,")
- ServiceConfig.ConfigStructAdditionalDocs -> emptySection
- ServiceConfig.Extras -> emptySection
- }
- }
- }
-
- class PubUseEndpoint(private val runtimeConfig: RuntimeConfig) : LibRsCustomization() {
- override fun section(section: LibRsSection): Writable {
- return when (section) {
- is LibRsSection.Body -> writable {
- rust(
- "pub use #T::endpoint::Endpoint;",
- CargoDependency.smithyHttp(runtimeConfig).toType(),
- )
- }
-
- else -> emptySection
- }
- }
- }
-}
-
-fun ClientCodegenContext.isRegionalized() = getBuiltIn(Builtins.REGION) != null
diff --git a/aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/endpoints/OperationInputTestGenerator.kt b/aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/endpoints/OperationInputTestGenerator.kt
index 37ecbad73c..9d620e11cb 100644
--- a/aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/endpoints/OperationInputTestGenerator.kt
+++ b/aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/endpoints/OperationInputTestGenerator.kt
@@ -17,7 +17,6 @@ import software.amazon.smithy.rust.codegen.client.smithy.endpoint.EndpointTypesG
import software.amazon.smithy.rust.codegen.client.smithy.generators.clientInstantiator
import software.amazon.smithy.rust.codegen.core.rustlang.Attribute
import software.amazon.smithy.rust.codegen.core.rustlang.AttributeKind
-import software.amazon.smithy.rust.codegen.core.rustlang.CargoDependency
import software.amazon.smithy.rust.codegen.core.rustlang.escape
import software.amazon.smithy.rust.codegen.core.rustlang.join
import software.amazon.smithy.rust.codegen.core.rustlang.rust
@@ -25,6 +24,7 @@ import software.amazon.smithy.rust.codegen.core.rustlang.rustBlock
import software.amazon.smithy.rust.codegen.core.rustlang.rustTemplate
import software.amazon.smithy.rust.codegen.core.rustlang.writable
import software.amazon.smithy.rust.codegen.core.smithy.PublicImportSymbolProvider
+import software.amazon.smithy.rust.codegen.core.smithy.RuntimeType
import software.amazon.smithy.rust.codegen.core.smithy.RustCrate
import software.amazon.smithy.rust.codegen.core.smithy.generators.setterName
import software.amazon.smithy.rust.codegen.core.testutil.integrationTest
@@ -146,8 +146,7 @@ class OperationInputTestGenerator(_ctx: ClientCodegenContext, private val test:
let _result = dbg!(#{invoke_operation});
#{assertion}
""",
- "capture_request" to CargoDependency.smithyClient(runtimeConfig)
- .withFeature("test-util").toType().resolve("test_connection::capture_request"),
+ "capture_request" to RuntimeType.captureRequest(runtimeConfig),
"conf" to config(testOperationInput),
"invoke_operation" to operationInvocation(testOperationInput),
"assertion" to writable {
diff --git a/aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/endpoints/RequireEndpointRules.kt b/aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/endpoints/RequireEndpointRules.kt
new file mode 100644
index 0000000000..3b3b81aecc
--- /dev/null
+++ b/aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/endpoints/RequireEndpointRules.kt
@@ -0,0 +1,29 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package software.amazon.smithy.rustsdk.endpoints
+
+import software.amazon.smithy.codegen.core.CodegenException
+import software.amazon.smithy.rust.codegen.client.smithy.ClientCodegenContext
+import software.amazon.smithy.rust.codegen.client.smithy.customize.ClientCodegenDecorator
+import software.amazon.smithy.rust.codegen.client.smithy.endpoint.EndpointTypesGenerator
+import software.amazon.smithy.rust.codegen.core.smithy.RustCrate
+import software.amazon.smithy.rustsdk.sdkSettings
+
+class RequireEndpointRules : ClientCodegenDecorator {
+ override val name: String = "RequireEndpointRules"
+ override val order: Byte = 100
+ override fun extras(codegenContext: ClientCodegenContext, rustCrate: RustCrate) {
+ if (!codegenContext.sdkSettings().requireEndpointResolver) {
+ return
+ }
+ val epTypes = EndpointTypesGenerator.fromContext(codegenContext)
+ if (epTypes.defaultResolver() == null) {
+ throw CodegenException(
+ "${codegenContext.serviceShape} did not provide endpoint rules. To explicitly allow this, set `awsSdk.requireEndpointResolver: false` in smithy-build.json.",
+ )
+ }
+ }
+}
diff --git a/aws/sdk-codegen/src/test/kotlin/AwsReadmeDecoratorTest.kt b/aws/sdk-codegen/src/test/kotlin/AwsCrateDocsDecoratorTest.kt
similarity index 83%
rename from aws/sdk-codegen/src/test/kotlin/AwsReadmeDecoratorTest.kt
rename to aws/sdk-codegen/src/test/kotlin/AwsCrateDocsDecoratorTest.kt
index 5717fcc2fe..aa2485e6ae 100644
--- a/aws/sdk-codegen/src/test/kotlin/AwsReadmeDecoratorTest.kt
+++ b/aws/sdk-codegen/src/test/kotlin/AwsCrateDocsDecoratorTest.kt
@@ -5,9 +5,13 @@
import org.junit.jupiter.api.Assertions.assertEquals
import org.junit.jupiter.api.Test
-import software.amazon.smithy.rustsdk.AwsSdkReadmeGenerator
+import software.amazon.smithy.model.loader.ModelAssembler
+import software.amazon.smithy.rust.codegen.client.testutil.testClientCodegenContext
+import software.amazon.smithy.rustsdk.AwsCrateDocGenerator
+
+class AwsCrateDocsDecoratorTest {
+ private val codegenContext = testClientCodegenContext(ModelAssembler().assemble().unwrap())
-class AwsReadmeDecoratorTest {
@Test
fun `it converts description HTML into Markdown`() {
assertEquals(
@@ -18,7 +22,7 @@ class AwsReadmeDecoratorTest {
More information [can be found here](https://example.com).
""".trimIndent(),
- AwsSdkReadmeGenerator().normalizeDescription(
+ AwsCrateDocGenerator(codegenContext).normalizeDescription(
"",
"""
Some service
@@ -44,7 +48,7 @@ class AwsReadmeDecoratorTest {
More text.
""".trimIndent(),
- AwsSdkReadmeGenerator().normalizeDescription(
+ AwsCrateDocGenerator(codegenContext).normalizeDescription(
"",
"""
Some text introducing a list:
@@ -81,7 +85,7 @@ class AwsReadmeDecoratorTest {
Some trailing text.
""".trimIndent(),
- AwsSdkReadmeGenerator().normalizeDescription(
+ AwsCrateDocGenerator(codegenContext).normalizeDescription(
"",
"""
Some text introducing a description list:
diff --git a/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/EndpointsCredentialsTest.kt b/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/EndpointsCredentialsTest.kt
index 1df1a0c0e0..ea2bfe026f 100644
--- a/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/EndpointsCredentialsTest.kt
+++ b/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/EndpointsCredentialsTest.kt
@@ -6,8 +6,8 @@
package software.amazon.smithy.rustsdk
import org.junit.jupiter.api.Test
-import software.amazon.smithy.rust.codegen.core.rustlang.CargoDependency
import software.amazon.smithy.rust.codegen.core.rustlang.rustTemplate
+import software.amazon.smithy.rust.codegen.core.smithy.RuntimeType
import software.amazon.smithy.rust.codegen.core.testutil.asSmithyModel
import software.amazon.smithy.rust.codegen.core.testutil.integrationTest
import software.amazon.smithy.rust.codegen.core.testutil.tokioTest
@@ -96,8 +96,7 @@ class EndpointsCredentialsTest {
let auth_header = req.headers().get("AUTHORIZATION").unwrap().to_str().unwrap();
assert!(auth_header.contains("/us-west-2/foobaz/aws4_request"), "{}", auth_header);
""",
- "capture_request" to CargoDependency.smithyClient(context.runtimeConfig)
- .withFeature("test-util").toType().resolve("test_connection::capture_request"),
+ "capture_request" to RuntimeType.captureRequest(context.runtimeConfig),
"Credentials" to AwsCargoDependency.awsCredentialTypes(context.runtimeConfig)
.withFeature("test-util").toType().resolve("Credentials"),
"Region" to AwsRuntimeType.awsTypes(context.runtimeConfig).resolve("region::Region"),
@@ -120,8 +119,7 @@ class EndpointsCredentialsTest {
let auth_header = req.headers().get("AUTHORIZATION").unwrap().to_str().unwrap();
assert!(auth_header.contains("/region-custom-auth/name-custom-auth/aws4_request"), "{}", auth_header);
""",
- "capture_request" to CargoDependency.smithyClient(context.runtimeConfig)
- .withFeature("test-util").toType().resolve("test_connection::capture_request"),
+ "capture_request" to RuntimeType.captureRequest(context.runtimeConfig),
"Credentials" to AwsCargoDependency.awsCredentialTypes(context.runtimeConfig)
.withFeature("test-util").toType().resolve("Credentials"),
"Region" to AwsRuntimeType.awsTypes(context.runtimeConfig).resolve("region::Region"),
diff --git a/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/HttpConnectorConfigCustomizationTest.kt b/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/HttpConnectorConfigCustomizationTest.kt
index 1307a46fbb..b97952e002 100644
--- a/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/HttpConnectorConfigCustomizationTest.kt
+++ b/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/HttpConnectorConfigCustomizationTest.kt
@@ -7,30 +7,13 @@ package software.amazon.smithy.rustsdk
import org.junit.jupiter.api.Test
import software.amazon.smithy.rust.codegen.client.testutil.validateConfigCustomizations
-import software.amazon.smithy.rust.codegen.core.smithy.CoreRustSettings
import software.amazon.smithy.rust.codegen.core.testutil.TestWorkspace
-import software.amazon.smithy.rust.codegen.core.testutil.rustSettings
class HttpConnectorConfigCustomizationTest {
@Test
fun `generates a valid config`() {
val project = TestWorkspace.testProject()
- val projectSettings = project.rustSettings()
- val codegenContext = awsTestCodegenContext(
- coreRustSettings = CoreRustSettings(
- service = projectSettings.service,
- moduleName = projectSettings.moduleName,
- moduleVersion = projectSettings.moduleVersion,
- moduleAuthors = projectSettings.moduleAuthors,
- moduleDescription = projectSettings.moduleDescription,
- moduleRepository = projectSettings.moduleRepository,
- runtimeConfig = AwsTestRuntimeConfig,
- codegenConfig = projectSettings.codegenConfig,
- license = projectSettings.license,
- examplesUri = projectSettings.examplesUri,
- customizationConfig = projectSettings.customizationConfig,
- ),
- )
+ val codegenContext = awsTestCodegenContext()
validateConfigCustomizations(HttpConnectorConfigCustomization(codegenContext), project)
}
}
diff --git a/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/RegionProviderConfigTest.kt b/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/RegionProviderConfigTest.kt
index 8d69fb2c86..9d2e865a64 100644
--- a/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/RegionProviderConfigTest.kt
+++ b/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/RegionProviderConfigTest.kt
@@ -6,8 +6,8 @@
package software.amazon.smithy.rustsdk
import org.junit.jupiter.api.Test
+import software.amazon.smithy.rust.codegen.client.testutil.testClientRustSettings
import software.amazon.smithy.rust.codegen.client.testutil.validateConfigCustomizations
-import software.amazon.smithy.rust.codegen.core.smithy.CoreRustSettings
import software.amazon.smithy.rust.codegen.core.testutil.TestWorkspace
import software.amazon.smithy.rust.codegen.core.testutil.rustSettings
@@ -15,21 +15,12 @@ internal class RegionProviderConfigTest {
@Test
fun `generates a valid config`() {
val project = TestWorkspace.testProject()
- val projectSettings = project.rustSettings()
- val coreRustSettings = CoreRustSettings(
- service = projectSettings.service,
- moduleName = projectSettings.moduleName,
- moduleVersion = projectSettings.moduleVersion,
- moduleAuthors = projectSettings.moduleAuthors,
- moduleDescription = projectSettings.moduleDescription,
- moduleRepository = projectSettings.moduleRepository,
- runtimeConfig = AwsTestRuntimeConfig,
- codegenConfig = projectSettings.codegenConfig,
- license = projectSettings.license,
- examplesUri = projectSettings.examplesUri,
- customizationConfig = projectSettings.customizationConfig,
+ val codegenContext = awsTestCodegenContext(
+ settings = testClientRustSettings(
+ moduleName = project.rustSettings().moduleName,
+ runtimeConfig = AwsTestRuntimeConfig,
+ ),
)
- val codegenContext = awsTestCodegenContext(coreRustSettings = coreRustSettings)
validateConfigCustomizations(RegionProviderConfig(codegenContext), project)
}
}
diff --git a/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/TestUtil.kt b/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/TestUtil.kt
index 8db0d6a1df..f24dd88408 100644
--- a/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/TestUtil.kt
+++ b/aws/sdk-codegen/src/test/kotlin/software/amazon/smithy/rustsdk/TestUtil.kt
@@ -8,14 +8,15 @@ package software.amazon.smithy.rustsdk
import software.amazon.smithy.model.Model
import software.amazon.smithy.model.node.ObjectNode
import software.amazon.smithy.rust.codegen.client.smithy.ClientCodegenContext
+import software.amazon.smithy.rust.codegen.client.smithy.ClientRustSettings
import software.amazon.smithy.rust.codegen.client.testutil.clientIntegrationTest
-import software.amazon.smithy.rust.codegen.client.testutil.testCodegenContext
-import software.amazon.smithy.rust.codegen.core.smithy.CoreRustSettings
+import software.amazon.smithy.rust.codegen.client.testutil.testClientCodegenContext
+import software.amazon.smithy.rust.codegen.client.testutil.testClientRustSettings
import software.amazon.smithy.rust.codegen.core.smithy.RuntimeCrateLocation
import software.amazon.smithy.rust.codegen.core.smithy.RustCrate
+import software.amazon.smithy.rust.codegen.core.testutil.IntegrationTestParams
import software.amazon.smithy.rust.codegen.core.testutil.TestRuntimeConfig
import software.amazon.smithy.rust.codegen.core.testutil.asSmithyModel
-import software.amazon.smithy.rust.codegen.core.testutil.testRustSettings
import java.io.File
// In aws-sdk-codegen, the working dir when gradle runs tests is actually `./aws`. So, to find the smithy runtime, we need
@@ -28,10 +29,10 @@ val AwsTestRuntimeConfig = TestRuntimeConfig.copy(
},
)
-fun awsTestCodegenContext(model: Model? = null, coreRustSettings: CoreRustSettings?) =
- testCodegenContext(
+fun awsTestCodegenContext(model: Model? = null, settings: ClientRustSettings? = null) =
+ testClientCodegenContext(
model ?: "namespace test".asSmithyModel(),
- settings = coreRustSettings ?: testRustSettings(runtimeConfig = AwsTestRuntimeConfig),
+ settings = settings ?: testClientRustSettings(runtimeConfig = AwsTestRuntimeConfig),
)
fun awsSdkIntegrationTest(
@@ -39,18 +40,27 @@ fun awsSdkIntegrationTest(
test: (ClientCodegenContext, RustCrate) -> Unit = { _, _ -> },
) =
clientIntegrationTest(
- model, runtimeConfig = AwsTestRuntimeConfig,
- additionalSettings = ObjectNode.builder()
- .withMember(
+ model,
+ IntegrationTestParams(
+ runtimeConfig = AwsTestRuntimeConfig,
+ additionalSettings = ObjectNode.builder().withMember(
"customizationConfig",
ObjectNode.builder()
.withMember(
"awsSdk",
ObjectNode.builder()
+ .withMember("generateReadme", false)
.withMember("integrationTestPath", "../sdk/integration-tests")
.build(),
).build(),
)
- .withMember("codegen", ObjectNode.builder().withMember("includeFluentClient", false).build()).build(),
+ .withMember(
+ "codegen",
+ ObjectNode.builder()
+ .withMember("includeFluentClient", false)
+ .withMember("enableNewCrateOrganizationScheme", true)
+ .build(),
+ ).build(),
+ ),
test = test,
)
diff --git a/aws/sdk/aws-models/config.json b/aws/sdk/aws-models/config.json
index 5cc02d27fb..7ca3f50448 100644
--- a/aws/sdk/aws-models/config.json
+++ b/aws/sdk/aws-models/config.json
@@ -12896,7 +12896,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -12925,13 +12925,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -12939,14 +12938,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -12955,67 +12960,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -13024,179 +13004,240 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://config-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://config-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
{
"conditions": [
{
- "fn": "stringEquals",
+ "fn": "booleanEquals",
"argv": [
- "aws-us-gov",
