE_SPOT capacity providers. The Fargate capacity providers are\n\t\t\tavailable to all accounts and only need to be associated with a cluster to be\n\t\t\tused.
The capacity provider strategy to use by default for the cluster.
\nWhen creating a service or running a task on a cluster, if no capacity provider or\n\t\t\tlaunch type is specified then the default capacity provider strategy for the cluster is\n\t\t\tused.
\nA capacity provider strategy consists of one or more capacity providers along with the\n\t\t\t\tbase and weight to assign to them. A capacity provider\n\t\t\tmust be associated with the cluster to be used in a capacity provider strategy. The\n\t\t\t\tPutClusterCapacityProviders API is used to associate a capacity provider\n\t\t\twith a cluster. Only capacity providers with an ACTIVE or\n\t\t\t\tUPDATING status can be used.
If specifying a capacity provider that uses an Auto Scaling group, the capacity\n\t\t\tprovider must already be created. New capacity providers can be created with the CreateCapacityProvider API operation.
\nTo use a Fargate capacity provider, specify either the FARGATE or\n\t\t\t\tFARGATE_SPOT capacity providers. The Fargate capacity providers are\n\t\t\tavailable to all accounts and only need to be associated with a cluster to be\n\t\t\tused.
Modifies the available capacity providers and the default capacity provider strategy\n\t\t\tfor a cluster.
\nYou must specify both the available capacity providers and a default capacity provider\n\t\t\tstrategy for the cluster. If the specified cluster has existing capacity providers\n\t\t\tassociated with it, you must specify all existing capacity providers in addition to any\n\t\t\tnew ones you want to add. Any existing capacity providers that are associated with a\n\t\t\tcluster that are omitted from a PutClusterCapacityProviders API call will be disassociated with the\n\t\t\tcluster. You can only disassociate an existing capacity provider from a cluster if it's\n\t\t\tnot being used by any existing tasks.
\nWhen creating a service or running a task on a cluster, if no capacity provider or\n\t\t\tlaunch type is specified, then the cluster's default capacity provider strategy is used.\n\t\t\tWe recommend that you define a default capacity provider strategy for your cluster.\n\t\t\tHowever, you must specify an empty array ([]) to bypass defining a default\n\t\t\tstrategy.
The short name or full Amazon Resource Name (ARN) of the cluster to modify the capacity provider\n\t\t\tsettings for. If you don't specify a cluster, the default cluster is assumed.
", + "smithy.api#required": {} + } + }, + "capacityProviders": { + "target": "com.amazonaws.ecs#StringList", + "traits": { + "smithy.api#documentation": "The name of one or more capacity providers to associate with the cluster.
\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity\n\t\t\tprovider must already be created. New capacity providers can be created with the CreateCapacityProvider API operation.
\nTo use a Fargate capacity provider, specify either the FARGATE or\n\t\t\t\tFARGATE_SPOT capacity providers. The Fargate capacity providers are\n\t\t\tavailable to all accounts and only need to be associated with a cluster to be\n\t\t\tused.
The capacity provider strategy to use by default for the cluster.
\nWhen creating a service or running a task on a cluster, if no capacity provider or\n\t\t\tlaunch type is specified then the default capacity provider strategy for the cluster is\n\t\t\tused.
\nA capacity provider strategy consists of one or more capacity providers along with the\n\t\t\t\tbase and weight to assign to them. A capacity provider\n\t\t\tmust be associated with the cluster to be used in a capacity provider strategy. The\n\t\t\t\tPutClusterCapacityProviders API is used to associate a capacity provider\n\t\t\twith a cluster. Only capacity providers with an ACTIVE or\n\t\t\t\tUPDATING status can be used.
If specifying a capacity provider that uses an Auto Scaling group, the capacity\n\t\t\tprovider must already be created. New capacity providers can be created with the CreateCapacityProvider API operation.
\nTo use a Fargate capacity provider, specify either the FARGATE or\n\t\t\t\tFARGATE_SPOT capacity providers. The Fargate capacity providers are\n\t\t\tavailable to all accounts and only need to be associated with a cluster to be\n\t\t\tused.
The operating system that your tasks definitions run on. A platform family is\n\t\t\tspecified only for tasks using the Fargate launch type.
" } + }, + "enableFaultInjection": { + "target": "com.amazonaws.ecs#BoxedBoolean", + "traits": { + "smithy.api#documentation": "Enables fault injection when you register your task definition and allows for fault injection requests \n\t\t\tto be accepted from the task's containers. The default value is false.
Starts a new task from the specified task definition on the specified container\n\t\t\tinstance or instances.
\nOn March 21, 2024, a change was made to resolve the task definition revision before authorization. When a task definition revision is not specified, authorization will occur using the latest revision of a task definition.
\nAmazon Elastic Inference (EI) is no longer available to customers.
\nAlternatively, you can useRunTask to place tasks for you. For more\n\t\t\tinformation, see Scheduling Tasks in the Amazon Elastic Container Service Developer Guide.
You can attach Amazon EBS volumes to Amazon ECS tasks by configuring the volume when creating or\n\t\t\tupdating a service. For more infomation, see Amazon EBS volumes in the Amazon Elastic Container Service Developer Guide.
" + "smithy.api#documentation": "Starts a new task from the specified task definition on the specified container\n\t\t\tinstance or instances.
\nOn March 21, 2024, a change was made to resolve the task definition revision before authorization. When a task definition revision is not specified, authorization will occur using the latest revision of a task definition.
\nAmazon Elastic Inference (EI) is no longer available to customers.
\nAlternatively, you can useRunTask to place tasks for you. For more\n\t\t\tinformation, see Scheduling Tasks in the Amazon Elastic Container Service Developer Guide.
You can attach Amazon EBS volumes to Amazon ECS tasks by configuring the volume when creating or\n\t\t\tupdating a service. For more infomation, see Amazon EBS volumes in the Amazon Elastic Container Service Developer Guide.
", + "smithy.api#examples": [ + { + "title": "To start a new task", + "documentation": "This example starts a new task in the cluster \"MyCluster\" on the specified container instance using the latest revision of the \"hello-world\" task definition.", + "input": { + "cluster": "MyCluster", + "containerInstances": [ + "4c543eed-f83f-47da-b1d8-3d23f1da4c64" + ], + "taskDefinition": "hello-world" + }, + "output": { + "tasks": [ + { + "clusterArn": "arn:aws:ecs:us-east-1:012345678910:cluster/default", + "containerInstanceArn": "arn:aws:ecs:us-east-1:012345678910:container-instance/default/4c543eed-f83f-47da-b1d8-3d23f1da4c64", + "containers": [ + { + "containerArn": "arn:aws:ecs:us-east-1:012345678910:container/e76594d4-27e1-4c74-98b5-46a6435eb769", + "lastStatus": "PENDING", + "name": "wordpress", + "taskArn": "arn:aws:ecs:us-east-1:012345678910:task/default/fdf2c302-468c-4e55-b884-5331d816e7fb" + }, + { + "containerArn": "arn:aws:ecs:us-east-1:012345678910:container/default/b19106ea-4fa8-4f1d-9767-96922c82b070", + "lastStatus": "PENDING", + "name": "mysql", + "taskArn": "arn:aws:ecs:us-east-1:012345678910:task/default/fdf2c302-468c-4e55-b884-5331d816e7fb" + } + ], + "createdAt": 1.479765460842E9, + "desiredStatus": "RUNNING", + "lastStatus": "PENDING", + "overrides": { + "containerOverrides": [ + { + "name": "wordpress" + }, + { + "name": "mysql" + } + ] + }, + "taskArn": "arn:aws:ecs:us-east-1:012345678910:task/default/fdf2c302-468c-4e55-b884-5331d816e7fb", + "taskDefinitionArn": "arn:aws:ecs:us-east-1:012345678910:task-definition/hello_world:6", + "version": 1 + } + ], + "failures": [] + } + } + ] } }, "com.amazonaws.ecs#StartTaskRequest": { @@ -11617,7 +12391,66 @@ } ], "traits": { - "smithy.api#documentation": "Stops a running task. Any tags associated with the task will be deleted.
\nWhen you call StopTask on a task, the equivalent of docker\n\t\t\t\tstop is issued to the containers running in the task. This results in a\n\t\t\t\tSIGTERM value and a default 30-second timeout, after which the\n\t\t\t\tSIGKILL value is sent and the containers are forcibly stopped. If the\n\t\t\tcontainer handles the SIGTERM value gracefully and exits within 30 seconds\n\t\t\tfrom receiving it, no SIGKILL value is sent.
For Windows containers, POSIX signals do not work and runtime stops the container by\n\t\t\tsending a CTRL_SHUTDOWN_EVENT. For more information, see Unable to react to graceful shutdown\n\t\t\t\tof (Windows) container #25982 on GitHub.
The default 30-second timeout can be configured on the Amazon ECS container agent with\n\t\t\t\tthe ECS_CONTAINER_STOP_TIMEOUT variable. For more information, see\n\t\t\t\t\tAmazon ECS Container Agent Configuration in the\n\t\t\t\tAmazon Elastic Container Service Developer Guide.
Stops a running task. Any tags associated with the task will be deleted.
\nWhen you call StopTask on a task, the equivalent of docker\n\t\t\t\tstop is issued to the containers running in the task. This results in a\n\t\t\t\tSIGTERM value and a default 30-second timeout, after which the\n\t\t\t\tSIGKILL value is sent and the containers are forcibly stopped. If the\n\t\t\tcontainer handles the SIGTERM value gracefully and exits within 30 seconds\n\t\t\tfrom receiving it, no SIGKILL value is sent.
For Windows containers, POSIX signals do not work and runtime stops the container by\n\t\t\tsending a CTRL_SHUTDOWN_EVENT. For more information, see Unable to react to graceful shutdown\n\t\t\t\tof (Windows) container #25982 on GitHub.
The default 30-second timeout can be configured on the Amazon ECS container agent with\n\t\t\t\tthe ECS_CONTAINER_STOP_TIMEOUT variable. For more information, see\n\t\t\t\t\tAmazon ECS Container Agent Configuration in the\n\t\t\t\tAmazon Elastic Container Service Developer Guide.
The ephemeral storage settings to use for tasks run with the task definition.
" } + }, + "enableFaultInjection": { + "target": "com.amazonaws.ecs#BoxedBoolean", + "traits": { + "smithy.api#documentation": "Enables fault injection and allows for fault injection requests to be accepted from the task's containers. \n\t\t\tThe default value is false.
Modifies the parameters for a capacity provider.
" + "smithy.api#documentation": "Modifies the parameters for a capacity provider.
", + "smithy.api#examples": [ + { + "title": "To update a capacity provider's parameters", + "documentation": "This example updates the targetCapacity and instanceWarmupPeriod parameters for the capacity provider MyCapacityProvider to 90 and 150 respectively.", + "input": { + "name": "MyCapacityProvider", + "autoScalingGroupProvider": { + "managedScaling": { + "status": "ENABLED", + "targetCapacity": 90, + "instanceWarmupPeriod": 150 + } + } + }, + "output": { + "capacityProvider": { + "capacityProviderArn": "arn:aws:ecs:us-east-1:123456789012:capacity-provider/MyCapacityProvider", + "name": "MyCapacityProvider", + "status": "ACTIVE", + "autoScalingGroupProvider": { + "autoScalingGroupArn": "arn:aws:autoscaling:us-east-1:132456789012:autoScalingGroup:57ffcb94-11f0-4d6d-bf60-3bac5EXAMPLE:autoScalingGroupName/MyASG", + "managedScaling": { + "status": "ENABLED", + "targetCapacity": 90, + "minimumScalingStepSize": 1, + "maximumScalingStepSize": 10000, + "instanceWarmupPeriod": 150 + }, + "managedTerminationProtection": "ENABLED" + }, + "updateStatus": "UPDATE_COMPLETE", + "tags": [] + } + } + } + ] } }, "com.amazonaws.ecs#UpdateCapacityProviderRequest": { @@ -13489,7 +14364,186 @@ } ], "traits": { - "smithy.api#documentation": "Updates the cluster.
" + "smithy.api#documentation": "Updates the cluster.
", + "smithy.api#examples": [ + { + "title": "To update a cluster's observability settings.", + "documentation": "This example turns on enhanced containerInsights in an existing cluster. ", + "input": { + "cluster": "ECS-project-update-cluster", + "settings": [ + { + "name": "containerInsights", + "value": "enhanced" + } + ] + }, + "output": { + "cluster": { + "clusterArn": "arn:aws:ecs:us-west-2:123456789012:cluster/ECS-project-update-cluster", + "clusterName": "ECS-project-update-cluster", + "status": "ACTIVE", + "registeredContainerInstancesCount": 0, + "runningTasksCount": 0, + "pendingTasksCount": 0, + "activeServicesCount": 0, + "statistics": [], + "tags": [], + "settings": [ + { + "name": "containerInsights", + "value": "enhanced" + } + ], + "capacityProviders": [ + "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + ], + "defaultCapacityProviderStrategy": [ + { + "capacityProvider": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt", + "weight": 1, + "base": 0 + } + ], + "attachments": [ + { + "id": "069d002b-7634-42e4-b1d4-544f4c8f6380", + "type": "as_policy", + "status": "CREATED", + "details": [ + { + "name": "capacityProviderName", + "value": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + }, + { + "name": "scalingPolicyName", + "value": "ECSManagedAutoScalingPolicy-152363a6-8c65-484c-b721-42c3e070ae93" + } + ] + }, + { + "id": "08b5b6ca-45e9-4209-a65d-e962a27c490a", + "type": "managed_draining", + "status": "CREATED", + "details": [ + { + "name": "capacityProviderName", + "value": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + }, + { + "name": "autoScalingLifecycleHookName", + "value": "ecs-managed-draining-termination-hook" + } + ] + }, + { + "id": "45d0b36f-8cff-46b6-9380-1288744802ab", + "type": "sc", + "status": "ATTACHED", + "details": [] + } + ], + "attachmentsStatus": "UPDATE_COMPLETE", + "serviceConnectDefaults": { + "namespace": "arn:aws:servicediscovery:us-west-2:123456789012:namespace/ns-igwrsylmy3kwvcdx" + } + } + } + }, + { + "title": "To update a cluster's Service Connect defaults.", + "documentation": "This example sets a default Service Connect namespace. ", + "input": { + "cluster": "ECS-project-update-cluster", + "serviceConnectDefaults": { + "namespace": "test" + } + }, + "output": { + "cluster": { + "clusterArn": "arn:aws:ecs:us-west-2:123456789012:cluster/ECS-project-update-cluster", + "clusterName": "ECS-project-update-cluster", + "status": "ACTIVE", + "registeredContainerInstancesCount": 0, + "runningTasksCount": 0, + "pendingTasksCount": 0, + "activeServicesCount": 0, + "statistics": [], + "tags": [], + "settings": [ + { + "name": "containerInsights", + "value": "enhanced" + } + ], + "capacityProviders": [ + "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + ], + "defaultCapacityProviderStrategy": [ + { + "capacityProvider": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt", + "weight": 1, + "base": 0 + } + ], + "attachments": [ + { + "id": "069d002b-7634-42e4-b1d4-544f4c8f6380", + "type": "as_policy", + "status": "CREATED", + "details": [ + { + "name": "capacityProviderName", + "value": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + }, + { + "name": "scalingPolicyName", + "value": "ECSManagedAutoScalingPolicy-152363a6-8c65-484c-b721-42c3e070ae93" + } + ] + }, + { + "id": "08b5b6ca-45e9-4209-a65d-e962a27c490a", + "type": "managed_draining", + "status": "CREATED", + "details": [ + { + "name": "capacityProviderName", + "value": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + }, + { + "name": "autoScalingLifecycleHookName", + "value": "ecs-managed-draining-termination-hook" + } + ] + }, + { + "id": "45d0b36f-8cff-46b6-9380-1288744802ab", + "type": "sc", + "status": "DELETED", + "details": [] + }, + { + "id": "3e6890c3-609c-4832-91de-d6ca891b3ef1", + "type": "sc", + "status": "ATTACHED", + "details": [] + }, + { + "id": "961b8ec1-c2f1-4070-8495-e669b7668e90", + "type": "sc", + "status": "DELETED", + "details": [] + } + ], + "attachmentsStatus": "UPDATE_COMPLETE", + "serviceConnectDefaults": { + "namespace": "arn:aws:servicediscovery:us-west-2:123456789012:namespace/ns-dtjmxqpfi46ht7dr" + } + } + } + } + ] } }, "com.amazonaws.ecs#UpdateClusterRequest": { @@ -13562,7 +14616,41 @@ } ], "traits": { - "smithy.api#documentation": "Modifies the settings to use for a cluster.
" + "smithy.api#documentation": "Modifies the settings to use for a cluster.
", + "smithy.api#examples": [ + { + "title": "To update a cluster's settings", + "documentation": "This example enables CloudWatch Container Insights for the default cluster.", + "input": { + "cluster": "default", + "settings": [ + { + "name": "containerInsights", + "value": "enabled" + } + ] + }, + "output": { + "cluster": { + "clusterArn": "arn:aws:ecs:us-west-2:123456789012:cluster/MyCluster", + "clusterName": "default", + "status": "ACTIVE", + "registeredContainerInstancesCount": 0, + "runningTasksCount": 0, + "pendingTasksCount": 0, + "activeServicesCount": 0, + "statistics": [], + "tags": [], + "settings": [ + { + "name": "containerInsights", + "value": "enabled" + } + ] + } + } + } + ] } }, "com.amazonaws.ecs#UpdateClusterSettingsRequest": { @@ -13633,7 +14721,28 @@ } ], "traits": { - "smithy.api#documentation": "Updates the Amazon ECS container agent on a specified container instance. Updating the\n\t\t\tAmazon ECS container agent doesn't interrupt running tasks or services on the container\n\t\t\tinstance. The process for updating the agent differs depending on whether your container\n\t\t\tinstance was launched with the Amazon ECS-optimized AMI or another operating system.
\nThe UpdateContainerAgent API isn't supported for container instances\n\t\t\t\tusing the Amazon ECS-optimized Amazon Linux 2 (arm64) AMI. To update the container agent,\n\t\t\t\tyou can update the ecs-init package. This updates the agent. For more\n\t\t\t\tinformation, see Updating the\n\t\t\t\t\tAmazon ECS container agent in the Amazon Elastic Container Service Developer Guide.
Agent updates with the UpdateContainerAgent API operation do not\n\t\t\t\tapply to Windows container instances. We recommend that you launch new container\n\t\t\t\tinstances to update the agent version in your Windows clusters.
The UpdateContainerAgent API requires an Amazon ECS-optimized AMI or Amazon\n\t\t\tLinux AMI with the ecs-init service installed and running. For help\n\t\t\tupdating the Amazon ECS container agent on other operating systems, see Manually updating the Amazon ECS container agent in the Amazon Elastic Container Service Developer Guide.
Updates the Amazon ECS container agent on a specified container instance. Updating the\n\t\t\tAmazon ECS container agent doesn't interrupt running tasks or services on the container\n\t\t\tinstance. The process for updating the agent differs depending on whether your container\n\t\t\tinstance was launched with the Amazon ECS-optimized AMI or another operating system.
\nThe UpdateContainerAgent API isn't supported for container instances\n\t\t\t\tusing the Amazon ECS-optimized Amazon Linux 2 (arm64) AMI. To update the container agent,\n\t\t\t\tyou can update the ecs-init package. This updates the agent. For more\n\t\t\t\tinformation, see Updating the\n\t\t\t\t\tAmazon ECS container agent in the Amazon Elastic Container Service Developer Guide.
Agent updates with the UpdateContainerAgent API operation do not\n\t\t\t\tapply to Windows container instances. We recommend that you launch new container\n\t\t\t\tinstances to update the agent version in your Windows clusters.
The UpdateContainerAgent API requires an Amazon ECS-optimized AMI or Amazon\n\t\t\tLinux AMI with the ecs-init service installed and running. For help\n\t\t\tupdating the Amazon ECS container agent on other operating systems, see Manually updating the Amazon ECS container agent in the Amazon Elastic Container Service Developer Guide.
Modifies the status of an Amazon ECS container instance.
\nOnce a container instance has reached an ACTIVE state, you can change the\n\t\t\tstatus of a container instance to DRAINING to manually remove an instance\n\t\t\tfrom a cluster, for example to perform system updates, update the Docker daemon, or\n\t\t\tscale down the cluster size.
A container instance can't be changed to DRAINING until it has\n\t\t\t\treached an ACTIVE status. If the instance is in any other status, an\n\t\t\t\terror will be received.
When you set a container instance to DRAINING, Amazon ECS prevents new tasks\n\t\t\tfrom being scheduled for placement on the container instance and replacement service\n\t\t\ttasks are started on other container instances in the cluster if the resources are\n\t\t\tavailable. Service tasks on the container instance that are in the PENDING\n\t\t\tstate are stopped immediately.
Service tasks on the container instance that are in the RUNNING state are\n\t\t\tstopped and replaced according to the service's deployment configuration parameters,\n\t\t\t\tminimumHealthyPercent and maximumPercent. You can change\n\t\t\tthe deployment configuration of your service using UpdateService.
If minimumHealthyPercent is below 100%, the scheduler can ignore\n\t\t\t\t\t\tdesiredCount temporarily during task replacement. For example,\n\t\t\t\t\t\tdesiredCount is four tasks, a minimum of 50% allows the\n\t\t\t\t\tscheduler to stop two existing tasks before starting two new tasks. If the\n\t\t\t\t\tminimum is 100%, the service scheduler can't remove existing tasks until the\n\t\t\t\t\treplacement tasks are considered healthy. Tasks for services that do not use a\n\t\t\t\t\tload balancer are considered healthy if they're in the RUNNING\n\t\t\t\t\tstate. Tasks for services that use a load balancer are considered healthy if\n\t\t\t\t\tthey're in the RUNNING state and are reported as healthy by the\n\t\t\t\t\tload balancer.
The maximumPercent parameter represents an upper limit on the\n\t\t\t\t\tnumber of running tasks during task replacement. You can use this to define the\n\t\t\t\t\treplacement batch size. For example, if desiredCount is four tasks,\n\t\t\t\t\ta maximum of 200% starts four new tasks before stopping the four tasks to be\n\t\t\t\t\tdrained, provided that the cluster resources required to do this are available.\n\t\t\t\t\tIf the maximum is 100%, then replacement tasks can't start until the draining\n\t\t\t\t\ttasks have stopped.
Any PENDING or RUNNING tasks that do not belong to a service\n\t\t\taren't affected. You must wait for them to finish or stop them manually.
A container instance has completed draining when it has no more RUNNING\n\t\t\ttasks. You can verify this using ListTasks.
When a container instance has been drained, you can set a container instance to\n\t\t\t\tACTIVE status and once it has reached that status the Amazon ECS scheduler\n\t\t\tcan begin scheduling tasks on the instance again.
Modifies the status of an Amazon ECS container instance.
\nOnce a container instance has reached an ACTIVE state, you can change the\n\t\t\tstatus of a container instance to DRAINING to manually remove an instance\n\t\t\tfrom a cluster, for example to perform system updates, update the Docker daemon, or\n\t\t\tscale down the cluster size.
A container instance can't be changed to DRAINING until it has\n\t\t\t\treached an ACTIVE status. If the instance is in any other status, an\n\t\t\t\terror will be received.
When you set a container instance to DRAINING, Amazon ECS prevents new tasks\n\t\t\tfrom being scheduled for placement on the container instance and replacement service\n\t\t\ttasks are started on other container instances in the cluster if the resources are\n\t\t\tavailable. Service tasks on the container instance that are in the PENDING\n\t\t\tstate are stopped immediately.
Service tasks on the container instance that are in the RUNNING state are\n\t\t\tstopped and replaced according to the service's deployment configuration parameters,\n\t\t\t\tminimumHealthyPercent and maximumPercent. You can change\n\t\t\tthe deployment configuration of your service using UpdateService.
If minimumHealthyPercent is below 100%, the scheduler can ignore\n\t\t\t\t\t\tdesiredCount temporarily during task replacement. For example,\n\t\t\t\t\t\tdesiredCount is four tasks, a minimum of 50% allows the\n\t\t\t\t\tscheduler to stop two existing tasks before starting two new tasks. If the\n\t\t\t\t\tminimum is 100%, the service scheduler can't remove existing tasks until the\n\t\t\t\t\treplacement tasks are considered healthy. Tasks for services that do not use a\n\t\t\t\t\tload balancer are considered healthy if they're in the RUNNING\n\t\t\t\t\tstate. Tasks for services that use a load balancer are considered healthy if\n\t\t\t\t\tthey're in the RUNNING state and are reported as healthy by the\n\t\t\t\t\tload balancer.
The maximumPercent parameter represents an upper limit on the\n\t\t\t\t\tnumber of running tasks during task replacement. You can use this to define the\n\t\t\t\t\treplacement batch size. For example, if desiredCount is four tasks,\n\t\t\t\t\ta maximum of 200% starts four new tasks before stopping the four tasks to be\n\t\t\t\t\tdrained, provided that the cluster resources required to do this are available.\n\t\t\t\t\tIf the maximum is 100%, then replacement tasks can't start until the draining\n\t\t\t\t\ttasks have stopped.
Any PENDING or RUNNING tasks that do not belong to a service\n\t\t\taren't affected. You must wait for them to finish or stop them manually.
A container instance has completed draining when it has no more RUNNING\n\t\t\ttasks. You can verify this using ListTasks.
When a container instance has been drained, you can set a container instance to\n\t\t\t\tACTIVE status and once it has reached that status the Amazon ECS scheduler\n\t\t\tcan begin scheduling tasks on the instance again.
Modifies which task set in a service is the primary task set. Any parameters that are\n\t\t\tupdated on the primary task set in a service will transition to the service. This is\n\t\t\tused when a service uses the EXTERNAL deployment controller type. For more\n\t\t\tinformation, see Amazon ECS Deployment\n\t\t\t\tTypes in the Amazon Elastic Container Service Developer Guide.
Modifies which task set in a service is the primary task set. Any parameters that are\n\t\t\tupdated on the primary task set in a service will transition to the service. This is\n\t\t\tused when a service uses the EXTERNAL deployment controller type. For more\n\t\t\tinformation, see Amazon ECS Deployment\n\t\t\t\tTypes in the Amazon Elastic Container Service Developer Guide.
Modifies a task set. This is used when a service uses the EXTERNAL\n\t\t\tdeployment controller type. For more information, see Amazon ECS Deployment\n\t\t\t\tTypes in the Amazon Elastic Container Service Developer Guide.
Modifies a task set. This is used when a service uses the EXTERNAL\n\t\t\tdeployment controller type. For more information, see Amazon ECS Deployment\n\t\t\t\tTypes in the Amazon Elastic Container Service Developer Guide.
An Amazon EKS add-on. For more information, see Amazon EKS add-ons in\n the Amazon EKS User Guide.
" } }, + "com.amazonaws.eks#AddonCompatibilityDetail": { + "type": "structure", + "members": { + "name": { + "target": "com.amazonaws.eks#String", + "traits": { + "smithy.api#documentation": "The name of the Amazon EKS add-on.
" + } + }, + "compatibleVersions": { + "target": "com.amazonaws.eks#StringList", + "traits": { + "smithy.api#documentation": "A list of compatible add-on versions.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains compatibility information for an Amazon EKS add-on.
" + } + }, + "com.amazonaws.eks#AddonCompatibilityDetails": { + "type": "list", + "member": { + "target": "com.amazonaws.eks#AddonCompatibilityDetail" + } + }, "com.amazonaws.eks#AddonHealth": { "type": "structure", "members": { @@ -2837,6 +2866,98 @@ } } }, + "com.amazonaws.eks#ClusterVersionInformation": { + "type": "structure", + "members": { + "clusterVersion": { + "target": "com.amazonaws.eks#String", + "traits": { + "smithy.api#documentation": "The Kubernetes version for the cluster.
" + } + }, + "clusterType": { + "target": "com.amazonaws.eks#String", + "traits": { + "smithy.api#documentation": "The type of cluster this version is for.
" + } + }, + "defaultPlatformVersion": { + "target": "com.amazonaws.eks#String", + "traits": { + "smithy.api#documentation": "Default platform version for this Kubernetes version.
" + } + }, + "defaultVersion": { + "target": "com.amazonaws.eks#Boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "Indicates if this is a default version.
" + } + }, + "releaseDate": { + "target": "com.amazonaws.eks#Timestamp", + "traits": { + "smithy.api#documentation": "The release date of this cluster version.
" + } + }, + "endOfStandardSupportDate": { + "target": "com.amazonaws.eks#Timestamp", + "traits": { + "smithy.api#documentation": "Date when standard support ends for this version.
" + } + }, + "endOfExtendedSupportDate": { + "target": "com.amazonaws.eks#Timestamp", + "traits": { + "smithy.api#documentation": "Date when extended support ends for this version.
" + } + }, + "status": { + "target": "com.amazonaws.eks#ClusterVersionStatus", + "traits": { + "smithy.api#documentation": "Current status of this cluster version.
" + } + }, + "kubernetesPatchVersion": { + "target": "com.amazonaws.eks#String", + "traits": { + "smithy.api#documentation": "The patch version of Kubernetes for this cluster version.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains details about a specific EKS cluster version.
" + } + }, + "com.amazonaws.eks#ClusterVersionList": { + "type": "list", + "member": { + "target": "com.amazonaws.eks#ClusterVersionInformation" + } + }, + "com.amazonaws.eks#ClusterVersionStatus": { + "type": "enum", + "members": { + "unsupported": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "unsupported" + } + }, + "standard_support": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "standard-support" + } + }, + "extended_support": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "extended-support" + } + } + } + }, "com.amazonaws.eks#Compatibilities": { "type": "list", "member": { @@ -5148,6 +5269,126 @@ "smithy.api#output": {} } }, + "com.amazonaws.eks#DescribeClusterVersionMaxResults": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.eks#DescribeClusterVersions": { + "type": "operation", + "input": { + "target": "com.amazonaws.eks#DescribeClusterVersionsRequest" + }, + "output": { + "target": "com.amazonaws.eks#DescribeClusterVersionsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.eks#InvalidParameterException" + }, + { + "target": "com.amazonaws.eks#InvalidRequestException" + }, + { + "target": "com.amazonaws.eks#ServerException" + } + ], + "traits": { + "smithy.api#documentation": "Lists available Kubernetes versions for Amazon EKS clusters.
", + "smithy.api#http": { + "method": "GET", + "uri": "/cluster-versions", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "clusterVersions", + "pageSize": "maxResults" + } + } + }, + "com.amazonaws.eks#DescribeClusterVersionsRequest": { + "type": "structure", + "members": { + "clusterType": { + "target": "com.amazonaws.eks#String", + "traits": { + "smithy.api#documentation": "The type of cluster to filter versions by.
", + "smithy.api#httpQuery": "clusterType" + } + }, + "maxResults": { + "target": "com.amazonaws.eks#DescribeClusterVersionMaxResults", + "traits": { + "smithy.api#documentation": "Maximum number of results to return.
", + "smithy.api#httpQuery": "maxResults" + } + }, + "nextToken": { + "target": "com.amazonaws.eks#String", + "traits": { + "smithy.api#documentation": "Pagination token for the next set of results.
", + "smithy.api#httpQuery": "nextToken" + } + }, + "defaultOnly": { + "target": "com.amazonaws.eks#BoxedBoolean", + "traits": { + "smithy.api#documentation": "Filter to show only default versions.
", + "smithy.api#httpQuery": "defaultOnly" + } + }, + "includeAll": { + "target": "com.amazonaws.eks#BoxedBoolean", + "traits": { + "smithy.api#documentation": "Include all available versions in the response.
", + "smithy.api#httpQuery": "includeAll" + } + }, + "clusterVersions": { + "target": "com.amazonaws.eks#StringList", + "traits": { + "smithy.api#documentation": "List of specific cluster versions to describe.
", + "smithy.api#httpQuery": "clusterVersions" + } + }, + "status": { + "target": "com.amazonaws.eks#ClusterVersionStatus", + "traits": { + "smithy.api#documentation": "Filter versions by their current status.
", + "smithy.api#httpQuery": "status" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.eks#DescribeClusterVersionsResponse": { + "type": "structure", + "members": { + "nextToken": { + "target": "com.amazonaws.eks#String", + "traits": { + "smithy.api#documentation": "Pagination token for the next set of results.
" + } + }, + "clusterVersions": { + "target": "com.amazonaws.eks#ClusterVersionList", + "traits": { + "smithy.api#documentation": "List of cluster version information objects.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.eks#DescribeEksAnywhereSubscription": { "type": "operation", "input": { @@ -6629,6 +6870,12 @@ "traits": { "smithy.api#documentation": "The summary information about deprecated resource usage for an insight check in the\n UPGRADE_READINESS category.
A list of AddonCompatibilityDetail objects for Amazon EKS add-ons.
" + } } }, "traits": { diff --git a/codegen/sdk/aws-models/gamelift.json b/codegen/sdk/aws-models/gamelift.json index 6f776de74c8..f50d60ad68b 100644 --- a/codegen/sdk/aws-models/gamelift.json +++ b/codegen/sdk/aws-models/gamelift.json @@ -285,7 +285,7 @@ } }, "traits": { - "smithy.api#documentation": "Amazon Web Services account security credentials that allow interactions with Amazon GameLift resources. The\n credentials are temporary and valid for a limited time span. You can request fresh\n credentials at any time.
\nAmazon Web Services security credentials consist of three parts: an access key ID, a secret access\n key, and a session token. You must use all three parts together to authenticate your\n access requests.
\nYou need Amazon Web Services credentials for the following tasks:
\nTo upload a game server build directly to Amazon GameLift S3 storage using CreateBuild. To get access for this\n task, call RequestUploadCredentials.
To remotely connect to an active Amazon GameLift fleet instances. \n To get remote access, call GetComputeAccess.
\nAmazon Web Services account security credentials that allow interactions with Amazon GameLift resources. The\n credentials are temporary and valid for a limited time span. You can request fresh\n credentials at any time.
\nAmazon Web Services security credentials consist of three parts: an access key ID, a secret access\n key, and a session token. You must use all three parts together to authenticate your\n access requests.
\nYou need Amazon Web Services credentials for the following tasks:
\nTo upload a game server build directly to Amazon GameLift S3 storage using CreateBuild. To get access for this\n task, call https://docs.aws.amazon.com/gamelift/latest/apireference/API_RequestUploadCredentials.html.
To remotely connect to an active Amazon GameLift fleet instances. \n To get remote access, call https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetComputeAccess.html.
\nIndicates whether a TLS/SSL certificate is generated for a fleet.
\nValid values include:
\n\n GENERATED -- Generate a TLS/SSL certificate\n for this fleet.
\n\n DISABLED -- (default) Do not generate a\n TLS/SSL certificate for this fleet.
\nIndicates whether a TLS/SSL certificate is generated for a fleet.
\nValid values include:
\n\n GENERATED - Generate a TLS/SSL certificate\n for this fleet.
\n\n DISABLED - (default) Do not generate a\n TLS/SSL certificate for this fleet.
\nA unique identifier for a container in a container fleet compute.
\n\n Returned by:\n DescribeCompute\n
" + "smithy.api#documentation": "A unique identifier for a container in a container fleet compute.
\n\n Returned by:\n DescribeCompute\n
" } }, "com.amazonaws.gamelift#ContainerAttributes": { @@ -894,7 +894,7 @@ } }, "traits": { - "smithy.api#documentation": "A container's dependency on another container in the same container group. The dependency\n impacts how the dependent container is able to start or shut down based the status of the\n other container.
\nFor example, ContainerA is configured with the following dependency: a\n START dependency on ContainerB. This means that\n ContainerA can't start until ContainerB has\n started. It also means that ContainerA must shut down before\n ContainerB.
eiifcbfhgrdurhnucnufkgbnbnnerrvbtjvljdetkehcPart of:\n GameServerContainerDefinition, GameServerContainerDefinitionInput, SupportContainerDefinition, SupportContainerDefinitionInput\n
" + "smithy.api#documentation": "A container's dependency on another container in the same container group. The dependency\n impacts how the dependent container is able to start or shut down based the status of the\n other container.
\nFor example, ContainerA is configured with the following dependency: a\n START dependency on ContainerB. This means that\n ContainerA can't start until ContainerB has\n started. It also means that ContainerA must shut down before\n ContainerB.
\n Part of:\n GameServerContainerDefinition, \n GameServerContainerDefinitionInput, \n SupportContainerDefinition, \n SupportContainerDefinitionInput\n
" } }, "com.amazonaws.gamelift#ContainerDependencyCondition": { @@ -959,7 +959,7 @@ } }, "traits": { - "smithy.api#documentation": "An environment variable to set inside a container, in the form of a key-value pair.\n
\n\n Part of:\n GameServerContainerDefinition, GameServerContainerDefinitionInput, SupportContainerDefinition, SupportContainerDefinitionInput\n
" + "smithy.api#documentation": "An environment variable to set inside a container, in the form of a key-value pair.\n
\n\n Part of:\n GameServerContainerDefinition, \n GameServerContainerDefinitionInput, \n SupportContainerDefinition, \n SupportContainerDefinitionInput\n
" } }, "com.amazonaws.gamelift#ContainerEnvironmentList": { @@ -1362,12 +1362,12 @@ "StatusReason": { "target": "com.amazonaws.gamelift#NonZeroAndMaxString", "traits": { - "smithy.api#documentation": "Additional information about a container group definition that's in FAILED\n status. Possible reasons include:
An internal issue prevented Amazon GameLift from creating\n the container group definition resource. Delete the failed resource and call \n CreateContainerGroupDefinitionagain.
\nAn access-denied message means that you don't have permissions to access the container image on ECR. See \n \n IAM permission examples\n for help setting up required IAM permissions for Amazon GameLift.
\nThe ImageUri value for at least one\n of the containers in the container group definition was invalid or not found in the current\n Amazon Web Services account.
At least one\n of the container images referenced in the container group definition exceeds the \n allowed size. For size limits, see \n Amazon GameLift endpoints and quotas.
\nAt least one of the container images referenced in the \n container group definition uses a different operating system than the one defined for the container group.
\nAdditional information about a container group definition that's in FAILED\n status. Possible reasons include:
An internal issue prevented Amazon GameLift from creating\n the container group definition resource. Delete the failed resource and call \n CreateContainerGroupDefinitionagain.
\nAn access-denied message means that you don't have permissions to access the container image on ECR. See \n \n IAM permission examples\n for help setting up required IAM permissions for Amazon GameLift.
\nThe ImageUri value for at least one\n of the containers in the container group definition was invalid or not found in the current\n Amazon Web Services account.
At least one\n of the container images referenced in the container group definition exceeds the \n allowed size. For size limits, see \n Amazon GameLift endpoints and quotas.
\nAt least one of the container images referenced in the \n container group definition uses a different operating system than the one defined for the container group.
\nThe properties that describe a container group resource. You can update all properties of\n a container group definition properties. Updates to a container group definition are saved as\n new versions.
\n\n Used with:\n CreateContainerGroupDefinition\n
\n\n Returned by:\n DescribeContainerGroupDefinition, ListContainerGroupDefinitions, UpdateContainerGroupDefinition\n
" + "smithy.api#documentation": "The properties that describe a container group resource. You can update all properties of\n a container group definition properties. Updates to a container group definition are saved as\n new versions.
\n\n Used with:\n CreateContainerGroupDefinition\n
\n\n Returned by:\n DescribeContainerGroupDefinition, \n ListContainerGroupDefinitions, \n UpdateContainerGroupDefinition\n
" } }, "com.amazonaws.gamelift#ContainerGroupDefinitionArn": { @@ -1483,7 +1483,7 @@ } }, "traits": { - "smithy.api#documentation": "Instructions on when and how to check the health of a support container in a container\n fleet. These properties override any Docker health checks that are set in the container image.\n For more information on container health checks, see HealthCheck command in the Amazon Elastic Container Service API. Game server\n containers don't have a health check parameter; Amazon GameLift automatically handles health checks\n for these containers.
\nThe following example instructs the container to initiate a health check command every 60\n seconds and wait 10 seconds for it to succeed. If it fails, retry the command 3 times before\n flagging the container as unhealthy. It also tells the container to wait 100 seconds after\n launch before counting failed health checks.
\n\n {\"Command\": [ \"CMD-SHELL\", \"ps cax | grep \"processmanager\" || exit 1\" ], \"Interval\":\n 60, \"Timeout\": 10, \"Retries\": 3, \"StartPeriod\": 100 }\n
\n Part of:\n SupportContainerDefinition, SupportContainerDefinitionInput\n
" + "smithy.api#documentation": "Instructions on when and how to check the health of a support container in a container\n fleet. These properties override any Docker health checks that are set in the container image.\n For more information on container health checks, see HealthCheck command in the Amazon Elastic Container Service API. Game server\n containers don't have a health check parameter; Amazon GameLift automatically handles health checks\n for these containers.
\nThe following example instructs the container to initiate a health check command every 60\n seconds and wait 10 seconds for it to succeed. If it fails, retry the command 3 times before\n flagging the container as unhealthy. It also tells the container to wait 100 seconds after\n launch before counting failed health checks.
\n\n {\"Command\": [ \"CMD-SHELL\", \"ps cax | grep \"processmanager\" || exit 1\" ], \"Interval\":\n 60, \"Timeout\": 10, \"Retries\": 3, \"StartPeriod\": 100 }\n
\n Part of:\n SupportContainerDefinition, SupportContainerDefinitionInput\n
" } }, "com.amazonaws.gamelift#ContainerHealthCheckInterval": { @@ -1539,7 +1539,7 @@ } }, "traits": { - "smithy.api#documentation": "A unique identifier for a container in a compute on a managed container fleet instance.\n This information makes it possible to remotely connect to a specific container on a fleet\n instance.
\n\n Related to:\n ContainerAttribute\n
\n\n Use with: \n GetComputeAccess\n
" + "smithy.api#documentation": "A unique identifier for a container in a compute on a managed container fleet instance.\n This information makes it possible to remotely connect to a specific container on a fleet\n instance.
\n\n Related to:\n ContainerAttribute\n
\n\n Use with: \n GetComputeAccess\n
" } }, "com.amazonaws.gamelift#ContainerIdentifierList": { @@ -1588,7 +1588,7 @@ } }, "traits": { - "smithy.api#documentation": "A mount point that binds a container to a file or directory on the host system.
\n\n Part of:\n GameServerContainerDefinition, GameServerContainerDefinitionInput, SupportContainerDefinition, SupportContainerDefinitionInput\n
" + "smithy.api#documentation": "A mount point that binds a container to a file or directory on the host system.
\n\n Part of:\n GameServerContainerDefinition, https://docs.aws.amazon.com/gamelift/latest/apireference/API_GameServerContainerDefinitionInput.html, SupportContainerDefinition, https://docs.aws.amazon.com/gamelift/latest/apireference/API_SupportContainerDefinitionInput.html\n
" } }, "com.amazonaws.gamelift#ContainerMountPointAccessLevel": { @@ -1654,7 +1654,7 @@ } }, "traits": { - "smithy.api#documentation": "A set of port ranges that can be opened on the container. A process that's running in the\n container can bind to a port number, making it accessible to inbound traffic. Container ports\n map to a container fleet's connection ports.
\n\n Part of:\n GameServerContainerDefinition, GameServerContainerDefinitionInput, SupportContainerDefinition, SupportContainerDefinitionInput\n
" + "smithy.api#documentation": "A set of port ranges that can be opened on the container. A process that's running in the\n container can bind to a port number, making it accessible to inbound traffic. Container ports\n map to a container fleet's connection ports.
\n\n Part of:\n GameServerContainerDefinition, \n GameServerContainerDefinitionInput, \n SupportContainerDefinition, \n SupportContainerDefinitionInput\n
" } }, "com.amazonaws.gamelift#ContainerPortRange": { @@ -1686,7 +1686,7 @@ } }, "traits": { - "smithy.api#documentation": "A set of one or more port numbers that can be opened on the container. \n
\n\n Part of:\n ContainerPortConfiguration\n
" + "smithy.api#documentation": "A set of one or more port numbers that can be opened on the container. \n
\n\n Part of:\n ContainerPortConfiguration\n
" } }, "com.amazonaws.gamelift#ContainerPortRangeList": { @@ -1836,7 +1836,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates an Amazon GameLift build resource for your game server software and stores the software\n for deployment to hosting resources. Combine game server binaries and dependencies into\n a single .zip file
\nUse the CLI command \n upload-build\n to quickly and simply create a new build\n and upload your game build .zip file to Amazon GameLift Amazon S3. This helper command eliminates\n the need to explicitly manage access permissions.
\nAlternatively, use the CreateBuild action for the following\n scenarios:
You want to create a build and upload a game build zip file from in an Amazon S3\n location that you control. In this scenario, you need to give Amazon GameLift permission\n to access to the Amazon S3 bucket. With permission in place, call\n CreateBuild and specify a build name, the build's runtime\n operating system, and the Amazon S3 storage location where the build file is\n stored.
You want to create a build and upload a local game build zip file to an Amazon S3\n location that's controlled by Amazon GameLift. (See the upload-build CLI\n command for this scenario.) In this scenario, you need to request temporary\n access credentials to the Amazon GameLift Amazon S3 location. Specify a build name and the\n build's runtime operating system. The response provides an Amazon S3 location and a\n set of temporary access credentials. Use the credentials to upload your build\n files to the specified Amazon S3 location (see Uploading Objects in\n the Amazon S3 Developer Guide). You can't update build files\n after uploading them to Amazon GameLift Amazon S3.
If successful, this action creates a new build resource with a unique build ID and\n places it in INITIALIZED status. When the build reaches READY\n status, you can create fleets with it.
\n Learn more\n
\n \n\n Create a Build with Files in Amazon S3\n
\n\n All APIs by task\n
" + "smithy.api#documentation": "Creates a new Amazon GameLift build resource for your game server binary files. Combine game\n server binaries into a zip file for use with Amazon GameLift.
\nWhen setting up a new game build for Amazon GameLift, we recommend using the CLI command \n upload-build\n . This helper command combines two tasks: (1) it\n uploads your build files from a file directory to an Amazon GameLift Amazon S3 location, and (2)\n it creates a new build resource.
\nYou can use the CreateBuild operation in the following scenarios:
Create a new game build with build files that are in an Amazon S3 location under an\n Amazon Web Services account that you control. To use this option, you give Amazon GameLift access to\n the Amazon S3 bucket. With permissions in place, specify a build name, operating\n system, and the Amazon S3 storage location of your game build.
\nUpload your build files to a Amazon GameLift Amazon S3 location. To use this option,\n specify a build name and operating system. This operation creates a new build\n resource and also returns an Amazon S3 location with temporary access credentials.\n Use the credentials to manually upload your build files to the specified Amazon S3\n location. For more information, see Uploading Objects in\n the Amazon S3 Developer Guide. After you upload build files to\n the Amazon GameLift Amazon S3 location, you can't update them.
\nIf successful, this operation creates a new build resource with a unique build ID and\n places it in INITIALIZED status. A build must be in READY\n status before you can create fleets with it.
\n Learn more\n
\n \n\n Create a Build with Files in Amazon S3\n
\n\n All APIs by task\n
" } }, "com.amazonaws.gamelift#CreateBuildInput": { @@ -1863,7 +1863,7 @@ "OperatingSystem": { "target": "com.amazonaws.gamelift#OperatingSystem", "traits": { - "smithy.api#documentation": "The environment that your game server binaries run on. This value determines the type\n of fleet resources that you use for this build. If your game build contains multiple\n executables, they all must run on the same operating system. This parameter is required,\n and there's no default value. You can't change a build's operating system later.
\nAmazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in \n the Amazon Linux 2 FAQs. \n For game servers\n that are hosted on AL2 and use Amazon GameLift server SDK 4.x., first update the\n game server build to server SDK 5.x, and then deploy to AL2023 instances. See\n \n Migrate to Amazon GameLift server SDK version 5.\n
\nThe operating system that your game server binaries run on. This value determines the\n type of fleet resources that you use for this build. If your game build contains\n multiple executables, they all must run on the same operating system. You must specify a\n valid operating system in this request. There is no default value. You can't change a\n build's operating system later.
\nAmazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in \n the Amazon Linux 2 FAQs. \n For game servers\n that are hosted on AL2 and use Amazon GameLift server SDK 4.x., first update the\n game server build to server SDK 5.x, and then deploy to AL2023 instances. See\n \n Migrate to Amazon GameLift server SDK version 5.\n
\nA container group definition resource that describes how to deploy containers with\n your game server build and support software onto each fleet instance. You can specify\n the container group definition's name to use the latest version. Alternatively, provide\n an ARN value with a specific version number.
\nCreate a container group definition by calling CreateContainerGroupDefinition. This operation creates a ContainerGroupDefinition resource.
" + "smithy.api#documentation": "A container group definition resource that describes how to deploy containers with\n your game server build and support software onto each fleet instance. You can specify\n the container group definition's name to use the latest version. Alternatively, provide\n an ARN value with a specific version number.
\nCreate a container group definition by calling \n CreateContainerGroupDefinition. \n This operation creates a \n ContainerGroupDefinition resource.
" } }, "PerInstanceContainerGroupDefinitionName": { "target": "com.amazonaws.gamelift#ContainerGroupDefinitionNameOrArn", "traits": { - "smithy.api#documentation": "The name of a container group definition resource that describes a set of axillary\n software. A fleet instance has one process for executables in this container group. A\n per-instance container group is optional. You can update the fleet to add or remove a\n per-instance container group at any time. You can specify the container group\n definition's name to use the latest version. Alternatively, provide an ARN value with a\n specific version number.
\nCreate a container group definition by calling CreateContainerGroupDefinition. \n This operation creates a ContainerGroupDefinition resource.
" + "smithy.api#documentation": "The name of a container group definition resource that describes a set of axillary\n software. A fleet instance has one process for executables in this container group. A\n per-instance container group is optional. You can update the fleet to add or remove a\n per-instance container group at any time. You can specify the container group\n definition's name to use the latest version. Alternatively, provide an ARN value with a\n specific version number.
\nCreate a container group definition by calling \n https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateContainerGroupDefinition.html. \n This operation creates a \n https://docs.aws.amazon.com/gamelift/latest/apireference/API_ContainerGroupDefinition.html resource.
" } }, "InstanceConnectionPortRange": { @@ -2090,7 +2090,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a ContainerGroupDefinition that describes a set of containers for\n hosting your game server with Amazon GameLift managed containers hosting. An Amazon GameLift container group\n is similar to a container task or pod. Use container group definitions when you create a\n container fleet with CreateContainerFleet.
A container group definition determines how Amazon GameLift deploys your containers to each\n instance in a container fleet. You can maintain multiple versions of a container group\n definition.
\nThere are two types of container groups:
\nA game server container group has the containers that run\n your game server application and supporting software. A game server container group can\n have these container types:
\nGame server container. This container runs your game server. You can define one\n game server container in a game server container group.
\nSupport container. This container runs software in parallel with your game server.\n You can define up to 8 support containers in a game server group.
\nWhen building a game server container group definition, you can choose to bundle your\n game server executable and all dependent software into a single game server container.\n Alternatively, you can separate the software into one game server container and one or\n more support containers.
\nOn a container fleet instance, a game server container group can be deployed multiple\n times (depending on the compute resources of the instance). This means that all containers\n in the container group are replicated together.
\nA per-instance container group has containers for processes\n that aren't replicated on a container fleet instance. This might include background\n services, logging, test processes, or processes that need to persist independently of the\n game server container group. When building a per-instance container group, you can define\n up to 10 support containers.
\nThis operation requires Identity and Access Management (IAM) permissions to access container images in\n Amazon ECR repositories. See IAM permissions\n for Amazon GameLift for help setting the appropriate permissions.
\n\n Request options\n
\nUse this operation to make the following types of requests. You can specify values for the\n minimum required parameters and customize optional values later.
\nCreate a game server container group definition. Provide the following required parameter values:
\n\n Name\n
\n ContainerGroupType (GAME_SERVER)
\n OperatingSystem (omit to use default value)
\n TotalMemoryLimitMebibytes (omit to use default value)
\n TotalVcpuLimit (omit to use default value)
At least one GameServerContainerDefinition\n
\n ContainerName\n
\n ImageUrl\n
\n PortConfiguration\n
\n ServerSdkVersion (omit to use default value)
Create a per-instance container group definition. Provide the following required parameter\n values:
\n\n Name\n
\n ContainerGroupType (PER_INSTANCE)
\n OperatingSystem (omit to use default value)
\n TotalMemoryLimitMebibytes (omit to use default value)
\n TotalVcpuLimit (omit to use default value)
At least one SupportContainerDefinition\n
\n ContainerName\n
\n ImageUrl\n
\n Results\n
\nIf successful, this request creates a ContainerGroupDefinition resource and\n assigns a unique ARN value. You can update most properties of a container group definition by\n calling UpdateContainerGroupDefinition, and optionally save the update as a new version.
Creates a ContainerGroupDefinition that describes a set of containers for\n hosting your game server with Amazon GameLift managed containers hosting. An Amazon GameLift container group\n is similar to a container task or pod. Use container group definitions when you create a\n container fleet with CreateContainerFleet.
A container group definition determines how Amazon GameLift deploys your containers to each\n instance in a container fleet. You can maintain multiple versions of a container group\n definition.
\nThere are two types of container groups:
\nA game server container group has the containers that run\n your game server application and supporting software. A game server container group can\n have these container types:
\nGame server container. This container runs your game server. You can define one\n game server container in a game server container group.
\nSupport container. This container runs software in parallel with your game server.\n You can define up to 8 support containers in a game server group.
\nWhen building a game server container group definition, you can choose to bundle your\n game server executable and all dependent software into a single game server container.\n Alternatively, you can separate the software into one game server container and one or\n more support containers.
\nOn a container fleet instance, a game server container group can be deployed multiple\n times (depending on the compute resources of the instance). This means that all containers\n in the container group are replicated together.
\nA per-instance container group has containers for processes\n that aren't replicated on a container fleet instance. This might include background\n services, logging, test processes, or processes that need to persist independently of the\n game server container group. When building a per-instance container group, you can define\n up to 10 support containers.
\nThis operation requires Identity and Access Management (IAM) permissions to access container images in\n Amazon ECR repositories. See IAM permissions\n for Amazon GameLift for help setting the appropriate permissions.
\n\n Request options\n
\nUse this operation to make the following types of requests. You can specify values for the\n minimum required parameters and customize optional values later.
\nCreate a game server container group definition. Provide the following required parameter values:
\n\n Name\n
\n ContainerGroupType (GAME_SERVER)
\n OperatingSystem (omit to use default value)
\n TotalMemoryLimitMebibytes (omit to use default value)
\n TotalVcpuLimit (omit to use default value)
At least one GameServerContainerDefinition\n
\n ContainerName\n
\n ImageUrl\n
\n PortConfiguration\n
\n ServerSdkVersion (omit to use default value)
Create a per-instance container group definition. Provide the following required parameter\n values:
\n\n Name\n
\n ContainerGroupType (PER_INSTANCE)
\n OperatingSystem (omit to use default value)
\n TotalMemoryLimitMebibytes (omit to use default value)
\n TotalVcpuLimit (omit to use default value)
At least one SupportContainerDefinition\n
\n ContainerName\n
\n ImageUrl\n
\n Results\n
\nIf successful, this request creates a ContainerGroupDefinition resource and\n assigns a unique ARN value. You can update most properties of a container group definition by\n calling UpdateContainerGroupDefinition, and optionally save the update as a new version.
The IP address ranges and port settings that allow inbound traffic to access game\n server processes and other processes on this fleet. Set this parameter for managed EC2 \n fleets. You can leave this parameter empty when creating the fleet, but you must call \n UpdateFleetPortSettings to set it before players can connect to game sessions. \n As a best practice, we recommend \n opening ports for remote access only when you need them and closing them when you're finished. \n For Realtime Servers fleets, Amazon GameLift automatically sets TCP and UDP ranges.
" + "smithy.api#documentation": "The IP address ranges and port settings that allow inbound traffic to access game\n server processes and other processes on this fleet. Set this parameter for managed EC2 fleets. You can leave this parameter empty when creating the fleet, but you must call \n https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetPortSettings to set it before players can connect to game sessions. \n As a best practice, we recommend \n opening ports for remote access only when you need them and closing them when you're finished. \n For Realtime Servers fleets, Amazon GameLift automatically sets TCP and UDP ranges.
" } }, "NewGameSessionProtectionPolicy": { @@ -2346,7 +2346,7 @@ "ComputeType": { "target": "com.amazonaws.gamelift#ComputeType", "traits": { - "smithy.api#documentation": "The type of compute resource used to host your game servers.
\n\n EC2 – The game server build is deployed to Amazon EC2 instances for\n cloud hosting. This is the default setting.
\n ANYWHERE – Your game server\n and supporting software is deployed to compute resources that are provided and\n managed by you. With this compute type, you can also set the\n AnywhereConfiguration parameter.
The type of compute resource used to host your game servers.
\n\n EC2 – The game server build is deployed to Amazon EC2 instances for\n cloud hosting. This is the default setting.
\n ANYWHERE – Game servers \n and supporting software are deployed to compute resources that you provide and\n manage. With this compute type, you can also set the\n AnywhereConfiguration parameter.
Adds remote locations to a managed EC2 fleet or managed container fleet and begins populating the new\n locations with instances. The new instances conform to the fleet's instance type,\n auto-scaling, and other configuration settings.
\nYou can't add remote locations to a fleet that resides in an Amazon Web Services Region that\n doesn't support multiple locations. Fleets created prior to March 2021 can't support\n multiple locations.
\nTo add fleet locations, specify the fleet to be updated and provide a list of one or\n more locations.
\nIf successful, this operation returns the list of added locations with their status\n set to NEW. Amazon GameLift initiates the process of starting an instance in each\n added location. You can track the status of each new location by monitoring location\n creation events using DescribeFleetEvents.
\n Learn more\n
\n\n Setting up\n fleets\n
\n \n\n \n Amazon GameLift service locations for managed hosting.
" + "smithy.api#documentation": "Adds remote locations to an EC2 and begins populating the new locations with\n instances. The new instances conform to the fleet's instance type, auto-scaling, and\n other configuration settings.
\nYou can't add remote locations to a fleet that resides in an Amazon Web Services Region that\n doesn't support multiple locations. Fleets created prior to March 2021 can't support\n multiple locations.
\nTo add fleet locations, specify the fleet to be updated and provide a list of one or\n more locations.
\nIf successful, this operation returns the list of added locations with their status\n set to NEW. Amazon GameLift initiates the process of starting an instance in each\n added location. You can track the status of each new location by monitoring location\n creation events using DescribeFleetEvents.
\n Learn more\n
\n\n Setting up\n fleets\n
\n \n\n \n Amazon GameLift service locations for managed hosting.
" } }, "com.amazonaws.gamelift#CreateFleetLocationsInput": { @@ -2650,7 +2650,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a multiplayer game session for players in a specific fleet location. This\n operation prompts an available server process to start a game session and retrieves\n connection information for the new game session. As an alternative, consider using the\n Amazon GameLift game session placement feature with StartGameSessionPlacement , which uses the FleetIQ algorithm and queues to\n optimize the placement process.
\nWhen creating a game session, you specify exactly where you want to place it and\n provide a set of game session configuration settings. The target fleet must be in\n ACTIVE status.
You can use this operation in the following ways:
\nTo create a game session on an instance in a fleet's home Region, provide a\n fleet or alias ID along with your game session configuration.
\nTo create a game session on an instance in a fleet's remote location, provide\n a fleet or alias ID and a location name, along with your game session\n configuration.
\nTo create a game session on an instance in an Anywhere fleet, specify the\n fleet's custom location.
\nIf successful, Amazon GameLift initiates a workflow to start a new game session and returns a\n GameSession object containing the game session configuration and\n status. When the game session status is ACTIVE, it is updated with\n connection information and you can create player sessions for the game session. By\n default, newly created game sessions are open to new players. You can restrict new\n player access by using UpdateGameSession to change the game session's player session creation\n policy.
Amazon GameLift retains logs for active for 14 days. To access the logs, call GetGameSessionLogUrl to download the log files.
\n\n Available in Amazon GameLift Local.\n
\n\n Learn more\n
\n\n Start a game session\n
\n\n All APIs by task\n
" + "smithy.api#documentation": "Creates a multiplayer game session for players in a specific fleet location. This\n operation prompts an available server process to start a game session and retrieves\n connection information for the new game session. As an alternative, consider using the\n Amazon GameLift game session placement feature with StartGameSessionPlacement, which uses the FleetIQ algorithm and queues to\n optimize the placement process.
\nWhen creating a game session, you specify exactly where you want to place it and\n provide a set of game session configuration settings. The target fleet must be in\n ACTIVE status.
You can use this operation in the following ways:
\nTo create a game session on an instance in a fleet's home Region, provide a\n fleet or alias ID along with your game session configuration.
\nTo create a game session on an instance in a fleet's remote location, provide\n a fleet or alias ID and a location name, along with your game session\n configuration.
\nTo create a game session on an instance in an Anywhere fleet, specify the\n fleet's custom location.
\nIf successful, Amazon GameLift initiates a workflow to start a new game session and returns a\n GameSession object containing the game session configuration and\n status. When the game session status is ACTIVE, it is updated with\n connection information and you can create player sessions for the game session. By\n default, newly created game sessions are open to new players. You can restrict new\n player access by using UpdateGameSession to change the game session's player session creation\n policy.
Amazon GameLift retains logs for active for 14 days. To access the logs, call GetGameSessionLogUrl to download the log files.
\n\n Available in Amazon GameLift Local.\n
\n\n Learn more\n
\n\n Start a game session\n
\n\n All APIs by task\n
" } }, "com.amazonaws.gamelift#CreateGameSessionInput": { @@ -3326,7 +3326,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a script resource for your Realtime Servers script. Realtime scripts are JavaScript files\n that provide configuration settings and optional custom game logic for your game. Script\n logic is executed during an active game session. To deploy Realtime Servers for hosting, create an\n Amazon GameLift managed fleet with the script.
\nTo create a script resource, specify a script name and provide the script file(s). The\n script files and all dependencies must be combined into a single .zip file. You can\n upload the .zip file from either of these locations:
\nA locally available directory. Use the ZipFile parameter\n for this option.
\nAn Amazon Simple Storage Service (Amazon S3) bucket under your Amazon Web Services account. Use the\n StorageLocation parameter for this option. You'll need\n to have an Identity Access Management (IAM) role that allows the Amazon GameLift service\n to access your S3 bucket.
\nIf the call is successful, Amazon GameLift creates a new script resource with a unique script\n ID. The script is uploaded to an Amazon S3 bucket that is owned by Amazon GameLift.
\n\n Learn more\n
\n\n Amazon GameLift Realtime Servers\n
\n\n Set Up a Role for Amazon GameLift Access\n
\n\n Related actions\n
\n\n All APIs by task\n
" + "smithy.api#documentation": "Creates a new script record for your Realtime Servers script. Realtime scripts are JavaScript that\n provide configuration settings and optional custom game logic for your game. The script\n is deployed when you create a Realtime Servers fleet to host your game sessions. Script logic is\n executed during an active game session.
\nTo create a new script record, specify a script name and provide the script file(s).\n The script files and all dependencies must be zipped into a single file. You can pull\n the zip file from either of these locations:
\nA locally available directory. Use the ZipFile parameter\n for this option.
\nAn Amazon Simple Storage Service (Amazon S3) bucket under your Amazon Web Services account. Use the\n StorageLocation parameter for this option. You'll need\n to have an Identity Access Management (IAM) role that allows the Amazon GameLift service\n to access your S3 bucket.
\nIf the call is successful, a new script record is created with a unique script ID. If\n the script file is provided as a local file, the file is uploaded to an Amazon GameLift-owned S3\n bucket and the script record's storage location reflects this location. If the script\n file is provided as an S3 bucket, Amazon GameLift accesses the file at this storage location as\n needed for deployment.
\n\n Learn more\n
\n\n Amazon GameLift Realtime Servers\n
\n\n Set Up a Role for Amazon GameLift Access\n
\n\n Related actions\n
\n\n All APIs by task\n
" } }, "com.amazonaws.gamelift#CreateScriptInput": { @@ -3713,7 +3713,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes a container group definition. You can delete a container group definition if there\n are no fleets using the definition.
\n\n Request options:\n
\nDelete an entire container group definition, including all versions. Specify the\n container group definition name, or use an ARN value without the version number.
\nDelete a particular version. Specify the container group definition name and a version\n number, or use an ARN value that includes the version number.
\nKeep the newest versions and delete all older versions. Specify the container group\n definition name and the number of versions to retain. For example, set\n VersionCountToRetain to 5 to delete all but the five most recent\n versions.
\n Learn more\n
\nDeletes a container group definition.
\n\n Request options:\n
\nDelete an entire container group definition, including all versions. Specify the\n container group definition name, or use an ARN value without the version number.
\nDelete a particular version. Specify the container group definition name and a version\n number, or use an ARN value that includes the version number.
\nKeep the newest versions and delete all older versions. Specify the container group\n definition name and the number of versions to retain. For example, set\n VersionCountToRetain to 5 to delete all but the five most recent\n versions.
\n Result\n
\nIf successful, Amazon GameLift removes the container group definition versions that you request deletion for. \n This request will fail for any requested versions if the following is true:
\nIf the version is being used in an active fleet
\nIf the version is being deployed to a fleet in a deployment that's currently in progress.
\nIf the version is designated as a rollback definition in a fleet deployment that's currently in progress.
\n\n Learn more\n
\nRetrieves properties for a compute resource in an Amazon GameLift fleet. To get a list of all\n computes in a fleet, call ListCompute.
\nTo request information on a specific compute, provide the fleet ID and compute\n name.
\nIf successful, this operation returns details for the requested compute resource.\n Depending on the fleet's compute type, the result includes the following information:
\nFor managed EC2 fleets, this operation returns information about the EC2\n instance.
\nFor Anywhere fleets, this operation returns information about the\n registered compute.
\nRetrieves properties for a compute resource in an Amazon GameLift fleet. To get a list of all\n computes in a fleet, call https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListCompute.html.
\nTo request information on a specific compute, provide the fleet ID and compute\n name.
\nIf successful, this operation returns details for the requested compute resource.\n Depending on the fleet's compute type, the result includes the following information:
\nFor managed EC2 fleets, this operation returns information about the EC2\n instance.
\nFor Anywhere fleets, this operation returns information about the\n registered compute.
\nRetrieves the resource capacity settings for one or more fleets. For a container\n fleet, this operation also returns counts for game server container groups.
\nWith multi-location fleets, this operation retrieves data for the fleet's home Region\n only. To retrieve capacity for remote locations, see \n DescribeFleetLocationCapacity.
\nThis operation can be used in the following ways:
\nTo get capacity data for one or more specific fleets, provide a list of fleet\n IDs or fleet ARNs.
\nTo get capacity data for all fleets, do not provide a fleet identifier.\n
\nWhen requesting multiple fleets, use the pagination parameters to retrieve results as\n a set of sequential pages.
\nIf successful, a FleetCapacity object is returned for each requested\n fleet ID. Each FleetCapacity object includes a Location\n property, which is set to the fleet's home Region. Capacity values are returned only for\n fleets that currently exist.
Some API operations may limit the number of fleet IDs that are allowed in one\n request. If a request exceeds this limit, the request fails and the error message\n includes the maximum allowed.
\n\n Learn more\n
\n\n Setting up Amazon GameLift\n fleets\n
\n\n GameLift metrics for fleets\n
", + "smithy.api#documentation": "Retrieves the resource capacity settings for one or more fleets. For a container\n fleet, this operation also returns counts for game server container groups.
\nWith multi-location fleets, this operation retrieves data for the fleet's home Region\n only. To retrieve capacity for remote locations, see \n https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html.
\nThis operation can be used in the following ways:
\nTo get capacity data for one or more specific fleets, provide a list of fleet\n IDs or fleet ARNs.
\nTo get capacity data for all fleets, do not provide a fleet identifier.\n
\nWhen requesting multiple fleets, use the pagination parameters to retrieve results as\n a set of sequential pages.
\nIf successful, a FleetCapacity object is returned for each requested\n fleet ID. Each FleetCapacity object includes a Location\n property, which is set to the fleet's home Region. Capacity values are returned only for\n fleets that currently exist.
Some API operations may limit the number of fleet IDs that are allowed in one\n request. If a request exceeds this limit, the request fails and the error message\n includes the maximum allowed.
\n\n Learn more\n
\n\n Setting up Amazon GameLift\n fleets\n
\n\n GameLift metrics for fleets\n
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -5543,7 +5543,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves a fleet's inbound connection permissions. Inbound permissions specify IP\n addresses and port settings that incoming traffic can use to access server processes in\n the fleet. Game server processes that are running in the fleet must use a port that\n falls within this range. To connect to game server processes on a managed container fleet, the\n port settings should include one or more of the container fleet's connection ports.
\nUse this operation in the following ways:
\nTo retrieve the port settings for a fleet, identify the fleet's unique\n identifier.
\nTo check the status of recent updates to a fleet remote location, specify the\n fleet ID and a location. Port setting updates can take time to propagate across\n all locations.
\nIf successful, a set of IpPermission objects is returned for the\n requested fleet ID. When specifying a location, this operation returns a pending status.\n If the requested fleet has been deleted, the result set is empty.
\n Learn more\n
\n\n Setting up Amazon GameLift\n fleets\n
" + "smithy.api#documentation": "Retrieves a fleet's inbound connection permissions. Connection permissions specify IP\n addresses and port settings that incoming traffic can use to access server processes in\n the fleet. Game server processes that are running in the fleet must use a port that\n falls within this range.
\nUse this operation in the following ways:
\nTo retrieve the port settings for a fleet, identify the fleet's unique\n identifier.
\nTo check the status of recent updates to a fleet remote location, specify the\n fleet ID and a location. Port setting updates can take time to propagate across\n all locations.
\nIf successful, a set of IpPermission objects is returned for the\n requested fleet ID. When specifying a location, this operation returns a pending status.\n If the requested fleet has been deleted, the result set is empty.
\n Learn more\n
\n\n Setting up Amazon GameLift\n fleets\n
" } }, "com.amazonaws.gamelift#DescribeFleetPortSettingsInput": { @@ -6266,7 +6266,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves information about the EC2 instances in an Amazon GameLift managed fleet, including\n instance ID, connection data, and status. You can use this operation with a\n multi-location fleet to get location-specific instance information. As an alternative,\n use the operations ListCompute and DescribeCompute\n to retrieve information for compute resources, including EC2 and Anywhere fleets.
\nYou can call this operation in the following ways:
\nTo get information on all instances in a fleet's home Region, specify the\n fleet ID.
\nTo get information on all instances in a fleet's remote location, specify the\n fleet ID and location name.
\nTo get information on a specific instance in a fleet, specify the fleet ID and\n instance ID.
\nUse the pagination parameters to retrieve results as a set of sequential pages.
\nIf successful, this operation returns Instance objects for each requested\n instance, listed in no particular order. If you call this operation for an Anywhere\n fleet, you receive an InvalidRequestException.
\n Learn more\n
\n\n Remotely connect to\n fleet instances\n
\n\n Debug fleet\n issues\n
\n\n Related actions\n
\n\n All APIs by task\n
", + "smithy.api#documentation": "Retrieves information about the EC2 instances in an Amazon GameLift managed fleet, including\n instance ID, connection data, and status. You can use this operation with a\n multi-location fleet to get location-specific instance information. As an alternative,\n use the operations https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListCompute and https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeCompute\n to retrieve information for compute resources, including EC2 and Anywhere fleets.
\nYou can call this operation in the following ways:
\nTo get information on all instances in a fleet's home Region, specify the\n fleet ID.
\nTo get information on all instances in a fleet's remote location, specify the\n fleet ID and location name.
\nTo get information on a specific instance in a fleet, specify the fleet ID and\n instance ID.
\nUse the pagination parameters to retrieve results as a set of sequential pages.
\nIf successful, this operation returns Instance objects for each requested\n instance, listed in no particular order. If you call this operation for an Anywhere\n fleet, you receive an InvalidRequestException.
\n Learn more\n
\n\n Remotely connect to\n fleet instances\n
\n\n Debug fleet\n issues\n
\n\n Related actions\n
\n\n All APIs by task\n
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -6668,7 +6668,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves a fleet's runtime configuration settings. The runtime configuration\n determines which server processes run, and how they run, and how many run concurrently \n on computes in managed EC2 and Anywhere fleets. You can update a fleet's runtime configuration\n at any time using UpdateRuntimeConfiguration.
\nTo get the current runtime configuration for a fleet, provide the fleet ID.
\nIf successful, a RuntimeConfiguration object is returned for the\n requested fleet. If the requested fleet has been deleted, the result set is\n empty.
\n Learn more\n
\n\n Setting up Amazon GameLift\n fleets\n
\n\n Running multiple\n processes on a fleet\n
" + "smithy.api#documentation": "Retrieves a fleet's runtime configuration settings. The runtime configuration\n determines which server processes run, and how, on computes in the fleet. For managed\n EC2 fleets, the runtime configuration describes server processes that run on each fleet\n instance.\n can update a fleet's runtime configuration at any time using \n UpdateRuntimeConfiguration.
\nTo get the current runtime configuration for a fleet, provide the fleet ID.
\nIf successful, a RuntimeConfiguration object is returned for the\n requested fleet. If the requested fleet has been deleted, the result set is\n empty.