+ true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "name"
+ "supportsFIPS"
]
}
]
}
],
- "endpoint": {
- "url": "https://config.{Region}.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ "aws-us-gov",
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "name"
+ ]
+ }
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://config.{Region}.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://config-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
},
{
"conditions": [],
- "endpoint": {
- "url": "https://config-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://config.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
+ }
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
@@ -13204,7 +13245,7 @@
{
"conditions": [],
"endpoint": {
- "url": "https://config.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://config.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -13213,28 +13254,13 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://config.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -13243,16 +13269,16 @@
"smithy.rules#endpointTests": {
"testCases": [
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.sa-east-1.amazonaws.com"
+ "url": "https://config.af-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "af-south-1",
"UseDualStack": false,
- "Region": "sa-east-1"
+ "UseFIPS": false
}
},
{
@@ -13263,321 +13289,321 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-east-1",
"UseDualStack": false,
- "Region": "ap-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.eu-south-1.amazonaws.com"
+ "url": "https://config.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-1",
"UseDualStack": false,
- "Region": "eu-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.eu-central-1.amazonaws.com"
+ "url": "https://config.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-2",
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.ap-southeast-1.amazonaws.com"
+ "url": "https://config.ap-northeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-3",
"UseDualStack": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.ap-southeast-2.amazonaws.com"
+ "url": "https://config.ap-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-south-1",
"UseDualStack": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.ap-southeast-3.amazonaws.com"
+ "url": "https://config.ap-southeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-1",
"UseDualStack": false,
- "Region": "ap-southeast-3"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.ca-central-1.amazonaws.com"
+ "url": "https://config.ap-southeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-2",
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-west-1.amazonaws.com"
+ "url": "https://config.ap-southeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-3",
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config-fips.us-west-1.amazonaws.com"
+ "url": "https://config.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-west-2.amazonaws.com"
+ "url": "https://config.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-central-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config-fips.us-west-2.amazonaws.com"
+ "url": "https://config.eu-north-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "eu-north-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.af-south-1.amazonaws.com"
+ "url": "https://config.eu-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-south-1",
"UseDualStack": false,
- "Region": "af-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.ap-south-1.amazonaws.com"
+ "url": "https://config.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-1",
"UseDualStack": false,
- "Region": "ap-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.ap-northeast-1.amazonaws.com"
+ "url": "https://config.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-2",
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.ap-northeast-2.amazonaws.com"
+ "url": "https://config.eu-west-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-3",
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.ap-northeast-3.amazonaws.com"
+ "url": "https://config.me-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "me-south-1",
"UseDualStack": false,
- "Region": "ap-northeast-3"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-east-1.amazonaws.com"
+ "url": "https://config.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "sa-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config-fips.us-east-1.amazonaws.com"
+ "url": "https://config.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.eu-west-1.amazonaws.com"
+ "url": "https://config-fips.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "eu-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.eu-west-2.amazonaws.com"
+ "url": "https://config.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "eu-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.eu-west-3.amazonaws.com"
+ "url": "https://config-fips.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "eu-west-3"
+ "UseFIPS": true
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.me-south-1.amazonaws.com"
+ "url": "https://config.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-1",
"UseDualStack": false,
- "Region": "me-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.eu-north-1.amazonaws.com"
+ "url": "https://config-fips.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-1",
"UseDualStack": false,
- "Region": "eu-north-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-east-2.amazonaws.com"
+ "url": "https://config.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config-fips.us-east-2.amazonaws.com"
+ "url": "https://config-fips.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": true
}
},
{
@@ -13588,9 +13614,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
@@ -13601,230 +13627,243 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-gov-west-1.amazonaws.com"
+ "url": "https://config.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-gov-west-1.amazonaws.com"
+ "url": "https://config.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-northwest-1",
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://config.us-gov-east-1.amazonaws.com"
+ "url": "https://config-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "us-gov-east-1"
+ "Region": "cn-north-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-gov-east-1.amazonaws.com"
+ "url": "https://config-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://config-fips.us-gov-east-1.api.aws"
+ "url": "https://config.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-gov-east-1.api.aws"
+ "url": "https://config.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "us-gov-east-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://config.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://config.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://config.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "Region": "cn-northwest-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://config.cn-north-1.amazonaws.com.cn"
+ "url": "https://config-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "cn-north-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://config-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://config.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-east-1",
"UseDualStack": true,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://config.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://config.us-iso-west-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "us-iso-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-iso-west-1.c2s.ic.gov"
+ "url": "https://config-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "us-iso-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config.us-iso-east-1.c2s.ic.gov"
+ "url": "https://config.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://config-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://config-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
+ "Region": "us-east-1",
+ "UseDualStack": false,
"UseFIPS": false,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
"UseDualStack": false,
- "Region": "us-east-1",
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -13834,9 +13873,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
"Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true,
"Endpoint": "https://example.com"
}
},
@@ -13846,9 +13885,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
"Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
}
diff --git a/aws/sdk/aws-models/dynamodb.json b/aws/sdk/aws-models/dynamodb.json
index 49728c9f9e..c6a6550e5b 100644
--- a/aws/sdk/aws-models/dynamodb.json
+++ b/aws/sdk/aws-models/dynamodb.json
@@ -44,7 +44,7 @@
"ArchivalReason": {
"target": "com.amazonaws.dynamodb#ArchivalReason",
"traits": {
- "smithy.api#documentation": "
The reason DynamoDB archived the table. Currently, the only possible value is:
\n\n "
+ "smithy.api#documentation": "The reason DynamoDB archived the table. Currently, the only possible value is:
\n "
}
},
"ArchivalBackupArn": {
@@ -94,7 +94,7 @@
"AttributeType": {
"target": "com.amazonaws.dynamodb#ScalarAttributeType",
"traits": {
- "smithy.api#documentation": "The data type for the attribute, where:
\n \n - \n
\n S - the attribute is of type String
\n \n - \n
\n N - the attribute is of type Number
\n \n - \n
\n B - the attribute is of type Binary
\n \n
",
+ "smithy.api#documentation": "The data type for the attribute, where:
\n \n - \n
\n S - the attribute is of type String
\n \n - \n
\n N - the attribute is of type Number
\n \n - \n
\n B - the attribute is of type Binary
\n \n
",
"smithy.api#required": {}
}
}
@@ -153,66 +153,66 @@
"S": {
"target": "com.amazonaws.dynamodb#StringAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type String. For example:
\n \n \"S\": \"Hello\"\n
"
+ "smithy.api#documentation": "An attribute of type String. For example:
\n \n \"S\": \"Hello\"\n
"
}
},
"N": {
"target": "com.amazonaws.dynamodb#NumberAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type Number. For example:
\n \n \"N\": \"123.45\"\n
\n Numbers are sent across the network to DynamoDB as strings, to maximize compatibility\n across languages and libraries. However, DynamoDB treats them as number type attributes\n for mathematical operations.
"
+ "smithy.api#documentation": "An attribute of type Number. For example:
\n \n \"N\": \"123.45\"\n
\n Numbers are sent across the network to DynamoDB as strings, to maximize compatibility\n across languages and libraries. However, DynamoDB treats them as number type attributes\n for mathematical operations.
"
}
},
"B": {
"target": "com.amazonaws.dynamodb#BinaryAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type Binary. For example:
\n \n \"B\": \"dGhpcyB0ZXh0IGlzIGJhc2U2NC1lbmNvZGVk\"\n
"
+ "smithy.api#documentation": "An attribute of type Binary. For example:
\n \n \"B\": \"dGhpcyB0ZXh0IGlzIGJhc2U2NC1lbmNvZGVk\"\n
"
}
},
"SS": {
"target": "com.amazonaws.dynamodb#StringSetAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type String Set. For example:
\n \n \"SS\": [\"Giraffe\", \"Hippo\" ,\"Zebra\"]\n
"
+ "smithy.api#documentation": "An attribute of type String Set. For example:
\n \n \"SS\": [\"Giraffe\", \"Hippo\" ,\"Zebra\"]\n
"
}
},
"NS": {
"target": "com.amazonaws.dynamodb#NumberSetAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type Number Set. For example:
\n \n \"NS\": [\"42.2\", \"-19\", \"7.5\", \"3.14\"]\n
\n Numbers are sent across the network to DynamoDB as strings, to maximize compatibility\n across languages and libraries. However, DynamoDB treats them as number type attributes\n for mathematical operations.
"
+ "smithy.api#documentation": "An attribute of type Number Set. For example:
\n \n \"NS\": [\"42.2\", \"-19\", \"7.5\", \"3.14\"]\n
\n Numbers are sent across the network to DynamoDB as strings, to maximize compatibility\n across languages and libraries. However, DynamoDB treats them as number type attributes\n for mathematical operations.
"
}
},
"BS": {
"target": "com.amazonaws.dynamodb#BinarySetAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type Binary Set. For example:
\n \n \"BS\": [\"U3Vubnk=\", \"UmFpbnk=\", \"U25vd3k=\"]\n
"
+ "smithy.api#documentation": "An attribute of type Binary Set. For example:
\n \n \"BS\": [\"U3Vubnk=\", \"UmFpbnk=\", \"U25vd3k=\"]\n
"
}
},
"M": {
"target": "com.amazonaws.dynamodb#MapAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type Map. For example:
\n \n \"M\": {\"Name\": {\"S\": \"Joe\"}, \"Age\": {\"N\": \"35\"}}\n
"
+ "smithy.api#documentation": "An attribute of type Map. For example:
\n \n \"M\": {\"Name\": {\"S\": \"Joe\"}, \"Age\": {\"N\": \"35\"}}\n
"
}
},
"L": {
"target": "com.amazonaws.dynamodb#ListAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type List. For example:
\n \n \"L\": [ {\"S\": \"Cookies\"} , {\"S\": \"Coffee\"}, {\"N\": \"3.14159\"}]\n
"
+ "smithy.api#documentation": "An attribute of type List. For example:
\n \n \"L\": [ {\"S\": \"Cookies\"} , {\"S\": \"Coffee\"}, {\"N\": \"3.14159\"}]\n
"
}
},
"NULL": {
"target": "com.amazonaws.dynamodb#NullAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type Null. For example:
\n \n \"NULL\": true\n
"
+ "smithy.api#documentation": "An attribute of type Null. For example:
\n \n \"NULL\": true\n
"
}
},
"BOOL": {
"target": "com.amazonaws.dynamodb#BooleanAttributeValue",
"traits": {
- "smithy.api#documentation": "An attribute of type Boolean. For example:
\n \n \"BOOL\": true\n
"
+ "smithy.api#documentation": "An attribute of type Boolean. For example:
\n \n \"BOOL\": true\n
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the data for an attribute.
\n Each attribute value is described as a name-value pair. The name is the data type, and\n the value is the data itself.
\n For more information, see Data Types in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "Represents the data for an attribute.
\n Each attribute value is described as a name-value pair. The name is the data type, and\n the value is the data itself.
\n For more information, see Data Types in the Amazon DynamoDB Developer\n Guide.
"
}
},
"com.amazonaws.dynamodb#AttributeValueList": {
@@ -227,18 +227,18 @@
"Value": {
"target": "com.amazonaws.dynamodb#AttributeValue",
"traits": {
- "smithy.api#documentation": "Represents the data for an attribute.
\n Each attribute value is described as a name-value pair. The name is the data type, and\n the value is the data itself.
\n For more information, see Data Types in the Amazon DynamoDB Developer Guide.\n
"
+ "smithy.api#documentation": "Represents the data for an attribute.
\n Each attribute value is described as a name-value pair. The name is the data type, and\n the value is the data itself.
\n For more information, see Data Types in the Amazon DynamoDB Developer Guide.\n
"
}
},
"Action": {
"target": "com.amazonaws.dynamodb#AttributeAction",
"traits": {
- "smithy.api#documentation": "Specifies how to perform the update. Valid values are PUT (default),\n DELETE, and ADD. The behavior depends on whether the\n specified primary key already exists in the table.
\n\n \n If an item with the specified Key is found in\n the table:\n
\n\n \n - \n
\n PUT - Adds the specified attribute to the item. If the attribute\n already exists, it is replaced by the new value.
\n \n - \n
\n DELETE - If no value is specified, the attribute and its value are\n removed from the item. The data type of the specified value must match the\n existing value's data type.
\n If a set of values is specified, then those values are\n subtracted from the old set. For example, if the attribute value was the set\n [a,b,c] and the DELETE action specified\n [a,c], then the final attribute value would be\n [b]. Specifying an empty set is an error.