\n Learn more\n
\n\n Setting up Amazon GameLift\n fleets\n
\n\n Running multiple\n processes on a fleet\n
" } }, "com.amazonaws.gamelift#DescribeRuntimeConfigurationInput": { @@ -8156,7 +8156,7 @@ "EventCode": { "target": "com.amazonaws.gamelift#EventCode", "traits": { - "smithy.api#documentation": "The type of event being logged.
\n\n Fleet state transition events:\n
\nFLEET_CREATED -- A fleet resource was successfully created with a status of\n NEW. Event messaging includes the fleet ID.
FLEET_STATE_DOWNLOADING -- Fleet status changed from NEW to\n DOWNLOADING. Amazon GameLift is downloading the compressed build and\n running install scripts.
FLEET_STATE_VALIDATING -- Fleet status changed from DOWNLOADING\n to VALIDATING. Amazon GameLift has successfully installed build and is now\n validating the build files.
FLEET_STATE_BUILDING -- Fleet status changed from VALIDATING to\n BUILDING. Amazon GameLift has successfully verified the build files and\n is now launching a fleet instance.
FLEET_STATE_ACTIVATING -- Fleet status changed from BUILDING to\n ACTIVATING. Amazon GameLift is launching a game server process on the\n fleet instance and is testing its connectivity with the Amazon GameLift service.
FLEET_STATE_ACTIVE -- The fleet's status changed from ACTIVATING\n to ACTIVE. The fleet is now ready to host game sessions.
FLEET_STATE_ERROR -- The Fleet's status changed to ERROR.\n Describe the fleet event message for more details.
\n Fleet creation events (ordered by fleet creation\n activity):\n
\nFLEET_BINARY_DOWNLOAD_FAILED -- The build failed to download to the fleet\n instance.
\nFLEET_CREATION_EXTRACTING_BUILD -- The game server build was successfully\n downloaded to an instance, and Amazon GameLiftis now extracting the build files from the\n uploaded build. Failure at this stage prevents a fleet from moving to ACTIVE\n status. Logs for this stage display a list of the files that are extracted and\n saved on the instance. Access the logs by using the URL in\n PreSignedLogUrl.
\nFLEET_CREATION_RUNNING_INSTALLER -- The game server build files were\n successfully extracted, and Amazon GameLift is now running the build's install script\n (if one is included). Failure in this stage prevents a fleet from moving to\n ACTIVE status. Logs for this stage list the installation steps and whether or\n not the install completed successfully. Access the logs by using the URL in\n PreSignedLogUrl.
\nFLEET_CREATION_COMPLETED_INSTALLER -- The game server build files were\n successfully installed and validation of the installation will begin\n soon.
\nFLEET_CREATION_FAILED_INSTALLER -- The installed failed while attempting to\n install the build files. This event indicates that the failure occurred before\n Amazon GameLift could start validation.
\nFLEET_CREATION_VALIDATING_RUNTIME_CONFIG -- The build process was successful,\n and the GameLift is now verifying that the game server launch paths, which are\n specified in the fleet's runtime configuration, exist. If any listed launch path\n exists, Amazon GameLift tries to launch a game server process and waits for the process\n to report ready. Failures in this stage prevent a fleet from moving to\n ACTIVE status. Logs for this stage list the launch paths in the\n runtime configuration and indicate whether each is found. Access the logs by\n using the URL in PreSignedLogUrl.
FLEET_VALIDATION_LAUNCH_PATH_NOT_FOUND -- Validation of the runtime\n configuration failed because the executable specified in a launch path does not\n exist on the instance.
\nFLEET_VALIDATION_EXECUTABLE_RUNTIME_FAILURE -- Validation of the runtime\n configuration failed because the executable specified in a launch path failed to\n run on the fleet instance.
\nFLEET_VALIDATION_TIMED_OUT -- Validation of the fleet at the end of creation\n timed out. Try fleet creation again.
\nFLEET_ACTIVATION_FAILED -- The fleet failed to successfully complete one of\n the steps in the fleet activation process. This event code indicates that the\n game build was successfully downloaded to a fleet instance, built, and\n validated, but was not able to start a server process. For more information, see\n Debug Fleet Creation Issues.
\nFLEET_ACTIVATION_FAILED_NO_INSTANCES -- Fleet creation was not able to obtain\n any instances based on the input fleet attributes. Try again at a different time\n or choose a different combination of fleet attributes such as fleet type,\n instance type, etc.
\nFLEET_INITIALIZATION_FAILED -- A generic exception occurred during fleet\n creation. Describe the fleet event message for more details.
\n\n VPC peering events:\n
\nFLEET_VPC_PEERING_SUCCEEDED -- A VPC peering connection has been established\n between the VPC for an Amazon GameLift fleet and a VPC in your Amazon Web Services account.
\nFLEET_VPC_PEERING_FAILED -- A requested VPC peering connection has failed.\n Event details and status information provide additional detail. A common reason\n for peering failure is that the two VPCs have overlapping CIDR blocks of IPv4\n addresses. To resolve this, change the CIDR block for the VPC in your Amazon Web Services\n account. For more information on VPC peering failures, see https://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/invalid-peering-configurations.html\n
\nFLEET_VPC_PEERING_DELETED -- A VPC peering connection has been successfully\n deleted.
\n\n Container group events:\n
\nCONTAINER_GROUP_REGISTRATION_FAILED – A game server container group started, but \n timed out before calling RegisterCompute.
CONTAINER_GROUP_CRASHED A game server container group started and terminated without \n calling RegisterCompute.
\n Spot instance events:\n
\nINSTANCE_INTERRUPTED -- A spot instance was interrupted by EC2 with a\n two-minute notification.
\nINSTANCE_RECYCLED -- A spot instance was determined to have a high risk \n of interruption and is scheduled to be recycled once it has no active \n game sessions.
\n\n Server process events:\n
\nSERVER_PROCESS_INVALID_PATH -- The game server executable or script could not\n be found based on the Fleet runtime configuration. Check that the launch path is\n correct based on the operating system of the Fleet.
\nSERVER_PROCESS_SDK_INITIALIZATION_TIMEOUT -- The server process did not call\n InitSDK() within the time expected (5 minutes). Check your game\n session log to see why InitSDK() was not called in time.
SERVER_PROCESS_PROCESS_READY_TIMEOUT -- The server process did not call\n ProcessReady() within the time expected (5 minutes) after\n calling InitSDK(). Check your game session log to see why\n ProcessReady() was not called in time.
SERVER_PROCESS_CRASHED -- The server process exited without calling\n ProcessEnding(). Check your game session log to see why\n ProcessEnding() was not called.
SERVER_PROCESS_TERMINATED_UNHEALTHY -- The server process did not report a\n valid health check for too long and was therefore terminated by GameLift. Check\n your game session log to see if the thread became stuck processing a synchronous\n task for too long.
\nSERVER_PROCESS_FORCE_TERMINATED -- The server process did not exit cleanly\n within the time expected after OnProcessTerminate() was sent. Check\n your game session log to see why termination took longer than expected.
SERVER_PROCESS_PROCESS_EXIT_TIMEOUT -- The server process did not exit cleanly\n within the time expected (30 seconds) after calling\n ProcessEnding(). Check your game session log to see why termination\n took longer than expected.
\n Game session events:\n
\nGAME_SESSION_ACTIVATION_TIMEOUT -- GameSession failed to activate within the\n expected time. Check your game session log to see why\n ActivateGameSession() took longer to complete than\n expected.
\n Other fleet events:\n
\nFLEET_SCALING_EVENT -- A change was made to the fleet's capacity settings\n (desired instances, minimum/maximum scaling limits). Event messaging includes\n the new capacity settings.
\nFLEET_NEW_GAME_SESSION_PROTECTION_POLICY_UPDATED -- A change was made to the\n fleet's game session protection policy setting. Event messaging includes both\n the old and new policy setting.
\nFLEET_DELETED -- A request to delete a fleet was initiated.
\nGENERIC_EVENT -- An unspecified event has occurred.
\nThe type of event being logged.
\n\n Fleet state transition events:\n
\nFLEET_CREATED -- A fleet resource was successfully created with a status of\n NEW. Event messaging includes the fleet ID.
FLEET_STATE_DOWNLOADING -- Fleet status changed from NEW to\n DOWNLOADING. Amazon GameLift is downloading the compressed build and\n running install scripts.
FLEET_STATE_VALIDATING -- Fleet status changed from DOWNLOADING\n to VALIDATING. Amazon GameLift has successfully installed build and is now\n validating the build files.
FLEET_STATE_BUILDING -- Fleet status changed from VALIDATING to\n BUILDING. Amazon GameLift has successfully verified the build files and\n is now launching a fleet instance.
FLEET_STATE_ACTIVATING -- Fleet status changed from BUILDING to\n ACTIVATING. Amazon GameLift is launching a game server process on the\n fleet instance and is testing its connectivity with the Amazon GameLift service.
FLEET_STATE_ACTIVE -- The fleet's status changed from ACTIVATING\n to ACTIVE. The fleet is now ready to host game sessions.
FLEET_STATE_ERROR -- The Fleet's status changed to ERROR.\n Describe the fleet event message for more details.
\n Fleet creation events (ordered by fleet creation\n activity):\n
\nFLEET_BINARY_DOWNLOAD_FAILED -- The build failed to download to the fleet\n instance.
\nFLEET_CREATION_EXTRACTING_BUILD -- The game server build was successfully\n downloaded to an instance, and Amazon GameLiftis now extracting the build files from the\n uploaded build. Failure at this stage prevents a fleet from moving to ACTIVE\n status. Logs for this stage display a list of the files that are extracted and\n saved on the instance. Access the logs by using the URL in\n PreSignedLogUrl.
\nFLEET_CREATION_RUNNING_INSTALLER -- The game server build files were\n successfully extracted, and Amazon GameLift is now running the build's install script\n (if one is included). Failure in this stage prevents a fleet from moving to\n ACTIVE status. Logs for this stage list the installation steps and whether or\n not the install completed successfully. Access the logs by using the URL in\n PreSignedLogUrl.
\nFLEET_CREATION_COMPLETED_INSTALLER -- The game server build files were\n successfully installed and validation of the installation will begin\n soon.
\nFLEET_CREATION_FAILED_INSTALLER -- The installed failed while attempting to\n install the build files. This event indicates that the failure occurred before\n Amazon GameLift could start validation.
\nFLEET_CREATION_VALIDATING_RUNTIME_CONFIG -- The build process was successful,\n and the GameLift is now verifying that the game server launch paths, which are\n specified in the fleet's runtime configuration, exist. If any listed launch path\n exists, Amazon GameLift tries to launch a game server process and waits for the process\n to report ready. Failures in this stage prevent a fleet from moving to\n ACTIVE status. Logs for this stage list the launch paths in the\n runtime configuration and indicate whether each is found. Access the logs by\n using the URL in PreSignedLogUrl.
FLEET_VALIDATION_LAUNCH_PATH_NOT_FOUND -- Validation of the runtime\n configuration failed because the executable specified in a launch path does not\n exist on the instance.
\nFLEET_VALIDATION_EXECUTABLE_RUNTIME_FAILURE -- Validation of the runtime\n configuration failed because the executable specified in a launch path failed to\n run on the fleet instance.
\nFLEET_VALIDATION_TIMED_OUT -- Validation of the fleet at the end of creation\n timed out. Try fleet creation again.
\nFLEET_ACTIVATION_FAILED -- The fleet failed to successfully complete one of\n the steps in the fleet activation process. This event code indicates that the\n game build was successfully downloaded to a fleet instance, built, and\n validated, but was not able to start a server process. For more information, see\n Debug Fleet Creation Issues.
\nFLEET_ACTIVATION_FAILED_NO_INSTANCES -- Fleet creation was not able to obtain\n any instances based on the input fleet attributes. Try again at a different time\n or choose a different combination of fleet attributes such as fleet type,\n instance type, etc.
\nFLEET_INITIALIZATION_FAILED -- A generic exception occurred during fleet\n creation. Describe the fleet event message for more details.
\n\n VPC peering events:\n
\nFLEET_VPC_PEERING_SUCCEEDED -- A VPC peering connection has been established\n between the VPC for an Amazon GameLift fleet and a VPC in your Amazon Web Services account.
\nFLEET_VPC_PEERING_FAILED -- A requested VPC peering connection has failed.\n Event details and status information provide additional detail. A common reason\n for peering failure is that the two VPCs have overlapping CIDR blocks of IPv4\n addresses. To resolve this, change the CIDR block for the VPC in your Amazon Web Services\n account. For more information on VPC peering failures, see https://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/invalid-peering-configurations.html\n
\nFLEET_VPC_PEERING_DELETED -- A VPC peering connection has been successfully\n deleted.
\n\n Spot instance events:\n
\nINSTANCE_INTERRUPTED -- A spot instance was interrupted by EC2 with a\n two-minute notification.
\nINSTANCE_RECYCLED -- A spot instance was determined to have a high risk \n of interruption and is scheduled to be recycled once it has no active \n game sessions.
\n\n Server process events:\n
\nSERVER_PROCESS_INVALID_PATH -- The game server executable or script could not\n be found based on the Fleet runtime configuration. Check that the launch path is\n correct based on the operating system of the Fleet.
\nSERVER_PROCESS_SDK_INITIALIZATION_TIMEOUT -- The server process did not call\n InitSDK() within the time expected (5 minutes). Check your game\n session log to see why InitSDK() was not called in time.
SERVER_PROCESS_PROCESS_READY_TIMEOUT -- The server process did not call\n ProcessReady() within the time expected (5 minutes) after\n calling InitSDK(). Check your game session log to see why\n ProcessReady() was not called in time.
SERVER_PROCESS_CRASHED -- The server process exited without calling\n ProcessEnding(). Check your game session log to see why\n ProcessEnding() was not called.
SERVER_PROCESS_TERMINATED_UNHEALTHY -- The server process did not report a\n valid health check for too long and was therefore terminated by GameLift. Check\n your game session log to see if the thread became stuck processing a synchronous\n task for too long.
\nSERVER_PROCESS_FORCE_TERMINATED -- The server process did not exit cleanly\n within the time expected after OnProcessTerminate() was sent. Check\n your game session log to see why termination took longer than expected.
SERVER_PROCESS_PROCESS_EXIT_TIMEOUT -- The server process did not exit cleanly\n within the time expected (30 seconds) after calling\n ProcessEnding(). Check your game session log to see why termination\n took longer than expected.
\n Game session events:\n
\nGAME_SESSION_ACTIVATION_TIMEOUT -- GameSession failed to activate within the\n expected time. Check your game session log to see why\n ActivateGameSession() took longer to complete than\n expected.
\n Other fleet events:\n
\nFLEET_SCALING_EVENT -- A change was made to the fleet's capacity settings\n (desired instances, minimum/maximum scaling limits). Event messaging includes\n the new capacity settings.
\nFLEET_NEW_GAME_SESSION_PROTECTION_POLICY_UPDATED -- A change was made to the\n fleet's game session protection policy setting. Event messaging includes both\n the old and new policy setting.
\nFLEET_DELETED -- A request to delete a fleet was initiated.
\nGENERIC_EVENT -- An unspecified event has occurred.
\nThe Amazon EC2 instance type that the fleet uses. Instance type determines the computing\n resources of each instance in the fleet, including CPU, memory, storage, and networking\n capacity. See Amazon Elastic Compute Cloud Instance\n Types for detailed descriptions. This attribute is used with\n fleets where ComputeType is \"EC2\".
The Amazon EC2 instance type that the fleet uses. Instance type determines the computing\n resources of each instance in the fleet, including CPU, memory, storage, and networking\n capacity. See Amazon Elastic Compute Cloud Instance\n Types for detailed descriptions. This attribute is used with fleets where\n ComputeType is EC2.
The type of game session protection to set on all new instances that are started in\n the fleet. This attribute is used with\n fleets where ComputeType is \"EC2\".
\n NoProtection -- The game session can be\n terminated during a scale-down event.
\n\n FullProtection -- If the game session is in an\n ACTIVE status, it cannot be terminated during a scale-down\n event.
The type of game session protection to set on all new instances that are started in\n the fleet. This attribute is used with fleets where ComputeType is\n EC2.
\n NoProtection -- The game session can be\n terminated during a scale-down event.
\n\n FullProtection -- If the game session is in an\n ACTIVE status, it cannot be terminated during a scale-down\n event.
The operating system of the fleet's computing resources. A fleet's operating system is\n determined by the OS of the build or script that is deployed on this fleet.\n This attribute is used with\n fleets where ComputeType is \"EC2\".
Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the Amazon Linux 2 FAQs.\n For game servers that are hosted on AL2 and use Amazon GameLift server SDK 4.x,\n first update the game server build to server SDK 5.x, and then deploy to AL2023\n instances. See \n Migrate to Amazon GameLift server SDK version 5.\n
\nThe operating system of the fleet's computing resources. A fleet's operating system is\n determined by the OS of the build or script that is deployed on this fleet. This\n attribute is used with fleets where ComputeType is\n EC2.
Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in \n the Amazon Linux 2 FAQs. \n For game servers\n that are hosted on AL2 and use Amazon GameLift server SDK 4.x., first update the\n game server build to server SDK 5.x, and then deploy to AL2023 instances. See\n \n Migrate to Amazon GameLift server SDK version 5.\n
\nName of a metric group that metrics for this fleet are added to. In Amazon CloudWatch,\n you can view aggregated metrics for fleets that are in a metric group. A fleet can be\n included in only one metric group at a time. This attribute is used with\n fleets where ComputeType is \"EC2\".
Name of a metric group that metrics for this fleet are added to. In Amazon CloudWatch,\n you can view aggregated metrics for fleets that are in a metric group. A fleet can be\n included in only one metric group at a time. This attribute is used with fleets where\n ComputeType is EC2.
A list of fleet activity that has been suspended using StopFleetActions. \n This includes fleet auto-scaling. This attribute is used with\n fleets where ComputeType is \"EC2\".
A list of fleet activity that has been suspended using StopFleetActions. This includes fleet auto-scaling. This attribute is used\n with fleets where ComputeType is EC2.
A unique identifier for an IAM role that manages access to your Amazon Web Services services. \n With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, \n including install scripts, server processes, and daemons (background processes). Create a role or look up a role's \n ARN by using the IAM dashboard in the Amazon Web Services Management Console.\n Learn more about using on-box credentials for your game servers at \n \n Access external resources from a game server. This attribute is used with\n fleets where ComputeType is \"EC2\".
A unique identifier for an IAM role that manages access to your Amazon Web Services services. \n With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, \n including install scripts, server processes, and daemons (background processes). Create a role or look up a role's \n ARN by using the IAM dashboard in the Amazon Web Services Management Console.\n Learn more about using on-box credentials for your game servers at \n \n Access external resources from a game server. This attribute is used with fleets where ComputeType is\n EC2.
Amazon GameLift Anywhere configuration options.
" + "smithy.api#documentation": "A set of attributes that are specific to an Anywhere fleet.
" } }, "InstanceRoleCredentialsProvider": { "target": "com.amazonaws.gamelift#InstanceRoleCredentialsProvider", "traits": { - "smithy.api#documentation": "Indicates that fleet instances maintain a shared credentials file for the IAM role\n defined in InstanceRoleArn. Shared credentials allow applications that are\n deployed with the game server executable to communicate with other Amazon Web Services resources. This property is used \n only when the game server is integrated with the\n server SDK version 5.x. For more information about using shared credentials, see Communicate\n with other Amazon Web Services resources from your fleets.\n This attribute is used with\n fleets where ComputeType is \"EC2\".
Indicates that fleet instances maintain a shared credentials file for the IAM role defined in InstanceRoleArn. Shared credentials allow\n applications that are deployed with the game server executable to communicate with other\n Amazon Web Services resources. This property is used only when the game server is integrated with the\n server SDK version 5.x. For more information about using shared credentials, see Communicate\n with other Amazon Web Services resources from your fleets. This attribute is used with\n fleets where ComputeType is EC2.
Describes an Amazon GameLift fleet of game hosting resources. Attributes differ based on\n the fleet's compute type, as follows:
\nEC2 fleet attributes identify a Build resource (for fleets with \n customer game server builds) or a Script resource (for Realtime Servers fleets).
Amazon GameLift Anywhere fleets have an abbreviated set of attributes, because most fleet configurations\n are set directly on the fleet's computes. Attributes include fleet identifiers and descriptive\n properties, creation/termination time, and fleet status.
\n\n Returned by:\n DescribeFleetAttributes\n
" + "smithy.api#documentation": "Describes an Amazon GameLift fleet of game hosting resources. Attributes differ based on\n the fleet's compute type, as follows:
\nEC2 fleet attributes identify a Build resource (for fleets with \n customer game server builds) or a Script resource (for Realtime Servers fleets).
Amazon GameLift Anywhere fleets have an abbreviated set of attributes, because most fleet configurations\n are set directly on the fleet's computes. Attributes include fleet identifiers and descriptive\n properties, creation/termination time, and fleet status.
\n\n Returned by:\n https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetAttributes\n
" } }, "com.amazonaws.gamelift#FleetAttributesList": { @@ -8877,19 +8877,19 @@ "RollbackGameServerBinaryArn": { "target": "com.amazonaws.gamelift#FleetBinaryArn", "traits": { - "smithy.api#documentation": "The unique identifier for the version of the game server container group definition to\n roll back to if deployment fails.
" + "smithy.api#documentation": "The unique identifier for the version of the game server container group definition to\n roll back to if deployment fails. Amazon GameLift sets this property to the container group definition\n version that the fleet used when it was last active.
" } }, "PerInstanceBinaryArn": { "target": "com.amazonaws.gamelift#FleetBinaryArn", "traits": { - "smithy.api#documentation": "The unique identifier for the version of the per-instance container group definition\n that is being deployed.
" + "smithy.api#documentation": "The unique identifier for the version of the per-instance container group definition\n that is being deployed.
" } }, "RollbackPerInstanceBinaryArn": { "target": "com.amazonaws.gamelift#FleetBinaryArn", "traits": { - "smithy.api#documentation": "The unique identifier for the version of the per-instance container group definition\n to roll back to if deployment fails.
" + "smithy.api#documentation": "The unique identifier for the version of the per-instance container group definition\n to roll back to if deployment fails. Amazon GameLift sets this property to the container group definition\n version that the fleet used when it was last active.
" } }, "DeploymentStatus": { @@ -9431,6 +9431,9 @@ { "target": "com.amazonaws.gamelift#TagResource" }, + { + "target": "com.amazonaws.gamelift#TerminateGameSession" + }, { "target": "com.amazonaws.gamelift#UntagResource" }, @@ -10439,7 +10442,7 @@ } }, "traits": { - "smithy.api#documentation": "This key-value pair can store custom data about a game session.\n For example, you might use a GameProperty to track a game session's map, level of difficulty, or remaining time.\n The difficulty level could be specified like this: {\"Key\": \"difficulty\", \"Value\":\"Novice\"}.\n
\n You can set game properties when creating a game session. You can also modify game properties of an active game session. When searching for game sessions, you can filter on game property keys and values. You can't delete game properties from a game session.\n
\nFor examples of working with game properties, see Create a game session with properties. \n
" + "smithy.api#documentation": "This key-value pair can store custom data about a game session. For example, you might\n use a GameProperty to track a game session's map, level of difficulty, or\n remaining time. The difficulty level could be specified like this: {\"Key\":\n \"difficulty\", \"Value\":\"Novice\"}.
You can set game properties when creating a game session. You can also modify game\n properties of an active game session. When searching for game sessions, you can filter\n on game property keys and values. You can't delete game properties from a game session.
\nFor examples of working with game properties, see Create a game session with properties.
" } }, "com.amazonaws.gamelift#GamePropertyKey": { @@ -10620,7 +10623,7 @@ } }, "traits": { - "smithy.api#documentation": "Describes the game server container in an existing game server container group. A game\n server container identifies a container image with your game server build. A game server\n container is automatically considered essential; if an essential container fails, the entire\n container group restarts.
\nYou can update a container definition and deploy the updates to an existing fleet. When\n creating or updating a game server container group definition, use the property GameServerContainerDefinitionInput.
\n\n Part of:\n ContainerGroupDefinition\n
\n\n Returned by:\n DescribeContainerGroupDefinition, ListContainerGroupDefinitions, UpdateContainerGroupDefinition\n
" + "smithy.api#documentation": "Describes the game server container in an existing game server container group. A game\n server container identifies a container image with your game server build. A game server\n container is automatically considered essential; if an essential container fails, the entire\n container group restarts.
\nYou can update a container definition and deploy the updates to an existing fleet. When\n creating or updating a game server container group definition, use the property \n https://docs.aws.amazon.com/gamelift/latest/apireference/API_GameServerContainerDefinitionInput.
\n\n Part of:\n ContainerGroupDefinition\n
\n\n Returned by:\n DescribeContainerGroupDefinition, \n ListContainerGroupDefinitions, \n UpdateContainerGroupDefinition\n
" } }, "com.amazonaws.gamelift#GameServerContainerDefinitionInput": { @@ -10678,7 +10681,7 @@ } }, "traits": { - "smithy.api#documentation": "Describes the configuration for a container that runs your game server executable. This\n definition includes container configuration, resources, and start instructions. Use this data\n type when creating or updating a game server container group definition. For properties of a\n deployed container, see GameServerContainerDefinition. A game server\n container is automatically considered essential; if an essential container fails, the entire\n container group restarts.
\n\n Use with: \n CreateContainerGroupDefinition, UpdateContainerGroupDefinition\n
" + "smithy.api#documentation": "Describes the configuration for a container that runs your game server executable. This\n definition includes container configuration, resources, and start instructions. Use this data\n type when creating or updating a game server container group definition. For properties of a\n deployed container, see GameServerContainerDefinition. A game server\n container is automatically considered essential; if an essential container fails, the entire\n container group restarts.
\n\n Use with: \n CreateContainerGroupDefinition, \n UpdateContainerGroupDefinition\n
" } }, "com.amazonaws.gamelift#GameServerContainerGroupCounts": { @@ -10710,7 +10713,7 @@ } }, "traits": { - "smithy.api#documentation": "The number and status of game server container groups that are deployed across a container fleet. \n Combine this count with the number of server processes that each game server container group runs \n to learn how many game sessions the fleet is capable of hosting concurrently. For example, if a \n fleet has 50 game server container groups, and the game server container in each group runs 1 game server \n process, then the fleet has the capacity to run host 50 game sessions at a time.
\n\n Returned by:\n DescribeFleetCapacity, DescribeFleetLocationCapacity\n
" + "smithy.api#documentation": "The number and status of game server container groups that are deployed across a container fleet. \n Combine this count with the number of server processes that each game server container group runs \n to learn how many game sessions the fleet is capable of hosting concurrently. For example, if a \n fleet has 50 game server container groups, and the game server container in each group runs 1 game server \n process, then the fleet has the capacity to run host 50 game sessions at a time.
\n\n Returned by:\n https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html, https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html\n
" } }, "com.amazonaws.gamelift#GameServerContainerGroupsPerInstance": { @@ -11700,7 +11703,7 @@ "StatusReason": { "target": "com.amazonaws.gamelift#GameSessionStatusReason", "traits": { - "smithy.api#documentation": "Provides additional information about game session status. INTERRUPTED\n indicates that the game session was hosted on a spot instance that was reclaimed,\n causing the active game session to be terminated.
Provides additional information about game session status.
\n\n INTERRUPTED -- The game session was hosted on an EC2 Spot instance that was\n reclaimed, causing the active game session to be stopped.
\n TRIGGERED_ON_PROCESS_TERMINATE – The game session was stopped by calling\n TerminateGameSession with the termination mode\n TRIGGER_ON_PROCESS_TERMINATE.
\n FORCE_TERMINATED – The game session was stopped by calling\n TerminateGameSession with the termination mode\n FORCE_TERMINATE.
Indicates whether or not the game session is accepting new players.
" + "smithy.api#documentation": "Indicates whether the game session is accepting new players.
" } }, "CreatorId": { @@ -11900,7 +11903,7 @@ "Status": { "target": "com.amazonaws.gamelift#GameSessionPlacementState", "traits": { - "smithy.api#documentation": "Current status of the game session placement request.
\n\n PENDING -- The placement request is \n in the queue waiting to be processed. Game session properties are not\n yet final.
\n\n FULFILLED -- A new game session has been \n successfully placed. Game session properties are now final.
\n\n CANCELLED -- The placement request was\n canceled.
\n\n TIMED_OUT -- A new game session was not\n successfully created before the time limit expired. You can resubmit as a new\n placement request as needed.
\n\n FAILED -- Amazon GameLift is not able to complete the\n process of placing the game session. Common reasons are the game session\n terminated before the placement process was completed, or an unexpected internal\n error.
\nCurrent status of the game session placement request.
\n\n PENDING -- The placement request is \n in the queue waiting to be processed. Game session properties are not\n yet final.
\n\n FULFILLED -- A new game session has been \n successfully placed. Game session properties are now final.
\n\n CANCELLED -- The placement request was\n canceled.
\n\n TIMED_OUT -- A new game session was not\n successfully created before the time limit expired. You can resubmit the\n placement request as needed.
\n\n FAILED -- Amazon GameLift is not able to complete the\n process of placing the game session. Common reasons are the game session\n terminated before the placement process was completed, or an unexpected internal\n error.
\nRepresents a potential game session placement, including the full details of the\n original placement request and the current status.
\nIf the game session placement status is PENDING, the properties for game\n session ID/ARN, region, IP address/DNS, and port aren't final. A game session is not\n active and ready to accept players until placement status reaches\n FULFILLED. When the placement is in PENDING status,\n Amazon GameLift may attempt to place a game session multiple times before succeeding. With\n each attempt it creates a GameSession object and updates this\n placement object with the new game session properties..
Represents a potential game session placement, including the full details of the\n original placement request and the current status.
\nIf the game session placement status is PENDING, the properties for game\n session ID/ARN, region, IP address/DNS, and port aren't final. A game session is not\n active and ready to accept players until placement status reaches\n FULFILLED. When the placement is in PENDING status,\n Amazon GameLift may attempt to place a game session multiple times before succeeding. With\n each attempt it creates a https://docs.aws.amazon.com/gamelift/latest/apireference/API_GameSession object and updates this\n placement object with the new game session properties..
A unique identifier for the compute resource that you want to connect to. For an EC2\n fleet compute, use the instance ID. Use\n ListCompute to retrieve compute identifiers.
", + "smithy.api#documentation": "A unique identifier for the compute resource that you want to connect to. For an EC2\n fleet compute, use the instance ID. Use\n https://docs.aws.amazon.com/gamelift/latest/apireference/API_ListCompute.html to retrieve compute identifiers.
", "smithy.api#required": {} } } @@ -12482,7 +12497,7 @@ } ], "traits": { - "smithy.api#documentation": "Requests authorization to remotely connect to an instance in an Amazon GameLift managed fleet.\n Use this operation to connect to instances with game servers that use Amazon GameLift server SDK\n 4.x or earlier. To connect to instances with game servers that use server SDK 5.x or\n later, call GetComputeAccess.
\nTo request access to an instance, specify IDs for the instance and the fleet it\n belongs to. You can retrieve instance IDs for a fleet by calling DescribeInstances with the fleet ID.
\nIf successful, this operation returns an IP address and credentials. The returned\n credentials match the operating system of the instance, as follows:
\nFor a Windows instance: returns a user name and secret (password) for use with\n a Windows Remote Desktop client.
\nFor a Linux instance: returns a user name and secret (RSA private key) for use\n with an SSH client. You must save the secret to a .pem file. If\n you're using the CLI, see the example Get credentials for a Linux instance for tips on automatically\n saving the secret to a .pem file.
\n Learn more\n
\n\n Remotely connect to\n fleet instances\n
\n\n Debug fleet\n issues\n
\n\n Related actions\n
\n\n All APIs by task\n
" + "smithy.api#documentation": "Requests authorization to remotely connect to an instance in an Amazon GameLift managed fleet.\n Use this operation to connect to instances with game servers that use Amazon GameLift server SDK\n 4.x or earlier. To connect to instances with game servers that use server SDK 5.x or\n later, call https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetComputeAccess.
\nTo request access to an instance, specify IDs for the instance and the fleet it\n belongs to. You can retrieve instance IDs for a fleet by calling DescribeInstances with the fleet ID.
\nIf successful, this operation returns an IP address and credentials. The returned\n credentials match the operating system of the instance, as follows:
\nFor a Windows instance: returns a user name and secret (password) for use with\n a Windows Remote Desktop client.
\nFor a Linux instance: returns a user name and secret (RSA private key) for use\n with an SSH client. You must save the secret to a .pem file. If\n you're using the CLI, see the example Get credentials for a Linux instance for tips on automatically\n saving the secret to a .pem file.
\n Learn more\n
\n\n Remotely connect to\n fleet instances\n
\n\n Debug fleet\n issues\n
\n\n Related actions\n
\n\n All APIs by task\n
" } }, "com.amazonaws.gamelift#GetInstanceAccessInput": { @@ -12668,7 +12683,7 @@ } }, "traits": { - "smithy.api#documentation": "Information and credentials that you can use to remotely connect to an instance in an\n EC2 managed fleet. This data type is returned in response to a call to \n GetInstanceAccess.
" + "smithy.api#documentation": "Information and credentials that you can use to remotely connect to an instance in an\n EC2 managed fleet. This data type is returned in response to a call to \n https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetInstanceAccess.
" } }, "com.amazonaws.gamelift#InstanceCredentials": { @@ -12688,7 +12703,7 @@ } }, "traits": { - "smithy.api#documentation": "A set of credentials that allow remote access to an instance in an EC2 managed fleet.\n These credentials are returned in response to a call to \n GetInstanceAccess, which requests access for instances that are running\n game servers with the Amazon GameLift server SDK version 4.x or earlier.
", + "smithy.api#documentation": "A set of credentials that allow remote access to an instance in an EC2 managed fleet.\n These credentials are returned in response to a call to \n https://docs.aws.amazon.com/gamelift/latest/apireference/API_GetInstanceAccess, which requests access for instances that are running\n game servers with the Amazon GameLift server SDK version 4.x or earlier.
", "smithy.api#sensitive": {} } }, @@ -12881,7 +12896,7 @@ } }, "traits": { - "smithy.api#documentation": "A range of IP addresses and port settings that allow inbound traffic to connect to\n processes on an instance in a fleet. Processes are assigned an IP address/port number\n combination, which must fall into the fleet's allowed ranges. For managed container fleets, the\n port settings must use the same port numbers as the fleet's connection ports.
\nFor Realtime Servers fleets, Amazon GameLift automatically opens two port ranges, one for TCP messaging\n and one for UDP.
" + "smithy.api#documentation": "A range of IP addresses and port settings that allow inbound traffic to connect to\n processes on an instance in a fleet. Processes are assigned an IP address/port number\n combination, which must fall into the fleet's allowed ranges.\n
\nFor Realtime Servers fleets, Amazon GameLift automatically opens two port ranges, one for TCP messaging\n and one for UDP.
" } }, "com.amazonaws.gamelift#IpPermissionsList": { @@ -13503,7 +13518,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves container group definitions for the Amazon Web Services account and Amazon Web Services Region. Use the pagination parameters to retrieve results in a set of sequential\n pages.
\nThis operation returns only the latest version of each definition. To retrieve all\n versions of a container group definition, use ListContainerGroupDefinitionVersions.
\n\n Request options:\n
\nRetrieve the most recent versions of all container group definitions.
\nRetrieve the most recent versions of all container group definitions, filtered by\n type. Specify the container group type to filter on.
\n\n Results:\n
\nIf successful, this operation returns the complete properties of a set of container group\n definition versions that match the request.
\nThis operation returns the list of container group definitions in no particular order.
\n\n Learn more\n
\nRetrieves container group definitions for the Amazon Web Services account and Amazon Web Services Region. Use the pagination parameters to retrieve results in a set of sequential\n pages.
\nThis operation returns only the latest version of each definition. To retrieve all\n versions of a container group definition, use ListContainerGroupDefinitionVersions.
\n\n Request options:\n
\nRetrieve the most recent versions of all container group definitions.
\nRetrieve the most recent versions of all container group definitions, filtered by\n type. Specify the container group type to filter on.
\n\n Results:\n
\nIf successful, this operation returns the complete properties of a set of container group\n definition versions that match the request.
\nThis operation returns the list of container group definitions in no particular order.
\nRetrieves a collection of container fleet deployments in an Amazon Web Services Region.
\n\n Request options\n
\nGet a list of all deployments. Call this operation without specifying a fleet ID.
\nGet a list of all deployments for a fleet. Specify the container fleet ID or ARN value.
\nTo get a list of all Realtime Servers fleets with a specific configuration script,\n provide the script ID.
\nUse the pagination parameters to retrieve results as a set of sequential pages.
\n\n Results\n
\nIf successful, this operation returns a list of deployments that match the request\n parameters. A NextToken value is also returned if there are more result pages to\n retrieve.
\nFleet IDs are returned in no particular order.
\nRetrieves a collection of container fleet deployments in an Amazon Web Services Region. Use the\n pagination parameters to retrieve results as a set of sequential pages.
\n\n Request options\n
\nGet a list of all deployments. Call this operation without specifying a fleet ID.
\nGet a list of all deployments for a fleet. Specify the container fleet ID or ARN value.
\n\n Results\n
\nIf successful, this operation returns a list of deployments that match the request\n parameters. A NextToken value is also returned if there are more result pages to\n retrieve.
\nDeployments are returned starting with the latest.
\nProperties of a custom location for use in an Amazon GameLift Anywhere fleet. This data type is returned in response to a call to CreateLocation.
" + "smithy.api#documentation": "Properties of a custom location for use in an Amazon GameLift Anywhere fleet. This data type is returned in response to a call to https://docs.aws.amazon.com/gamelift/latest/apireference/API_CreateLocation.
" } }, "com.amazonaws.gamelift#LocationModelList": { @@ -16104,7 +16119,7 @@ "MaxConcurrentGameSessionActivations": { "target": "com.amazonaws.gamelift#MaxConcurrentGameSessionActivations", "traits": { - "smithy.api#documentation": "The number of game sessions in status ACTIVATING to allow on an instance.\n This setting limits the instance resources that can be used for new game activations at\n any one time.
The number of game sessions in status ACTIVATING to allow on an\n instance or compute. This setting limits the instance resources that can be\n used for new game activations at any one time.
Retrieves all active game sessions that match a set of search criteria and sorts them\n into a specified order.
\nThis operation is not designed to continually track game session status because that practice can cause you to exceed your API limit and generate errors. Instead, configure an Amazon Simple Notification Service (Amazon SNS) topic to receive notifications from a matchmaker or a game session placement queue.
\nWhen searching for game sessions, you specify exactly where you want to search and\n provide a search filter expression, a sort expression, or both. A search request can\n search only one fleet, but it can search all of a fleet's locations.
\nThis operation can be used in the following ways:
\nTo search all game sessions that are currently running on all locations in a\n fleet, provide a fleet or alias ID. This approach returns game sessions in the\n fleet's home Region and all remote locations that fit the search\n criteria.
\nTo search all game sessions that are currently running on a specific fleet\n location, provide a fleet or alias ID and a location name. For location, you can\n specify a fleet's home Region or any remote location.
\nUse the pagination parameters to retrieve results as a set of sequential pages.
\nIf successful, a GameSession object is returned for each game session\n that matches the request. Search finds game sessions that are in ACTIVE\n status only. To retrieve information on game sessions in other statuses, use DescribeGameSessions .
To set search and sort criteria, create a filter expression using the following game session attributes. For game session search examples, see the Examples section of this topic.
\n\n gameSessionId -- A unique identifier for the game session. You can use either a\n GameSessionId or GameSessionArn value.
\n gameSessionName -- Name assigned to a game\n session. Game session names do not need to be unique to a game session.
\n\n gameSessionProperties -- A set of key-value pairs that can store custom data in a game session.\n For example: {\"Key\": \"difficulty\", \"Value\": \"novice\"}.\n The filter expression must specify the GameProperty -- a Key and a string Value to search for the game sessions.
For example, to search for the above key-value pair, specify the following search filter: gameSessionProperties.difficulty = \"novice\".\n All game property values are searched as strings.
\n For examples of searching game sessions, see the ones below, and also see Search game sessions by game property.\n
\n\n maximumSessions -- Maximum number of player\n sessions allowed for a game session.
\n\n creationTimeMillis -- Value indicating when a\n game session was created. It is expressed in Unix time as milliseconds.
\n\n playerSessionCount -- Number of players\n currently connected to a game session. This value changes rapidly as players\n join the session or drop out.
\n\n hasAvailablePlayerSessions -- Boolean value\n indicating whether a game session has reached its maximum number of players. It\n is highly recommended that all search requests include this filter attribute to\n optimize search performance and return only sessions that players can join.\n
\nReturned values for playerSessionCount and\n hasAvailablePlayerSessions change quickly as players join sessions\n and others drop out. Results should be considered a snapshot in time. Be sure to\n refresh search results often, and handle sessions that fill up before a player can\n join.
\n All APIs by task\n
", + "smithy.api#documentation": "Retrieves all active game sessions that match a set of search criteria and sorts them\n into a specified order.
\nThis operation is not designed to continually track game session status because that practice can cause you to exceed your API limit and generate errors. Instead, configure an Amazon Simple Notification Service (Amazon SNS) topic to receive notifications from a matchmaker or a game session placement queue.
\nWhen searching for game sessions, you specify exactly where you want to search and\n provide a search filter expression, a sort expression, or both. A search request can\n search only one fleet, but it can search all of a fleet's locations.
\nThis operation can be used in the following ways:
\nTo search all game sessions that are currently running on all locations in a\n fleet, provide a fleet or alias ID. This approach returns game sessions in the\n fleet's home Region and all remote locations that fit the search\n criteria.
\nTo search all game sessions that are currently running on a specific fleet\n location, provide a fleet or alias ID and a location name. For location, you can\n specify a fleet's home Region or any remote location.
\nUse the pagination parameters to retrieve results as a set of sequential pages.
\nIf successful, a GameSession object is returned for each game session\n that matches the request. Search finds game sessions that are in ACTIVE\n status only. To retrieve information on game sessions in other statuses, use DescribeGameSessions.
To set search and sort criteria, create a filter expression using the following game session attributes. For game session search examples, see the Examples section of this topic.
\n\n gameSessionId -- A unique identifier for the game session. You can use either a\n GameSessionId or GameSessionArn value.
\n gameSessionName -- Name assigned to a game\n session. Game session names do not need to be unique to a game session.
\n\n gameSessionProperties -- A set of key-value pairs that can store custom data in a game session.\n For example: {\"Key\": \"difficulty\", \"Value\": \"novice\"}.\n The filter expression must specify the https://docs.aws.amazon.com/gamelift/latest/apireference/API_GameProperty -- a Key and a string Value to search for the game sessions.
For example, to search for the above key-value pair, specify the following search filter: gameSessionProperties.difficulty = \"novice\".\n All game property values are searched as strings.
\n For examples of searching game sessions, see the ones below, and also see Search game sessions by game property.\n
\n\n maximumSessions -- Maximum number of player\n sessions allowed for a game session.
\n\n creationTimeMillis -- Value indicating when a\n game session was created. It is expressed in Unix time as milliseconds.
\n\n playerSessionCount -- Number of players\n currently connected to a game session. This value changes rapidly as players\n join the session or drop out.
\n\n hasAvailablePlayerSessions -- Boolean value\n indicating whether a game session has reached its maximum number of players. It\n is highly recommended that all search requests include this filter attribute to\n optimize search performance and return only sessions that players can join.\n
\nReturned values for playerSessionCount and\n hasAvailablePlayerSessions change quickly as players join sessions\n and others drop out. Results should be considered a snapshot in time. Be sure to\n refresh search results often, and handle sessions that fill up before a player can\n join.
\n All APIs by task\n
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -16697,7 +16712,7 @@ } ], "traits": { - "smithy.api#documentation": "Places a request for a new game session in a queue. When processing a placement\n request, Amazon GameLift searches for available resources on the queue's destinations, scanning\n each until it finds resources or the placement request times out.
\nA game session placement request can also request player sessions. When a new game\n session is successfully created, Amazon GameLift creates a player session for each player\n included in the request.
\nWhen placing a game session, by default Amazon GameLift tries each fleet in the order they are\n listed in the queue configuration. Ideally, a queue's destinations are listed in\n preference order.
\nAlternatively, when requesting a game session with players, you can also provide\n latency data for each player in relevant Regions. Latency data indicates the performance\n lag a player experiences when connected to a fleet in the Region. Amazon GameLift uses latency\n data to reorder the list of destinations to place the game session in a Region with\n minimal lag. If latency data is provided for multiple players, Amazon GameLift calculates each\n Region's average lag for all players and reorders to get the best game play across all\n players.
\nTo place a new game session request, specify the following:
\nThe queue name and a set of game session properties and settings
\nA unique ID (such as a UUID) for the placement. You use this ID to track the\n status of the placement request
\n(Optional) A set of player data and a unique player ID for each player that\n you are joining to the new game session (player data is optional, but if you\n include it, you must also provide a unique ID for each player)
\nLatency data for all players (if you want to optimize game play for the\n players)
\nIf successful, a new game session placement is created.
\nTo track the status of a placement request, call DescribeGameSessionPlacement and check the request's status. If the status\n is FULFILLED, a new game session has been created and a game session ARN\n and Region are referenced. If the placement request times out, submit a new request to the same\n queue or a different queue.
Places a request for a new game session in a queue. When processing a placement\n request, Amazon GameLift searches for available resources on the queue's destinations, scanning\n each until it finds resources or the placement request times out.
\nA game session placement request can also request player sessions. When a new game\n session is successfully created, Amazon GameLift creates a player session for each player\n included in the request.
\nWhen placing a game session, by default Amazon GameLift tries each fleet in the order they are\n listed in the queue configuration. Ideally, a queue's destinations are listed in\n preference order.
\nAlternatively, when requesting a game session with players, you can also provide\n latency data for each player in relevant Regions. Latency data indicates the performance\n lag a player experiences when connected to a fleet in the Region. Amazon GameLift uses latency\n data to reorder the list of destinations to place the game session in a Region with\n minimal lag. If latency data is provided for multiple players, Amazon GameLift calculates each\n Region's average lag for all players and reorders to get the best game play across all\n players.
\nTo place a new game session request, specify the following:
\nThe queue name and a set of game session properties and settings
\nA unique ID (such as a UUID) for the placement. You use this ID to track the\n status of the placement request
\n(Optional) A set of player data and a unique player ID for each player that\n you are joining to the new game session (player data is optional, but if you\n include it, you must also provide a unique ID for each player)
\nLatency data for all players (if you want to optimize game play for the\n players)
\nIf successful, a new game session placement is created.
\nTo track the status of a placement request, call DescribeGameSessionPlacement and check the request's status. If the status\n is FULFILLED, a new game session has been created and a game session ARN\n and Region are referenced. If the placement request times out, you can resubmit the\n request or retry it with a different queue.
The amount of memory that Amazon GameLift makes available to the container. If memory limits\n aren't set for an individual container, the container shares the container group's total\n memory allocation.
\n\n Related data type: \n ContainerGroupDefinition$TotalMemoryLimitMebibytes\n
" + "smithy.api#documentation": "The amount of memory that Amazon GameLift makes available to the container. If memory limits\n aren't set for an individual container, the container shares the container group's total\n memory allocation.
\n\n Related data type: \n ContainerGroupDefinition TotalMemoryLimitMebibytes\n
" } }, "PortConfiguration": { @@ -17181,12 +17196,12 @@ "Vcpu": { "target": "com.amazonaws.gamelift#ContainerVcpu", "traits": { - "smithy.api#documentation": "The number of vCPU units that are reserved for the container. If no resources are\n reserved, the container shares the total vCPU limit for the container group.
\n\n Related data type: \n ContainerGroupDefinition$TotalVcpuLimit\n
" + "smithy.api#documentation": "The number of vCPU units that are reserved for the container. If no resources are\n reserved, the container shares the total vCPU limit for the container group.
\n\n Related data type: \n ContainerGroupDefinition TotalVcpuLimit\n
" } } }, "traits": { - "smithy.api#documentation": "Describes a support container in a container group. A support container might be in a game\n server container group or a per-instance container group. Support containers don't run game\n server processes.
\nYou can update a support container definition and deploy the updates to an existing fleet.\n When creating or updating a game server container group definition, use the property GameServerContainerDefinitionInput.
\n\n Part of:\n ContainerGroupDefinition\n
\n\n Returned by:\n DescribeContainerGroupDefinition, ListContainerGroupDefinitions, UpdateContainerGroupDefinition\n
" + "smithy.api#documentation": "Describes a support container in a container group. A support container might be in a game\n server container group or a per-instance container group. Support containers don't run game\n server processes.
\nYou can update a support container definition and deploy the updates to an existing fleet.\n When creating or updating a game server container group definition, use the property \n GameServerContainerDefinitionInput.
\n\n Part of:\n ContainerGroupDefinition\n
\n\n Returned by:\n DescribeContainerGroupDefinition, \n ListContainerGroupDefinitions, \n UpdateContainerGroupDefinition\n
" } }, "com.amazonaws.gamelift#SupportContainerDefinitionInput": { @@ -17241,7 +17256,7 @@ "MemoryHardLimitMebibytes": { "target": "com.amazonaws.gamelift#ContainerMemoryLimit", "traits": { - "smithy.api#documentation": "A specified amount of memory (in MiB) to reserve for this container. If you don't specify\n a container-specific memory limit, the container shares the container group's total memory\n allocation.
\n\n Related data type: \n ContainerGroupDefinition TotalMemoryLimitMebibytes\n
A specified amount of memory (in MiB) to reserve for this container. If you don't specify\n a container-specific memory limit, the container shares the container group's total memory\n allocation.
\n\n Related data type: \n ContainerGroupDefinitionTotalMemoryLimitMebibytes\n
The number of vCPU units to reserve for this container. The container can use more\n resources when needed, if available. If you don't reserve CPU units for this container, it\n shares the container group's total vCPU limit.
\n\n Related data type: \n ContainerGroupDefinition TotalCpuLimit\n
" + "smithy.api#documentation": "The number of vCPU units to reserve for this container. The container can use more\n resources when needed, if available. If you don't reserve CPU units for this container, it\n shares the container group's total vCPU limit.
\n\n Related data type: \n ContainerGroupDefinition TotalCpuLimit\n
" } } }, "traits": { - "smithy.api#documentation": "Describes a support container in a container group. You can define a support container in\n either a game server container group or a per-instance container group. Support containers\n don't run game server processes.
\nThis definition includes container configuration, resources, and start instructions. Use\n this data type when creating or updating a container group definition. For properties of a\n deployed support container, see SupportContainerDefinition.
\n\n Use with: \n CreateContainerGroupDefinition, UpdateContainerGroupDefinition\n
" + "smithy.api#documentation": "Describes a support container in a container group. You can define a support container in\n either a game server container group or a per-instance container group. Support containers\n don't run game server processes.
\nThis definition includes container configuration, resources, and start instructions. Use\n this data type when creating or updating a container group definition. For properties of a\n deployed support container, see SupportContainerDefinition.
\n\n Use with: \n CreateContainerGroupDefinition, \n UpdateContainerGroupDefinition\n
" } }, "com.amazonaws.gamelift#SupportContainerDefinitionInputList": { @@ -17531,6 +17546,90 @@ "smithy.api#error": "client" } }, + "com.amazonaws.gamelift#TerminateGameSession": { + "type": "operation", + "input": { + "target": "com.amazonaws.gamelift#TerminateGameSessionInput" + }, + "output": { + "target": "com.amazonaws.gamelift#TerminateGameSessionOutput" + }, + "errors": [ + { + "target": "com.amazonaws.gamelift#InternalServiceException" + }, + { + "target": "com.amazonaws.gamelift#InvalidGameSessionStatusException" + }, + { + "target": "com.amazonaws.gamelift#InvalidRequestException" + }, + { + "target": "com.amazonaws.gamelift#NotFoundException" + }, + { + "target": "com.amazonaws.gamelift#NotReadyException" + }, + { + "target": "com.amazonaws.gamelift#UnauthorizedException" + } + ], + "traits": { + "smithy.api#documentation": "Ends a game session that's currently in progress. You can use this action to terminate\n any game session that isn't in TERMINATED or TERMINATING\n status. Terminating a game session is the most efficient way to free up a server process\n when it's hosting a game session that's in a bad state or not ending naturally. You can\n use this action to terminate a game session that's being hosted on any type of Amazon GameLift\n fleet compute, including computes for managed EC2, managed container, and Anywhere\n fleets.
There are two potential methods for terminating a game session:
\nWith a graceful termination, the Amazon GameLift service prompts the server process to initiate its\n normal game session shutdown sequence. This sequence is implemented in the game\n server code and might involve a variety of actions to gracefully end a game\n session, such as notifying players, and stop the server process.
\nWith a forceful termination, the Amazon GameLift service takes immediate action to terminate the game\n session by stopping the server process. Termination occurs without the normal\n game session shutdown sequence.
\n\n Request options\n
\nRequest termination for a single game session. Provide the game session ID and\n the termination method.
\n\n Results\n
\nIf successful, game session termination is initiated, which includes changing the game\n session status to TERMINATING. As a result of this action, and depending on\n the implementation of OnProcessTerminate(), the server process either\n becomes available to host a new game session, or it's recycled and a new server process\n started with availability to host a game session. The game session status is changed to\n TERMINATED, with a status reason that indicates the termination method\n used.
A unique identifier for the game session to be terminated. A game session ARN has the following format: \n arn:aws:gamelift:.
The method to use to terminate the game session. Available methods include:
\n\n TRIGGER_ON_PROCESS_TERMINATE – Sends an\n OnProcessTerminate() callback to the server process to initiate\n the normal game session shutdown sequence. At a minimum, the callback method\n must include a call to the server SDK action ProcessEnding(), which\n is how the server process signals that a game session is ending. If the server\n process doesn't call ProcessEnding(), this termination method won't\n be successful.
\n FORCE_TERMINATE – Takes action to stop the server process, using\n existing methods to control how server processes run on an Amazon GameLift managed\n compute.
This method is not available for game sessions that are running on\n Anywhere fleets unless the fleet is deployed with the Amazon GameLift Agent. In this\n scenario, a force terminate request results in an invalid or bad request\n exception.
\nUpdates the properties of a managed container fleet. Depending on the properties being\n updated, this operation might initiate a fleet deployment. You can track deployments for\n a fleet using DescribeFleetDeployment.
\n\n Request options\n
\nAs with CreateContainerFleet, many fleet properties use common defaults or are\n calculated based on the fleet's container group definitions.
\nUpdate fleet properties that result in a fleet deployment. Include only those\n properties that you want to change. Specify deployment configuration\n settings.
\nUpdate fleet properties that don't result in a fleet deployment. Include only\n those properties that you want to change.
\nChanges to the following properties initiate a fleet deployment:
\n\n GameServerContainerGroupDefinition\n
\n PerInstanceContainerGroupDefinition\n
\n GameServerContainerGroupsPerInstance\n
\n InstanceInboundPermissions\n
\n InstanceConnectionPortRange\n
\n LogConfiguration\n
\n Results\n
\nIf successful, this operation updates the container fleet resource, and might initiate\n a new deployment of fleet resources using the deployment configuration provided. A\n deployment replaces existing fleet instances with new instances that are deployed with\n the updated fleet properties. The fleet is placed in UPDATING status until\n the deployment is complete, then return to ACTIVE.
You can have only one update deployment active at a time for a fleet. If a second\n update request initiates a deployment while another deployment is in progress, the first\n deployment is cancelled.
" + "smithy.api#documentation": "Updates the properties of a managed container fleet. Depending on the properties being\n updated, this operation might initiate a fleet deployment. You can track deployments for\n a fleet using https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetDeployment.html.
\n\n Request options\n
\nAs with CreateContainerFleet, many fleet properties use common defaults or are\n calculated based on the fleet's container group definitions.
\nUpdate fleet properties that result in a fleet deployment. Include only those\n properties that you want to change. Specify deployment configuration\n settings.
\nUpdate fleet properties that don't result in a fleet deployment. Include only\n those properties that you want to change.
\nChanges to the following properties initiate a fleet deployment:
\n\n GameServerContainerGroupDefinition\n
\n PerInstanceContainerGroupDefinition\n
\n GameServerContainerGroupsPerInstance\n
\n InstanceInboundPermissions\n
\n InstanceConnectionPortRange\n
\n LogConfiguration\n
\n Results\n
\nIf successful, this operation updates the container fleet resource, and might initiate\n a new deployment of fleet resources using the deployment configuration provided. A\n deployment replaces existing fleet instances with new instances that are deployed with\n the updated fleet properties. The fleet is placed in UPDATING status until\n the deployment is complete, then return to ACTIVE.
You can have only one update deployment active at a time for a fleet. If a second\n update request initiates a deployment while another deployment is in progress, the first\n deployment is cancelled.
" } }, "com.amazonaws.gamelift#UpdateContainerFleetInput": { @@ -17809,13 +17908,13 @@ "GameServerContainerGroupDefinitionName": { "target": "com.amazonaws.gamelift#ContainerGroupDefinitionNameOrArn", "traits": { - "smithy.api#documentation": "The name or ARN value of a new game server container group definition to deploy on the\n fleet. If you're updating the fleet to a specific version of a container group\n definition, use the ARN value and include the version number. If you're updating the\n fleet to the latest version of a container group definition, you can use the name value.\n You can't remove a fleet's game server container group definition, you can only update\n or replace it with another definition.
\nUpdate a container group definition by calling UpdateContainerGroupDefinition. This operation creates a ContainerGroupDefinition resource with an incremented version.
" + "smithy.api#documentation": "The name or ARN value of a new game server container group definition to deploy on the\n fleet. If you're updating the fleet to a specific version of a container group\n definition, use the ARN value and include the version number. If you're updating the\n fleet to the latest version of a container group definition, you can use the name value.\n You can't remove a fleet's game server container group definition, you can only update\n or replace it with another definition.
\nUpdate a container group definition by calling \n UpdateContainerGroupDefinition. \n This operation creates a \n ContainerGroupDefinition \n resource with an incremented version.
" } }, "PerInstanceContainerGroupDefinitionName": { "target": "com.amazonaws.gamelift#ContainerGroupDefinitionNameOrArn", "traits": { - "smithy.api#documentation": "The name or ARN value of a new per-instance container group definition to deploy on\n the fleet. If you're updating the fleet to a specific version of a container group\n definition, use the ARN value and include the version number. If you're updating the\n fleet to the latest version of a container group definition, you can use the name\n value.
\nUpdate a container group definition by calling UpdateContainerGroupDefinition. This operation creates a ContainerGroupDefinition resource with an incremented version.
\nTo remove a fleet's per-instance container group definition, leave this parameter empty\n and use the parameter RemoveAttributes.
The name or ARN value of a new per-instance container group definition to deploy on\n the fleet. If you're updating the fleet to a specific version of a container group\n definition, use the ARN value and include the version number. If you're updating the\n fleet to the latest version of a container group definition, you can use the name\n value.
\nUpdate a container group definition by calling \n UpdateContainerGroupDefinition. \n This operation creates a \n ContainerGroupDefinition \n resource with an incremented version.
\nTo remove a fleet's per-instance container group definition, leave this parameter empty\n and use the parameter RemoveAttributes.
Updates properties in an existing container group definition. This operation doesn't\n replace the definition. Instead, it creates a new version of the definition and saves it\n separately. You can access all versions that you choose to retain.
\nThe only property you can't update is the container group type.
\n\n Request options:\n
\nUpdate based on the latest version of the container group definition. Specify the\n container group definition name only, or use an ARN value without a version number.\n Provide updated values for the properties that you want to change only. All other values\n remain the same as the latest version.
\nUpdate based on a specific version of the container group definition. Specify the\n container group definition name and a source version number, or use an ARN value with a\n version number. Provide updated values for the properties that you want to change only.\n All other values remain the same as the source version.
\nChange a game server container definition. Provide the updated container\n definition.
\nAdd or change a support container definition. Provide a complete set of container\n definitions, including the updated definition.
\nRemove a support container definition. Provide a complete set of container\n definitions, excluding the definition to remove. If the container group has only one\n support container definition, provide an empty set.
\n\n Results:\n
\nIf successful, this operation returns the complete properties of the new container group\n definition version.
\nIf the container group definition version is used in an active fleets, the update\n automatically initiates a new fleet deployment of the new version. You can track a fleet's \n deployments using ListFleetDeployments.
" + "smithy.api#documentation": "Updates properties in an existing container group definition. This operation doesn't\n replace the definition. Instead, it creates a new version of the definition and saves it\n separately. You can access all versions that you choose to retain.
\nThe only property you can't update is the container group type.
\n\n Request options:\n
\nUpdate based on the latest version of the container group definition. Specify the\n container group definition name only, or use an ARN value without a version number.\n Provide updated values for the properties that you want to change only. All other values\n remain the same as the latest version.
\nUpdate based on a specific version of the container group definition. Specify the\n container group definition name and a source version number, or use an ARN value with a\n version number. Provide updated values for the properties that you want to change only.\n All other values remain the same as the source version.
\nChange a game server container definition. Provide the updated container\n definition.
\nAdd or change a support container definition. Provide a complete set of container\n definitions, including the updated definition.
\nRemove a support container definition. Provide a complete set of container\n definitions, excluding the definition to remove. If the container group has only one\n support container definition, provide an empty set.
\n\n Results:\n
\nIf successful, this operation returns the complete properties of the new container group\n definition version.
\nIf the container group definition version is used in an active fleets, the update\n automatically initiates a new fleet deployment of the new version. You can track a fleet's \n deployments using ListFleetDeployments.
" } }, "com.amazonaws.gamelift#UpdateContainerGroupDefinitionInput": { @@ -18068,7 +18167,7 @@ "NewGameSessionProtectionPolicy": { "target": "com.amazonaws.gamelift#ProtectionPolicy", "traits": { - "smithy.api#documentation": "The game session protection policy to apply to all new game sessions created in this\n fleet. Game sessions that already exist are not affected. You can set protection for\n individual game sessions using UpdateGameSession.
\n\n NoProtection -- The game session can be\n terminated during a scale-down event.
\n\n FullProtection -- If the game session is in an\n ACTIVE status, it cannot be terminated during a scale-down\n event.
The game session protection policy to apply to all new game sessions created in this\n fleet. Game sessions that already exist are not affected. You can set protection for\n individual game sessions using UpdateGameSession .
\n\n NoProtection -- The game session can be\n terminated during a scale-down event.
\n\n FullProtection -- If the game session is in an\n ACTIVE status, it cannot be terminated during a scale-down\n event.
Updates permissions that allow inbound traffic to connect to game sessions in the\n fleet.
\nTo update settings, specify the fleet ID to be updated and specify the changes to be\n made. List the permissions you want to add in\n InboundPermissionAuthorizations, and permissions you want to remove in\n InboundPermissionRevocations. Permissions to be removed must match\n existing fleet permissions.
For a container fleet, inbound permissions must specify port numbers that are defined\n in the fleet's connection port settings.
\nIf successful, the fleet ID for the updated fleet is returned. For fleets with remote\n locations, port setting updates can take time to propagate across all locations. You can\n check the status of updates in each location by calling\n DescribeFleetPortSettings with a location name.
\n Learn more\n
\n\n Setting up Amazon GameLift\n fleets\n
" + "smithy.api#documentation": "Updates permissions that allow inbound traffic to connect to game sessions in the\n fleet.
\nTo update settings, specify the fleet ID to be updated and specify the changes to be\n made. List the permissions you want to add in\n InboundPermissionAuthorizations, and permissions you want to remove in\n InboundPermissionRevocations. Permissions to be removed must match\n existing fleet permissions.
If successful, the fleet ID for the updated fleet is returned. For fleets with remote\n locations, port setting updates can take time to propagate across all locations. You can\n check the status of updates in each location by calling\n DescribeFleetPortSettings with a location name.
\n Learn more\n
\n\n Setting up Amazon GameLift\n fleets\n
" } }, "com.amazonaws.gamelift#UpdateFleetPortSettingsInput": { @@ -18527,7 +18626,7 @@ "ProtectionPolicy": { "target": "com.amazonaws.gamelift#ProtectionPolicy", "traits": { - "smithy.api#documentation": "Game session protection policy to apply to this game session only.
\n\n NoProtection -- The game session can be\n terminated during a scale-down event.
\n\n FullProtection -- If the game session is in an\n ACTIVE status, it cannot be terminated during a scale-down\n event.
Game session protection policy to apply to this game session only.
\n\n NoProtection -- The game session can be terminated during a\n scale-down event.
\n FullProtection -- If the game session is in an\n ACTIVE status, it cannot be terminated during a scale-down\n event.
When specified as true, iterates through the account and returns all catalog resources (including top-level resources and child resources)
" + "smithy.api#documentation": "Whether to list all catalogs across the catalog hierarchy, starting from the ParentCatalogId. Defaults to false . When true, all catalog objects in the ParentCatalogID hierarchy are enumerated in the response.
Whether to list the default catalog in the account and region in the response. Defaults to false. When true and ParentCatalogId = NULL | Amazon Web Services Account ID, all catalogs and the default catalog are enumerated in the response.
When the ParentCatalogId is not equal to null, and this attribute is passed as false or true, an InvalidInputException is thrown.
The JobRun timeout in minutes. This is the maximum time that a job run can\n consume resources before it is terminated and enters TIMEOUT status. This value overrides the timeout value set in the parent job.
Streaming jobs must have timeout values less than 7 days or 10080 minutes. When the value is left blank, the job will be restarted after 7 days based if you have not setup a maintenance window. If you have setup maintenance window, it will be restarted during the maintenance window after 7 days.
" + "smithy.api#documentation": "The JobRun timeout in minutes. This is the maximum time that a job run can\n consume resources before it is terminated and enters TIMEOUT status. This value overrides the timeout value set in the parent job.
Jobs must have timeout values less than 7 days or 10080 minutes. Otherwise, the jobs will throw an exception.
\nWhen the value is left blank, the timeout is defaulted to 2880 minutes.
\nAny existing Glue jobs that had a timeout value greater than 7 days will be defaulted to 7 days. For instance if you have specified a timeout of 20 days for a batch job, it will be stopped on the 7th day.
" } }, "MaxCapacity": { @@ -38513,7 +38519,7 @@ "Timeout": { "target": "com.amazonaws.glue#Timeout", "traits": { - "smithy.api#documentation": "The JobRun timeout in minutes. This is the maximum time that a job run can\n consume resources before it is terminated and enters TIMEOUT status. This value overrides the timeout value set in the parent job.
Streaming jobs must have timeout values less than 7 days or 10080 minutes. When the value is left blank, the job will be restarted after 7 days based if you have not setup a maintenance window. If you have setup maintenance window, it will be restarted during the maintenance window after 7 days.
" + "smithy.api#documentation": "The JobRun timeout in minutes. This is the maximum time that a job run can\n consume resources before it is terminated and enters TIMEOUT status. This value overrides the timeout value set in the parent job.
Jobs must have timeout values less than 7 days or 10080 minutes. Otherwise, the jobs will throw an exception.
\nWhen the value is left blank, the timeout is defaulted to 2880 minutes.
\nAny existing Glue jobs that had a timeout value greater than 7 days will be defaulted to 7 days. For instance if you have specified a timeout of 20 days for a batch job, it will be stopped on the 7th day.
" } }, "MaxCapacity": { diff --git a/codegen/sdk/aws-models/greengrassv2.json b/codegen/sdk/aws-models/greengrassv2.json index 3d4035e32f6..6b03e5a0772 100644 --- a/codegen/sdk/aws-models/greengrassv2.json +++ b/codegen/sdk/aws-models/greengrassv2.json @@ -958,6 +958,24 @@ "traits": { "smithy.api#documentation": "The time at which the core device's status last updated, expressed in ISO 8601\n format.
" } + }, + "platform": { + "target": "com.amazonaws.greengrassv2#CoreDevicePlatformString", + "traits": { + "smithy.api#documentation": "The operating system platform that the core device runs.
" + } + }, + "architecture": { + "target": "com.amazonaws.greengrassv2#CoreDeviceArchitectureString", + "traits": { + "smithy.api#documentation": "The computer architecture of the core device.
" + } + }, + "runtime": { + "target": "com.amazonaws.greengrassv2#CoreDeviceRuntimeString", + "traits": { + "smithy.api#documentation": "The runtime for the core device. The runtime can be:
\n\n aws_nucleus_classic\n
\n aws_nucleus_lite\n
The computer architecture of the core device.
" } }, + "runtime": { + "target": "com.amazonaws.greengrassv2#CoreDeviceRuntimeString", + "traits": { + "smithy.api#documentation": "The runtime for the core device. The runtime can be:
\n\n aws_nucleus_classic\n
\n aws_nucleus_lite\n
Retrieves a paginated list of Greengrass core devices.
\nIoT Greengrass relies on individual devices to send status updates to the Amazon Web Services Cloud. If the\n IoT Greengrass Core software isn't running on the device, or if device isn't connected to the Amazon Web Services Cloud,\n then the reported status of that device might not reflect its current status. The status\n timestamp indicates when the device status was last updated.
\nCore devices send status updates at the following times:
\nWhen the IoT Greengrass Core software starts
\nWhen the core device receives a deployment from the Amazon Web Services Cloud
\nWhen the status of any component on the core device becomes\n BROKEN\n
At a regular interval that you can configure, which defaults to 24 hours
\nFor IoT Greengrass Core v2.7.0, the core device sends status updates upon local deployment and\n cloud deployment
\nRetrieves a paginated list of Greengrass core devices.
\nIoT Greengrass relies on individual devices to send status updates to the Amazon Web Services Cloud. If the\n IoT Greengrass Core software isn't running on the device, or if device isn't connected to the Amazon Web Services Cloud,\n then the reported status of that device might not reflect its current status. The status\n timestamp indicates when the device status was last updated.
\nCore devices send status updates at the following times:
\nWhen the IoT Greengrass Core software starts
\nWhen the core device receives a deployment from the Amazon Web Services Cloud
\nFor Greengrass nucleus 2.12.2 and earlier, the core device sends status updates when the\n status of any component on the core device becomes ERRORED or\n BROKEN.
For Greengrass nucleus 2.12.3 and later, the core device sends status updates when the\n status of any component on the core device becomes ERRORED,\n BROKEN, RUNNING, or FINISHED.
At a regular interval that you can configure, which defaults to 24 hours
\nFor IoT Greengrass Core v2.7.0, the core device sends status updates upon local deployment and\n cloud deployment
\nThe token to be used for the next set of paginated results.
", "smithy.api#httpQuery": "nextToken" } + }, + "runtime": { + "target": "com.amazonaws.greengrassv2#CoreDeviceRuntimeString", + "traits": { + "smithy.api#documentation": "The runtime to be used by the core device. The runtime can be:
\n\n aws_nucleus_classic\n
\n aws_nucleus_lite\n
Indicates the type of build that created this image. The build can be initiated in the\n\t\t\tfollowing ways:
\n\n USER_INITIATED – A manual \n\t\t\t\t\tpipeline build request.
\n\n SCHEDULED – A pipeline build \n\t\t\t\t\tinitiated by a cron expression in the Image Builder pipeline, or from EventBridge.
\n\n IMPORT – A VM import created \n\t\t\t\t\tthe image to use as the base image for the recipe.
\nIndicates the type of build that created this image. The build can be initiated in the\n\t\t\tfollowing ways:
\n\n USER_INITIATED – A manual \n\t\t\t\t\tpipeline build request.
\n\n SCHEDULED – A pipeline build \n\t\t\t\t\tinitiated by a cron expression in the Image Builder pipeline, or from EventBridge.
\n\n IMPORT – A VM import created \n\t\t\t\t\tthe image to use as the base image for the recipe.
\n\n IMPORT_ISO – An ISO disk import created \n\t\t\t\t\tthe image.
\nIndicates the type of build that created this image. The build can be initiated in the\n\t\t\tfollowing ways:
\n\n USER_INITIATED – A manual \n\t\t\t\t\tpipeline build request.
\n\n SCHEDULED – A pipeline build \n\t\t\t\t\tinitiated by a cron expression in the Image Builder pipeline, or from EventBridge.
\n\n IMPORT – A VM import created \n\t\t\t\t\tthe image to use as the base image for the recipe.
\nIndicates the type of build that created this image. The build can be initiated in the\n\t\t\tfollowing ways:
\n\n USER_INITIATED – A manual \n\t\t\t\t\tpipeline build request.
\n\n SCHEDULED – A pipeline build \n\t\t\t\t\tinitiated by a cron expression in the Image Builder pipeline, or from EventBridge.
\n\n IMPORT – A VM import created \n\t\t\t\t\tthe image to use as the base image for the recipe.
\n\n IMPORT_ISO – An ISO disk import created \n\t\t\t\t\tthe image.
\nThe maximum time in minutes that tests are permitted to run.
\nThe timeout attribute is not currently active. This value is\n\t\t\t\tignored.
\nThe maximum time in minutes that tests are permitted to run.
\nThe timeout property is not currently active. This value is\n\t\t\t\tignored.
\nIndicates the type of build that created this image. The build can be initiated in the\n\t\t\tfollowing ways:
\n\n USER_INITIATED – A manual \n\t\t\t\t\tpipeline build request.
\n\n SCHEDULED – A pipeline build \n\t\t\t\t\tinitiated by a cron expression in the Image Builder pipeline, or from EventBridge.
\n\n IMPORT – A VM import created \n\t\t\t\t\tthe image to use as the base image for the recipe.
\nIndicates the type of build that created this image. The build can be initiated in the\n\t\t\tfollowing ways:
\n\n USER_INITIATED – A manual \n\t\t\t\t\tpipeline build request.
\n\n SCHEDULED – A pipeline build \n\t\t\t\t\tinitiated by a cron expression in the Image Builder pipeline, or from EventBridge.
\n\n IMPORT – A VM import created \n\t\t\t\t\tthe image to use as the base image for the recipe.
\n\n IMPORT_ISO – An ISO disk import created \n\t\t\t\t\tthe image.
\nImport a Windows operating system image from a verified Microsoft ISO disk \n\t\t\tfile. The following disk images are supported:
\nWindows 11 Enterprise
\nThe name of the image resource that's created from the import.
", + "smithy.api#required": {} + } + }, + "semanticVersion": { + "target": "com.amazonaws.imagebuilder#VersionNumber", + "traits": { + "smithy.api#documentation": "The semantic version to attach to the image that's created during the import\n\t\t\tprocess. This version follows the semantic version syntax.
", + "smithy.api#required": {} + } + }, + "description": { + "target": "com.amazonaws.imagebuilder#NonEmptyString", + "traits": { + "smithy.api#documentation": "The description for your disk image import.
" + } + }, + "platform": { + "target": "com.amazonaws.imagebuilder#NonEmptyString", + "traits": { + "smithy.api#documentation": "The operating system platform for the imported image. Allowed values include \n\t\t\tthe following: Windows.
The operating system version for the imported image. Allowed values include \n\t\t\tthe following: Microsoft Windows 11.
The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access \n\t\t\tto perform workflow actions to import an image from a Microsoft ISO file.
" + } + }, + "infrastructureConfigurationArn": { + "target": "com.amazonaws.imagebuilder#InfrastructureConfigurationArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the infrastructure configuration resource that's used for \n\t\t\tlaunching the EC2 instance on which the ISO image is built.
", + "smithy.api#required": {} + } + }, + "uri": { + "target": "com.amazonaws.imagebuilder#Uri", + "traits": { + "smithy.api#documentation": "The uri of the ISO disk file that's stored in Amazon S3.
Tags that are attached to image resources created from the import.
" + } + }, + "clientToken": { + "target": "com.amazonaws.imagebuilder#ClientToken", + "traits": { + "smithy.api#documentation": "Unique, case-sensitive identifier you provide to ensure\n idempotency of the request. For more information, see Ensuring idempotency \n in the Amazon EC2 API Reference.
", + "smithy.api#idempotencyToken": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.imagebuilder#ImportDiskImageResponse": { + "type": "structure", + "members": { + "clientToken": { + "target": "com.amazonaws.imagebuilder#ClientToken", + "traits": { + "smithy.api#documentation": "The client token that uniquely identifies the request.
" + } + }, + "imageBuildVersionArn": { + "target": "com.amazonaws.imagebuilder#ImageBuildVersionArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the output AMI that was created from the ISO disk file.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.imagebuilder#ImportVmImage": { "type": "operation", "input": { @@ -11507,7 +11637,7 @@ "pipelineExecutionStartCondition": { "target": "com.amazonaws.imagebuilder#PipelineExecutionStartCondition", "traits": { - "smithy.api#documentation": "The condition configures when the pipeline should trigger a new image build. When the\n\t\t\t\tpipelineExecutionStartCondition is set to\n\t\t\t\tEXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE, and you use semantic\n\t\t\tversion filters on the base image or components in your image recipe, EC2 Image Builder will\n\t\t\tbuild a new image only when there are new versions of the image or components in your\n\t\t\trecipe that match the semantic version filter. When it is set to\n\t\t\t\tEXPRESSION_MATCH_ONLY, it will build a new image every time the CRON\n\t\t\texpression matches the current time. For semantic version syntax, see CreateComponent in the EC2 Image Builder API Reference.
The start condition configures when the pipeline should trigger a new image build, \n\t\t\tas follows. If no value is set Image Builder defaults to \n\t\t\tEXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE.
\n EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE (default) – \n\t\t\t\t\tWhen you use semantic version filters on the base image or components in your \n\t\t\t\t\timage recipe, EC2 Image Builder builds a new image only when there are new versions of \n\t\t\t\t\tthe base image or components in your recipe that match the filter.
For semantic version syntax, see CreateComponent.
\n\n EXPRESSION_MATCH_ONLY – This condition builds a new \n\t\t\t\t\timage every time the CRON expression matches the current time.
The IAM role that allows access to create the command.
" + "smithy.api#documentation": "The IAM role that you must provide when using the AWS-IoT-FleetWise namespace.\n The role grants IoT Device Management the permission to access IoT FleetWise resources \n for generating the payload for the command. This field is not required when you use the\n AWS-IoT namespace.
The time to live (TTL) parameter for the GetCommandExecution API.
The time to live (TTL) parameter that indicates the duration for which executions will\n be retained in your account. The default value is six months.
" } } }, @@ -18486,7 +18589,7 @@ "roleArn": { "target": "com.amazonaws.iot#RoleArn", "traits": { - "smithy.api#documentation": "The IAM role that allows access to retrieve information about the command.
" + "smithy.api#documentation": "The IAM role that you provided when creating the command with AWS-IoT-FleetWise\n as the namespace.
Retrieves the live connectivity status per device.
", + "smithy.api#http": { + "method": "POST", + "uri": "/things/{thingName}/connectivity-data", + "code": 200 + } + } + }, + "com.amazonaws.iot#GetThingConnectivityDataRequest": { + "type": "structure", + "members": { + "thingName": { + "target": "com.amazonaws.iot#ConnectivityApiThingName", + "traits": { + "smithy.api#documentation": "The name of your IoT thing.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.iot#GetThingConnectivityDataResponse": { + "type": "structure", + "members": { + "thingName": { + "target": "com.amazonaws.iot#ConnectivityApiThingName", + "traits": { + "smithy.api#documentation": "The name of your IoT thing.
" + } + }, + "connected": { + "target": "com.amazonaws.iot#Boolean", + "traits": { + "smithy.api#documentation": "A Boolean that indicates the connectivity status.
" + } + }, + "timestamp": { + "target": "com.amazonaws.iot#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp of when the event occurred.
" + } + }, + "disconnectReason": { + "target": "com.amazonaws.iot#DisconnectReasonValue", + "traits": { + "smithy.api#documentation": "The reason why the client is disconnecting.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.iot#GetTopicRule": { "type": "operation", "input": { @@ -22712,7 +22903,7 @@ } ], "traits": { - "smithy.api#documentation": "List all command executions.
\nYou must provide only the\n startedTimeFilter or the completedTimeFilter information. If you \n provide both time filters, the API will generate an error.\n You can use this information to find command executions that started within\n a specific timeframe.
List all command executions.
\nYou must provide only the startedTimeFilter or \n the completedTimeFilter information. If you provide \n both time filters, the API will generate an error. You can use \n this information to retrieve a list of command executions \n within a specific timeframe.
You must provide only the commandArn or \n the thingArn information depending on whether you want\n to list executions for a specific command or an IoT thing. If you provide \n both fields, the API will generate an error.
For more information about considerations for using this API, see\n List\n command executions in your account (CLI).
\nConfigures the maintenance window that you want for the runtime environment. The maintenance window must have the format ddd:hh24:mi-ddd:hh24:mi and must be less than 24 hours. The following two examples are valid maintenance windows: sun:23:45-mon:00:15 or sat:01:00-sat:03:00.
If you do not provide a value, a random system-generated value will be assigned.
" } }, + "networkType": { + "target": "com.amazonaws.m2#NetworkType", + "traits": { + "smithy.api#documentation": "The network type required for the runtime environment.
" + } + }, "clientToken": { "target": "com.amazonaws.m2#ClientToken", "traits": { @@ -2853,6 +2859,12 @@ "smithy.api#documentation": "The timestamp when the runtime environment was created.
", "smithy.api#required": {} } + }, + "networkType": { + "target": "com.amazonaws.m2#NetworkType", + "traits": { + "smithy.api#documentation": "The network type supported by the runtime environment.
" + } } }, "traits": { @@ -3960,6 +3972,12 @@ "traits": { "smithy.api#documentation": "The identifier of a customer managed key.
" } + }, + "networkType": { + "target": "com.amazonaws.m2#NetworkType", + "traits": { + "smithy.api#documentation": "The network type supported by the runtime environment.
" + } } } }, @@ -5289,6 +5307,21 @@ } } }, + "com.amazonaws.m2#NetworkType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ipv4", + "name": "IPV4" + }, + { + "value": "dual", + "name": "DUAL" + } + ] + } + }, "com.amazonaws.m2#NextToken": { "type": "string", "traits": { diff --git a/codegen/sdk/aws-models/macie2.json b/codegen/sdk/aws-models/macie2.json index 5ba0b2f3b5d..f4ca58a1573 100644 --- a/codegen/sdk/aws-models/macie2.json +++ b/codegen/sdk/aws-models/macie2.json @@ -417,7 +417,7 @@ "apiServiceName": { "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "The URL of the Amazon Web Service that provides the operation, for example: s3.amazonaws.com.
", + "smithy.api#documentation": "The URL of the Amazon Web Services service that provides the operation, for example: s3.amazonaws.com.
", "smithy.api#jsonName": "apiServiceName" } }, @@ -966,7 +966,7 @@ "unknown": { "target": "com.amazonaws.macie2#__long", "traits": { - "smithy.api#documentation": "The total number of buckets that Amazon Macie wasn't able to evaluate permissions settings for. Macie can't determine whether these buckets are publicly accessible.
", + "smithy.api#documentation": "The total number of buckets that Amazon Macie wasn't able to evaluate permissions settings for. For example, the buckets' policies or a quota prevented Macie from retrieving the requisite data. Macie can't determine whether the buckets are publicly accessible.
", "smithy.api#jsonName": "unknown" } } @@ -1002,7 +1002,7 @@ "unknown": { "target": "com.amazonaws.macie2#__long", "traits": { - "smithy.api#documentation": "The total number of buckets that Amazon Macie doesn't have current encryption metadata for. Macie can't provide current data about the default encryption settings for these buckets.
", + "smithy.api#documentation": "The total number of buckets that Amazon Macie doesn't have current encryption metadata for. For example, the buckets' permissions settings or a quota prevented Macie from retrieving the default encryption settings for the buckets.
", "smithy.api#jsonName": "unknown" } } @@ -1038,7 +1038,7 @@ "unknown": { "target": "com.amazonaws.macie2#__long", "traits": { - "smithy.api#documentation": "The total number of buckets that Amazon Macie wasn't able to evaluate shared access settings for. Macie can't determine whether these buckets are shared with other Amazon Web Services accounts, Amazon CloudFront OAIs, or CloudFront OACs.
", + "smithy.api#documentation": "The total number of buckets that Amazon Macie wasn't able to evaluate shared access settings for. For example, the buckets' permissions settings or a quota prevented Macie from retrieving the requisite data. Macie can't determine whether the buckets are shared with other Amazon Web Services accounts, Amazon CloudFront OAIs, or CloudFront OACs.
", "smithy.api#jsonName": "unknown" } } @@ -1067,7 +1067,7 @@ "unknown": { "target": "com.amazonaws.macie2#__long", "traits": { - "smithy.api#documentation": "The total number of buckets that Amazon Macie wasn't able to evaluate server-side encryption requirements for. Macie can't determine whether the bucket policies for these buckets require server-side encryption of new objects.
", + "smithy.api#documentation": "The total number of buckets that Amazon Macie wasn't able to evaluate server-side encryption requirements for. For example, the buckets' permissions settings or a quota prevented Macie from retrieving the requisite data. Macie can't determine whether bucket policies for the buckets require server-side encryption of new objects.
", "smithy.api#jsonName": "unknown" } } @@ -1236,14 +1236,14 @@ "errorCode": { "target": "com.amazonaws.macie2#BucketMetadataErrorCode", "traits": { - "smithy.api#documentation": "The error code for an error that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. If this value is ACCESS_DENIED, Macie doesn't have permission to retrieve the information. For example, the bucket has a restrictive bucket policy and Amazon S3 denied the request. If this value is null, Macie was able to retrieve and process the information.
", + "smithy.api#documentation": "The code for an error or issue that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. Possible values are:
ACCESS_DENIED - Macie doesn't have permission to retrieve the information. For example, the bucket has a restrictive bucket policy and Amazon S3 denied the request.
BUCKET_COUNT_EXCEEDS_QUOTA - Retrieving and processing the information would exceed the quota for the number of buckets that Macie monitors for an account (10,000).
If this value is null, Macie was able to retrieve and process the information.
", "smithy.api#jsonName": "errorCode" } }, "errorMessage": { "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "A brief description of the error (errorCode) that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. This value is null if Macie was able to retrieve and process the information.
", + "smithy.api#documentation": "A brief description of the error or issue (errorCode) that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. This value is null if Macie was able to retrieve and process the information.
", "smithy.api#jsonName": "errorMessage" } }, @@ -1257,7 +1257,7 @@ "lastAutomatedDiscoveryTime": { "target": "com.amazonaws.macie2#__timestampIso8601", "traits": { - "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently analyzed objects in the bucket while performing automated sensitive data discovery. This value is null if automated sensitive data discovery is disabled for your account.
", + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently analyzed objects in the bucket while performing automated sensitive data discovery. This value is null if this analysis hasn't occurred.
", "smithy.api#jsonName": "lastAutomatedDiscoveryTime" } }, @@ -1306,7 +1306,7 @@ "sensitivityScore": { "target": "com.amazonaws.macie2#__integer", "traits": { - "smithy.api#documentation": "The sensitivity score for the bucket, ranging from -1 (classification error) to 100 (sensitive).
If automated sensitive data discovery has never been enabled for your account or it’s been disabled for your organization or your standalone account for more than 30 days, possible values are: 1, the bucket is empty; or, 50, the bucket stores objects but it’s been excluded from recent analyses.
", + "smithy.api#documentation": "The sensitivity score for the bucket, ranging from -1 (classification error) to 100 (sensitive).
If automated sensitive data discovery has never been enabled for your account or it's been disabled for your organization or standalone account for more than 30 days, possible values are: 1, the bucket is empty; or, 50, the bucket stores objects but it's been excluded from recent analyses.
", "smithy.api#jsonName": "sensitivityScore" } }, @@ -1368,7 +1368,7 @@ } }, "traits": { - "smithy.api#documentation": "Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. By default, object count and storage size values include data for object parts that are the result of incomplete multipart uploads. For more information, see How Macie monitors Amazon S3 data security in the Amazon Macie User Guide.
If an error occurs when Macie attempts to retrieve and process metadata from Amazon S3 for the bucket or the bucket's objects, the value for the versioning property is false and the value for most other properties is null. Key exceptions are accountId, bucketArn, bucketCreatedAt, bucketName, lastUpdated, and region. To identify the cause of the error, refer to the errorCode and errorMessage values.
" + "smithy.api#documentation": "Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. By default, object count and storage size values include data for object parts that are the result of incomplete multipart uploads. For more information, see How Macie monitors Amazon S3 data security in the Amazon Macie User Guide.
If an error or issue prevents Macie from retrieving and processing metadata from Amazon S3 for the bucket or the bucket's objects, the value for the versioning property is false and the value for most other properties is null or UNKNOWN. Key exceptions are accountId, bucketArn, bucketCreatedAt, bucketName, lastUpdated, and region. To identify the cause, refer to the errorCode and errorMessage values.
" } }, "com.amazonaws.macie2#BucketMetadataErrorCode": { @@ -1379,10 +1379,16 @@ "traits": { "smithy.api#enumValue": "ACCESS_DENIED" } + }, + "BUCKET_COUNT_EXCEEDS_QUOTA": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "BUCKET_COUNT_EXCEEDS_QUOTA" + } } }, "traits": { - "smithy.api#documentation": "The error code for an error that prevented Amazon Macie from retrieving and processing information about an S3 bucket and the bucket's objects.
" + "smithy.api#documentation": "The code for an error or issue that prevented Amazon Macie from retrieving and processing information about an S3 bucket and the bucket's objects.
" } }, "com.amazonaws.macie2#BucketPermissionConfiguration": { @@ -1528,7 +1534,7 @@ } }, "traits": { - "smithy.api#documentation": "Provides aggregated statistical data for sensitive data discovery metrics that apply to S3 buckets, grouped by bucket sensitivity score (sensitivityScore). If automated sensitive data discovery is currently disabled for your account, the value for each metric is 0.
" + "smithy.api#documentation": "Provides aggregated statistical data for sensitive data discovery metrics that apply to S3 buckets, grouped by bucket sensitivity score (sensitivityScore). If automated sensitive data discovery is currently disabled for your account, the value for most of these metrics is 0.
" } }, "com.amazonaws.macie2#Cell": { @@ -3752,7 +3758,7 @@ "suppressed": { "target": "com.amazonaws.macie2#__boolean", "traits": { - "smithy.api#documentation": "Specifies whether occurrences of this type of sensitive data are excluded (true) or included (false) in the bucket's sensitivity score.
", + "smithy.api#documentation": "Specifies whether occurrences of this type of sensitive data are excluded (true) or included (false) in the bucket's sensitivity score, if the score is calculated by Amazon Macie.
", "smithy.api#jsonName": "suppressed" } }, @@ -4718,7 +4724,7 @@ } }, "traits": { - "smithy.api#documentation": "The type of finding. For details about each type, see Types of Amazon Macie findings in the Amazon Macie User Guide. Possible values are:
" + "smithy.api#documentation": "The type of finding. For details about each type, see Types of findings in the Amazon Macie User Guide. Possible values are:
" } }, "com.amazonaws.macie2#FindingsFilterAction": { @@ -5158,7 +5164,7 @@ "bucketStatisticsBySensitivity": { "target": "com.amazonaws.macie2#BucketStatisticsBySensitivity", "traits": { - "smithy.api#documentation": "The aggregated sensitive data discovery statistics for the buckets. If automated sensitive data discovery is currently disabled for your account, the value for each statistic is 0.
", + "smithy.api#documentation": "The aggregated sensitive data discovery statistics for the buckets. If automated sensitive data discovery is currently disabled for your account, the value for most statistics is 0.
", "smithy.api#jsonName": "bucketStatisticsBySensitivity" } }, @@ -6481,7 +6487,7 @@ "reasons": { "target": "com.amazonaws.macie2#__listOfUnavailabilityReasonCode", "traits": { - "smithy.api#documentation": "Specifies why occurrences of sensitive data can't be retrieved for the finding. Possible values are:
ACCOUNT_NOT_IN_ORGANIZATION - The affected account isn't currently part of your organization. Or the account is part of your organization but Macie isn't currently enabled for the account. You're not allowed to access the affected S3 object by using Macie.
INVALID_CLASSIFICATION_RESULT - There isn't a corresponding sensitive data discovery result for the finding. Or the corresponding sensitive data discovery result isn't available in the current Amazon Web Services Region, is malformed or corrupted, or uses an unsupported storage format. Macie can't verify the location of the sensitive data to retrieve.
INVALID_RESULT_SIGNATURE - The corresponding sensitive data discovery result is stored in an S3 object that wasn't signed by Macie. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
MEMBER_ROLE_TOO_PERMISSIVE - The trust or permissions policy for the IAM role in the affected member account doesn't meet Macie requirements for restricting access to the role. Or the role's trust policy doesn't specify the correct external ID for your organization. Macie can't assume the role to retrieve the sensitive data.
MISSING_GET_MEMBER_PERMISSION - You're not allowed to retrieve information about the association between your account and the affected account. Macie can't determine whether you’re allowed to access the affected S3 object as the delegated Macie administrator for the affected account.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data from this type of file.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object was renamed, moved, deleted, or changed after Macie created the finding. Or the object is encrypted with an KMS key that's currently disabled.
RESULT_NOT_SIGNED - The corresponding sensitive data discovery result is stored in an S3 object that hasn't been signed. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
ROLE_TOO_PERMISSIVE - Your account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Macie can’t assume the role to retrieve the sensitive data.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
This value is null if sensitive data can be retrieved for the finding.
", + "smithy.api#documentation": "Specifies why occurrences of sensitive data can't be retrieved for the finding. Possible values are:
ACCOUNT_NOT_IN_ORGANIZATION - The affected account isn't currently part of your organization. Or the account is part of your organization but Macie isn't currently enabled for the account. You're not allowed to access the affected S3 object by using Macie.
INVALID_CLASSIFICATION_RESULT - There isn't a corresponding sensitive data discovery result for the finding. Or the corresponding sensitive data discovery result isn't available in the current Amazon Web Services Region, is malformed or corrupted, or uses an unsupported storage format. Macie can't verify the location of the sensitive data to retrieve.
INVALID_RESULT_SIGNATURE - The corresponding sensitive data discovery result is stored in an S3 object that wasn't signed by Macie. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
MEMBER_ROLE_TOO_PERMISSIVE - The trust or permissions policy for the IAM role in the affected member account doesn't meet Macie requirements for restricting access to the role. Or the role's trust policy doesn't specify the correct external ID for your organization. Macie can't assume the role to retrieve the sensitive data.
MISSING_GET_MEMBER_PERMISSION - You're not allowed to retrieve information about the association between your account and the affected account. Macie can't determine whether you’re allowed to access the affected S3 object as the delegated Macie administrator for the affected account.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data from this type of file.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object was renamed, moved, deleted, or changed after Macie created the finding. Or the object is encrypted with an KMS key that isn’t available. For example, the key is disabled, is scheduled for deletion, or was deleted.
RESULT_NOT_SIGNED - The corresponding sensitive data discovery result is stored in an S3 object that hasn't been signed. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
ROLE_TOO_PERMISSIVE - Your account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Macie can’t assume the role to retrieve the sensitive data.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
This value is null if sensitive data can be retrieved for the finding.
", "smithy.api#jsonName": "reasons" } } @@ -7894,7 +7900,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves a subset of information about all the custom data identifiers for an account.
", + "smithy.api#documentation": "Retrieves a subset of information about the custom data identifiers for an account.
", "smithy.api#http": { "method": "POST", "uri": "/custom-data-identifiers/list", @@ -10247,14 +10253,14 @@ "errorCode": { "target": "com.amazonaws.macie2#BucketMetadataErrorCode", "traits": { - "smithy.api#documentation": "The error code for an error that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. If this value is ACCESS_DENIED, Macie doesn't have permission to retrieve the information. For example, the bucket has a restrictive bucket policy and Amazon S3 denied the request. If this value is null, Macie was able to retrieve and process the information.
", + "smithy.api#documentation": "The code for an error or issue that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. Possible values are:
ACCESS_DENIED - Macie doesn't have permission to retrieve the information. For example, the bucket has a restrictive bucket policy and Amazon S3 denied the request.
BUCKET_COUNT_EXCEEDS_QUOTA - Retrieving and processing the information would exceed the quota for the number of buckets that Macie monitors for an account (10,000).
If this value is null, Macie was able to retrieve and process the information.
", "smithy.api#jsonName": "errorCode" } }, "errorMessage": { "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "A brief description of the error (errorCode) that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. This value is null if Macie was able to retrieve and process the information.
", + "smithy.api#documentation": "A brief description of the error or issue (errorCode) that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. This value is null if Macie was able to retrieve and process the information.
", "smithy.api#jsonName": "errorMessage" } }, @@ -10268,7 +10274,7 @@ "lastAutomatedDiscoveryTime": { "target": "com.amazonaws.macie2#__timestampIso8601", "traits": { - "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently analyzed objects in the bucket while performing automated sensitive data discovery. This value is null if automated sensitive data discovery is disabled for your account.
", + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently analyzed objects in the bucket while performing automated sensitive data discovery. This value is null if this analysis hasn't occurred.
", "smithy.api#jsonName": "lastAutomatedDiscoveryTime" } }, @@ -10289,7 +10295,7 @@ "sensitivityScore": { "target": "com.amazonaws.macie2#__integer", "traits": { - "smithy.api#documentation": "The sensitivity score for the bucket, ranging from -1 (classification error) to 100 (sensitive).
If automated sensitive data discovery has never been enabled for your account or it’s been disabled for your organization or your standalone account for more than 30 days, possible values are: 1, the bucket is empty; or, 50, the bucket stores objects but it’s been excluded from recent analyses.
", + "smithy.api#documentation": "The sensitivity score for the bucket, ranging from -1 (classification error) to 100 (sensitive).
If automated sensitive data discovery has never been enabled for your account or it's been disabled for your organization or standalone account for more than 30 days, possible values are: 1, the bucket is empty; or, 50, the bucket stores objects but it's been excluded from recent analyses.
", "smithy.api#jsonName": "sensitivityScore" } }, @@ -10323,7 +10329,7 @@ } }, "traits": { - "smithy.api#documentation": "Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. By default, object count and storage size values include data for object parts that are the result of incomplete multipart uploads. For more information, see How Macie monitors Amazon S3 data security in the Amazon Macie User Guide.
If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for most of these properties is null. Key exceptions are accountId and bucketName. To identify the cause of the error, refer to the errorCode and errorMessage values.
" + "smithy.api#documentation": "Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. By default, object count and storage size values include data for object parts that are the result of incomplete multipart uploads. For more information, see How Macie monitors Amazon S3 data security in the Amazon Macie User Guide.
If an error or issue prevents Macie from retrieving and processing information about the bucket or the bucket's objects, the value for many of these properties is null. Key exceptions are accountId and bucketName. To identify the cause, refer to the errorCode and errorMessage values.
" } }, "com.amazonaws.macie2#MatchingResource": { @@ -10332,7 +10338,7 @@ "matchingBucket": { "target": "com.amazonaws.macie2#MatchingBucket", "traits": { - "smithy.api#documentation": "The details of an S3 bucket that Amazon Macie monitors and analyzes.
", + "smithy.api#documentation": "The details of an S3 bucket that Amazon Macie monitors and analyzes for your account.
", "smithy.api#jsonName": "matchingBucket" } } @@ -11288,7 +11294,7 @@ } }, "traits": { - "smithy.api#documentation": "Provides information about the S3 bucket that a finding applies to.
" + "smithy.api#documentation": "Provides information about the S3 bucket that a finding applies to. If a quota prevented Amazon Macie from retrieving and processing all the bucket's information prior to generating the finding, the following values are UNKNOWN or null: allowsUnencryptedObjectUploads, defaultServerSideEncryption, publicAccess, and tags.
" } }, "com.amazonaws.macie2#S3BucketCriteriaForJob": { @@ -11409,7 +11415,7 @@ "target": "com.amazonaws.macie2#__listOfS3BucketName", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "Depending on the value specified for the update operation (ClassificationScopeUpdateOperation), an array of strings that: lists the names of buckets to add or remove from the list, or specifies a new set of bucket names that overwrites all existing names in the list. Each string must be the full name of an S3 bucket. Values are case sensitive.
", + "smithy.api#documentation": "Depending on the value specified for the update operation (ClassificationScopeUpdateOperation), an array of strings that: lists the names of buckets to add or remove from the list, or specifies a new set of bucket names that overwrites all existing names in the list. Each string must be the full name of an existing S3 bucket. Values are case sensitive.
", "smithy.api#jsonName": "bucketNames", "smithy.api#required": {} } @@ -11711,7 +11717,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves (queries) statistical data and other information about Amazon Web Services resources that Amazon Macie monitors and analyzes.
", + "smithy.api#documentation": "Retrieves (queries) statistical data and other information about Amazon Web Services resources that Amazon Macie monitors and analyzes for an account.
", "smithy.api#http": { "method": "POST", "uri": "/datasources/search-resources", @@ -12050,7 +12056,7 @@ } }, "traits": { - "smithy.api#documentation": "Specifies configuration settings that determine which findings are published to Security Hub automatically. For information about how Macie publishes findings to Security Hub, see Amazon Macie integration with Security Hub in the Amazon Macie User Guide.
" + "smithy.api#documentation": "Specifies configuration settings that determine which findings are published to Security Hub automatically. For information about how Macie publishes findings to Security Hub, see Evaluating findings with Security Hub in the Amazon Macie User Guide.
" } }, "com.amazonaws.macie2#SensitiveData": { @@ -12168,7 +12174,7 @@ } }, "traits": { - "smithy.api#documentation": "Provides aggregated statistical data for sensitive data discovery metrics that apply to S3 buckets. Each field contains aggregated data for all the buckets that have a sensitivity score (sensitivityScore) of a specified value or within a specified range (BucketStatisticsBySensitivity). If automated sensitive data discovery is currently disabled for your account, the value for each field is 0.
" + "smithy.api#documentation": "Provides aggregated statistical data for sensitive data discovery metrics that apply to S3 buckets. Each field contains aggregated data for all the buckets that have a sensitivity score (sensitivityScore) of a specified value or within a specified range (BucketStatisticsBySensitivity). If automated sensitive data discovery is currently disabled for your account, the value for most fields is 0.
" } }, "com.amazonaws.macie2#SensitivityInspectionTemplateExcludes": { @@ -12712,7 +12718,7 @@ "id": { "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "The unique identifier for the custom data identifier or managed data identifier that detected the type of sensitive data to exclude or include in the score.
", + "smithy.api#documentation": "The unique identifier for the custom data identifier or managed data identifier that detected the type of sensitive data to exclude from the score.
", "smithy.api#jsonName": "id" } }, @@ -12725,7 +12731,7 @@ } }, "traits": { - "smithy.api#documentation": "Specifies a custom data identifier or managed data identifier that detected a type of sensitive data to start excluding or including in an S3 bucket's sensitivity score.
" + "smithy.api#documentation": "Specifies a custom data identifier or managed data identifier that detected a type of sensitive data to exclude from an S3 bucket's sensitivity score.
" } }, "com.amazonaws.macie2#TagCriterionForJob": { @@ -13172,7 +13178,7 @@ "target": "com.amazonaws.macie2#__string", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The type of error that occurred and prevented Amazon Macie from retrieving occurrences of sensitive data reported by the finding. Possible values are:
ACCOUNT_NOT_IN_ORGANIZATION - The affected account isn't currently part of your organization. Or the account is part of your organization but Macie isn't currently enabled for the account. You're not allowed to access the affected S3 object by using Macie.
INVALID_CLASSIFICATION_RESULT - There isn't a corresponding sensitive data discovery result for the finding. Or the corresponding sensitive data discovery result isn't available in the current Amazon Web Services Region, is malformed or corrupted, or uses an unsupported storage format. Macie can't verify the location of the sensitive data to retrieve.
INVALID_RESULT_SIGNATURE - The corresponding sensitive data discovery result is stored in an S3 object that wasn't signed by Macie. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
MEMBER_ROLE_TOO_PERMISSIVE - The trust or permissions policy for the IAM role in the affected member account doesn't meet Macie requirements for restricting access to the role. Or the role's trust policy doesn't specify the correct external ID for your organization. Macie can't assume the role to retrieve the sensitive data.
MISSING_GET_MEMBER_PERMISSION - You're not allowed to retrieve information about the association between your account and the affected account. Macie can't determine whether you’re allowed to access the affected S3 object as the delegated Macie administrator for the affected account.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data from this type of file.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object was renamed, moved, deleted, or changed after Macie created the finding. Or the object is encrypted with an KMS key that's currently disabled.
RESULT_NOT_SIGNED - The corresponding sensitive data discovery result is stored in an S3 object that hasn't been signed. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
ROLE_TOO_PERMISSIVE - Your account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Macie can’t assume the role to retrieve the sensitive data.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
The type of error that occurred and prevented Amazon Macie from retrieving occurrences of sensitive data reported by the finding. Possible values are:
ACCOUNT_NOT_IN_ORGANIZATION - The affected account isn't currently part of your organization. Or the account is part of your organization but Macie isn't currently enabled for the account. You're not allowed to access the affected S3 object by using Macie.
INVALID_CLASSIFICATION_RESULT - There isn't a corresponding sensitive data discovery result for the finding. Or the corresponding sensitive data discovery result isn't available in the current Amazon Web Services Region, is malformed or corrupted, or uses an unsupported storage format. Macie can't verify the location of the sensitive data to retrieve.
INVALID_RESULT_SIGNATURE - The corresponding sensitive data discovery result is stored in an S3 object that wasn't signed by Macie. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
MEMBER_ROLE_TOO_PERMISSIVE - The trust or permissions policy for the IAM role in the affected member account doesn't meet Macie requirements for restricting access to the role. Or the role's trust policy doesn't specify the correct external ID for your organization. Macie can't assume the role to retrieve the sensitive data.
MISSING_GET_MEMBER_PERMISSION - You're not allowed to retrieve information about the association between your account and the affected account. Macie can't determine whether you’re allowed to access the affected S3 object as the delegated Macie administrator for the affected account.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data from this type of file.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object was renamed, moved, deleted, or changed after Macie created the finding. Or the object is encrypted with an KMS key that isn’t available. For example, the key is disabled, is scheduled for deletion, or was deleted.
RESULT_NOT_SIGNED - The corresponding sensitive data discovery result is stored in an S3 object that hasn't been signed. Macie can't verify the integrity and authenticity of the sensitive data discovery result. Therefore, Macie can't verify the location of the sensitive data to retrieve.
ROLE_TOO_PERMISSIVE - Your account is configured to retrieve occurrences of sensitive data by using an IAM role whose trust or permissions policy doesn't meet Macie requirements for restricting access to the role. Macie can’t assume the role to retrieve the sensitive data.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
An array of objects, one for each custom data identifier or managed data identifier that detected the type of sensitive data to start excluding or including in the bucket's score. To start including all sensitive data types in the score, don't specify any values for this array.
", + "smithy.api#documentation": "An array of objects, one for each custom data identifier or managed data identifier that detected a type of sensitive data to exclude from the bucket's score. To include all sensitive data types in the score, don't specify any values for this array.
", "smithy.api#jsonName": "suppressDataIdentifiers" } } @@ -14040,7 +14046,7 @@ } }, "traits": { - "smithy.api#documentation": "Specifies the access method and settings to use when retrieving occurrences of sensitive data reported by findings. If your request specifies an Identity and Access Management (IAM) role to assume, Amazon Macie verifies that the role exists and the attached policies are configured correctly. If there's an issue, Macie returns an error. For information about addressing the issue, see Configuration options and requirements for retrieving sensitive data samples in the Amazon Macie User Guide.
" + "smithy.api#documentation": "Specifies the access method and settings to use when retrieving occurrences of sensitive data reported by findings. If your request specifies an Identity and Access Management (IAM) role to assume, Amazon Macie verifies that the role exists and the attached policies are configured correctly. If there's an issue, Macie returns an error. For information about addressing the issue, see Configuration options for retrieving sensitive data samples in the Amazon Macie User Guide.
" } }, "com.amazonaws.macie2#UpdateRevealConfiguration": { @@ -14516,7 +14522,7 @@ "awsService": { "target": "com.amazonaws.macie2#AwsService", "traits": { - "smithy.api#documentation": "If the action was performed by an Amazon Web Services account that belongs to an Amazon Web Service, the name of the service.
", + "smithy.api#documentation": "If the action was performed by an Amazon Web Services account that belongs to an Amazon Web Services service, the name of the service.
", "smithy.api#jsonName": "awsService" } }, diff --git a/codegen/sdk/aws-models/mediaconnect.json b/codegen/sdk/aws-models/mediaconnect.json index 191555a3fba..9a326c4c08d 100644 --- a/codegen/sdk/aws-models/mediaconnect.json +++ b/codegen/sdk/aws-models/mediaconnect.json @@ -1033,6 +1033,21 @@ } } }, + "com.amazonaws.mediaconnect#AudioMonitoringSetting": { + "type": "structure", + "members": { + "SilentAudio": { + "target": "com.amazonaws.mediaconnect#SilentAudio", + "traits": { + "smithy.api#documentation": "Detects periods of silence.", + "smithy.api#jsonName": "silentAudio" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the configuration for audio stream metrics monitoring." + } + }, "com.amazonaws.mediaconnect#BadRequestException": { "type": "structure", "members": { @@ -1052,6 +1067,28 @@ "smithy.api#httpError": 400 } }, + "com.amazonaws.mediaconnect#BlackFrames": { + "type": "structure", + "members": { + "State": { + "target": "com.amazonaws.mediaconnect#State", + "traits": { + "smithy.api#documentation": "Indicates whether the BlackFrames metric is enabled or disabled.", + "smithy.api#jsonName": "state" + } + }, + "ThresholdSeconds": { + "target": "com.amazonaws.mediaconnect#__integer", + "traits": { + "smithy.api#documentation": "Specifies the number of consecutive seconds of black frames that triggers an event or alert.", + "smithy.api#jsonName": "thresholdSeconds" + } + } + }, + "traits": { + "smithy.api#documentation": "Configures settings for the BlackFrames metric." + } + }, "com.amazonaws.mediaconnect#Bridge": { "type": "structure", "members": { @@ -1546,6 +1583,23 @@ } } }, + "com.amazonaws.mediaconnect#ContentQualityAnalysisState": { + "type": "enum", + "members": { + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + }, + "DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLED" + } + } + } + }, "com.amazonaws.mediaconnect#CreateBridge": { "type": "operation", "input": { @@ -3691,6 +3745,28 @@ "smithy.api#documentation": "The frame resolution used by the video stream." } }, + "com.amazonaws.mediaconnect#FrozenFrames": { + "type": "structure", + "members": { + "State": { + "target": "com.amazonaws.mediaconnect#State", + "traits": { + "smithy.api#documentation": "Indicates whether the FrozenFrames metric is enabled or disabled.", + "smithy.api#jsonName": "state" + } + }, + "ThresholdSeconds": { + "target": "com.amazonaws.mediaconnect#__integer", + "traits": { + "smithy.api#documentation": "Specifies the number of consecutive seconds of a static image that triggers an event or alert.", + "smithy.api#jsonName": "thresholdSeconds" + } + } + }, + "traits": { + "smithy.api#documentation": "Configures settings for the FrozenFrames metric." + } + }, "com.amazonaws.mediaconnect#Gateway": { "type": "structure", "members": { @@ -6600,6 +6676,27 @@ "smithy.api#documentation": "The state of thumbnail monitoring.", "smithy.api#jsonName": "thumbnailState" } + }, + "AudioMonitoringSettings": { + "target": "com.amazonaws.mediaconnect#__listOfAudioMonitoringSetting", + "traits": { + "smithy.api#documentation": "Contains the settings for audio stream metrics monitoring.", + "smithy.api#jsonName": "audioMonitoringSettings" + } + }, + "ContentQualityAnalysisState": { + "target": "com.amazonaws.mediaconnect#ContentQualityAnalysisState", + "traits": { + "smithy.api#documentation": "Indicates whether content quality analysis is enabled or disabled.", + "smithy.api#jsonName": "contentQualityAnalysisState" + } + }, + "VideoMonitoringSettings": { + "target": "com.amazonaws.mediaconnect#__listOfVideoMonitoringSetting", + "traits": { + "smithy.api#documentation": "Contains the settings for video stream metrics monitoring.", + "smithy.api#jsonName": "videoMonitoringSettings" + } } }, "traits": { @@ -8067,6 +8164,28 @@ "smithy.api#documentation": "The settings for the source of the flow." } }, + "com.amazonaws.mediaconnect#SilentAudio": { + "type": "structure", + "members": { + "State": { + "target": "com.amazonaws.mediaconnect#State", + "traits": { + "smithy.api#documentation": "Indicates whether the SilentAudio metric is enabled or disabled.", + "smithy.api#jsonName": "state" + } + }, + "ThresholdSeconds": { + "target": "com.amazonaws.mediaconnect#__integer", + "traits": { + "smithy.api#documentation": "Specifies the number of consecutive seconds of silence that triggers an event or alert.", + "smithy.api#jsonName": "thresholdSeconds" + } + } + }, + "traits": { + "smithy.api#documentation": "Configures settings for the SilentAudio metric." + } + }, "com.amazonaws.mediaconnect#Source": { "type": "structure", "members": { @@ -10404,6 +10523,28 @@ "smithy.api#documentation": "Update maintenance setting for a flow" } }, + "com.amazonaws.mediaconnect#VideoMonitoringSetting": { + "type": "structure", + "members": { + "BlackFrames": { + "target": "com.amazonaws.mediaconnect#BlackFrames", + "traits": { + "smithy.api#documentation": "Detects video frames that are black.", + "smithy.api#jsonName": "blackFrames" + } + }, + "FrozenFrames": { + "target": "com.amazonaws.mediaconnect#FrozenFrames", + "traits": { + "smithy.api#documentation": "Detects video frames that have not changed.", + "smithy.api#jsonName": "frozenFrames" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the configuration for video stream metrics monitoring." + } + }, "com.amazonaws.mediaconnect#VpcInterface": { "type": "structure", "members": { @@ -10565,6 +10706,12 @@ "target": "com.amazonaws.mediaconnect#AddOutputRequest" } }, + "com.amazonaws.mediaconnect#__listOfAudioMonitoringSetting": { + "type": "list", + "member": { + "target": "com.amazonaws.mediaconnect#AudioMonitoringSetting" + } + }, "com.amazonaws.mediaconnect#__listOfBridgeOutput": { "type": "list", "member": { @@ -10727,6 +10874,12 @@ "target": "com.amazonaws.mediaconnect#TransportStreamProgram" } }, + "com.amazonaws.mediaconnect#__listOfVideoMonitoringSetting": { + "type": "list", + "member": { + "target": "com.amazonaws.mediaconnect#VideoMonitoringSetting" + } + }, "com.amazonaws.mediaconnect#__listOfVpcInterface": { "type": "list", "member": { diff --git a/codegen/sdk/aws-models/mediaconvert.json b/codegen/sdk/aws-models/mediaconvert.json index 9ca11269d6e..94aeefd4e6e 100644 --- a/codegen/sdk/aws-models/mediaconvert.json +++ b/codegen/sdk/aws-models/mediaconvert.json @@ -1415,7 +1415,7 @@ } }, "AudioSourceName": { - "target": "com.amazonaws.mediaconvert#__string", + "target": "com.amazonaws.mediaconvert#__stringMax2048", "traits": { "smithy.api#documentation": "Specifies which audio data to use from each input. In the simplest case, specify an \"Audio Selector\":#inputs-audio_selector by name based on its order within each input. For example if you specify \"Audio Selector 3\", then the third audio selector will be used from each input. If an input does not have an \"Audio Selector 3\", then the audio selector marked as \"default\" in that input will be used. If there is no audio selector marked as \"default\", silence will be inserted for the duration of that input. Alternatively, an \"Audio Selector Group\":#inputs-audio_selector_group name may be specified, with similar default/silence behavior. If no audio_source_name is specified, then \"Audio Selector 1\" will be chosen automatically.", "smithy.api#jsonName": "audioSourceName" @@ -2820,6 +2820,13 @@ "smithy.api#jsonName": "outlineSize" } }, + "RemoveRubyReserveAttributes": { + "target": "com.amazonaws.mediaconvert#RemoveRubyReserveAttributes", + "traits": { + "smithy.api#documentation": "Optionally remove any tts:rubyReserve attributes present in your input, that do not have a tts:ruby attribute in the same element, from your output. Use if your vertical Japanese output captions have alignment issues. To remove ruby reserve attributes when present: Choose Enabled. To not remove any ruby reserve attributes: Keep the default value, Disabled.", + "smithy.api#jsonName": "removeRubyReserveAttributes" + } + }, "ShadowColor": { "target": "com.amazonaws.mediaconvert#BurninSubtitleShadowColor", "traits": { @@ -7052,7 +7059,7 @@ } }, "traits": { - "smithy.api#documentation": "Applies only to 29.97 fps outputs. When this feature is enabled, the service will use drop-frame timecode on outputs. If it is not possible to use drop-frame timecode, the system will fall back to non-drop-frame. This setting is enabled by default when Timecode insertion is enabled." + "smithy.api#documentation": "Applies only to 29.97 fps outputs. When this feature is enabled, the service will use drop-frame timecode on outputs. If it is not possible to use drop-frame timecode, the system will fall back to non-drop-frame. This setting is enabled by default when Timecode insertion or Timecode track is enabled." } }, "com.amazonaws.mediaconvert#DvbNitSettings": { @@ -10456,6 +10463,13 @@ "smithy.api#documentation": "Inserts timecode for each frame as 4 bytes of an unregistered SEI message.", "smithy.api#jsonName": "unregisteredSeiTimecode" } + }, + "WriteMp4PackagingType": { + "target": "com.amazonaws.mediaconvert#H264WriteMp4PackagingType", + "traits": { + "smithy.api#documentation": "Specify how SPS and PPS NAL units are written in your output MP4 container, according to ISO/IEC 14496-15. If the location of these parameters doesn't matter in your workflow: Keep the default value, AVC1. MediaConvert writes SPS and PPS NAL units in the sample description ('stsd') box (but not into samples directly). To write SPS and PPS NAL units directly into samples (but not in the 'stsd' box): Choose AVC3. When you do, note that your output might not play properly with some downstream systems or players.", + "smithy.api#jsonName": "writeMp4PackagingType" + } } }, "traits": { @@ -10588,6 +10602,26 @@ "smithy.api#documentation": "Inserts timecode for each frame as 4 bytes of an unregistered SEI message." } }, + "com.amazonaws.mediaconvert#H264WriteMp4PackagingType": { + "type": "enum", + "members": { + "AVC1": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AVC1" + } + }, + "AVC3": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AVC3" + } + } + }, + "traits": { + "smithy.api#documentation": "Specify how SPS and PPS NAL units are written in your output MP4 container, according to ISO/IEC 14496-15. If the location of these parameters doesn't matter in your workflow: Keep the default value, AVC1. MediaConvert writes SPS and PPS NAL units in the sample description ('stsd') box (but not into samples directly). To write SPS and PPS NAL units directly into samples (but not in the 'stsd' box): Choose AVC3. When you do, note that your output might not play properly with some downstream systems or players." + } + }, "com.amazonaws.mediaconvert#H265AdaptiveQuantization": { "type": "enum", "members": { @@ -13046,7 +13080,7 @@ } }, "FileInput": { - "target": "com.amazonaws.mediaconvert#__stringPatternS3Https", + "target": "com.amazonaws.mediaconvert#__stringMax2048PatternS3Https", "traits": { "smithy.api#documentation": "Specify the source file for your transcoding job. You can use multiple inputs in a single job. The service concatenates these inputs, in the order that you specify them in the job, to create the outputs. If your input format is IMF, specify your input by providing the path to your CPL. For example, \"s3://bucket/vf/cpl.xml\". If the CPL is in an incomplete IMP, make sure to use *Supplemental IMPs* to specify any supplemental IMPs that contain assets referenced by the CPL.", "smithy.api#jsonName": "fileInput" @@ -14410,7 +14444,7 @@ } }, "CredentialsSecretName": { - "target": "com.amazonaws.mediaconvert#__stringMin1Max2048PatternArnAwsAwsUsGovAwsCnSecretsmanagerUsGovApCaCnEuSaCentralNorthSouthEastWestDD12SecretAZAZ09", + "target": "com.amazonaws.mediaconvert#__stringMin1Max2048PatternArnAZSecretsmanagerWD12SecretAZAZ09", "traits": { "smithy.api#documentation": "Provide the name of the AWS Secrets Manager secret where your Kantar credentials are stored. Note that your MediaConvert service role must provide access to this secret. For more information, see https://docs.aws.amazon.com/mediaconvert/latest/ug/granting-permissions-for-mediaconvert-to-access-secrets-manager-secret.html. For instructions on creating a secret, see https://docs.aws.amazon.com/secretsmanager/latest/userguide/tutorials_basic.html, in the AWS Secrets Manager User Guide.", "smithy.api#jsonName": "credentialsSecretName" @@ -20538,7 +20572,7 @@ } }, "Extension": { - "target": "com.amazonaws.mediaconvert#__string", + "target": "com.amazonaws.mediaconvert#__stringMax256", "traits": { "smithy.api#documentation": "Use Extension to specify the file extension for outputs in File output groups. If you do not specify a value, the service will use default extensions by container type as follows * MPEG-2 transport stream, m2ts * Quicktime, mov * MXF container, mxf * MPEG-4 container, mp4 * WebM container, webm * No Container, the service will use codec extensions (e.g. AAC, H265, H265, AC3)", "smithy.api#jsonName": "extension" @@ -20639,7 +20673,7 @@ } }, "Name": { - "target": "com.amazonaws.mediaconvert#__string", + "target": "com.amazonaws.mediaconvert#__stringMax2048", "traits": { "smithy.api#documentation": "Name of the output group", "smithy.api#jsonName": "name" @@ -21779,6 +21813,26 @@ "smithy.api#documentation": "Use Manual audio remixing to adjust audio levels for each audio channel in each output of your job. With audio remixing, you can output more or fewer audio channels than your input audio source provides." } }, + "com.amazonaws.mediaconvert#RemoveRubyReserveAttributes": { + "type": "enum", + "members": { + "DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLED" + } + }, + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + } + }, + "traits": { + "smithy.api#documentation": "Optionally remove any tts:rubyReserve attributes present in your input, that do not have a tts:ruby attribute in the same element, from your output. Use if your vertical Japanese output captions have alignment issues. To remove ruby reserve attributes when present: Choose Enabled. To not remove any ruby reserve attributes: Keep the default value, Disabled." + } + }, "com.amazonaws.mediaconvert#RenewalType": { "type": "enum", "members": { @@ -23027,6 +23081,26 @@ "smithy.api#documentation": "Use Source to set how timecodes are handled within this job. To make sure that your video, audio, captions, and markers are synchronized and that time-based features, such as image inserter, work correctly, choose the Timecode source option that matches your assets. All timecodes are in a 24-hour format with frame number (HH:MM:SS:FF). * Embedded - Use the timecode that is in the input video. If no embedded timecode is in the source, the service will use Start at 0 instead. * Start at 0 - Set the timecode of the initial frame to 00:00:00:00. * Specified Start - Set the timecode of the initial frame to a value other than zero. You use Start timecode to provide this value." } }, + "com.amazonaws.mediaconvert#TimecodeTrack": { + "type": "enum", + "members": { + "DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLED" + } + }, + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + } + }, + "traits": { + "smithy.api#documentation": "To include a timecode track in your MP4 output: Choose Enabled. MediaConvert writes the timecode track in the Null Media Header box (NMHD), without any timecode text formatting information. You can also specify dropframe or non-dropframe timecode under the Drop Frame Timecode setting. To not include a timecode track: Keep the default value, Disabled." + } + }, "com.amazonaws.mediaconvert#TimedMetadata": { "type": "enum", "members": { @@ -24262,7 +24336,7 @@ "DropFrameTimecode": { "target": "com.amazonaws.mediaconvert#DropFrameTimecode", "traits": { - "smithy.api#documentation": "Applies only to 29.97 fps outputs. When this feature is enabled, the service will use drop-frame timecode on outputs. If it is not possible to use drop-frame timecode, the system will fall back to non-drop-frame. This setting is enabled by default when Timecode insertion is enabled.", + "smithy.api#documentation": "Applies only to 29.97 fps outputs. When this feature is enabled, the service will use drop-frame timecode on outputs. If it is not possible to use drop-frame timecode, the system will fall back to non-drop-frame. This setting is enabled by default when Timecode insertion or Timecode track is enabled.", "smithy.api#jsonName": "dropFrameTimecode" } }, @@ -24315,6 +24389,13 @@ "smithy.api#jsonName": "timecodeInsertion" } }, + "TimecodeTrack": { + "target": "com.amazonaws.mediaconvert#TimecodeTrack", + "traits": { + "smithy.api#documentation": "To include a timecode track in your MP4 output: Choose Enabled. MediaConvert writes the timecode track in the Null Media Header box (NMHD), without any timecode text formatting information. You can also specify dropframe or non-dropframe timecode under the Drop Frame Timecode setting. To not include a timecode track: Keep the default value, Disabled.", + "smithy.api#jsonName": "timecodeTrack" + } + }, "VideoPreprocessors": { "target": "com.amazonaws.mediaconvert#VideoPreprocessor", "traits": { @@ -27478,6 +27559,34 @@ } } }, + "com.amazonaws.mediaconvert#__stringMax2048": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 2048 + } + } + }, + "com.amazonaws.mediaconvert#__stringMax2048PatternS3Https": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 2048 + }, + "smithy.api#pattern": "^s3://([^\\/]+\\/+)+((([^\\/]*)))|^https?://[^\\/].*[^&]$" + } + }, + "com.amazonaws.mediaconvert#__stringMax256": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 256 + } + } + }, "com.amazonaws.mediaconvert#__stringMin0": { "type": "string", "traits": { @@ -27586,14 +27695,14 @@ } } }, - "com.amazonaws.mediaconvert#__stringMin1Max2048PatternArnAwsAwsUsGovAwsCnSecretsmanagerUsGovApCaCnEuSaCentralNorthSouthEastWestDD12SecretAZAZ09": { + "com.amazonaws.mediaconvert#__stringMin1Max2048PatternArnAZSecretsmanagerWD12SecretAZAZ09": { "type": "string", "traits": { "smithy.api#length": { "min": 1, "max": 2048 }, - "smithy.api#pattern": "^(arn:(aws|aws-us-gov|aws-cn):secretsmanager:(us(-gov)?|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-\\d:\\d{12}:secret:)?[a-zA-Z0-9_\\/_+=.@-]*$" + "smithy.api#pattern": "^(arn:[a-z-]+:secretsmanager:[\\w-]+:\\d{12}:secret:)?[a-zA-Z0-9_\\/_+=.@-]*$" } }, "com.amazonaws.mediaconvert#__stringMin1Max256": { diff --git a/codegen/sdk/aws-models/medialive.json b/codegen/sdk/aws-models/medialive.json index acee1eed363..0c40fa229f7 100644 --- a/codegen/sdk/aws-models/medialive.json +++ b/codegen/sdk/aws-models/medialive.json @@ -3555,6 +3555,13 @@ "smithy.api#documentation": "Anywhere settings for this channel.", "smithy.api#jsonName": "anywhereSettings" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "Requested engine version for this channel.", + "smithy.api#jsonName": "channelEngineVersion" + } } }, "traits": { @@ -3596,6 +3603,43 @@ "smithy.api#documentation": "Placeholder documentation for ChannelEgressEndpoint" } }, + "com.amazonaws.medialive#ChannelEngineVersionRequest": { + "type": "structure", + "members": { + "Version": { + "target": "com.amazonaws.medialive#__string", + "traits": { + "smithy.api#documentation": "The build identifier of the engine version to use for this channel. Specify 'DEFAULT' to reset to the default version.", + "smithy.api#jsonName": "version" + } + } + }, + "traits": { + "smithy.api#documentation": "Placeholder documentation for ChannelEngineVersionRequest" + } + }, + "com.amazonaws.medialive#ChannelEngineVersionResponse": { + "type": "structure", + "members": { + "ExpirationDate": { + "target": "com.amazonaws.medialive#__timestampIso8601", + "traits": { + "smithy.api#documentation": "The UTC time when the version expires.", + "smithy.api#jsonName": "expirationDate" + } + }, + "Version": { + "target": "com.amazonaws.medialive#__string", + "traits": { + "smithy.api#documentation": "The build identifier for this version of the channel version.", + "smithy.api#jsonName": "version" + } + } + }, + "traits": { + "smithy.api#documentation": "Placeholder documentation for ChannelEngineVersionResponse" + } + }, "com.amazonaws.medialive#ChannelPipelineIdToRestart": { "type": "enum", "members": { @@ -3860,6 +3904,20 @@ "smithy.api#documentation": "AnywhereSettings settings for this channel.", "smithy.api#jsonName": "anywhereSettings" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "The engine version that you requested for this channel.", + "smithy.api#jsonName": "channelEngineVersion" + } + }, + "UsedChannelEngineVersions": { + "target": "com.amazonaws.medialive#__listOfChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "The engine version that the running pipelines are using.", + "smithy.api#jsonName": "usedChannelEngineVersions" + } } }, "traits": { @@ -4478,6 +4536,34 @@ "smithy.api#documentation": "Number of milliseconds to delay the output from the second pipeline.", "smithy.api#jsonName": "sendDelayMs" } + }, + "KlvBehavior": { + "target": "com.amazonaws.medialive#CmafKLVBehavior", + "traits": { + "smithy.api#documentation": "If set to passthrough, passes any KLV data from the input source to this output.", + "smithy.api#jsonName": "klvBehavior" + } + }, + "KlvNameModifier": { + "target": "com.amazonaws.medialive#__stringMax100", + "traits": { + "smithy.api#documentation": "Change the modifier that MediaLive automatically adds to the Streams() name that identifies a KLV track. The default is \"klv\", which means the default name will be Streams(klv.cmfm). Any string you enter here will replace the \"klv\" string.\\nThe modifier can only contain: numbers, letters, plus (+), minus (-), underscore (_) and period (.) and has a maximum length of 100 characters.", + "smithy.api#jsonName": "klvNameModifier" + } + }, + "NielsenId3NameModifier": { + "target": "com.amazonaws.medialive#__stringMax100", + "traits": { + "smithy.api#documentation": "Change the modifier that MediaLive automatically adds to the Streams() name that identifies a Nielsen ID3 track. The default is \"nid3\", which means the default name will be Streams(nid3.cmfm). Any string you enter here will replace the \"nid3\" string.\\nThe modifier can only contain: numbers, letters, plus (+), minus (-), underscore (_) and period (.) and has a maximum length of 100 characters.", + "smithy.api#jsonName": "nielsenId3NameModifier" + } + }, + "Scte35NameModifier": { + "target": "com.amazonaws.medialive#__stringMax100", + "traits": { + "smithy.api#documentation": "Change the modifier that MediaLive automatically adds to the Streams() name for a SCTE 35 track. The default is \"scte\", which means the default name will be Streams(scte.cmfm). Any string you enter here will replace the \"scte\" string.\\nThe modifier can only contain: numbers, letters, plus (+), minus (-), underscore (_) and period (.) and has a maximum length of 100 characters.", + "smithy.api#jsonName": "scte35NameModifier" + } } }, "traits": { @@ -4519,6 +4605,26 @@ "smithy.api#documentation": "Cmaf Ingest Segment Length Units" } }, + "com.amazonaws.medialive#CmafKLVBehavior": { + "type": "enum", + "members": { + "NO_PASSTHROUGH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NO_PASSTHROUGH" + } + }, + "PASSTHROUGH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PASSTHROUGH" + } + } + }, + "traits": { + "smithy.api#documentation": "Cmaf KLVBehavior" + } + }, "com.amazonaws.medialive#CmafNielsenId3Behavior": { "type": "enum", "members": { @@ -4954,6 +5060,19 @@ "smithy.api#documentation": "The Elemental Anywhere settings for this channel.", "smithy.api#jsonName": "anywhereSettings" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionRequest", + "traits": { + "smithy.api#documentation": "The desired engine version for this channel.", + "smithy.api#jsonName": "channelEngineVersion" + } + }, + "DryRun": { + "target": "com.amazonaws.medialive#__boolean", + "traits": { + "smithy.api#jsonName": "dryRun" + } } }, "traits": { @@ -7505,6 +7624,13 @@ "smithy.api#documentation": "Anywhere settings for this channel.", "smithy.api#jsonName": "anywhereSettings" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "Requested engine version for this channel.", + "smithy.api#jsonName": "channelEngineVersion" + } } }, "traits": { @@ -9567,6 +9693,13 @@ "smithy.api#documentation": "Anywhere settings for this channel.", "smithy.api#jsonName": "anywhereSettings" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "Requested engine version for this channel.", + "smithy.api#jsonName": "channelEngineVersion" + } } }, "traits": { @@ -14195,7 +14328,7 @@ "TimedMetadataBehavior": { "target": "com.amazonaws.medialive#Fmp4TimedMetadataBehavior", "traits": { - "smithy.api#documentation": "When set to passthrough, timed metadata is passed through from input to output.", + "smithy.api#documentation": "Set to PASSTHROUGH to enable ID3 metadata insertion. To include metadata, you configure other parameters in the output group or individual outputs, or you add an ID3 action to the channel schedule.", "smithy.api#jsonName": "timedMetadataBehavior" } } @@ -17862,20 +17995,20 @@ "Tag": { "target": "com.amazonaws.medialive#__string", "traits": { - "smithy.api#documentation": "ID3 tag to insert into each segment. Supports special keyword identifiers to substitute in segment-related values.\\nSupported keyword identifiers: https://docs.aws.amazon.com/medialive/latest/ug/variable-data-identifiers.html", + "smithy.api#documentation": "Complete this parameter if you want to specify only the metadata, not the entire frame. MediaLive will insert the metadata in a TXXX frame. Enter the value as plain text. You can include standard MediaLive variable data such as the current segment number.", "smithy.api#jsonName": "tag" } }, "Id3": { "target": "com.amazonaws.medialive#__string", "traits": { - "smithy.api#documentation": "Base64 string formatted according to the ID3 specification: http://id3.org/id3v2.4.0-structure", + "smithy.api#documentation": "Complete this parameter if you want to specify the entire ID3 metadata. Enter a base64 string that contains one or more fully formed ID3 tags, according to the ID3 specification: http://id3.org/id3v2.4.0-structure", "smithy.api#jsonName": "id3" } } }, "traits": { - "smithy.api#documentation": "Settings for the action to insert a user-defined ID3 tag in each HLS segment" + "smithy.api#documentation": "Settings for the action to insert ID3 metadata in every segment, in HLS output groups." } }, "com.amazonaws.medialive#HlsId3SegmentTaggingState": { @@ -18382,14 +18515,14 @@ "target": "com.amazonaws.medialive#__string", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "Base64 string formatted according to the ID3 specification: http://id3.org/id3v2.4.0-structure", + "smithy.api#documentation": "Enter a base64 string that contains one or more fully formed ID3 tags.See the ID3 specification: http://id3.org/id3v2.4.0-structure", "smithy.api#jsonName": "id3", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "Settings for the action to emit HLS metadata" + "smithy.api#documentation": "Settings for the action to insert ID3 metadata (as a one-time action) in HLS output groups." } }, "com.amazonaws.medialive#HlsTsFileMode": { @@ -22738,6 +22871,73 @@ "smithy.api#output": {} } }, + "com.amazonaws.medialive#ListVersions": { + "type": "operation", + "input": { + "target": "com.amazonaws.medialive#ListVersionsRequest" + }, + "output": { + "target": "com.amazonaws.medialive#ListVersionsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.medialive#BadGatewayException" + }, + { + "target": "com.amazonaws.medialive#BadRequestException" + }, + { + "target": "com.amazonaws.medialive#ConflictException" + }, + { + "target": "com.amazonaws.medialive#ForbiddenException" + }, + { + "target": "com.amazonaws.medialive#GatewayTimeoutException" + }, + { + "target": "com.amazonaws.medialive#InternalServerErrorException" + }, + { + "target": "com.amazonaws.medialive#NotFoundException" + }, + { + "target": "com.amazonaws.medialive#TooManyRequestsException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves an array of all the encoder engine versions that are available in this AWS account.", + "smithy.api#http": { + "method": "GET", + "uri": "/prod/versions", + "code": 200 + } + } + }, + "com.amazonaws.medialive#ListVersionsRequest": { + "type": "structure", + "members": {}, + "traits": { + "smithy.api#documentation": "Placeholder documentation for ListVersionsRequest", + "smithy.api#input": {} + } + }, + "com.amazonaws.medialive#ListVersionsResponse": { + "type": "structure", + "members": { + "Versions": { + "target": "com.amazonaws.medialive#__listOfChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "List of engine versions that are available for this AWS account.", + "smithy.api#jsonName": "versions" + } + } + }, + "traits": { + "smithy.api#documentation": "Placeholder documentation for ListVersionsResponse", + "smithy.api#output": {} + } + }, "com.amazonaws.medialive#LogLevel": { "type": "enum", "members": { @@ -23701,7 +23901,7 @@ "TimedMetadataBehavior": { "target": "com.amazonaws.medialive#M3u8TimedMetadataBehavior", "traits": { - "smithy.api#documentation": "When set to passthrough, timed metadata is passed through from input to output.", + "smithy.api#documentation": "Set to PASSTHROUGH to enable ID3 metadata insertion. To include metadata, you configure other parameters in the output group or individual outputs, or you add an ID3 action to the channel schedule.", "smithy.api#jsonName": "timedMetadataBehavior" } }, @@ -24189,6 +24389,9 @@ { "target": "com.amazonaws.medialive#ListTagsForResource" }, + { + "target": "com.amazonaws.medialive#ListVersions" + }, { "target": "com.amazonaws.medialive#PurchaseOffering" }, @@ -25157,6 +25360,20 @@ "smithy.api#documentation": "ID of the channel in MediaPackage that is the destination for this output group. You do not need to specify the individual inputs in MediaPackage; MediaLive will handle the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same region.", "smithy.api#jsonName": "channelId" } + }, + "ChannelGroup": { + "target": "com.amazonaws.medialive#__stringMin1", + "traits": { + "smithy.api#documentation": "Name of the channel group in MediaPackageV2. Only use if you are sending CMAF Ingest output to a CMAF ingest endpoint on a MediaPackage channel that uses MediaPackage v2.", + "smithy.api#jsonName": "channelGroup" + } + }, + "ChannelName": { + "target": "com.amazonaws.medialive#__stringMin1", + "traits": { + "smithy.api#documentation": "Name of the channel in MediaPackageV2. Only use if you are sending CMAF Ingest output to a CMAF ingest endpoint on a MediaPackage channel that uses MediaPackage v2.", + "smithy.api#jsonName": "channelName" + } } }, "traits": { @@ -27909,6 +28126,13 @@ "smithy.api#documentation": "Pipeline ID", "smithy.api#jsonName": "pipelineId" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "Current engine version of the encoder for this pipeline.", + "smithy.api#jsonName": "channelEngineVersion" + } } }, "traits": { @@ -29027,6 +29251,13 @@ "smithy.api#documentation": "Anywhere settings for this channel.", "smithy.api#jsonName": "anywhereSettings" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "Requested engine version for this channel.", + "smithy.api#jsonName": "channelEngineVersion" + } } }, "traits": { @@ -29362,14 +29593,14 @@ "HlsId3SegmentTaggingSettings": { "target": "com.amazonaws.medialive#HlsId3SegmentTaggingScheduleActionSettings", "traits": { - "smithy.api#documentation": "Action to insert HLS ID3 segment tagging", + "smithy.api#documentation": "Action to insert ID3 metadata in every segment, in HLS output groups", "smithy.api#jsonName": "hlsId3SegmentTaggingSettings" } }, "HlsTimedMetadataSettings": { "target": "com.amazonaws.medialive#HlsTimedMetadataScheduleActionSettings", "traits": { - "smithy.api#documentation": "Action to insert HLS metadata", + "smithy.api#documentation": "Action to insert ID3 metadata once, in HLS output groups", "smithy.api#jsonName": "hlsTimedMetadataSettings" } }, @@ -31073,6 +31304,13 @@ "smithy.api#documentation": "Anywhere settings for this channel.", "smithy.api#jsonName": "anywhereSettings" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "Requested engine version for this channel.", + "smithy.api#jsonName": "channelEngineVersion" + } } }, "traits": { @@ -32389,6 +32627,13 @@ "smithy.api#documentation": "Anywhere settings for this channel.", "smithy.api#jsonName": "anywhereSettings" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionResponse", + "traits": { + "smithy.api#documentation": "Requested engine version for this channel.", + "smithy.api#jsonName": "channelEngineVersion" + } } }, "traits": { @@ -33880,6 +34125,19 @@ "smithy.api#documentation": "An optional Amazon Resource Name (ARN) of the role to assume when running the Channel. If you do not specify this on an update call but the role was previously set that role will be removed.", "smithy.api#jsonName": "roleArn" } + }, + "ChannelEngineVersion": { + "target": "com.amazonaws.medialive#ChannelEngineVersionRequest", + "traits": { + "smithy.api#documentation": "Channel engine version for this channel", + "smithy.api#jsonName": "channelEngineVersion" + } + }, + "DryRun": { + "target": "com.amazonaws.medialive#__boolean", + "traits": { + "smithy.api#jsonName": "dryRun" + } } }, "traits": { @@ -37107,6 +37365,15 @@ "smithy.api#documentation": "Placeholder documentation for __listOfChannelEgressEndpoint" } }, + "com.amazonaws.medialive#__listOfChannelEngineVersionResponse": { + "type": "list", + "member": { + "target": "com.amazonaws.medialive#ChannelEngineVersionResponse" + }, + "traits": { + "smithy.api#documentation": "Placeholder documentation for __listOfChannelEngineVersionResponse" + } + }, "com.amazonaws.medialive#__listOfChannelPipelineIdToRestart": { "type": "list", "member": { @@ -37870,6 +38137,16 @@ "smithy.api#documentation": "Placeholder documentation for __string" } }, + "com.amazonaws.medialive#__stringMax100": { + "type": "string", + "traits": { + "smithy.api#documentation": "Placeholder documentation for __stringMax100", + "smithy.api#length": { + "min": 0, + "max": 100 + } + } + }, "com.amazonaws.medialive#__stringMax1000": { "type": "string", "traits": { diff --git a/codegen/sdk/aws-models/mwaa.json b/codegen/sdk/aws-models/mwaa.json index 161364d6708..99d50643a87 100644 --- a/codegen/sdk/aws-models/mwaa.json +++ b/codegen/sdk/aws-models/mwaa.json @@ -1136,7 +1136,7 @@ "AirflowVersion": { "target": "com.amazonaws.mwaa#AirflowVersion", "traits": { - "smithy.api#documentation": "The Apache Airflow version for your environment. If no value is specified, it defaults to the latest version.\n For more information, see Apache Airflow versions on Amazon Managed Workflows for Apache Airflow (Amazon MWAA).
\nValid values: 1.10.12, 2.0.2, 2.2.2,\n 2.4.3, 2.5.1, 2.6.3, 2.7.2,\n 2.8.1, 2.9.2, and 2.10.1.
The Apache Airflow version for your environment. If no value is specified, it defaults to the latest version.\n For more information, see Apache Airflow versions on Amazon Managed Workflows for Apache Airflow (Amazon MWAA).
\nValid values: 1.10.12, 2.0.2, 2.2.2,\n 2.4.3, 2.5.1, 2.6.3, 2.7.2,\n 2.8.1, 2.9.2, 2.10.1, and 2.10.3.
The Apache Airflow version on your environment.
\nValid values: 1.10.12, 2.0.2, 2.2.2,\n 2.4.3, 2.5.1, 2.6.3, 2.7.2,\n 2.8.1, 2.9.2, and 2.10.1.
The Apache Airflow version on your environment.
\nValid values: 1.10.12, 2.0.2, 2.2.2,\n 2.4.3, 2.5.1, 2.6.3, 2.7.2,\n 2.8.1, 2.9.2, 2.10.1, and 2.10.3.
The Apache Airflow version for your environment. To upgrade your environment, specify a newer version of Apache Airflow supported by Amazon MWAA.
\nBefore you upgrade an environment, make sure your requirements, DAGs, plugins, and other resources used in your workflows are compatible with the new Apache Airflow version. For more information about updating\n your resources, see Upgrading an Amazon MWAA environment.
\nValid values: 1.10.12, 2.0.2, 2.2.2,\n 2.4.3, 2.5.1, 2.6.3, 2.7.2,\n 2.8.1, 2.9.2, and 2.10.1.
The Apache Airflow version for your environment. To upgrade your environment, specify a newer version of Apache Airflow supported by Amazon MWAA.
\nBefore you upgrade an environment, make sure your requirements, DAGs, plugins, and other resources used in your workflows are compatible with the new Apache Airflow version. For more information about updating\n your resources, see Upgrading an Amazon MWAA environment.
\nValid values: 1.10.12, 2.0.2, 2.2.2,\n 2.4.3, 2.5.1, 2.6.3, 2.7.2,\n 2.8.1, 2.9.2, 2.10.1, and 2.10.3.
This is the API Reference for Network Firewall. This guide is for developers who need\n detailed information about the Network Firewall API actions, data types, and errors.
\nThe REST API requires you to handle connection details, such as calculating\n signatures, handling request retries, and error handling. For general information\n about using the Amazon Web Services REST APIs, see Amazon Web Services APIs.
\nTo access Network Firewall using the REST API endpoint:\n https://network-firewall.\n
Alternatively, you can use one of the Amazon Web Services SDKs to access an API that's tailored to\n the programming language or platform that you're using. For more information, see\n Amazon Web Services SDKs.
\nFor descriptions of Network Firewall features, including and step-by-step\n instructions on how to use them through the Network Firewall console, see the Network Firewall Developer\n Guide.
\nNetwork Firewall is a stateful, managed, network firewall and intrusion detection and\n prevention service for Amazon Virtual Private Cloud (Amazon VPC). With Network Firewall, you can filter traffic at the\n perimeter of your VPC. This includes filtering traffic going to and coming from an internet\n gateway, NAT gateway, or over VPN or Direct Connect. Network Firewall uses rules that are compatible\n with Suricata, a free, open source network analysis and threat detection engine.
\nYou can use Network Firewall to monitor and protect your VPC traffic in a number of ways.\n The following are just a few examples:
\nAllow domains or IP addresses for known Amazon Web Services service endpoints, such as Amazon S3, and\n block all other forms of traffic.
\nUse custom lists of known bad domains to limit the types of domain names that your\n applications can access.
\nPerform deep packet inspection on traffic entering or leaving your VPC.
\nUse stateful protocol detection to filter protocols like HTTPS, regardless of the\n port used.
\nTo enable Network Firewall for your VPCs, you perform steps in both Amazon VPC and in\n Network Firewall. For information about using Amazon VPC, see Amazon VPC User Guide.
\nTo start using Network Firewall, do the following:
\n(Optional) If you don't already have a VPC that you want to protect, create it in\n Amazon VPC.
\nIn Amazon VPC, in each Availability Zone where you want to have a firewall endpoint, create a\n subnet for the sole use of Network Firewall.
\nIn Network Firewall, create stateless and stateful rule groups,\n to define the components of the network traffic filtering behavior that you want your firewall to have.
\nIn Network Firewall, create a firewall policy that uses your rule groups and\n specifies additional default traffic filtering behavior.