\n \n - \n
\n ADD - If the attribute does not already exist, then the attribute\n and its values are added to the item. If the attribute does exist, then the\n behavior of ADD depends on the data type of the attribute:
\n \n - \n
If the existing attribute is a number, and if Value is\n also a number, then the Value is mathematically added to\n the existing attribute. If Value is a negative number, then\n it is subtracted from the existing attribute.
\n \n If you use ADD to increment or decrement a number\n value for an item that doesn't exist before the update, DynamoDB\n uses 0 as the initial value.
\n In addition, if you use ADD to update an existing\n item, and intend to increment or decrement an attribute value which\n does not yet exist, DynamoDB uses 0 as the initial\n value. For example, suppose that the item you want to update does\n not yet have an attribute named itemcount, but\n you decide to ADD the number 3 to this\n attribute anyway, even though it currently does not exist. DynamoDB\n will create the itemcount attribute, set its\n initial value to 0, and finally add 3 to\n it. The result will be a new itemcount\n attribute in the item, with a value of 3.
\n \n \n - \n
If the existing data type is a set, and if the Value is\n also a set, then the Value is added to the existing set.\n (This is a set operation, not mathematical\n addition.) For example, if the attribute value was the set\n [1,2], and the ADD action specified\n [3], then the final attribute value would be\n [1,2,3]. An error occurs if an Add action is specified\n for a set attribute and the attribute type specified does not match the\n existing set type.
\n Both sets must have the same primitive data type. For example, if the\n existing data type is a set of strings, the Value must also\n be a set of strings. The same holds true for number sets and binary\n sets.
\n \n
\n This action is only valid for an existing attribute whose data type is number\n or is a set. Do not use ADD for any other data types.
\n \n
\n\n \n If no item with the specified Key is\n found:\n
\n\n \n - \n
\n PUT - DynamoDB creates a new item with the specified primary key,\n and then adds the attribute.
\n \n - \n
\n DELETE - Nothing happens; there is no attribute to delete.
\n \n - \n
\n ADD - DynamoDB creates a new item with the supplied primary key and\n number (or set) for the attribute value. The only data types allowed are number,\n number set, string set or binary set.
\n \n
"
+ "smithy.api#documentation": "Specifies how to perform the update. Valid values are PUT (default),\n DELETE, and ADD. The behavior depends on whether the\n specified primary key already exists in the table.
\n \n If an item with the specified Key is found in\n the table:\n
\n \n - \n
\n PUT - Adds the specified attribute to the item. If the attribute\n already exists, it is replaced by the new value.
\n \n - \n
\n DELETE - If no value is specified, the attribute and its value are\n removed from the item. The data type of the specified value must match the\n existing value's data type.
\n If a set of values is specified, then those values are\n subtracted from the old set. For example, if the attribute value was the set\n [a,b,c] and the DELETE action specified\n [a,c], then the final attribute value would be\n [b]. Specifying an empty set is an error.
\n \n - \n
\n ADD - If the attribute does not already exist, then the attribute\n and its values are added to the item. If the attribute does exist, then the\n behavior of ADD depends on the data type of the attribute:
\n \n - \n
If the existing attribute is a number, and if Value is\n also a number, then the Value is mathematically added to\n the existing attribute. If Value is a negative number, then\n it is subtracted from the existing attribute.
\n \n If you use ADD to increment or decrement a number\n value for an item that doesn't exist before the update, DynamoDB\n uses 0 as the initial value.
\n In addition, if you use ADD to update an existing\n item, and intend to increment or decrement an attribute value which\n does not yet exist, DynamoDB uses 0 as the initial\n value. For example, suppose that the item you want to update does\n not yet have an attribute named itemcount, but\n you decide to ADD the number 3 to this\n attribute anyway, even though it currently does not exist. DynamoDB\n will create the itemcount attribute, set its\n initial value to 0, and finally add 3 to\n it. The result will be a new itemcount\n attribute in the item, with a value of 3.
\n \n \n - \n
If the existing data type is a set, and if the Value is\n also a set, then the Value is added to the existing set.\n (This is a set operation, not mathematical\n addition.) For example, if the attribute value was the set\n [1,2], and the ADD action specified\n [3], then the final attribute value would be\n [1,2,3]. An error occurs if an Add action is specified\n for a set attribute and the attribute type specified does not match the\n existing set type.
\n Both sets must have the same primitive data type. For example, if the\n existing data type is a set of strings, the Value must also\n be a set of strings. The same holds true for number sets and binary\n sets.
\n \n
\n This action is only valid for an existing attribute whose data type is number\n or is a set. Do not use ADD for any other data types.
\n \n
\n \n If no item with the specified Key is\n found:\n
\n \n - \n
\n PUT - DynamoDB creates a new item with the specified primary key,\n and then adds the attribute.
\n \n - \n
\n DELETE - Nothing happens; there is no attribute to delete.
\n \n - \n
\n ADD - DynamoDB creates a new item with the supplied primary key and\n number (or set) for the attribute value. The only data types allowed are number,\n number set, string set or binary set.
\n \n
"
}
}
},
"traits": {
- "smithy.api#documentation": "For the UpdateItem operation, represents the attributes to be modified,\n the action to perform on each, and the new value for each.
\n \n You cannot use UpdateItem to update any primary key attributes.\n Instead, you will need to delete the item, and then use PutItem to\n create a new item with new attributes.
\n \n Attribute values cannot be null; string and binary type attributes must have lengths\n greater than zero; and set type attributes must not be empty. Requests with empty values\n will be rejected with a ValidationException exception.
"
+ "smithy.api#documentation": "For the UpdateItem operation, represents the attributes to be modified,\n the action to perform on each, and the new value for each.
\n \n You cannot use UpdateItem to update any primary key attributes.\n Instead, you will need to delete the item, and then use PutItem to\n create a new item with new attributes.
\n \n Attribute values cannot be null; string and binary type attributes must have lengths\n greater than zero; and set type attributes must not be empty. Requests with empty values\n will be rejected with a ValidationException exception.
"
}
},
"com.amazonaws.dynamodb#AutoScalingPolicyDescription": {
@@ -406,7 +406,7 @@
}
},
"TargetValue": {
- "target": "com.amazonaws.dynamodb#Double",
+ "target": "com.amazonaws.dynamodb#DoubleObject",
"traits": {
"smithy.api#documentation": "The target value for the metric. The range is 8.515920e-109 to 1.174271e+108 (Base 10)\n or 2e-360 to 2e360 (Base 2).
",
"smithy.api#required": {}
@@ -439,7 +439,7 @@
}
},
"TargetValue": {
- "target": "com.amazonaws.dynamodb#Double",
+ "target": "com.amazonaws.dynamodb#DoubleObject",
"traits": {
"smithy.api#documentation": "The target value for the metric. The range is 8.515920e-109 to 1.174271e+108 (Base 10)\n or 2e-360 to 2e360 (Base 2).
",
"smithy.api#required": {}
@@ -524,7 +524,7 @@
"BackupType": {
"target": "com.amazonaws.dynamodb#BackupType",
"traits": {
- "smithy.api#documentation": "BackupType:
\n \n - \n
\n USER - You create and manage these using the on-demand backup\n feature.
\n \n - \n
\n SYSTEM - If you delete a table with point-in-time recovery enabled,\n a SYSTEM backup is automatically created and is retained for 35\n days (at no additional cost). System backups allow you to restore the deleted\n table to the state it was in just before the point of deletion.
\n \n - \n
\n AWS_BACKUP - On-demand backup created by you from Backup service.
\n \n
",
+ "smithy.api#documentation": "BackupType:
\n \n - \n
\n USER - You create and manage these using the on-demand backup\n feature.
\n \n - \n
\n SYSTEM - If you delete a table with point-in-time recovery enabled,\n a SYSTEM backup is automatically created and is retained for 35\n days (at no additional cost). System backups allow you to restore the deleted\n table to the state it was in just before the point of deletion.
\n \n - \n
\n AWS_BACKUP - On-demand backup created by you from Backup service.
\n \n
",
"smithy.api#required": {}
}
},
@@ -671,7 +671,7 @@
"BackupType": {
"target": "com.amazonaws.dynamodb#BackupType",
"traits": {
- "smithy.api#documentation": "BackupType:
\n \n - \n
\n USER - You create and manage these using the on-demand backup\n feature.
\n \n - \n
\n SYSTEM - If you delete a table with point-in-time recovery enabled,\n a SYSTEM backup is automatically created and is retained for 35\n days (at no additional cost). System backups allow you to restore the deleted\n table to the state it was in just before the point of deletion.
\n \n - \n
\n AWS_BACKUP - On-demand backup created by you from Backup service.
\n \n
"
+ "smithy.api#documentation": "BackupType:
\n \n - \n
\n USER - You create and manage these using the on-demand backup\n feature.
\n \n - \n
\n SYSTEM - If you delete a table with point-in-time recovery enabled,\n a SYSTEM backup is automatically created and is retained for 35\n days (at no additional cost). System backups allow you to restore the deleted\n table to the state it was in just before the point of deletion.
\n \n - \n
\n AWS_BACKUP - On-demand backup created by you from Backup service.
\n \n
"
}
},
"BackupSizeBytes": {
@@ -763,7 +763,7 @@
}
],
"traits": {
- "smithy.api#documentation": "This operation allows you to perform batch reads or writes on data stored in DynamoDB,\n using PartiQL. Each read statement in a BatchExecuteStatement must specify\n an equality condition on all key attributes. This enforces that each SELECT\n statement in a batch returns at most a single item.
\n \n The entire batch must consist of either read statements or write statements, you\n cannot mix both in one batch.
\n \n \n A HTTP 200 response does not mean that all statements in the BatchExecuteStatement\n succeeded. Error details for individual statements can be found under the Error field of the BatchStatementResponse for each\n statement.
\n "
+ "smithy.api#documentation": "This operation allows you to perform batch reads or writes on data stored in DynamoDB,\n using PartiQL. Each read statement in a BatchExecuteStatement must specify\n an equality condition on all key attributes. This enforces that each SELECT\n statement in a batch returns at most a single item.
\n \n The entire batch must consist of either read statements or write statements, you\n cannot mix both in one batch.
\n \n \n A HTTP 200 response does not mean that all statements in the BatchExecuteStatement\n succeeded. Error details for individual statements can be found under the Error field of the BatchStatementResponse for each\n statement.
\n "
}
},
"com.amazonaws.dynamodb#BatchExecuteStatementInput": {
@@ -779,6 +779,9 @@
"ReturnConsumedCapacity": {
"target": "com.amazonaws.dynamodb#ReturnConsumedCapacity"
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#BatchExecuteStatementOutput": {
@@ -796,6 +799,9 @@
"smithy.api#documentation": "The capacity units consumed by the entire operation. The values of the list are\n ordered according to the ordering of the statements.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#BatchGetItem": {
@@ -827,7 +833,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "The BatchGetItem operation returns the attributes of one or more items\n from one or more tables. You identify requested items by primary key.
\n A single operation can retrieve up to 16 MB of data, which can contain as many as 100\n items. BatchGetItem returns a partial result if the response size limit is\n exceeded, the table's provisioned throughput is exceeded, or an internal processing\n failure occurs. If a partial result is returned, the operation returns a value for\n UnprocessedKeys. You can use this value to retry the operation starting\n with the next item to get.
\n \n If you request more than 100 items, BatchGetItem returns a\n ValidationException with the message \"Too many items requested for\n the BatchGetItem call.\"
\n \n For example, if you ask to retrieve 100 items, but each individual item is 300 KB in\n size, the system returns 52 items (so as not to exceed the 16 MB limit). It also returns\n an appropriate UnprocessedKeys value so you can get the next page of\n results. If desired, your application can include its own logic to assemble the pages of\n results into one dataset.
\n If none of the items can be processed due to insufficient\n provisioned throughput on all of the tables in the request, then\n BatchGetItem returns a\n ProvisionedThroughputExceededException. If at least\n one of the items is successfully processed, then\n BatchGetItem completes successfully, while returning the keys of the\n unread items in UnprocessedKeys.
\n \n If DynamoDB returns any unprocessed items, you should retry the batch operation on\n those items. However, we strongly recommend that you use an exponential\n backoff algorithm. If you retry the batch operation immediately, the\n underlying read or write requests can still fail due to throttling on the individual\n tables. If you delay the batch operation using exponential backoff, the individual\n requests in the batch are much more likely to succeed.
\n For more information, see Batch Operations and Error Handling in the Amazon DynamoDB\n Developer Guide.
\n \n By default, BatchGetItem performs eventually consistent reads on every\n table in the request. If you want strongly consistent reads instead, you can set\n ConsistentRead to true for any or all tables.
\n In order to minimize response latency, BatchGetItem retrieves items in\n parallel.
\n When designing your application, keep in mind that DynamoDB does not return items in\n any particular order. To help parse the response by item, include the primary key values\n for the items in your request in the ProjectionExpression parameter.
\n If a requested item does not exist, it is not returned in the result. Requests for\n nonexistent items consume the minimum read capacity units according to the type of read.\n For more information, see Working with Tables in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "The BatchGetItem operation returns the attributes of one or more items\n from one or more tables. You identify requested items by primary key.
\n A single operation can retrieve up to 16 MB of data, which can contain as many as 100\n items. BatchGetItem returns a partial result if the response size limit is\n exceeded, the table's provisioned throughput is exceeded, or an internal processing\n failure occurs. If a partial result is returned, the operation returns a value for\n UnprocessedKeys. You can use this value to retry the operation starting\n with the next item to get.
\n \n If you request more than 100 items, BatchGetItem returns a\n ValidationException with the message \"Too many items requested for\n the BatchGetItem call.\"
\n \n For example, if you ask to retrieve 100 items, but each individual item is 300 KB in\n size, the system returns 52 items (so as not to exceed the 16 MB limit). It also returns\n an appropriate UnprocessedKeys value so you can get the next page of\n results. If desired, your application can include its own logic to assemble the pages of\n results into one dataset.
\n If none of the items can be processed due to insufficient\n provisioned throughput on all of the tables in the request, then\n BatchGetItem returns a\n ProvisionedThroughputExceededException. If at least\n one of the items is successfully processed, then\n BatchGetItem completes successfully, while returning the keys of the\n unread items in UnprocessedKeys.
\n \n If DynamoDB returns any unprocessed items, you should retry the batch operation on\n those items. However, we strongly recommend that you use an exponential\n backoff algorithm. If you retry the batch operation immediately, the\n underlying read or write requests can still fail due to throttling on the individual\n tables. If you delay the batch operation using exponential backoff, the individual\n requests in the batch are much more likely to succeed.