\nIn Network Firewall, create a firewall and specify your new firewall policy and\n VPC subnets. Network Firewall creates a firewall endpoint in each subnet that you\n specify, with the behavior that's defined in the firewall policy.
\nIn Amazon VPC, use ingress routing enhancements to route traffic through the new firewall\n endpoints.
\nThis is the API Reference for Network Firewall. This guide is for developers who need\n detailed information about the Network Firewall API actions, data types, and errors.
\nThe REST API requires you to handle connection details, such as calculating\n signatures, handling request retries, and error handling. For general information\n about using the Amazon Web Services REST APIs, see Amazon Web Services APIs.
\nTo view the complete list of Amazon Web Services Regions where Network Firewall is available, see\n Service\n endpoints and quotas in the Amazon Web Services General\n Reference.\n
\nTo access Network Firewall using the IPv4 REST API endpoint:\n https://network-firewall.\n
To access Network Firewall using the Dualstack (IPv4 and IPv6) REST API endpoint:\n https://network-firewall.\n
Alternatively, you can use one of the Amazon Web Services SDKs to access an API that's tailored to\n the programming language or platform that you're using. For more information, see\n Amazon Web Services SDKs.
\nFor descriptions of Network Firewall features, including and step-by-step\n instructions on how to use them through the Network Firewall console, see the Network Firewall Developer\n Guide.
\nNetwork Firewall is a stateful, managed, network firewall and intrusion detection and\n prevention service for Amazon Virtual Private Cloud (Amazon VPC). With Network Firewall, you can filter traffic at the\n perimeter of your VPC. This includes filtering traffic going to and coming from an internet\n gateway, NAT gateway, or over VPN or Direct Connect. Network Firewall uses rules that are compatible\n with Suricata, a free, open source network analysis and threat detection engine.
\nYou can use Network Firewall to monitor and protect your VPC traffic in a number of ways.\n The following are just a few examples:
\nAllow domains or IP addresses for known Amazon Web Services service endpoints, such as Amazon S3, and\n block all other forms of traffic.
\nUse custom lists of known bad domains to limit the types of domain names that your\n applications can access.
\nPerform deep packet inspection on traffic entering or leaving your VPC.
\nUse stateful protocol detection to filter protocols like HTTPS, regardless of the\n port used.
\nTo enable Network Firewall for your VPCs, you perform steps in both Amazon VPC and in\n Network Firewall. For information about using Amazon VPC, see Amazon VPC User Guide.
\nTo start using Network Firewall, do the following:
\n(Optional) If you don't already have a VPC that you want to protect, create it in\n Amazon VPC.
\nIn Amazon VPC, in each Availability Zone where you want to have a firewall endpoint, create a\n subnet for the sole use of Network Firewall.
\nIn Network Firewall, create stateless and stateful rule groups,\n to define the components of the network traffic filtering behavior that you want your firewall to have.
\nIn Network Firewall, create a firewall policy that uses your rule groups and\n specifies additional default traffic filtering behavior.
\nIn Network Firewall, create a firewall and specify your new firewall policy and\n VPC subnets. Network Firewall creates a firewall endpoint in each subnet that you\n specify, with the behavior that's defined in the firewall policy.
\nIn Amazon VPC, use ingress routing enhancements to route traffic through the new firewall\n endpoints.
\nPerforming this operation violates a minimum or maximum value limit. For example,\n attempting to remove the last service control policy (SCP) from an OU or root, inviting\n or creating too many accounts to the organization, or attaching too many policies to an\n account, OU, or root. This exception includes a reason that contains additional\n information about the violated limit:
\nSome of the reasons in the following list might not be applicable to this specific\n API or operation.
\nACCOUNT_CANNOT_LEAVE_ORGANIZATION: You attempted to remove the management\n account from the organization. You can't remove the management account. Instead,\n after you remove all member accounts, delete the organization itself.
\nACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an\n account from the organization that doesn't yet have enough information to exist\n as a standalone account. This account requires you to first complete phone\n verification. Follow the steps at Removing a member account from your organization in the\n Organizations User Guide.
\nACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of\n accounts that you can create in one day.
\nACCOUNT_CREATION_NOT_COMPLETE: Your account setup isn't complete or your\n account isn't fully active. You must complete the account setup before you\n create an organization.
\nACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number\n of accounts in an organization. If you need more accounts, contact Amazon Web Services Support to\n request an increase in your limit.
\nOr the number of invitations that you tried to send would cause you to exceed\n the limit of accounts in your organization. Send fewer invitations or contact\n Amazon Web Services Support to request an increase in the number of accounts.
\nDeleted and closed accounts still count toward your limit.
\nIf you get this exception when running a command immediately after\n creating the organization, wait one hour and try again. After an hour, if\n the command continues to fail with this error, contact Amazon Web Services Support.
\nCANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot\n register a suspended account as a delegated administrator.
\nCANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to register\n the management account of the organization as a delegated administrator for an\n Amazon Web Services service integrated with Organizations. You can designate only a member account as a\n delegated administrator.
\nCANNOT_CLOSE_MANAGEMENT_ACCOUNT: You attempted to close the management\n account. To close the management account for the organization, you must first\n either remove or close all member accounts in the organization. Follow standard\n account closure process using root credentials.
\nCANNOT_REMOVE_DELEGATED_ADMINISTRATOR_FROM_ORG: You attempted to remove an\n account that is registered as a delegated administrator for a service integrated\n with your organization. To complete this operation, you must first deregister\n this account as a delegated administrator.
\nCLOSE_ACCOUNT_QUOTA_EXCEEDED: You have exceeded close account quota for the\n past 30 days.
\nCLOSE_ACCOUNT_REQUESTS_LIMIT_EXCEEDED: You attempted to exceed the number of\n accounts that you can close at a time.
\nCREATE_ORGANIZATION_IN_BILLING_MODE_UNSUPPORTED_REGION: To create an\n organization in the specified region, you must enable all features mode.
\nDELEGATED_ADMINISTRATOR_EXISTS_FOR_THIS_SERVICE: You attempted to register an\n Amazon Web Services account as a delegated administrator for an Amazon Web Services service that already has\n a delegated administrator. To complete this operation, you must first deregister\n any existing delegated administrators for this service.
\nEMAIL_VERIFICATION_CODE_EXPIRED: The email verification code is only valid for\n a limited period of time. You must resubmit the request and generate a new\n verfication code.
\nHANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of\n handshakes that you can send in one day.
\nINVALID_PAYMENT_INSTRUMENT: You cannot remove an account because no supported\n payment method is associated with the account. Amazon Web Services does not support cards\n issued by financial institutions in Russia or Belarus. For more information, see\n Managing your\n Amazon Web Services payments.
\nMASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in\n this organization, you first must migrate the organization's management account\n to the marketplace that corresponds to the management account's address. All\n accounts in an organization must be associated with the same marketplace.
\nMASTER_ACCOUNT_MISSING_BUSINESS_LICENSE: Applies only to the Amazon Web Services Regions in\n China. To create an organization, the master must have a valid business license.\n For more information, contact customer support.
\nMASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you must\n first provide a valid contact address and phone number for the management\n account. Then try the operation again.
\nMASTER_ACCOUNT_NOT_GOVCLOUD_ENABLED: To complete this operation, the\n management account must have an associated account in the Amazon Web Services GovCloud\n (US-West) Region. For more information, see Organizations\n in the \n Amazon Web Services GovCloud User Guide.
\nMASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with\n this management account, you first must associate a valid payment instrument,\n such as a credit card, with the account. For more information, see Considerations before removing an account from an organization in\n the Organizations User Guide.
\nMAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted to\n register more delegated administrators than allowed for the service principal.\n
\nMAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number\n of policies of a certain type that can be attached to an entity at one\n time.
\nMAX_TAG_LIMIT_EXCEEDED: You have exceeded the number of tags allowed on this\n resource.
\nMEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with\n this member account, you first must associate a valid payment instrument, such\n as a credit card, with the account. For more information, see Considerations before removing an account from an organization in\n the Organizations User Guide.
\nMIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy\n from an entity that would cause the entity to have fewer than the minimum number\n of policies of a certain type required.
\nORGANIZATION_NOT_IN_ALL_FEATURES_MODE: You attempted to perform an operation\n that requires the organization to be configured to support all features. An\n organization that supports only consolidated billing features can't perform this\n operation.
\nOU_DEPTH_LIMIT_EXCEEDED: You attempted to create an OU tree that is too many\n levels deep.
\nOU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of OUs that you\n can have in an organization.
\nPOLICY_CONTENT_LIMIT_EXCEEDED: You attempted to create a policy that is larger\n than the maximum size.
\nPOLICY_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of policies\n that you can have in an organization.
\nSERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated\n administrator before you enabled service access. Call the\n EnableAWSServiceAccess API first.
TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags\n that are not compliant with the tag policy requirements for this account.
\nWAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created.\n Invited accounts aren't subject to this waiting period.
\nPerforming this operation violates a minimum or maximum value limit. For example,\n attempting to remove the last service control policy (SCP) from an OU or root, inviting\n or creating too many accounts to the organization, or attaching too many policies to an\n account, OU, or root. This exception includes a reason that contains additional\n information about the violated limit:
\nSome of the reasons in the following list might not be applicable to this specific\n API or operation.
\nACCOUNT_CANNOT_LEAVE_ORGANIZATION: You attempted to remove the management\n account from the organization. You can't remove the management account. Instead,\n after you remove all member accounts, delete the organization itself.
\nACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an\n account from the organization that doesn't yet have enough information to exist\n as a standalone account. This account requires you to first complete phone\n verification. Follow the steps at Removing a member account from your organization in the\n Organizations User Guide.
\nACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of\n accounts that you can create in one day.
\nACCOUNT_CREATION_NOT_COMPLETE: Your account setup isn't complete or your\n account isn't fully active. You must complete the account setup before you\n create an organization.
\nACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number\n of accounts in an organization. If you need more accounts, contact Amazon Web Services Support to\n request an increase in your limit.
\nOr the number of invitations that you tried to send would cause you to exceed\n the limit of accounts in your organization. Send fewer invitations or contact\n Amazon Web Services Support to request an increase in the number of accounts.
\nDeleted and closed accounts still count toward your limit.
\nIf you get this exception when running a command immediately after\n creating the organization, wait one hour and try again. After an hour, if\n the command continues to fail with this error, contact Amazon Web Services Support.
\nALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED:\n Your organization has more than 5000 accounts, and you can only use the standard migration process for organizations with less than 5000 accounts.\n Use the assisted migration process to enable all features mode, or create a support case for assistance if you are unable to use assisted migration.
\nCANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot\n register a suspended account as a delegated administrator.
\nCANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to register\n the management account of the organization as a delegated administrator for an\n Amazon Web Services service integrated with Organizations. You can designate only a member account as a\n delegated administrator.
\nCANNOT_CLOSE_MANAGEMENT_ACCOUNT: You attempted to close the management\n account. To close the management account for the organization, you must first\n either remove or close all member accounts in the organization. Follow standard\n account closure process using root credentials.
\nCANNOT_REMOVE_DELEGATED_ADMINISTRATOR_FROM_ORG: You attempted to remove an\n account that is registered as a delegated administrator for a service integrated\n with your organization. To complete this operation, you must first deregister\n this account as a delegated administrator.
\nCLOSE_ACCOUNT_QUOTA_EXCEEDED: You have exceeded close account quota for the\n past 30 days.
\nCLOSE_ACCOUNT_REQUESTS_LIMIT_EXCEEDED: You attempted to exceed the number of\n accounts that you can close at a time.
\nCREATE_ORGANIZATION_IN_BILLING_MODE_UNSUPPORTED_REGION: To create an\n organization in the specified region, you must enable all features mode.
\nDELEGATED_ADMINISTRATOR_EXISTS_FOR_THIS_SERVICE: You attempted to register an\n Amazon Web Services account as a delegated administrator for an Amazon Web Services service that already has\n a delegated administrator. To complete this operation, you must first deregister\n any existing delegated administrators for this service.
\nEMAIL_VERIFICATION_CODE_EXPIRED: The email verification code is only valid for\n a limited period of time. You must resubmit the request and generate a new\n verfication code.
\nHANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of\n handshakes that you can send in one day.
\nINVALID_PAYMENT_INSTRUMENT: You cannot remove an account because no supported\n payment method is associated with the account. Amazon Web Services does not support cards\n issued by financial institutions in Russia or Belarus. For more information, see\n Managing your\n Amazon Web Services payments.
\nMASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in\n this organization, you first must migrate the organization's management account\n to the marketplace that corresponds to the management account's address. All\n accounts in an organization must be associated with the same marketplace.
\nMASTER_ACCOUNT_MISSING_BUSINESS_LICENSE: Applies only to the Amazon Web Services Regions in\n China. To create an organization, the master must have a valid business license.\n For more information, contact customer support.
\nMASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you must\n first provide a valid contact address and phone number for the management\n account. Then try the operation again.
\nMASTER_ACCOUNT_NOT_GOVCLOUD_ENABLED: To complete this operation, the\n management account must have an associated account in the Amazon Web Services GovCloud\n (US-West) Region. For more information, see Organizations\n in the \n Amazon Web Services GovCloud User Guide.
\nMASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with\n this management account, you first must associate a valid payment instrument,\n such as a credit card, with the account. For more information, see Considerations before removing an account from an organization in\n the Organizations User Guide.
\nMAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted to\n register more delegated administrators than allowed for the service principal.\n
\nMAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number\n of policies of a certain type that can be attached to an entity at one\n time.
\nMAX_TAG_LIMIT_EXCEEDED: You have exceeded the number of tags allowed on this\n resource.
\nMEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with\n this member account, you first must associate a valid payment instrument, such\n as a credit card, with the account. For more information, see Considerations before removing an account from an organization in\n the Organizations User Guide.
\nMIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy\n from an entity that would cause the entity to have fewer than the minimum number\n of policies of a certain type required.
\nORGANIZATION_NOT_IN_ALL_FEATURES_MODE: You attempted to perform an operation\n that requires the organization to be configured to support all features. An\n organization that supports only consolidated billing features can't perform this\n operation.
\nOU_DEPTH_LIMIT_EXCEEDED: You attempted to create an OU tree that is too many\n levels deep.
\nOU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of OUs that you\n can have in an organization.
\nPOLICY_CONTENT_LIMIT_EXCEEDED: You attempted to create a policy that is larger\n than the maximum size.
\nPOLICY_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of policies\n that you can have in an organization.
\nSERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated\n administrator before you enabled service access. Call the\n EnableAWSServiceAccess API first.
TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags\n that are not compliant with the tag policy requirements for this account.
\nWAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created.\n Invited accounts aren't subject to this waiting period.
\nStarts the specified capacity task. You can have one active capacity task per order or Outpost.
", + "smithy.api#documentation": "Starts the specified capacity task. You can have one active capacity task for each order and each Outpost.
", "smithy.api#http": { "method": "POST", "uri": "/outposts/{OutpostIdentifier}/capacity", @@ -6409,7 +6415,7 @@ "PowerConnector": { "target": "com.amazonaws.outposts#PowerConnector", "traits": { - "smithy.api#documentation": "The power connector that Amazon Web Services should plan to provide for connections to the hardware.\n Note the correlation between PowerPhase and PowerConnector.
Single-phase AC feed
\n\n L6-30P – (common in US); 30A; single phase
\n\n IEC309 (blue) – P+N+E, 6hr; 32 A; single\n phase
\nThree-phase AC feed
\n\n AH530P7W (red) – 3P+N+E, 7hr; 30A; three\n phase
\n\n AH532P6W (red) – 3P+N+E, 6hr; 32A; three\n phase
\nThe power connector that Amazon Web Services should plan to provide for connections to the hardware.\n Note the correlation between PowerPhase and PowerConnector.
Single-phase AC feed
\n\n L6-30P – (common in US); 30A; single phase
\n\n IEC309 (blue) – P+N+E, 6hr; 32 A; single\n phase
\nThree-phase AC feed
\n\n AH530P7W (red) – 3P+N+E, 7hr; 30A; three\n phase
\n\n AH532P6W (red) – 3P+N+E, 6hr; 32A; three\n phase
\n\n CS8365C – (common in US); 3P+E, 50A; three phase
\nThe association configurations for overriding behavior on this AI Agent.
" } + }, + "locale": { + "target": "com.amazonaws.qconnect#NonEmptyString", + "traits": { + "smithy.api#documentation": "The locale to which specifies the language and region settings that determine the response\n language for QueryAssistant.
\nChanging this locale to anything other than en_US will turn off\n recommendations triggered by contact transcripts for agent assistance, as this feature is\n not supported in multiple languages.
Configure AI Guardrail type when the PII entity is detected.
\nThe following PIIs are used to block or mask sensitive information:
\n\n General\n
\n\n ADDRESS\n
\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12,\n Building 123\". An address can include information such as the street, building,\n location, city, state, country, county, zip code, precinct, and neighborhood.
\n\n AGE\n
\nAn individual's age, including the quantity and unit of time. For example, in the\n phrase \"I am 40 years old,\" Guarrails recognizes \"40 years\" as an age.
\n\n NAME\n
\nAn individual's name. This entity type does not include titles, such as Dr., Mr.,\n Mrs., or Miss. AI Guardrail doesn't apply this entity type to names that are part of\n organizations or addresses. For example, AI Guardrail recognizes the \"John Doe\n Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n
\n\n EMAIL\n
\nAn email address, such as marymajor@email.com.
\n\n PHONE\n
\nA phone number. This entity type also includes fax and pager numbers.
\n\n USERNAME\n
\nA user name that identifies an account, such as a login name, screen name, nick\n name, or handle.
\n\n PASSWORD\n
\nAn alphanumeric string that is used as a password, such as \"*\n very20special#pass*\".
\n\n DRIVER_ID\n
\nThe number assigned to a driver's license, which is an official document\n permitting an individual to operate one or more motorized vehicles on a public road. A\n driver's license number consists of alphanumeric characters.
\n\n LICENSE_PLATE\n
\nA license plate for a vehicle is issued by the state or country where the vehicle\n is registered. The format for passenger vehicles is typically five to eight digits,\n consisting of upper-case letters and numbers. The format varies depending on the\n location of the issuing state or country.
\n\n VEHICLE_IDENTIFICATION_NUMBER\n
\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content\n and format are defined in the ISO 3779 specification. Each\n country has specific codes and formats for VINs.
\n\n Finance\n
\n\n REDIT_DEBIT_CARD_CVV\n
\nA three-digit card verification code (CVV) that is present on VISA, MasterCard,\n and Discover credit and debit cards. For American Express credit or debit cards, the\n CVV is a four-digit numeric code.
\n\n CREDIT_DEBIT_CARD_EXPIRY\n
\nThe expiration date for a credit or debit card. This number is usually four digits\n long and is often formatted as month/year or\n MM/YY. AI Guardrail recognizes expiration dates such as\n 01/21, 01/2021, and Jan\n 2021.
\n\n CREDIT_DEBIT_CARD_NUMBER\n
\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits\n in length. However, Amazon Comprehend also recognizes credit or debit card numbers\n when only the last four digits are present.
\n\n PIN\n
\nA four-digit personal identification number (PIN) with which you can access your\n bank account.
\n\n INTERNATIONAL_BANK_ACCOUNT_NUMBER\n
\nAn International Bank Account Number has specific formats in each country. For\n more information, see \n www.iban.com/structure.
\n\n SWIFT_CODE\n
\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a\n particular bank or branch. Banks use these codes for money transfers such as\n international wire transfers.
\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to\n specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer\n to the head or primary office.
\n\n IT\n
\n\n IP_ADDRESS\n
\nAn IPv4 address, such as 198.51.100.0.
\n\n MAC_ADDRESS\n
\nA media access control (MAC) address is a unique identifier\n assigned to a network interface controller (NIC).
\n\n URL\n
\nA web address, such as www.example.com.
\n\n AWS_ACCESS_KEY\n
\nA unique identifier that's associated with a secret access key; you use the access\n key ID and secret access key to sign programmatic Amazon Web Services requests\n cryptographically.
\n\n AWS_SECRET_KEY\n
\nA unique identifier that's associated with an access key. You use the access key\n ID and secret access key to sign programmatic Amazon Web Services requests\n cryptographically.
\n\n USA specific\n
\n\n US_BANK_ACCOUNT_NUMBER\n
\nA US bank account number, which is typically 10 to 12 digits long.
\n\n US_BANK_ROUTING_NUMBER\n
\nA US bank account routing number. These are typically nine digits long,
\n\n US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER\n
\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that\n starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be\n formatted with a space or a dash after the third and forth digits.
\n\n US_PASSPORT_NUMBER\n
\nA US passport number. Passport numbers range from six to nine alphanumeric\n characters.
\n\n US_SOCIAL_SECURITY_NUMBER\n
\nA US Social Security Number (SSN) is a nine-digit number that is issued to US\n citizens, permanent residents, and temporary working residents.
\n\n Canada specific\n
\n\n CA_HEALTH_NUMBER\n
\nA Canadian Health Service Number is a 10-digit unique identifier, required for\n individuals to access healthcare benefits.
\n\n CA_SOCIAL_INSURANCE_NUMBER\n
\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier,\n required for individuals to access government programs and benefits.
\nThe SIN is formatted as three groups of three digits, such as \n 123-456-789. A SIN can be validated through a simple check-digit process\n called the Luhn\n algorithm .
\n\n UK Specific\n
\n\n UK_NATIONAL_HEALTH_SERVICE_NUMBER\n
\nA UK National Health Service Number is a 10-17 digit number, such as 485\n 555 3456. The current system formats the 10-digit number with spaces\n after the third and sixth digits. The final digit is an error-detecting\n checksum.
\n\n UK_NATIONAL_INSURANCE_NUMBER\n
\nA UK National Insurance Number (NINO) provides individuals with access to National\n Insurance (social security) benefits. It is also used for some purposes in the UK tax\n system.
\nThe number is nine digits long and starts with two letters, followed by six\n numbers and one letter. A NINO can be formatted with a space or a dash after the two\n letters and after the second, forth, and sixth digits.
\n\n UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER\n
\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a\n taxpayer or a business.
\n\n Custom\n
\n\n Regex filter - You can use a regular expressions to\n define patterns for an AI Guardrail to recognize and act upon such as serial number,\n booking ID etc..
\nConfigure AI Guardrail type when the PII entity is detected.
\nThe following PIIs are used to block or mask sensitive information:
\n\n General\n
\n\n ADDRESS\n
\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12,\n Building 123\". An address can include information such as the street, building,\n location, city, state, country, county, zip code, precinct, and neighborhood.
\n\n AGE\n
\nAn individual's age, including the quantity and unit of time. For example, in the\n phrase \"I am 40 years old,\" Guarrails recognizes \"40 years\" as an age.
\n\n NAME\n
\nAn individual's name. This entity type does not include titles, such as Dr., Mr.,\n Mrs., or Miss. AI Guardrail doesn't apply this entity type to names that are part of\n organizations or addresses. For example, AI Guardrail recognizes the \"John Doe\n Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n
\n\n EMAIL\n
\nAn email address, such as marymajor@email.com.
\n\n PHONE\n
\nA phone number. This entity type also includes fax and pager numbers.
\n\n USERNAME\n
\nA user name that identifies an account, such as a login name, screen name, nick\n name, or handle.
\n\n PASSWORD\n
\nAn alphanumeric string that is used as a password, such as \"*\n very20special#pass*\".
\n\n DRIVER_ID\n
\nThe number assigned to a driver's license, which is an official document\n permitting an individual to operate one or more motorized vehicles on a public road. A\n driver's license number consists of alphanumeric characters.
\n\n LICENSE_PLATE\n
\nA license plate for a vehicle is issued by the state or country where the vehicle\n is registered. The format for passenger vehicles is typically five to eight digits,\n consisting of upper-case letters and numbers. The format varies depending on the\n location of the issuing state or country.
\n\n VEHICLE_IDENTIFICATION_NUMBER\n
\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content\n and format are defined in the ISO 3779 specification. Each\n country has specific codes and formats for VINs.
\n\n Finance\n
\n\n CREDIT_DEBIT_CARD_CVV\n
\nA three-digit card verification code (CVV) that is present on VISA, MasterCard,\n and Discover credit and debit cards. For American Express credit or debit cards, the\n CVV is a four-digit numeric code.
\n\n CREDIT_DEBIT_CARD_EXPIRY\n
\nThe expiration date for a credit or debit card. This number is usually four digits\n long and is often formatted as month/year or\n MM/YY. AI Guardrail recognizes expiration dates such as\n 01/21, 01/2021, and Jan\n 2021.
\n\n CREDIT_DEBIT_CARD_NUMBER\n
\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits\n in length. However, Amazon Comprehend also recognizes credit or debit card numbers\n when only the last four digits are present.
\n\n PIN\n
\nA four-digit personal identification number (PIN) with which you can access your\n bank account.
\n\n INTERNATIONAL_BANK_ACCOUNT_NUMBER\n
\nAn International Bank Account Number has specific formats in each country. For\n more information, see \n www.iban.com/structure.
\n\n SWIFT_CODE\n
\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a\n particular bank or branch. Banks use these codes for money transfers such as\n international wire transfers.
\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to\n specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer\n to the head or primary office.
\n\n IT\n
\n\n IP_ADDRESS\n
\nAn IPv4 address, such as 198.51.100.0.
\n\n MAC_ADDRESS\n
\nA media access control (MAC) address is a unique identifier\n assigned to a network interface controller (NIC).
\n\n URL\n
\nA web address, such as www.example.com.
\n\n AWS_ACCESS_KEY\n
\nA unique identifier that's associated with a secret access key; you use the access\n key ID and secret access key to sign programmatic Amazon Web Services requests\n cryptographically.
\n\n AWS_SECRET_KEY\n
\nA unique identifier that's associated with an access key. You use the access key\n ID and secret access key to sign programmatic Amazon Web Services requests\n cryptographically.
\n\n USA specific\n
\n\n US_BANK_ACCOUNT_NUMBER\n
\nA US bank account number, which is typically 10 to 12 digits long.
\n\n US_BANK_ROUTING_NUMBER\n
\nA US bank account routing number. These are typically nine digits long,
\n\n US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER\n
\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that\n starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be\n formatted with a space or a dash after the third and forth digits.
\n\n US_PASSPORT_NUMBER\n
\nA US passport number. Passport numbers range from six to nine alphanumeric\n characters.
\n\n US_SOCIAL_SECURITY_NUMBER\n
\nA US Social Security Number (SSN) is a nine-digit number that is issued to US\n citizens, permanent residents, and temporary working residents.
\n\n Canada specific\n
\n\n CA_HEALTH_NUMBER\n
\nA Canadian Health Service Number is a 10-digit unique identifier, required for\n individuals to access healthcare benefits.
\n\n CA_SOCIAL_INSURANCE_NUMBER\n
\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier,\n required for individuals to access government programs and benefits.
\nThe SIN is formatted as three groups of three digits, such as \n 123-456-789. A SIN can be validated through a simple check-digit process\n called the Luhn\n algorithm .
\n\n UK Specific\n
\n\n UK_NATIONAL_HEALTH_SERVICE_NUMBER\n
\nA UK National Health Service Number is a 10-17 digit number, such as 485\n 555 3456. The current system formats the 10-digit number with spaces\n after the third and sixth digits. The final digit is an error-detecting\n checksum.
\n\n UK_NATIONAL_INSURANCE_NUMBER\n
\nA UK National Insurance Number (NINO) provides individuals with access to National\n Insurance (social security) benefits. It is also used for some purposes in the UK tax\n system.
\nThe number is nine digits long and starts with two letters, followed by six\n numbers and one letter. A NINO can be formatted with a space or a dash after the two\n letters and after the second, forth, and sixth digits.
\n\n UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER\n
\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a\n taxpayer or a business.
\n\n Custom\n
\n\n Regex filter - You can use a regular expressions to\n define patterns for an AI Guardrail to recognize and act upon such as serial number,\n booking ID etc..
\nThe association configurations for overriding behavior on this AI Agent.
" } + }, + "locale": { + "target": "com.amazonaws.qconnect#NonEmptyString", + "traits": { + "smithy.api#documentation": "The locale to which specifies the language and region settings that determine the response\n language for QueryAssistant.
" + } } }, "traits": { diff --git a/codegen/sdk/aws-models/quicksight.json b/codegen/sdk/aws-models/quicksight.json index c949cbe8c3c..8f68cab4baa 100644 --- a/codegen/sdk/aws-models/quicksight.json +++ b/codegen/sdk/aws-models/quicksight.json @@ -9141,6 +9141,12 @@ "traits": { "smithy.api#documentation": "When you create the dataset, Amazon QuickSight adds the dataset to these folders.
" } + }, + "PerformanceConfiguration": { + "target": "com.amazonaws.quicksight#PerformanceConfiguration", + "traits": { + "smithy.api#documentation": "The configuration for the performance optimization of the dataset that contains a UniqueKey configuration.
The parameters that are declared in a dataset.
" } + }, + "PerformanceConfiguration": { + "target": "com.amazonaws.quicksight#PerformanceConfiguration", + "traits": { + "smithy.api#documentation": "The performance optimization configuration of a dataset.
" + } } }, "traits": { @@ -40442,6 +40454,20 @@ } } }, + "com.amazonaws.quicksight#PerformanceConfiguration": { + "type": "structure", + "members": { + "UniqueKeys": { + "target": "com.amazonaws.quicksight#UniqueKeyList", + "traits": { + "smithy.api#documentation": "A UniqueKey configuration.
The configuration for the performance optimization of the dataset that contains a UniqueKey configuration.
The name of the column that is referenced in the UniqueKey configuration.
A UniqueKey configuration that references a dataset column.
The parameter declarations of the dataset.
" } + }, + "PerformanceConfiguration": { + "target": "com.amazonaws.quicksight#PerformanceConfiguration", + "traits": { + "smithy.api#documentation": "The configuration for the performance optimization of the dataset that contains a UniqueKey configuration.
The list of log types to enable.
" + "smithy.api#documentation": "The list of log types to enable.
\nThe following values are valid for each DB engine:
\nAurora MySQL - audit | error | general | slowquery\n
Aurora PostgreSQL - postgresql\n
RDS for MySQL - error | general | slowquery\n
RDS for PostgreSQL - postgresql | upgrade\n
The list of log types to disable.
" + "smithy.api#documentation": "The list of log types to disable.
\nThe following values are valid for each DB engine:
\nAurora MySQL - audit | error | general | slowquery\n
Aurora PostgreSQL - postgresql\n
RDS for MySQL - error | general | slowquery\n
RDS for PostgreSQL - postgresql | upgrade\n
Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. \n By default, minor engine upgrades are applied automatically.
\nValid for Cluster Type: Multi-AZ DB clusters only
" + "smithy.api#documentation": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. \n By default, minor engine upgrades are applied automatically.
\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster
" } }, "MonitoringInterval": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off \n collecting Enhanced Monitoring metrics, specify 0.
If MonitoringRoleArn is specified, also set MonitoringInterval\n to a value other than 0.
Valid for Cluster Type: Multi-AZ DB clusters only
\nValid Values: 0 | 1 | 5 | 10 | 15 | 30 | 60\n
Default: 0\n
The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off \n collecting Enhanced Monitoring metrics, specify 0.
If MonitoringRoleArn is specified, also set MonitoringInterval\n to a value other than 0.
Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
\nValid Values: 0 | 1 | 5 | 10 | 15 | 30 | 60\n
Default: 0\n
The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. \n An example is arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role,\n see Setting \n up and enabling Enhanced Monitoring in the Amazon RDS User Guide.
If MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn value.
Valid for Cluster Type: Multi-AZ DB clusters only
" + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. \n An example is arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role,\n see Setting \n up and enabling Enhanced Monitoring in the Amazon RDS User Guide.
If MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn value.
Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
" } }, "DatabaseInsightsMode": { "target": "com.amazonaws.rds#DatabaseInsightsMode", "traits": { - "smithy.api#documentation": "Specifies the mode of Database Insights to enable for the cluster.
" + "smithy.api#documentation": "The mode of Database Insights to enable for the DB cluster.
\nIf you set this value to advanced, you must also set the PerformanceInsightsEnabled\n parameter to true and the PerformanceInsightsRetentionPeriod parameter to 465.
Valid for Cluster Type: Aurora DB clusters only
" } }, "EnablePerformanceInsights": { "target": "com.amazonaws.rds#BooleanOptional", "traits": { - "smithy.api#documentation": "Specifies whether to turn on Performance Insights for the DB cluster.
\nFor more information, see \n Using Amazon Performance Insights in the Amazon RDS User Guide.
\nValid for Cluster Type: Multi-AZ DB clusters only
" + "smithy.api#documentation": "Specifies whether to turn on Performance Insights for the DB cluster.
\nFor more information, see \n Using Amazon Performance Insights in the Amazon RDS User Guide.
\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
" } }, "PerformanceInsightsKMSKeyId": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data.
\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
\nIf you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS \n uses your default KMS key. There is a default KMS key for your Amazon Web Services account. \n Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
Valid for Cluster Type: Multi-AZ DB clusters only
" + "smithy.api#documentation": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data.
\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
\nIf you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS \n uses your default KMS key. There is a default KMS key for your Amazon Web Services account. \n Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
" } }, "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "The number of days to retain Performance Insights data.
\nValid for Cluster Type: Multi-AZ DB clusters only
\nValid Values:
\n\n 7\n
\n month * 31, where month is a number of months from 1-23. \n Examples: 93 (3 months * 31), 341 (11 months * 31), 589 (19 months * 31)
\n 731\n
Default: 7 days
If you specify a retention period that isn't valid, such as 94, Amazon RDS issues an error.
The number of days to retain Performance Insights data.
\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
\nValid Values:
\n\n 7\n
\n month * 31, where month is a number of months from 1-23. \n Examples: 93 (3 months * 31), 341 (11 months * 31), 589 (19 months * 31)
\n 731\n
Default: 7 days
If you specify a retention period that isn't valid, such as 94, Amazon RDS issues an error.
Specifies the mode of Database Insights to enable for the instance.
" + "smithy.api#documentation": "The mode of Database Insights to enable for the DB instance.
\nThis setting only applies to Amazon Aurora DB instances.
\nCurrently, this value is inherited from the DB cluster and can't be changed.
\nSpecifies the mode of Database Insights.
" + "smithy.api#documentation": "The mode of Database Insights to enable for the read replica.
\nCurrently, this setting is not supported.
\nThe amount of storage (in gibibytes) to allocate initially for the read replica.\n Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough storage for your read replica so that the create operation can succeed.\n You can also allocate additional storage for future growth.
\nThe amount of storage (in gibibytes) to allocate initially for the read replica.\n Follow the allocation rules specified in CreateDBInstance.
This setting isn't valid for RDS for SQL Server.
\nBe sure to allocate enough storage for your read replica so that the create operation can succeed.\n You can also allocate additional storage for future growth.
\nIndicates whether minor version patches are applied automatically.
\nThis setting is only for non-Aurora Multi-AZ DB clusters.
" + "smithy.api#documentation": "Indicates whether minor version patches are applied automatically.
\nThis setting is for Aurora DB clusters and Multi-AZ DB clusters.
" } }, "MonitoringInterval": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster.
\nThis setting is only for non-Aurora Multi-AZ DB clusters.
" + "smithy.api#documentation": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster.
\nThis setting is only for -Aurora DB clusters and Multi-AZ DB clusters.
" } }, "MonitoringRoleArn": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "The ARN for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs.
\nThis setting is only for non-Aurora Multi-AZ DB clusters.
" + "smithy.api#documentation": "The ARN for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs.
\nThis setting is only for Aurora DB clusters and Multi-AZ DB clusters.
" } }, "DatabaseInsightsMode": { "target": "com.amazonaws.rds#DatabaseInsightsMode", "traits": { - "smithy.api#documentation": "The mode of Database Insights that is enabled for the cluster.
" + "smithy.api#documentation": "The mode of Database Insights that is enabled for the DB cluster.
" } }, "PerformanceInsightsEnabled": { "target": "com.amazonaws.rds#BooleanOptional", "traits": { - "smithy.api#documentation": "Indicates whether Performance Insights is enabled for the DB cluster.
\nThis setting is only for non-Aurora Multi-AZ DB clusters.
" + "smithy.api#documentation": "Indicates whether Performance Insights is enabled for the DB cluster.
\nThis setting is only for Aurora DB clusters and Multi-AZ DB clusters.
" } }, "PerformanceInsightsKMSKeyId": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data.
\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
\nThis setting is only for non-Aurora Multi-AZ DB clusters.
" + "smithy.api#documentation": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data.
\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
\nThis setting is only for Aurora DB clusters and Multi-AZ DB clusters.
" } }, "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "The number of days to retain Performance Insights data.
\nThis setting is only for non-Aurora Multi-AZ DB clusters.
\nValid Values:
\n\n 7\n
\n month * 31, where month is a number of months from 1-23. \n Examples: 93 (3 months * 31), 341 (11 months * 31), 589 (19 months * 31)
\n 731\n
Default: 7 days
The number of days to retain Performance Insights data.
\nThis setting is only for Aurora DB clusters and Multi-AZ DB clusters.
\nValid Values:
\n\n 7\n
\n month * 31, where month is a number of months from 1-23. \n Examples: 93 (3 months * 31), 341 (11 months * 31), 589 (19 months * 31)
\n 731\n
Default: 7 days
A specific source to return parameters for.
\nValid Values:
\n\n customer\n
\n engine\n
\n service\n
A specific source to return parameters for.
\nValid Values:
\n\n engine-default\n
\n system\n
\n user\n
This parameter isn't currently supported.
" + "smithy.api#documentation": "A filter that specifies one or more DB cluster parameters to describe.
\nThe only supported filter is parameter-name. The results list only includes information about the DB cluster parameters with these names.
This parameter isn't currently supported.
" + "smithy.api#documentation": "A filter that specifies one or more DB parameters to describe.
\nThe only supported filter is parameter-name. The results list only includes information about the DB parameters with these names.
This parameter isn't currently supported.
" + "smithy.api#documentation": "A filter that specifies one or more parameters to describe.
\nThe only supported filter is parameter-name. The results list only includes information about the parameters with these names.
Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. \n By default, minor engine upgrades are applied automatically.
\nValid for Cluster Type: Multi-AZ DB clusters only
" + "smithy.api#documentation": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. \n By default, minor engine upgrades are applied automatically.
\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
" } }, "MonitoringInterval": { @@ -21883,7 +21889,7 @@ "DatabaseInsightsMode": { "target": "com.amazonaws.rds#DatabaseInsightsMode", "traits": { - "smithy.api#documentation": "Specifies the mode of Database Insights to enable for the cluster.
" + "smithy.api#documentation": "Specifies the mode of Database Insights to enable for the DB cluster.
\nIf you change the value from standard to advanced, you must set the \n PerformanceInsightsEnabled parameter to true and the \n PerformanceInsightsRetentionPeriod parameter to 465.
If you change the value from advanced to standard, you must \n set the PerformanceInsightsEnabled parameter to false.
Valid for Cluster Type: Aurora DB clusters only
" } }, "EnablePerformanceInsights": { @@ -21895,13 +21901,13 @@ "PerformanceInsightsKMSKeyId": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data.
\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
\nIf you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS \n uses your default KMS key. There is a default KMS key for your Amazon Web Services account. \n Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
Valid for Cluster Type: Multi-AZ DB clusters only
" + "smithy.api#documentation": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data.
\nThe Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
\nIf you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS \n uses your default KMS key. There is a default KMS key for your Amazon Web Services account. \n Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
" } }, "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "The number of days to retain Performance Insights data.
\nValid for Cluster Type: Multi-AZ DB clusters only
\nValid Values:
\n\n 7\n
\n month * 31, where month is a number of months from 1-23. \n Examples: 93 (3 months * 31), 341 (11 months * 31), 589 (19 months * 31)
\n 731\n
Default: 7 days
If you specify a retention period that isn't valid, such as 94, Amazon RDS issues an error.
The number of days to retain Performance Insights data.
\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
\nValid Values:
\n\n 7\n
\n month * 31, where month is a number of months from 1-23. \n Examples: 93 (3 months * 31), 341 (11 months * 31), 589 (19 months * 31)
\n 731\n
Default: 7 days
If you specify a retention period that isn't valid, such as 94, Amazon RDS issues an error.
Specifies the mode of Database Insights to enable for the instance.
" + "smithy.api#documentation": "Specifies the mode of Database Insights to enable for the DB instance.
\nThis setting only applies to Amazon Aurora DB instances.
\nCurrently, this value is inherited from the DB cluster and can't be changed.
\nThe log types to be enabled for export to CloudWatch Logs for a \n specific DB instance.
\nA change to the CloudwatchLogsExportConfiguration parameter is always applied to the DB instance \n immediately. Therefore, the ApplyImmediately parameter has no effect.
This setting doesn't apply to RDS Custom DB instances.
" + "smithy.api#documentation": "The log types to be enabled for export to CloudWatch Logs for a \n specific DB instance.
\nA change to the CloudwatchLogsExportConfiguration parameter is always applied to the DB instance \n immediately. Therefore, the ApplyImmediately parameter has no effect.
This setting doesn't apply to RDS Custom DB instances.
\nThe following values are valid for each DB engine:
\nAurora MySQL - audit | error | general | slowquery\n
Aurora PostgreSQL - postgresql\n
RDS for MySQL - error | general | slowquery\n
RDS for PostgreSQL - postgresql | upgrade\n
For more information about exporting CloudWatch Logs for Amazon RDS, see \n Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide.
\nFor more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.
" } }, "ProcessorFeatures": { @@ -28283,7 +28289,7 @@ "AllocatedStorage": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "The amount of storage (in gibibytes) to allocate initially for the DB instance. Follow the allocation rules specified in\n CreateDBInstance.
\nBe sure to allocate enough storage for your new DB instance so that the restore operation can succeed. You can also\n allocate additional storage for future growth.
\nThe amount of storage (in gibibytes) to allocate initially for the DB instance. Follow the allocation rules specified in\n CreateDBInstance.
\nThis setting isn't valid for RDS for SQL Server.
\nBe sure to allocate enough storage for your new DB instance so that the restore operation can succeed. You can also\n allocate additional storage for future growth.
\nThe amount of storage (in gibibytes) to allocate initially for the DB instance.\n Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough storage for your new DB instance so that the restore operation can succeed.\n You can also allocate additional storage for future growth.
\nThe amount of storage (in gibibytes) to allocate initially for the DB instance.\n Follow the allocation rules specified in CreateDBInstance.
This setting isn't valid for RDS for SQL Server.
\nBe sure to allocate enough storage for your new DB instance so that the restore operation can succeed.\n You can also allocate additional storage for future growth.
\nSpecifies the mode of Database Insights to enable for the instance.
" + "smithy.api#documentation": "Specifies the mode of Database Insights to enable for the DB instance.
\nThis setting only applies to Amazon Aurora DB instances.
\nCurrently, this value is inherited from the DB cluster and can't be changed.
\nThe amount of storage (in gibibytes) to allocate initially for the DB instance.\n Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough storage for your new DB instance so that the restore operation can succeed.\n You can also allocate additional storage for future growth.
\nThe amount of storage (in gibibytes) to allocate initially for the DB instance.\n Follow the allocation rules specified in CreateDBInstance.
This setting isn't valid for RDS for SQL Server.
\nBe sure to allocate enough storage for your new DB instance so that the restore operation can succeed.\n You can also allocate additional storage for future growth.
\nAmazon Resource Name (ARN) of the Amazon CloudWatch alarm.
" + } + }, + "source": { + "target": "com.amazonaws.resiliencehub#String255", + "traits": { + "smithy.api#documentation": "Indicates the source of the Amazon CloudWatch alarm. That is, it indicates if the\n alarm was created using Resilience Hub recommendation (AwsResilienceHub),\n or if you had created the alarm in Amazon CloudWatch (Customer).
Indicates the Amazon CloudWatch alarm detected while running an assessment.
" + } + }, "com.amazonaws.resiliencehub#AlarmRecommendation": { "type": "structure", "members": { @@ -683,7 +703,7 @@ "complianceStatus": { "target": "com.amazonaws.resiliencehub#ComplianceStatus", "traits": { - "smithy.api#documentation": "Current\n status of compliance for the resiliency policy.
" + "smithy.api#documentation": "Current status of compliance for the resiliency policy.
" } }, "cost": { @@ -1146,7 +1166,7 @@ "appComponents": { "target": "com.amazonaws.resiliencehub#AppComponentNameList", "traits": { - "smithy.api#documentation": "Indicates the Application Components (AppComponents) that were assessed as part of the\n assessnent and are associated with the identified risk and recommendation.
\nThis property is available only in the US East (N. Virginia) Region.
\nIndicates the Application Components (AppComponents) that were assessed as part of the\n assessment and are associated with the identified risk and recommendation.
\nThis property is available only in the US East (N. Virginia) Region.
\nIndicates the identifier of an AppComponent.
" + } + }, "excludeReason": { "target": "com.amazonaws.resiliencehub#ExcludeRecommendationReason", "traits": { @@ -2549,7 +2575,7 @@ "diffType": { "target": "com.amazonaws.resiliencehub#DifferenceType", "traits": { - "smithy.api#documentation": "Difference type between actual and expected recovery point objective (RPO) and recovery\n time objective (RTO) values. Currently, Resilience Hub supports only\n NotEqual difference type.
Difference type between actual and expected recovery point objective (RPO) and recovery\n time objective (RTO) values. Currently, Resilience Hub supports only\n NotEqual difference type.
Amazon Resource Name (ARN) of the FIS experiment.
" + } + }, + "experimentTemplateId": { + "target": "com.amazonaws.resiliencehub#String255", + "traits": { + "smithy.api#documentation": "Identifier of the FIS experiment template.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Indicates the FIS experiment detected while running an assessment.
" + } + }, "com.amazonaws.resiliencehub#FailedGroupingRecommendationEntries": { "type": "list", "member": { @@ -7987,7 +8033,7 @@ "invokerRoleName": { "target": "com.amazonaws.resiliencehub#IamRoleName", "traits": { - "smithy.api#documentation": "Existing Amazon Web Services\n IAM role name in the primary Amazon Web Services account that will be assumed by\n Resilience Hub Service Principle to obtain a read-only access to your application\n resources while running an assessment.
\nYou must have iam:passRole permission for this role while creating or\n updating the application.
Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-]\n characters.
Existing Amazon Web Services\n IAM role name in the primary Amazon Web Services account that will be assumed by\n Resilience Hub Service Principle to obtain a read-only access to your application\n resources while running an assessment.
\nIf your IAM role includes a path, you must include the path in the invokerRoleName parameter. \n For example, if your IAM role's ARN is arn:aws:iam:123456789012:role/my-path/role-name, you should pass my-path/role-name.\n
You must have iam:passRole permission for this role while creating or\n updating the application.
Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-]\n characters.
Indicates the reason for excluding an operational recommendation.
" } + }, + "latestDiscoveredExperiment": { + "target": "com.amazonaws.resiliencehub#Experiment", + "traits": { + "smithy.api#documentation": "Indicates the experiment created in FIS that was discovered by Resilience Hub, which matches the recommendation.
" + } + }, + "discoveredAlarm": { + "target": "com.amazonaws.resiliencehub#Alarm", + "traits": { + "smithy.api#documentation": "Indicates the previously implemented Amazon CloudWatch alarm discovered by Resilience Hub.
" + } } }, "traits": { @@ -9205,7 +9263,7 @@ "hasMoreErrors": { "target": "com.amazonaws.resiliencehub#BooleanOptional", "traits": { - "smithy.api#documentation": " This indicates if there are more errors not listed in the\n resourceErrors\n list.
This indicates if there are more errors not listed in the resourceErrors\n list.
Indicates the identifier of the AppComponent.
" + } + }, "appComponentName": { "target": "com.amazonaws.resiliencehub#EntityId", "traits": { @@ -10924,6 +10988,12 @@ "smithy.api#required": {} } }, + "appComponentId": { + "target": "com.amazonaws.resiliencehub#EntityName255", + "traits": { + "smithy.api#documentation": "Indicates the identifier of the AppComponent.
" + } + }, "excludeReason": { "target": "com.amazonaws.resiliencehub#ExcludeRecommendationReason", "traits": { diff --git a/codegen/sdk/aws-models/route-53-domains.json b/codegen/sdk/aws-models/route-53-domains.json index 01bf154947e..f6f9ae86371 100644 --- a/codegen/sdk/aws-models/route-53-domains.json +++ b/codegen/sdk/aws-models/route-53-domains.json @@ -199,7 +199,7 @@ "InvoiceId": { "target": "com.amazonaws.route53domains#InvoiceId", "traits": { - "smithy.api#documentation": "The ID of the invoice that is associated with the billing record.
" + "smithy.api#documentation": "Deprecated property. This field is retained in report structure for backwards compatibility, but will appear blank.
" } }, "BillDate": { diff --git a/codegen/sdk/aws-models/s3.json b/codegen/sdk/aws-models/s3.json index e90ce50823c..611979516c7 100644 --- a/codegen/sdk/aws-models/s3.json +++ b/codegen/sdk/aws-models/s3.json @@ -60,7 +60,7 @@ } ], "traits": { - "smithy.api#documentation": "This operation aborts a multipart upload. After a multipart upload is aborted, no\n additional parts can be uploaded using that upload ID. The storage consumed by any\n previously uploaded parts will be freed. However, if any part uploads are currently in\n progress, those part uploads might or might not succeed. As a result, it might be necessary\n to abort a given multipart upload multiple times in order to completely free all storage\n consumed by all parts.
\nTo verify that all parts have been removed and prevent getting charged for the part\n storage, you should call the ListParts API operation and ensure\n that the parts list is empty.
\n\n Directory buckets - If multipart\n uploads in a directory bucket are in progress, you can't delete the bucket until\n all the in-progress multipart uploads are aborted or completed. To delete these\n in-progress multipart uploads, use the ListMultipartUploads operation\n to list the in-progress multipart uploads in the bucket and use the\n AbortMultipartUpload operation to abort all the in-progress\n multipart uploads.
\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - For\n information about permissions required to use the multipart upload, see\n Multipart Upload and\n Permissions in the Amazon S3 User Guide.
\n\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to AbortMultipartUpload:
\n UploadPart\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nThis operation aborts a multipart upload. After a multipart upload is aborted, no\n additional parts can be uploaded using that upload ID. The storage consumed by any\n previously uploaded parts will be freed. However, if any part uploads are currently in\n progress, those part uploads might or might not succeed. As a result, it might be necessary\n to abort a given multipart upload multiple times in order to completely free all storage\n consumed by all parts.
\nTo verify that all parts have been removed and prevent getting charged for the part\n storage, you should call the ListParts API operation and ensure\n that the parts list is empty.
\n\n Directory buckets - If multipart\n uploads in a directory bucket are in progress, you can't delete the bucket until\n all the in-progress multipart uploads are aborted or completed. To delete these\n in-progress multipart uploads, use the ListMultipartUploads operation\n to list the in-progress multipart uploads in the bucket and use the\n AbortMultipartUpload operation to abort all the in-progress\n multipart uploads.
\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - For\n information about permissions required to use the multipart upload, see\n Multipart Upload and\n Permissions in the Amazon S3 User Guide.
\n\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to AbortMultipartUpload:
\n UploadPart\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nCompletes a multipart upload by assembling previously uploaded parts.
\nYou first initiate the multipart upload and then upload all parts using the UploadPart\n operation or the UploadPartCopy operation.\n After successfully uploading all relevant parts of an upload, you call this\n CompleteMultipartUpload operation to complete the upload. Upon receiving\n this request, Amazon S3 concatenates all the parts in ascending order by part number to create a\n new object. In the CompleteMultipartUpload request, you must provide the parts list and\n ensure that the parts list is complete. The CompleteMultipartUpload API operation\n concatenates the parts that you provide in the list. For each part in the list, you must\n provide the PartNumber value and the ETag value that are returned\n after that part was uploaded.
The processing of a CompleteMultipartUpload request could take several minutes to\n finalize. After Amazon S3 begins processing the request, it sends an HTTP response header that\n specifies a 200 OK response. While processing is in progress, Amazon S3\n periodically sends white space characters to keep the connection from timing out. A request\n could fail after the initial 200 OK response has been sent. This means that a\n 200 OK response can contain either a success or an error. The error\n response might be embedded in the 200 OK response. If you call this API\n operation directly, make sure to design your application to parse the contents of the\n response and handle it appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition.\n The SDKs detect the embedded error and apply error handling per your configuration settings\n (including automatically retrying the request as appropriate). If the condition persists,\n the SDKs throw an exception (or, for the SDKs that don't use exceptions, they return an\n error).
Note that if CompleteMultipartUpload fails, applications should be prepared\n to retry any failed requests (including 500 error responses). For more information, see\n Amazon S3 Error\n Best Practices.
You can't use Content-Type: application/x-www-form-urlencoded for the\n CompleteMultipartUpload requests. Also, if you don't provide a Content-Type\n header, CompleteMultipartUpload can still return a 200 OK\n response.
For more information about multipart uploads, see Uploading Objects Using Multipart\n Upload in the Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - For\n information about permissions required to use the multipart upload API, see\n Multipart Upload and\n Permissions in the Amazon S3 User Guide.
\nIf you provide an additional checksum\n value in your MultipartUpload requests and the\n object is encrypted with Key Management Service, you must have permission to use the\n kms:Decrypt action for the\n CompleteMultipartUpload request to succeed.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
Error Code: EntityTooSmall\n
Description: Your proposed upload is smaller than the minimum\n allowed object size. Each part must be at least 5 MB in size, except\n the last part.
\nHTTP Status Code: 400 Bad Request
\nError Code: InvalidPart\n
Description: One or more of the specified parts could not be found.\n The part might not have been uploaded, or the specified ETag might not\n have matched the uploaded part's ETag.
\nHTTP Status Code: 400 Bad Request
\nError Code: InvalidPartOrder\n
Description: The list of parts was not in ascending order. The\n parts list must be specified in order by part number.
\nHTTP Status Code: 400 Bad Request
\nError Code: NoSuchUpload\n
Description: The specified multipart upload does not exist. The\n upload ID might be invalid, or the multipart upload might have been\n aborted or completed.
\nHTTP Status Code: 404 Not Found
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to CompleteMultipartUpload:
\n UploadPart\n
\n\n AbortMultipartUpload\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nCompletes a multipart upload by assembling previously uploaded parts.
\nYou first initiate the multipart upload and then upload all parts using the UploadPart\n operation or the UploadPartCopy operation.\n After successfully uploading all relevant parts of an upload, you call this\n CompleteMultipartUpload operation to complete the upload. Upon receiving\n this request, Amazon S3 concatenates all the parts in ascending order by part number to create a\n new object. In the CompleteMultipartUpload request, you must provide the parts list and\n ensure that the parts list is complete. The CompleteMultipartUpload API operation\n concatenates the parts that you provide in the list. For each part in the list, you must\n provide the PartNumber value and the ETag value that are returned\n after that part was uploaded.
The processing of a CompleteMultipartUpload request could take several minutes to\n finalize. After Amazon S3 begins processing the request, it sends an HTTP response header that\n specifies a 200 OK response. While processing is in progress, Amazon S3\n periodically sends white space characters to keep the connection from timing out. A request\n could fail after the initial 200 OK response has been sent. This means that a\n 200 OK response can contain either a success or an error. The error\n response might be embedded in the 200 OK response. If you call this API\n operation directly, make sure to design your application to parse the contents of the\n response and handle it appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition.\n The SDKs detect the embedded error and apply error handling per your configuration settings\n (including automatically retrying the request as appropriate). If the condition persists,\n the SDKs throw an exception (or, for the SDKs that don't use exceptions, they return an\n error).
Note that if CompleteMultipartUpload fails, applications should be prepared\n to retry any failed requests (including 500 error responses). For more information, see\n Amazon S3 Error\n Best Practices.
You can't use Content-Type: application/x-www-form-urlencoded for the\n CompleteMultipartUpload requests. Also, if you don't provide a Content-Type\n header, CompleteMultipartUpload can still return a 200 OK\n response.
For more information about multipart uploads, see Uploading Objects Using Multipart\n Upload in the Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - For\n information about permissions required to use the multipart upload API, see\n Multipart Upload and\n Permissions in the Amazon S3 User Guide.
\nIf you provide an additional checksum\n value in your MultipartUpload requests and the\n object is encrypted with Key Management Service, you must have permission to use the\n kms:Decrypt action for the\n CompleteMultipartUpload request to succeed.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
Error Code: EntityTooSmall\n
Description: Your proposed upload is smaller than the minimum\n allowed object size. Each part must be at least 5 MB in size, except\n the last part.
\nHTTP Status Code: 400 Bad Request
\nError Code: InvalidPart\n
Description: One or more of the specified parts could not be found.\n The part might not have been uploaded, or the specified ETag might not\n have matched the uploaded part's ETag.
\nHTTP Status Code: 400 Bad Request
\nError Code: InvalidPartOrder\n
Description: The list of parts was not in ascending order. The\n parts list must be specified in order by part number.
\nHTTP Status Code: 400 Bad Request
\nError Code: NoSuchUpload\n
Description: The specified multipart upload does not exist. The\n upload ID might be invalid, or the multipart upload might have been\n aborted or completed.
\nHTTP Status Code: 404 Not Found
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to CompleteMultipartUpload:
\n UploadPart\n
\n\n AbortMultipartUpload\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nCreates a copy of an object that is already stored in Amazon S3.
\nYou can store individual objects of up to 5 TB in Amazon S3. You create a copy of your\n object up to 5 GB in size in a single atomic action using this API. However, to copy an\n object greater than 5 GB, you must use the multipart upload Upload Part - Copy\n (UploadPartCopy) API. For more information, see Copy Object Using the\n REST Multipart Upload API.
\nYou can copy individual objects between general purpose buckets, between directory buckets,\n and between general purpose buckets and directory buckets.
\nAmazon S3 supports copy operations using Multi-Region Access Points only as a\n destination when using the Multi-Region Access Point ARN.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
VPC endpoints don't support cross-Region requests (including copies). If you're\n using VPC endpoints, your source and destination buckets should be in the same\n Amazon Web Services Region as your VPC endpoint.
\nBoth the Region that you want to copy the object from and the Region that you want to\n copy the object to must be enabled for your account. For more information about how to\n enable a Region for your account, see Enable or disable a Region for standalone accounts in the Amazon Web Services\n Account Management Guide.
\nAmazon S3 transfer acceleration does not support cross-Region copies. If you request a\n cross-Region copy using a transfer acceleration endpoint, you get a 400 Bad\n Request error. For more information, see Transfer\n Acceleration.
All CopyObject requests must be authenticated and signed by using\n IAM credentials (access key ID and secret access key for the IAM identities).\n All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see\n REST Authentication.
\n Directory buckets - You must use the\n IAM credentials to authenticate and authorize your access to the\n CopyObject API operation, instead of using the temporary security\n credentials through the CreateSession API operation.
Amazon Web Services CLI or SDKs handles authentication and authorization on your\n behalf.
\nYou must have read access to the source object and\n write access to the destination bucket.
\n\n General purpose bucket permissions - You\n must have permissions in an IAM policy based on the source and destination\n bucket types in a CopyObject operation.
If the source object is in a general purpose bucket, you must have\n \n s3:GetObject\n \n permission to read the source object that is being copied.
If the destination bucket is a general purpose bucket, you must have\n \n s3:PutObject\n \n permission to write the object copy to the destination bucket.
\n Directory bucket permissions -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the\n source and destination bucket types in a CopyObject\n operation.
If the source object that you want to copy is in a\n directory bucket, you must have the \n s3express:CreateSession\n permission in\n the Action element of a policy to read the object. By\n default, the session is in the ReadWrite mode. If you\n want to restrict the access, you can explicitly set the\n s3express:SessionMode condition key to\n ReadOnly on the copy source bucket.
If the copy destination is a directory bucket, you must have the\n \n s3express:CreateSession\n permission in the\n Action element of a policy to write the object to the\n destination. The s3express:SessionMode condition key\n can't be set to ReadOnly on the copy destination bucket.\n
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
For example policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for\n S3 Express One Zone in the Amazon S3 User Guide.
\nWhen the request is an HTTP 1.1 request, the response is chunk encoded. When\n the request is not an HTTP 1.1 request, the response would not contain the\n Content-Length. You always need to read the entire response body\n to check if the copy succeeds.
If the copy is successful, you receive a response with information about\n the copied object.
\nA copy request might return an error when Amazon S3 receives the copy request\n or while Amazon S3 is copying the files. A 200 OK response can\n contain either a success or an error.
If the error occurs before the copy action starts, you receive a\n standard Amazon S3 error.
\nIf the error occurs during the copy operation, the error response\n is embedded in the 200 OK response. For example, in a\n cross-region copy, you may encounter throttling and receive a\n 200 OK response. For more information, see Resolve the Error 200 response when copying objects to\n Amazon S3. The 200 OK status code means the copy\n was accepted, but it doesn't mean the copy is complete. Another\n example is when you disconnect from Amazon S3 before the copy is complete,\n Amazon S3 might cancel the copy and you may receive a 200 OK\n response. You must stay connected to Amazon S3 until the entire response is\n successfully received and processed.
If you call this API operation directly, make sure to design your\n application to parse the content of the response and handle it\n appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition. The\n SDKs detect the embedded error and apply error handling per your\n configuration settings (including automatically retrying the request\n as appropriate). If the condition persists, the SDKs throw an\n exception (or, for the SDKs that don't use exceptions, they return an\n error).
\nThe copy request charge is based on the storage class and Region that you\n specify for the destination object. The request can also result in a data\n retrieval charge for the source if the source storage class bills for data\n retrieval. If the copy source is in a different region, the data transfer is\n billed to the copy source account. For pricing information, see Amazon S3 pricing.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to CopyObject:
Creates a copy of an object that is already stored in Amazon S3.
\nYou can store individual objects of up to 5 TB in Amazon S3. You create a copy of your\n object up to 5 GB in size in a single atomic action using this API. However, to copy an\n object greater than 5 GB, you must use the multipart upload Upload Part - Copy\n (UploadPartCopy) API. For more information, see Copy Object Using the\n REST Multipart Upload API.
\nYou can copy individual objects between general purpose buckets, between directory buckets,\n and between general purpose buckets and directory buckets.
\nAmazon S3 supports copy operations using Multi-Region Access Points only as a\n destination when using the Multi-Region Access Point ARN.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
VPC endpoints don't support cross-Region requests (including copies). If you're\n using VPC endpoints, your source and destination buckets should be in the same\n Amazon Web Services Region as your VPC endpoint.
\nBoth the Region that you want to copy the object from and the Region that you want to\n copy the object to must be enabled for your account. For more information about how to\n enable a Region for your account, see Enable or disable a Region for standalone accounts in the Amazon Web Services\n Account Management Guide.
\nAmazon S3 transfer acceleration does not support cross-Region copies. If you request a\n cross-Region copy using a transfer acceleration endpoint, you get a 400 Bad\n Request error. For more information, see Transfer\n Acceleration.
All CopyObject requests must be authenticated and signed by using\n IAM credentials (access key ID and secret access key for the IAM identities).\n All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see\n REST Authentication.
\n Directory buckets - You must use the\n IAM credentials to authenticate and authorize your access to the\n CopyObject API operation, instead of using the temporary security\n credentials through the CreateSession API operation.
Amazon Web Services CLI or SDKs handles authentication and authorization on your\n behalf.
\nYou must have read access to the source object and\n write access to the destination bucket.
\n\n General purpose bucket permissions - You\n must have permissions in an IAM policy based on the source and destination\n bucket types in a CopyObject operation.
If the source object is in a general purpose bucket, you must have\n \n s3:GetObject\n \n permission to read the source object that is being copied.
If the destination bucket is a general purpose bucket, you must have\n \n s3:PutObject\n \n permission to write the object copy to the destination bucket.
\n Directory bucket permissions -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the\n source and destination bucket types in a CopyObject\n operation.
If the source object that you want to copy is in a\n directory bucket, you must have the \n s3express:CreateSession\n permission in\n the Action element of a policy to read the object. By\n default, the session is in the ReadWrite mode. If you\n want to restrict the access, you can explicitly set the\n s3express:SessionMode condition key to\n ReadOnly on the copy source bucket.
If the copy destination is a directory bucket, you must have the\n \n s3express:CreateSession\n permission in the\n Action element of a policy to write the object to the\n destination. The s3express:SessionMode condition key\n can't be set to ReadOnly on the copy destination bucket.\n
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
For example policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for\n S3 Express One Zone in the Amazon S3 User Guide.
\nWhen the request is an HTTP 1.1 request, the response is chunk encoded. When\n the request is not an HTTP 1.1 request, the response would not contain the\n Content-Length. You always need to read the entire response body\n to check if the copy succeeds.
If the copy is successful, you receive a response with information about\n the copied object.
\nA copy request might return an error when Amazon S3 receives the copy request\n or while Amazon S3 is copying the files. A 200 OK response can\n contain either a success or an error.
If the error occurs before the copy action starts, you receive a\n standard Amazon S3 error.
\nIf the error occurs during the copy operation, the error response\n is embedded in the 200 OK response. For example, in a\n cross-region copy, you may encounter throttling and receive a\n 200 OK response. For more information, see Resolve the Error 200 response when copying objects to\n Amazon S3. The 200 OK status code means the copy\n was accepted, but it doesn't mean the copy is complete. Another\n example is when you disconnect from Amazon S3 before the copy is complete,\n Amazon S3 might cancel the copy and you may receive a 200 OK\n response. You must stay connected to Amazon S3 until the entire response is\n successfully received and processed.
If you call this API operation directly, make sure to design your\n application to parse the content of the response and handle it\n appropriately. If you use Amazon Web Services SDKs, SDKs handle this condition. The\n SDKs detect the embedded error and apply error handling per your\n configuration settings (including automatically retrying the request\n as appropriate). If the condition persists, the SDKs throw an\n exception (or, for the SDKs that don't use exceptions, they return an\n error).
\nThe copy request charge is based on the storage class and Region that you\n specify for the destination object. The request can also result in a data\n retrieval charge for the source if the source storage class bills for data\n retrieval. If the copy source is in a different region, the data transfer is\n billed to the copy source account. For pricing information, see Amazon S3 pricing.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to CopyObject:
This action creates an Amazon S3 bucket. To create an Amazon S3 on Outposts bucket, see \n CreateBucket\n .
Creates a new S3 bucket. To create a bucket, you must set up Amazon S3 and have a valid Amazon Web Services\n Access Key ID to authenticate requests. Anonymous requests are never allowed to create\n buckets. By creating the bucket, you become the bucket owner.
\nThere are two types of buckets: general purpose buckets and directory buckets. For more\n information about these bucket types, see Creating, configuring, and\n working with Amazon S3 buckets in the Amazon S3 User Guide.
\n\n General purpose buckets - If you send your\n CreateBucket request to the s3.amazonaws.com global\n endpoint, the request goes to the us-east-1 Region. So the signature\n calculations in Signature Version 4 must use us-east-1 as the Region,\n even if the location constraint in the request specifies another Region where the\n bucket is to be created. If you create a bucket in a Region other than US East (N.\n Virginia), your application must be able to handle 307 redirect. For more\n information, see Virtual hosting of\n buckets in the Amazon S3 User Guide.
\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - In\n addition to the s3:CreateBucket permission, the following\n permissions are required in a policy when your CreateBucket\n request includes specific headers:
\n Access control lists (ACLs)\n - In your CreateBucket request, if you specify an\n access control list (ACL) and set it to public-read,\n public-read-write, authenticated-read, or\n if you explicitly specify any other custom ACLs, both\n s3:CreateBucket and s3:PutBucketAcl\n permissions are required. In your CreateBucket request,\n if you set the ACL to private, or if you don't specify\n any ACLs, only the s3:CreateBucket permission is\n required.
\n Object Lock - In your\n CreateBucket request, if you set\n x-amz-bucket-object-lock-enabled to true, the\n s3:PutBucketObjectLockConfiguration and\n s3:PutBucketVersioning permissions are\n required.
\n S3 Object Ownership - If\n your CreateBucket request includes the\n x-amz-object-ownership header, then the\n s3:PutBucketOwnershipControls permission is\n required.
To set an ACL on a bucket as part of a\n CreateBucket request, you must explicitly set S3\n Object Ownership for the bucket to a different value than the\n default, BucketOwnerEnforced. Additionally, if your\n desired bucket ACL grants public access, you must first create the\n bucket (without the bucket ACL) and then explicitly disable Block\n Public Access on the bucket before using PutBucketAcl\n to set the ACL. If you try to create a bucket with a public ACL,\n the request will fail.
For the majority of modern use cases in S3, we recommend that\n you keep all Block Public Access settings enabled and keep ACLs\n disabled. If you would like to share data with users outside of\n your account, you can use bucket policies as needed. For more\n information, see Controlling ownership of objects and disabling ACLs for your\n bucket and Blocking public access to your Amazon S3 storage in\n the Amazon S3 User Guide.
\n\n S3 Block Public Access - If\n your specific use case requires granting public access to your S3\n resources, you can disable Block Public Access. Specifically, you can\n create a new bucket with Block Public Access enabled, then separately\n call the \n DeletePublicAccessBlock\n API. To use this operation, you must have the\n s3:PutBucketPublicAccessBlock permission. For more\n information about S3 Block Public Access, see Blocking public access to your Amazon S3 storage in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n You must have the s3express:CreateBucket permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
The permissions for ACLs, Object Lock, S3 Object Ownership, and S3\n Block Public Access are not supported for directory buckets. For\n directory buckets, all Block Public Access settings are enabled at the\n bucket level and S3 Object Ownership is set to Bucket owner enforced\n (ACLs disabled). These settings can't be modified.
\nFor more information about permissions for creating and working with\n directory buckets, see Directory buckets in the\n Amazon S3 User Guide. For more information about\n supported S3 features for directory buckets, see Features of S3 Express One Zone in the\n Amazon S3 User Guide.
\n\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to CreateBucket:
\n PutObject\n
\n\n DeleteBucket\n
\nThis action creates an Amazon S3 bucket. To create an Amazon S3 on Outposts bucket, see \n CreateBucket\n .
Creates a new S3 bucket. To create a bucket, you must set up Amazon S3 and have a valid Amazon Web Services\n Access Key ID to authenticate requests. Anonymous requests are never allowed to create\n buckets. By creating the bucket, you become the bucket owner.
\nThere are two types of buckets: general purpose buckets and directory buckets. For more\n information about these bucket types, see Creating, configuring, and\n working with Amazon S3 buckets in the Amazon S3 User Guide.
\n\n General purpose buckets - If you send your\n CreateBucket request to the s3.amazonaws.com global\n endpoint, the request goes to the us-east-1 Region. So the signature\n calculations in Signature Version 4 must use us-east-1 as the Region,\n even if the location constraint in the request specifies another Region where the\n bucket is to be created. If you create a bucket in a Region other than US East (N.\n Virginia), your application must be able to handle 307 redirect. For more\n information, see Virtual hosting of\n buckets in the Amazon S3 User Guide.
\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - In\n addition to the s3:CreateBucket permission, the following\n permissions are required in a policy when your CreateBucket\n request includes specific headers:
\n Access control lists (ACLs)\n - In your CreateBucket request, if you specify an\n access control list (ACL) and set it to public-read,\n public-read-write, authenticated-read, or\n if you explicitly specify any other custom ACLs, both\n s3:CreateBucket and s3:PutBucketAcl\n permissions are required. In your CreateBucket request,\n if you set the ACL to private, or if you don't specify\n any ACLs, only the s3:CreateBucket permission is\n required.
\n Object Lock - In your\n CreateBucket request, if you set\n x-amz-bucket-object-lock-enabled to true, the\n s3:PutBucketObjectLockConfiguration and\n s3:PutBucketVersioning permissions are\n required.
\n S3 Object Ownership - If\n your CreateBucket request includes the\n x-amz-object-ownership header, then the\n s3:PutBucketOwnershipControls permission is\n required.
To set an ACL on a bucket as part of a\n CreateBucket request, you must explicitly set S3\n Object Ownership for the bucket to a different value than the\n default, BucketOwnerEnforced. Additionally, if your\n desired bucket ACL grants public access, you must first create the\n bucket (without the bucket ACL) and then explicitly disable Block\n Public Access on the bucket before using PutBucketAcl\n to set the ACL. If you try to create a bucket with a public ACL,\n the request will fail.
For the majority of modern use cases in S3, we recommend that\n you keep all Block Public Access settings enabled and keep ACLs\n disabled. If you would like to share data with users outside of\n your account, you can use bucket policies as needed. For more\n information, see Controlling ownership of objects and disabling ACLs for your\n bucket and Blocking public access to your Amazon S3 storage in\n the Amazon S3 User Guide.
\n\n S3 Block Public Access - If\n your specific use case requires granting public access to your S3\n resources, you can disable Block Public Access. Specifically, you can\n create a new bucket with Block Public Access enabled, then separately\n call the \n DeletePublicAccessBlock\n API. To use this operation, you must have the\n s3:PutBucketPublicAccessBlock permission. For more\n information about S3 Block Public Access, see Blocking public access to your Amazon S3 storage in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n You must have the s3express:CreateBucket permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
The permissions for ACLs, Object Lock, S3 Object Ownership, and S3\n Block Public Access are not supported for directory buckets. For\n directory buckets, all Block Public Access settings are enabled at the\n bucket level and S3 Object Ownership is set to Bucket owner enforced\n (ACLs disabled). These settings can't be modified.