\n For more information, see Batch Operations and Error Handling in the Amazon DynamoDB\n Developer Guide.
\n \n By default, BatchGetItem performs eventually consistent reads on every\n table in the request. If you want strongly consistent reads instead, you can set\n ConsistentRead to true for any or all tables.
\n In order to minimize response latency, BatchGetItem retrieves items in\n parallel.
\n When designing your application, keep in mind that DynamoDB does not return items in\n any particular order. To help parse the response by item, include the primary key values\n for the items in your request in the ProjectionExpression parameter.
\n If a requested item does not exist, it is not returned in the result. Requests for\n nonexistent items consume the minimum read capacity units according to the type of read.\n For more information, see Working with Tables in the Amazon DynamoDB Developer\n Guide.
"
}
},
"com.amazonaws.dynamodb#BatchGetItemInput": {
@@ -836,7 +842,7 @@
"RequestItems": {
"target": "com.amazonaws.dynamodb#BatchGetRequestMap",
"traits": {
- "smithy.api#documentation": "A map of one or more table names and, for each table, a map that describes one or more\n items to retrieve from that table. Each table name can be used only once per\n BatchGetItem request.
\n Each element in the map of items to retrieve consists of the following:
\n \n - \n
\n ConsistentRead - If true, a strongly consistent read\n is used; if false (the default), an eventually consistent read is\n used.
\n \n - \n
\n ExpressionAttributeNames - One or more substitution tokens for\n attribute names in the ProjectionExpression parameter. The\n following are some use cases for using\n ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name\n in an expression.
\n \n - \n
To prevent special characters in an attribute name from being\n misinterpreted in an expression.
\n \n
\n Use the # character in an expression to\n dereference an attribute name. For example, consider the following attribute\n name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be\n used directly in an expression. (For the complete list of reserved words, see\n Reserved\n Words in the Amazon DynamoDB Developer Guide).\n To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this\n example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character\n are expression attribute values, which are placeholders\n for the actual value at runtime.
\n \n For more information about expression attribute names, see Accessing Item Attributes in the Amazon DynamoDB\n Developer Guide.
\n \n - \n
\n Keys - An array of primary key attribute values that define\n specific items in the table. For each primary key, you must provide\n all of the key attributes. For example, with a simple\n primary key, you only need to provide the partition key value. For a composite\n key, you must provide both the partition key value and the\n sort key value.
\n \n - \n
\n ProjectionExpression - A string that identifies one or more\n attributes to retrieve from the table. These attributes can include scalars,\n sets, or elements of a JSON document. The attributes in the expression must be\n separated by commas.
\n If no attribute names are specified, then all attributes are returned. If any\n of the requested attributes are not found, they do not appear in the\n result.
\n For more information, see Accessing Item Attributes in the Amazon DynamoDB\n Developer Guide.
\n \n - \n
\n AttributesToGet - This is a legacy parameter. Use\n ProjectionExpression instead. For more information, see AttributesToGet in the Amazon DynamoDB Developer\n Guide.
\n\n \n
",
+ "smithy.api#documentation": "A map of one or more table names and, for each table, a map that describes one or more\n items to retrieve from that table. Each table name can be used only once per\n BatchGetItem request.
\n Each element in the map of items to retrieve consists of the following:
\n \n - \n
\n ConsistentRead - If true, a strongly consistent read\n is used; if false (the default), an eventually consistent read is\n used.
\n \n - \n
\n ExpressionAttributeNames - One or more substitution tokens for\n attribute names in the ProjectionExpression parameter. The\n following are some use cases for using\n ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name\n in an expression.
\n \n - \n
To prevent special characters in an attribute name from being\n misinterpreted in an expression.
\n \n
\n Use the # character in an expression to\n dereference an attribute name. For example, consider the following attribute\n name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be\n used directly in an expression. (For the complete list of reserved words, see\n Reserved\n Words in the Amazon DynamoDB Developer Guide).\n To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this\n example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character\n are expression attribute values, which are placeholders\n for the actual value at runtime.
\n \n For more information about expression attribute names, see Accessing Item Attributes in the Amazon DynamoDB\n Developer Guide.
\n \n - \n
\n Keys - An array of primary key attribute values that define\n specific items in the table. For each primary key, you must provide\n all of the key attributes. For example, with a simple\n primary key, you only need to provide the partition key value. For a composite\n key, you must provide both the partition key value and the\n sort key value.
\n \n - \n
\n ProjectionExpression - A string that identifies one or more\n attributes to retrieve from the table. These attributes can include scalars,\n sets, or elements of a JSON document. The attributes in the expression must be\n separated by commas.
\n If no attribute names are specified, then all attributes are returned. If any\n of the requested attributes are not found, they do not appear in the\n result.
\n For more information, see Accessing Item Attributes in the Amazon DynamoDB\n Developer Guide.
\n \n - \n
\n AttributesToGet - This is a legacy parameter. Use\n ProjectionExpression instead. For more information, see AttributesToGet in the Amazon DynamoDB Developer\n Guide.
\n \n
",
"smithy.api#required": {}
}
},
@@ -845,7 +851,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a BatchGetItem operation.
"
+ "smithy.api#documentation": "Represents the input of a BatchGetItem operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#BatchGetItemOutput": {
@@ -860,18 +867,19 @@
"UnprocessedKeys": {
"target": "com.amazonaws.dynamodb#BatchGetRequestMap",
"traits": {
- "smithy.api#documentation": "A map of tables and their respective keys that were not processed with the current\n response. The UnprocessedKeys value is in the same form as\n RequestItems, so the value can be provided directly to a subsequent\n BatchGetItem operation. For more information, see\n RequestItems in the Request Parameters section.
\n Each element consists of:
\n \n - \n
\n Keys - An array of primary key attribute values that define\n specific items in the table.
\n \n - \n
\n ProjectionExpression - One or more attributes to be retrieved from\n the table or index. By default, all attributes are returned. If a requested\n attribute is not found, it does not appear in the result.
\n \n - \n
\n ConsistentRead - The consistency of a read operation. If set to\n true, then a strongly consistent read is used; otherwise, an\n eventually consistent read is used.
\n \n
\n If there are no unprocessed keys remaining, the response contains an empty\n UnprocessedKeys map.
"
+ "smithy.api#documentation": "A map of tables and their respective keys that were not processed with the current\n response. The UnprocessedKeys value is in the same form as\n RequestItems, so the value can be provided directly to a subsequent\n BatchGetItem operation. For more information, see\n RequestItems in the Request Parameters section.
\n Each element consists of:
\n \n - \n
\n Keys - An array of primary key attribute values that define\n specific items in the table.
\n \n - \n
\n ProjectionExpression - One or more attributes to be retrieved from\n the table or index. By default, all attributes are returned. If a requested\n attribute is not found, it does not appear in the result.
\n \n - \n
\n ConsistentRead - The consistency of a read operation. If set to\n true, then a strongly consistent read is used; otherwise, an\n eventually consistent read is used.
\n \n
\n If there are no unprocessed keys remaining, the response contains an empty\n UnprocessedKeys map.
"
}
},
"ConsumedCapacity": {
"target": "com.amazonaws.dynamodb#ConsumedCapacityMultiple",
"traits": {
- "smithy.api#documentation": "The read capacity units consumed by the entire BatchGetItem\n operation.
\n Each element consists of:
\n "
+ "smithy.api#documentation": "The read capacity units consumed by the entire BatchGetItem\n operation.
\n Each element consists of:
\n "
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a BatchGetItem operation.
"
+ "smithy.api#documentation": "Represents the output of a BatchGetItem operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#BatchGetRequestMap": {
@@ -1074,7 +1082,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "The BatchWriteItem operation puts or deletes multiple items in one or\n more tables. A single call to BatchWriteItem can transmit up to 16MB of\n data over the network, consisting of up to 25 item put or delete operations. While\n individual items can be up to 400 KB once stored, it's important to note that an item's\n representation might be greater than 400KB while being sent in DynamoDB's JSON format\n for the API call. For more details on this distinction, see Naming Rules and Data Types.
\n \n \n BatchWriteItem cannot update items. If you perform a BatchWriteItem\n operation on an existing item, that item's values will be overwritten by the\n operation and it will appear like it was updated. To update items, we recommend you\n use the UpdateItem action.
\n \n The individual PutItem and DeleteItem operations specified\n in BatchWriteItem are atomic; however BatchWriteItem as a\n whole is not. If any requested operations fail because the table's provisioned\n throughput is exceeded or an internal processing failure occurs, the failed operations\n are returned in the UnprocessedItems response parameter. You can\n investigate and optionally resend the requests. Typically, you would call\n BatchWriteItem in a loop. Each iteration would check for unprocessed\n items and submit a new BatchWriteItem request with those unprocessed items\n until all items have been processed.
\n If none of the items can be processed due to insufficient\n provisioned throughput on all of the tables in the request, then\n BatchWriteItem returns a\n ProvisionedThroughputExceededException.
\n \n If DynamoDB returns any unprocessed items, you should retry the batch operation on\n those items. However, we strongly recommend that you use an exponential\n backoff algorithm. If you retry the batch operation immediately, the\n underlying read or write requests can still fail due to throttling on the individual\n tables. If you delay the batch operation using exponential backoff, the individual\n requests in the batch are much more likely to succeed.
\n For more information, see Batch Operations and Error Handling in the Amazon DynamoDB\n Developer Guide.
\n \n\n With BatchWriteItem, you can efficiently write or delete large amounts of\n data, such as from Amazon EMR, or copy data from another database into DynamoDB. In\n order to improve performance with these large-scale operations,\n BatchWriteItem does not behave in the same way as individual\n PutItem and DeleteItem calls would. For example, you\n cannot specify conditions on individual put and delete requests, and\n BatchWriteItem does not return deleted items in the response.
\n If you use a programming language that supports concurrency, you can use threads to\n write items in parallel. Your application must include the necessary logic to manage the\n threads. With languages that don't support threading, you must update or delete the\n specified items one at a time. In both situations, BatchWriteItem performs\n the specified put and delete operations in parallel, giving you the power of the thread\n pool approach without having to introduce complexity into your application.
\n Parallel processing reduces latency, but each specified put and delete request\n consumes the same number of write capacity units whether it is processed in parallel or\n not. Delete operations on nonexistent items consume one write capacity unit.
\n If one or more of the following is true, DynamoDB rejects the entire batch write\n operation:
\n \n - \n
One or more tables specified in the BatchWriteItem request does\n not exist.
\n \n - \n
Primary key attributes specified on an item in the request do not match those\n in the corresponding table's primary key schema.
\n \n - \n
You try to perform multiple operations on the same item in the same\n BatchWriteItem request. For example, you cannot put and delete\n the same item in the same BatchWriteItem request.
\n \n - \n
Your request contains at least two items with identical hash and range keys\n (which essentially is two put operations).
\n \n - \n
There are more than 25 requests in the batch.
\n \n - \n
Any individual item in a batch exceeds 400 KB.
\n \n - \n
The total request size exceeds 16 MB.
\n \n
"
+ "smithy.api#documentation": "The BatchWriteItem operation puts or deletes multiple items in one or\n more tables. A single call to BatchWriteItem can transmit up to 16MB of\n data over the network, consisting of up to 25 item put or delete operations. While\n individual items can be up to 400 KB once stored, it's important to note that an item's\n representation might be greater than 400KB while being sent in DynamoDB's JSON format\n for the API call. For more details on this distinction, see Naming Rules and Data Types.
\n \n \n BatchWriteItem cannot update items. If you perform a BatchWriteItem\n operation on an existing item, that item's values will be overwritten by the\n operation and it will appear like it was updated. To update items, we recommend you\n use the UpdateItem action.
\n \n The individual PutItem and DeleteItem operations specified\n in BatchWriteItem are atomic; however BatchWriteItem as a\n whole is not. If any requested operations fail because the table's provisioned\n throughput is exceeded or an internal processing failure occurs, the failed operations\n are returned in the UnprocessedItems response parameter. You can\n investigate and optionally resend the requests. Typically, you would call\n BatchWriteItem in a loop. Each iteration would check for unprocessed\n items and submit a new BatchWriteItem request with those unprocessed items\n until all items have been processed.
\n If none of the items can be processed due to insufficient\n provisioned throughput on all of the tables in the request, then\n BatchWriteItem returns a\n ProvisionedThroughputExceededException.
\n \n If DynamoDB returns any unprocessed items, you should retry the batch operation on\n those items. However, we strongly recommend that you use an exponential\n backoff algorithm. If you retry the batch operation immediately, the\n underlying read or write requests can still fail due to throttling on the individual\n tables. If you delay the batch operation using exponential backoff, the individual\n requests in the batch are much more likely to succeed.
\n For more information, see Batch Operations and Error Handling in the Amazon DynamoDB\n Developer Guide.
\n \n With BatchWriteItem, you can efficiently write or delete large amounts of\n data, such as from Amazon EMR, or copy data from another database into DynamoDB. In\n order to improve performance with these large-scale operations,\n BatchWriteItem does not behave in the same way as individual\n PutItem and DeleteItem calls would. For example, you\n cannot specify conditions on individual put and delete requests, and\n BatchWriteItem does not return deleted items in the response.
\n If you use a programming language that supports concurrency, you can use threads to\n write items in parallel. Your application must include the necessary logic to manage the\n threads. With languages that don't support threading, you must update or delete the\n specified items one at a time. In both situations, BatchWriteItem performs\n the specified put and delete operations in parallel, giving you the power of the thread\n pool approach without having to introduce complexity into your application.
\n Parallel processing reduces latency, but each specified put and delete request\n consumes the same number of write capacity units whether it is processed in parallel or\n not. Delete operations on nonexistent items consume one write capacity unit.
\n If one or more of the following is true, DynamoDB rejects the entire batch write\n operation:
\n \n - \n
One or more tables specified in the BatchWriteItem request does\n not exist.
\n \n - \n
Primary key attributes specified on an item in the request do not match those\n in the corresponding table's primary key schema.
\n \n - \n
You try to perform multiple operations on the same item in the same\n BatchWriteItem request. For example, you cannot put and delete\n the same item in the same BatchWriteItem request.
\n \n - \n
Your request contains at least two items with identical hash and range keys\n (which essentially is two put operations).
\n \n - \n
There are more than 25 requests in the batch.
\n \n - \n
Any individual item in a batch exceeds 400 KB.
\n \n - \n
The total request size exceeds 16 MB.
\n \n
"
}
},
"com.amazonaws.dynamodb#BatchWriteItemInput": {
@@ -1083,7 +1091,7 @@
"RequestItems": {
"target": "com.amazonaws.dynamodb#BatchWriteItemRequestMap",
"traits": {
- "smithy.api#documentation": "A map of one or more table names and, for each table, a list of operations to be\n performed (DeleteRequest or PutRequest). Each element in the\n map consists of the following:
\n \n - \n
\n DeleteRequest - Perform a DeleteItem operation on the\n specified item. The item to be deleted is identified by a Key\n subelement:
\n \n - \n
\n Key - A map of primary key attribute values that uniquely\n identify the item. Each entry in this map consists of an attribute name\n and an attribute value. For each primary key, you must provide\n all of the key attributes. For example, with a\n simple primary key, you only need to provide a value for the partition\n key. For a composite primary key, you must provide values for\n both the partition key and the sort key.
\n \n
\n \n - \n
\n PutRequest - Perform a PutItem operation on the\n specified item. The item to be put is identified by an Item\n subelement:
\n \n - \n
\n Item - A map of attributes and their values. Each entry in\n this map consists of an attribute name and an attribute value. Attribute\n values must not be null; string and binary type attributes must have\n lengths greater than zero; and set type attributes must not be empty.\n Requests that contain empty values are rejected with a\n ValidationException exception.
\n If you specify any attributes that are part of an index key, then the\n data types for those attributes must match those of the schema in the\n table's attribute definition.
\n \n
\n \n
",
+ "smithy.api#documentation": "A map of one or more table names and, for each table, a list of operations to be\n performed (DeleteRequest or PutRequest). Each element in the\n map consists of the following:
\n \n - \n
\n DeleteRequest - Perform a DeleteItem operation on the\n specified item. The item to be deleted is identified by a Key\n subelement:
\n \n - \n
\n Key - A map of primary key attribute values that uniquely\n identify the item. Each entry in this map consists of an attribute name\n and an attribute value. For each primary key, you must provide\n all of the key attributes. For example, with a\n simple primary key, you only need to provide a value for the partition\n key. For a composite primary key, you must provide values for\n both the partition key and the sort key.
\n \n
\n \n - \n
\n PutRequest - Perform a PutItem operation on the\n specified item. The item to be put is identified by an Item\n subelement:
\n \n - \n
\n Item - A map of attributes and their values. Each entry in\n this map consists of an attribute name and an attribute value. Attribute\n values must not be null; string and binary type attributes must have\n lengths greater than zero; and set type attributes must not be empty.\n Requests that contain empty values are rejected with a\n ValidationException exception.
\n If you specify any attributes that are part of an index key, then the\n data types for those attributes must match those of the schema in the\n table's attribute definition.
\n \n
\n \n
",
"smithy.api#required": {}
}
},
@@ -1098,7 +1106,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a BatchWriteItem operation.
"
+ "smithy.api#documentation": "Represents the input of a BatchWriteItem operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#BatchWriteItemOutput": {
@@ -1107,24 +1116,25 @@
"UnprocessedItems": {
"target": "com.amazonaws.dynamodb#BatchWriteItemRequestMap",
"traits": {
- "smithy.api#documentation": "A map of tables and requests against those tables that were not processed. The\n UnprocessedItems value is in the same form as\n RequestItems, so you can provide this value directly to a subsequent\n BatchWriteItem operation. For more information, see\n RequestItems in the Request Parameters section.
\n Each UnprocessedItems entry consists of a table name and, for that table,\n a list of operations to perform (DeleteRequest or\n PutRequest).
\n \n - \n
\n DeleteRequest - Perform a DeleteItem operation on the\n specified item. The item to be deleted is identified by a Key\n subelement:
\n \n \n - \n
\n PutRequest - Perform a PutItem operation on the\n specified item. The item to be put is identified by an Item\n subelement:
\n \n - \n
\n Item - A map of attributes and their values. Each entry in\n this map consists of an attribute name and an attribute value. Attribute\n values must not be null; string and binary type attributes must have\n lengths greater than zero; and set type attributes must not be empty.\n Requests that contain empty values will be rejected with a\n ValidationException exception.
\n If you specify any attributes that are part of an index key, then the\n data types for those attributes must match those of the schema in the\n table's attribute definition.
\n \n
\n \n
\n If there are no unprocessed items remaining, the response contains an empty\n UnprocessedItems map.
"
+ "smithy.api#documentation": "A map of tables and requests against those tables that were not processed. The\n UnprocessedItems value is in the same form as\n RequestItems, so you can provide this value directly to a subsequent\n BatchWriteItem operation. For more information, see\n RequestItems in the Request Parameters section.
\n Each UnprocessedItems entry consists of a table name and, for that table,\n a list of operations to perform (DeleteRequest or\n PutRequest).
\n \n - \n
\n DeleteRequest - Perform a DeleteItem operation on the\n specified item. The item to be deleted is identified by a Key\n subelement:
\n \n \n - \n
\n PutRequest - Perform a PutItem operation on the\n specified item. The item to be put is identified by an Item\n subelement:
\n \n - \n
\n Item - A map of attributes and their values. Each entry in\n this map consists of an attribute name and an attribute value. Attribute\n values must not be null; string and binary type attributes must have\n lengths greater than zero; and set type attributes must not be empty.\n Requests that contain empty values will be rejected with a\n ValidationException exception.
\n If you specify any attributes that are part of an index key, then the\n data types for those attributes must match those of the schema in the\n table's attribute definition.
\n \n
\n \n
\n If there are no unprocessed items remaining, the response contains an empty\n UnprocessedItems map.
"
}
},
"ItemCollectionMetrics": {
"target": "com.amazonaws.dynamodb#ItemCollectionMetricsPerTable",
"traits": {
- "smithy.api#documentation": "A list of tables that were processed by BatchWriteItem and, for each\n table, information about any item collections that were affected by individual\n DeleteItem or PutItem operations.
\n Each entry consists of the following subelements:
\n \n - \n
\n ItemCollectionKey - The partition key value of the item collection.\n This is the same as the partition key value of the item.
\n \n - \n
\n SizeEstimateRangeGB - An estimate of item collection size,\n expressed in GB. This is a two-element array containing a lower bound and an\n upper bound for the estimate. The estimate includes the size of all the items in\n the table, plus the size of all attributes projected into all of the local\n secondary indexes on the table. Use this estimate to measure whether a local\n secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the\n precision or accuracy of the estimate.
\n \n
"
+ "smithy.api#documentation": "A list of tables that were processed by BatchWriteItem and, for each\n table, information about any item collections that were affected by individual\n DeleteItem or PutItem operations.
\n Each entry consists of the following subelements:
\n \n - \n
\n ItemCollectionKey - The partition key value of the item collection.\n This is the same as the partition key value of the item.
\n \n - \n
\n SizeEstimateRangeGB - An estimate of item collection size,\n expressed in GB. This is a two-element array containing a lower bound and an\n upper bound for the estimate. The estimate includes the size of all the items in\n the table, plus the size of all attributes projected into all of the local\n secondary indexes on the table. Use this estimate to measure whether a local\n secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the\n precision or accuracy of the estimate.
\n \n
"
}
},
"ConsumedCapacity": {
"target": "com.amazonaws.dynamodb#ConsumedCapacityMultiple",
"traits": {
- "smithy.api#documentation": "The capacity units consumed by the entire BatchWriteItem\n operation.
\n Each element consists of:
\n "
+ "smithy.api#documentation": "The capacity units consumed by the entire BatchWriteItem\n operation.
\n Each element consists of:
\n "
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a BatchWriteItem operation.
"
+ "smithy.api#documentation": "Represents the output of a BatchWriteItem operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#BatchWriteItemRequestMap": {
@@ -1173,7 +1183,7 @@
"BillingMode": {
"target": "com.amazonaws.dynamodb#BillingMode",
"traits": {
- "smithy.api#documentation": "Controls how you are charged for read and write throughput and how you manage\n capacity. This setting can be changed later.
\n \n - \n
\n PROVISIONED - Sets the read/write capacity mode to\n PROVISIONED. We recommend using PROVISIONED for\n predictable workloads.
\n \n - \n
\n PAY_PER_REQUEST - Sets the read/write capacity mode to\n PAY_PER_REQUEST. We recommend using\n PAY_PER_REQUEST for unpredictable workloads.
\n \n
"
+ "smithy.api#documentation": "Controls how you are charged for read and write throughput and how you manage\n capacity. This setting can be changed later.
\n \n - \n
\n PROVISIONED - Sets the read/write capacity mode to\n PROVISIONED. We recommend using PROVISIONED for\n predictable workloads.
\n \n - \n
\n PAY_PER_REQUEST - Sets the read/write capacity mode to\n PAY_PER_REQUEST. We recommend using\n PAY_PER_REQUEST for unpredictable workloads.
\n \n
"
}
},
"LastUpdateToPayPerRequestDateTime": {
@@ -1184,7 +1194,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the details for the read/write capacity mode. This page talks about\n PROVISIONED and PAY_PER_REQUEST billing modes. For more\n information about these modes, see Read/write capacity mode.
\n \n You may need to switch to on-demand mode at least once in order to return a\n BillingModeSummary response.
\n "
+ "smithy.api#documentation": "Contains the details for the read/write capacity mode. This page talks about\n PROVISIONED and PAY_PER_REQUEST billing modes. For more\n information about these modes, see Read/write capacity mode.
\n \n You may need to switch to on-demand mode at least once in order to return a\n BillingModeSummary response.
\n "
}
},
"com.amazonaws.dynamodb#BinaryAttributeValue": {
@@ -1382,19 +1392,19 @@
"AttributeValueList": {
"target": "com.amazonaws.dynamodb#AttributeValueList",
"traits": {
- "smithy.api#documentation": "One or more values to evaluate against the supplied attribute. The number of values in\n the list depends on the ComparisonOperator being used.
\n For type Number, value comparisons are numeric.
\n String value comparisons for greater than, equals, or less than are based on ASCII\n character code values. For example, a is greater than A, and\n a is greater than B. For a list of code values, see http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters.
\n For Binary, DynamoDB treats each byte of the binary data as unsigned when it\n compares binary values.
"
+ "smithy.api#documentation": "One or more values to evaluate against the supplied attribute. The number of values in\n the list depends on the ComparisonOperator being used.
\n For type Number, value comparisons are numeric.
\n String value comparisons for greater than, equals, or less than are based on ASCII\n character code values. For example, a is greater than A, and\n a is greater than B. For a list of code values, see http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters.
\n For Binary, DynamoDB treats each byte of the binary data as unsigned when it\n compares binary values.
"
}
},
"ComparisonOperator": {
"target": "com.amazonaws.dynamodb#ComparisonOperator",
"traits": {
- "smithy.api#documentation": "A comparator for evaluating attributes. For example, equals, greater than, less than,\n etc.
\n The following comparison operators are available:
\n \n EQ | NE | LE | LT | GE | GT | NOT_NULL | NULL | CONTAINS | NOT_CONTAINS |\n BEGINS_WITH | IN | BETWEEN\n
\n The following are descriptions of each comparison operator.
\n \n - \n
\n EQ : Equal. EQ is supported for all data types,\n including lists and maps.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, Binary, String Set, Number Set, or Binary Set.\n If an item contains an AttributeValue element of a different type\n than the one provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not equal {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n NE : Not equal. NE is supported for all data types,\n including lists and maps.
\n \n AttributeValueList can contain only one AttributeValue\n of type String, Number, Binary, String Set, Number Set, or Binary Set. If an\n item contains an AttributeValue of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not equal {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n LE : Less than or equal.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n LT : Less than.
\n \n AttributeValueList can contain only one AttributeValue\n of type String, Number, or Binary (not a set type). If an item contains an\n AttributeValue element of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not compare to {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n GE : Greater than or equal.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n GT : Greater than.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n NOT_NULL : The attribute exists. NOT_NULL is supported\n for all data types, including lists and maps.
\n \n This operator tests for the existence of an attribute, not its data type.\n If the data type of attribute \"a\" is null, and you evaluate it\n using NOT_NULL, the result is a Boolean true. This\n result is because the attribute \"a\" exists; its data type is\n not relevant to the NOT_NULL comparison operator.
\n \n \n - \n
\n NULL : The attribute does not exist. NULL is supported\n for all data types, including lists and maps.
\n \n This operator tests for the nonexistence of an attribute, not its data\n type. If the data type of attribute \"a\" is null, and you\n evaluate it using NULL, the result is a Boolean\n false. This is because the attribute \"a\"\n exists; its data type is not relevant to the NULL comparison\n operator.
\n \n \n - \n
\n CONTAINS : Checks for a subsequence, or value in a set.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If the target\n attribute of the comparison is of type String, then the operator checks for a\n substring match. If the target attribute of the comparison is of type Binary,\n then the operator looks for a subsequence of the target that matches the input.\n If the target attribute of the comparison is a set (\"SS\",\n \"NS\", or \"BS\"), then the operator evaluates to\n true if it finds an exact match with any member of the set.
\n CONTAINS is supported for lists: When evaluating \"a CONTAINS b\",\n \"a\" can be a list; however, \"b\" cannot be a set, a\n map, or a list.
\n \n - \n
\n NOT_CONTAINS : Checks for absence of a subsequence, or absence of a\n value in a set.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If the target\n attribute of the comparison is a String, then the operator checks for the\n absence of a substring match. If the target attribute of the comparison is\n Binary, then the operator checks for the absence of a subsequence of the target\n that matches the input. If the target attribute of the comparison is a set\n (\"SS\", \"NS\", or \"BS\"), then the\n operator evaluates to true if it does not find an exact\n match with any member of the set.
\n NOT_CONTAINS is supported for lists: When evaluating \"a NOT CONTAINS\n b\", \"a\" can be a list; however, \"b\" cannot\n be a set, a map, or a list.
\n \n - \n
\n BEGINS_WITH : Checks for a prefix.
\n \n AttributeValueList can contain only one AttributeValue\n of type String or Binary (not a Number or a set type). The target attribute of\n the comparison must be of type String or Binary (not a Number or a set\n type).
\n \n \n - \n
\n IN : Checks for matching elements in a list.
\n \n AttributeValueList can contain one or more\n AttributeValue elements of type String, Number, or Binary.\n These attributes are compared against an existing attribute of an item. If any\n elements of the input are equal to the item attribute, the expression evaluates\n to true.
\n \n - \n
\n BETWEEN : Greater than or equal to the first value, and less than\n or equal to the second value.
\n \n AttributeValueList must contain two AttributeValue\n elements of the same type, either String, Number, or Binary (not a set type). A\n target attribute matches if the target value is greater than, or equal to, the\n first element and less than, or equal to, the second element. If an item\n contains an AttributeValue element of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not compare to {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not compare to {\"NS\":[\"6\", \"2\",\n \"1\"]}\n
\n \n
\n For usage examples of AttributeValueList and\n ComparisonOperator, see Legacy\n Conditional Parameters in the Amazon DynamoDB Developer\n Guide.