\nFor more information about permissions for creating and working with\n directory buckets, see Directory buckets in the\n Amazon S3 User Guide. For more information about\n supported S3 features for directory buckets, see Features of S3 Express One Zone in the\n Amazon S3 User Guide.
\n\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to CreateBucket:
\n PutObject\n
\n\n DeleteBucket\n
\nSpecifies the Region where the bucket will be created. You might choose a Region to\n optimize latency, minimize costs, or address regulatory requirements. For example, if you\n reside in Europe, you will probably find it advantageous to create buckets in the Europe\n (Ireland) Region. For more information, see Accessing a\n bucket in the Amazon S3 User Guide.
\nIf you don't specify a Region, the bucket is created in the US East (N. Virginia) Region\n (us-east-1) by default.
\nThis functionality is not supported for directory buckets.
\nSpecifies the Region where the bucket will be created. You might choose a Region to\n optimize latency, minimize costs, or address regulatory requirements. For example, if you\n reside in Europe, you will probably find it advantageous to create buckets in the Europe\n (Ireland) Region.
\nIf you don't specify a Region, the bucket is created in the US East (N. Virginia) Region\n (us-east-1) by default.
\nFor a list of the valid values for all of the Amazon Web Services Regions, see Regions and\n Endpoints.
\nThis functionality is not supported for directory buckets.
\nSpecifies the location where the bucket will be created.
\n\n Directory buckets - The location type is Availability Zone or Local Zone. \n When the location type is Local Zone, your Local Zone must be in opt-in status. Otherwise, you get an HTTP 400 Bad Request error with the \n error code Access denied. To learn more about opt-in Local Zones, see Opt-in Dedicated Local Zonesin the Amazon S3 User Guide.\n
This functionality is only supported by directory buckets.
\nSpecifies the location where the bucket will be created.
\n\n Directory buckets - The location type is Availability Zone or Local Zone. \n To use the Local Zone location type, your account must be enabled for Dedicated Local Zones. Otherwise, you get an HTTP 403 Forbidden error with the \n error code AccessDenied. To learn more, see Enable accounts for Dedicated Local Zones in the Amazon S3 User Guide.\n
This functionality is only supported by directory buckets.
\nThis action initiates a multipart upload and returns an upload ID. This upload ID is\n used to associate all of the parts in the specific multipart upload. You specify this\n upload ID in each of your subsequent upload part requests (see UploadPart). You also include this\n upload ID in the final request to either complete or abort the multipart upload request.\n For more information about multipart uploads, see Multipart Upload Overview in the\n Amazon S3 User Guide.
\nAfter you initiate a multipart upload and upload one or more parts, to stop being\n charged for storing the uploaded parts, you must either complete or abort the multipart\n upload. Amazon S3 frees up the space used to store the parts and stops charging you for\n storing them only after you either complete or abort a multipart upload.
\nIf you have configured a lifecycle rule to abort incomplete multipart uploads, the\n created multipart upload must be completed within the number of days specified in the\n bucket lifecycle configuration. Otherwise, the incomplete multipart upload becomes eligible\n for an abort action and Amazon S3 aborts the multipart upload. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle\n Configuration.
\n\n Directory buckets -\n S3 Lifecycle is not supported by directory buckets.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
For request signing, multipart upload is just a series of regular requests. You\n initiate a multipart upload, send one or more requests to upload parts, and then\n complete the multipart upload process. You sign each request individually. There\n is nothing special about signing multipart upload requests. For more information\n about signing, see Authenticating\n Requests (Amazon Web Services Signature Version 4) in the\n Amazon S3 User Guide.
\n\n General purpose bucket permissions - To\n perform a multipart upload with encryption using an Key Management Service (KMS)\n KMS key, the requester must have permission to the\n kms:Decrypt and kms:GenerateDataKey actions on\n the key. The requester must also have permissions for the\n kms:GenerateDataKey action for the\n CreateMultipartUpload API. Then, the requester needs\n permissions for the kms:Decrypt action on the\n UploadPart and UploadPartCopy APIs. These\n permissions are required because Amazon S3 must decrypt and read data from the\n encrypted file parts before it completes the multipart upload. For more\n information, see Multipart upload API and permissions and Protecting data\n using server-side encryption with Amazon Web Services KMS in the\n Amazon S3 User Guide.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n General purpose buckets - Server-side\n encryption is for data encryption at rest. Amazon S3 encrypts your data as it\n writes it to disks in its data centers and decrypts it when you access it.\n Amazon S3 automatically encrypts all new objects that are uploaded to an S3\n bucket. When doing a multipart upload, if you don't specify encryption\n information in your request, the encryption setting of the uploaded parts is\n set to the default encryption configuration of the destination bucket. By\n default, all buckets have a base level of encryption configuration that uses\n server-side encryption with Amazon S3 managed keys (SSE-S3). If the destination\n bucket has a default encryption configuration that uses server-side\n encryption with an Key Management Service (KMS) key (SSE-KMS), or a customer-provided\n encryption key (SSE-C), Amazon S3 uses the corresponding KMS key, or a\n customer-provided key to encrypt the uploaded parts. When you perform a\n CreateMultipartUpload operation, if you want to use a different type of\n encryption setting for the uploaded parts, you can request that Amazon S3\n encrypts the object with a different encryption key (such as an Amazon S3 managed\n key, a KMS key, or a customer-provided key). When the encryption setting\n in your request is different from the default encryption configuration of\n the destination bucket, the encryption setting in your request takes\n precedence. If you choose to provide your own encryption key, the request\n headers you provide in UploadPart and\n UploadPartCopy\n requests must match the headers you used in the\n CreateMultipartUpload request.
Use KMS keys (SSE-KMS) that include the Amazon Web Services managed key\n (aws/s3) and KMS customer managed keys stored in Key Management Service\n (KMS) – If you want Amazon Web Services to manage the keys used to encrypt data,\n specify the following headers in the request.
\n x-amz-server-side-encryption\n
\n x-amz-server-side-encryption-aws-kms-key-id\n
\n x-amz-server-side-encryption-context\n
If you specify\n x-amz-server-side-encryption:aws:kms, but\n don't provide\n x-amz-server-side-encryption-aws-kms-key-id,\n Amazon S3 uses the Amazon Web Services managed key (aws/s3 key) in\n KMS to protect the data.
To perform a multipart upload with encryption by using an\n Amazon Web Services KMS key, the requester must have permission to the\n kms:Decrypt and\n kms:GenerateDataKey* actions on the key.\n These permissions are required because Amazon S3 must decrypt and\n read data from the encrypted file parts before it completes\n the multipart upload. For more information, see Multipart upload API and permissions and Protecting data using server-side encryption with Amazon Web Services\n KMS in the\n Amazon S3 User Guide.
If your Identity and Access Management (IAM) user or role is in the same\n Amazon Web Services account as the KMS key, then you must have these\n permissions on the key policy. If your IAM user or role is\n in a different account from the key, then you must have the\n permissions on both the key policy and your IAM user or\n role.
\nAll GET and PUT requests for an\n object protected by KMS fail if you don't make them by\n using Secure Sockets Layer (SSL), Transport Layer Security\n (TLS), or Signature Version 4. For information about\n configuring any of the officially supported Amazon Web Services SDKs and\n Amazon Web Services CLI, see Specifying the Signature Version in\n Request Authentication in the\n Amazon S3 User Guide.
For more information about server-side encryption with KMS keys\n (SSE-KMS), see Protecting\n Data Using Server-Side Encryption with KMS keys in the\n Amazon S3 User Guide.
\nUse customer-provided encryption keys (SSE-C) – If you want to\n manage your own encryption keys, provide all the following headers in\n the request.
\n\n x-amz-server-side-encryption-customer-algorithm\n
\n x-amz-server-side-encryption-customer-key\n
\n x-amz-server-side-encryption-customer-key-MD5\n
For more information about server-side encryption with\n customer-provided encryption keys (SSE-C), see Protecting data using server-side encryption with\n customer-provided encryption keys (SSE-C) in the\n Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your \n CreateSession requests or PUT object requests. Then, new objects \n are automatically encrypted with the desired encryption settings. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.
In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, the encryption request headers must match the encryption settings that are specified in the CreateSession request. \n You can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) that are specified in the CreateSession request. \n You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and \n Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket. \n
When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the \n CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. \n So in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), \n the encryption request headers must match the default encryption configuration of the directory bucket.\n\n
For directory buckets, when you perform a\n CreateMultipartUpload operation and an\n UploadPartCopy operation, the request headers you provide\n in the CreateMultipartUpload request must match the default\n encryption configuration of the destination bucket.
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to CreateMultipartUpload:
\n UploadPart\n
\n\n AbortMultipartUpload\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nThis action initiates a multipart upload and returns an upload ID. This upload ID is\n used to associate all of the parts in the specific multipart upload. You specify this\n upload ID in each of your subsequent upload part requests (see UploadPart). You also include this\n upload ID in the final request to either complete or abort the multipart upload request.\n For more information about multipart uploads, see Multipart Upload Overview in the\n Amazon S3 User Guide.
\nAfter you initiate a multipart upload and upload one or more parts, to stop being\n charged for storing the uploaded parts, you must either complete or abort the multipart\n upload. Amazon S3 frees up the space used to store the parts and stops charging you for\n storing them only after you either complete or abort a multipart upload.
\nIf you have configured a lifecycle rule to abort incomplete multipart uploads, the\n created multipart upload must be completed within the number of days specified in the\n bucket lifecycle configuration. Otherwise, the incomplete multipart upload becomes eligible\n for an abort action and Amazon S3 aborts the multipart upload. For more information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle\n Configuration.
\n\n Directory buckets -\n S3 Lifecycle is not supported by directory buckets.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
For request signing, multipart upload is just a series of regular requests. You\n initiate a multipart upload, send one or more requests to upload parts, and then\n complete the multipart upload process. You sign each request individually. There\n is nothing special about signing multipart upload requests. For more information\n about signing, see Authenticating\n Requests (Amazon Web Services Signature Version 4) in the\n Amazon S3 User Guide.
\n\n General purpose bucket permissions - To\n perform a multipart upload with encryption using an Key Management Service (KMS)\n KMS key, the requester must have permission to the\n kms:Decrypt and kms:GenerateDataKey actions on\n the key. The requester must also have permissions for the\n kms:GenerateDataKey action for the\n CreateMultipartUpload API. Then, the requester needs\n permissions for the kms:Decrypt action on the\n UploadPart and UploadPartCopy APIs. These\n permissions are required because Amazon S3 must decrypt and read data from the\n encrypted file parts before it completes the multipart upload. For more\n information, see Multipart upload API and permissions and Protecting data\n using server-side encryption with Amazon Web Services KMS in the\n Amazon S3 User Guide.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n General purpose buckets - Server-side\n encryption is for data encryption at rest. Amazon S3 encrypts your data as it\n writes it to disks in its data centers and decrypts it when you access it.\n Amazon S3 automatically encrypts all new objects that are uploaded to an S3\n bucket. When doing a multipart upload, if you don't specify encryption\n information in your request, the encryption setting of the uploaded parts is\n set to the default encryption configuration of the destination bucket. By\n default, all buckets have a base level of encryption configuration that uses\n server-side encryption with Amazon S3 managed keys (SSE-S3). If the destination\n bucket has a default encryption configuration that uses server-side\n encryption with an Key Management Service (KMS) key (SSE-KMS), or a customer-provided\n encryption key (SSE-C), Amazon S3 uses the corresponding KMS key, or a\n customer-provided key to encrypt the uploaded parts. When you perform a\n CreateMultipartUpload operation, if you want to use a different type of\n encryption setting for the uploaded parts, you can request that Amazon S3\n encrypts the object with a different encryption key (such as an Amazon S3 managed\n key, a KMS key, or a customer-provided key). When the encryption setting\n in your request is different from the default encryption configuration of\n the destination bucket, the encryption setting in your request takes\n precedence. If you choose to provide your own encryption key, the request\n headers you provide in UploadPart and\n UploadPartCopy\n requests must match the headers you used in the\n CreateMultipartUpload request.
Use KMS keys (SSE-KMS) that include the Amazon Web Services managed key\n (aws/s3) and KMS customer managed keys stored in Key Management Service\n (KMS) – If you want Amazon Web Services to manage the keys used to encrypt data,\n specify the following headers in the request.
\n x-amz-server-side-encryption\n
\n x-amz-server-side-encryption-aws-kms-key-id\n
\n x-amz-server-side-encryption-context\n
If you specify\n x-amz-server-side-encryption:aws:kms, but\n don't provide\n x-amz-server-side-encryption-aws-kms-key-id,\n Amazon S3 uses the Amazon Web Services managed key (aws/s3 key) in\n KMS to protect the data.
To perform a multipart upload with encryption by using an\n Amazon Web Services KMS key, the requester must have permission to the\n kms:Decrypt and\n kms:GenerateDataKey* actions on the key.\n These permissions are required because Amazon S3 must decrypt and\n read data from the encrypted file parts before it completes\n the multipart upload. For more information, see Multipart upload API and permissions and Protecting data using server-side encryption with Amazon Web Services\n KMS in the\n Amazon S3 User Guide.
If your Identity and Access Management (IAM) user or role is in the same\n Amazon Web Services account as the KMS key, then you must have these\n permissions on the key policy. If your IAM user or role is\n in a different account from the key, then you must have the\n permissions on both the key policy and your IAM user or\n role.
\nAll GET and PUT requests for an\n object protected by KMS fail if you don't make them by\n using Secure Sockets Layer (SSL), Transport Layer Security\n (TLS), or Signature Version 4. For information about\n configuring any of the officially supported Amazon Web Services SDKs and\n Amazon Web Services CLI, see Specifying the Signature Version in\n Request Authentication in the\n Amazon S3 User Guide.
For more information about server-side encryption with KMS keys\n (SSE-KMS), see Protecting\n Data Using Server-Side Encryption with KMS keys in the\n Amazon S3 User Guide.
\nUse customer-provided encryption keys (SSE-C) – If you want to\n manage your own encryption keys, provide all the following headers in\n the request.
\n\n x-amz-server-side-encryption-customer-algorithm\n
\n x-amz-server-side-encryption-customer-key\n
\n x-amz-server-side-encryption-customer-key-MD5\n
For more information about server-side encryption with\n customer-provided encryption keys (SSE-C), see Protecting data using server-side encryption with\n customer-provided encryption keys (SSE-C) in the\n Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your \n CreateSession requests or PUT object requests. Then, new objects \n are automatically encrypted with the desired encryption settings. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.
In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, the encryption request headers must match the encryption settings that are specified in the CreateSession request. \n You can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) that are specified in the CreateSession request. \n You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and \n Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket. \n
When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the \n CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. \n So in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), \n the encryption request headers must match the default encryption configuration of the directory bucket.\n\n
For directory buckets, when you perform a\n CreateMultipartUpload operation and an\n UploadPartCopy operation, the request headers you provide\n in the CreateMultipartUpload request must match the default\n encryption configuration of the destination bucket.
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to CreateMultipartUpload:
\n UploadPart\n
\n\n AbortMultipartUpload\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nCreates a session that establishes temporary security credentials to support fast\n authentication and authorization for the Zonal endpoint API operations on directory buckets. For more\n information about Zonal endpoint API operations that include the Availability Zone in the request endpoint, see S3 Express One Zone\n APIs in the Amazon S3 User Guide.
\nTo make Zonal endpoint API requests on a directory bucket, use the CreateSession\n API operation. Specifically, you grant s3express:CreateSession permission to a\n bucket in a bucket policy or an IAM identity-based policy. Then, you use IAM credentials to make the\n CreateSession API request on the bucket, which returns temporary security\n credentials that include the access key ID, secret access key, session token, and\n expiration. These credentials have associated permissions to access the Zonal endpoint API operations. After\n the session is created, you don’t need to use other policies to grant permissions to each\n Zonal endpoint API individually. Instead, in your Zonal endpoint API requests, you sign your requests by\n applying the temporary security credentials of the session to the request headers and\n following the SigV4 protocol for authentication. You also apply the session token to the\n x-amz-s3session-token request header for authorization. Temporary security\n credentials are scoped to the bucket and expire after 5 minutes. After the expiration time,\n any calls that you make with those credentials will fail. You must use IAM credentials\n again to make a CreateSession API request that generates a new set of\n temporary credentials for use. Temporary credentials cannot be extended or refreshed beyond\n the original specified interval.
If you use Amazon Web Services SDKs, SDKs handle the session token refreshes automatically to avoid\n service interruptions when a session expires. We recommend that you use the Amazon Web Services SDKs to\n initiate and manage requests to the CreateSession API. For more information, see Performance guidelines and design patterns in the\n Amazon S3 User Guide.
\nYou must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com. Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n \n CopyObject API operation -\n Unlike other Zonal endpoint API operations, the CopyObject API operation doesn't use\n the temporary security credentials returned from the CreateSession\n API operation for authentication and authorization. For information about\n authentication and authorization of the CopyObject API operation on\n directory buckets, see CopyObject.
\n \n HeadBucket API operation -\n Unlike other Zonal endpoint API operations, the HeadBucket API operation doesn't use\n the temporary security credentials returned from the CreateSession\n API operation for authentication and authorization. For information about\n authentication and authorization of the HeadBucket API operation on\n directory buckets, see HeadBucket.
To obtain temporary security credentials, you must create\n a bucket policy or an IAM identity-based policy that grants s3express:CreateSession\n permission to the bucket. In a policy, you can have the\n s3express:SessionMode condition key to control who can create a\n ReadWrite or ReadOnly session. For more information\n about ReadWrite or ReadOnly sessions, see \n x-amz-create-session-mode\n . For example policies, see\n Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for\n S3 Express One Zone in the Amazon S3 User Guide.
To grant cross-account access to Zonal endpoint API operations, the bucket policy should also\n grant both accounts the s3express:CreateSession permission.
If you want to encrypt objects with SSE-KMS, you must also have the\n kms:GenerateDataKey and the kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the target KMS\n key.
For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your \n CreateSession requests or PUT object requests. Then, new objects \n are automatically encrypted with the desired encryption settings. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.
For Zonal endpoint (object-level) API operations except CopyObject and UploadPartCopy, \nyou authenticate and authorize requests through CreateSession for low latency. \n To encrypt new objects in a directory bucket with SSE-KMS, you must specify SSE-KMS as the directory bucket's default encryption configuration with a KMS key (specifically, a customer managed key). Then, when a session is created for Zonal endpoint API operations, new objects are automatically encrypted and decrypted with SSE-KMS and S3 Bucket Keys during the session.
\n\n Only 1 customer managed key is supported per directory bucket for the lifetime of the bucket. The Amazon Web Services managed key (aws/s3) isn't supported. \n After you specify SSE-KMS as your bucket's default encryption configuration with a customer managed key, you can't change the customer managed key for the bucket's SSE-KMS configuration.\n
In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, \n you can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) from the CreateSession request. \n You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and \n Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket. \n
When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the \n CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. \n Also, in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), \n it's not supported to override the values of the encryption settings from the CreateSession request. \n\n
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
Creates a session that establishes temporary security credentials to support fast\n authentication and authorization for the Zonal endpoint API operations on directory buckets. For more\n information about Zonal endpoint API operations that include the Availability Zone in the request endpoint, see S3 Express One Zone\n APIs in the Amazon S3 User Guide.
\nTo make Zonal endpoint API requests on a directory bucket, use the CreateSession\n API operation. Specifically, you grant s3express:CreateSession permission to a\n bucket in a bucket policy or an IAM identity-based policy. Then, you use IAM credentials to make the\n CreateSession API request on the bucket, which returns temporary security\n credentials that include the access key ID, secret access key, session token, and\n expiration. These credentials have associated permissions to access the Zonal endpoint API operations. After\n the session is created, you don’t need to use other policies to grant permissions to each\n Zonal endpoint API individually. Instead, in your Zonal endpoint API requests, you sign your requests by\n applying the temporary security credentials of the session to the request headers and\n following the SigV4 protocol for authentication. You also apply the session token to the\n x-amz-s3session-token request header for authorization. Temporary security\n credentials are scoped to the bucket and expire after 5 minutes. After the expiration time,\n any calls that you make with those credentials will fail. You must use IAM credentials\n again to make a CreateSession API request that generates a new set of\n temporary credentials for use. Temporary credentials cannot be extended or refreshed beyond\n the original specified interval.
If you use Amazon Web Services SDKs, SDKs handle the session token refreshes automatically to avoid\n service interruptions when a session expires. We recommend that you use the Amazon Web Services SDKs to\n initiate and manage requests to the CreateSession API. For more information, see Performance guidelines and design patterns in the\n Amazon S3 User Guide.
\nYou must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com. Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n \n CopyObject API operation -\n Unlike other Zonal endpoint API operations, the CopyObject API operation doesn't use\n the temporary security credentials returned from the CreateSession\n API operation for authentication and authorization. For information about\n authentication and authorization of the CopyObject API operation on\n directory buckets, see CopyObject.
\n \n HeadBucket API operation -\n Unlike other Zonal endpoint API operations, the HeadBucket API operation doesn't use\n the temporary security credentials returned from the CreateSession\n API operation for authentication and authorization. For information about\n authentication and authorization of the HeadBucket API operation on\n directory buckets, see HeadBucket.
To obtain temporary security credentials, you must create\n a bucket policy or an IAM identity-based policy that grants s3express:CreateSession\n permission to the bucket. In a policy, you can have the\n s3express:SessionMode condition key to control who can create a\n ReadWrite or ReadOnly session. For more information\n about ReadWrite or ReadOnly sessions, see \n x-amz-create-session-mode\n . For example policies, see\n Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for\n S3 Express One Zone in the Amazon S3 User Guide.
To grant cross-account access to Zonal endpoint API operations, the bucket policy should also\n grant both accounts the s3express:CreateSession permission.
If you want to encrypt objects with SSE-KMS, you must also have the\n kms:GenerateDataKey and the kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the target KMS\n key.
For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your \n CreateSession requests or PUT object requests. Then, new objects \n are automatically encrypted with the desired encryption settings. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.
For Zonal endpoint (object-level) API operations except CopyObject and UploadPartCopy, \nyou authenticate and authorize requests through CreateSession for low latency. \n To encrypt new objects in a directory bucket with SSE-KMS, you must specify SSE-KMS as the directory bucket's default encryption configuration with a KMS key (specifically, a customer managed key). Then, when a session is created for Zonal endpoint API operations, new objects are automatically encrypted and decrypted with SSE-KMS and S3 Bucket Keys during the session.
\n\n Only 1 customer managed key is supported per directory bucket for the lifetime of the bucket. The Amazon Web Services managed key (aws/s3) isn't supported. \n After you specify SSE-KMS as your bucket's default encryption configuration with a customer managed key, you can't change the customer managed key for the bucket's SSE-KMS configuration.\n
In the Zonal endpoint API calls (except CopyObject and UploadPartCopy) using the REST API, \n you can't override the values of the encryption settings (x-amz-server-side-encryption, x-amz-server-side-encryption-aws-kms-key-id, x-amz-server-side-encryption-context, and x-amz-server-side-encryption-bucket-key-enabled) from the CreateSession request. \n You don't need to explicitly specify these encryption settings values in Zonal endpoint API calls, and \n Amazon S3 will use the encryption settings values from the CreateSession request to protect new objects in the directory bucket. \n
When you use the CLI or the Amazon Web Services SDKs, for CreateSession, the session token refreshes automatically to avoid service interruptions when a session expires. The CLI or the Amazon Web Services SDKs use the bucket's default encryption configuration for the \n CreateSession request. It's not supported to override the encryption settings values in the CreateSession request. \n Also, in the Zonal endpoint API calls (except CopyObject and UploadPartCopy), \n it's not supported to override the values of the encryption settings from the CreateSession request. \n\n
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
Deletes the S3 bucket. All objects (including all object versions and delete markers) in\n the bucket must be deleted before the bucket itself can be deleted.
\n\n Directory buckets - If multipart\n uploads in a directory bucket are in progress, you can't delete the bucket until\n all the in-progress multipart uploads are aborted or completed.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - You\n must have the s3:DeleteBucket permission on the specified\n bucket in a policy.
\n Directory bucket permissions -\n You must have the s3express:DeleteBucket permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to DeleteBucket:
\n CreateBucket\n
\n\n DeleteObject\n
\nDeletes the S3 bucket. All objects (including all object versions and delete markers) in\n the bucket must be deleted before the bucket itself can be deleted.
\n\n Directory buckets - If multipart\n uploads in a directory bucket are in progress, you can't delete the bucket until\n all the in-progress multipart uploads are aborted or completed.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - You\n must have the s3:DeleteBucket permission on the specified\n bucket in a policy.
\n Directory bucket permissions -\n You must have the s3express:DeleteBucket permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to DeleteBucket:
\n CreateBucket\n
\n\n DeleteObject\n
\nDeletes the lifecycle configuration from the specified bucket. Amazon S3 removes all the\n lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your\n objects never expire, and Amazon S3 no longer automatically deletes any objects on the basis of\n rules contained in the deleted lifecycle configuration.
\n\n General purpose bucket permissions - By\n default, all Amazon S3 resources are private, including buckets, objects, and\n related subresources (for example, lifecycle configuration and website\n configuration). Only the resource owner (that is, the Amazon Web Services account that\n created it) can access the resource. The resource owner can optionally grant\n access permissions to others by writing an access policy. For this\n operation, a user must have the s3:PutLifecycleConfiguration\n permission.
For more information about permissions, see Managing Access\n Permissions to Your Amazon S3 Resources.
\n\n Directory bucket permissions -\n You must have the s3express:PutLifecycleConfiguration\n permission in an IAM identity-based policy to use this operation.\n Cross-account access to this API operation isn't supported. The resource\n owner can optionally grant access permissions to others by creating a role\n or user for them as long as they are within the same account as the owner\n and resource.
For more information about directory bucket policies and permissions, see\n Authorizing Regional endpoint APIs with IAM in the\n Amazon S3 User Guide.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n Directory buckets - The HTTP Host\n header syntax is\n s3express-control.region.amazonaws.com.
For more information about the object expiration, see Elements to Describe Lifecycle Actions.
\nRelated actions include:
\nDeletes the lifecycle configuration from the specified bucket. Amazon S3 removes all the\n lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your\n objects never expire, and Amazon S3 no longer automatically deletes any objects on the basis of\n rules contained in the deleted lifecycle configuration.
\n\n General purpose bucket permissions - By\n default, all Amazon S3 resources are private, including buckets, objects, and\n related subresources (for example, lifecycle configuration and website\n configuration). Only the resource owner (that is, the Amazon Web Services account that\n created it) can access the resource. The resource owner can optionally grant\n access permissions to others by writing an access policy. For this\n operation, a user must have the s3:PutLifecycleConfiguration\n permission.
For more information about permissions, see Managing Access\n Permissions to Your Amazon S3 Resources.
\n\n Directory bucket permissions -\n You must have the s3express:PutLifecycleConfiguration\n permission in an IAM identity-based policy to use this operation.\n Cross-account access to this API operation isn't supported. The resource\n owner can optionally grant access permissions to others by creating a role\n or user for them as long as they are within the same account as the owner\n and resource.
For more information about directory bucket policies and permissions, see\n Authorizing Regional endpoint APIs with IAM in the\n Amazon S3 User Guide.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n Directory buckets - The HTTP Host\n header syntax is\n s3express-control.region.amazonaws.com.
For more information about the object expiration, see Elements to Describe Lifecycle Actions.
\nRelated actions include:
\nDeletes the policy of a specified bucket.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
If you are using an identity other than the root user of the Amazon Web Services account that\n owns the bucket, the calling identity must both have the\n DeleteBucketPolicy permissions on the specified bucket and belong\n to the bucket owner's account in order to use this operation.
If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a\n 403 Access Denied error. If you have the correct permissions, but\n you're not using an identity that belongs to the bucket owner's account, Amazon S3\n returns a 405 Method Not Allowed error.
To ensure that bucket owners don't inadvertently lock themselves out of\n their own buckets, the root principal in a bucket owner's Amazon Web Services account can\n perform the GetBucketPolicy, PutBucketPolicy, and\n DeleteBucketPolicy API actions, even if their bucket policy\n explicitly denies the root principal's access. Bucket owner root principals can\n only be blocked from performing these API actions by VPC endpoint policies and\n Amazon Web Services Organizations policies.
\n General purpose bucket permissions - The\n s3:DeleteBucketPolicy permission is required in a policy.\n For more information about general purpose buckets bucket policies, see Using Bucket Policies and User Policies in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n To grant access to this API operation, you must have the\n s3express:DeleteBucketPolicy permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to DeleteBucketPolicy\n
\n CreateBucket\n
\n\n DeleteObject\n
\nDeletes the policy of a specified bucket.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
If you are using an identity other than the root user of the Amazon Web Services account that\n owns the bucket, the calling identity must both have the\n DeleteBucketPolicy permissions on the specified bucket and belong\n to the bucket owner's account in order to use this operation.
If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a\n 403 Access Denied error. If you have the correct permissions, but\n you're not using an identity that belongs to the bucket owner's account, Amazon S3\n returns a 405 Method Not Allowed error.
To ensure that bucket owners don't inadvertently lock themselves out of\n their own buckets, the root principal in a bucket owner's Amazon Web Services account can\n perform the GetBucketPolicy, PutBucketPolicy, and\n DeleteBucketPolicy API actions, even if their bucket policy\n explicitly denies the root principal's access. Bucket owner root principals can\n only be blocked from performing these API actions by VPC endpoint policies and\n Amazon Web Services Organizations policies.
\n General purpose bucket permissions - The\n s3:DeleteBucketPolicy permission is required in a policy.\n For more information about general purpose buckets bucket policies, see Using Bucket Policies and User Policies in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n To grant access to this API operation, you must have the\n s3express:DeleteBucketPolicy permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to DeleteBucketPolicy\n
\n CreateBucket\n
\n\n DeleteObject\n
\nRemoves an object from a bucket. The behavior depends on the bucket's versioning state:
\nIf bucket versioning is not enabled, the operation permanently deletes the object.
\nIf bucket versioning is enabled, the operation inserts a delete marker, which becomes the current version of the object. To permanently delete an object in a versioned bucket, you must include the object’s versionId in the request. For more information about versioning-enabled buckets, see Deleting object versions from a versioning-enabled bucket.
If bucket versioning is suspended, the operation removes the object that has a null versionId, if there is one, and inserts a delete marker that becomes the current version of the object. If there isn't an object with a null versionId, and all versions of the object have a versionId, Amazon S3 does not remove the object and only inserts a delete marker. To permanently delete an object that has a versionId, you must include the object’s versionId in the request. For more information about versioning-suspended buckets, see Deleting objects from versioning-suspended buckets.
\n Directory buckets - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the null value of the version ID is supported by directory buckets. You can only specify null \n to the versionId query parameter in the request.
\n Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
To remove a specific version, you must use the versionId query parameter. Using this\n query parameter permanently deletes the version. If the object deleted is a delete marker, Amazon S3\n sets the response header x-amz-delete-marker to true.
If the object you want to delete is in a bucket where the bucket versioning\n configuration is MFA Delete enabled, you must include the x-amz-mfa request\n header in the DELETE versionId request. Requests that include\n x-amz-mfa must use HTTPS. For more information about MFA Delete, see Using MFA Delete in the Amazon S3\n User Guide. To see sample\n requests that use versioning, see Sample\n Request.
\n Directory buckets - MFA delete is not supported by directory buckets.
\nYou can delete objects by explicitly calling DELETE Object or calling \n (PutBucketLifecycle) to enable Amazon S3 to remove them for you. If you want to block\n users or accounts from removing or deleting objects from your bucket, you must deny them\n the s3:DeleteObject, s3:DeleteObjectVersion, and\n s3:PutLifeCycleConfiguration actions.
\n Directory buckets - S3 Lifecycle is not supported by directory buckets.
\n\n General purpose bucket permissions - The following permissions are required in your policies when your \n DeleteObjects request includes specific headers.
\n \n s3:DeleteObject\n - To delete an object from a bucket, you must always have the s3:DeleteObject permission.
\n \n s3:DeleteObjectVersion\n - To delete a specific version of an object from a versioning-enabled bucket, you must have the s3:DeleteObjectVersion permission.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following action is related to DeleteObject:
\n PutObject\n
\nRemoves an object from a bucket. The behavior depends on the bucket's versioning state:
\nIf bucket versioning is not enabled, the operation permanently deletes the object.
\nIf bucket versioning is enabled, the operation inserts a delete marker, which becomes the current version of the object. To permanently delete an object in a versioned bucket, you must include the object’s versionId in the request. For more information about versioning-enabled buckets, see Deleting object versions from a versioning-enabled bucket.
If bucket versioning is suspended, the operation removes the object that has a null versionId, if there is one, and inserts a delete marker that becomes the current version of the object. If there isn't an object with a null versionId, and all versions of the object have a versionId, Amazon S3 does not remove the object and only inserts a delete marker. To permanently delete an object that has a versionId, you must include the object’s versionId in the request. For more information about versioning-suspended buckets, see Deleting objects from versioning-suspended buckets.
\n Directory buckets - S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the null value of the version ID is supported by directory buckets. You can only specify null \n to the versionId query parameter in the request.
\n Directory buckets - For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
To remove a specific version, you must use the versionId query parameter. Using this\n query parameter permanently deletes the version. If the object deleted is a delete marker, Amazon S3\n sets the response header x-amz-delete-marker to true.
If the object you want to delete is in a bucket where the bucket versioning\n configuration is MFA Delete enabled, you must include the x-amz-mfa request\n header in the DELETE versionId request. Requests that include\n x-amz-mfa must use HTTPS. For more information about MFA Delete, see Using MFA Delete in the Amazon S3\n User Guide. To see sample\n requests that use versioning, see Sample\n Request.
\n Directory buckets - MFA delete is not supported by directory buckets.
\nYou can delete objects by explicitly calling DELETE Object or calling \n (PutBucketLifecycle) to enable Amazon S3 to remove them for you. If you want to block\n users or accounts from removing or deleting objects from your bucket, you must deny them\n the s3:DeleteObject, s3:DeleteObjectVersion, and\n s3:PutLifeCycleConfiguration actions.
\n Directory buckets - S3 Lifecycle is not supported by directory buckets.
\n\n General purpose bucket permissions - The following permissions are required in your policies when your \n DeleteObjects request includes specific headers.
\n \n s3:DeleteObject\n - To delete an object from a bucket, you must always have the s3:DeleteObject permission.
\n \n s3:DeleteObjectVersion\n - To delete a specific version of an object from a versioning-enabled bucket, you must have the s3:DeleteObjectVersion permission.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following action is related to DeleteObject:
\n PutObject\n
\nThis operation enables you to delete multiple objects from a bucket using a single HTTP\n request. If you know the object keys that you want to delete, then this operation provides\n a suitable alternative to sending individual delete requests, reducing per-request\n overhead.
\nThe request can contain a list of up to 1000 keys that you want to delete. In the XML,\n you provide the object key names, and optionally, version IDs if you want to delete a\n specific version of the object from a versioning-enabled bucket. For each key, Amazon S3\n performs a delete operation and returns the result of that delete, success or failure, in\n the response. Note that if the object specified in the request is not found, Amazon S3 returns\n the result as deleted.
\n\n Directory buckets -\n S3 Versioning isn't enabled and supported for directory buckets.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
The operation supports two modes for the response: verbose and quiet. By default, the\n operation uses verbose mode in which the response includes the result of deletion of each\n key in your request. In quiet mode the response includes only keys where the delete\n operation encountered an error. For a successful deletion in a quiet mode, the operation\n does not return any information about the delete in the response body.
\nWhen performing this action on an MFA Delete enabled bucket, that attempts to delete any\n versioned objects, you must include an MFA token. If you do not provide one, the entire\n request will fail, even if there are non-versioned objects you are trying to delete. If you\n provide an invalid token, whether there are versioned keys in the request or not, the\n entire Multi-Object Delete request will fail. For information about MFA Delete, see MFA\n Delete in the Amazon S3 User Guide.
\n\n Directory buckets -\n MFA delete is not supported by directory buckets.
\n\n General purpose bucket permissions - The\n following permissions are required in your policies when your\n DeleteObjects request includes specific headers.
\n \n s3:DeleteObject\n \n - To delete an object from a bucket, you must always specify\n the s3:DeleteObject permission.
\n \n s3:DeleteObjectVersion\n - To delete a specific version of an object from a\n versioning-enabled bucket, you must specify the\n s3:DeleteObjectVersion permission.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n General purpose bucket - The Content-MD5\n request header is required for all Multi-Object Delete requests. Amazon S3 uses\n the header value to ensure that your request body has not been altered in\n transit.
\n\n Directory bucket - The\n Content-MD5 request header or a additional checksum request header\n (including x-amz-checksum-crc32,\n x-amz-checksum-crc32c, x-amz-checksum-sha1, or\n x-amz-checksum-sha256) is required for all Multi-Object\n Delete requests.
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to DeleteObjects:
\n UploadPart\n
\n\n ListParts\n
\n\n AbortMultipartUpload\n
\nThis operation enables you to delete multiple objects from a bucket using a single HTTP\n request. If you know the object keys that you want to delete, then this operation provides\n a suitable alternative to sending individual delete requests, reducing per-request\n overhead.
\nThe request can contain a list of up to 1000 keys that you want to delete. In the XML,\n you provide the object key names, and optionally, version IDs if you want to delete a\n specific version of the object from a versioning-enabled bucket. For each key, Amazon S3\n performs a delete operation and returns the result of that delete, success or failure, in\n the response. Note that if the object specified in the request is not found, Amazon S3 returns\n the result as deleted.
\n\n Directory buckets -\n S3 Versioning isn't enabled and supported for directory buckets.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
The operation supports two modes for the response: verbose and quiet. By default, the\n operation uses verbose mode in which the response includes the result of deletion of each\n key in your request. In quiet mode the response includes only keys where the delete\n operation encountered an error. For a successful deletion in a quiet mode, the operation\n does not return any information about the delete in the response body.
\nWhen performing this action on an MFA Delete enabled bucket, that attempts to delete any\n versioned objects, you must include an MFA token. If you do not provide one, the entire\n request will fail, even if there are non-versioned objects you are trying to delete. If you\n provide an invalid token, whether there are versioned keys in the request or not, the\n entire Multi-Object Delete request will fail. For information about MFA Delete, see MFA\n Delete in the Amazon S3 User Guide.
\n\n Directory buckets -\n MFA delete is not supported by directory buckets.
\n\n General purpose bucket permissions - The\n following permissions are required in your policies when your\n DeleteObjects request includes specific headers.
\n \n s3:DeleteObject\n \n - To delete an object from a bucket, you must always specify\n the s3:DeleteObject permission.
\n \n s3:DeleteObjectVersion\n - To delete a specific version of an object from a\n versioning-enabled bucket, you must specify the\n s3:DeleteObjectVersion permission.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n General purpose bucket - The Content-MD5\n request header is required for all Multi-Object Delete requests. Amazon S3 uses\n the header value to ensure that your request body has not been altered in\n transit.
\n\n Directory bucket - The\n Content-MD5 request header or a additional checksum request header\n (including x-amz-checksum-crc32,\n x-amz-checksum-crc32c, x-amz-checksum-sha1, or\n x-amz-checksum-sha256) is required for all Multi-Object\n Delete requests.
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to DeleteObjects:
\n UploadPart\n
\n\n ListParts\n
\n\n AbortMultipartUpload\n
\nReturns the lifecycle configuration information set on the bucket. For information about\n lifecycle configuration, see Object Lifecycle\n Management.
\nBucket lifecycle configuration now supports specifying a lifecycle rule using an object\n key name prefix, one or more object tags, object size, or any combination of these.\n Accordingly, this section describes the latest API, which is compatible with the new\n functionality. The previous version of the API supported filtering based only on an object\n key name prefix, which is supported for general purpose buckets for backward compatibility.\n For the related API description, see GetBucketLifecycle.
\nLifecyle configurations for directory buckets only support expiring objects and\n cancelling multipart uploads. Expiring of versioned objects, transitions and tag filters\n are not supported.
\n\n General purpose bucket permissions - By\n default, all Amazon S3 resources are private, including buckets, objects, and\n related subresources (for example, lifecycle configuration and website\n configuration). Only the resource owner (that is, the Amazon Web Services account that\n created it) can access the resource. The resource owner can optionally grant\n access permissions to others by writing an access policy. For this\n operation, a user must have the s3:GetLifecycleConfiguration\n permission.
For more information about permissions, see Managing Access\n Permissions to Your Amazon S3 Resources.
\n\n Directory bucket permissions -\n You must have the s3express:GetLifecycleConfiguration\n permission in an IAM identity-based policy to use this operation.\n Cross-account access to this API operation isn't supported. The resource\n owner can optionally grant access permissions to others by creating a role\n or user for them as long as they are within the same account as the owner\n and resource.
For more information about directory bucket policies and permissions, see\n Authorizing Regional endpoint APIs with IAM in the\n Amazon S3 User Guide.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n Directory buckets - The HTTP Host\n header syntax is\n s3express-control.region.amazonaws.com.
\n GetBucketLifecycleConfiguration has the following special error:
Error code: NoSuchLifecycleConfiguration\n
Description: The lifecycle configuration does not exist.
\nHTTP Status Code: 404 Not Found
\nSOAP Fault Code Prefix: Client
\nThe following operations are related to\n GetBucketLifecycleConfiguration:
\n GetBucketLifecycle\n
\n\n PutBucketLifecycle\n
\nReturns the lifecycle configuration information set on the bucket. For information about\n lifecycle configuration, see Object Lifecycle\n Management.
\nBucket lifecycle configuration now supports specifying a lifecycle rule using an object\n key name prefix, one or more object tags, object size, or any combination of these.\n Accordingly, this section describes the latest API, which is compatible with the new\n functionality. The previous version of the API supported filtering based only on an object\n key name prefix, which is supported for general purpose buckets for backward compatibility.\n For the related API description, see GetBucketLifecycle.
\nLifecyle configurations for directory buckets only support expiring objects and\n cancelling multipart uploads. Expiring of versioned objects, transitions and tag filters\n are not supported.
\n\n General purpose bucket permissions - By\n default, all Amazon S3 resources are private, including buckets, objects, and\n related subresources (for example, lifecycle configuration and website\n configuration). Only the resource owner (that is, the Amazon Web Services account that\n created it) can access the resource. The resource owner can optionally grant\n access permissions to others by writing an access policy. For this\n operation, a user must have the s3:GetLifecycleConfiguration\n permission.
For more information about permissions, see Managing Access\n Permissions to Your Amazon S3 Resources.
\n\n Directory bucket permissions -\n You must have the s3express:GetLifecycleConfiguration\n permission in an IAM identity-based policy to use this operation.\n Cross-account access to this API operation isn't supported. The resource\n owner can optionally grant access permissions to others by creating a role\n or user for them as long as they are within the same account as the owner\n and resource.
For more information about directory bucket policies and permissions, see\n Authorizing Regional endpoint APIs with IAM in the\n Amazon S3 User Guide.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n Directory buckets - The HTTP Host\n header syntax is\n s3express-control.region.amazonaws.com.
\n GetBucketLifecycleConfiguration has the following special error:
Error code: NoSuchLifecycleConfiguration\n
Description: The lifecycle configuration does not exist.
\nHTTP Status Code: 404 Not Found
\nSOAP Fault Code Prefix: Client
\nThe following operations are related to\n GetBucketLifecycleConfiguration:
\n GetBucketLifecycle\n
\n\n PutBucketLifecycle\n
\nReturns the policy of a specified bucket.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
If you are using an identity other than the root user of the Amazon Web Services account that\n owns the bucket, the calling identity must both have the\n GetBucketPolicy permissions on the specified bucket and belong to\n the bucket owner's account in order to use this operation.
If you don't have GetBucketPolicy permissions, Amazon S3 returns a\n 403 Access Denied error. If you have the correct permissions, but\n you're not using an identity that belongs to the bucket owner's account, Amazon S3\n returns a 405 Method Not Allowed error.
To ensure that bucket owners don't inadvertently lock themselves out of\n their own buckets, the root principal in a bucket owner's Amazon Web Services account can\n perform the GetBucketPolicy, PutBucketPolicy, and\n DeleteBucketPolicy API actions, even if their bucket policy\n explicitly denies the root principal's access. Bucket owner root principals can\n only be blocked from performing these API actions by VPC endpoint policies and\n Amazon Web Services Organizations policies.
\n General purpose bucket permissions - The\n s3:GetBucketPolicy permission is required in a policy. For\n more information about general purpose buckets bucket policies, see Using Bucket Policies and User Policies in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n To grant access to this API operation, you must have the\n s3express:GetBucketPolicy permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n General purpose buckets example bucket policies\n - See Bucket policy\n examples in the Amazon S3 User Guide.
\n\n Directory bucket example bucket policies\n - See Example bucket policies for S3 Express One Zone in the\n Amazon S3 User Guide.
\n\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following action is related to GetBucketPolicy:
\n GetObject\n
\nReturns the policy of a specified bucket.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
If you are using an identity other than the root user of the Amazon Web Services account that\n owns the bucket, the calling identity must both have the\n GetBucketPolicy permissions on the specified bucket and belong to\n the bucket owner's account in order to use this operation.
If you don't have GetBucketPolicy permissions, Amazon S3 returns a\n 403 Access Denied error. If you have the correct permissions, but\n you're not using an identity that belongs to the bucket owner's account, Amazon S3\n returns a 405 Method Not Allowed error.
To ensure that bucket owners don't inadvertently lock themselves out of\n their own buckets, the root principal in a bucket owner's Amazon Web Services account can\n perform the GetBucketPolicy, PutBucketPolicy, and\n DeleteBucketPolicy API actions, even if their bucket policy\n explicitly denies the root principal's access. Bucket owner root principals can\n only be blocked from performing these API actions by VPC endpoint policies and\n Amazon Web Services Organizations policies.
\n General purpose bucket permissions - The\n s3:GetBucketPolicy permission is required in a policy. For\n more information about general purpose buckets bucket policies, see Using Bucket Policies and User Policies in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n To grant access to this API operation, you must have the\n s3express:GetBucketPolicy permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n General purpose buckets example bucket policies\n - See Bucket policy\n examples in the Amazon S3 User Guide.
\n\n Directory bucket example bucket policies\n - See Example bucket policies for S3 Express One Zone in the\n Amazon S3 User Guide.
\n\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following action is related to GetBucketPolicy:
\n GetObject\n
\nRetrieves an object from Amazon S3.
\nIn the GetObject request, specify the full key name for the object.
\n General purpose buckets - Both the virtual-hosted-style\n requests and the path-style requests are supported. For a virtual hosted-style request\n example, if you have the object photos/2006/February/sample.jpg, specify the\n object key name as /photos/2006/February/sample.jpg. For a path-style request\n example, if you have the object photos/2006/February/sample.jpg in the bucket\n named examplebucket, specify the object key name as\n /examplebucket/photos/2006/February/sample.jpg. For more information about\n request types, see HTTP Host\n Header Bucket Specification in the Amazon S3 User Guide.
\n Directory buckets -\n Only virtual-hosted-style requests are supported. For a virtual hosted-style request example, if you have the object photos/2006/February/sample.jpg in the bucket named examplebucket--use1-az5--x-s3, specify the object key name as /photos/2006/February/sample.jpg. Also, when you make requests to this API operation, your requests are sent to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - You\n must have the required permissions in a policy. To use\n GetObject, you must have the READ access to the\n object (or version). If you grant READ access to the anonymous\n user, the GetObject operation returns the object without using\n an authorization header. For more information, see Specifying permissions in a policy in the\n Amazon S3 User Guide.
If you include a versionId in your request header, you must\n have the s3:GetObjectVersion permission to access a specific\n version of an object. The s3:GetObject permission is not\n required in this scenario.
If you request the current version of an object without a specific\n versionId in the request header, only the\n s3:GetObject permission is required. The\n s3:GetObjectVersion permission is not required in this\n scenario.
If the object that you request doesn’t exist, the error that Amazon S3 returns\n depends on whether you also have the s3:ListBucket\n permission.
If you have the s3:ListBucket permission on the\n bucket, Amazon S3 returns an HTTP status code 404 Not Found\n error.
If you don’t have the s3:ListBucket permission, Amazon S3\n returns an HTTP status code 403 Access Denied\n error.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If\n the\n object is encrypted using SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval\n storage class, the S3 Glacier Deep Archive storage class, the\n S3 Intelligent-Tiering Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier,\n before you can retrieve the object you must first restore a copy using RestoreObject. Otherwise, this operation returns an\n InvalidObjectState error. For information about restoring archived\n objects, see Restoring Archived\n Objects in the Amazon S3 User Guide.
\n Directory buckets -\n For directory buckets, only the S3 Express One Zone storage class is supported to store newly created objects. \nUnsupported storage class values won't write a destination object and will respond with the HTTP status code 400 Bad Request.
Encryption request headers, like x-amz-server-side-encryption,\n should not be sent for the GetObject requests, if your object uses\n server-side encryption with Amazon S3 managed encryption keys (SSE-S3), server-side\n encryption with Key Management Service (KMS) keys (SSE-KMS), or dual-layer server-side\n encryption with Amazon Web Services KMS keys (DSSE-KMS). If you include the header in your\n GetObject requests for the object that uses these types of keys,\n you’ll get an HTTP 400 Bad Request error.
\n Directory buckets -\n For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. SSE-C isn't supported. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide.
\nThere are times when you want to override certain response header values of a\n GetObject response. For example, you might override the\n Content-Disposition response header value through your\n GetObject request.
You can override values for a set of response headers. These modified response\n header values are included only in a successful response, that is, when the HTTP\n status code 200 OK is returned. The headers you can override using\n the following query parameters in the request are a subset of the headers that\n Amazon S3 accepts when you create an object.
The response headers that you can override for the GetObject\n response are Cache-Control, Content-Disposition,\n Content-Encoding, Content-Language,\n Content-Type, and Expires.
To override values for a set of response headers in the GetObject\n response, you can use the following query parameters in the request.
\n response-cache-control\n
\n response-content-disposition\n
\n response-content-encoding\n
\n response-content-language\n
\n response-content-type\n
\n response-expires\n
When you use these parameters, you must sign the request by using either an\n Authorization header or a presigned URL. These parameters cannot be used with\n an unsigned (anonymous) request.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to GetObject:
\n ListBuckets\n
\n\n GetObjectAcl\n
\nRetrieves an object from Amazon S3.
\nIn the GetObject request, specify the full key name for the object.
\n General purpose buckets - Both the virtual-hosted-style\n requests and the path-style requests are supported. For a virtual hosted-style request\n example, if you have the object photos/2006/February/sample.jpg, specify the\n object key name as /photos/2006/February/sample.jpg. For a path-style request\n example, if you have the object photos/2006/February/sample.jpg in the bucket\n named examplebucket, specify the object key name as\n /examplebucket/photos/2006/February/sample.jpg. For more information about\n request types, see HTTP Host\n Header Bucket Specification in the Amazon S3 User Guide.
\n Directory buckets -\n Only virtual-hosted-style requests are supported. For a virtual hosted-style request example, if you have the object photos/2006/February/sample.jpg in the bucket named examplebucket--use1-az5--x-s3, specify the object key name as /photos/2006/February/sample.jpg. Also, when you make requests to this API operation, your requests are sent to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - You\n must have the required permissions in a policy. To use\n GetObject, you must have the READ access to the\n object (or version). If you grant READ access to the anonymous\n user, the GetObject operation returns the object without using\n an authorization header. For more information, see Specifying permissions in a policy in the\n Amazon S3 User Guide.
If you include a versionId in your request header, you must\n have the s3:GetObjectVersion permission to access a specific\n version of an object. The s3:GetObject permission is not\n required in this scenario.
If you request the current version of an object without a specific\n versionId in the request header, only the\n s3:GetObject permission is required. The\n s3:GetObjectVersion permission is not required in this\n scenario.
If the object that you request doesn’t exist, the error that Amazon S3 returns\n depends on whether you also have the s3:ListBucket\n permission.
If you have the s3:ListBucket permission on the\n bucket, Amazon S3 returns an HTTP status code 404 Not Found\n error.
If you don’t have the s3:ListBucket permission, Amazon S3\n returns an HTTP status code 403 Access Denied\n error.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If\n the\n object is encrypted using SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval\n storage class, the S3 Glacier Deep Archive storage class, the\n S3 Intelligent-Tiering Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier,\n before you can retrieve the object you must first restore a copy using RestoreObject. Otherwise, this operation returns an\n InvalidObjectState error. For information about restoring archived\n objects, see Restoring Archived\n Objects in the Amazon S3 User Guide.
\n Directory buckets -\n For directory buckets, only the S3 Express One Zone storage class is supported to store newly created objects. \nUnsupported storage class values won't write a destination object and will respond with the HTTP status code 400 Bad Request.
Encryption request headers, like x-amz-server-side-encryption,\n should not be sent for the GetObject requests, if your object uses\n server-side encryption with Amazon S3 managed encryption keys (SSE-S3), server-side\n encryption with Key Management Service (KMS) keys (SSE-KMS), or dual-layer server-side\n encryption with Amazon Web Services KMS keys (DSSE-KMS). If you include the header in your\n GetObject requests for the object that uses these types of keys,\n you’ll get an HTTP 400 Bad Request error.
\n Directory buckets -\n For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. SSE-C isn't supported. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide.
\nThere are times when you want to override certain response header values of a\n GetObject response. For example, you might override the\n Content-Disposition response header value through your\n GetObject request.
You can override values for a set of response headers. These modified response\n header values are included only in a successful response, that is, when the HTTP\n status code 200 OK is returned. The headers you can override using\n the following query parameters in the request are a subset of the headers that\n Amazon S3 accepts when you create an object.
The response headers that you can override for the GetObject\n response are Cache-Control, Content-Disposition,\n Content-Encoding, Content-Language,\n Content-Type, and Expires.
To override values for a set of response headers in the GetObject\n response, you can use the following query parameters in the request.
\n response-cache-control\n
\n response-content-disposition\n
\n response-content-encoding\n
\n response-content-language\n
\n response-content-type\n
\n response-expires\n
When you use these parameters, you must sign the request by using either an\n Authorization header or a presigned URL. These parameters cannot be used with\n an unsigned (anonymous) request.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to GetObject:
\n ListBuckets\n
\n\n GetObjectAcl\n
\nRetrieves all the metadata from an object without returning the object itself. This\n operation is useful if you're interested only in an object's metadata.
\n\n GetObjectAttributes combines the functionality of HeadObject\n and ListParts. All of the data returned with each of those individual calls\n can be returned with a single call to GetObjectAttributes.
\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - To\n use GetObjectAttributes, you must have READ access to the\n object. The permissions that you need to use this operation depend on\n whether the bucket is versioned. If the bucket is versioned, you need both\n the s3:GetObjectVersion and\n s3:GetObjectVersionAttributes permissions for this\n operation. If the bucket is not versioned, you need the\n s3:GetObject and s3:GetObjectAttributes\n permissions. For more information, see Specifying\n Permissions in a Policy in the\n Amazon S3 User Guide. If the object that you request does\n not exist, the error Amazon S3 returns depends on whether you also have the\n s3:ListBucket permission.
If you have the s3:ListBucket permission on the\n bucket, Amazon S3 returns an HTTP status code 404 Not Found\n (\"no such key\") error.
If you don't have the s3:ListBucket permission, Amazon S3\n returns an HTTP status code 403 Forbidden (\"access\n denied\") error.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If\n the\n object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
Encryption request headers, like x-amz-server-side-encryption,\n should not be sent for HEAD requests if your object uses\n server-side encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer\n server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side\n encryption with Amazon S3 managed encryption keys (SSE-S3). The\n x-amz-server-side-encryption header is used when you\n PUT an object to S3 and want to specify the encryption method.\n If you include this header in a GET request for an object that\n uses these types of keys, you’ll get an HTTP 400 Bad Request\n error. It's because the encryption method can't be changed when you retrieve\n the object.
If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you retrieve\n the metadata from the object, you must use the following headers to provide the\n encryption key for the server to be able to retrieve the object's metadata. The\n headers are:
\n\n x-amz-server-side-encryption-customer-algorithm\n
\n x-amz-server-side-encryption-customer-key\n
\n x-amz-server-side-encryption-customer-key-MD5\n
For more information about SSE-C, see Server-Side\n Encryption (Using Customer-Provided Encryption Keys) in the\n Amazon S3 User Guide.
\n\n Directory bucket permissions -\n For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your \n CreateSession requests or PUT object requests. Then, new objects \n are automatically encrypted with the desired encryption settings. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.
\n Directory buckets -\n S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the null value of the version ID is supported by directory buckets. You can only specify null to the\n versionId query parameter in the request.
Consider the following when using request headers:
\nIf both of the If-Match and If-Unmodified-Since\n headers are present in the request as follows, then Amazon S3 returns the HTTP\n status code 200 OK and the data requested:
\n If-Match condition evaluates to\n true.
\n If-Unmodified-Since condition evaluates to\n false.
For more information about conditional requests, see RFC 7232.
\nIf both of the If-None-Match and\n If-Modified-Since headers are present in the request as\n follows, then Amazon S3 returns the HTTP status code 304 Not\n Modified:
\n If-None-Match condition evaluates to\n false.
\n If-Modified-Since condition evaluates to\n true.
For more information about conditional requests, see RFC 7232.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following actions are related to GetObjectAttributes:
\n GetObject\n
\n\n GetObjectAcl\n
\n\n GetObjectLegalHold\n
\n\n GetObjectRetention\n
\n\n GetObjectTagging\n
\n\n HeadObject\n
\n\n ListParts\n
\nRetrieves all the metadata from an object without returning the object itself. This\n operation is useful if you're interested only in an object's metadata.
\n\n GetObjectAttributes combines the functionality of HeadObject\n and ListParts. All of the data returned with each of those individual calls\n can be returned with a single call to GetObjectAttributes.
\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - To\n use GetObjectAttributes, you must have READ access to the\n object. The permissions that you need to use this operation depend on\n whether the bucket is versioned. If the bucket is versioned, you need both\n the s3:GetObjectVersion and\n s3:GetObjectVersionAttributes permissions for this\n operation. If the bucket is not versioned, you need the\n s3:GetObject and s3:GetObjectAttributes\n permissions. For more information, see Specifying\n Permissions in a Policy in the\n Amazon S3 User Guide. If the object that you request does\n not exist, the error Amazon S3 returns depends on whether you also have the\n s3:ListBucket permission.
If you have the s3:ListBucket permission on the\n bucket, Amazon S3 returns an HTTP status code 404 Not Found\n (\"no such key\") error.
If you don't have the s3:ListBucket permission, Amazon S3\n returns an HTTP status code 403 Forbidden (\"access\n denied\") error.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If\n the\n object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
Encryption request headers, like x-amz-server-side-encryption,\n should not be sent for HEAD requests if your object uses\n server-side encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer\n server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side\n encryption with Amazon S3 managed encryption keys (SSE-S3). The\n x-amz-server-side-encryption header is used when you\n PUT an object to S3 and want to specify the encryption method.\n If you include this header in a GET request for an object that\n uses these types of keys, you’ll get an HTTP 400 Bad Request\n error. It's because the encryption method can't be changed when you retrieve\n the object.
If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you retrieve\n the metadata from the object, you must use the following headers to provide the\n encryption key for the server to be able to retrieve the object's metadata. The\n headers are:
\n\n x-amz-server-side-encryption-customer-algorithm\n
\n x-amz-server-side-encryption-customer-key\n
\n x-amz-server-side-encryption-customer-key-MD5\n
For more information about SSE-C, see Server-Side\n Encryption (Using Customer-Provided Encryption Keys) in the\n Amazon S3 User Guide.
\n\n Directory bucket permissions -\n For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). We recommend that the bucket's default encryption uses the desired encryption configuration and you don't override the bucket default encryption in your \n CreateSession requests or PUT object requests. Then, new objects \n are automatically encrypted with the desired encryption settings. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.
\n Directory buckets -\n S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the null value of the version ID is supported by directory buckets. You can only specify null to the\n versionId query parameter in the request.
Consider the following when using request headers:
\nIf both of the If-Match and If-Unmodified-Since\n headers are present in the request as follows, then Amazon S3 returns the HTTP\n status code 200 OK and the data requested:
\n If-Match condition evaluates to\n true.
\n If-Unmodified-Since condition evaluates to\n false.
For more information about conditional requests, see RFC 7232.
\nIf both of the If-None-Match and\n If-Modified-Since headers are present in the request as\n follows, then Amazon S3 returns the HTTP status code 304 Not\n Modified:
\n If-None-Match condition evaluates to\n false.
\n If-Modified-Since condition evaluates to\n true.
For more information about conditional requests, see RFC 7232.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following actions are related to GetObjectAttributes:
\n GetObject\n
\n\n GetObjectAcl\n
\n\n GetObjectLegalHold\n
\n\n GetObjectRetention\n
\n\n GetObjectTagging\n
\n\n HeadObject\n
\n\n ListParts\n
\nYou can use this operation to determine if a bucket exists and if you have permission to\n access it. The action returns a 200 OK if the bucket exists and you have\n permission to access it.
If the bucket does not exist or you do not have permission to access it, the\n HEAD request returns a generic 400 Bad Request, 403\n Forbidden or 404 Not Found code. A message body is not included,\n so you cannot determine the exception beyond these HTTP response codes.
\n General purpose buckets - Request to public\n buckets that grant the s3:ListBucket permission publicly do not need to be signed.\n All other HeadBucket requests must be authenticated and signed by\n using IAM credentials (access key ID and secret access key for the IAM\n identities). All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see\n REST Authentication.
\n Directory buckets - You must use IAM\n credentials to authenticate and authorize your access to the\n HeadBucket API operation, instead of using the temporary security\n credentials through the CreateSession API operation.
Amazon Web Services CLI or SDKs handles authentication and authorization on your\n behalf.
\n\n General purpose bucket permissions - To\n use this operation, you must have permissions to perform the\n s3:ListBucket action. The bucket owner has this permission\n by default and can grant this permission to others. For more information\n about permissions, see Managing access\n permissions to your Amazon S3 resources in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n You must have the \n s3express:CreateSession\n permission in the\n Action element of a policy. By default, the session is in\n the ReadWrite mode. If you want to restrict the access, you can\n explicitly set the s3express:SessionMode condition key to\n ReadOnly on the bucket.
For more information about example bucket policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for\n S3 Express One Zone in the Amazon S3 User Guide.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
You must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com. Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
You can use this operation to determine if a bucket exists and if you have permission to\n access it. The action returns a 200 OK if the bucket exists and you have\n permission to access it.
If the bucket does not exist or you do not have permission to access it, the\n HEAD request returns a generic 400 Bad Request, 403\n Forbidden or 404 Not Found code. A message body is not included,\n so you cannot determine the exception beyond these HTTP response codes.
\n General purpose buckets - Request to public\n buckets that grant the s3:ListBucket permission publicly do not need to be signed.\n All other HeadBucket requests must be authenticated and signed by\n using IAM credentials (access key ID and secret access key for the IAM\n identities). All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see\n REST Authentication.
\n Directory buckets - You must use IAM\n credentials to authenticate and authorize your access to the\n HeadBucket API operation, instead of using the temporary security\n credentials through the CreateSession API operation.
Amazon Web Services CLI or SDKs handles authentication and authorization on your\n behalf.
\n\n General purpose bucket permissions - To\n use this operation, you must have permissions to perform the\n s3:ListBucket action. The bucket owner has this permission\n by default and can grant this permission to others. For more information\n about permissions, see Managing access\n permissions to your Amazon S3 resources in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n You must have the \n s3express:CreateSession\n permission in the\n Action element of a policy. By default, the session is in\n the ReadWrite mode. If you want to restrict the access, you can\n explicitly set the s3express:SessionMode condition key to\n ReadOnly on the bucket.
For more information about example bucket policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for\n S3 Express One Zone in the Amazon S3 User Guide.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
You must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com. Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
The HEAD operation retrieves metadata from an object without returning the\n object itself. This operation is useful if you're interested only in an object's\n metadata.
A HEAD request has the same options as a GET operation on\n an object. The response is identical to the GET response except that there\n is no response body. Because of this, if the HEAD request generates an\n error, it returns a generic code, such as 400 Bad Request, 403\n Forbidden, 404 Not Found, 405 Method Not Allowed,\n 412 Precondition Failed, or 304 Not Modified. It's not\n possible to retrieve the exact exception of these error codes.
Request headers are limited to 8 KB in size. For more information, see Common\n Request Headers.
\n\n General purpose bucket permissions - To\n use HEAD, you must have the s3:GetObject\n permission. You need the relevant read object (or version) permission for\n this operation. For more information, see Actions, resources, and\n condition keys for Amazon S3 in the Amazon S3 User\n Guide. For more information about the permissions to S3 API\n operations by S3 resource types, see Required permissions for Amazon S3 API operations in the\n Amazon S3 User Guide.
If the object you request doesn't exist, the error that Amazon S3 returns\n depends on whether you also have the s3:ListBucket\n permission.
If you have the s3:ListBucket permission on the\n bucket, Amazon S3 returns an HTTP status code 404 Not Found\n error.
If you don’t have the s3:ListBucket permission, Amazon S3\n returns an HTTP status code 403 Forbidden error.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If you enable x-amz-checksum-mode in the request and the\n object is encrypted with Amazon Web Services Key Management Service (Amazon Web Services KMS), you must\n also have the kms:GenerateDataKey and kms:Decrypt\n permissions in IAM identity-based policies and KMS key policies for the\n KMS key to retrieve the checksum of the object.
Encryption request headers, like x-amz-server-side-encryption,\n should not be sent for HEAD requests if your object uses\n server-side encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer\n server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side\n encryption with Amazon S3 managed encryption keys (SSE-S3). The\n x-amz-server-side-encryption header is used when you\n PUT an object to S3 and want to specify the encryption method.\n If you include this header in a HEAD request for an object that\n uses these types of keys, you’ll get an HTTP 400 Bad Request\n error. It's because the encryption method can't be changed when you retrieve\n the object.
If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you retrieve\n the metadata from the object, you must use the following headers to provide the\n encryption key for the server to be able to retrieve the object's metadata. The\n headers are:
\n\n x-amz-server-side-encryption-customer-algorithm\n
\n x-amz-server-side-encryption-customer-key\n
\n x-amz-server-side-encryption-customer-key-MD5\n
For more information about SSE-C, see Server-Side\n Encryption (Using Customer-Provided Encryption Keys) in the\n Amazon S3 User Guide.
\n\n Directory bucket -\n For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. SSE-C isn't supported. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide.
\nIf the current version of the object is a delete marker, Amazon S3 behaves as\n if the object was deleted and includes x-amz-delete-marker:\n true in the response.
If the specified version is a delete marker, the response returns a\n 405 Method Not Allowed error and the Last-Modified:\n timestamp response header.
\n Directory buckets -\n Delete marker is not supported for directory buckets.
\n\n Directory buckets -\n S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the null value of the version ID is supported by directory buckets. You can only specify null\n to the versionId query parameter in the request.
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
The following actions are related to HeadObject:
\n GetObject\n
\n\n GetObjectAttributes\n
\nThe HEAD operation retrieves metadata from an object without returning the\n object itself. This operation is useful if you're interested only in an object's\n metadata.
A HEAD request has the same options as a GET operation on\n an object. The response is identical to the GET response except that there\n is no response body. Because of this, if the HEAD request generates an\n error, it returns a generic code, such as 400 Bad Request, 403\n Forbidden, 404 Not Found, 405 Method Not Allowed,\n 412 Precondition Failed, or 304 Not Modified. It's not\n possible to retrieve the exact exception of these error codes.
Request headers are limited to 8 KB in size. For more information, see Common\n Request Headers.
\n\n General purpose bucket permissions - To\n use HEAD, you must have the s3:GetObject\n permission. You need the relevant read object (or version) permission for\n this operation. For more information, see Actions, resources, and\n condition keys for Amazon S3 in the Amazon S3 User\n Guide. For more information about the permissions to S3 API\n operations by S3 resource types, see Required permissions for Amazon S3 API operations in the\n Amazon S3 User Guide.
If the object you request doesn't exist, the error that Amazon S3 returns\n depends on whether you also have the s3:ListBucket\n permission.
If you have the s3:ListBucket permission on the\n bucket, Amazon S3 returns an HTTP status code 404 Not Found\n error.
If you don’t have the s3:ListBucket permission, Amazon S3\n returns an HTTP status code 403 Forbidden error.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If you enable x-amz-checksum-mode in the request and the\n object is encrypted with Amazon Web Services Key Management Service (Amazon Web Services KMS), you must\n also have the kms:GenerateDataKey and kms:Decrypt\n permissions in IAM identity-based policies and KMS key policies for the\n KMS key to retrieve the checksum of the object.
Encryption request headers, like x-amz-server-side-encryption,\n should not be sent for HEAD requests if your object uses\n server-side encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer\n server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side\n encryption with Amazon S3 managed encryption keys (SSE-S3). The\n x-amz-server-side-encryption header is used when you\n PUT an object to S3 and want to specify the encryption method.\n If you include this header in a HEAD request for an object that\n uses these types of keys, you’ll get an HTTP 400 Bad Request\n error. It's because the encryption method can't be changed when you retrieve\n the object.
If you encrypt an object by using server-side encryption with customer-provided\n encryption keys (SSE-C) when you store the object in Amazon S3, then when you retrieve\n the metadata from the object, you must use the following headers to provide the\n encryption key for the server to be able to retrieve the object's metadata. The\n headers are:
\n\n x-amz-server-side-encryption-customer-algorithm\n
\n x-amz-server-side-encryption-customer-key\n
\n x-amz-server-side-encryption-customer-key-MD5\n
For more information about SSE-C, see Server-Side\n Encryption (Using Customer-Provided Encryption Keys) in the\n Amazon S3 User Guide.
\n\n Directory bucket -\n For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. SSE-C isn't supported. For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide.
\nIf the current version of the object is a delete marker, Amazon S3 behaves as\n if the object was deleted and includes x-amz-delete-marker:\n true in the response.
If the specified version is a delete marker, the response returns a\n 405 Method Not Allowed error and the Last-Modified:\n timestamp response header.
\n Directory buckets -\n Delete marker is not supported for directory buckets.
\n\n Directory buckets -\n S3 Versioning isn't enabled and supported for directory buckets. For this API operation, only the null value of the version ID is supported by directory buckets. You can only specify null\n to the versionId query parameter in the request.
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
The following actions are related to HeadObject:
\n GetObject\n
\n\n GetObjectAttributes\n
\nReturns a list of all Amazon S3 directory buckets owned by the authenticated sender of the\n request. For more information about directory buckets, see Directory buckets in the Amazon S3 User Guide.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
You must have the s3express:ListAllMyDirectoryBuckets permission\n in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n Directory buckets - The HTTP Host\n header syntax is\n s3express-control.region.amazonaws.com.
The BucketRegion response element is not part of the\n ListDirectoryBuckets Response Syntax.
Returns a list of all Amazon S3 directory buckets owned by the authenticated sender of the\n request. For more information about directory buckets, see Directory buckets in the Amazon S3 User Guide.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
You must have the s3express:ListAllMyDirectoryBuckets permission\n in an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n Directory buckets - The HTTP Host\n header syntax is\n s3express-control.region.amazonaws.com.
The BucketRegion response element is not part of the\n ListDirectoryBuckets Response Syntax.
This operation lists in-progress multipart uploads in a bucket. An in-progress multipart\n upload is a multipart upload that has been initiated by the\n CreateMultipartUpload request, but has not yet been completed or\n aborted.
\n Directory buckets - If multipart uploads in\n a directory bucket are in progress, you can't delete the bucket until all the\n in-progress multipart uploads are aborted or completed. To delete these in-progress\n multipart uploads, use the ListMultipartUploads operation to list the\n in-progress multipart uploads in the bucket and use the\n AbortMultipartUpload operation to abort all the in-progress multipart\n uploads.
The ListMultipartUploads operation returns a maximum of 1,000 multipart\n uploads in the response. The limit of 1,000 multipart uploads is also the default value.\n You can further limit the number of uploads in a response by specifying the\n max-uploads request parameter. If there are more than 1,000 multipart\n uploads that satisfy your ListMultipartUploads request, the response returns\n an IsTruncated element with the value of true, a\n NextKeyMarker element, and a NextUploadIdMarker element. To\n list the remaining multipart uploads, you need to make subsequent\n ListMultipartUploads requests. In these requests, include two query\n parameters: key-marker and upload-id-marker. Set the value of\n key-marker to the NextKeyMarker value from the previous\n response. Similarly, set the value of upload-id-marker to the\n NextUploadIdMarker value from the previous response.
\n Directory buckets - The\n upload-id-marker element and the NextUploadIdMarker element\n aren't supported by directory buckets. To list the additional multipart uploads, you\n only need to set the value of key-marker to the NextKeyMarker\n value from the previous response.
For more information about multipart uploads, see Uploading Objects Using Multipart\n Upload in the Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - For\n information about permissions required to use the multipart upload API, see\n Multipart Upload and\n Permissions in the Amazon S3 User Guide.
\n\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n General purpose bucket - In the\n ListMultipartUploads response, the multipart uploads are\n sorted based on two criteria:
Key-based sorting - Multipart uploads are initially sorted\n in ascending order based on their object keys.
\nTime-based sorting - For uploads that share the same object\n key, they are further sorted in ascending order based on the upload\n initiation time. Among uploads with the same key, the one that was\n initiated first will appear before the ones that were initiated\n later.
\n\n Directory bucket - In the\n ListMultipartUploads response, the multipart uploads aren't\n sorted lexicographically based on the object keys.\n \n
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to ListMultipartUploads:
\n UploadPart\n
\n\n ListParts\n
\n\n AbortMultipartUpload\n
\nThis operation lists in-progress multipart uploads in a bucket. An in-progress multipart\n upload is a multipart upload that has been initiated by the\n CreateMultipartUpload request, but has not yet been completed or\n aborted.