",
+ "smithy.api#documentation": "A comparator for evaluating attributes. For example, equals, greater than, less than,\n etc.
\n The following comparison operators are available:
\n \n EQ | NE | LE | LT | GE | GT | NOT_NULL | NULL | CONTAINS | NOT_CONTAINS |\n BEGINS_WITH | IN | BETWEEN\n
\n The following are descriptions of each comparison operator.
\n \n - \n
\n EQ : Equal. EQ is supported for all data types,\n including lists and maps.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, Binary, String Set, Number Set, or Binary Set.\n If an item contains an AttributeValue element of a different type\n than the one provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not equal {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n NE : Not equal. NE is supported for all data types,\n including lists and maps.
\n \n AttributeValueList can contain only one AttributeValue\n of type String, Number, Binary, String Set, Number Set, or Binary Set. If an\n item contains an AttributeValue of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not equal {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n LE : Less than or equal.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n LT : Less than.
\n \n AttributeValueList can contain only one AttributeValue\n of type String, Number, or Binary (not a set type). If an item contains an\n AttributeValue element of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not compare to {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n GE : Greater than or equal.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n GT : Greater than.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n NOT_NULL : The attribute exists. NOT_NULL is supported\n for all data types, including lists and maps.
\n \n This operator tests for the existence of an attribute, not its data type.\n If the data type of attribute \"a\" is null, and you evaluate it\n using NOT_NULL, the result is a Boolean true. This\n result is because the attribute \"a\" exists; its data type is\n not relevant to the NOT_NULL comparison operator.
\n \n \n - \n
\n NULL : The attribute does not exist. NULL is supported\n for all data types, including lists and maps.
\n \n This operator tests for the nonexistence of an attribute, not its data\n type. If the data type of attribute \"a\" is null, and you\n evaluate it using NULL, the result is a Boolean\n false. This is because the attribute \"a\"\n exists; its data type is not relevant to the NULL comparison\n operator.
\n \n \n - \n
\n CONTAINS : Checks for a subsequence, or value in a set.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If the target\n attribute of the comparison is of type String, then the operator checks for a\n substring match. If the target attribute of the comparison is of type Binary,\n then the operator looks for a subsequence of the target that matches the input.\n If the target attribute of the comparison is a set (\"SS\",\n \"NS\", or \"BS\"), then the operator evaluates to\n true if it finds an exact match with any member of the set.
\n CONTAINS is supported for lists: When evaluating \"a CONTAINS b\",\n \"a\" can be a list; however, \"b\" cannot be a set, a\n map, or a list.
\n \n - \n
\n NOT_CONTAINS : Checks for absence of a subsequence, or absence of a\n value in a set.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If the target\n attribute of the comparison is a String, then the operator checks for the\n absence of a substring match. If the target attribute of the comparison is\n Binary, then the operator checks for the absence of a subsequence of the target\n that matches the input. If the target attribute of the comparison is a set\n (\"SS\", \"NS\", or \"BS\"), then the\n operator evaluates to true if it does not find an exact\n match with any member of the set.
\n NOT_CONTAINS is supported for lists: When evaluating \"a NOT CONTAINS\n b\", \"a\" can be a list; however, \"b\" cannot\n be a set, a map, or a list.
\n \n - \n
\n BEGINS_WITH : Checks for a prefix.
\n \n AttributeValueList can contain only one AttributeValue\n of type String or Binary (not a Number or a set type). The target attribute of\n the comparison must be of type String or Binary (not a Number or a set\n type).
\n \n \n - \n
\n IN : Checks for matching elements in a list.
\n \n AttributeValueList can contain one or more\n AttributeValue elements of type String, Number, or Binary.\n These attributes are compared against an existing attribute of an item. If any\n elements of the input are equal to the item attribute, the expression evaluates\n to true.
\n \n - \n
\n BETWEEN : Greater than or equal to the first value, and less than\n or equal to the second value.
\n \n AttributeValueList must contain two AttributeValue\n elements of the same type, either String, Number, or Binary (not a set type). A\n target attribute matches if the target value is greater than, or equal to, the\n first element and less than, or equal to, the second element. If an item\n contains an AttributeValue element of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not compare to {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not compare to {\"NS\":[\"6\", \"2\",\n \"1\"]}\n
\n \n
\n For usage examples of AttributeValueList and\n ComparisonOperator, see Legacy\n Conditional Parameters in the Amazon DynamoDB Developer\n Guide.
",
"smithy.api#required": {}
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the selection criteria for a Query or Scan\n operation:
\n \n - \n
For a Query operation, Condition is used for\n specifying the KeyConditions to use when querying a table or an\n index. For KeyConditions, only the following comparison operators\n are supported:
\n \n EQ | LE | LT | GE | GT | BEGINS_WITH | BETWEEN\n
\n \n Condition is also used in a QueryFilter, which\n evaluates the query results and returns only the desired values.
\n \n - \n
For a Scan operation, Condition is used in a\n ScanFilter, which evaluates the scan results and returns only\n the desired values.
\n \n
"
+ "smithy.api#documentation": "Represents the selection criteria for a Query or Scan\n operation:
\n \n - \n
For a Query operation, Condition is used for\n specifying the KeyConditions to use when querying a table or an\n index. For KeyConditions, only the following comparison operators\n are supported:
\n \n EQ | LE | LT | GE | GT | BEGINS_WITH | BETWEEN\n
\n \n Condition is also used in a QueryFilter, which\n evaluates the query results and returns only the desired values.
\n \n - \n
For a Scan operation, Condition is used in a\n ScanFilter, which evaluates the scan results and returns only\n the desired values.
\n \n
"
}
},
"com.amazonaws.dynamodb#ConditionCheck": {
@@ -1417,20 +1427,20 @@
"ConditionExpression": {
"target": "com.amazonaws.dynamodb#ConditionExpression",
"traits": {
- "smithy.api#documentation": "A condition that must be satisfied in order for a conditional update to\n succeed.
",
+ "smithy.api#documentation": "A condition that must be satisfied in order for a conditional update to\n succeed. For more information, see Condition expressions in the Amazon DynamoDB Developer\n Guide.
",
"smithy.api#required": {}
}
},
"ExpressionAttributeNames": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeNameMap",
"traits": {
- "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression.
"
+ "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. For more information, see\n Expression attribute names \n in the Amazon DynamoDB Developer Guide.
"
}
},
"ExpressionAttributeValues": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeValueMap",
"traits": {
- "smithy.api#documentation": "One or more values that can be substituted in an expression.
"
+ "smithy.api#documentation": "One or more values that can be substituted in an expression. For more information, see Condition expressions in the Amazon DynamoDB Developer Guide.
"
}
},
"ReturnValuesOnConditionCheckFailure": {
@@ -1722,7 +1732,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Creates a backup for an existing table.
\n Each time you create an on-demand backup, the entire table data is backed up. There\n is no limit to the number of on-demand backups that can be taken.
\n When you create an on-demand backup, a time marker of the request is cataloged, and\n the backup is created asynchronously, by applying all changes until the time of the\n request to the last full table snapshot. Backup requests are processed instantaneously\n and become available for restore within minutes.
\n You can call CreateBackup at a maximum rate of 50 times per\n second.
\n All backups in DynamoDB work without consuming any provisioned throughput on the\n table.
\n If you submit a backup request on 2018-12-14 at 14:25:00, the backup is guaranteed to\n contain all data committed to the table up to 14:24:00, and data committed after\n 14:26:00 will not be. The backup might contain data modifications made between 14:24:00\n and 14:26:00. On-demand backup does not support causal consistency.
\n Along with data, the following are also included on the backups:
\n \n - \n
Global secondary indexes (GSIs)
\n \n - \n
Local secondary indexes (LSIs)
\n \n - \n
Streams
\n \n - \n
Provisioned read and write capacity
\n \n
"
+ "smithy.api#documentation": "Creates a backup for an existing table.
\n Each time you create an on-demand backup, the entire table data is backed up. There\n is no limit to the number of on-demand backups that can be taken.
\n When you create an on-demand backup, a time marker of the request is cataloged, and\n the backup is created asynchronously, by applying all changes until the time of the\n request to the last full table snapshot. Backup requests are processed instantaneously\n and become available for restore within minutes.
\n You can call CreateBackup at a maximum rate of 50 times per\n second.
\n All backups in DynamoDB work without consuming any provisioned throughput on the\n table.
\n If you submit a backup request on 2018-12-14 at 14:25:00, the backup is guaranteed to\n contain all data committed to the table up to 14:24:00, and data committed after\n 14:26:00 will not be. The backup might contain data modifications made between 14:24:00\n and 14:26:00. On-demand backup does not support causal consistency.
\n Along with data, the following are also included on the backups:
\n \n - \n
Global secondary indexes (GSIs)
\n \n - \n
Local secondary indexes (LSIs)
\n \n - \n
Streams
\n \n - \n
Provisioned read and write capacity
\n \n
"
}
},
"com.amazonaws.dynamodb#CreateBackupInput": {
@@ -1742,6 +1752,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#CreateBackupOutput": {
@@ -1753,6 +1766,9 @@
"smithy.api#documentation": "Contains the details of the backup created for the table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#CreateGlobalSecondaryIndexAction": {
@@ -1782,7 +1798,7 @@
"ProvisionedThroughput": {
"target": "com.amazonaws.dynamodb#ProvisionedThroughput",
"traits": {
- "smithy.api#documentation": "Represents the provisioned throughput settings for the specified global secondary\n index.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "Represents the provisioned throughput settings for the specified global secondary\n index.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
}
}
},
@@ -1819,7 +1835,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Creates a global table from an existing table. A global table creates a replication\n relationship between two or more DynamoDB tables with the same table name in the\n provided Regions.
\n \n This operation only applies to Version\n 2017.11.29 of global tables.
\n \n\n If you want to add a new replica table to a global table, each of the following\n conditions must be true:
\n \n - \n
The table must have the same primary key as all of the other replicas.
\n \n - \n
The table must have the same name as all of the other replicas.
\n \n - \n
The table must have DynamoDB Streams enabled, with the stream containing both\n the new and the old images of the item.
\n \n - \n
None of the replica tables in the global table can contain any data.
\n \n
\n If global secondary indexes are specified, then the following conditions must also be\n met:
\n \n If local secondary indexes are specified, then the following conditions must also be\n met:
\n \n\n \n Write capacity settings should be set consistently across your replica tables and\n secondary indexes. DynamoDB strongly recommends enabling auto scaling to manage the\n write capacity settings for all of your global tables replicas and indexes.
\n If you prefer to manage write capacity settings manually, you should provision\n equal replicated write capacity units to your replica tables. You should also\n provision equal replicated write capacity units to matching secondary indexes across\n your global table.
\n "
+ "smithy.api#documentation": "Creates a global table from an existing table. A global table creates a replication\n relationship between two or more DynamoDB tables with the same table name in the\n provided Regions.
\n \n This operation only applies to Version\n 2017.11.29 (Legacy) of global tables. We recommend using\n Version 2019.11.21 (Current)\n when creating new global tables, as it provides greater flexibility, higher efficiency and consumes less write capacity than \n 2017.11.29 (Legacy). To determine which version you are using, see \n Determining the version. \n To update existing global tables from version 2017.11.29 (Legacy) to version\n 2019.11.21 (Current), see \n Updating global tables.\n
\n \n If you want to add a new replica table to a global table, each of the following\n conditions must be true:
\n \n - \n
The table must have the same primary key as all of the other replicas.
\n \n - \n
The table must have the same name as all of the other replicas.
\n \n - \n
The table must have DynamoDB Streams enabled, with the stream containing both\n the new and the old images of the item.
\n \n - \n
None of the replica tables in the global table can contain any data.
\n \n
\n If global secondary indexes are specified, then the following conditions must also be\n met:
\n \n If local secondary indexes are specified, then the following conditions must also be\n met:
\n \n \n Write capacity settings should be set consistently across your replica tables and\n secondary indexes. DynamoDB strongly recommends enabling auto scaling to manage the\n write capacity settings for all of your global tables replicas and indexes.
\n If you prefer to manage write capacity settings manually, you should provision\n equal replicated write capacity units to your replica tables. You should also\n provision equal replicated write capacity units to matching secondary indexes across\n your global table.
\n "
}
},
"com.amazonaws.dynamodb#CreateGlobalTableInput": {
@@ -1839,6 +1855,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#CreateGlobalTableOutput": {
@@ -1850,6 +1869,9 @@
"smithy.api#documentation": "Contains the details of the global table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#CreateReplicaAction": {
@@ -1932,7 +1954,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "The CreateTable operation adds a new table to your account. In an Amazon Web Services account, table names must be unique within each Region. That is, you can\n have two tables with same name if you create the tables in different Regions.
\n \n CreateTable is an asynchronous operation. Upon receiving a\n CreateTable request, DynamoDB immediately returns a response with a\n TableStatus of CREATING. After the table is created,\n DynamoDB sets the TableStatus to ACTIVE. You can perform read\n and write operations only on an ACTIVE table.
\n You can optionally define secondary indexes on the new table, as part of the\n CreateTable operation. If you want to create multiple tables with\n secondary indexes on them, you must create the tables sequentially. Only one table with\n secondary indexes can be in the CREATING state at any given time.
\n You can use the DescribeTable action to check the table status.
"
+ "smithy.api#documentation": "The CreateTable operation adds a new table to your account. In an Amazon Web Services account, table names must be unique within each Region. That is, you can\n have two tables with same name if you create the tables in different Regions.
\n \n CreateTable is an asynchronous operation. Upon receiving a\n CreateTable request, DynamoDB immediately returns a response with a\n TableStatus of CREATING. After the table is created,\n DynamoDB sets the TableStatus to ACTIVE. You can perform read\n and write operations only on an ACTIVE table.
\n You can optionally define secondary indexes on the new table, as part of the\n CreateTable operation. If you want to create multiple tables with\n secondary indexes on them, you must create the tables sequentially. Only one table with\n secondary indexes can be in the CREATING state at any given time.
\n You can use the DescribeTable action to check the table status.
"
}
},
"com.amazonaws.dynamodb#CreateTableInput": {
@@ -1955,38 +1977,38 @@
"KeySchema": {
"target": "com.amazonaws.dynamodb#KeySchema",
"traits": {
- "smithy.api#documentation": "Specifies the attributes that make up the primary key for a table or an index. The\n attributes in KeySchema must also be defined in the\n AttributeDefinitions array. For more information, see Data\n Model in the Amazon DynamoDB Developer Guide.