\n Directory buckets - If multipart uploads in\n a directory bucket are in progress, you can't delete the bucket until all the\n in-progress multipart uploads are aborted or completed. To delete these in-progress\n multipart uploads, use the ListMultipartUploads operation to list the\n in-progress multipart uploads in the bucket and use the\n AbortMultipartUpload operation to abort all the in-progress multipart\n uploads.
The ListMultipartUploads operation returns a maximum of 1,000 multipart\n uploads in the response. The limit of 1,000 multipart uploads is also the default value.\n You can further limit the number of uploads in a response by specifying the\n max-uploads request parameter. If there are more than 1,000 multipart\n uploads that satisfy your ListMultipartUploads request, the response returns\n an IsTruncated element with the value of true, a\n NextKeyMarker element, and a NextUploadIdMarker element. To\n list the remaining multipart uploads, you need to make subsequent\n ListMultipartUploads requests. In these requests, include two query\n parameters: key-marker and upload-id-marker. Set the value of\n key-marker to the NextKeyMarker value from the previous\n response. Similarly, set the value of upload-id-marker to the\n NextUploadIdMarker value from the previous response.
\n Directory buckets - The\n upload-id-marker element and the NextUploadIdMarker element\n aren't supported by directory buckets. To list the additional multipart uploads, you\n only need to set the value of key-marker to the NextKeyMarker\n value from the previous response.
For more information about multipart uploads, see Uploading Objects Using Multipart\n Upload in the Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - For\n information about permissions required to use the multipart upload API, see\n Multipart Upload and\n Permissions in the Amazon S3 User Guide.
\n\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n General purpose bucket - In the\n ListMultipartUploads response, the multipart uploads are\n sorted based on two criteria:
Key-based sorting - Multipart uploads are initially sorted\n in ascending order based on their object keys.
\nTime-based sorting - For uploads that share the same object\n key, they are further sorted in ascending order based on the upload\n initiation time. Among uploads with the same key, the one that was\n initiated first will appear before the ones that were initiated\n later.
\n\n Directory bucket - In the\n ListMultipartUploads response, the multipart uploads aren't\n sorted lexicographically based on the object keys.\n \n
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to ListMultipartUploads:
\n UploadPart\n
\n\n ListParts\n
\n\n AbortMultipartUpload\n
\nReturns some or all (up to 1,000) of the objects in a bucket with each request. You can\n use the request parameters as selection criteria to return a subset of the objects in a\n bucket. A 200 OK response can contain valid or invalid XML. Make sure to\n design your application to parse the contents of the response and handle it appropriately.\n For more information about listing objects, see Listing object keys\n programmatically in the Amazon S3 User Guide. To get a list of\n your buckets, see ListBuckets.
\n General purpose bucket - For general purpose buckets,\n ListObjectsV2 doesn't return prefixes that are related only to\n in-progress multipart uploads.
\n Directory buckets - For\n directory buckets, ListObjectsV2 response includes the prefixes that\n are related only to in-progress multipart uploads.
\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - To\n use this operation, you must have READ access to the bucket. You must have\n permission to perform the s3:ListBucket action. The bucket\n owner has this permission by default and can grant this permission to\n others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing Access\n Permissions to Your Amazon S3 Resources in the\n Amazon S3 User Guide.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n General purpose bucket - For\n general purpose buckets, ListObjectsV2 returns objects in\n lexicographical order based on their key names.
\n Directory bucket - For\n directory buckets, ListObjectsV2 does not return objects in\n lexicographical order.
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
This section describes the latest revision of this action. We recommend that you use\n this revised API operation for application development. For backward compatibility, Amazon S3\n continues to support the prior version of this API operation, ListObjects.
\nThe following operations are related to ListObjectsV2:
\n GetObject\n
\n\n PutObject\n
\n\n CreateBucket\n
\nReturns some or all (up to 1,000) of the objects in a bucket with each request. You can\n use the request parameters as selection criteria to return a subset of the objects in a\n bucket. A 200 OK response can contain valid or invalid XML. Make sure to\n design your application to parse the contents of the response and handle it appropriately.\n For more information about listing objects, see Listing object keys\n programmatically in the Amazon S3 User Guide. To get a list of\n your buckets, see ListBuckets.
\n General purpose bucket - For general purpose buckets,\n ListObjectsV2 doesn't return prefixes that are related only to\n in-progress multipart uploads.
\n Directory buckets - For\n directory buckets, ListObjectsV2 response includes the prefixes that\n are related only to in-progress multipart uploads.
\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - To\n use this operation, you must have READ access to the bucket. You must have\n permission to perform the s3:ListBucket action. The bucket\n owner has this permission by default and can grant this permission to\n others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing Access\n Permissions to Your Amazon S3 Resources in the\n Amazon S3 User Guide.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n General purpose bucket - For\n general purpose buckets, ListObjectsV2 returns objects in\n lexicographical order based on their key names.
\n Directory bucket - For\n directory buckets, ListObjectsV2 does not return objects in\n lexicographical order.
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
This section describes the latest revision of this action. We recommend that you use\n this revised API operation for application development. For backward compatibility, Amazon S3\n continues to support the prior version of this API operation, ListObjects.
\nThe following operations are related to ListObjectsV2:
\n GetObject\n
\n\n PutObject\n
\n\n CreateBucket\n
\nLists the parts that have been uploaded for a specific multipart upload.
\nTo use this operation, you must provide the upload ID in the request. You\n obtain this uploadID by sending the initiate multipart upload request through CreateMultipartUpload.
The ListParts request returns a maximum of 1,000 uploaded parts. The limit\n of 1,000 parts is also the default value. You can restrict the number of parts in a\n response by specifying the max-parts request parameter. If your multipart\n upload consists of more than 1,000 parts, the response returns an IsTruncated\n field with the value of true, and a NextPartNumberMarker element.\n To list remaining uploaded parts, in subsequent ListParts requests, include\n the part-number-marker query string parameter and set its value to the\n NextPartNumberMarker field value from the previous response.
For more information on multipart uploads, see Uploading Objects Using Multipart\n Upload in the Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - For\n information about permissions required to use the multipart upload API, see\n Multipart Upload and\n Permissions in the Amazon S3 User Guide.
\nIf the upload was created using server-side encryption with Key Management Service\n (KMS) keys (SSE-KMS) or dual-layer server-side encryption with\n Amazon Web Services KMS keys (DSSE-KMS), you must have permission to the\n kms:Decrypt action for the ListParts request to\n succeed.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to ListParts:
\n UploadPart\n
\n\n AbortMultipartUpload\n
\n\n GetObjectAttributes\n
\n\n ListMultipartUploads\n
\nLists the parts that have been uploaded for a specific multipart upload.
\nTo use this operation, you must provide the upload ID in the request. You\n obtain this uploadID by sending the initiate multipart upload request through CreateMultipartUpload.
The ListParts request returns a maximum of 1,000 uploaded parts. The limit\n of 1,000 parts is also the default value. You can restrict the number of parts in a\n response by specifying the max-parts request parameter. If your multipart\n upload consists of more than 1,000 parts, the response returns an IsTruncated\n field with the value of true, and a NextPartNumberMarker element.\n To list remaining uploaded parts, in subsequent ListParts requests, include\n the part-number-marker query string parameter and set its value to the\n NextPartNumberMarker field value from the previous response.
For more information on multipart uploads, see Uploading Objects Using Multipart\n Upload in the Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - For\n information about permissions required to use the multipart upload API, see\n Multipart Upload and\n Permissions in the Amazon S3 User Guide.
\nIf the upload was created using server-side encryption with Key Management Service\n (KMS) keys (SSE-KMS) or dual-layer server-side encryption with\n Amazon Web Services KMS keys (DSSE-KMS), you must have permission to the\n kms:Decrypt action for the ListParts request to\n succeed.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to ListParts:
\n UploadPart\n
\n\n AbortMultipartUpload\n
\n\n GetObjectAttributes\n
\n\n ListMultipartUploads\n
\nSpecifies the location where the bucket will be created.
\nFor directory buckets, the location type is Availability Zone or Local Zone. For more information about directory buckets, see \n Directory buckets in the Amazon S3 User Guide.
\nThis functionality is only supported by directory buckets.
\nSpecifies the location where the bucket will be created.
\nFor directory buckets, the location type is Availability Zone or Local Zone. For more information about directory buckets, see \n Working with directory buckets in the Amazon S3 User Guide.
\nThis functionality is only supported by directory buckets.
\nThis operation configures default encryption and Amazon S3 Bucket Keys for an existing\n bucket.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
By default, all buckets have a default encryption configuration that uses server-side\n encryption with Amazon S3 managed keys (SSE-S3).
\n\n General purpose buckets\n
\nYou can optionally configure default encryption for a bucket by using\n server-side encryption with Key Management Service (KMS) keys (SSE-KMS) or dual-layer\n server-side encryption with Amazon Web Services KMS keys (DSSE-KMS). If you specify\n default encryption by using SSE-KMS, you can also configure Amazon S3\n Bucket Keys. For information about the bucket default encryption\n feature, see Amazon S3 Bucket Default\n Encryption in the Amazon S3 User Guide.
\nIf you use PutBucketEncryption to set your default bucket\n encryption to SSE-KMS, you should verify that your KMS key ID\n is correct. Amazon S3 doesn't validate the KMS key ID provided in\n PutBucketEncryption requests.
\n\n Directory buckets - You can\n optionally configure default encryption for a bucket by using server-side\n encryption with Key Management Service (KMS) keys (SSE-KMS).
\nWe recommend that the bucket's default encryption uses the desired\n encryption configuration and you don't override the bucket default\n encryption in your CreateSession requests or PUT\n object requests. Then, new objects are automatically encrypted with the\n desired encryption settings.\n For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.
Your SSE-KMS configuration can only support 1 customer managed key per directory bucket for the lifetime of the bucket. \nThe Amazon Web Services managed key (aws/s3) isn't supported. \n
S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets \nto directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or \n the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.
When you specify an KMS customer managed key for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported.
\nFor directory buckets, if you use PutBucketEncryption to set your default bucket encryption to SSE-KMS, Amazon S3 validates the\n KMS key ID provided in PutBucketEncryption requests.
\nIf you're specifying a customer managed KMS key, we recommend using a fully\n qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the\n key within the requester’s account. This behavior can result in data that's encrypted\n with a KMS key that belongs to the requester, and not the bucket owner.
\nAlso, this action requires Amazon Web Services Signature Version 4. For more information, see\n Authenticating\n Requests (Amazon Web Services Signature Version 4).
\n\n General purpose bucket permissions - The\n s3:PutEncryptionConfiguration permission is required in a\n policy. The bucket owner has this permission by default. The bucket owner\n can grant this permission to others. For more information about permissions,\n see Permissions Related to Bucket Operations and Managing Access\n Permissions to Your Amazon S3 Resources in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n To grant access to this API operation, you must have the\n s3express:PutEncryptionConfiguration permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
To set a directory bucket default encryption with SSE-KMS, you must also\n have the kms:GenerateDataKey and the kms:Decrypt\n permissions in IAM identity-based policies and KMS key policies for the\n target KMS key.
\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to PutBucketEncryption:
\n GetBucketEncryption\n
\nThis operation configures default encryption and Amazon S3 Bucket Keys for an existing\n bucket.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
By default, all buckets have a default encryption configuration that uses server-side\n encryption with Amazon S3 managed keys (SSE-S3).
\n\n General purpose buckets\n
\nYou can optionally configure default encryption for a bucket by using\n server-side encryption with Key Management Service (KMS) keys (SSE-KMS) or dual-layer\n server-side encryption with Amazon Web Services KMS keys (DSSE-KMS). If you specify\n default encryption by using SSE-KMS, you can also configure Amazon S3\n Bucket Keys. For information about the bucket default encryption\n feature, see Amazon S3 Bucket Default\n Encryption in the Amazon S3 User Guide.
\nIf you use PutBucketEncryption to set your default bucket\n encryption to SSE-KMS, you should verify that your KMS key ID\n is correct. Amazon S3 doesn't validate the KMS key ID provided in\n PutBucketEncryption requests.
\n\n Directory buckets - You can\n optionally configure default encryption for a bucket by using server-side\n encryption with Key Management Service (KMS) keys (SSE-KMS).
\nWe recommend that the bucket's default encryption uses the desired\n encryption configuration and you don't override the bucket default\n encryption in your CreateSession requests or PUT\n object requests. Then, new objects are automatically encrypted with the\n desired encryption settings.\n For more information about the encryption overriding behaviors in directory buckets, see Specifying server-side encryption with KMS for new object uploads.
Your SSE-KMS configuration can only support 1 customer managed key per directory bucket for the lifetime of the bucket. \nThe Amazon Web Services managed key (aws/s3) isn't supported. \n
S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets \nto directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or \n the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.
When you specify an KMS customer managed key for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported.
\nFor directory buckets, if you use PutBucketEncryption to set your default bucket encryption to SSE-KMS, Amazon S3 validates the\n KMS key ID provided in PutBucketEncryption requests.
\nIf you're specifying a customer managed KMS key, we recommend using a fully\n qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the\n key within the requester’s account. This behavior can result in data that's encrypted\n with a KMS key that belongs to the requester, and not the bucket owner.
\nAlso, this action requires Amazon Web Services Signature Version 4. For more information, see\n Authenticating\n Requests (Amazon Web Services Signature Version 4).
\n\n General purpose bucket permissions - The\n s3:PutEncryptionConfiguration permission is required in a\n policy. The bucket owner has this permission by default. The bucket owner\n can grant this permission to others. For more information about permissions,\n see Permissions Related to Bucket Operations and Managing Access\n Permissions to Your Amazon S3 Resources in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n To grant access to this API operation, you must have the\n s3express:PutEncryptionConfiguration permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
To set a directory bucket default encryption with SSE-KMS, you must also\n have the kms:GenerateDataKey and the kms:Decrypt\n permissions in IAM identity-based policies and KMS key policies for the\n target KMS key.
\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to PutBucketEncryption:
\n GetBucketEncryption\n
\nCreates a new lifecycle configuration for the bucket or replaces an existing lifecycle\n configuration. Keep in mind that this will overwrite an existing lifecycle configuration,\n so if you want to retain any configuration details, they must be included in the new\n lifecycle configuration. For information about lifecycle configuration, see Managing\n your storage lifecycle.
\nBucket lifecycle configuration now supports specifying a lifecycle rule using an object key name prefix, one or more object tags, object size, or any combination of these. Accordingly, this section describes the latest API. The previous version of the API supported filtering based only on an object key name prefix, which is supported for backward compatibility.\n For the related API description, see PutBucketLifecycle.
\nYou specify the lifecycle configuration in your request body. The lifecycle\n configuration is specified as XML consisting of one or more rules. An Amazon S3\n Lifecycle configuration can have up to 1,000 rules. This limit is not\n adjustable.
\nBucket lifecycle configuration supports specifying a lifecycle rule using an\n object key name prefix, one or more object tags, object size, or any combination\n of these. Accordingly, this section describes the latest API. The previous version\n of the API supported filtering based only on an object key name prefix, which is\n supported for backward compatibility for general purpose buckets. For the related\n API description, see PutBucketLifecycle.
\nLifecyle configurations for directory buckets only support expiring objects and\n cancelling multipart uploads. Expiring of versioned objects,transitions and tag\n filters are not supported.
\nA lifecycle rule consists of the following:
\nA filter identifying a subset of objects to which the rule applies. The\n filter can be based on a key name prefix, object tags, object size, or any\n combination of these.
\nA status indicating whether the rule is in effect.
\nOne or more lifecycle transition and expiration actions that you want\n Amazon S3 to perform on the objects identified by the filter. If the state of\n your bucket is versioning-enabled or versioning-suspended, you can have many\n versions of the same object (one current version and zero or more noncurrent\n versions). Amazon S3 provides predefined actions that you can specify for current\n and noncurrent object versions.
\nFor more information, see Object Lifecycle\n Management and Lifecycle Configuration\n Elements.
\n\n General purpose bucket permissions - By\n default, all Amazon S3 resources are private, including buckets, objects, and\n related subresources (for example, lifecycle configuration and website\n configuration). Only the resource owner (that is, the Amazon Web Services account that\n created it) can access the resource. The resource owner can optionally grant\n access permissions to others by writing an access policy. For this\n operation, a user must have the s3:PutLifecycleConfiguration\n permission.
You can also explicitly deny permissions. An explicit deny also\n supersedes any other permissions. If you want to block users or accounts\n from removing or deleting objects from your bucket, you must deny them\n permissions for the following actions:
\n\n s3:DeleteObject\n
\n s3:DeleteObjectVersion\n
\n s3:PutLifecycleConfiguration\n
For more information about permissions, see Managing\n Access Permissions to Your Amazon S3 Resources.
\n\n Directory bucket permissions -\n You must have the s3express:PutLifecycleConfiguration\n permission in an IAM identity-based policy to use this operation.\n Cross-account access to this API operation isn't supported. The resource\n owner can optionally grant access permissions to others by creating a role\n or user for them as long as they are within the same account as the owner\n and resource.
For more information about directory bucket policies and permissions, see\n Authorizing Regional endpoint APIs with IAM in the\n Amazon S3 User Guide.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n Directory buckets - The HTTP Host\n header syntax is\n s3express-control.region.amazonaws.com.
The following operations are related to\n PutBucketLifecycleConfiguration:
Creates a new lifecycle configuration for the bucket or replaces an existing lifecycle\n configuration. Keep in mind that this will overwrite an existing lifecycle configuration,\n so if you want to retain any configuration details, they must be included in the new\n lifecycle configuration. For information about lifecycle configuration, see Managing\n your storage lifecycle.
\nBucket lifecycle configuration now supports specifying a lifecycle rule using an object key name prefix, one or more object tags, object size, or any combination of these. Accordingly, this section describes the latest API. The previous version of the API supported filtering based only on an object key name prefix, which is supported for backward compatibility.\n For the related API description, see PutBucketLifecycle.
\nYou specify the lifecycle configuration in your request body. The lifecycle\n configuration is specified as XML consisting of one or more rules. An Amazon S3\n Lifecycle configuration can have up to 1,000 rules. This limit is not\n adjustable.
\nBucket lifecycle configuration supports specifying a lifecycle rule using an\n object key name prefix, one or more object tags, object size, or any combination\n of these. Accordingly, this section describes the latest API. The previous version\n of the API supported filtering based only on an object key name prefix, which is\n supported for backward compatibility for general purpose buckets. For the related\n API description, see PutBucketLifecycle.
\nLifecyle configurations for directory buckets only support expiring objects and\n cancelling multipart uploads. Expiring of versioned objects,transitions and tag\n filters are not supported.
\nA lifecycle rule consists of the following:
\nA filter identifying a subset of objects to which the rule applies. The\n filter can be based on a key name prefix, object tags, object size, or any\n combination of these.
\nA status indicating whether the rule is in effect.
\nOne or more lifecycle transition and expiration actions that you want\n Amazon S3 to perform on the objects identified by the filter. If the state of\n your bucket is versioning-enabled or versioning-suspended, you can have many\n versions of the same object (one current version and zero or more noncurrent\n versions). Amazon S3 provides predefined actions that you can specify for current\n and noncurrent object versions.
\nFor more information, see Object Lifecycle\n Management and Lifecycle Configuration\n Elements.
\n\n General purpose bucket permissions - By\n default, all Amazon S3 resources are private, including buckets, objects, and\n related subresources (for example, lifecycle configuration and website\n configuration). Only the resource owner (that is, the Amazon Web Services account that\n created it) can access the resource. The resource owner can optionally grant\n access permissions to others by writing an access policy. For this\n operation, a user must have the s3:PutLifecycleConfiguration\n permission.
You can also explicitly deny permissions. An explicit deny also\n supersedes any other permissions. If you want to block users or accounts\n from removing or deleting objects from your bucket, you must deny them\n permissions for the following actions:
\n\n s3:DeleteObject\n
\n s3:DeleteObjectVersion\n
\n s3:PutLifecycleConfiguration\n
For more information about permissions, see Managing\n Access Permissions to Your Amazon S3 Resources.
\n\n Directory bucket permissions -\n You must have the s3express:PutLifecycleConfiguration\n permission in an IAM identity-based policy to use this operation.\n Cross-account access to this API operation isn't supported. The resource\n owner can optionally grant access permissions to others by creating a role\n or user for them as long as they are within the same account as the owner\n and resource.
For more information about directory bucket policies and permissions, see\n Authorizing Regional endpoint APIs with IAM in the\n Amazon S3 User Guide.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n Directory buckets - The HTTP Host\n header syntax is\n s3express-control.region.amazonaws.com.
The following operations are related to\n PutBucketLifecycleConfiguration:
Applies an Amazon S3 bucket policy to an Amazon S3 bucket.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
If you are using an identity other than the root user of the Amazon Web Services account that\n owns the bucket, the calling identity must both have the\n PutBucketPolicy permissions on the specified bucket and belong to\n the bucket owner's account in order to use this operation.
If you don't have PutBucketPolicy permissions, Amazon S3 returns a\n 403 Access Denied error. If you have the correct permissions, but\n you're not using an identity that belongs to the bucket owner's account, Amazon S3\n returns a 405 Method Not Allowed error.
To ensure that bucket owners don't inadvertently lock themselves out of\n their own buckets, the root principal in a bucket owner's Amazon Web Services account can\n perform the GetBucketPolicy, PutBucketPolicy, and\n DeleteBucketPolicy API actions, even if their bucket policy\n explicitly denies the root principal's access. Bucket owner root principals can\n only be blocked from performing these API actions by VPC endpoint policies and\n Amazon Web Services Organizations policies.
\n General purpose bucket permissions - The\n s3:PutBucketPolicy permission is required in a policy. For\n more information about general purpose buckets bucket policies, see Using Bucket Policies and User Policies in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n To grant access to this API operation, you must have the\n s3express:PutBucketPolicy permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n General purpose buckets example bucket policies\n - See Bucket policy\n examples in the Amazon S3 User Guide.
\n\n Directory bucket example bucket policies\n - See Example bucket policies for S3 Express One Zone in the\n Amazon S3 User Guide.
\n\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to PutBucketPolicy:
\n CreateBucket\n
\n\n DeleteBucket\n
\nApplies an Amazon S3 bucket policy to an Amazon S3 bucket.
\n\n Directory buckets - For directory buckets, you must make requests for this API operation to the Regional endpoint. These endpoints support path-style requests in the format https://s3express-control.region-code.amazonaws.com/bucket-name\n . Virtual-hosted-style requests aren't supported. \nFor more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
If you are using an identity other than the root user of the Amazon Web Services account that\n owns the bucket, the calling identity must both have the\n PutBucketPolicy permissions on the specified bucket and belong to\n the bucket owner's account in order to use this operation.
If you don't have PutBucketPolicy permissions, Amazon S3 returns a\n 403 Access Denied error. If you have the correct permissions, but\n you're not using an identity that belongs to the bucket owner's account, Amazon S3\n returns a 405 Method Not Allowed error.
To ensure that bucket owners don't inadvertently lock themselves out of\n their own buckets, the root principal in a bucket owner's Amazon Web Services account can\n perform the GetBucketPolicy, PutBucketPolicy, and\n DeleteBucketPolicy API actions, even if their bucket policy\n explicitly denies the root principal's access. Bucket owner root principals can\n only be blocked from performing these API actions by VPC endpoint policies and\n Amazon Web Services Organizations policies.
\n General purpose bucket permissions - The\n s3:PutBucketPolicy permission is required in a policy. For\n more information about general purpose buckets bucket policies, see Using Bucket Policies and User Policies in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n To grant access to this API operation, you must have the\n s3express:PutBucketPolicy permission in\n an IAM identity-based policy instead of a bucket policy. Cross-account access to this API operation isn't supported. This operation can only be performed by the Amazon Web Services account that owns the resource.\n For more information about directory bucket policies and permissions, see Amazon Web Services Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.
\n General purpose buckets example bucket policies\n - See Bucket policy\n examples in the Amazon S3 User Guide.
\n\n Directory bucket example bucket policies\n - See Example bucket policies for S3 Express One Zone in the\n Amazon S3 User Guide.
\n\n Directory buckets - The HTTP Host header syntax is s3express-control.region-code.amazonaws.com.
The following operations are related to PutBucketPolicy:
\n CreateBucket\n
\n\n DeleteBucket\n
\nAdds an object to a bucket.
\nAmazon S3 never adds partial objects; if you receive a success response, Amazon S3 added\n the entire object to the bucket. You cannot use PutObject to only\n update a single piece of metadata for an existing object. You must put the entire\n object with updated metadata if you want to update some values.
If your bucket uses the bucket owner enforced setting for Object Ownership,\n ACLs are disabled and no longer affect permissions. All objects written to the\n bucket by any account will be owned by the bucket owner.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
Amazon S3 is a distributed system. If it receives multiple write requests for the same object\n simultaneously, it overwrites all but the last object written. However, Amazon S3 provides\n features that can modify this behavior:
\n\n S3 Object Lock - To prevent objects from\n being deleted or overwritten, you can use Amazon S3 Object\n Lock in the Amazon S3 User Guide.
\nThis functionality is not supported for directory buckets.
\n\n S3 Versioning - When you enable versioning\n for a bucket, if Amazon S3 receives multiple write requests for the same object\n simultaneously, it stores all versions of the objects. For each write request that is\n made to the same object, Amazon S3 automatically generates a unique version ID of that\n object being stored in Amazon S3. You can retrieve, replace, or delete any version of the\n object. For more information about versioning, see Adding\n Objects to Versioning-Enabled Buckets in the Amazon S3 User\n Guide. For information about returning the versioning state of a\n bucket, see GetBucketVersioning.
\nThis functionality is not supported for directory buckets.
\n\n General purpose bucket permissions - The\n following permissions are required in your policies when your\n PutObject request includes specific headers.
\n \n s3:PutObject\n -\n To successfully complete the PutObject request, you must\n always have the s3:PutObject permission on a bucket to\n add an object to it.
\n \n s3:PutObjectAcl\n - To successfully change the objects ACL of your\n PutObject request, you must have the\n s3:PutObjectAcl.
\n \n s3:PutObjectTagging\n - To successfully set the tag-set with your\n PutObject request, you must have the\n s3:PutObjectTagging.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
\n General purpose bucket - To ensure that\n data is not corrupted traversing the network, use the\n Content-MD5 header. When you use this header, Amazon S3 checks\n the object against the provided MD5 value and, if they do not match, Amazon S3\n returns an error. Alternatively, when the object's ETag is its MD5 digest,\n you can calculate the MD5 while putting the object to Amazon S3 and compare the\n returned ETag to the calculated MD5 value.
\n Directory bucket -\n This functionality is not supported for directory buckets.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
For more information about related Amazon S3 APIs, see the following:
\n\n CopyObject\n
\n\n DeleteObject\n
\nAdds an object to a bucket.
\nAmazon S3 never adds partial objects; if you receive a success response, Amazon S3 added\n the entire object to the bucket. You cannot use PutObject to only\n update a single piece of metadata for an existing object. You must put the entire\n object with updated metadata if you want to update some values.
If your bucket uses the bucket owner enforced setting for Object Ownership,\n ACLs are disabled and no longer affect permissions. All objects written to the\n bucket by any account will be owned by the bucket owner.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
Amazon S3 is a distributed system. If it receives multiple write requests for the same object\n simultaneously, it overwrites all but the last object written. However, Amazon S3 provides\n features that can modify this behavior:
\n\n S3 Object Lock - To prevent objects from\n being deleted or overwritten, you can use Amazon S3 Object\n Lock in the Amazon S3 User Guide.
\nThis functionality is not supported for directory buckets.
\n\n S3 Versioning - When you enable versioning\n for a bucket, if Amazon S3 receives multiple write requests for the same object\n simultaneously, it stores all versions of the objects. For each write request that is\n made to the same object, Amazon S3 automatically generates a unique version ID of that\n object being stored in Amazon S3. You can retrieve, replace, or delete any version of the\n object. For more information about versioning, see Adding\n Objects to Versioning-Enabled Buckets in the Amazon S3 User\n Guide. For information about returning the versioning state of a\n bucket, see GetBucketVersioning.
\nThis functionality is not supported for directory buckets.
\n\n General purpose bucket permissions - The\n following permissions are required in your policies when your\n PutObject request includes specific headers.
\n \n s3:PutObject\n -\n To successfully complete the PutObject request, you must\n always have the s3:PutObject permission on a bucket to\n add an object to it.
\n \n s3:PutObjectAcl\n - To successfully change the objects ACL of your\n PutObject request, you must have the\n s3:PutObjectAcl.
\n \n s3:PutObjectTagging\n - To successfully set the tag-set with your\n PutObject request, you must have the\n s3:PutObjectTagging.
\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
\n General purpose bucket - To ensure that\n data is not corrupted traversing the network, use the\n Content-MD5 header. When you use this header, Amazon S3 checks\n the object against the provided MD5 value and, if they do not match, Amazon S3\n returns an error. Alternatively, when the object's ETag is its MD5 digest,\n you can calculate the MD5 while putting the object to Amazon S3 and compare the\n returned ETag to the calculated MD5 value.
\n Directory bucket -\n This functionality is not supported for directory buckets.
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
For more information about related Amazon S3 APIs, see the following:
\n\n CopyObject\n
\n\n DeleteObject\n
\nUploads a part in a multipart upload.
\nIn this operation, you provide new data as a part of an object in your request.\n However, you have an option to specify your existing Amazon S3 object as a data source for\n the part you are uploading. To upload a part from an existing object, you use the UploadPartCopy operation.
\nYou must initiate a multipart upload (see CreateMultipartUpload)\n before you can upload any part. In response to your initiate request, Amazon S3 returns an\n upload ID, a unique identifier that you must include in your upload part request.
\nPart numbers can be any number from 1 to 10,000, inclusive. A part number uniquely\n identifies a part and also defines its position within the object being created. If you\n upload a new part using the same part number that was used with a previous part, the\n previously uploaded part is overwritten.
\nFor information about maximum and minimum part sizes and other multipart upload\n specifications, see Multipart upload limits in the Amazon S3 User Guide.
\nAfter you initiate multipart upload and upload one or more parts, you must either\n complete or abort multipart upload in order to stop getting charged for storage of the\n uploaded parts. Only after you either complete or abort multipart upload, Amazon S3 frees up\n the parts storage and stops charging you for the parts storage.
\nFor more information on multipart uploads, go to Multipart Upload Overview in the\n Amazon S3 User Guide .
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - To\n perform a multipart upload with encryption using an Key Management Service key, the\n requester must have permission to the kms:Decrypt and\n kms:GenerateDataKey actions on the key. The requester must\n also have permissions for the kms:GenerateDataKey action for\n the CreateMultipartUpload API. Then, the requester needs\n permissions for the kms:Decrypt action on the\n UploadPart and UploadPartCopy APIs.
These permissions are required because Amazon S3 must decrypt and read data\n from the encrypted file parts before it completes the multipart upload. For\n more information about KMS permissions, see Protecting data\n using server-side encryption with KMS in the\n Amazon S3 User Guide. For information about the\n permissions required to use the multipart upload API, see Multipart upload and permissions and Multipart upload API and permissions in the\n Amazon S3 User Guide.
\n\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
\n General purpose bucket - To ensure that data\n is not corrupted traversing the network, specify the Content-MD5\n header in the upload part request. Amazon S3 checks the part data against the provided\n MD5 value. If they do not match, Amazon S3 returns an error. If the upload request is\n signed with Signature Version 4, then Amazon Web Services S3 uses the\n x-amz-content-sha256 header as a checksum instead of\n Content-MD5. For more information see Authenticating Requests: Using the Authorization Header (Amazon Web Services Signature\n Version 4).
\n Directory buckets - MD5 is not supported by directory buckets. You can use checksum algorithms to check object integrity.
\n\n General purpose bucket - Server-side\n encryption is for data encryption at rest. Amazon S3 encrypts your data as it\n writes it to disks in its data centers and decrypts it when you access it.\n You have mutually exclusive options to protect data using server-side\n encryption in Amazon S3, depending on how you choose to manage the encryption\n keys. Specifically, the encryption key options are Amazon S3 managed keys\n (SSE-S3), Amazon Web Services KMS keys (SSE-KMS), and Customer-Provided Keys (SSE-C).\n Amazon S3 encrypts data with server-side encryption using Amazon S3 managed keys\n (SSE-S3) by default. You can optionally tell Amazon S3 to encrypt data at rest\n using server-side encryption with other key options. The option you use\n depends on whether you want to use KMS keys (SSE-KMS) or provide your own\n encryption key (SSE-C).
\nServer-side encryption is supported by the S3 Multipart Upload\n operations. Unless you are using a customer-provided encryption key (SSE-C),\n you don't need to specify the encryption parameters in each UploadPart\n request. Instead, you only need to specify the server-side encryption\n parameters in the initial Initiate Multipart request. For more information,\n see CreateMultipartUpload.
\nIf you request server-side encryption using a customer-provided\n encryption key (SSE-C) in your initiate multipart upload request, you must\n provide identical encryption information in each part upload using the\n following request headers.
\nx-amz-server-side-encryption-customer-algorithm
\nx-amz-server-side-encryption-customer-key
\nx-amz-server-side-encryption-customer-key-MD5
\nFor more information, see Using\n Server-Side Encryption in the\n Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms).
Error Code: NoSuchUpload\n
Description: The specified multipart upload does not exist. The\n upload ID might be invalid, or the multipart upload might have been\n aborted or completed.
\nHTTP Status Code: 404 Not Found
\nSOAP Fault Code Prefix: Client
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to UploadPart:
\n AbortMultipartUpload\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nUploads a part in a multipart upload.
\nIn this operation, you provide new data as a part of an object in your request.\n However, you have an option to specify your existing Amazon S3 object as a data source for\n the part you are uploading. To upload a part from an existing object, you use the UploadPartCopy operation.
\nYou must initiate a multipart upload (see CreateMultipartUpload)\n before you can upload any part. In response to your initiate request, Amazon S3 returns an\n upload ID, a unique identifier that you must include in your upload part request.
\nPart numbers can be any number from 1 to 10,000, inclusive. A part number uniquely\n identifies a part and also defines its position within the object being created. If you\n upload a new part using the same part number that was used with a previous part, the\n previously uploaded part is overwritten.
\nFor information about maximum and minimum part sizes and other multipart upload\n specifications, see Multipart upload limits in the Amazon S3 User Guide.
\nAfter you initiate multipart upload and upload one or more parts, you must either\n complete or abort multipart upload in order to stop getting charged for storage of the\n uploaded parts. Only after you either complete or abort multipart upload, Amazon S3 frees up\n the parts storage and stops charging you for the parts storage.
\nFor more information on multipart uploads, go to Multipart Upload Overview in the\n Amazon S3 User Guide .
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
\n General purpose bucket permissions - To\n perform a multipart upload with encryption using an Key Management Service key, the\n requester must have permission to the kms:Decrypt and\n kms:GenerateDataKey actions on the key. The requester must\n also have permissions for the kms:GenerateDataKey action for\n the CreateMultipartUpload API. Then, the requester needs\n permissions for the kms:Decrypt action on the\n UploadPart and UploadPartCopy APIs.
These permissions are required because Amazon S3 must decrypt and read data\n from the encrypted file parts before it completes the multipart upload. For\n more information about KMS permissions, see Protecting data\n using server-side encryption with KMS in the\n Amazon S3 User Guide. For information about the\n permissions required to use the multipart upload API, see Multipart upload and permissions and Multipart upload API and permissions in the\n Amazon S3 User Guide.
\n\n Directory bucket permissions - To grant access to this API operation on a directory bucket, we recommend that you use the \n CreateSession\n API operation for session-based authorization. Specifically, you grant the s3express:CreateSession permission to the directory bucket in a bucket policy or an IAM identity-based policy. Then, you make the CreateSession API call on the bucket to obtain a session token. With the session token in your request header, you can make API requests to this operation. After the session token expires, you make another CreateSession API call to generate a new session token for use. \nAmazon Web Services CLI or SDKs create session and refresh the session token automatically to avoid service interruptions when a session expires. For more information about authorization, see \n CreateSession\n .
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
\n General purpose bucket - To ensure that data\n is not corrupted traversing the network, specify the Content-MD5\n header in the upload part request. Amazon S3 checks the part data against the provided\n MD5 value. If they do not match, Amazon S3 returns an error. If the upload request is\n signed with Signature Version 4, then Amazon Web Services S3 uses the\n x-amz-content-sha256 header as a checksum instead of\n Content-MD5. For more information see Authenticating Requests: Using the Authorization Header (Amazon Web Services Signature\n Version 4).
\n Directory buckets - MD5 is not supported by directory buckets. You can use checksum algorithms to check object integrity.
\n\n General purpose bucket - Server-side\n encryption is for data encryption at rest. Amazon S3 encrypts your data as it\n writes it to disks in its data centers and decrypts it when you access it.\n You have mutually exclusive options to protect data using server-side\n encryption in Amazon S3, depending on how you choose to manage the encryption\n keys. Specifically, the encryption key options are Amazon S3 managed keys\n (SSE-S3), Amazon Web Services KMS keys (SSE-KMS), and Customer-Provided Keys (SSE-C).\n Amazon S3 encrypts data with server-side encryption using Amazon S3 managed keys\n (SSE-S3) by default. You can optionally tell Amazon S3 to encrypt data at rest\n using server-side encryption with other key options. The option you use\n depends on whether you want to use KMS keys (SSE-KMS) or provide your own\n encryption key (SSE-C).
\nServer-side encryption is supported by the S3 Multipart Upload\n operations. Unless you are using a customer-provided encryption key (SSE-C),\n you don't need to specify the encryption parameters in each UploadPart\n request. Instead, you only need to specify the server-side encryption\n parameters in the initial Initiate Multipart request. For more information,\n see CreateMultipartUpload.
\nIf you request server-side encryption using a customer-provided\n encryption key (SSE-C) in your initiate multipart upload request, you must\n provide identical encryption information in each part upload using the\n following request headers.
\nx-amz-server-side-encryption-customer-algorithm
\nx-amz-server-side-encryption-customer-key
\nx-amz-server-side-encryption-customer-key-MD5
\nFor more information, see Using\n Server-Side Encryption in the\n Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms).
Error Code: NoSuchUpload\n
Description: The specified multipart upload does not exist. The\n upload ID might be invalid, or the multipart upload might have been\n aborted or completed.
\nHTTP Status Code: 404 Not Found
\nSOAP Fault Code Prefix: Client
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to UploadPart:
\n AbortMultipartUpload\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nUploads a part by copying data from an existing object as data source. To specify the\n data source, you add the request header x-amz-copy-source in your request. To\n specify a byte range, you add the request header x-amz-copy-source-range in\n your request.
For information about maximum and minimum part sizes and other multipart upload\n specifications, see Multipart upload limits in the Amazon S3 User Guide.
\nInstead of copying data from an existing object as part data, you might use the\n UploadPart action to upload new data as a part of an object in your\n request.
\nYou must initiate a multipart upload before you can upload any part. In response to your\n initiate request, Amazon S3 returns the upload ID, a unique identifier that you must include in\n your upload part request.
\nFor conceptual information about multipart uploads, see Uploading Objects Using Multipart\n Upload in the Amazon S3 User Guide. For information about\n copying objects using a single atomic action vs. a multipart upload, see Operations on\n Objects in the Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Available Local Zone for directory buckets in the\n Amazon S3 User Guide.
All UploadPartCopy requests must be authenticated and signed by\n using IAM credentials (access key ID and secret access key for the IAM\n identities). All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see\n REST Authentication.
\n Directory buckets - You must use IAM\n credentials to authenticate and authorize your access to the\n UploadPartCopy API operation, instead of using the temporary\n security credentials through the CreateSession API operation.
Amazon Web Services CLI or SDKs handles authentication and authorization on your\n behalf.
\nYou must have READ access to the source object and\n WRITE access to the destination bucket.
\n General purpose bucket permissions - You\n must have the permissions in a policy based on the bucket types of your\n source bucket and destination bucket in an UploadPartCopy\n operation.
If the source object is in a general purpose bucket, you must have the\n \n s3:GetObject\n \n permission to read the source object that is being copied.
If the destination bucket is a general purpose bucket, you must have the\n \n s3:PutObject\n \n permission to write the object copy to the destination bucket.
To perform a multipart upload with encryption using an Key Management Service\n key, the requester must have permission to the\n kms:Decrypt and kms:GenerateDataKey\n actions on the key. The requester must also have permissions for the\n kms:GenerateDataKey action for the\n CreateMultipartUpload API. Then, the requester needs\n permissions for the kms:Decrypt action on the\n UploadPart and UploadPartCopy APIs. These\n permissions are required because Amazon S3 must decrypt and read data from\n the encrypted file parts before it completes the multipart upload. For\n more information about KMS permissions, see Protecting\n data using server-side encryption with KMS in the\n Amazon S3 User Guide. For information about the\n permissions required to use the multipart upload API, see Multipart upload\n and permissions and Multipart upload API and permissions in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the\n source and destination bucket types in an UploadPartCopy\n operation.
If the source object that you want to copy is in a\n directory bucket, you must have the \n s3express:CreateSession\n permission in\n the Action element of a policy to read the object. By\n default, the session is in the ReadWrite mode. If you\n want to restrict the access, you can explicitly set the\n s3express:SessionMode condition key to\n ReadOnly on the copy source bucket.
If the copy destination is a directory bucket, you must have the\n \n s3express:CreateSession\n permission in the\n Action element of a policy to write the object to the\n destination. The s3express:SessionMode condition key\n cannot be set to ReadOnly on the copy destination.\n
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
For example policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for\n S3 Express One Zone in the Amazon S3 User Guide.
\n\n General purpose buckets -\n For information about using\n server-side encryption with customer-provided encryption keys with the\n UploadPartCopy operation, see CopyObject and\n UploadPart.
\n Directory buckets -\n For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide.
For directory buckets, when you perform a\n CreateMultipartUpload operation and an\n UploadPartCopy operation, the request headers you provide\n in the CreateMultipartUpload request must match the default\n encryption configuration of the destination bucket.
S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets \nto directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through UploadPartCopy. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.
\nError Code: NoSuchUpload\n
Description: The specified multipart upload does not exist. The\n upload ID might be invalid, or the multipart upload might have been\n aborted or completed.
\nHTTP Status Code: 404 Not Found
\nError Code: InvalidRequest\n
Description: The specified copy source is not supported as a\n byte-range copy source.
\nHTTP Status Code: 400 Bad Request
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to UploadPartCopy:
\n UploadPart\n
\n\n AbortMultipartUpload\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nUploads a part by copying data from an existing object as data source. To specify the\n data source, you add the request header x-amz-copy-source in your request. To\n specify a byte range, you add the request header x-amz-copy-source-range in\n your request.
For information about maximum and minimum part sizes and other multipart upload\n specifications, see Multipart upload limits in the Amazon S3 User Guide.
\nInstead of copying data from an existing object as part data, you might use the\n UploadPart action to upload new data as a part of an object in your\n request.
\nYou must initiate a multipart upload before you can upload any part. In response to your\n initiate request, Amazon S3 returns the upload ID, a unique identifier that you must include in\n your upload part request.
\nFor conceptual information about multipart uploads, see Uploading Objects Using Multipart\n Upload in the Amazon S3 User Guide. For information about\n copying objects using a single atomic action vs. a multipart upload, see Operations on\n Objects in the Amazon S3 User Guide.
\n\n Directory buckets -\n For directory buckets, you must make requests for this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style requests in the format https://bucket-name.s3express-zone-id.region-code.amazonaws.com/key-name\n . Path-style requests are not supported. For more information about endpoints in Availability Zones, see Regional and Zonal endpoints for directory buckets in Availability Zones in the\n Amazon S3 User Guide. For more information about endpoints in Local Zones, see Concepts for directory buckets in Local Zones in the\n Amazon S3 User Guide.
All UploadPartCopy requests must be authenticated and signed by\n using IAM credentials (access key ID and secret access key for the IAM\n identities). All headers with the x-amz- prefix, including\n x-amz-copy-source, must be signed. For more information, see\n REST Authentication.
\n Directory buckets - You must use IAM\n credentials to authenticate and authorize your access to the\n UploadPartCopy API operation, instead of using the temporary\n security credentials through the CreateSession API operation.
Amazon Web Services CLI or SDKs handles authentication and authorization on your\n behalf.
\nYou must have READ access to the source object and\n WRITE access to the destination bucket.
\n General purpose bucket permissions - You\n must have the permissions in a policy based on the bucket types of your\n source bucket and destination bucket in an UploadPartCopy\n operation.
If the source object is in a general purpose bucket, you must have the\n \n s3:GetObject\n \n permission to read the source object that is being copied.
If the destination bucket is a general purpose bucket, you must have the\n \n s3:PutObject\n \n permission to write the object copy to the destination bucket.
To perform a multipart upload with encryption using an Key Management Service\n key, the requester must have permission to the\n kms:Decrypt and kms:GenerateDataKey\n actions on the key. The requester must also have permissions for the\n kms:GenerateDataKey action for the\n CreateMultipartUpload API. Then, the requester needs\n permissions for the kms:Decrypt action on the\n UploadPart and UploadPartCopy APIs. These\n permissions are required because Amazon S3 must decrypt and read data from\n the encrypted file parts before it completes the multipart upload. For\n more information about KMS permissions, see Protecting\n data using server-side encryption with KMS in the\n Amazon S3 User Guide. For information about the\n permissions required to use the multipart upload API, see Multipart upload\n and permissions and Multipart upload API and permissions in the\n Amazon S3 User Guide.
\n Directory bucket permissions -\n You must have permissions in a bucket policy or an IAM identity-based policy based on the\n source and destination bucket types in an UploadPartCopy\n operation.
If the source object that you want to copy is in a\n directory bucket, you must have the \n s3express:CreateSession\n permission in\n the Action element of a policy to read the object. By\n default, the session is in the ReadWrite mode. If you\n want to restrict the access, you can explicitly set the\n s3express:SessionMode condition key to\n ReadOnly on the copy source bucket.
If the copy destination is a directory bucket, you must have the\n \n s3express:CreateSession\n permission in the\n Action element of a policy to write the object to the\n destination. The s3express:SessionMode condition key\n cannot be set to ReadOnly on the copy destination.\n
If the object is encrypted with SSE-KMS, you must also have the\n kms:GenerateDataKey and kms:Decrypt permissions\n in IAM identity-based policies and KMS key policies for the KMS\n key.
For example policies, see Example bucket policies for S3 Express One Zone and Amazon Web Services Identity and Access Management (IAM) identity-based policies for\n S3 Express One Zone in the Amazon S3 User Guide.
\n\n General purpose buckets -\n For information about using\n server-side encryption with customer-provided encryption keys with the\n UploadPartCopy operation, see CopyObject and\n UploadPart.
\n Directory buckets -\n For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (aws:kms). For more\n information, see Protecting data with server-side encryption in the Amazon S3 User Guide.
For directory buckets, when you perform a\n CreateMultipartUpload operation and an\n UploadPartCopy operation, the request headers you provide\n in the CreateMultipartUpload request must match the default\n encryption configuration of the destination bucket.
S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets \nto directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through UploadPartCopy. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.
\nError Code: NoSuchUpload\n
Description: The specified multipart upload does not exist. The\n upload ID might be invalid, or the multipart upload might have been\n aborted or completed.
\nHTTP Status Code: 404 Not Found
\nError Code: InvalidRequest\n
Description: The specified copy source is not supported as a\n byte-range copy source.
\nHTTP Status Code: 400 Bad Request
\n\n Directory buckets - The HTTP Host header syntax is \n Bucket-name.s3express-zone-id.region-code.amazonaws.com.
The following operations are related to UploadPartCopy:
\n UploadPart\n
\n\n AbortMultipartUpload\n
\n\n ListParts\n
\n\n ListMultipartUploads\n
\nThe type of compression used for an additional data source used in inference or\n training. Specify None if your additional data source is not\n compressed.
The ETag associated with S3 URI.
" + } } }, "traits": { @@ -701,7 +707,7 @@ } }, "traits": { - "smithy.api#documentation": "Specifies the training algorithm to use in a CreateTrainingJob request.
\nFor more information about algorithms provided by SageMaker, see Algorithms. For\n information about using your own algorithms, see Using Your Own Algorithms with\n Amazon SageMaker.
" + "smithy.api#documentation": "Specifies the training algorithm to use in a CreateTrainingJob request.
\nSageMaker uses its own SageMaker account credentials to pull and access built-in algorithms\n so built-in algorithms are universally accessible across all Amazon Web Services accounts. As a\n result, built-in algorithms have standard, unrestricted access. You cannot restrict\n built-in algorithms using IAM roles. Use custom algorithms if you require specific\n access controls.
\nFor more information about algorithms provided by SageMaker, see Algorithms. For\n information about using your own algorithms, see Using Your Own Algorithms with\n Amazon SageMaker.
" } }, "com.amazonaws.sagemaker#AlgorithmStatus": { @@ -1009,7 +1015,7 @@ } }, "traits": { - "smithy.api#documentation": "Details about an Amazon SageMaker app.
" + "smithy.api#documentation": "Details about an Amazon SageMaker AI app.
" } }, "com.amazonaws.sagemaker#AppImageConfigArn": { @@ -1052,7 +1058,7 @@ "KernelGatewayImageConfig": { "target": "com.amazonaws.sagemaker#KernelGatewayImageConfig", "traits": { - "smithy.api#documentation": "The configuration for the file system and kernels in the SageMaker image.
" + "smithy.api#documentation": "The configuration for the file system and kernels in the SageMaker AI image.
" } }, "JupyterLabAppImageConfig": { @@ -1069,7 +1075,7 @@ } }, "traits": { - "smithy.api#documentation": "The configuration for running a SageMaker image as a KernelGateway app.
" + "smithy.api#documentation": "The configuration for running a SageMaker AI image as a KernelGateway app.
" } }, "com.amazonaws.sagemaker#AppImageConfigList": { @@ -4448,7 +4454,7 @@ "target": "com.amazonaws.sagemaker#AutoMLS3DataType", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The data type.
\nIf you choose S3Prefix, S3Uri identifies a key name\n prefix. SageMaker uses all objects that match the specified key name prefix\n for model training.
The S3Prefix should have the following format:
\n s3://DOC-EXAMPLE-BUCKET/DOC-EXAMPLE-FOLDER-OR-FILE\n
If you choose ManifestFile, S3Uri identifies an object\n that is a manifest file containing a list of object keys that you want SageMaker to use for model training.
A ManifestFile should have the format shown below:
\n [ {\"prefix\":\n \"s3://DOC-EXAMPLE-BUCKET/DOC-EXAMPLE-FOLDER/DOC-EXAMPLE-PREFIX/\"}, \n
\n \"DOC-EXAMPLE-RELATIVE-PATH/DOC-EXAMPLE-FOLDER/DATA-1\",\n
\n \"DOC-EXAMPLE-RELATIVE-PATH/DOC-EXAMPLE-FOLDER/DATA-2\",\n
\n ... \"DOC-EXAMPLE-RELATIVE-PATH/DOC-EXAMPLE-FOLDER/DATA-N\" ]\n
If you choose AugmentedManifestFile, S3Uri identifies an\n object that is an augmented manifest file in JSON lines format. This file contains\n the data you want to use for model training. AugmentedManifestFile is\n available for V2 API jobs only (for example, for jobs created by calling\n CreateAutoMLJobV2).
Here is a minimal, single-record example of an\n AugmentedManifestFile:
\n {\"source-ref\":\n \"s3://DOC-EXAMPLE-BUCKET/DOC-EXAMPLE-FOLDER/cats/cat.jpg\",\n
\n \"label-metadata\": {\"class-name\": \"cat\" }
For more information on AugmentedManifestFile, see Provide\n Dataset Metadata to Training Jobs with an Augmented Manifest File.
The data type.
\nIf you choose S3Prefix, S3Uri identifies a key name\n prefix. SageMaker AI uses all objects that match the specified key name prefix\n for model training.
The S3Prefix should have the following format:
\n s3://DOC-EXAMPLE-BUCKET/DOC-EXAMPLE-FOLDER-OR-FILE\n
If you choose ManifestFile, S3Uri identifies an object\n that is a manifest file containing a list of object keys that you want SageMaker AI to use for model training.
A ManifestFile should have the format shown below:
\n [ {\"prefix\":\n \"s3://DOC-EXAMPLE-BUCKET/DOC-EXAMPLE-FOLDER/DOC-EXAMPLE-PREFIX/\"}, \n
\n \"DOC-EXAMPLE-RELATIVE-PATH/DOC-EXAMPLE-FOLDER/DATA-1\",\n
\n \"DOC-EXAMPLE-RELATIVE-PATH/DOC-EXAMPLE-FOLDER/DATA-2\",\n
\n ... \"DOC-EXAMPLE-RELATIVE-PATH/DOC-EXAMPLE-FOLDER/DATA-N\" ]\n
If you choose AugmentedManifestFile, S3Uri identifies an\n object that is an augmented manifest file in JSON lines format. This file contains\n the data you want to use for model training. AugmentedManifestFile is\n available for V2 API jobs only (for example, for jobs created by calling\n CreateAutoMLJobV2).
Here is a minimal, single-record example of an\n AugmentedManifestFile:
\n {\"source-ref\":\n \"s3://DOC-EXAMPLE-BUCKET/DOC-EXAMPLE-FOLDER/cats/cat.jpg\",\n
\n \"label-metadata\": {\"class-name\": \"cat\" }
For more information on AugmentedManifestFile, see Provide\n Dataset Metadata to Training Jobs with an Augmented Manifest File.
The list of all content type headers that Amazon SageMaker will treat as CSV and\n capture accordingly.
" + "smithy.api#documentation": "The list of all content type headers that Amazon SageMaker AI will treat as CSV and\n capture accordingly.
" } }, "JsonContentTypes": { "target": "com.amazonaws.sagemaker#JsonContentTypes", "traits": { - "smithy.api#documentation": "The list of all content type headers that SageMaker will treat as JSON and\n capture accordingly.
" + "smithy.api#documentation": "The list of all content type headers that SageMaker AI will treat as JSON and\n capture accordingly.
" } } }, "traits": { - "smithy.api#documentation": "Configuration specifying how to treat different headers. If no headers are specified\n Amazon SageMaker will by default base64 encode when capturing the data.
" + "smithy.api#documentation": "Configuration specifying how to treat different headers. If no headers are specified\n Amazon SageMaker AI will by default base64 encode when capturing the data.
" } }, "com.amazonaws.sagemaker#CaptureMode": { @@ -6873,7 +6879,8 @@ "type": "integer", "traits": { "smithy.api#range": { - "min": 0 + "min": 0, + "max": 6758 } } }, @@ -7528,6 +7535,168 @@ "traits": { "smithy.api#enumValue": "ml.trn2.48xlarge" } + }, + "ML_C6I_LARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.c6i.large" + } + }, + "ML_C6I_XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.c6i.xlarge" + } + }, + "ML_C6I_2XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.c6i.2xlarge" + } + }, + "ML_C6I_4XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.c6i.4xlarge" + } + }, + "ML_C6I_8XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.c6i.8xlarge" + } + }, + "ML_C6I_12XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.c6i.12xlarge" + } + }, + "ML_C6I_16XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.c6i.16xlarge" + } + }, + "ML_C6I_24XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.c6i.24xlarge" + } + }, + "ML_C6I_32XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.c6i.32xlarge" + } + }, + "ML_M6I_LARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.m6i.large" + } + }, + "ML_M6I_XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.m6i.xlarge" + } + }, + "ML_M6I_2XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.m6i.2xlarge" + } + }, + "ML_M6I_4XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.m6i.4xlarge" + } + }, + "ML_M6I_8XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.m6i.8xlarge" + } + }, + "ML_M6I_12XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.m6i.12xlarge" + } + }, + "ML_M6I_16XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.m6i.16xlarge" + } + }, + "ML_M6I_24XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.m6i.24xlarge" + } + }, + "ML_M6I_32XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.m6i.32xlarge" + } + }, + "ML_R6I_LARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.r6i.large" + } + }, + "ML_R6I_XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.r6i.xlarge" + } + }, + "ML_R6I_2XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.r6i.2xlarge" + } + }, + "ML_R6I_4XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.r6i.4xlarge" + } + }, + "ML_R6I_8XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.r6i.8xlarge" + } + }, + "ML_R6I_12XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.r6i.12xlarge" + } + }, + "ML_R6I_16XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.r6i.16xlarge" + } + }, + "ML_R6I_24XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.r6i.24xlarge" + } + }, + "ML_R6I_32XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.r6i.32xlarge" + } } } }, @@ -8110,7 +8279,7 @@ } }, "traits": { - "smithy.api#documentation": "A Git repository that SageMaker automatically displays to users for cloning in the\n JupyterServer application.
" + "smithy.api#documentation": "A Git repository that SageMaker AI automatically displays to users for cloning in the\n JupyterServer application.
" } }, "com.amazonaws.sagemaker#CodeRepositoryArn": { @@ -9523,7 +9692,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a running app for the specified UserProfile. This operation is automatically\n invoked by Amazon SageMaker upon access to the associated Domain, and when new kernel\n configurations are selected by the user. A user may have multiple Apps active\n simultaneously.
" + "smithy.api#documentation": "Creates a running app for the specified UserProfile. This operation is automatically\n invoked by Amazon SageMaker AI upon access to the associated Domain, and when new kernel\n configurations are selected by the user. A user may have multiple Apps active\n simultaneously.
" } }, "com.amazonaws.sagemaker#CreateAppImageConfig": { @@ -9540,7 +9709,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a configuration for running a SageMaker image as a KernelGateway app. The\n configuration specifies the Amazon Elastic File System storage volume on the image, and a list of the\n kernels in the image.
" + "smithy.api#documentation": "Creates a configuration for running a SageMaker AI image as a KernelGateway app. The\n configuration specifies the Amazon Elastic File System storage volume on the image, and a list of the\n kernels in the image.
" } }, "com.amazonaws.sagemaker#CreateAppImageConfigRequest": { @@ -9645,7 +9814,7 @@ "ResourceSpec": { "target": "com.amazonaws.sagemaker#ResourceSpec", "traits": { - "smithy.api#documentation": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image\n created on the instance.
\nThe value of InstanceType passed as part of the ResourceSpec\n in the CreateApp call overrides the value passed as part of the\n ResourceSpec configured for the user profile or the domain. If\n InstanceType is not specified in any of those three ResourceSpec\n values for a KernelGateway app, the CreateApp call fails with a\n request validation error.
The instance type and the Amazon Resource Name (ARN) of the SageMaker AI image\n created on the instance.
\nThe value of InstanceType passed as part of the ResourceSpec\n in the CreateApp call overrides the value passed as part of the\n ResourceSpec configured for the user profile or the domain. If\n InstanceType is not specified in any of those three ResourceSpec\n values for a KernelGateway app, the CreateApp call fails with a\n request validation error.
Creates an Autopilot job also referred to as Autopilot experiment or AutoML job.
\nAn AutoML job in SageMaker is a fully automated process that allows you to build machine\n learning models with minimal effort and machine learning expertise. When initiating an\n AutoML job, you provide your data and optionally specify parameters tailored to your use\n case. SageMaker then automates the entire model development lifecycle, including data\n preprocessing, model training, tuning, and evaluation. AutoML jobs are designed to simplify\n and accelerate the model building process by automating various tasks and exploring\n different combinations of machine learning algorithms, data preprocessing techniques, and\n hyperparameter values. The output of an AutoML job comprises one or more trained models\n ready for deployment and inference. Additionally, SageMaker AutoML jobs generate a candidate\n model leaderboard, allowing you to select the best-performing model for deployment.
\nFor more information about AutoML jobs, see https://docs.aws.amazon.com/sagemaker/latest/dg/autopilot-automate-model-development.html\n in the SageMaker developer guide.
\nWe recommend using the new versions CreateAutoMLJobV2 and DescribeAutoMLJobV2, which offer backward compatibility.
\n\n CreateAutoMLJobV2 can manage tabular problem types identical to those of\n its previous version CreateAutoMLJob, as well as time-series forecasting,\n non-tabular problem types such as image or text classification, and text generation\n (LLMs fine-tuning).
Find guidelines about how to migrate a CreateAutoMLJob to\n CreateAutoMLJobV2 in Migrate a CreateAutoMLJob to CreateAutoMLJobV2.
You can find the best-performing model after you run an AutoML job by calling DescribeAutoMLJobV2 (recommended) or DescribeAutoMLJob.
" + "smithy.api#documentation": "Creates an Autopilot job also referred to as Autopilot experiment or AutoML job.
\nAn AutoML job in SageMaker AI is a fully automated process that allows you to build machine\n learning models with minimal effort and machine learning expertise. When initiating an\n AutoML job, you provide your data and optionally specify parameters tailored to your use\n case. SageMaker AI then automates the entire model development lifecycle, including data\n preprocessing, model training, tuning, and evaluation. AutoML jobs are designed to simplify\n and accelerate the model building process by automating various tasks and exploring\n different combinations of machine learning algorithms, data preprocessing techniques, and\n hyperparameter values. The output of an AutoML job comprises one or more trained models\n ready for deployment and inference. Additionally, SageMaker AI AutoML jobs generate a candidate\n model leaderboard, allowing you to select the best-performing model for deployment.
\nFor more information about AutoML jobs, see https://docs.aws.amazon.com/sagemaker/latest/dg/autopilot-automate-model-development.html\n in the SageMaker AI developer guide.
\nWe recommend using the new versions CreateAutoMLJobV2 and DescribeAutoMLJobV2, which offer backward compatibility.
\n\n CreateAutoMLJobV2 can manage tabular problem types identical to those of\n its previous version CreateAutoMLJob, as well as time-series forecasting,\n non-tabular problem types such as image or text classification, and text generation\n (LLMs fine-tuning).
Find guidelines about how to migrate a CreateAutoMLJob to\n CreateAutoMLJobV2 in Migrate a CreateAutoMLJob to CreateAutoMLJobV2.
You can find the best-performing model after you run an AutoML job by calling DescribeAutoMLJobV2 (recommended) or DescribeAutoMLJob.
" } }, "com.amazonaws.sagemaker#CreateAutoMLJobRequest": { @@ -9872,7 +10041,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates an Autopilot job also referred to as Autopilot experiment or AutoML job V2.
\nAn AutoML job in SageMaker is a fully automated process that allows you to build machine\n learning models with minimal effort and machine learning expertise. When initiating an\n AutoML job, you provide your data and optionally specify parameters tailored to your use\n case. SageMaker then automates the entire model development lifecycle, including data\n preprocessing, model training, tuning, and evaluation. AutoML jobs are designed to simplify\n and accelerate the model building process by automating various tasks and exploring\n different combinations of machine learning algorithms, data preprocessing techniques, and\n hyperparameter values. The output of an AutoML job comprises one or more trained models\n ready for deployment and inference. Additionally, SageMaker AutoML jobs generate a candidate\n model leaderboard, allowing you to select the best-performing model for deployment.
\nFor more information about AutoML jobs, see https://docs.aws.amazon.com/sagemaker/latest/dg/autopilot-automate-model-development.html\n in the SageMaker developer guide.
\nAutoML jobs V2 support various problem types such as regression, binary, and multiclass\n classification with tabular data, text and image classification, time-series forecasting,\n and fine-tuning of large language models (LLMs) for text generation.
\n\n CreateAutoMLJobV2 and DescribeAutoMLJobV2 are new versions of CreateAutoMLJob\n and DescribeAutoMLJob which offer backward compatibility.
\n\n CreateAutoMLJobV2 can manage tabular problem types identical to those of\n its previous version CreateAutoMLJob, as well as time-series forecasting,\n non-tabular problem types such as image or text classification, and text generation\n (LLMs fine-tuning).
Find guidelines about how to migrate a CreateAutoMLJob to\n CreateAutoMLJobV2 in Migrate a CreateAutoMLJob to CreateAutoMLJobV2.
For the list of available problem types supported by CreateAutoMLJobV2, see\n AutoMLProblemTypeConfig.
You can find the best-performing model after you run an AutoML job V2 by calling DescribeAutoMLJobV2.
" + "smithy.api#documentation": "Creates an Autopilot job also referred to as Autopilot experiment or AutoML job V2.
\nAn AutoML job in SageMaker AI is a fully automated process that allows you to build machine\n learning models with minimal effort and machine learning expertise. When initiating an\n AutoML job, you provide your data and optionally specify parameters tailored to your use\n case. SageMaker AI then automates the entire model development lifecycle, including data\n preprocessing, model training, tuning, and evaluation. AutoML jobs are designed to simplify\n and accelerate the model building process by automating various tasks and exploring\n different combinations of machine learning algorithms, data preprocessing techniques, and\n hyperparameter values. The output of an AutoML job comprises one or more trained models\n ready for deployment and inference. Additionally, SageMaker AI AutoML jobs generate a candidate\n model leaderboard, allowing you to select the best-performing model for deployment.
\nFor more information about AutoML jobs, see https://docs.aws.amazon.com/sagemaker/latest/dg/autopilot-automate-model-development.html\n in the SageMaker AI developer guide.
\nAutoML jobs V2 support various problem types such as regression, binary, and multiclass\n classification with tabular data, text and image classification, time-series forecasting,\n and fine-tuning of large language models (LLMs) for text generation.
\n\n CreateAutoMLJobV2 and DescribeAutoMLJobV2 are new versions of CreateAutoMLJob\n and DescribeAutoMLJob which offer backward compatibility.
\n\n CreateAutoMLJobV2 can manage tabular problem types identical to those of\n its previous version CreateAutoMLJob, as well as time-series forecasting,\n non-tabular problem types such as image or text classification, and text generation\n (LLMs fine-tuning).
Find guidelines about how to migrate a CreateAutoMLJob to\n CreateAutoMLJobV2 in Migrate a CreateAutoMLJob to CreateAutoMLJobV2.
For the list of available problem types supported by CreateAutoMLJobV2, see\n AutoMLProblemTypeConfig.
You can find the best-performing model after you run an AutoML job V2 by calling DescribeAutoMLJobV2.
" } }, "com.amazonaws.sagemaker#CreateAutoMLJobV2Request": { @@ -10153,7 +10322,7 @@ "target": "com.amazonaws.sagemaker#CreateCodeRepositoryOutput" }, "traits": { - "smithy.api#documentation": "Creates a Git repository as a resource in your SageMaker account. You can\n associate the repository with notebook instances so that you can use Git source control\n for the notebooks you create. The Git repository is a resource in your SageMaker\n account, so it can be associated with more than one notebook instance, and it persists\n independently from the lifecycle of any notebook instances it is associated with.
\nThe repository can be hosted either in Amazon Web Services CodeCommit\n or in any other Git repository.
" + "smithy.api#documentation": "Creates a Git repository as a resource in your SageMaker AI account. You can\n associate the repository with notebook instances so that you can use Git source control\n for the notebooks you create. The Git repository is a resource in your SageMaker AI\n account, so it can be associated with more than one notebook instance, and it persists\n independently from the lifecycle of any notebook instances it is associated with.
\nThe repository can be hosted either in Amazon Web Services CodeCommit\n or in any other Git repository.
" } }, "com.amazonaws.sagemaker#CreateCodeRepositoryInput": { @@ -10219,7 +10388,7 @@ } ], "traits": { - "smithy.api#documentation": "Starts a model compilation job. After the model has been compiled, Amazon SageMaker saves the\n resulting model artifacts to an Amazon Simple Storage Service (Amazon S3) bucket that you specify.
\nIf\n you choose to host your model using Amazon SageMaker hosting services, you can use the resulting\n model artifacts as part of the model. You can also use the artifacts with\n Amazon Web Services IoT Greengrass. In that case, deploy them as an ML\n resource.
\nIn the request body, you provide the following:
\nA name for the compilation job
\nInformation about the input model artifacts
\nThe output location for the compiled model and the device (target) that the\n model runs on
\nThe Amazon Resource Name (ARN) of the IAM role that Amazon SageMaker assumes to perform\n the model compilation job.
\nYou can also provide a Tag to track the model compilation job's resource\n use and costs. The response body contains the\n CompilationJobArn\n for the compiled job.
To stop a model compilation job, use StopCompilationJob. To get information about a particular model compilation\n job, use DescribeCompilationJob. To get information about multiple model compilation\n jobs, use ListCompilationJobs.
" + "smithy.api#documentation": "Starts a model compilation job. After the model has been compiled, Amazon SageMaker AI saves the\n resulting model artifacts to an Amazon Simple Storage Service (Amazon S3) bucket that you specify.
\nIf\n you choose to host your model using Amazon SageMaker AI hosting services, you can use the resulting\n model artifacts as part of the model. You can also use the artifacts with\n Amazon Web Services IoT Greengrass. In that case, deploy them as an ML\n resource.
\nIn the request body, you provide the following:
\nA name for the compilation job
\nInformation about the input model artifacts
\nThe output location for the compiled model and the device (target) that the\n model runs on
\nThe Amazon Resource Name (ARN) of the IAM role that Amazon SageMaker AI assumes to perform\n the model compilation job.
\nYou can also provide a Tag to track the model compilation job's resource\n use and costs. The response body contains the\n CompilationJobArn\n for the compiled job.
To stop a model compilation job, use StopCompilationJob. To get information about a particular model compilation\n job, use DescribeCompilationJob. To get information about multiple model compilation\n jobs, use ListCompilationJobs.
" } }, "com.amazonaws.sagemaker#CreateCompilationJobRequest": { @@ -10237,7 +10406,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on\n your behalf.
\nDuring model compilation, Amazon SageMaker needs your permission to:
\nRead input data from an S3 bucket
\nWrite model artifacts to an S3 bucket
\nWrite logs to Amazon CloudWatch Logs
\nPublish metrics to Amazon CloudWatch
\nYou grant permissions for all of these tasks to an IAM role. To pass this role to\n Amazon SageMaker, the caller of this API must have the iam:PassRole permission. For\n more information, see Amazon SageMaker\n Roles.\n
The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker AI to perform tasks on\n your behalf.
\nDuring model compilation, Amazon SageMaker AI needs your permission to:
\nRead input data from an S3 bucket
\nWrite model artifacts to an S3 bucket
\nWrite logs to Amazon CloudWatch Logs
\nPublish metrics to Amazon CloudWatch
\nYou grant permissions for all of these tasks to an IAM role. To pass this role to\n Amazon SageMaker AI, the caller of this API must have the iam:PassRole permission. For\n more information, see Amazon SageMaker AI\n Roles.\n
Specifies a limit to how long a model compilation job can run. When the job reaches\n the time limit, Amazon SageMaker ends the compilation job. Use this API to cap model training\n costs.
", + "smithy.api#documentation": "Specifies a limit to how long a model compilation job can run. When the job reaches\n the time limit, Amazon SageMaker AI ends the compilation job. Use this API to cap model training\n costs.
", "smithy.api#required": {} } }, @@ -10293,7 +10462,7 @@ "target": "com.amazonaws.sagemaker#CompilationJobArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "If the action is successful, the service sends back an HTTP 200 response. Amazon SageMaker returns\n the following data in JSON format:
\n\n CompilationJobArn: The Amazon Resource Name (ARN) of the compiled\n job.
If the action is successful, the service sends back an HTTP 200 response. Amazon SageMaker AI returns\n the following data in JSON format:
\n\n CompilationJobArn: The Amazon Resource Name (ARN) of the compiled\n job.
Creates a definition for a job that monitors data quality and drift. For information\n about model monitor, see Amazon SageMaker Model\n Monitor.
" + "smithy.api#documentation": "Creates a definition for a job that monitors data quality and drift. For information\n about model monitor, see Amazon SageMaker AI Model\n Monitor.
" } }, "com.amazonaws.sagemaker#CreateDataQualityJobDefinitionRequest": { @@ -10562,7 +10731,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can \n assume to perform tasks on your behalf.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can \n assume to perform tasks on your behalf.
", "smithy.api#required": {} } }, @@ -10681,7 +10850,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a Domain. A domain consists of an associated Amazon Elastic File System\n volume, a list of authorized users, and a variety of security, application, policy, and\n Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files\n and other artifacts with each other.
\n EFS storage\n
\nWhen a domain is created, an EFS volume is created for use by all of the users within the\n domain. Each user receives a private home directory within the EFS volume for notebooks, Git\n repositories, and data files.
\nSageMaker uses the Amazon Web Services Key Management Service (Amazon Web Services\n KMS) to encrypt the EFS volume attached to the domain with an Amazon Web Services managed key\n by default. For more control, you can specify a customer managed key. For more information,\n see Protect Data\n at Rest Using Encryption.
\n\n VPC configuration\n
\nAll traffic between the domain and the Amazon EFS volume is through the specified\n VPC and subnets. For other traffic, you can specify the AppNetworkAccessType\n parameter. AppNetworkAccessType corresponds to the network access type that you\n choose when you onboard to the domain. The following options are available:
\n PublicInternetOnly - Non-EFS traffic goes through a VPC managed by\n Amazon SageMaker, which allows internet access. This is the default value.
\n VpcOnly - All traffic is through the specified VPC and subnets. Internet\n access is disabled by default. To allow internet access, you must specify a NAT\n gateway.
When internet access is disabled, you won't be able to run a Amazon SageMaker\n Studio notebook or to train or host models unless your VPC has an interface endpoint to\n the SageMaker API and runtime or a NAT gateway and your security groups allow\n outbound connections.
\nNFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules\n in order to launch a Amazon SageMaker Studio app successfully.
\nFor more information, see Connect Amazon SageMaker Studio Notebooks to Resources in a VPC.