\n Each KeySchemaElement in the array is composed of:
\n \n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from the DynamoDB usage\n of an internal hash function to evenly distribute data items across partitions,\n based on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n \n\n For a simple primary key (partition key), you must provide exactly one element with a\n KeyType of HASH.
\n For a composite primary key (partition key and sort key), you must provide exactly two\n elements, in this order: The first element must have a KeyType of\n HASH, and the second element must have a KeyType of\n RANGE.
\n For more information, see Working with Tables in the Amazon DynamoDB Developer\n Guide.
",
+ "smithy.api#documentation": "Specifies the attributes that make up the primary key for a table or an index. The\n attributes in KeySchema must also be defined in the\n AttributeDefinitions array. For more information, see Data\n Model in the Amazon DynamoDB Developer Guide.
\n Each KeySchemaElement in the array is composed of:
\n \n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from the DynamoDB usage\n of an internal hash function to evenly distribute data items across partitions,\n based on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n \n For a simple primary key (partition key), you must provide exactly one element with a\n KeyType of HASH.
\n For a composite primary key (partition key and sort key), you must provide exactly two\n elements, in this order: The first element must have a KeyType of\n HASH, and the second element must have a KeyType of\n RANGE.
\n For more information, see Working with Tables in the Amazon DynamoDB Developer\n Guide.
",
"smithy.api#required": {}
}
},
"LocalSecondaryIndexes": {
"target": "com.amazonaws.dynamodb#LocalSecondaryIndexList",
"traits": {
- "smithy.api#documentation": "One or more local secondary indexes (the maximum is 5) to be created on the table.\n Each index is scoped to a given partition key value. There is a 10 GB size limit per\n partition key value; otherwise, the size of a local secondary index is\n unconstrained.
\n Each local secondary index in the array includes the following:
\n \n - \n
\n IndexName - The name of the local secondary index. Must be unique\n only for this table.
\n \n \n - \n
\n KeySchema - Specifies the key schema for the local secondary index.\n The key schema must begin with the same partition key as the table.
\n \n - \n
\n Projection - Specifies attributes that are copied (projected) from\n the table into the index. These are in addition to the primary key attributes\n and index key attributes, which are automatically projected. Each attribute\n specification is composed of:
\n \n - \n
\n ProjectionType - One of the following:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are\n projected into the index.
\n \n - \n
\n INCLUDE - Only the specified table attributes are\n projected into the index. The list of projected attributes is in\n NonKeyAttributes.
\n \n - \n
\n ALL - All of the table attributes are projected\n into the index.
\n \n
\n \n - \n
\n NonKeyAttributes - A list of one or more non-key attribute\n names that are projected into the secondary index. The total count of\n attributes provided in NonKeyAttributes, summed across all\n of the secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct\n attributes when determining the total.
\n \n
\n \n
"
+ "smithy.api#documentation": "One or more local secondary indexes (the maximum is 5) to be created on the table.\n Each index is scoped to a given partition key value. There is a 10 GB size limit per\n partition key value; otherwise, the size of a local secondary index is\n unconstrained.
\n Each local secondary index in the array includes the following:
\n \n - \n
\n IndexName - The name of the local secondary index. Must be unique\n only for this table.
\n \n \n - \n
\n KeySchema - Specifies the key schema for the local secondary index.\n The key schema must begin with the same partition key as the table.
\n \n - \n
\n Projection - Specifies attributes that are copied (projected) from\n the table into the index. These are in addition to the primary key attributes\n and index key attributes, which are automatically projected. Each attribute\n specification is composed of:
\n \n - \n
\n ProjectionType - One of the following:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are\n projected into the index.
\n \n - \n
\n INCLUDE - Only the specified table attributes are\n projected into the index. The list of projected attributes is in\n NonKeyAttributes.
\n \n - \n
\n ALL - All of the table attributes are projected\n into the index.
\n \n
\n \n - \n
\n NonKeyAttributes - A list of one or more non-key attribute\n names that are projected into the secondary index. The total count of\n attributes provided in NonKeyAttributes, summed across all\n of the secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct\n attributes when determining the total.
\n \n
\n \n
"
}
},
"GlobalSecondaryIndexes": {
"target": "com.amazonaws.dynamodb#GlobalSecondaryIndexList",
"traits": {
- "smithy.api#documentation": "One or more global secondary indexes (the maximum is 20) to be created on the table.\n Each global secondary index in the array includes the following:
\n \n - \n
\n IndexName - The name of the global secondary index. Must be unique\n only for this table.
\n \n \n - \n
\n KeySchema - Specifies the key schema for the global secondary\n index.
\n \n - \n
\n Projection - Specifies attributes that are copied (projected) from\n the table into the index. These are in addition to the primary key attributes\n and index key attributes, which are automatically projected. Each attribute\n specification is composed of:
\n \n - \n
\n ProjectionType - One of the following:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are\n projected into the index.
\n \n - \n
\n INCLUDE - Only the specified table attributes are\n projected into the index. The list of projected attributes is in\n NonKeyAttributes.
\n \n - \n
\n ALL - All of the table attributes are projected\n into the index.
\n \n
\n \n - \n
\n NonKeyAttributes - A list of one or more non-key attribute\n names that are projected into the secondary index. The total count of\n attributes provided in NonKeyAttributes, summed across all\n of the secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct\n attributes when determining the total.
\n \n
\n \n - \n
\n ProvisionedThroughput - The provisioned throughput settings for the\n global secondary index, consisting of read and write capacity units.
\n \n
"
+ "smithy.api#documentation": "One or more global secondary indexes (the maximum is 20) to be created on the table.\n Each global secondary index in the array includes the following:
\n \n - \n
\n IndexName - The name of the global secondary index. Must be unique\n only for this table.
\n \n \n - \n
\n KeySchema - Specifies the key schema for the global secondary\n index.
\n \n - \n
\n Projection - Specifies attributes that are copied (projected) from\n the table into the index. These are in addition to the primary key attributes\n and index key attributes, which are automatically projected. Each attribute\n specification is composed of:
\n \n - \n
\n ProjectionType - One of the following:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are\n projected into the index.
\n \n - \n
\n INCLUDE - Only the specified table attributes are\n projected into the index. The list of projected attributes is in\n NonKeyAttributes.
\n \n - \n
\n ALL - All of the table attributes are projected\n into the index.
\n \n
\n \n - \n
\n NonKeyAttributes - A list of one or more non-key attribute\n names that are projected into the secondary index. The total count of\n attributes provided in NonKeyAttributes, summed across all\n of the secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct\n attributes when determining the total.
\n \n
\n \n - \n
\n ProvisionedThroughput - The provisioned throughput settings for the\n global secondary index, consisting of read and write capacity units.
\n \n
"
}
},
"BillingMode": {
"target": "com.amazonaws.dynamodb#BillingMode",
"traits": {
- "smithy.api#documentation": "Controls how you are charged for read and write throughput and how you manage\n capacity. This setting can be changed later.
\n \n - \n
\n PROVISIONED - We recommend using PROVISIONED for\n predictable workloads. PROVISIONED sets the billing mode to Provisioned Mode.
\n \n - \n
\n PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST\n for unpredictable workloads. PAY_PER_REQUEST sets the billing mode\n to On-Demand Mode.
\n \n
"
+ "smithy.api#documentation": "Controls how you are charged for read and write throughput and how you manage\n capacity. This setting can be changed later.
\n \n - \n
\n PROVISIONED - We recommend using PROVISIONED for\n predictable workloads. PROVISIONED sets the billing mode to Provisioned Mode.
\n \n - \n
\n PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST\n for unpredictable workloads. PAY_PER_REQUEST sets the billing mode\n to On-Demand Mode.
\n \n
"
}
},
"ProvisionedThroughput": {
"target": "com.amazonaws.dynamodb#ProvisionedThroughput",
"traits": {
- "smithy.api#documentation": "Represents the provisioned throughput settings for a specified table or index. The\n settings can be modified using the UpdateTable operation.
\n If you set BillingMode as PROVISIONED, you must specify this property.\n If you set BillingMode as PAY_PER_REQUEST, you cannot specify this\n property.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "Represents the provisioned throughput settings for a specified table or index. The\n settings can be modified using the UpdateTable operation.
\n If you set BillingMode as PROVISIONED, you must specify this property.\n If you set BillingMode as PAY_PER_REQUEST, you cannot specify this\n property.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
}
},
"StreamSpecification": {
"target": "com.amazonaws.dynamodb#StreamSpecification",
"traits": {
- "smithy.api#documentation": "The settings for DynamoDB Streams on the table. These settings consist of:
\n \n - \n
\n StreamEnabled - Indicates whether DynamoDB Streams is to be enabled\n (true) or disabled (false).
\n \n - \n
\n StreamViewType - When an item in the table is modified,\n StreamViewType determines what information is written to the\n table's stream. Valid values for StreamViewType are:
\n \n - \n
\n KEYS_ONLY - Only the key attributes of the modified item\n are written to the stream.
\n \n - \n
\n NEW_IMAGE - The entire item, as it appears after it was\n modified, is written to the stream.
\n \n - \n
\n OLD_IMAGE - The entire item, as it appeared before it was\n modified, is written to the stream.
\n \n - \n
\n NEW_AND_OLD_IMAGES - Both the new and the old item images\n of the item are written to the stream.
\n \n
\n \n
"
+ "smithy.api#documentation": "The settings for DynamoDB Streams on the table. These settings consist of:
\n \n - \n
\n StreamEnabled - Indicates whether DynamoDB Streams is to be enabled\n (true) or disabled (false).
\n \n - \n
\n StreamViewType - When an item in the table is modified,\n StreamViewType determines what information is written to the\n table's stream. Valid values for StreamViewType are:
\n \n - \n
\n KEYS_ONLY - Only the key attributes of the modified item\n are written to the stream.
\n \n - \n
\n NEW_IMAGE - The entire item, as it appears after it was\n modified, is written to the stream.
\n \n - \n
\n OLD_IMAGE - The entire item, as it appeared before it was\n modified, is written to the stream.
\n \n - \n
\n NEW_AND_OLD_IMAGES - Both the new and the old item images\n of the item are written to the stream.
\n \n
\n \n
"
}
},
"SSESpecification": {
@@ -2006,10 +2028,17 @@
"traits": {
"smithy.api#documentation": "The table class of the new table. Valid values are STANDARD and\n STANDARD_INFREQUENT_ACCESS.
"
}
+ },
+ "DeletionProtectionEnabled": {
+ "target": "com.amazonaws.dynamodb#DeletionProtectionEnabled",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether deletion protection is to be enabled (true) or disabled (false) on the table.
"
+ }
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a CreateTable operation.
"
+ "smithy.api#documentation": "Represents the input of a CreateTable operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#CreateTableOutput": {
@@ -2023,7 +2052,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a CreateTable operation.
"
+ "smithy.api#documentation": "Represents the output of a CreateTable operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#CsvDelimiter": {
@@ -2156,7 +2186,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Deletes an existing backup of a table.
\n You can call DeleteBackup at a maximum rate of 10 times per\n second.
"
+ "smithy.api#documentation": "Deletes an existing backup of a table.
\n You can call DeleteBackup at a maximum rate of 10 times per\n second.
"
}
},
"com.amazonaws.dynamodb#DeleteBackupInput": {
@@ -2169,6 +2199,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DeleteBackupOutput": {
@@ -2180,6 +2213,9 @@
"smithy.api#documentation": "Contains the description of the backup created for the table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DeleteGlobalSecondaryIndexAction": {
@@ -2235,7 +2271,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Deletes a single item in a table by primary key. You can perform a conditional delete\n operation that deletes the item if it exists, or if it has an expected attribute\n value.
\n In addition to deleting an item, you can also return the item's attribute values in\n the same operation, using the ReturnValues parameter.
\n Unless you specify conditions, the DeleteItem is an idempotent operation;\n running it multiple times on the same item or attribute does not\n result in an error response.
\n Conditional deletes are useful for deleting items only if specific conditions are met.\n If those conditions are met, DynamoDB performs the delete. Otherwise, the item is not\n deleted.
"
+ "smithy.api#documentation": "Deletes a single item in a table by primary key. You can perform a conditional delete\n operation that deletes the item if it exists, or if it has an expected attribute\n value.
\n In addition to deleting an item, you can also return the item's attribute values in\n the same operation, using the ReturnValues parameter.
\n Unless you specify conditions, the DeleteItem is an idempotent operation;\n running it multiple times on the same item or attribute does not\n result in an error response.
\n Conditional deletes are useful for deleting items only if specific conditions are met.\n If those conditions are met, DynamoDB performs the delete. Otherwise, the item is not\n deleted.
"
}
},
"com.amazonaws.dynamodb#DeleteItemInput": {
@@ -2251,7 +2287,7 @@
"Key": {
"target": "com.amazonaws.dynamodb#Key",
"traits": {
- "smithy.api#documentation": "A map of attribute names to AttributeValue objects, representing the\n primary key of the item to delete.
\n For the primary key, you must provide all of the attributes. For example, with a\n simple primary key, you only need to provide a value for the partition key. For a\n composite primary key, you must provide values for both the partition key and the sort\n key.
",
+ "smithy.api#documentation": "A map of attribute names to AttributeValue objects, representing the\n primary key of the item to delete.
\n For the primary key, you must provide all of the key attributes. For example, with a\n simple primary key, you only need to provide a value for the partition key. For a\n composite primary key, you must provide values for both the partition key and the sort\n key.
",
"smithy.api#required": {}
}
},
@@ -2270,7 +2306,7 @@
"ReturnValues": {
"target": "com.amazonaws.dynamodb#ReturnValue",
"traits": {
- "smithy.api#documentation": "Use ReturnValues if you want to get the item attributes as they appeared\n before they were deleted. For DeleteItem, the valid values are:
\n \n - \n
\n NONE - If ReturnValues is not specified, or if its\n value is NONE, then nothing is returned. (This setting is the\n default for ReturnValues.)
\n \n - \n
\n ALL_OLD - The content of the old item is returned.
\n \n
\n There is no additional cost associated with requesting a return value aside from the\n small network and processing overhead of receiving a larger response. No read capacity\n units are consumed.
\n \n The ReturnValues parameter is used by several DynamoDB operations;\n however, DeleteItem does not recognize any values other than\n NONE or ALL_OLD.