" + "smithy.api#documentation": "Creates a Domain. A domain consists of an associated Amazon Elastic File System\n volume, a list of authorized users, and a variety of security, application, policy, and\n Amazon Virtual Private Cloud (VPC) configurations. Users within a domain can share notebook files\n and other artifacts with each other.
\n EFS storage\n
\nWhen a domain is created, an EFS volume is created for use by all of the users within the\n domain. Each user receives a private home directory within the EFS volume for notebooks, Git\n repositories, and data files.
\nSageMaker AI uses the Amazon Web Services Key Management Service (Amazon Web Services\n KMS) to encrypt the EFS volume attached to the domain with an Amazon Web Services managed key\n by default. For more control, you can specify a customer managed key. For more information,\n see Protect Data\n at Rest Using Encryption.
\n\n VPC configuration\n
\nAll traffic between the domain and the Amazon EFS volume is through the specified\n VPC and subnets. For other traffic, you can specify the AppNetworkAccessType\n parameter. AppNetworkAccessType corresponds to the network access type that you\n choose when you onboard to the domain. The following options are available:
\n PublicInternetOnly - Non-EFS traffic goes through a VPC managed by\n Amazon SageMaker AI, which allows internet access. This is the default value.
\n VpcOnly - All traffic is through the specified VPC and subnets. Internet\n access is disabled by default. To allow internet access, you must specify a NAT\n gateway.
When internet access is disabled, you won't be able to run a Amazon SageMaker AI\n Studio notebook or to train or host models unless your VPC has an interface endpoint to\n the SageMaker AI API and runtime or a NAT gateway and your security groups allow\n outbound connections.
\nNFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules\n in order to launch a Amazon SageMaker AI Studio app successfully.
\nFor more information, see Connect Amazon SageMaker AI Studio Notebooks to Resources in a VPC.
" } }, "com.amazonaws.sagemaker#CreateDomainRequest": { @@ -10742,7 +10911,7 @@ "AppNetworkAccessType": { "target": "com.amazonaws.sagemaker#AppNetworkAccessType", "traits": { - "smithy.api#documentation": "Specifies the VPC used for non-EFS traffic. The default value is\n PublicInternetOnly.
\n PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker, which allows direct internet access
\n VpcOnly - All traffic is through the specified VPC and subnets
Specifies the VPC used for non-EFS traffic. The default value is\n PublicInternetOnly.
\n PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker AI, which allows direct internet access
\n VpcOnly - All traffic is through the specified VPC and subnets
SageMaker uses Amazon Web Services KMS to encrypt EFS and EBS volumes attached to\n the domain with an Amazon Web Services managed key by default. For more control, specify a\n customer managed key.
" + "smithy.api#documentation": "SageMaker AI uses Amazon Web Services KMS to encrypt EFS and EBS volumes attached to\n the domain with an Amazon Web Services managed key by default. For more control, specify a\n customer managed key.
" } }, "AppSecurityGroupManagement": { @@ -11095,7 +11264,7 @@ "ExecutionRoleArn": { "target": "com.amazonaws.sagemaker#RoleArn", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform actions on your behalf. For more information, see SageMaker\n Roles.
\nTo be able to pass this role to Amazon SageMaker, the caller of this action must\n have the iam:PassRole permission.
The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can assume to perform actions on your behalf. For more information, see SageMaker AI\n Roles.
\nTo be able to pass this role to Amazon SageMaker AI, the caller of this action must\n have the iam:PassRole permission.
Creates a custom SageMaker image. A SageMaker image is a set of image versions. Each image\n version represents a container image stored in Amazon ECR. For more information, see\n Bring your own SageMaker image.
" + "smithy.api#documentation": "Creates a custom SageMaker AI image. A SageMaker AI image is a set of image versions. Each image\n version represents a container image stored in Amazon ECR. For more information, see\n Bring your own SageMaker AI image.
" } }, "com.amazonaws.sagemaker#CreateImageRequest": { @@ -11818,7 +11987,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The ARN of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.
", + "smithy.api#documentation": "The ARN of an IAM role that enables Amazon SageMaker AI to perform tasks on your behalf.
", "smithy.api#required": {} } }, @@ -11867,7 +12036,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a version of the SageMaker image specified by ImageName. The version\n represents the Amazon ECR container image specified by BaseImage.
Creates a version of the SageMaker AI image specified by ImageName. The version\n represents the Amazon ECR container image specified by BaseImage.
Indicates SageMaker job type compatibility.
\n\n TRAINING: The image version is compatible with SageMaker training jobs.
\n INFERENCE: The image version is compatible with SageMaker inference jobs.
\n NOTEBOOK_KERNEL: The image version is compatible with SageMaker notebook kernels.
Indicates SageMaker AI job type compatibility.
\n\n TRAINING: The image version is compatible with SageMaker AI training jobs.
\n INFERENCE: The image version is compatible with SageMaker AI inference jobs.
\n NOTEBOOK_KERNEL: The image version is compatible with SageMaker AI notebook kernels.
Creates an inference component, which is a SageMaker hosting object that you can\n use to deploy a model to an endpoint. In the inference component settings, you specify the\n model, the endpoint, and how the model utilizes the resources that the endpoint hosts. You\n can optimize resource utilization by tailoring how the required CPU cores, accelerators,\n and memory are allocated. You can deploy multiple inference components to an endpoint,\n where each inference component contains one model and the resource utilization needs for\n that individual model. After you deploy an inference component, you can directly invoke the\n associated model when you use the InvokeEndpoint API action.
" + "smithy.api#documentation": "Creates an inference component, which is a SageMaker AI hosting object that you can\n use to deploy a model to an endpoint. In the inference component settings, you specify the\n model, the endpoint, and how the model utilizes the resources that the endpoint hosts. You\n can optimize resource utilization by tailoring how the required CPU cores, accelerators,\n and memory are allocated. You can deploy multiple inference components to an endpoint,\n where each inference component contains one model and the resource utilization needs for\n that individual model. After you deploy an inference component, you can directly invoke the\n associated model when you use the InvokeEndpoint API action.
" } }, "com.amazonaws.sagemaker#CreateInferenceComponentInput": { @@ -12573,7 +12742,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can \n assume to perform tasks on your behalf.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can \n assume to perform tasks on your behalf.
", "smithy.api#required": {} } }, @@ -12841,7 +13010,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can \n assume to perform tasks on your behalf.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can \n assume to perform tasks on your behalf.
", "smithy.api#required": {} } }, @@ -13207,7 +13376,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a definition for a job that monitors model quality and drift. For information\n about model monitor, see Amazon SageMaker Model\n Monitor.
" + "smithy.api#documentation": "Creates a definition for a job that monitors model quality and drift. For information\n about model monitor, see Amazon SageMaker AI Model\n Monitor.
" } }, "com.amazonaws.sagemaker#CreateModelQualityJobDefinitionRequest": { @@ -13267,7 +13436,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can \n assume to perform tasks on your behalf.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can \n assume to perform tasks on your behalf.
", "smithy.api#required": {} } }, @@ -13318,7 +13487,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a schedule that regularly starts Amazon SageMaker Processing Jobs to\n monitor the data captured for an Amazon SageMaker Endpoint.
" + "smithy.api#documentation": "Creates a schedule that regularly starts Amazon SageMaker AI Processing Jobs to\n monitor the data captured for an Amazon SageMaker AI Endpoint.
" } }, "com.amazonaws.sagemaker#CreateMonitoringScheduleRequest": { @@ -13381,7 +13550,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates an SageMaker notebook instance. A notebook instance is a machine\n learning (ML) compute instance running on a Jupyter notebook.
\nIn a CreateNotebookInstance request, specify the type of ML compute\n instance that you want to run. SageMaker launches the instance, installs common\n libraries that you can use to explore datasets for model training, and attaches an ML\n storage volume to the notebook instance.
SageMaker also provides a set of example notebooks. Each notebook\n demonstrates how to use SageMaker with a specific algorithm or with a machine\n learning framework.
\nAfter receiving the request, SageMaker does the following:
\nCreates a network interface in the SageMaker VPC.
\n(Option) If you specified SubnetId, SageMaker creates\n a network interface in your own VPC, which is inferred from the subnet ID that\n you provide in the input. When creating this network interface, SageMaker attaches the security group that you specified in the request to the network\n interface that it creates in your VPC.
Launches an EC2 instance of the type specified in the request in the\n SageMaker VPC. If you specified SubnetId of your VPC,\n SageMaker specifies both network interfaces when launching this\n instance. This enables inbound traffic from your own VPC to the notebook\n instance, assuming that the security groups allow it.
After creating the notebook instance, SageMaker returns its Amazon Resource\n Name (ARN). You can't change the name of a notebook instance after you create\n it.
\nAfter SageMaker creates the notebook instance, you can connect to the\n Jupyter server and work in Jupyter notebooks. For example, you can write code to explore\n a dataset that you can use for model training, train a model, host models by creating\n SageMaker endpoints, and validate hosted models.
\nFor more information, see How It Works.
" + "smithy.api#documentation": "Creates an SageMaker AI notebook instance. A notebook instance is a machine\n learning (ML) compute instance running on a Jupyter notebook.
\nIn a CreateNotebookInstance request, specify the type of ML compute\n instance that you want to run. SageMaker AI launches the instance, installs common\n libraries that you can use to explore datasets for model training, and attaches an ML\n storage volume to the notebook instance.
SageMaker AI also provides a set of example notebooks. Each notebook\n demonstrates how to use SageMaker AI with a specific algorithm or with a machine\n learning framework.
\nAfter receiving the request, SageMaker AI does the following:
\nCreates a network interface in the SageMaker AI VPC.
\n(Option) If you specified SubnetId, SageMaker AI creates\n a network interface in your own VPC, which is inferred from the subnet ID that\n you provide in the input. When creating this network interface, SageMaker AI attaches the security group that you specified in the request to the network\n interface that it creates in your VPC.
Launches an EC2 instance of the type specified in the request in the\n SageMaker AI VPC. If you specified SubnetId of your VPC,\n SageMaker AI specifies both network interfaces when launching this\n instance. This enables inbound traffic from your own VPC to the notebook\n instance, assuming that the security groups allow it.
After creating the notebook instance, SageMaker AI returns its Amazon Resource\n Name (ARN). You can't change the name of a notebook instance after you create\n it.
\nAfter SageMaker AI creates the notebook instance, you can connect to the\n Jupyter server and work in Jupyter notebooks. For example, you can write code to explore\n a dataset that you can use for model training, train a model, host models by creating\n SageMaker AI endpoints, and validate hosted models.
\nFor more information, see How It Works.
" } }, "com.amazonaws.sagemaker#CreateNotebookInstanceInput": { @@ -13419,14 +13588,14 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "When you send any requests to Amazon Web Services resources from the notebook\n instance, SageMaker assumes this role to perform tasks on your behalf. You must\n grant this role necessary permissions so SageMaker can perform these tasks. The\n policy must allow the SageMaker service principal (sagemaker.amazonaws.com)\n permissions to assume this role. For more information, see SageMaker Roles.
\nTo be able to pass this role to SageMaker, the caller of this API must\n have the iam:PassRole permission.
When you send any requests to Amazon Web Services resources from the notebook\n instance, SageMaker AI assumes this role to perform tasks on your behalf. You must\n grant this role necessary permissions so SageMaker AI can perform these tasks. The\n policy must allow the SageMaker AI service principal (sagemaker.amazonaws.com)\n permissions to assume this role. For more information, see SageMaker AI Roles.
\nTo be able to pass this role to SageMaker AI, the caller of this API must\n have the iam:PassRole permission.
The Amazon Resource Name (ARN) of a Amazon Web Services Key Management Service key that\n SageMaker uses to encrypt data on the storage volume attached to your\n notebook instance. The KMS key you provide must be enabled. For information, see Enabling and\n Disabling Keys in the Amazon Web Services Key Management Service\n Developer Guide.
" + "smithy.api#documentation": "The Amazon Resource Name (ARN) of a Amazon Web Services Key Management Service key that\n SageMaker AI uses to encrypt data on the storage volume attached to your\n notebook instance. The KMS key you provide must be enabled. For information, see Enabling and\n Disabling Keys in the Amazon Web Services Key Management Service\n Developer Guide.
" } }, "Tags": { @@ -13444,7 +13613,7 @@ "DirectInternetAccess": { "target": "com.amazonaws.sagemaker#DirectInternetAccess", "traits": { - "smithy.api#documentation": "Sets whether SageMaker provides internet access to the notebook instance. If\n you set this to Disabled this notebook instance is able to access resources\n only in your VPC, and is not be able to connect to SageMaker training and\n endpoint services unless you configure a NAT Gateway in your VPC.
For more information, see Notebook Instances Are Internet-Enabled by Default. You can set the value\n of this parameter to Disabled only if you set a value for the\n SubnetId parameter.
Sets whether SageMaker AI provides internet access to the notebook instance. If\n you set this to Disabled this notebook instance is able to access resources\n only in your VPC, and is not be able to connect to SageMaker AI training and\n endpoint services unless you configure a NAT Gateway in your VPC.
For more information, see Notebook Instances Are Internet-Enabled by Default. You can set the value\n of this parameter to Disabled only if you set a value for the\n SubnetId parameter.
A Git repository to associate with the notebook instance as its default code\n repository. This can be either the name of a Git repository stored as a resource in your\n account, or the URL of a Git repository in Amazon Web Services CodeCommit\n or in any other Git repository. When you open a notebook instance, it opens in the\n directory that contains this repository. For more information, see Associating Git\n Repositories with SageMaker Notebook Instances.
" + "smithy.api#documentation": "A Git repository to associate with the notebook instance as its default code\n repository. This can be either the name of a Git repository stored as a resource in your\n account, or the URL of a Git repository in Amazon Web Services CodeCommit\n or in any other Git repository. When you open a notebook instance, it opens in the\n directory that contains this repository. For more information, see Associating Git\n Repositories with SageMaker AI Notebook Instances.
" } }, "AdditionalCodeRepositories": { "target": "com.amazonaws.sagemaker#AdditionalCodeRepositoryNamesOrUrls", "traits": { - "smithy.api#documentation": "An array of up to three Git repositories to associate with the notebook instance.\n These can be either the names of Git repositories stored as resources in your account,\n or the URL of Git repositories in Amazon Web Services CodeCommit\n or in any other Git repository. These repositories are cloned at the same level as the\n default repository of your notebook instance. For more information, see Associating Git\n Repositories with SageMaker Notebook Instances.
" + "smithy.api#documentation": "An array of up to three Git repositories to associate with the notebook instance.\n These can be either the names of Git repositories stored as resources in your account,\n or the URL of Git repositories in Amazon Web Services CodeCommit\n or in any other Git repository. These repositories are cloned at the same level as the\n default repository of your notebook instance. For more information, see Associating Git\n Repositories with SageMaker AI Notebook Instances.
" } }, "RootAccess": { @@ -13602,7 +13771,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.
\nDuring model optimization, Amazon SageMaker needs your permission to:
\nRead input data from an S3 bucket
\nWrite model artifacts to an S3 bucket
\nWrite logs to Amazon CloudWatch Logs
\nPublish metrics to Amazon CloudWatch
\nYou grant permissions for all of these tasks to an IAM role. To pass this\n role to Amazon SageMaker, the caller of this API must have the\n iam:PassRole permission. For more information, see Amazon SageMaker Roles.\n
The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker AI to perform tasks on your behalf.
\nDuring model optimization, Amazon SageMaker AI needs your permission to:
\nRead input data from an S3 bucket
\nWrite model artifacts to an S3 bucket
\nWrite logs to Amazon CloudWatch Logs
\nPublish metrics to Amazon CloudWatch
\nYou grant permissions for all of these tasks to an IAM role. To pass this\n role to Amazon SageMaker AI, the caller of this API must have the\n iam:PassRole permission. For more information, see Amazon SageMaker AI Roles.\n
Creates a URL for a specified UserProfile in a Domain. When accessed in a web browser, the\n user will be automatically signed in to the domain, and granted access to all of the Apps and\n files associated with the Domain's Amazon Elastic File System volume. This operation can only be\n called when the authentication mode equals IAM.
\nThe IAM role or user passed to this API defines the permissions to access\n the app. Once the presigned URL is created, no additional permission is required to access\n this URL. IAM authorization policies for this API are also enforced for every\n HTTP request and WebSocket frame that attempts to connect to the app.
\nYou can restrict access to this API and to the URL that it returns to a list of IP\n addresses, Amazon VPCs or Amazon VPC Endpoints that you specify. For more\n information, see Connect to Amazon SageMaker\n Studio Through an Interface VPC Endpoint .
\nThe URL that you get from a call to CreatePresignedDomainUrl has a\n default timeout of 5 minutes. You can configure this value using\n ExpiresInSeconds. If you try to use the URL after the timeout limit\n expires, you are directed to the Amazon Web Services console sign-in page.
The JupyterLab session default expiration time is 12 hours. You can configure this\n value using SessionExpirationDurationInSeconds.
\nCreates a URL for a specified UserProfile in a Domain. When accessed in a web browser, the\n user will be automatically signed in to the domain, and granted access to all of the Apps and\n files associated with the Domain's Amazon Elastic File System volume. This operation can only be\n called when the authentication mode equals IAM.
\nThe IAM role or user passed to this API defines the permissions to access\n the app. Once the presigned URL is created, no additional permission is required to access\n this URL. IAM authorization policies for this API are also enforced for every\n HTTP request and WebSocket frame that attempts to connect to the app.
\nYou can restrict access to this API and to the URL that it returns to a list of IP\n addresses, Amazon VPCs or Amazon VPC Endpoints that you specify. For more\n information, see Connect to Amazon SageMaker AI\n Studio Through an Interface VPC Endpoint .
\nThe URL that you get from a call to CreatePresignedDomainUrl has a\n default timeout of 5 minutes. You can configure this value using\n ExpiresInSeconds. If you try to use the URL after the timeout limit\n expires, you are directed to the Amazon Web Services console sign-in page.
The JupyterLab session default expiration time is 12 hours. You can configure this\n value using SessionExpirationDurationInSeconds.
\nReturns a URL that you can use to connect to the Jupyter server from a notebook\n instance. In the SageMaker console, when you choose Open next to a\n notebook instance, SageMaker opens a new tab showing the Jupyter server home\n page from the notebook instance. The console uses this API to get the URL and show the\n page.
The IAM role or user used to call this API defines the permissions to\n access the notebook instance. Once the presigned URL is created, no additional\n permission is required to access this URL. IAM authorization policies for\n this API are also enforced for every HTTP request and WebSocket frame that attempts to\n connect to the notebook instance.
\nYou can restrict access to this API and to the URL that it returns to a list of IP\n addresses that you specify. Use the NotIpAddress condition operator and the\n aws:SourceIP condition context key to specify the list of IP addresses\n that you want to have access to the notebook instance. For more information, see Limit Access to a Notebook Instance by IP Address.
The URL that you get from a call to CreatePresignedNotebookInstanceUrl is valid only for 5 minutes. If you\n try to use the URL after the 5-minute limit expires, you are directed to the Amazon Web Services console sign-in page.
\nReturns a URL that you can use to connect to the Jupyter server from a notebook\n instance. In the SageMaker AI console, when you choose Open next to a\n notebook instance, SageMaker AI opens a new tab showing the Jupyter server home\n page from the notebook instance. The console uses this API to get the URL and show the\n page.
The IAM role or user used to call this API defines the permissions to\n access the notebook instance. Once the presigned URL is created, no additional\n permission is required to access this URL. IAM authorization policies for\n this API are also enforced for every HTTP request and WebSocket frame that attempts to\n connect to the notebook instance.
\nYou can restrict access to this API and to the URL that it returns to a list of IP\n addresses that you specify. Use the NotIpAddress condition operator and the\n aws:SourceIP condition context key to specify the list of IP addresses\n that you want to have access to the notebook instance. For more information, see Limit Access to a Notebook Instance by IP Address.
The URL that you get from a call to CreatePresignedNotebookInstanceUrl is valid only for 5 minutes. If you\n try to use the URL after the 5-minute limit expires, you are directed to the Amazon Web Services console sign-in page.
\nCreates a new Amazon SageMaker Studio Lifecycle Configuration.
" + "smithy.api#documentation": "Creates a new Amazon SageMaker AI Studio Lifecycle Configuration.
" } }, "com.amazonaws.sagemaker#CreateStudioLifecycleConfigRequest": { @@ -14455,7 +14624,7 @@ "target": "com.amazonaws.sagemaker#StudioLifecycleConfigName", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The name of the Amazon SageMaker Studio Lifecycle Configuration to create.
", + "smithy.api#documentation": "The name of the Amazon SageMaker AI Studio Lifecycle Configuration to create.
", "smithy.api#required": {} } }, @@ -14463,7 +14632,7 @@ "target": "com.amazonaws.sagemaker#StudioLifecycleConfigContent", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The content of your Amazon SageMaker Studio Lifecycle Configuration script. This\n content must be base64 encoded.
", + "smithy.api#documentation": "The content of your Amazon SageMaker AI Studio Lifecycle Configuration script. This\n content must be base64 encoded.
", "smithy.api#required": {} } }, @@ -15380,7 +15549,7 @@ } }, "traits": { - "smithy.api#documentation": "A file system, created by you, that you assign to a user profile or space for an Amazon SageMaker Domain. Permitted users can access this file system in Amazon SageMaker\n Studio.
" + "smithy.api#documentation": "A file system, created by you, that you assign to a user profile or space for an Amazon SageMaker AI Domain. Permitted users can access this file system in Amazon SageMaker AI\n Studio.
" } }, "com.amazonaws.sagemaker#CustomFileSystemConfig": { @@ -15400,7 +15569,7 @@ } }, "traits": { - "smithy.api#documentation": "The settings for assigning a custom file system to a user profile or space for an Amazon SageMaker Domain. Permitted users can access this file system in Amazon SageMaker\n Studio.
" + "smithy.api#documentation": "The settings for assigning a custom file system to a user profile or space for an Amazon SageMaker AI Domain. Permitted users can access this file system in Amazon SageMaker AI\n Studio.
" } }, "com.amazonaws.sagemaker#CustomFileSystemConfigs": { @@ -15454,7 +15623,7 @@ } }, "traits": { - "smithy.api#documentation": "A custom SageMaker image. For more information, see\n Bring your own SageMaker image.
" + "smithy.api#documentation": "A custom SageMaker AI image. For more information, see\n Bring your own SageMaker AI image.
" } }, "com.amazonaws.sagemaker#CustomImageContainerArguments": { @@ -15612,7 +15781,7 @@ "target": "com.amazonaws.sagemaker#SamplingPercentage", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The percentage of requests SageMaker will capture. A lower value is recommended\n for Endpoints with high traffic.
", + "smithy.api#documentation": "The percentage of requests SageMaker AI will capture. A lower value is recommended\n for Endpoints with high traffic.
", "smithy.api#required": {} } }, @@ -15627,7 +15796,7 @@ "KmsKeyId": { "target": "com.amazonaws.sagemaker#KmsKeyId", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an Key Management Service key that SageMaker\n uses to encrypt the captured data at rest using Amazon S3 server-side\n encryption.
\nThe KmsKeyId can be any of the following formats:
\nKey ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
Key ARN:\n arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
Alias name: alias/ExampleAlias\n
Alias name ARN:\n arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\n
The Amazon Resource Name (ARN) of an Key Management Service key that SageMaker AI\n uses to encrypt the captured data at rest using Amazon S3 server-side\n encryption.
\nThe KmsKeyId can be any of the following formats:
\nKey ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
Key ARN:\n arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
Alias name: alias/ExampleAlias\n
Alias name ARN:\n arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\n
Configuration specifying how to treat different headers. If no headers are specified\n SageMaker will by default base64 encode when capturing the data.
" + "smithy.api#documentation": "Configuration specifying how to treat different headers. If no headers are specified\n SageMaker AI will by default base64 encode when capturing the data.
" } } }, "traits": { - "smithy.api#documentation": "Configuration to control how SageMaker captures inference data.
" + "smithy.api#documentation": "Configuration to control how SageMaker AI captures inference data.
" } }, "com.amazonaws.sagemaker#DataCaptureConfigSummary": { @@ -16185,7 +16354,7 @@ "CustomFileSystemConfigs": { "target": "com.amazonaws.sagemaker#CustomFileSystemConfigs", "traits": { - "smithy.api#documentation": "The settings for assigning a custom file system to a domain. Permitted users can access\n this file system in Amazon SageMaker Studio.
" + "smithy.api#documentation": "The settings for assigning a custom file system to a domain. Permitted users can access\n this file system in Amazon SageMaker AI Studio.
" } } }, @@ -16632,7 +16801,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes the specified compilation job. This action deletes only the compilation job\n resource in Amazon SageMaker. It doesn't delete other resources that are related to\n that job, such as the model artifacts that the job creates, the compilation logs in\n CloudWatch, the compiled model, or the IAM role.
\nYou can delete a compilation job only if its current status is COMPLETED,\n FAILED, or STOPPED. If the job status is\n STARTING or INPROGRESS, stop the job, and then delete it\n after its status becomes STOPPED.
Deletes the specified compilation job. This action deletes only the compilation job\n resource in Amazon SageMaker AI. It doesn't delete other resources that are related to\n that job, such as the model artifacts that the job creates, the compilation logs in\n CloudWatch, the compiled model, or the IAM role.
\nYou can delete a compilation job only if its current status is COMPLETED,\n FAILED, or STOPPED. If the job status is\n STARTING or INPROGRESS, stop the job, and then delete it\n after its status becomes STOPPED.
Deletes a SageMaker image and all versions of the image. The container images aren't\n deleted.
" + "smithy.api#documentation": "Deletes a SageMaker AI image and all versions of the image. The container images aren't\n deleted.
" } }, "com.amazonaws.sagemaker#DeleteImageRequest": { @@ -17365,7 +17534,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes a version of a SageMaker image. The container image the version represents isn't\n deleted.
" + "smithy.api#documentation": "Deletes a version of a SageMaker AI image. The container image the version represents isn't\n deleted.
" } }, "com.amazonaws.sagemaker#DeleteImageVersionRequest": { @@ -17556,7 +17725,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an Amazon SageMaker model bias job definition.
" + "smithy.api#documentation": "Deletes an Amazon SageMaker AI model bias job definition.
" } }, "com.amazonaws.sagemaker#DeleteModelBiasJobDefinitionRequest": { @@ -17625,7 +17794,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an Amazon SageMaker model explainability job definition.
" + "smithy.api#documentation": "Deletes an Amazon SageMaker AI model explainability job definition.
" } }, "com.amazonaws.sagemaker#DeleteModelExplainabilityJobDefinitionRequest": { @@ -17829,7 +17998,7 @@ "target": "smithy.api#Unit" }, "traits": { - "smithy.api#documentation": " Deletes an SageMaker notebook instance. Before you can delete a notebook\n instance, you must call the StopNotebookInstance API.
When you delete a notebook instance, you lose all of your data. SageMaker removes the ML compute instance, and deletes the ML storage volume and the\n network interface associated with the notebook instance.
\n Deletes an SageMaker AI notebook instance. Before you can delete a notebook\n instance, you must call the StopNotebookInstance API.
When you delete a notebook instance, you lose all of your data. SageMaker AI removes the ML compute instance, and deletes the ML storage volume and the\n network interface associated with the notebook instance.
\nThe name of the SageMaker notebook instance to delete.
", + "smithy.api#documentation": "The name of the SageMaker AI notebook instance to delete.
", "smithy.api#required": {} } } @@ -18119,7 +18288,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes the Amazon SageMaker Studio Lifecycle Configuration. In order to delete the\n Lifecycle Configuration, there must be no running apps using the Lifecycle Configuration. You\n must also remove the Lifecycle Configuration from UserSettings in all Domains and\n UserProfiles.
" + "smithy.api#documentation": "Deletes the Amazon SageMaker AI Studio Lifecycle Configuration. In order to delete the\n Lifecycle Configuration, there must be no running apps using the Lifecycle Configuration. You\n must also remove the Lifecycle Configuration from UserSettings in all Domains and\n UserProfiles.
" } }, "com.amazonaws.sagemaker#DeleteStudioLifecycleConfigRequest": { @@ -18129,7 +18298,7 @@ "target": "com.amazonaws.sagemaker#StudioLifecycleConfigName", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The name of the Amazon SageMaker Studio Lifecycle Configuration to delete.
", + "smithy.api#documentation": "The name of the Amazon SageMaker AI Studio Lifecycle Configuration to delete.
", "smithy.api#required": {} } } @@ -19065,13 +19234,13 @@ "LastUserActivityTimestamp": { "target": "com.amazonaws.sagemaker#Timestamp", "traits": { - "smithy.api#documentation": "The timestamp of the last user's activity. LastUserActivityTimestamp is also\n updated when SageMaker performs health checks without user activity. As a result, this\n value is set to the same value as LastHealthCheckTimestamp.
The timestamp of the last user's activity. LastUserActivityTimestamp is also\n updated when SageMaker AI performs health checks without user activity. As a result, this\n value is set to the same value as LastHealthCheckTimestamp.
The creation time of the application.
\nAfter an application has been shut down for 24 hours, SageMaker deletes all\n metadata for the application. To be considered an update and retain application metadata,\n applications must be restarted within 24 hours after the previous application has been shut\n down. After this time window, creation of an application is considered a new application\n rather than an update of the previous application.
\nThe creation time of the application.
\nAfter an application has been shut down for 24 hours, SageMaker AI deletes all\n metadata for the application. To be considered an update and retain application metadata,\n applications must be restarted within 24 hours after the previous application has been shut\n down. After this time window, creation of an application is considered a new application\n rather than an update of the previous application.
\nThe instance type and the Amazon Resource Name (ARN) of the SageMaker image\n created on the instance.
" + "smithy.api#documentation": "The instance type and the Amazon Resource Name (ARN) of the SageMaker AI image\n created on the instance.
" } }, "BuiltInLifecycleConfigArn": { @@ -19326,7 +19495,7 @@ "BestCandidate": { "target": "com.amazonaws.sagemaker#AutoMLCandidate", "traits": { - "smithy.api#documentation": "The best model candidate selected by SageMaker Autopilot using both the best\n objective metric and lowest InferenceLatency for\n an experiment.
" + "smithy.api#documentation": "The best model candidate selected by SageMaker AI Autopilot using both the best\n objective metric and lowest InferenceLatency for\n an experiment.
" } }, "AutoMLJobStatus": { @@ -20003,14 +20172,14 @@ "CompilationEndTime": { "target": "com.amazonaws.sagemaker#Timestamp", "traits": { - "smithy.api#documentation": "The time when the model compilation job on a compilation job instance ended. For a\n successful or stopped job, this is when the job's model artifacts have finished\n uploading. For a failed job, this is when Amazon SageMaker detected that the job failed.
" + "smithy.api#documentation": "The time when the model compilation job on a compilation job instance ended. For a\n successful or stopped job, this is when the job's model artifacts have finished\n uploading. For a failed job, this is when Amazon SageMaker AI detected that the job failed.
" } }, "StoppingCondition": { "target": "com.amazonaws.sagemaker#StoppingCondition", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "Specifies a limit to how long a model compilation job can run. When the job reaches\n the time limit, Amazon SageMaker ends the compilation job. Use this API to cap model training\n costs.
", + "smithy.api#documentation": "Specifies a limit to how long a model compilation job can run. When the job reaches\n the time limit, Amazon SageMaker AI ends the compilation job. Use this API to cap model training\n costs.
", "smithy.api#required": {} } }, @@ -20068,7 +20237,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker assumes to perform the model\n compilation job.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI assumes to perform the model\n compilation job.
", "smithy.api#required": {} } }, @@ -20457,7 +20626,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can \n assume to perform tasks on your behalf.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can \n assume to perform tasks on your behalf.
", "smithy.api#required": {} } }, @@ -20764,7 +20933,7 @@ "SingleSignOnApplicationArn": { "target": "com.amazonaws.sagemaker#SingleSignOnApplicationArn", "traits": { - "smithy.api#documentation": "The ARN of the application managed by SageMaker in IAM Identity Center. This value\n is only returned for domains created after October 1, 2023.
" + "smithy.api#documentation": "The ARN of the application managed by SageMaker AI in IAM Identity Center. This value\n is only returned for domains created after October 1, 2023.
" } }, "Status": { @@ -20818,7 +20987,7 @@ "AppNetworkAccessType": { "target": "com.amazonaws.sagemaker#AppNetworkAccessType", "traits": { - "smithy.api#documentation": "Specifies the VPC used for non-EFS traffic. The default value is\n PublicInternetOnly.
\n PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker, which allows direct internet access
\n VpcOnly - All traffic is through the specified VPC and subnets
Specifies the VPC used for non-EFS traffic. The default value is\n PublicInternetOnly.
\n PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker AI, which allows direct internet access
\n VpcOnly - All traffic is through the specified VPC and subnets
Describes a SageMaker image.
", + "smithy.api#documentation": "Describes a SageMaker AI image.
", "smithy.api#suppress": [ "WaitableTraitInvalidErrorType" ], @@ -22647,7 +22816,7 @@ "RoleArn": { "target": "com.amazonaws.sagemaker#RoleArn", "traits": { - "smithy.api#documentation": "The ARN of the IAM role that enables Amazon SageMaker to perform tasks on your behalf.
" + "smithy.api#documentation": "The ARN of the IAM role that enables Amazon SageMaker AI to perform tasks on your behalf.
" } } }, @@ -22669,7 +22838,7 @@ } ], "traits": { - "smithy.api#documentation": "Describes a version of a SageMaker image.
", + "smithy.api#documentation": "Describes a version of a SageMaker AI image.
", "smithy.api#suppress": [ "WaitableTraitInvalidErrorType" ], @@ -22829,7 +22998,7 @@ "JobType": { "target": "com.amazonaws.sagemaker#JobType", "traits": { - "smithy.api#documentation": "Indicates SageMaker job type compatibility.
\n\n TRAINING: The image version is compatible with SageMaker training jobs.
\n INFERENCE: The image version is compatible with SageMaker inference jobs.
\n NOTEBOOK_KERNEL: The image version is compatible with SageMaker notebook kernels.
Indicates SageMaker AI job type compatibility.
\n\n TRAINING: The image version is compatible with SageMaker AI training jobs.
\n INFERENCE: The image version is compatible with SageMaker AI inference jobs.
\n NOTEBOOK_KERNEL: The image version is compatible with SageMaker AI notebook kernels.
The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can \n assume to perform tasks on your behalf.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can \n assume to perform tasks on your behalf.
", "smithy.api#required": {} } }, @@ -24945,7 +25114,7 @@ "NotebookInstanceName": { "target": "com.amazonaws.sagemaker#NotebookInstanceName", "traits": { - "smithy.api#documentation": "The name of the SageMaker notebook instance.
" + "smithy.api#documentation": "The name of the SageMaker AI notebook instance.
" } }, "NotebookInstanceStatus": { @@ -24993,13 +25162,13 @@ "KmsKeyId": { "target": "com.amazonaws.sagemaker#KmsKeyId", "traits": { - "smithy.api#documentation": "The Amazon Web Services KMS key ID SageMaker uses to encrypt data when\n storing it on the ML storage volume attached to the instance.
" + "smithy.api#documentation": "The Amazon Web Services KMS key ID SageMaker AI uses to encrypt data when\n storing it on the ML storage volume attached to the instance.
" } }, "NetworkInterfaceId": { "target": "com.amazonaws.sagemaker#NetworkInterfaceId", "traits": { - "smithy.api#documentation": "The network interface IDs that SageMaker created at the time of creating\n the instance.
" + "smithy.api#documentation": "The network interface IDs that SageMaker AI created at the time of creating\n the instance.
" } }, "LastModifiedTime": { @@ -25023,7 +25192,7 @@ "DirectInternetAccess": { "target": "com.amazonaws.sagemaker#DirectInternetAccess", "traits": { - "smithy.api#documentation": "Describes whether SageMaker provides internet access to the notebook instance.\n If this value is set to Disabled, the notebook instance does not\n have internet access, and cannot connect to SageMaker training and endpoint\n services.
\nFor more information, see Notebook Instances Are Internet-Enabled by Default.
" + "smithy.api#documentation": "Describes whether SageMaker AI provides internet access to the notebook instance.\n If this value is set to Disabled, the notebook instance does not\n have internet access, and cannot connect to SageMaker AI training and endpoint\n services.
\nFor more information, see Notebook Instances Are Internet-Enabled by Default.
" } }, "VolumeSizeInGB": { @@ -25041,13 +25210,13 @@ "DefaultCodeRepository": { "target": "com.amazonaws.sagemaker#CodeRepositoryNameOrUrl", "traits": { - "smithy.api#documentation": "The Git repository associated with the notebook instance as its default code\n repository. This can be either the name of a Git repository stored as a resource in your\n account, or the URL of a Git repository in Amazon Web Services CodeCommit\n or in any other Git repository. When you open a notebook instance, it opens in the\n directory that contains this repository. For more information, see Associating Git\n Repositories with SageMaker Notebook Instances.
" + "smithy.api#documentation": "The Git repository associated with the notebook instance as its default code\n repository. This can be either the name of a Git repository stored as a resource in your\n account, or the URL of a Git repository in Amazon Web Services CodeCommit\n or in any other Git repository. When you open a notebook instance, it opens in the\n directory that contains this repository. For more information, see Associating Git\n Repositories with SageMaker AI Notebook Instances.
" } }, "AdditionalCodeRepositories": { "target": "com.amazonaws.sagemaker#AdditionalCodeRepositoryNamesOrUrls", "traits": { - "smithy.api#documentation": "An array of up to three Git repositories associated with the notebook instance. These\n can be either the names of Git repositories stored as resources in your account, or the\n URL of Git repositories in Amazon Web Services CodeCommit\n or in any other Git repository. These repositories are cloned at the same level as the\n default repository of your notebook instance. For more information, see Associating Git\n Repositories with SageMaker Notebook Instances.
" + "smithy.api#documentation": "An array of up to three Git repositories associated with the notebook instance. These\n can be either the names of Git repositories stored as resources in your account, or the\n URL of Git repositories in Amazon Web Services CodeCommit\n or in any other Git repository. These repositories are cloned at the same level as the\n default repository of your notebook instance. For more information, see Associating Git\n Repositories with SageMaker AI Notebook Instances.
" } }, "RootAccess": { @@ -26112,7 +26281,7 @@ } ], "traits": { - "smithy.api#documentation": "Describes the Amazon SageMaker Studio Lifecycle Configuration.
" + "smithy.api#documentation": "Describes the Amazon SageMaker AI Studio Lifecycle Configuration.
" } }, "com.amazonaws.sagemaker#DescribeStudioLifecycleConfigRequest": { @@ -26122,7 +26291,7 @@ "target": "com.amazonaws.sagemaker#StudioLifecycleConfigName", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The name of the Amazon SageMaker Studio Lifecycle Configuration to describe.
", + "smithy.api#documentation": "The name of the Amazon SageMaker AI Studio Lifecycle Configuration to describe.
", "smithy.api#required": {} } } @@ -26143,25 +26312,25 @@ "StudioLifecycleConfigName": { "target": "com.amazonaws.sagemaker#StudioLifecycleConfigName", "traits": { - "smithy.api#documentation": "The name of the Amazon SageMaker Studio Lifecycle Configuration that is\n described.
" + "smithy.api#documentation": "The name of the Amazon SageMaker AI Studio Lifecycle Configuration that is\n described.
" } }, "CreationTime": { "target": "com.amazonaws.sagemaker#Timestamp", "traits": { - "smithy.api#documentation": "The creation time of the Amazon SageMaker Studio Lifecycle Configuration.
" + "smithy.api#documentation": "The creation time of the Amazon SageMaker AI Studio Lifecycle Configuration.
" } }, "LastModifiedTime": { "target": "com.amazonaws.sagemaker#Timestamp", "traits": { - "smithy.api#documentation": "This value is equivalent to CreationTime because Amazon SageMaker Studio Lifecycle\n Configurations are immutable.
" + "smithy.api#documentation": "This value is equivalent to CreationTime because Amazon SageMaker AI Studio Lifecycle\n Configurations are immutable.
" } }, "StudioLifecycleConfigContent": { "target": "com.amazonaws.sagemaker#StudioLifecycleConfigContent", "traits": { - "smithy.api#documentation": "The content of your Amazon SageMaker Studio Lifecycle Configuration script.
" + "smithy.api#documentation": "The content of your Amazon SageMaker AI Studio Lifecycle Configuration script.
" } }, "StudioLifecycleConfigAppType": { @@ -28239,7 +28408,7 @@ "ExecutionRoleIdentityConfig": { "target": "com.amazonaws.sagemaker#ExecutionRoleIdentityConfig", "traits": { - "smithy.api#documentation": "The configuration for attaching a SageMaker user profile name to the execution\n role as a sts:SourceIdentity key.
" + "smithy.api#documentation": "The configuration for attaching a SageMaker AI user profile name to the execution\n role as a sts:SourceIdentity key.
" } }, "DockerSettings": { @@ -28271,7 +28440,7 @@ "ExecutionRoleIdentityConfig": { "target": "com.amazonaws.sagemaker#ExecutionRoleIdentityConfig", "traits": { - "smithy.api#documentation": "The configuration for attaching a SageMaker user profile name to the execution\n role as a sts:SourceIdentity key. This configuration can only be modified if there are no\n apps in the InService or Pending state.
The configuration for attaching a SageMaker AI user profile name to the execution\n role as a sts:SourceIdentity key. This configuration can only be modified if there are no\n apps in the InService or Pending state.
A file system, created by you in Amazon EFS, that you assign to a user profile or\n space for an Amazon SageMaker Domain. Permitted users can access this file system in\n Amazon SageMaker Studio.
" + "smithy.api#documentation": "A file system, created by you in Amazon EFS, that you assign to a user profile or\n space for an Amazon SageMaker AI Domain. Permitted users can access this file system in\n Amazon SageMaker AI Studio.
" } }, "com.amazonaws.sagemaker#EFSFileSystemConfig": { @@ -28536,12 +28705,12 @@ "FileSystemPath": { "target": "com.amazonaws.sagemaker#FileSystemPath", "traits": { - "smithy.api#documentation": "The path to the file system directory that is accessible in Amazon SageMaker Studio.\n Permitted users can access only this directory and below.
" + "smithy.api#documentation": "The path to the file system directory that is accessible in Amazon SageMaker AI Studio.\n Permitted users can access only this directory and below.
" } } }, "traits": { - "smithy.api#documentation": "The settings for assigning a custom Amazon EFS file system to a user profile or\n space for an Amazon SageMaker Domain.
" + "smithy.api#documentation": "The settings for assigning a custom Amazon EFS file system to a user profile or\n space for an Amazon SageMaker AI Domain.
" } }, "com.amazonaws.sagemaker#EMRStepMetadata": { @@ -31113,7 +31282,7 @@ } }, "traits": { - "smithy.api#documentation": "The Amazon Elastic File System storage configuration for a SageMaker image.
" + "smithy.api#documentation": "The Amazon Elastic File System storage configuration for a SageMaker AI image.
" } }, "com.amazonaws.sagemaker#FileSystemDataSource": { @@ -34425,7 +34594,7 @@ } }, "traits": { - "smithy.api#documentation": "A SageMaker image. A SageMaker image represents a set of container images that are derived from\n a common base container image. Each of these container images is represented by a SageMaker\n ImageVersion.
A SageMaker AI image. A SageMaker AI image represents a set of container images that are derived from\n a common base container image. Each of these container images is represented by a SageMaker AI\n ImageVersion.
A version of a SageMaker Image. A version represents an existing container\n image.
A version of a SageMaker AI Image. A version represents an existing container\n image.
The name of an existing SageMaker model object in your account that you want to\n deploy with the inference component.
" + "smithy.api#documentation": "The name of an existing SageMaker AI model object in your account that you want to\n deploy with the inference component.
" } }, "Container": { @@ -35211,7 +35380,7 @@ "ModelName": { "target": "com.amazonaws.sagemaker#ModelName", "traits": { - "smithy.api#documentation": "The name of the SageMaker model object that is deployed with the inference\n component.
" + "smithy.api#documentation": "The name of the SageMaker AI model object that is deployed with the inference\n component.
" } }, "Container": { @@ -37507,7 +37676,7 @@ } }, "traits": { - "smithy.api#documentation": "The configuration for the file system and kernels in a SageMaker image running as a JupyterLab app. The FileSystemConfig object is not supported.
The configuration for the file system and kernels in a SageMaker AI image running as a JupyterLab app. The FileSystemConfig object is not supported.
The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app. If you use the\n LifecycleConfigArns parameter, then this parameter is also required.
The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the JupyterServer app. If you use the\n LifecycleConfigArns parameter, then this parameter is also required.
A list of Git repositories that SageMaker automatically displays to users for\n cloning in the JupyterServer application.
" + "smithy.api#documentation": "A list of Git repositories that SageMaker AI automatically displays to users for\n cloning in the JupyterServer application.
" } } }, @@ -37622,13 +37791,13 @@ "DefaultResourceSpec": { "target": "com.amazonaws.sagemaker#ResourceSpec", "traits": { - "smithy.api#documentation": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app.
\nThe Amazon SageMaker Studio UI does not use the default instance type value set\n here. The default instance type set here is used when Apps are created using the CLI or CloudFormation and the instance type parameter value is not\n passed.
\nThe default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the KernelGateway app.
\nThe Amazon SageMaker AI Studio UI does not use the default instance type value set\n here. The default instance type set here is used when Apps are created using the CLI or CloudFormation and the instance type parameter value is not\n passed.
\nA list of custom SageMaker images that are configured to run as a KernelGateway\n app.
" + "smithy.api#documentation": "A list of custom SageMaker AI images that are configured to run as a KernelGateway\n app.
" } }, "LifecycleConfigArns": { @@ -37656,12 +37825,12 @@ "FileSystemConfig": { "target": "com.amazonaws.sagemaker#FileSystemConfig", "traits": { - "smithy.api#documentation": "The Amazon Elastic File System storage configuration for a SageMaker image.
" + "smithy.api#documentation": "The Amazon Elastic File System storage configuration for a SageMaker AI image.
" } } }, "traits": { - "smithy.api#documentation": "The configuration for the file system and kernels in a SageMaker image running as a\n KernelGateway app.
" + "smithy.api#documentation": "The configuration for the file system and kernels in a SageMaker AI image running as a\n KernelGateway app.
" } }, "com.amazonaws.sagemaker#KernelName": { @@ -38715,7 +38884,7 @@ "SageMakerImageVersionAliases": { "target": "com.amazonaws.sagemaker#SageMakerImageVersionAliases", "traits": { - "smithy.api#documentation": "A list of SageMaker image version aliases.
" + "smithy.api#documentation": "A list of SageMaker AI image version aliases.
" } }, "NextToken": { @@ -39831,7 +40000,7 @@ "NextToken": { "target": "com.amazonaws.sagemaker#NextToken", "traits": { - "smithy.api#documentation": "If the response is truncated, Amazon SageMaker returns this NextToken. To retrieve\n the next set of model compilation jobs, use this token in the next request.
If the response is truncated, Amazon SageMaker AI returns this NextToken. To retrieve\n the next set of model compilation jobs, use this token in the next request.
If the response is truncated, Amazon SageMaker returns this token. To retrieve the\n next set of model quality monitoring job definitions, use it in the next request.
" + "smithy.api#documentation": "If the response is truncated, Amazon SageMaker AI returns this token. To retrieve the\n next set of model quality monitoring job definitions, use it in the next request.
" } } }, @@ -44234,7 +44403,7 @@ "NextToken": { "target": "com.amazonaws.sagemaker#NextToken", "traits": { - "smithy.api#documentation": "If the response is truncated, SageMaker returns this token. To get the next\n set of lifecycle configurations, use it in the next request.
" + "smithy.api#documentation": "If the response is truncated, SageMaker AI returns this token. To get the next\n set of lifecycle configurations, use it in the next request.
" } }, "NotebookInstanceLifecycleConfigs": { @@ -44257,7 +44426,7 @@ "target": "com.amazonaws.sagemaker#ListNotebookInstancesOutput" }, "traits": { - "smithy.api#documentation": "Returns a list of the SageMaker notebook instances in the requester's\n account in an Amazon Web Services Region.
", + "smithy.api#documentation": "Returns a list of the SageMaker AI notebook instances in the requester's\n account in an Amazon Web Services Region.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -44358,7 +44527,7 @@ "NextToken": { "target": "com.amazonaws.sagemaker#NextToken", "traits": { - "smithy.api#documentation": "If the response to the previous ListNotebookInstances request was\n truncated, SageMaker returns this token. To retrieve the next set of notebook\n instances, use the token in the next request.
If the response to the previous ListNotebookInstances request was\n truncated, SageMaker AI returns this token. To retrieve the next set of notebook\n instances, use the token in the next request.
Lists the Amazon SageMaker Studio Lifecycle Configurations in your Amazon Web Services\n Account.
", + "smithy.api#documentation": "Lists the Amazon SageMaker AI Studio Lifecycle Configurations in your Amazon Web Services\n Account.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -47107,12 +47276,6 @@ "smithy.api#enumValue": "PerformanceEvaluation" } }, - "HYPER_POD_CLUSTERS": { - "target": "smithy.api#Unit", - "traits": { - "smithy.api#enumValue": "HyperPodClusters" - } - }, "LAKERA_GUARD": { "target": "smithy.api#Unit", "traits": { @@ -47136,6 +47299,12 @@ "traits": { "smithy.api#enumValue": "Fiddler" } + }, + "HYPER_POD_CLUSTERS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "HyperPodClusters" + } } } }, @@ -48979,6 +49148,12 @@ "traits": { "smithy.api#documentation": "The additional data source that is used during inference in the Docker container for\n your model package.
" } + }, + "ModelDataETag": { + "target": "com.amazonaws.sagemaker#String", + "traits": { + "smithy.api#documentation": "The ETag associated with Model Data URL.
" + } } }, "traits": { @@ -50198,7 +50373,7 @@ "VolumeKmsKeyId": { "target": "com.amazonaws.sagemaker#KmsKeyId", "traits": { - "smithy.api#documentation": "The Key Management Service (KMS) key that Amazon SageMaker uses to\n encrypt data on the storage volume attached to the ML compute instance(s) that run the\n model monitoring job.
" + "smithy.api#documentation": "The Key Management Service (KMS) key that Amazon SageMaker AI uses to\n encrypt data on the storage volume attached to the ML compute instance(s) that run the\n model monitoring job.
" } } }, @@ -50471,7 +50646,7 @@ "target": "com.amazonaws.sagemaker#MonitoringInputs", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker Endpoint.
", + "smithy.api#documentation": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker AI Endpoint.
", "smithy.api#required": {} } }, @@ -50521,7 +50696,7 @@ "target": "com.amazonaws.sagemaker#RoleArn", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can \n assume to perform tasks on your behalf.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker AI can \n assume to perform tasks on your behalf.
", "smithy.api#required": {} } } @@ -50689,7 +50864,7 @@ "KmsKeyId": { "target": "com.amazonaws.sagemaker#KmsKeyId", "traits": { - "smithy.api#documentation": "The Key Management Service (KMS) key that Amazon SageMaker uses to\n encrypt the model artifacts at rest using Amazon S3 server-side encryption.
" + "smithy.api#documentation": "The Key Management Service (KMS) key that Amazon SageMaker AI uses to\n encrypt the model artifacts at rest using Amazon S3 server-side encryption.
" } } }, @@ -50762,7 +50937,7 @@ "target": "com.amazonaws.sagemaker#MonitoringS3Uri", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker\n saves the results of a monitoring job.
", + "smithy.api#documentation": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker AI\n saves the results of a monitoring job.
", "smithy.api#required": {} } }, @@ -50770,7 +50945,7 @@ "target": "com.amazonaws.sagemaker#ProcessingLocalPath", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The local path to the Amazon S3 storage location where Amazon SageMaker\n saves the results of a monitoring job. LocalPath is an absolute path for the output\n data.
", + "smithy.api#documentation": "The local path to the Amazon S3 storage location where Amazon SageMaker AI\n saves the results of a monitoring job. LocalPath is an absolute path for the output\n data.
", "smithy.api#required": {} } }, @@ -51140,7 +51315,7 @@ } }, "traits": { - "smithy.api#documentation": "The VpcConfig configuration object that specifies the VPC that you want the\n compilation jobs to connect to. For more information on controlling access to your Amazon S3\n buckets used for compilation job, see Give Amazon SageMaker Compilation Jobs Access to\n Resources in Your Amazon VPC.
" + "smithy.api#documentation": "The VpcConfig configuration object that specifies the VPC that you want the\n compilation jobs to connect to. For more information on controlling access to your Amazon S3\n buckets used for compilation job, see Give Amazon SageMaker AI Compilation Jobs Access to\n Resources in Your Amazon VPC.
" } }, "com.amazonaws.sagemaker#NeoVpcSecurityGroupId": { @@ -51647,18 +51822,18 @@ "DefaultCodeRepository": { "target": "com.amazonaws.sagemaker#CodeRepositoryNameOrUrl", "traits": { - "smithy.api#documentation": "The Git repository associated with the notebook instance as its default code\n repository. This can be either the name of a Git repository stored as a resource in your\n account, or the URL of a Git repository in Amazon Web Services CodeCommit\n or in any other Git repository. When you open a notebook instance, it opens in the\n directory that contains this repository. For more information, see Associating Git\n Repositories with SageMaker Notebook Instances.
" + "smithy.api#documentation": "The Git repository associated with the notebook instance as its default code\n repository. This can be either the name of a Git repository stored as a resource in your\n account, or the URL of a Git repository in Amazon Web Services CodeCommit\n or in any other Git repository. When you open a notebook instance, it opens in the\n directory that contains this repository. For more information, see Associating Git\n Repositories with SageMaker AI Notebook Instances.
" } }, "AdditionalCodeRepositories": { "target": "com.amazonaws.sagemaker#AdditionalCodeRepositoryNamesOrUrls", "traits": { - "smithy.api#documentation": "An array of up to three Git repositories associated with the notebook instance. These\n can be either the names of Git repositories stored as resources in your account, or the\n URL of Git repositories in Amazon Web Services CodeCommit\n or in any other Git repository. These repositories are cloned at the same level as the\n default repository of your notebook instance. For more information, see Associating Git\n Repositories with SageMaker Notebook Instances.
" + "smithy.api#documentation": "An array of up to three Git repositories associated with the notebook instance. These\n can be either the names of Git repositories stored as resources in your account, or the\n URL of Git repositories in Amazon Web Services CodeCommit\n or in any other Git repository. These repositories are cloned at the same level as the\n default repository of your notebook instance. For more information, see Associating Git\n Repositories with SageMaker AI Notebook Instances.
" } } }, "traits": { - "smithy.api#documentation": "Provides summary information for an SageMaker notebook instance.
" + "smithy.api#documentation": "Provides summary information for an SageMaker AI notebook instance.
" } }, "com.amazonaws.sagemaker#NotebookInstanceSummaryList": { @@ -52771,7 +52946,7 @@ "target": "com.amazonaws.sagemaker#S3Uri", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "Identifies the S3 bucket where you want Amazon SageMaker to store the model artifacts. For\n example, s3://bucket-name/key-name-prefix.
Identifies the S3 bucket where you want Amazon SageMaker AI to store the model artifacts. For\n example, s3://bucket-name/key-name-prefix.
The Amazon Web Services Key Management Service key (Amazon Web Services KMS) that Amazon SageMaker\n uses to encrypt your output models with Amazon S3 server-side encryption after compilation\n job. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your\n role's account. For more information, see KMS-Managed Encryption\n Keys in the Amazon Simple Storage Service Developer\n Guide.\n
\nThe KmsKeyId can be any of the following formats:
\nKey ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
Key ARN:\n arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
Alias name: alias/ExampleAlias\n
Alias name ARN:\n arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\n
The Amazon Web Services Key Management Service key (Amazon Web Services KMS) that Amazon SageMaker AI\n uses to encrypt your output models with Amazon S3 server-side encryption after compilation\n job. If you don't provide a KMS key ID, Amazon SageMaker AI uses the default KMS key for Amazon S3 for your\n role's account. For more information, see KMS-Managed Encryption\n Keys in the Amazon Simple Storage Service Developer\n Guide.\n
\nThe KmsKeyId can be any of the following formats:
\nKey ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
Key ARN:\n arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
Alias name: alias/ExampleAlias\n
Alias name ARN:\n arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\n
A list of custom SageMaker images that are configured to run as a RSession\n app.
" + "smithy.api#documentation": "A list of custom SageMaker AI images that are configured to run as a RSession\n app.
" } } }, @@ -60006,7 +60181,7 @@ "SageMakerImageArn": { "target": "com.amazonaws.sagemaker#ImageArn", "traits": { - "smithy.api#documentation": "The ARN of the SageMaker image that the image version belongs to.
" + "smithy.api#documentation": "The ARN of the SageMaker AI image that the image version belongs to.
" } }, "SageMakerImageVersionArn": { @@ -60035,7 +60210,7 @@ } }, "traits": { - "smithy.api#documentation": "Specifies the ARN's of a SageMaker image and SageMaker image version, and the instance type that\n the version runs on.
" + "smithy.api#documentation": "Specifies the ARN's of a SageMaker AI image and SageMaker AI image version, and the instance type that\n the version runs on.
" } }, "com.amazonaws.sagemaker#ResourceType": { @@ -60548,6 +60723,18 @@ "traits": { "smithy.api#documentation": "The Amazon S3 URI of the manifest file. The manifest file is a CSV file that stores the\n artifact locations.
" } + }, + "ETag": { + "target": "com.amazonaws.sagemaker#String", + "traits": { + "smithy.api#documentation": "The ETag associated with S3 URI.
" + } + }, + "ManifestEtag": { + "target": "com.amazonaws.sagemaker#String", + "traits": { + "smithy.api#documentation": "The ETag associated with Manifest S3URI.
" + } } }, "traits": { @@ -62919,7 +63106,7 @@ "target": "com.amazonaws.sagemaker#ScheduleExpression", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "A cron expression that describes details about the monitoring schedule.
\nThe supported cron expressions are:
\nIf you want to set the job to start every hour, use the following:
\n\n Hourly: cron(0 * ? * * *)\n
If you want to start the job daily:
\n\n cron(0 [00-23] ? * * *)\n
If you want to run the job one time, immediately, use the following\n keyword:
\n\n NOW\n
For example, the following are valid cron expressions:
\nDaily at noon UTC: cron(0 12 ? * * *)\n
Daily at midnight UTC: cron(0 0 ? * * *)\n
To support running every 6, 12 hours, the following are also supported:
\n\n cron(0 [00-23]/[01-24] ? * * *)\n
For example, the following are valid cron expressions:
\nEvery 12 hours, starting at 5pm UTC: cron(0 17/12 ? * * *)\n
Every two hours starting at midnight: cron(0 0/2 ? * * *)\n
Even though the cron expression is set to start at 5PM UTC, note that there\n could be a delay of 0-20 minutes from the actual requested time to run the\n execution.
\nWe recommend that if you would like a daily schedule, you do not provide this\n parameter. Amazon SageMaker will pick a time for running every day.
\nYou can also specify the keyword NOW to run the monitoring job immediately,\n one time, without recurring.
A cron expression that describes details about the monitoring schedule.
\nThe supported cron expressions are:
\nIf you want to set the job to start every hour, use the following:
\n\n Hourly: cron(0 * ? * * *)\n
If you want to start the job daily:
\n\n cron(0 [00-23] ? * * *)\n
If you want to run the job one time, immediately, use the following\n keyword:
\n\n NOW\n
For example, the following are valid cron expressions:
\nDaily at noon UTC: cron(0 12 ? * * *)\n
Daily at midnight UTC: cron(0 0 ? * * *)\n
To support running every 6, 12 hours, the following are also supported:
\n\n cron(0 [00-23]/[01-24] ? * * *)\n
For example, the following are valid cron expressions:
\nEvery 12 hours, starting at 5pm UTC: cron(0 17/12 ? * * *)\n
Every two hours starting at midnight: cron(0 0/2 ? * * *)\n
Even though the cron expression is set to start at 5PM UTC, note that there\n could be a delay of 0-20 minutes from the actual requested time to run the\n execution.
\nWe recommend that if you would like a daily schedule, you do not provide this\n parameter. Amazon SageMaker AI will pick a time for running every day.
\nYou can also specify the keyword NOW to run the monitoring job immediately,\n one time, without recurring.
Specifies options for sharing Amazon SageMaker Studio notebooks. These settings are\n specified as part of DefaultUserSettings when the CreateDomain API\n is called, and as part of UserSettings when the CreateUserProfile\n API is called. When SharingSettings is not specified, notebook sharing isn't\n allowed.
Specifies options for sharing Amazon SageMaker AI Studio notebooks. These settings are\n specified as part of DefaultUserSettings when the CreateDomain API\n is called, and as part of UserSettings when the CreateUserProfile\n API is called. When SharingSettings is not specified, notebook sharing isn't\n allowed.
Specifies the location of ML model data to deploy during endpoint creation.
" } }, + "ModelDataETag": { + "target": "com.amazonaws.sagemaker#String", + "traits": { + "smithy.api#documentation": "The ETag associated with Model Data URL.
" + } + }, "AlgorithmName": { "target": "com.amazonaws.sagemaker#ArnOrName", "traits": { @@ -64680,7 +64873,7 @@ "AppType": { "target": "com.amazonaws.sagemaker#AppType", "traits": { - "smithy.api#documentation": "The type of app created within the space.
" + "smithy.api#documentation": "The type of app created within the space.
\nIf using the \n UpdateSpace API, you can't change the app type of your\n space by specifying a different value for this field.
" } }, "SpaceStorageSettings": { @@ -64692,7 +64885,7 @@ "CustomFileSystems": { "target": "com.amazonaws.sagemaker#CustomFileSystems", "traits": { - "smithy.api#documentation": "A file system, created by you, that you assign to a space for an Amazon SageMaker\n Domain. Permitted users can access this file system in Amazon SageMaker Studio.
" + "smithy.api#documentation": "A file system, created by you, that you assign to a space for an Amazon SageMaker AI\n Domain. Permitted users can access this file system in Amazon SageMaker AI Studio.
" } } }, @@ -65139,7 +65332,7 @@ } ], "traits": { - "smithy.api#documentation": "Launches an ML compute instance with the latest version of the libraries and\n attaches your ML storage volume. After configuring the notebook instance, SageMaker sets the notebook instance status to InService. A notebook\n instance's status must be InService before you can connect to your Jupyter\n notebook.
Launches an ML compute instance with the latest version of the libraries and\n attaches your ML storage volume. After configuring the notebook instance, SageMaker AI sets the notebook instance status to InService. A notebook\n instance's status must be InService before you can connect to your Jupyter\n notebook.
Stops a model compilation job.
\nTo stop a job, Amazon SageMaker sends the algorithm the SIGTERM signal. This gracefully shuts the\n job down. If the job hasn't stopped, it sends the SIGKILL signal.
\nWhen it receives a StopCompilationJob request, Amazon SageMaker changes the\n CompilationJobStatus of the job to Stopping. After Amazon\n SageMaker stops the job, it sets the CompilationJobStatus to\n Stopped.
Stops a model compilation job.
\nTo stop a job, Amazon SageMaker AI sends the algorithm the SIGTERM signal. This gracefully shuts the\n job down. If the job hasn't stopped, it sends the SIGKILL signal.
\nWhen it receives a StopCompilationJob request, Amazon SageMaker AI changes the\n CompilationJobStatus of the job to Stopping. After Amazon\n SageMaker stops the job, it sets the CompilationJobStatus to\n Stopped.
Terminates the ML compute instance. Before terminating the instance, SageMaker disconnects the ML storage volume from it. SageMaker preserves the\n ML storage volume. SageMaker stops charging you for the ML compute instance when\n you call StopNotebookInstance.
To access data on the ML storage volume for a notebook instance that has been\n terminated, call the StartNotebookInstance API.\n StartNotebookInstance launches another ML compute instance, configures\n it, and attaches the preserved ML storage volume so you can continue your work.\n
Terminates the ML compute instance. Before terminating the instance, SageMaker AI disconnects the ML storage volume from it. SageMaker AI preserves the\n ML storage volume. SageMaker AI stops charging you for the ML compute instance when\n you call StopNotebookInstance.
To access data on the ML storage volume for a notebook instance that has been\n terminated, call the StartNotebookInstance API.\n StartNotebookInstance launches another ML compute instance, configures\n it, and attaches the preserved ML storage volume so you can continue your work.\n
The name of the Amazon SageMaker Studio Lifecycle Configuration.
" + "smithy.api#documentation": "The name of the Amazon SageMaker AI Studio Lifecycle Configuration.
" } }, "CreationTime": { "target": "com.amazonaws.sagemaker#Timestamp", "traits": { - "smithy.api#documentation": "The creation time of the Amazon SageMaker Studio Lifecycle Configuration.
" + "smithy.api#documentation": "The creation time of the Amazon SageMaker AI Studio Lifecycle Configuration.
" } }, "LastModifiedTime": { "target": "com.amazonaws.sagemaker#Timestamp", "traits": { - "smithy.api#documentation": "This value is equivalent to CreationTime because Amazon SageMaker Studio Lifecycle\n Configurations are immutable.
" + "smithy.api#documentation": "This value is equivalent to CreationTime because Amazon SageMaker AI Studio Lifecycle\n Configurations are immutable.
" } }, "StudioLifecycleConfigAppType": { @@ -66200,7 +66393,7 @@ } }, "traits": { - "smithy.api#documentation": "Details of the Amazon SageMaker Studio Lifecycle Configuration.
" + "smithy.api#documentation": "Details of the Amazon SageMaker AI Studio Lifecycle Configuration.
" } }, "com.amazonaws.sagemaker#StudioLifecycleConfigName": { @@ -67061,7 +67254,7 @@ "DefaultResourceSpec": { "target": "com.amazonaws.sagemaker#ResourceSpec", "traits": { - "smithy.api#documentation": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker\n image created on the instance.
" + "smithy.api#documentation": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker AI\n image created on the instance.
" } } }, @@ -70282,6 +70475,18 @@ "smithy.api#enumValue": "ml.g5.48xlarge" } }, + "ML_TRN1_2XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.trn1.2xlarge" + } + }, + "ML_TRN1_32XLARGE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ml.trn1.32xlarge" + } + }, "ML_INF2_XLARGE": { "target": "smithy.api#Unit", "traits": { @@ -72434,7 +72639,7 @@ "AppNetworkAccessType": { "target": "com.amazonaws.sagemaker#AppNetworkAccessType", "traits": { - "smithy.api#documentation": "Specifies the VPC used for non-EFS traffic.
\n\n PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker, which allows direct internet access.
\n VpcOnly - All Studio traffic is through the specified VPC and\n subnets.
This configuration can only be modified if there are no apps in the\n InService, Pending, or Deleting state. The\n configuration cannot be updated if\n DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is already\n set or DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is\n provided as part of the same request.
Specifies the VPC used for non-EFS traffic.
\n\n PublicInternetOnly - Non-EFS traffic is through a VPC managed by Amazon SageMaker AI, which allows direct internet access.
\n VpcOnly - All Studio traffic is through the specified VPC and\n subnets.
This configuration can only be modified if there are no apps in the\n InService, Pending, or Deleting state. The\n configuration cannot be updated if\n DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is already\n set or DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is\n provided as part of the same request.
Updates the properties of a SageMaker image. To change the image's tags, use the\n AddTags and DeleteTags APIs.
" + "smithy.api#documentation": "Updates the properties of a SageMaker AI image. To change the image's tags, use the\n AddTags and DeleteTags APIs.
" } }, "com.amazonaws.sagemaker#UpdateImageRequest": { @@ -72907,7 +73112,7 @@ "RoleArn": { "target": "com.amazonaws.sagemaker#RoleArn", "traits": { - "smithy.api#documentation": "The new ARN for the IAM role that enables Amazon SageMaker to perform tasks on your behalf.
" + "smithy.api#documentation": "The new ARN for the IAM role that enables Amazon SageMaker AI to perform tasks on your behalf.
" } } }, @@ -72946,7 +73151,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the properties of a SageMaker image version.
" + "smithy.api#documentation": "Updates the properties of a SageMaker AI image version.
" } }, "com.amazonaws.sagemaker#UpdateImageVersionRequest": { @@ -72993,7 +73198,7 @@ "JobType": { "target": "com.amazonaws.sagemaker#JobType", "traits": { - "smithy.api#documentation": "Indicates SageMaker job type compatibility.
\n\n TRAINING: The image version is compatible with SageMaker training jobs.
\n INFERENCE: The image version is compatible with SageMaker inference jobs.
\n NOTEBOOK_KERNEL: The image version is compatible with SageMaker notebook kernels.
Indicates SageMaker AI job type compatibility.
\n\n TRAINING: The image version is compatible with SageMaker AI training jobs.
\n INFERENCE: The image version is compatible with SageMaker AI inference jobs.
\n NOTEBOOK_KERNEL: The image version is compatible with SageMaker AI notebook kernels.
The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to\n access the notebook instance. For more information, see SageMaker Roles.
\nTo be able to pass this role to SageMaker, the caller of this API must\n have the iam:PassRole permission.
The Amazon Resource Name (ARN) of the IAM role that SageMaker AI can assume to\n access the notebook instance. For more information, see SageMaker AI Roles.
\nTo be able to pass this role to SageMaker AI, the caller of this API must\n have the iam:PassRole permission.
The size, in GB, of the ML storage volume to attach to the notebook instance. The\n default value is 5 GB. ML storage volumes are encrypted, so SageMaker can't\n determine the amount of available free space on the volume. Because of this, you can\n increase the volume size when you update a notebook instance, but you can't decrease the\n volume size. If you want to decrease the size of the ML storage volume in use, create a\n new notebook instance with the desired size.
" + "smithy.api#documentation": "The size, in GB, of the ML storage volume to attach to the notebook instance. The\n default value is 5 GB. ML storage volumes are encrypted, so SageMaker AI can't\n determine the amount of available free space on the volume. Because of this, you can\n increase the volume size when you update a notebook instance, but you can't decrease the\n volume size. If you want to decrease the size of the ML storage volume in use, create a\n new notebook instance with the desired size.
" } }, "DefaultCodeRepository": { "target": "com.amazonaws.sagemaker#CodeRepositoryNameOrUrl", "traits": { - "smithy.api#documentation": "The Git repository to associate with the notebook instance as its default code\n repository. This can be either the name of a Git repository stored as a resource in your\n account, or the URL of a Git repository in Amazon Web Services CodeCommit\n or in any other Git repository. When you open a notebook instance, it opens in the\n directory that contains this repository. For more information, see Associating Git\n Repositories with SageMaker Notebook Instances.
" + "smithy.api#documentation": "The Git repository to associate with the notebook instance as its default code\n repository. This can be either the name of a Git repository stored as a resource in your\n account, or the URL of a Git repository in Amazon Web Services CodeCommit\n or in any other Git repository. When you open a notebook instance, it opens in the\n directory that contains this repository. For more information, see Associating Git\n Repositories with SageMaker AI Notebook Instances.
" } }, "AdditionalCodeRepositories": { "target": "com.amazonaws.sagemaker#AdditionalCodeRepositoryNamesOrUrls", "traits": { - "smithy.api#documentation": "An array of up to three Git repositories to associate with the notebook instance.\n These can be either the names of Git repositories stored as resources in your account,\n or the URL of Git repositories in Amazon Web Services CodeCommit\n or in any other Git repository. These repositories are cloned at the same level as the\n default repository of your notebook instance. For more information, see Associating Git\n Repositories with SageMaker Notebook Instances.
" + "smithy.api#documentation": "An array of up to three Git repositories to associate with the notebook instance.\n These can be either the names of Git repositories stored as resources in your account,\n or the URL of Git repositories in Amazon Web Services CodeCommit\n or in any other Git repository. These repositories are cloned at the same level as the\n default repository of your notebook instance. For more information, see Associating Git\n Repositories with SageMaker AI Notebook Instances.
" } }, "AcceleratorTypes": { @@ -74138,7 +74343,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the settings of a space.
" + "smithy.api#documentation": "Updates the settings of a space.
\nYou can't edit the app type of a space in the SpaceSettings.
The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for\n communication.
\nOptional when the CreateDomain.AppNetworkAccessType parameter is set to\n PublicInternetOnly.
Required when the CreateDomain.AppNetworkAccessType parameter is set to\n VpcOnly, unless specified as part of the DefaultUserSettings for\n the domain.
Amazon SageMaker adds a security group to allow NFS traffic from Amazon SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the\n maximum number shown.
\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
" + "smithy.api#documentation": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for\n communication.
\nOptional when the CreateDomain.AppNetworkAccessType parameter is set to\n PublicInternetOnly.
Required when the CreateDomain.AppNetworkAccessType parameter is set to\n VpcOnly, unless specified as part of the DefaultUserSettings for\n the domain.
Amazon SageMaker AI adds a security group to allow NFS traffic from Amazon SageMaker AI Studio. Therefore, the number of security groups that you can specify is one less than the\n maximum number shown.
\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
" } }, "SharingSettings": { "target": "com.amazonaws.sagemaker#SharingSettings", "traits": { - "smithy.api#documentation": "Specifies options for sharing Amazon SageMaker Studio notebooks.
" + "smithy.api#documentation": "Specifies options for sharing Amazon SageMaker AI Studio notebooks.
" } }, "JupyterServerAppSettings": { @@ -74906,7 +75111,7 @@ "CustomFileSystemConfigs": { "target": "com.amazonaws.sagemaker#CustomFileSystemConfigs", "traits": { - "smithy.api#documentation": "The settings for assigning a custom file system to a user profile. Permitted users can\n access this file system in Amazon SageMaker Studio.
\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
" + "smithy.api#documentation": "The settings for assigning a custom file system to a user profile. Permitted users can\n access this file system in Amazon SageMaker AI Studio.
\nSageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
" } }, "StudioWebPortalSettings": { diff --git a/codegen/sdk/aws-models/securityhub.json b/codegen/sdk/aws-models/securityhub.json index 86c6b6c2b4e..bb61de1e913 100644 --- a/codegen/sdk/aws-models/securityhub.json +++ b/codegen/sdk/aws-models/securityhub.json @@ -434,7 +434,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Information about the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
" + "smithy.api#documentation": "\n Information about the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
" } }, "com.amazonaws.securityhub#ActorSession": { @@ -466,7 +466,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Contains information about the authenticated session used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
" + "smithy.api#documentation": "\n Contains information about the authenticated session used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
" } }, "com.amazonaws.securityhub#ActorSessionMfaStatus": { @@ -521,7 +521,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Contains information about the credentials used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
" + "smithy.api#documentation": "\n Contains information about the credentials used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
" } }, "com.amazonaws.securityhub#ActorsList": { @@ -890,13 +890,13 @@ "CreatedAt": { "target": "com.amazonaws.securityhub#Timestamp", "traits": { - "smithy.api#documentation": "\n A timestamp that indicates when the rule was created.\n
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n A timestamp that indicates when the rule was created.\n
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "UpdatedAt": { "target": "com.amazonaws.securityhub#Timestamp", "traits": { - "smithy.api#documentation": "\n A timestamp that indicates when the rule was most recently updated.\n
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n A timestamp that indicates when the rule was most recently updated.\n
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "CreatedBy": { @@ -1005,25 +1005,25 @@ "FirstObservedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "\n A timestamp that indicates when the potential security issue captured by a \n finding was first observed by the security findings product.\n
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" + "smithy.api#documentation": "\n A timestamp that indicates when the potential security issue captured by a \n finding was first observed by the security findings product.\n
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
\n\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" } }, "LastObservedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "\n A timestamp that indicates when the potential security issue captured by a finding \n was most recently observed by the security findings product.\n
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" + "smithy.api#documentation": "\n A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.\n
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
\n\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" } }, "CreatedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "\n A timestamp that indicates when this finding record was created.\n
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" + "smithy.api#documentation": "\n A timestamp that indicates when this finding record was created.\n
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
\n\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" } }, "UpdatedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "\n A timestamp that indicates when the finding record was most recently updated. \n
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" + "smithy.api#documentation": "\n A timestamp that indicates when the finding record was most recently updated. \n
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
\n\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" } }, "Confidence": { @@ -1167,7 +1167,7 @@ "NoteUpdatedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "\n The timestamp of when the note was updated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" + "smithy.api#documentation": "\n The timestamp of when the note was updated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
\n\n \t\tArray Members: Minimum number of 1 item. Maximum number of 20 items.\n \t
" } }, "NoteUpdatedBy": { @@ -1247,13 +1247,13 @@ "CreatedAt": { "target": "com.amazonaws.securityhub#Timestamp", "traits": { - "smithy.api#documentation": "\n A timestamp that indicates when the rule was created.\n
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n A timestamp that indicates when the rule was created.\n
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "UpdatedAt": { "target": "com.amazonaws.securityhub#Timestamp", "traits": { - "smithy.api#documentation": "\n A timestamp that indicates when the rule was most recently updated.\n
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n A timestamp that indicates when the rule was most recently updated.\n
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "CreatedBy": { @@ -1655,13 +1655,13 @@ "FirstSeen": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "A timestamp that indicates when the API call was first\n observed.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when the API call was first\n observed.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "LastSeen": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "A timestamp that indicates when the API call was most recently\n observed.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when the API call was most recently\n observed.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -1859,7 +1859,7 @@ "CreatedDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the API was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the API was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Version": { @@ -1981,13 +1981,13 @@ "CreatedDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the stage was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the stage was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "LastUpdatedDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the stage was most recently updated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the stage was most recently updated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "WebAclArn": { @@ -2025,7 +2025,7 @@ "CreatedDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the API was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the API was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Description": { @@ -2119,7 +2119,7 @@ "CreatedDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the stage was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the stage was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Description": { @@ -2143,7 +2143,7 @@ "LastUpdatedDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the stage was most recently updated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the stage was most recently updated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "RouteSettings": { @@ -2557,7 +2557,7 @@ "CreatedTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the auto scaling group was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the auto scaling group was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "MixedInstancesPolicy": { @@ -2863,7 +2863,7 @@ "CreatedTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The creation date and time for the launch configuration.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The creation date and time for the launch configuration.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "EbsOptimized": { @@ -3457,7 +3457,7 @@ "CreatedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the certificate was requested.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the certificate was requested.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "DomainName": { @@ -3487,7 +3487,7 @@ "ImportedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the certificate was imported. Provided if the certificate type is\n IMPORTED.
This field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the certificate was imported. Provided if the certificate type is\n IMPORTED.
For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "InUseBy": { @@ -3499,7 +3499,7 @@ "IssuedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the certificate was issued. Provided if the certificate type is\n AMAZON_ISSUED.
This field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the certificate was issued. Provided if the certificate type is\n AMAZON_ISSUED.
For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Issuer": { @@ -3523,13 +3523,13 @@ "NotAfter": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The time after which the certificate becomes invalid.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The time after which the certificate becomes invalid.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "NotBefore": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The time before which the certificate is not valid.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The time before which the certificate is not valid.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Options": { @@ -3725,7 +3725,7 @@ "UpdatedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the renewal summary was last updated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the renewal summary was last updated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -3987,7 +3987,7 @@ "LastModifiedTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when that the distribution was last modified.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when that the distribution was last modified.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Logging": { @@ -5311,7 +5311,7 @@ "LastUpdateToPayPerRequestDateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "If the billing mode is PAY_PER_REQUEST, indicates when the billing mode was\n set to that value.
This field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
If the billing mode is PAY_PER_REQUEST, indicates when the billing mode was\n set to that value.
For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -5337,7 +5337,7 @@ "CreationDateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the table was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the table was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "GlobalSecondaryIndexes": { @@ -5605,13 +5605,13 @@ "LastDecreaseDateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the provisioned throughput was last decreased.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the provisioned throughput was last decreased.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "LastIncreaseDateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the provisioned throughput was last increased.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the provisioned throughput was last increased.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "NumberOfDecreasesToday": { @@ -5745,7 +5745,7 @@ "RestoreDateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates the point in time that the table was restored to.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates the point in time that the table was restored to.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "RestoreInProgress": { @@ -5765,7 +5765,7 @@ "InaccessibleEncryptionDateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "If the key is inaccessible, the date and time when DynamoDB detected that the key was\n inaccessible.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
If the key is inaccessible, the date and time when DynamoDB detected that the key was\n inaccessible.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Status": { @@ -6215,7 +6215,7 @@ "LaunchedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the instance was launched.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the instance was launched.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "NetworkInterfaces": { @@ -7685,7 +7685,7 @@ "AttachTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the attachment initiated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the attachment initiated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "AttachmentId": { @@ -8321,7 +8321,7 @@ "CreateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the volume was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the volume was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "DeviceName": { @@ -8871,7 +8871,7 @@ "LastStatusChange": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The date and time of the last change in status.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The date and time of the last change in status.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "OutsideIpAddress": { @@ -8939,7 +8939,7 @@ "ImagePublishedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The date and time when the image was pushed to the repository.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The date and time when the image was pushed to the repository.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -11948,7 +11948,7 @@ "CreatedTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the load balancer was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the load balancer was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "DnsName": { @@ -12240,7 +12240,7 @@ "CreatedTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the load balancer was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the load balancer was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "DNSName": { @@ -12785,7 +12785,7 @@ "CreatedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the IAM access key was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the IAM access key was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "PrincipalId": { @@ -12861,7 +12861,7 @@ "CreationDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the session was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the session was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -12962,7 +12962,7 @@ "CreateDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the IAM group was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the IAM group was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "GroupId": { @@ -13026,7 +13026,7 @@ "CreateDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the instance profile was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the instance profile was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "InstanceProfileId": { @@ -13082,7 +13082,7 @@ "CreateDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the role was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the role was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Path": { @@ -13146,7 +13146,7 @@ "CreateDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "When the policy was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
When the policy was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "DefaultVersionId": { @@ -13200,7 +13200,7 @@ "UpdateDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "When the policy was most recently updated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
When the policy was most recently updated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -13226,7 +13226,7 @@ "CreateDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the version was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the version was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -13268,7 +13268,7 @@ "CreateDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the role was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the role was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "InstanceProfileList": { @@ -13347,7 +13347,7 @@ "CreateDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the user was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the user was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "GroupList": { @@ -13481,7 +13481,7 @@ "CreationDate": { "target": "com.amazonaws.securityhub#Double", "traits": { - "smithy.api#documentation": "Indicates when the KMS key was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the KMS key was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "KeyId": { @@ -13619,7 +13619,7 @@ "LastModified": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the function was last updated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the function was last updated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Layers": { @@ -13823,7 +13823,7 @@ "CreatedDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the version was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the version was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -14846,7 +14846,7 @@ "ClusterCreateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "EnabledCloudWatchLogsExports": { @@ -15046,7 +15046,7 @@ "SnapshotCreateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the snapshot was taken.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the snapshot was taken.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Engine": { @@ -15082,7 +15082,7 @@ "ClusterCreateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "MasterUsername": { @@ -15310,7 +15310,7 @@ "InstanceCreateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the DB instance was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the DB instance was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "KmsKeyId": { @@ -15424,7 +15424,7 @@ "LatestRestorableTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Specifies the latest time to which a database can be restored with point-in-time\n restore.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Specifies the latest time to which a database can be restored with point-in-time\n restore.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "AutoMinorVersionUpgrade": { @@ -16273,7 +16273,7 @@ "SubscriptionCreationTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The datetime when the event notification subscription was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The datetime when the event notification subscription was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -16461,7 +16461,7 @@ "DeferMaintenanceEndTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The end of the time window for which maintenance was deferred.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The end of the time window for which maintenance was deferred.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "DeferMaintenanceIdentifier": { @@ -16473,7 +16473,7 @@ "DeferMaintenanceStartTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The start of the time window for which maintenance was deferred.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The start of the time window for which maintenance was deferred.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -16517,7 +16517,7 @@ "ClusterCreateTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the cluster was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the cluster was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "ClusterIdentifier": { @@ -16625,7 +16625,7 @@ "ExpectedNextSnapshotScheduleTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the next snapshot is expected to be taken. The cluster must have a valid\n snapshot schedule and have backups enabled.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the next snapshot is expected to be taken. The cluster must have a valid\n snapshot schedule and have backups enabled.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "ExpectedNextSnapshotScheduleTimeStatus": { @@ -16673,7 +16673,7 @@ "NextMaintenanceWindowStartTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates the start of the next maintenance window.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates the start of the next maintenance window.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "NodeType": { @@ -16869,13 +16869,13 @@ "LastFailureTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The last time when logs failed to be delivered.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The last time when logs failed to be delivered.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "LastSuccessfulDeliveryTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The last time that logs were delivered successfully.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The last time that logs were delivered successfully.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "LoggingEnabled": { @@ -17316,7 +17316,7 @@ "ExpirationDate": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "The date when objects are moved or deleted.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The date when objects are moved or deleted.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "ExpirationInDays": { @@ -17534,7 +17534,7 @@ "Date": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "A date on which to transition objects to the specified storage class. If you provide Date, you cannot provide Days.
This field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A date on which to transition objects to the specified storage class. If you provide Date, you cannot provide Days.
For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Days": { @@ -17604,7 +17604,7 @@ "CreatedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the S3 bucket was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the S3 bucket was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "ServerSideEncryptionConfiguration": { @@ -18077,7 +18077,7 @@ "LastModified": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the object was last modified.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the object was last modified.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "ETag": { @@ -18127,19 +18127,19 @@ "AdditionalCodeRepositories": { "target": "com.amazonaws.securityhub#NonEmptyStringList", "traits": { - "smithy.api#documentation": "\n An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in CodeCommit or in any other Git repository. \n These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see Associating Git repositories with SageMaker notebook instances in the Amazon SageMaker Developer Guide.\n
" + "smithy.api#documentation": "\n An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in CodeCommit or in any other Git repository. \n These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see Associating Git repositories with SageMaker AI notebook instances in the Amazon SageMaker AI Developer Guide.\n
" } }, "DefaultCodeRepository": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "\n The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in CodeCommit or in any other Git repository. \n When you open a notebook instance, it opens in the directory that contains this repository. For more information, see Associating Git repositories with SageMaker notebook instances in the Amazon SageMaker Developer Guide.\n
" + "smithy.api#documentation": "\n The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in CodeCommit or in any other Git repository. \n When you open a notebook instance, it opens in the directory that contains this repository. For more information, see Associating Git repositories with SageMaker AI notebook instances in the Amazon SageMaker AI Developer Guide.\n
" } }, "DirectInternetAccess": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "\n Sets whether SageMaker provides internet access to the notebook instance. If you set this to Disabled, this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker training and endpoint services unless you configure a Network Address Translation (NAT) Gateway in your VPC.\n
\n Sets whether SageMaker AI provides internet access to the notebook instance. If you set this to Disabled, this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker AI training and endpoint services unless you configure a Network Address Translation (NAT) Gateway in your VPC.\n
\n The Amazon Resource Name (ARN) of an Key Management Service (KMS) key that SageMaker uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see \n Enabling and disabling keys in the Key Management Service Developer Guide.\n
" + "smithy.api#documentation": "\n The Amazon Resource Name (ARN) of an Key Management Service (KMS) key that SageMaker AI uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see \n Enabling and disabling keys in the Key Management Service Developer Guide.\n
" } }, "NetworkInterfaceId": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "\n The network interface ID that SageMaker created when the instance was created.\n
" + "smithy.api#documentation": "\n The network interface ID that SageMaker AI created when the instance was created.\n
" } }, "NotebookInstanceArn": { @@ -18240,7 +18240,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Provides details about an Amazon SageMaker notebook instance.\n
" + "smithy.api#documentation": "\n Provides details about an Amazon SageMaker AI notebook instance.\n
" } }, "com.amazonaws.securityhub#AwsSageMakerNotebookInstanceMetadataServiceConfigurationDetails": { @@ -18397,20 +18397,20 @@ "FirstObservedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the security findings provider first observed the potential security\n issue that a finding captured.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the security findings provider first observed the potential security\n issue that a finding captured.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "LastObservedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the security findings provider most recently observed the potential\n security issue that a finding captured.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "CreatedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "Indicates when the security findings provider created the potential security issue that\n a finding captured.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the security findings provider created the potential security issue that\n a finding captured.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
", "smithy.api#required": {} } }, @@ -18418,7 +18418,7 @@ "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "Indicates when the security findings provider last updated the finding record.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the security findings provider last updated the finding record.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
", "smithy.api#required": {} } }, @@ -18605,7 +18605,7 @@ "ProcessedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "A timestamp that indicates when Security Hub received a finding and begins to process it.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when Security Hub received a finding and begins to process it.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "AwsAccountName": { @@ -18617,7 +18617,7 @@ "Detection": { "target": "com.amazonaws.securityhub#Detection", "traits": { - "smithy.api#documentation": "\n Provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" + "smithy.api#documentation": "\n Provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" } } }, @@ -18667,25 +18667,25 @@ "FirstObservedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "A timestamp that indicates when the security findings provider first\n observed the potential security issue that a finding captured.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when the security findings provider first\n observed the potential security issue that a finding captured.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "LastObservedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "A timestamp that indicates when the security findings provider most\n recently observed the potential security issue that a finding captured.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "CreatedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "A timestamp that indicates when the security findings provider\n created the potential security issue that a finding reflects.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when the security findings provider\n created the potential security issue that a finding reflects.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "UpdatedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "A timestamp that indicates when the security findings provider last\n updated the finding record.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when the security findings provider last\n updated the finding record.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "SeverityProduct": { @@ -18889,13 +18889,13 @@ "ProcessLaunchedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "A timestamp that identifies when the process was launched.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that identifies when the process was launched.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "ProcessTerminatedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "A timestamp that identifies when the process was terminated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that identifies when the process was terminated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "ThreatIntelIndicatorType": { @@ -18919,7 +18919,7 @@ "ThreatIntelIndicatorLastObservedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "A timestamp that identifies the last observation of a threat intelligence indicator.
" + "smithy.api#documentation": "A timestamp that identifies the last observation of a threat intelligence indicator.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "ThreatIntelIndicatorSource": { @@ -19084,7 +19084,7 @@ "ResourceContainerLaunchedAt": { "target": "com.amazonaws.securityhub#DateFilterList", "traits": { - "smithy.api#documentation": "A timestamp that identifies when the container was started.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that identifies when the container was started.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "ResourceDetailsOther": { @@ -22636,7 +22636,7 @@ "LaunchedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the container started.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the container started.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "VolumeMounts": { @@ -23628,13 +23628,13 @@ "Start": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "A timestamp that provides the start date for the date filter.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that provides the start date for the date filter.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "End": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "A timestamp that provides the end date for the date filter.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that provides the end date for the date filter.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "DateRange": { @@ -24399,7 +24399,7 @@ "AutoEnableControls": { "target": "com.amazonaws.securityhub#Boolean", "traits": { - "smithy.api#documentation": "Whether to automatically enable new controls when they are added to standards that are\n enabled.
\nIf set to true, then new controls for enabled standards are enabled\n automatically. If set to false, then new controls are not enabled.
Whether to automatically enable new controls when they are added to standards that are\n enabled.
\nIf set to true, then new controls for enabled standards are enabled\n automatically. If set to false, then new controls are not enabled.
When you automatically enable new controls, you can interact with the controls in \n the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of \n DISABLED. It can take up to several days for Security Hub to process the control release and designate the \n control as ENABLED in your account. During the processing period, you can manually enable or disable a \n control, and Security Hub will maintain that designation regardless of whether you have AutoEnableControls set to \n true.
\n A top-level object field that provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
" + "smithy.api#documentation": "\n A top-level object field that provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
" } }, "com.amazonaws.securityhub#DisableImportFindingsForProduct": { @@ -25608,7 +25608,7 @@ "UpdateTime": { "target": "com.amazonaws.securityhub#Timestamp", "traits": { - "smithy.api#documentation": "A timestamp that indicates when Security Hub \n processed the updated finding record.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when Security Hub \n processed the updated finding record.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "FindingCreated": { @@ -26508,13 +26508,13 @@ "StartTime": { "target": "com.amazonaws.securityhub#Timestamp", "traits": { - "smithy.api#documentation": "A timestamp that indicates the start time of the requested finding history.
\nIf you provide values for both StartTime and EndTime,\n Security Hub returns finding history for the specified time period. If you\n provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at\n which the API is called. If you provide a value for EndTime but not for\n StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you\n provide neither StartTime nor EndTime, Security Hub\n returns finding history from the CreatedAt timestamp of the finding to the time at which\n the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is \n limited to 90 days.
This field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates the start time of the requested finding history.
\nIf you provide values for both StartTime and EndTime,\n Security Hub returns finding history for the specified time period. If you\n provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at\n which the API is called. If you provide a value for EndTime but not for\n StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you\n provide neither StartTime nor EndTime, Security Hub\n returns finding history from the CreatedAt timestamp of the finding to the time at which\n the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is \n limited to 90 days.
For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "EndTime": { "target": "com.amazonaws.securityhub#Timestamp", "traits": { - "smithy.api#documentation": "\n An ISO 8601-formatted timestamp that indicates the end time of the requested finding history.
\nIf you provide values for both StartTime and EndTime,\n Security Hub returns finding history for the specified time period. If you\n provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at\n which the API is called. If you provide a value for EndTime but not for\n StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you\n provide neither StartTime nor EndTime, Security Hub\n returns finding history from the CreatedAt timestamp of the finding to the time at which\n the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is \n limited to 90 days.
This field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
\n An ISO 8601-formatted timestamp that indicates the end time of the requested finding history.
\nIf you provide values for both StartTime and EndTime,\n Security Hub returns finding history for the specified time period. If you\n provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at\n which the API is called. If you provide a value for EndTime but not for\n StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you\n provide neither StartTime nor EndTime, Security Hub\n returns finding history from the CreatedAt timestamp of the finding to the time at which\n the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is \n limited to 90 days.
For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "NextToken": { @@ -29317,7 +29317,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Contains information about the Autonomous System (AS) of the network \n endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" + "smithy.api#documentation": "\n Contains information about the Autonomous System (AS) of the network \n endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" } }, "com.amazonaws.securityhub#NetworkConnection": { @@ -29331,7 +29331,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Contains information about the network connection involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" + "smithy.api#documentation": "\n Contains information about the network connection involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" } }, "com.amazonaws.securityhub#NetworkConnectionAction": { @@ -29442,7 +29442,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Contains information about network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
\nThis field can provide information about the network endpoints associated with the resource in the attack sequence finding, \nor about a specific network endpoint used for the attack.
" + "smithy.api#documentation": "\n Contains information about network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
\nThis field can provide information about the network endpoints associated with the resource in the attack sequence finding, \nor about a specific network endpoint used for the attack.
" } }, "com.amazonaws.securityhub#NetworkEndpointsList": { @@ -29486,7 +29486,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Contains information about the location of a network endpoint involved in an Amazon GuardDuty Extended Threat Detection attack sequence. \nGuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" + "smithy.api#documentation": "\n Contains information about the location of a network endpoint involved in an Amazon GuardDuty Extended Threat Detection attack sequence. \nGuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" } }, "com.amazonaws.securityhub#NetworkHeader": { @@ -29611,7 +29611,7 @@ "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "A timestamp that indicates when the note was updated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when the note was updated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
", "smithy.api#required": {} } } @@ -30034,13 +30034,13 @@ "OperationStartTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the operation started.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the operation started.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "OperationEndTime": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the operation completed.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the operation completed.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "RebootOption": { @@ -30202,13 +30202,13 @@ "LaunchedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the process was launched.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the process was launched.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "TerminatedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the process was terminated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the process was terminated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, @@ -33480,7 +33480,7 @@ } }, "traits": { - "smithy.api#documentation": "\n Contains information about an Amazon GuardDuty Extended Threat Detection attack sequence finding. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" + "smithy.api#documentation": "\n Contains information about an Amazon GuardDuty Extended Threat Detection attack sequence finding. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.\n
" } }, "com.amazonaws.securityhub#Severity": { @@ -33677,7 +33677,7 @@ "Severity": { "target": "com.amazonaws.securityhub#Double", "traits": { - "smithy.api#documentation": "The severity associated with the signal. For more information about severity, see \n Findings severity levels\n in the Amazon GuardDuty User Guide.
" + "smithy.api#documentation": "The severity associated with the signal. For more information about severity, see \n Severity levels for GuardDuty findings\n in the Amazon GuardDuty User Guide.
" } }, "Count": { @@ -35032,7 +35032,7 @@ "LastObservedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the most recent instance of a threat intelligence indicator was\n observed.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the most recent instance of a threat intelligence indicator was\n observed.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "Source": { @@ -36338,7 +36338,7 @@ "AutoEnableControls": { "target": "com.amazonaws.securityhub#Boolean", "traits": { - "smithy.api#documentation": "Whether to automatically enable new controls when they are added to standards that are\n enabled.
\nBy default, this is set to true, and new controls are enabled\n automatically. To not automatically enable new controls, set this to false.\n
Whether to automatically enable new controls when they are added to standards that are\n enabled.
\nBy default, this is set to true, and new controls are enabled\n automatically. To not automatically enable new controls, set this to false.\n
When you automatically enable new controls, you can interact with the controls in \n the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of \n DISABLED. It can take up to several days for Security Hub to process the control release and designate the \n control as ENABLED in your account. During the processing period, you can manually enable or disable a \n control, and Security Hub will maintain that designation regardless of whether you have AutoEnableControls set to \n true.
\n Provides Amazon Web Services account information of the user involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide. \n
" + "smithy.api#documentation": "\n Provides Amazon Web Services account information of the user involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack \n sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you \n\t\t\t\tmust have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide. \n
" } }, "com.amazonaws.securityhub#VerificationState": { @@ -36777,13 +36777,13 @@ "VendorCreatedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the vulnerability advisory was created.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the vulnerability advisory was created.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } }, "VendorUpdatedAt": { "target": "com.amazonaws.securityhub#NonEmptyString", "traits": { - "smithy.api#documentation": "Indicates when the vulnerability advisory was last updated.
\nThis field accepts only the specified formats. Timestamps \ncan end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited \nto a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
\n YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
\n YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
\n YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
\n YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the vulnerability advisory was last updated.
\nFor more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.
" } } }, diff --git a/codegen/sdk/aws-models/sqs.json b/codegen/sdk/aws-models/sqs.json index 9a96b4f9d07..737f3c4585b 100644 --- a/codegen/sdk/aws-models/sqs.json +++ b/codegen/sdk/aws-models/sqs.json @@ -1403,7 +1403,7 @@ } ], "traits": { - "smithy.api#documentation": "Changes the visibility timeout of a specified message in a queue to a new value. The\n default visibility timeout for a message is 30 seconds. The minimum is 0 seconds. The\n maximum is 12 hours. For more information, see Visibility Timeout in the Amazon SQS Developer\n Guide.
\nFor example, if the default timeout for a queue is 60 seconds, 15 seconds have elapsed\n since you received the message, and you send a ChangeMessageVisibility call with\n VisibilityTimeout set to 10 seconds, the 10 seconds begin to count from\n the time that you make the ChangeMessageVisibility call. Thus, any attempt\n to change the visibility timeout or to delete that message 10 seconds after you\n initially change the visibility timeout (a total of 25 seconds) might result in an\n error.
An Amazon SQS message has three basic states:
\nSent to a queue by a producer.
\nReceived from the queue by a consumer.
\nDeleted from the queue.
\nA message is considered to be stored after it is sent to a queue by a producer, but not yet received from the queue by a consumer (that is, between states 1 and 2). There is no limit to the number of stored messages.\n A message is considered to be in flight after it is received from a queue by a consumer, but not yet deleted from the queue (that is, between states 2 and 3). There is a limit to the number of in flight messages.
\nLimits that apply to in flight messages are unrelated to the unlimited number of stored messages.
\nFor most standard queues (depending on queue traffic and message backlog), there can be a maximum of approximately 120,000 in flight messages (received from a queue by a consumer, but not yet deleted from the queue). \n If you reach this limit, Amazon SQS returns the OverLimit error message.\n To avoid reaching the limit, you should delete messages from the queue after they're processed. You can also increase the number of queues you use to process your messages.\n To request a limit increase, file a support request.
For FIFO queues, there can be a maximum of 20,000 in flight messages (received from a queue by a consumer, but not yet deleted from the queue). If you reach this limit, Amazon SQS returns no error messages.
\nIf you attempt to set the VisibilityTimeout to a value greater than\n the maximum time left, Amazon SQS returns an error. Amazon SQS doesn't automatically\n recalculate and increase the timeout to the maximum remaining time.
Unlike with a queue, when you change the visibility timeout for a specific message\n the timeout value is applied immediately but isn't saved in memory for that message.\n If you don't delete a message after it is received, the visibility timeout for the\n message reverts to the original timeout value (not to the value you set using the\n ChangeMessageVisibility action) the next time the message is\n received.
Changes the visibility timeout of a specified message in a queue to a new value. The\n default visibility timeout for a message is 30 seconds. The minimum is 0 seconds. The\n maximum is 12 hours. For more information, see Visibility Timeout in the Amazon SQS Developer\n Guide.
\nFor example, if the default timeout for a queue is 60 seconds, 15 seconds have elapsed\n since you received the message, and you send a ChangeMessageVisibility call with\n VisibilityTimeout set to 10 seconds, the 10 seconds begin to count from\n the time that you make the ChangeMessageVisibility call. Thus, any attempt\n to change the visibility timeout or to delete that message 10 seconds after you\n initially change the visibility timeout (a total of 25 seconds) might result in an\n error.
An Amazon SQS message has three basic states:
\nSent to a queue by a producer.
\nReceived from the queue by a consumer.
\nDeleted from the queue.
\nA message is considered to be stored after it is sent to a queue by a producer, but not yet received from the queue by a consumer (that is, between states 1 and 2). There is no limit to the number of stored messages.\n A message is considered to be in flight after it is received from a queue by a consumer, but not yet deleted from the queue (that is, between states 2 and 3). There is a limit to the number of in flight messages.
\nLimits that apply to in flight messages are unrelated to the unlimited number of stored messages.
\nFor most standard queues (depending on queue traffic and message backlog), there can be a maximum of approximately 120,000 in flight messages (received from a queue by a consumer, but not yet deleted from the queue). \n If you reach this limit, Amazon SQS returns the OverLimit error message.\n To avoid reaching the limit, you should delete messages from the queue after they're processed. You can also increase the number of queues you use to process your messages.\n To request a limit increase, file a support request.
For FIFO queues, there can be a maximum of 120,000 in flight messages (received from a queue by a consumer, but not yet deleted from the queue). If you reach this limit, Amazon SQS returns no error messages.
\nIf you attempt to set the VisibilityTimeout to a value greater than\n the maximum time left, Amazon SQS returns an error. Amazon SQS doesn't automatically\n recalculate and increase the timeout to the maximum remaining time.
Unlike with a queue, when you change the visibility timeout for a specific message\n the timeout value is applied immediately but isn't saved in memory for that message.\n If you don't delete a message after it is received, the visibility timeout for the\n message reverts to the original timeout value (not to the value you set using the\n ChangeMessageVisibility action) the next time the message is\n received.
Creates a new standard or FIFO queue. You can pass one or more attributes in\n the request. Keep the following in mind:
\nIf you don't specify the FifoQueue attribute, Amazon SQS creates a standard queue.
You can't change the queue type after you create it and you can't convert\n an existing standard queue into a FIFO queue. You must either create a new\n FIFO queue for your application or delete your existing standard queue and\n recreate it as a FIFO queue. For more information, see Moving From a Standard Queue to a FIFO Queue in the\n Amazon SQS Developer Guide.
\nIf you don't provide a value for an attribute, the queue is created with the\n default value for the attribute.
\nIf you delete a queue, you must wait at least 60 seconds before creating a\n queue with the same name.
\nTo successfully create a new queue, you must provide a queue name that adheres to the\n limits\n related to queues and is unique within the scope of your queues.
\nAfter you create a queue, you must wait at least one second after the queue is\n created to be able to use the queue.
\nTo get the queue URL, use the \n GetQueueUrl\n action.\n \n GetQueueUrl\n requires only the\n QueueName parameter. be aware of existing queue names:
If you provide the name of an existing queue along with the exact names and\n values of all the queue's attributes, CreateQueue returns the queue\n URL for the existing queue.
If the queue name, attribute names, or attribute values don't match an\n existing queue, CreateQueue returns an error.
Cross-account permissions don't apply to this action. For more information, \nsee Grant \ncross-account permissions to a role and a username in the Amazon SQS Developer Guide.
\nCreates a new standard or FIFO queue. You can pass one or more attributes in\n the request. Keep the following in mind:
\nIf you don't specify the FifoQueue attribute, Amazon SQS creates a standard queue.
You can't change the queue type after you create it and you can't convert\n an existing standard queue into a FIFO queue. You must either create a new\n FIFO queue for your application or delete your existing standard queue and\n recreate it as a FIFO queue. For more information, see Moving From a Standard Queue to a FIFO Queue in the\n Amazon SQS Developer Guide.
\nIf you don't provide a value for an attribute, the queue is created with the\n default value for the attribute.
\nIf you delete a queue, you must wait at least 60 seconds before creating a\n queue with the same name.
\nTo successfully create a new queue, you must provide a queue name that adheres to the\n limits\n related to queues and is unique within the scope of your queues.
\nAfter you create a queue, you must wait at least one second after the queue is\n created to be able to use the queue.
\nTo retrieve the URL of a queue, use the \n GetQueueUrl\n action. This action only requires the \n QueueName\n parameter.
When creating queues, keep the following points in mind:
\nIf you specify the name of an existing queue and provide the exact same names\n and values for all its attributes, the \n CreateQueue\n action will return the URL of the\n existing queue instead of creating a new one.
If you attempt to create a queue with a name that already exists but with\n different attribute names or values, the CreateQueue action will\n return an error. This ensures that existing queues are not inadvertently\n altered.
Cross-account permissions don't apply to this action. For more information, \nsee Grant \ncross-account permissions to a role and a username in the Amazon SQS Developer Guide.
\nDeletes the specified message from the specified queue. To select the message to\n delete, use the ReceiptHandle of the message (not the\n MessageId which you receive when you send the message). Amazon SQS can\n delete a message from a queue even if a visibility timeout setting causes the message to\n be locked by another consumer. Amazon SQS automatically deletes messages left in a queue\n longer than the retention period configured for the queue.
The ReceiptHandle is associated with a specific\n instance of receiving a message. If you receive a message more than\n once, the ReceiptHandle is different each time you receive a message.\n When you use the DeleteMessage action, you must provide the most\n recently received ReceiptHandle for the message (otherwise, the request\n succeeds, but the message will not be deleted).
For standard queues, it is possible to receive a message even after you\n delete it. This might happen on rare occasions if one of the servers which stores a\n copy of the message is unavailable when you send the request to delete the message.\n The copy remains on the server and might be returned to you during a subsequent\n receive request. You should ensure that your application is idempotent, so that\n receiving a message more than once does not cause issues.
\nDeletes the specified message from the specified queue. To select the message to\n delete, use the ReceiptHandle of the message (not the\n MessageId which you receive when you send the message). Amazon SQS can\n delete a message from a queue even if a visibility timeout setting causes the message to\n be locked by another consumer. Amazon SQS automatically deletes messages left in a queue\n longer than the retention period configured for the queue.
Each time you receive a message, meaning when a consumer retrieves a message from\n the queue, it comes with a unique ReceiptHandle. If you receive the\n same message more than once, you will get a different ReceiptHandle\n each time. When you want to delete a message using the DeleteMessage\n action, you must use the ReceiptHandle from the most recent time you\n received the message. If you use an old ReceiptHandle, the request will\n succeed, but the message might not be deleted.
For standard queues, it is possible to receive a message even after you\n delete it. This might happen on rare occasions if one of the servers which stores a\n copy of the message is unavailable when you send the request to delete the message.\n The copy remains on the server and might be returned to you during a subsequent\n receive request. You should ensure that your application is idempotent, so that\n receiving a message more than once does not cause issues.
\nReturns the URL of an existing Amazon SQS queue.
\nTo access a queue that belongs to another AWS account, use the\n QueueOwnerAWSAccountId parameter to specify the account ID of the\n queue's owner. The queue's owner must grant you permission to access the queue. For more\n information about shared queue access, see \n AddPermission\n \n or see Allow Developers to Write Messages to a Shared Queue in the Amazon SQS\n Developer Guide.
The GetQueueUrl API returns the URL of an existing Amazon SQS queue. This is\n useful when you know the queue's name but need to retrieve its URL for further\n operations.
To access a queue owned by another Amazon Web Services account, use the\n QueueOwnerAWSAccountId parameter to specify the account ID of the\n queue's owner. Note that the queue owner must grant you the necessary permissions to\n access the queue. For more information about accessing shared queues, see the\n \n AddPermission\n API or Allow developers to write messages to a shared queue in the Amazon SQS\n Developer Guide.
The name of the queue whose URL must be fetched. Maximum 80 characters. Valid values:\n alphanumeric characters, hyphens (-), and underscores\n (_).
Queue URLs and names are case-sensitive.
", + "smithy.api#documentation": "(Required) The name of the queue for which you want to fetch the URL. The name can be\n up to 80 characters long and can include alphanumeric characters, hyphens (-), and\n underscores (_). Queue URLs and names are case-sensitive.
", "smithy.api#required": {} } }, "QueueOwnerAWSAccountId": { "target": "com.amazonaws.sqs#String", "traits": { - "smithy.api#documentation": "The Amazon Web Services account ID of the account that created the queue.
" + "smithy.api#documentation": "(Optional) The Amazon Web Services account ID of the account that created the queue. This is only\n required when you are attempting to access a queue owned by another\n Amazon Web Services account.
" } } }, "traits": { - "smithy.api#documentation": "", + "smithy.api#documentation": "Retrieves the URL of an existing queue based on its name and, optionally, the Amazon Web Services\n account ID.
", "smithy.api#input": {} } }, @@ -2084,7 +2084,7 @@ "code": "InvalidAddress", "httpResponseCode": 404 }, - "smithy.api#documentation": "The accountId is invalid.
The specified ID is invalid.
", "smithy.api#error": "client", "smithy.api#httpError": 404 } @@ -2165,7 +2165,7 @@ "code": "InvalidSecurity", "httpResponseCode": 403 }, - "smithy.api#documentation": "When the request to a queue is not HTTPS and SigV4.
", + "smithy.api#documentation": "The request was not made over HTTPS or did not use SigV4 for signing.
", "smithy.api#error": "client", "smithy.api#httpError": 403 } @@ -3225,7 +3225,7 @@ "code": "AWS.SimpleQueueService.NonExistentQueue", "httpResponseCode": 400 }, - "smithy.api#documentation": "The specified queue doesn't exist.
", + "smithy.api#documentation": "Ensure that the QueueUrl is correct and that the queue has not been\n deleted.
Retrieves one or more messages (up to 10), from the specified queue. Using the\n WaitTimeSeconds parameter enables long-poll support. For more\n information, see Amazon SQS\n Long Polling in the Amazon SQS Developer Guide.
Short poll is the default behavior where a weighted random set of machines is sampled\n on a ReceiveMessage call. Thus, only the messages on the sampled machines\n are returned. If the number of messages in the queue is small (fewer than 1,000), you\n most likely get fewer messages than you requested per ReceiveMessage call.\n If the number of messages in the queue is extremely small, you might not receive any\n messages in a particular ReceiveMessage response. If this happens, repeat\n the request.
For each message returned, the response includes the following:
\nThe message body.
\nAn MD5 digest of the message body. For information about MD5, see RFC1321.
\nThe MessageId you received when you sent the message to the\n queue.
The receipt handle.
\nThe message attributes.
\nAn MD5 digest of the message attributes.
\nThe receipt handle is the identifier you must provide when deleting the message. For\n more information, see Queue and Message Identifiers in the Amazon SQS Developer\n Guide.
\nYou can provide the VisibilityTimeout parameter in your request. The\n parameter is applied to the messages that Amazon SQS returns in the response. If you don't\n include the parameter, the overall visibility timeout for the queue is used for the\n returned messages. For more information, see Visibility Timeout in the Amazon SQS Developer\n Guide.
A message that isn't deleted or a message whose visibility isn't extended before the\n visibility timeout expires counts as a failed receive. Depending on the configuration of\n the queue, the message might be sent to the dead-letter queue.
\nIn the future, new attributes might be added. If you write code that calls this action, we recommend that you structure your code so that it can handle new attributes gracefully.
\nRetrieves one or more messages (up to 10), from the specified queue. Using the\n WaitTimeSeconds parameter enables long-poll support. For more\n information, see Amazon SQS\n Long Polling in the Amazon SQS Developer Guide.
Short poll is the default behavior where a weighted random set of machines is sampled\n on a ReceiveMessage call. Therefore, only the messages on the sampled\n machines are returned. If the number of messages in the queue is small (fewer than\n 1,000), you most likely get fewer messages than you requested per\n ReceiveMessage call. If the number of messages in the queue is\n extremely small, you might not receive any messages in a particular\n ReceiveMessage response. If this happens, repeat the request.
For each message returned, the response includes the following:
\nThe message body.
\nAn MD5 digest of the message body. For information about MD5, see RFC1321.
\nThe MessageId you received when you sent the message to the\n queue.
The receipt handle.
\nThe message attributes.
\nAn MD5 digest of the message attributes.
\nThe receipt handle is the identifier you must provide when deleting the message. For\n more information, see Queue and Message Identifiers in the Amazon SQS Developer\n Guide.
\nYou can provide the VisibilityTimeout parameter in your request. The\n parameter is applied to the messages that Amazon SQS returns in the response. If you don't\n include the parameter, the overall visibility timeout for the queue is used for the\n returned messages. The default visibility timeout for a queue is 30 seconds.
In the future, new attributes might be added. If you write code that calls this action, we recommend that you structure your code so that it can handle new attributes gracefully.
\n This parameter has been deprecated but will be supported for backward\n compatibility. To provide attribute names, you are encouraged to use\n MessageSystemAttributeNames.
A list of attributes that need to be returned along with each message. These\n attributes include:
\n\n All – Returns all values.
\n ApproximateFirstReceiveTimestamp – Returns the time the\n message was first received from the queue (epoch time in\n milliseconds).
\n ApproximateReceiveCount – Returns the number of times a\n message has been received across all queues but not deleted.
\n AWSTraceHeader – Returns the X-Ray trace\n header string.
\n SenderId\n
For a user, returns the user ID, for example\n ABCDEFGHI1JKLMNOPQ23R.
For an IAM role, returns the IAM role ID, for example\n ABCDE1F2GH3I4JK5LMNOP:i-a123b456.
\n SentTimestamp – Returns the time the message was sent to the\n queue (epoch time in\n milliseconds).
\n SqsManagedSseEnabled – Enables server-side queue encryption\n using SQS owned encryption keys. Only one server-side encryption option is\n supported per queue (for example, SSE-KMS or SSE-SQS).
\n MessageDeduplicationId – Returns the value provided by the\n producer that calls the \n SendMessage\n \n action.
\n MessageGroupId – Returns the value provided by the\n producer that calls the \n SendMessage\n action.\n Messages with the same MessageGroupId are returned in\n sequence.
\n SequenceNumber – Returns the value provided by\n Amazon SQS.
This parameter has been discontinued but will be supported for backward\n compatibility. To provide attribute names, you are encouraged to use\n MessageSystemAttributeNames.
A list of attributes that need to be returned along with each message. These\n attributes include:
\n\n All – Returns all values.
\n ApproximateFirstReceiveTimestamp – Returns the time the\n message was first received from the queue (epoch time in\n milliseconds).
\n ApproximateReceiveCount – Returns the number of times a\n message has been received across all queues but not deleted.
\n AWSTraceHeader – Returns the X-Ray trace\n header string.
\n SenderId\n
For a user, returns the user ID, for example\n ABCDEFGHI1JKLMNOPQ23R.
For an IAM role, returns the IAM role ID, for example\n ABCDE1F2GH3I4JK5LMNOP:i-a123b456.
\n SentTimestamp – Returns the time the message was sent to the\n queue (epoch time in\n milliseconds).
\n SqsManagedSseEnabled – Enables server-side queue encryption\n using SQS owned encryption keys. Only one server-side encryption option is\n supported per queue (for example, SSE-KMS or SSE-SQS).
\n MessageDeduplicationId – Returns the value provided by the\n producer that calls the \n SendMessage\n \n action.
\n MessageGroupId – Returns the value provided by the\n producer that calls the \n SendMessage\n action.\n Messages with the same MessageGroupId are returned in\n sequence.
\n SequenceNumber – Returns the value provided by\n Amazon SQS.
The duration (in seconds) that the received messages are hidden from subsequent\n retrieve requests after being retrieved by a ReceiveMessage request.
The duration (in seconds) that the received messages are hidden from subsequent\n retrieve requests after being retrieved by a ReceiveMessage request. If not\n specified, the default visibility timeout for the queue is used, which is 30\n seconds.
Understanding VisibilityTimeout:
When a message is received from a queue, it becomes temporarily invisible to\n other consumers for the duration of the visibility timeout. This prevents\n multiple consumers from processing the same message simultaneously. If the\n message is not deleted or its visibility timeout is not extended before the\n timeout expires, it becomes visible again and can be retrieved by other\n consumers.
\nSetting an appropriate visibility timeout is crucial. If it's too short, the\n message might become visible again before processing is complete, leading to\n duplicate processing. If it's too long, it delays the reprocessing of messages\n if the initial processing fails.
\nYou can adjust the visibility timeout using the\n --visibility-timeout parameter in the\n receive-message command to match the processing time required\n by your application.
A message that isn't deleted or a message whose visibility isn't extended\n before the visibility timeout expires counts as a failed receive. Depending on\n the configuration of the queue, the message might be sent to the dead-letter\n queue.
\nFor more information, see Visibility Timeout in the Amazon SQS Developer\n Guide.
" } }, "WaitTimeSeconds": { "target": "com.amazonaws.sqs#NullableInteger", "traits": { - "smithy.api#documentation": "The duration (in seconds) for which the call waits for a message to arrive in the\n queue before returning. If a message is available, the call returns sooner than\n WaitTimeSeconds. If no messages are available and the wait time\n expires, the call does not return a message list.
To avoid HTTP errors, ensure that the HTTP response timeout for\n ReceiveMessage requests is longer than the\n WaitTimeSeconds parameter. For example, with the Java SDK, you can\n set HTTP transport settings using the NettyNioAsyncHttpClient for asynchronous clients, or the ApacheHttpClient for synchronous clients.
The duration (in seconds) for which the call waits for a message to arrive in the\n queue before returning. If a message is available, the call returns sooner than\n WaitTimeSeconds. If no messages are available and the wait time\n expires, the call does not return a message list. If you are using the Java SDK, it\n returns a ReceiveMessageResponse object, which has a empty list instead of\n a Null object.
To avoid HTTP errors, ensure that the HTTP response timeout for\n ReceiveMessage requests is longer than the\n WaitTimeSeconds parameter. For example, with the Java SDK, you can\n set HTTP transport settings using the NettyNioAsyncHttpClient for asynchronous clients, or the ApacheHttpClient for synchronous clients.
Retrieves one or more messages from a specified queue.
", "smithy.api#input": {} } }, @@ -3471,7 +3471,7 @@ "code": "RequestThrottled", "httpResponseCode": 403 }, - "smithy.api#documentation": "The request was denied due to request throttling.
\nThe rate of requests per second exceeds the Amazon Web Services KMS request\n quota for an account and Region.
\nA burst or sustained high rate of requests to change the state of the same KMS\n key. This condition is often known as a \"hot key.\"
\nRequests for operations on KMS keys in a Amazon Web Services CloudHSM key store\n might be throttled at a lower-than-expected rate when the Amazon Web Services\n CloudHSM cluster associated with the Amazon Web Services CloudHSM key store is\n processing numerous commands, including those unrelated to the Amazon Web Services CloudHSM key store.
\nThe request was denied due to request throttling.
\nExceeds the permitted request rate for the queue or for the recipient of the\n request.
\nEnsure that the request rate is within the Amazon SQS limits for\n sending messages. For more information, see Amazon SQS quotas in the Amazon SQS\n Developer Guide.
\nThe batch request contains more entries than permissible.
", + "smithy.api#documentation": "The batch request contains more entries than permissible. For Amazon SQS, the\n maximum number of entries you can include in a single SendMessageBatch, DeleteMessageBatch, or ChangeMessageVisibilityBatch request is 10.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } diff --git a/codegen/sdk/aws-models/ssm-sap.json b/codegen/sdk/aws-models/ssm-sap.json index fb223f76209..e437809fe89 100644 --- a/codegen/sdk/aws-models/ssm-sap.json +++ b/codegen/sdk/aws-models/ssm-sap.json @@ -572,6 +572,47 @@ "target": "com.amazonaws.ssmsap#ComponentId" } }, + "com.amazonaws.ssmsap#ComponentInfo": { + "type": "structure", + "members": { + "ComponentType": { + "target": "com.amazonaws.ssmsap#ComponentType", + "traits": { + "smithy.api#documentation": "This string is the type of the component.
\nAccepted value is WD.
This string is the SAP System ID of the component.
\nAccepted values are alphanumeric.
", + "smithy.api#required": {} + } + }, + "Ec2InstanceId": { + "target": "com.amazonaws.ssmsap#InstanceId", + "traits": { + "smithy.api#documentation": "This is the Amazon EC2 instance on which your SAP component is running.
\nAccepted values are alphanumeric.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "This is information about the component of \n your SAP application, such as Web Dispatcher.
" + } + }, + "com.amazonaws.ssmsap#ComponentInfoList": { + "type": "list", + "member": { + "target": "com.amazonaws.ssmsap#ComponentInfo" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 5 + } + } + }, "com.amazonaws.ssmsap#ComponentStatus": { "type": "enum", "members": { @@ -2518,6 +2559,12 @@ "traits": { "smithy.api#documentation": "The Amazon Resource Name of the SAP HANA database.
" } + }, + "ComponentsInfo": { + "target": "com.amazonaws.ssmsap#ComponentInfoList", + "traits": { + "smithy.api#documentation": "This is an optional parameter for component details \n to which the SAP ABAP application is attached, \n such as Web Dispatcher.
\nThis is an array of ApplicationComponent objects. \n You may input 0 to 5 items.
" + } } } }, diff --git a/codegen/sdk/aws-models/supplychain.json b/codegen/sdk/aws-models/supplychain.json index 5651911a7d1..4f3098a11b1 100644 --- a/codegen/sdk/aws-models/supplychain.json +++ b/codegen/sdk/aws-models/supplychain.json @@ -792,7 +792,7 @@ "schema": { "target": "com.amazonaws.supplychain#DataLakeDatasetSchema", "traits": { - "smithy.api#documentation": "The custom schema of the data lake dataset and is only required when the name space is default.
" + "smithy.api#documentation": "The custom schema of the data lake dataset and is only required when the name space is default.
" } }, "description": { @@ -931,6 +931,12 @@ "smithy.api#documentation": "The ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon Web Services owned KMS key. If you don't provide anything here, AWS Supply Chain uses the Amazon Web Services owned KMS key.
" } }, + "webAppDnsDomain": { + "target": "com.amazonaws.supplychain#InstanceWebAppDnsDomain", + "traits": { + "smithy.api#documentation": "The DNS subdomain of the web app. This would be \"example\" in the URL \"example.scn.global.on.aws\". You can set this to a custom value, as long as the domain isn't already being used by someone else. The name may only include alphanumeric characters and hyphens.
" + } + }, "tags": { "target": "com.amazonaws.supplychain#TagMap", "traits": { @@ -1356,6 +1362,9 @@ "traits": { "aws.api#arn": { "template": "instance/{instanceId}/data-integration-flows/{name}" + }, + "aws.cloudformation#cfnResource": { + "name": "DataIntegrationFlow" } } }, @@ -1793,6 +1802,9 @@ "aws.api#arn": { "template": "instance/{instanceId}/namespaces/{namespace}/datasets/{name}" }, + "aws.cloudformation#cfnResource": { + "name": "DataLakeDataset" + }, "smithy.api#noReplace": {} } }, @@ -2088,7 +2100,7 @@ "namespace": { "target": "com.amazonaws.supplychain#DataLakeDatasetNamespace", "traits": { - "smithy.api#documentation": "The namespace of the dataset. The available values are:
\nasc: for \n AWS Supply Chain supported datasets\n .
\ndefault: for datasets with custom user-defined schemas.
\nThe name space of the dataset. The available values are:
\n\n asc - For information on the Amazon Web Services Supply Chain supported datasets see https://docs.aws.amazon.com/aws-supply-chain/latest/userguide/data-model-asc.html.
\n\n default - For datasets with custom user-defined schemas.
\nThe name of the dataset. If the namespace is asc, the name must be one of the supported data entities\n .
", + "smithy.api#documentation": "The name of the dataset. For asc name space, the name must be one of the supported data entities under https://docs.aws.amazon.com/aws-supply-chain/latest/userguide/data-model-asc.html.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -2120,7 +2132,7 @@ "namespace": { "target": "com.amazonaws.supplychain#DataLakeDatasetNamespace", "traits": { - "smithy.api#documentation": "The namespace of deleted dataset.
", + "smithy.api#documentation": "The name space of deleted dataset.
", "smithy.api#required": {} } }, @@ -2163,7 +2175,7 @@ } ], "traits": { - "smithy.api#documentation": "Enables you to programmatically delete an Amazon Web Services Supply Chain instance by deleting the KMS keys and relevant information associated with the API without using the Amazon Web Services console.
\nThis is an asynchronous operation. Upon receiving a DeleteInstance request, Amazon Web Services Supply Chain immediately returns a response with the instance resource, delete state while cleaning up all Amazon Web Services resources created during \n the instance creation process. You can use the GetInstance action to check the instance status.
", + "smithy.api#documentation": "Enables you to programmatically delete an Amazon Web Services Supply Chain instance by deleting the KMS keys and relevant information associated with the API without using the Amazon Web Services console.
\nThis is an asynchronous operation. Upon receiving a DeleteInstance request, Amazon Web Services Supply Chain immediately returns a response with the instance resource, delete state while cleaning up all Amazon Web Services resources created during the instance creation process. You can use the GetInstance action to check the instance status.
", "smithy.api#examples": [ { "title": "Successful DeleteInstance request", @@ -3808,6 +3820,9 @@ "traits": { "aws.api#arn": { "template": "instance/{instanceId}" + }, + "aws.cloudformation#cfnResource": { + "name": "Instance" } } }, @@ -3867,7 +3882,7 @@ "com.amazonaws.supplychain#InstanceWebAppDnsDomain": { "type": "string", "traits": { - "smithy.api#pattern": "^[A-Za-z0-9]+(.[A-Za-z0-9]+)+$" + "smithy.api#pattern": "^(?![-])[a-zA-Z0-9-]{1,62}[a-zA-Z0-9]$" } }, "com.amazonaws.supplychain#InternalServerException": { @@ -4363,7 +4378,7 @@ "namespace": { "target": "com.amazonaws.supplychain#DataLakeDatasetNamespace", "traits": { - "smithy.api#documentation": "The namespace of the dataset. The available values are:
\nasc: for \n AWS Supply Chain supported datasets\n .
\ndefault: for datasets with custom user-defined schemas.
\nThe name space of the dataset. The available values are:
\n\n asc - For information on the Amazon Web Services Supply Chain supported datasets see https://docs.aws.amazon.com/aws-supply-chain/latest/userguide/data-model-asc.html.
\n\n default - For datasets with custom user-defined schemas.
\nSend the transactional data payload for the event with real-time data for analysis or monitoring. The real-time data events are stored in an Amazon Web Services service before being processed and stored in data lake. \n New data events are synced with data lake at 5 PM GMT everyday. The updated transactional data is available in data lake after ingestion.
", + "smithy.api#documentation": "Send the transactional data payload for the event with real-time data for analysis or monitoring. The real-time data events are stored in an Amazon Web Services service before being processed and stored in data lake. New data events are synced with data lake at 5 PM GMT everyday. The updated transactional data is available in data lake after ingestion.
", "smithy.api#examples": [ { "title": "Successful SendDataIntegrationEvent for inboundorder event type", @@ -4971,7 +4986,7 @@ "data": { "target": "com.amazonaws.supplychain#DataIntegrationEventData", "traits": { - "smithy.api#documentation": "The data payload of the event. For more information on the data schema to use, see Data entities supported in AWS Supply Chain\n .
", + "smithy.api#documentation": "The data payload of the event. For more information on the data schema to use, see Data entities supported in AWS Supply Chain.
", "smithy.api#required": {} } }, @@ -5093,7 +5108,7 @@ } ], "traits": { - "smithy.api#documentation": "You can create tags during or after creating a resource such as instance, data flow, or dataset in AWS Supply chain. During the data ingestion process, you can add tags such as dev, test, or prod to data flows \n created during the data ingestion process in the AWS Supply Chain datasets. You can use these tags to identify a group of resources or a single resource used by the developer.
", + "smithy.api#documentation": "You can create tags during or after creating a resource such as instance, data flow, or dataset in AWS Supply chain. During the data ingestion process, you can add tags such as dev, test, or prod to data flows created during the data ingestion process in the AWS Supply Chain datasets. You can use these tags to identify a group of resources or a single resource used by the developer.
", "smithy.api#examples": [ { "title": "Successful TagResource", @@ -5206,7 +5221,7 @@ } ], "traits": { - "smithy.api#documentation": "You can delete tags for an Amazon Web Services Supply chain resource such as instance, data flow, or dataset in AWS Supply Chain. During the data ingestion process, you can delete tags such as dev, test, or prod to data flows \n created during the data ingestion process in the AWS Supply Chain datasets.
", + "smithy.api#documentation": "You can delete tags for an Amazon Web Services Supply chain resource such as instance, data flow, or dataset in AWS Supply Chain. During the data ingestion process, you can delete tags such as dev, test, or prod to data flows created during the data ingestion process in the AWS Supply Chain datasets.
", "smithy.api#examples": [ { "title": "Successful UntagResource", diff --git a/codegen/sdk/aws-models/synthetics.json b/codegen/sdk/aws-models/synthetics.json index 571fa4c4a0e..940783ca850 100644 --- a/codegen/sdk/aws-models/synthetics.json +++ b/codegen/sdk/aws-models/synthetics.json @@ -314,7 +314,7 @@ "min": 1, "max": 2048 }, - "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:canary:[0-9a-z_\\-]{1,255}$" + "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2,4}(-[a-z]{2,4})?-[a-z]+-\\d{1}:\\d{12}:canary:[0-9a-z_\\-]{1,255}$" } }, "com.amazonaws.synthetics#CanaryCodeInput": { @@ -1526,7 +1526,7 @@ "min": 1, "max": 2048 }, - "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?$" + "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2,4}(-[a-z]{2,4})?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?$" } }, "com.amazonaws.synthetics#GetCanary": { @@ -1777,7 +1777,7 @@ "min": 1, "max": 128 }, - "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:group:[0-9a-z]+$" + "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2,4}(-[a-z]{2,4})?-[a-z]+-\\d{1}:\\d{12}:group:[0-9a-z]+$" } }, "com.amazonaws.synthetics#GroupIdentifier": { @@ -1863,7 +1863,7 @@ "min": 1, "max": 2048 }, - "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:kms:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:key/[\\w\\-\\/]+$" + "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:kms:[a-z]{2,4}(-[a-z]{2,4})?-[a-z]+-\\d{1}:\\d{12}:key/[\\w\\-\\/]+$" } }, "com.amazonaws.synthetics#ListAssociatedGroups": { @@ -2291,7 +2291,7 @@ "min": 1, "max": 2048 }, - "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:(canary|group):[0-9a-z_\\-]+$" + "smithy.api#pattern": "^arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2,4}(-[a-z]{2,4})?-[a-z]+-\\d{1}:\\d{12}:(canary|group):[0-9a-z_\\-]+$" } }, "com.amazonaws.synthetics#ResourceList": { @@ -3987,7 +3987,7 @@ "BaseCanaryRunId": { "target": "com.amazonaws.synthetics#String", "traits": { - "smithy.api#documentation": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are \n nextrun to use the screenshots from the next run after this update is made, lastrun to use the screenshots from the most recent run \n before this update was made, or the value of Id in the \n CanaryRun from any past run of this canary.
Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are \n nextrun to use the screenshots from the next run after this update is made, lastrun to use the screenshots from the most recent run \n before this update was made, or the value of Id in the \n CanaryRun from a run of this a canary in the past 31 days. If you specify the Id of a canary run older than 31 days, \n the operation returns a 400 validation exception error..
The IDs of the security groups for this canary.
" } + }, + "Ipv6AllowedForDualStack": { + "target": "com.amazonaws.synthetics#NullableBoolean", + "traits": { + "smithy.api#documentation": "Set this to true to allow outbound IPv6 traffic on VPC canaries that are connected to dual-stack subnets. The default is false\n
The IDs of the security groups for this canary.
" } + }, + "Ipv6AllowedForDualStack": { + "target": "com.amazonaws.synthetics#NullableBoolean", + "traits": { + "smithy.api#documentation": "Indicates whether this canary allows outbound IPv6 traffic if it is connected to dual-stack subnets.
" + } } }, "traits": { diff --git a/codegen/sdk/aws-models/transfer.json b/codegen/sdk/aws-models/transfer.json index fec686b645b..9ed633734e3 100644 --- a/codegen/sdk/aws-models/transfer.json +++ b/codegen/sdk/aws-models/transfer.json @@ -180,6 +180,12 @@ "traits": { "smithy.api#documentation": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication,\n you must provide the name or Amazon Resource Name (ARN) of a secret in Secrets Manager.
\nThe default value for this parameter is null, which indicates that Basic authentication is not enabled for the connector.
If the connector should use Basic authentication, the secret needs to be in the following format:
\n\n {\n \"Username\": \"user-name\",\n \"Password\": \"user-password\"\n }\n
Replace user-name and user-password with the credentials for the actual user that is being authenticated.
Note the following:
\nYou are storing these credentials in Secrets Manager, not passing them directly into this API.
\nIf you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication.\n However, if you are using the Amazon Web Services management console, you can have the system create the secret for you.
\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the UpdateConnector API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:
\n update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'\n
Allows you to use the Amazon S3 Content-Type that is associated with objects in S3 instead of\n having the content type mapped based on the file extension. This parameter is enabled by default when you create an AS2 connector\n from the console, but disabled by default when you create an AS2 connector by calling the API directly.
Key-value pairs that can be used to group and search for agreements.
" } + }, + "PreserveFilename": { + "target": "com.amazonaws.transfer#PreserveFilenameType", + "traits": { + "smithy.api#documentation": "\n Determines whether or not Transfer Family appends a unique string of characters to the end of the AS2 message payload\n filename when saving it.\n
\n\n ENABLED: the filename provided by your trading parter is preserved when the file is saved.
\n DISABLED (default value): when Transfer Family saves the file, the filename is adjusted, as\n described in File names and locations.
\n Determines whether or not unsigned messages from your trading partners will be accepted.\n
\n\n ENABLED: Transfer Family rejects unsigned messages from your trading partner.
\n DISABLED (default value): Transfer Family accepts unsigned messages from your trading partner.
Key-value pairs that can be used to group and search for agreements.
" } + }, + "PreserveFilename": { + "target": "com.amazonaws.transfer#PreserveFilenameType", + "traits": { + "smithy.api#documentation": "\n Determines whether or not Transfer Family appends a unique string of characters to the end of the AS2 message payload\n filename when saving it.\n
\n\n ENABLED: the filename provided by your trading parter is preserved when the file is saved.
\n DISABLED (default value): when Transfer Family saves the file, the filename is adjusted, as\n described in File names and locations.
\n Determines whether or not unsigned messages from your trading partners will be accepted.\n
\n\n ENABLED: Transfer Family rejects unsigned messages from your trading partner.
\n DISABLED (default value): Transfer Family accepts unsigned messages from your trading partner.
The certificate can be either ACTIVE, PENDING_ROTATION, or\n INACTIVE. PENDING_ROTATION means that this certificate will\n replace the current certificate when it expires.
Currently, the only available status is ACTIVE: all other values are reserved for future use.
Connectors are used to send files using either the AS2 or SFTP protocol. For the access role,\n provide the Amazon Resource Name (ARN) of the Identity and Access Management role to use.
\n\n For AS2 connectors\n
\nWith AS2, you can send files by calling StartFileTransfer and specifying the\n file paths in the request parameter, SendFilePaths. We use the file’s parent\n directory (for example, for --send-file-paths /bucket/dir/file.txt, parent\n directory is /bucket/dir/) to temporarily store a processed AS2 message file,\n store the MDN when we receive them from the partner, and write a final JSON file containing\n relevant metadata of the transmission. So, the AccessRole needs to provide read\n and write access to the parent directory of the file location used in the\n StartFileTransfer request. Additionally, you need to provide read and write\n access to the parent directory of the files that you intend to send with\n StartFileTransfer.
If you are using Basic authentication for your AS2 connector, the access role requires the\n secretsmanager:GetSecretValue permission for the secret. If the secret is encrypted using\n a customer-managed key instead of the Amazon Web Services managed key in Secrets Manager, then the role also\n needs the kms:Decrypt permission for that key.
\n For SFTP connectors\n
\nMake sure that the access role provides\n read and write access to the parent directory of the file location\n that's used in the StartFileTransfer request.\n Additionally, make sure that the role provides\n secretsmanager:GetSecretValue permission to Secrets Manager.
\n Determines whether or not Transfer Family appends a unique string of characters to the end of the AS2 message payload\n filename when saving it.\n
\n\n ENABLED: the filename provided by your trading parter is preserved when the file is saved.
\n DISABLED (default value): when Transfer Family saves the file, the filename is adjusted, as\n described in File names and locations.
\n Determines whether or not unsigned messages from your trading partners will be accepted.\n
\n\n ENABLED: Transfer Family rejects unsigned messages from your trading partner.
\n DISABLED (default value): Transfer Family accepts unsigned messages from your trading partner.
Indicates if Global Accelerator for directory is enabled or disabled.
", + "smithy.api#required": {} + } + }, + "PreferredProtocol": { + "target": "com.amazonaws.workspaces#AGAPreferredProtocolForDirectory", + "traits": { + "smithy.api#documentation": "Indicates the preferred protocol for Global Accelerator.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes the Global Accelerator for directory
" + } + }, + "com.amazonaws.workspaces#GlobalAcceleratorForWorkSpace": { + "type": "structure", + "members": { + "Mode": { + "target": "com.amazonaws.workspaces#AGAModeForWorkSpaceEnum", + "traits": { + "smithy.api#documentation": "Indicates if Global Accelerator for WorkSpaces is enabled, disabled, \n or the same mode as the associated directory.
", + "smithy.api#required": {} + } + }, + "PreferredProtocol": { + "target": "com.amazonaws.workspaces#AGAPreferredProtocolForWorkSpace", + "traits": { + "smithy.api#documentation": "Indicates the preferred protocol for Global Accelerator.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes the Global Accelerator for WorkSpaces.
" + } + }, "com.amazonaws.workspaces#IDCConfig": { "type": "structure", "members": { @@ -8813,6 +8935,12 @@ "traits": { "smithy.api#documentation": "Indicates the storage connector used
" } + }, + "GlobalAccelerator": { + "target": "com.amazonaws.workspaces#GlobalAcceleratorForDirectory", + "traits": { + "smithy.api#documentation": "Indicates the Global Accelerator properties.
" + } } }, "traits": { @@ -11133,6 +11261,12 @@ "traits": { "smithy.api#documentation": "The name of the operating system.
" } + }, + "GlobalAccelerator": { + "target": "com.amazonaws.workspaces#GlobalAcceleratorForWorkSpace", + "traits": { + "smithy.api#documentation": "Indicates the Global Accelerator properties.
" + } } }, "traits": { diff --git a/codegen/sdk/packages.json b/codegen/sdk/packages.json index 681826ecff4..f8f83f8894f 100644 --- a/codegen/sdk/packages.json +++ b/codegen/sdk/packages.json @@ -210,6 +210,12 @@ "artifactName": "backupgateway", "brazilName": "AwsSdkKotlinBackupGateway" }, + { + "sdkId": "BackupSearch", + "namespace": "aws.sdk.kotlin.services.backupsearch", + "artifactName": "backupsearch", + "brazilName": "AwsSdkKotlinBackupsearch" + }, { "sdkId": "Batch", "namespace": "aws.sdk.kotlin.services.batch", diff --git a/gradle.properties b/gradle.properties index 0aa989a0535..600adf0e3f6 100644 --- a/gradle.properties +++ b/gradle.properties @@ -6,7 +6,7 @@ kotlin.native.ignoreDisabledTargets=true org.gradle.jvmargs=-Xmx6g -XX:MaxMetaspaceSize=2G # sdk -sdkVersion=1.3.95-SNAPSHOT +sdkVersion=1.3.108-SNAPSHOT # dokka config (values specified at build-time as needed) smithyKotlinDocBaseUrl=https://sdk.amazonaws.com/kotlin/api/smithy-kotlin/api/$smithyKotlinRuntimeVersion/ diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index b0713cf239f..b601621eb49 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -11,8 +11,8 @@ coroutines-version = "1.9.0" atomicfu-version = "0.25.0" # smithy-kotlin codegen and runtime are versioned separately -smithy-kotlin-runtime-version = "1.3.30" -smithy-kotlin-codegen-version = "0.33.30" +smithy-kotlin-runtime-version = "1.3.31" +smithy-kotlin-codegen-version = "0.33.31" # codegen smithy-version = "1.51.0" @@ -58,6 +58,7 @@ smithy-kotlin-aws-protocol-core = { module = "aws.smithy.kotlin:aws-protocol-cor smithy-kotlin-aws-signing-common = { module = "aws.smithy.kotlin:aws-signing-common", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-aws-signing-crt = { module = "aws.smithy.kotlin:aws-signing-crt", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-aws-signing-default = { module = "aws.smithy.kotlin:aws-signing-default", version.ref = "smithy-kotlin-runtime-version" } +smithy-kotlin-aws-signing-tests = { module = "aws.smithy.kotlin:aws-signing-tests", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-aws-xml-protocols = { module = "aws.smithy.kotlin:aws-xml-protocols", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-crt-util = { module = "aws.smithy.kotlin:crt-util", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-http = { module = "aws.smithy.kotlin:http", version.ref = "smithy-kotlin-runtime-version" } @@ -68,19 +69,22 @@ smithy-kotlin-http-client = { module = "aws.smithy.kotlin:http-client", version. smithy-kotlin-http-client-engine-crt = { module = "aws.smithy.kotlin:http-client-engine-crt", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-http-client-engine-default = { module = "aws.smithy.kotlin:http-client-engine-default", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-http-client-engine-okhttp = { module = "aws.smithy.kotlin:http-client-engine-okhttp", version.ref = "smithy-kotlin-runtime-version" } +smithy-kotlin-http-client-engine-okhttp4 = { module = "aws.smithy.kotlin:http-client-engine-okhttp4", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-http-test = { module = "aws.smithy.kotlin:http-test", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-identity-api = { module = "aws.smithy.kotlin:identity-api", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-logging-slf4j2 = { module = "aws.smithy.kotlin:logging-slf4j2", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-runtime-core = { module = "aws.smithy.kotlin:runtime-core", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-serde = { module = "aws.smithy.kotlin:serde", version.ref = "smithy-kotlin-runtime-version" } +smithy-kotlin-serde-cbor = { module = "aws.smithy.kotlin:serde-cbor", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-serde-form-url = { module = "aws.smithy.kotlin:serde-form-url", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-serde-json = { module = "aws.smithy.kotlin:serde-json", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-serde-xml = { module = "aws.smithy.kotlin:serde-xml", version.ref = "smithy-kotlin-runtime-version" } -smithy-kotlin-serde-cbor = { module = "aws.smithy.kotlin:serde-cbor", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-smithy-client = { module = "aws.smithy.kotlin:smithy-client", version.ref = "smithy-kotlin-runtime-version" } +smithy-kotlin-smithy-rpcv2-protocols = { module = "aws.smithy.kotlin:smithy-rpcv2-protocols", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-smithy-test = { module = "aws.smithy.kotlin:smithy-test", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-telemetry-api = { module = "aws.smithy.kotlin:telemetry-api", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-telemetry-defaults = { module = "aws.smithy.kotlin:telemetry-defaults", version.ref = "smithy-kotlin-runtime-version" } +smithy-kotlin-telemetry-provider-micrometer = { module = "aws.smithy.kotlin:telemetry-provider-micrometer", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-telemetry-provider-otel = { module = "aws.smithy.kotlin:telemetry-provider-otel", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-test-suite = { module = "aws.smithy.kotlin:test-suite", version.ref = "smithy-kotlin-runtime-version" } smithy-kotlin-testing = { module = "aws.smithy.kotlin:testing", version.ref = "smithy-kotlin-runtime-version" } diff --git a/hll/dynamodb-mapper/dynamodb-mapper/build.gradle.kts b/hll/dynamodb-mapper/dynamodb-mapper/build.gradle.kts index df60c718184..5841c182c07 100644 --- a/hll/dynamodb-mapper/dynamodb-mapper/build.gradle.kts +++ b/hll/dynamodb-mapper/dynamodb-mapper/build.gradle.kts @@ -9,8 +9,10 @@ import com.amazonaws.services.dynamodbv2.local.server.DynamoDBProxyServer import com.google.devtools.ksp.gradle.KspTaskJvm import com.google.devtools.ksp.gradle.KspTaskMetadata import org.jetbrains.kotlin.gradle.tasks.KotlinCompilationTask +import java.net.ServerSocket import java.nio.file.Files import java.nio.file.StandardCopyOption +import kotlin.properties.Delegates description = "High level DynamoDbMapper client" extra["displayName"] = "AWS :: SDK :: Kotlin :: HLL :: DynamoDbMapper" @@ -128,7 +130,10 @@ if (project.NATIVE_ENABLED) { } open class DynamoDbLocalInstance : DefaultTask() { - private val port = 44212 // Keep in sync with DdbLocalTest.kt + private var port: Int by Delegates.notNull() + + @OutputFile + val portFile = project.objects.fileProperty() @Internal var runner: DynamoDBProxyServer? = null @@ -136,13 +141,29 @@ open class DynamoDbLocalInstance : DefaultTask() { @TaskAction fun exec() { - println("Running DynamoDB local instance on port $port") + port = ServerSocket(0).use { it.localPort } + + println("Starting DynamoDB local instance on port $port") runner = ServerRunner .createServerFromCommandLineArgs(arrayOf("-inMemory", "-port", port.toString(), "-disableTelemetry")) .also { it.start() } + + portFile + .asFile + .get() + .also { println("Writing port info file to ${it.absolutePath}") } + .writeText(port.toString()) } fun stop() { + runCatching { + portFile + .asFile + .get() + .also { println("Deleting port info file at ${it.absolutePath}") } + .delete() + }.onFailure { t -> println("Failed to delete $portFile: $t") } + runner?.let { println("Stopping DynamoDB local instance on port $port") it.stop() @@ -150,12 +171,14 @@ open class DynamoDbLocalInstance : DefaultTask() { } } -val startDdbLocal = task