\n "
+ "smithy.api#documentation": "Use ReturnValues if you want to get the item attributes as they appeared\n before they were deleted. For DeleteItem, the valid values are:
\n \n - \n
\n NONE - If ReturnValues is not specified, or if its\n value is NONE, then nothing is returned. (This setting is the\n default for ReturnValues.)
\n \n - \n
\n ALL_OLD - The content of the old item is returned.
\n \n
\n There is no additional cost associated with requesting a return value aside from the\n small network and processing overhead of receiving a larger response. No read capacity\n units are consumed.
\n \n The ReturnValues parameter is used by several DynamoDB operations;\n however, DeleteItem does not recognize any values other than\n NONE or ALL_OLD.
\n "
}
},
"ReturnConsumedCapacity": {
@@ -2285,24 +2321,25 @@
"ConditionExpression": {
"target": "com.amazonaws.dynamodb#ConditionExpression",
"traits": {
- "smithy.api#documentation": "A condition that must be satisfied in order for a conditional DeleteItem\n to succeed.
\n An expression can contain any of the following:
\n \n - \n
Functions: attribute_exists | attribute_not_exists | attribute_type |\n contains | begins_with | size\n
\n These function names are case-sensitive.
\n \n - \n
Comparison operators: = | <> |\n < | > | <= | >= |\n BETWEEN | IN \n
\n \n - \n
Logical operators: AND | OR | NOT\n
\n \n
\n For more information about condition expressions, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "A condition that must be satisfied in order for a conditional DeleteItem\n to succeed.
\n An expression can contain any of the following:
\n \n - \n
Functions: attribute_exists | attribute_not_exists | attribute_type |\n contains | begins_with | size\n
\n These function names are case-sensitive.
\n \n - \n
Comparison operators: = | <> |\n < | > | <= | >= |\n BETWEEN | IN \n
\n \n - \n
Logical operators: AND | OR | NOT\n
\n \n
\n For more information about condition expressions, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeNames": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeNameMap",
"traits": {
- "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeValues": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeValueMap",
"traits": {
- "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a DeleteItem operation.
"
+ "smithy.api#documentation": "Represents the input of a DeleteItem operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DeleteItemOutput": {
@@ -2317,18 +2354,19 @@
"ConsumedCapacity": {
"target": "com.amazonaws.dynamodb#ConsumedCapacity",
"traits": {
- "smithy.api#documentation": "The capacity units consumed by the DeleteItem operation. The data\n returned includes the total provisioned throughput consumed, along with statistics for\n the table and any indexes involved in the operation. ConsumedCapacity is\n only returned if the ReturnConsumedCapacity parameter was specified. For\n more information, see Provisioned Mode in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "The capacity units consumed by the DeleteItem operation. The data\n returned includes the total provisioned throughput consumed, along with statistics for\n the table and any indexes involved in the operation. ConsumedCapacity is\n only returned if the ReturnConsumedCapacity parameter was specified. For\n more information, see Provisioned Throughput in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ItemCollectionMetrics": {
"target": "com.amazonaws.dynamodb#ItemCollectionMetrics",
"traits": {
- "smithy.api#documentation": "Information about item collections, if any, that were affected by the\n DeleteItem operation. ItemCollectionMetrics is only\n returned if the ReturnItemCollectionMetrics parameter was specified. If the\n table does not have any local secondary indexes, this information is not returned in the\n response.
\n Each ItemCollectionMetrics element consists of:
\n \n - \n
\n ItemCollectionKey - The partition key value of the item collection.\n This is the same as the partition key value of the item itself.
\n \n - \n
\n SizeEstimateRangeGB - An estimate of item collection size, in\n gigabytes. This value is a two-element array containing a lower bound and an\n upper bound for the estimate. The estimate includes the size of all the items in\n the table, plus the size of all attributes projected into all of the local\n secondary indexes on that table. Use this estimate to measure whether a local\n secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the\n precision or accuracy of the estimate.
\n \n
"
+ "smithy.api#documentation": "Information about item collections, if any, that were affected by the\n DeleteItem operation. ItemCollectionMetrics is only\n returned if the ReturnItemCollectionMetrics parameter was specified. If the\n table does not have any local secondary indexes, this information is not returned in the\n response.
\n Each ItemCollectionMetrics element consists of:
\n \n - \n
\n ItemCollectionKey - The partition key value of the item collection.\n This is the same as the partition key value of the item itself.
\n \n - \n
\n SizeEstimateRangeGB - An estimate of item collection size, in\n gigabytes. This value is a two-element array containing a lower bound and an\n upper bound for the estimate. The estimate includes the size of all the items in\n the table, plus the size of all attributes projected into all of the local\n secondary indexes on that table. Use this estimate to measure whether a local\n secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the\n precision or accuracy of the estimate.
\n \n
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a DeleteItem operation.
"
+ "smithy.api#documentation": "Represents the output of a DeleteItem operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DeleteReplicaAction": {
@@ -2405,7 +2443,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "The DeleteTable operation deletes a table and all of its items. After a\n DeleteTable request, the specified table is in the\n DELETING state until DynamoDB completes the deletion. If the table is\n in the ACTIVE state, you can delete it. If a table is in\n CREATING or UPDATING states, then DynamoDB returns a\n ResourceInUseException. If the specified table does not exist, DynamoDB\n returns a ResourceNotFoundException. If table is already in the\n DELETING state, no error is returned.
\n \n DynamoDB might continue to accept data read and write operations, such as\n GetItem and PutItem, on a table in the\n DELETING state until the table deletion is complete.
\n \n When you delete a table, any indexes on that table are also deleted.
\n If you have DynamoDB Streams enabled on the table, then the corresponding stream on\n that table goes into the DISABLED state, and the stream is automatically\n deleted after 24 hours.
\n\n Use the DescribeTable action to check the status of the table.
"
+ "smithy.api#documentation": "The DeleteTable operation deletes a table and all of its items. After a\n DeleteTable request, the specified table is in the\n DELETING state until DynamoDB completes the deletion. If the table is\n in the ACTIVE state, you can delete it. If a table is in\n CREATING or UPDATING states, then DynamoDB returns a\n ResourceInUseException. If the specified table does not exist, DynamoDB\n returns a ResourceNotFoundException. If table is already in the\n DELETING state, no error is returned.
\n \n This operation only applies to Version 2019.11.21 (Current) \n of global tables.\n
\n \n \n DynamoDB might continue to accept data read and write operations, such as\n GetItem and PutItem, on a table in the\n DELETING state until the table deletion is complete.
\n \n When you delete a table, any indexes on that table are also deleted.
\n If you have DynamoDB Streams enabled on the table, then the corresponding stream on\n that table goes into the DISABLED state, and the stream is automatically\n deleted after 24 hours.
\n Use the DescribeTable action to check the status of the table.
"
}
},
"com.amazonaws.dynamodb#DeleteTableInput": {
@@ -2420,7 +2458,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a DeleteTable operation.
"
+ "smithy.api#documentation": "Represents the input of a DeleteTable operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DeleteTableOutput": {
@@ -2434,9 +2473,13 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a DeleteTable operation.
"
+ "smithy.api#documentation": "Represents the output of a DeleteTable operation.
",
+ "smithy.api#output": {}
}
},
+ "com.amazonaws.dynamodb#DeletionProtectionEnabled": {
+ "type": "boolean"
+ },
"com.amazonaws.dynamodb#DescribeBackup": {
"type": "operation",
"input": {
@@ -2460,7 +2503,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Describes an existing backup of a table.
\n You can call DescribeBackup at a maximum rate of 10 times per\n second.
"
+ "smithy.api#documentation": "Describes an existing backup of a table.
\n You can call DescribeBackup at a maximum rate of 10 times per\n second.
"
}
},
"com.amazonaws.dynamodb#DescribeBackupInput": {
@@ -2473,6 +2516,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeBackupOutput": {
@@ -2484,6 +2530,9 @@
"smithy.api#documentation": "Contains the description of the backup created for the table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeContinuousBackups": {
@@ -2509,7 +2558,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Checks the status of continuous backups and point in time recovery on the specified\n table. Continuous backups are ENABLED on all tables at table creation. If\n point in time recovery is enabled, PointInTimeRecoveryStatus will be set to\n ENABLED.
\n After continuous backups and point in time recovery are enabled, you can restore to\n any point in time within EarliestRestorableDateTime and\n LatestRestorableDateTime.
\n \n LatestRestorableDateTime is typically 5 minutes before the current time.\n You can restore your table to any point in time during the last 35 days.
\n You can call DescribeContinuousBackups at a maximum rate of 10 times per\n second.
"
+ "smithy.api#documentation": "Checks the status of continuous backups and point in time recovery on the specified\n table. Continuous backups are ENABLED on all tables at table creation. If\n point in time recovery is enabled, PointInTimeRecoveryStatus will be set to\n ENABLED.
\n After continuous backups and point in time recovery are enabled, you can restore to\n any point in time within EarliestRestorableDateTime and\n LatestRestorableDateTime.
\n \n LatestRestorableDateTime is typically 5 minutes before the current time.\n You can restore your table to any point in time during the last 35 days.
\n You can call DescribeContinuousBackups at a maximum rate of 10 times per\n second.
"
}
},
"com.amazonaws.dynamodb#DescribeContinuousBackupsInput": {
@@ -2522,6 +2571,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeContinuousBackupsOutput": {
@@ -2533,6 +2585,9 @@
"smithy.api#documentation": "Represents the continuous backups and point in time recovery settings on the\n table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeContributorInsights": {
@@ -2552,7 +2607,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns information about contributor insights, for a given table or global secondary\n index.
"
+ "smithy.api#documentation": "Returns information about contributor insights for a given table or global secondary\n index.
"
}
},
"com.amazonaws.dynamodb#DescribeContributorInsightsInput": {
@@ -2571,6 +2626,9 @@
"smithy.api#documentation": "The name of the global secondary index to describe, if applicable.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeContributorInsightsOutput": {
@@ -2609,9 +2667,12 @@
"FailureException": {
"target": "com.amazonaws.dynamodb#FailureException",
"traits": {
- "smithy.api#documentation": "Returns information about the last failure that was encountered.
\n The most common exceptions for a FAILED status are:
\n \n - \n
LimitExceededException - Per-account Amazon CloudWatch Contributor Insights\n rule limit reached. Please disable Contributor Insights for other tables/indexes\n OR disable Contributor Insights rules before retrying.
\n \n - \n
AccessDeniedException - Amazon CloudWatch Contributor Insights rules cannot be\n modified due to insufficient permissions.
\n \n - \n
AccessDeniedException - Failed to create service-linked role for Contributor\n Insights due to insufficient permissions.
\n \n - \n
InternalServerError - Failed to create Amazon CloudWatch Contributor Insights\n rules. Please retry request.
\n \n
"
+ "smithy.api#documentation": "Returns information about the last failure that was encountered.
\n The most common exceptions for a FAILED status are:
\n \n - \n
LimitExceededException - Per-account Amazon CloudWatch Contributor Insights\n rule limit reached. Please disable Contributor Insights for other tables/indexes\n OR disable Contributor Insights rules before retrying.
\n \n - \n
AccessDeniedException - Amazon CloudWatch Contributor Insights rules cannot be\n modified due to insufficient permissions.
\n \n - \n
AccessDeniedException - Failed to create service-linked role for Contributor\n Insights due to insufficient permissions.
\n \n - \n
InternalServerError - Failed to create Amazon CloudWatch Contributor Insights\n rules. Please retry request.
\n \n
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeEndpoints": {
@@ -2623,12 +2684,15 @@
"target": "com.amazonaws.dynamodb#DescribeEndpointsResponse"
},
"traits": {
- "smithy.api#documentation": "Returns the regional endpoint information.
"
+ "smithy.api#documentation": "Returns the regional endpoint information. This action must be included in your VPC \n endpoint policies, or access to the DescribeEndpoints API will be denied. For more information \n on policy permissions, please see Internetwork traffic privacy.
"
}
},
"com.amazonaws.dynamodb#DescribeEndpointsRequest": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#input": {}
+ }
},
"com.amazonaws.dynamodb#DescribeEndpointsResponse": {
"type": "structure",
@@ -2640,6 +2704,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeExport": {
@@ -2675,6 +2742,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeExportOutput": {
@@ -2686,6 +2756,9 @@
"smithy.api#documentation": "Represents the properties of the export.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeGlobalTable": {
@@ -2711,7 +2784,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Returns information about the specified global table.
\n \n This operation only applies to Version\n 2017.11.29 of global tables. If you are using global tables Version\n 2019.11.21 you can use DescribeTable instead.
\n "
+ "smithy.api#documentation": "Returns information about the specified global table.
\n \n This operation only applies to Version\n 2017.11.29 (Legacy) of global tables. We recommend using \n Version 2019.11.21 (Current)\n when creating new global tables, as it provides greater flexibility, higher efficiency and consumes less write capacity than \n 2017.11.29 (Legacy). To determine which version you are using, see \n Determining the version. \n To update existing global tables from version 2017.11.29 (Legacy) to version\n 2019.11.21 (Current), see \n Updating global tables.\n
\n "
}
},
"com.amazonaws.dynamodb#DescribeGlobalTableInput": {
@@ -2724,6 +2797,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeGlobalTableOutput": {
@@ -2735,6 +2811,9 @@
"smithy.api#documentation": "Contains the details of the global table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeGlobalTableSettings": {
@@ -2760,7 +2839,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Describes Region-specific settings for a global table.
\n \n This operation only applies to Version\n 2017.11.29 of global tables.
\n "
+ "smithy.api#documentation": "Describes Region-specific settings for a global table.
\n \n This operation only applies to Version\n 2017.11.29 (Legacy) of global tables. We recommend using\n Version 2019.11.21 (Current)\n when creating new global tables, as it provides greater flexibility, higher efficiency and consumes less write capacity than \n 2017.11.29 (Legacy). To determine which version you are using, see \n Determining the version. \n To update existing global tables from version 2017.11.29 (Legacy) to version\n 2019.11.21 (Current), see \n Updating global tables.\n
\n "
}
},
"com.amazonaws.dynamodb#DescribeGlobalTableSettingsInput": {
@@ -2773,6 +2852,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeGlobalTableSettingsOutput": {
@@ -2790,6 +2872,9 @@
"smithy.api#documentation": "The Region-specific settings for the global table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeImport": {
@@ -2819,6 +2904,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeImportOutput": {
@@ -2831,6 +2919,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeKinesisStreamingDestination": {
@@ -2869,6 +2960,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeKinesisStreamingDestinationOutput": {
@@ -2886,6 +2980,9 @@
"smithy.api#documentation": "The list of replica structures for the table being described.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeLimits": {
@@ -2908,14 +3005,15 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Returns the current provisioned-capacity quotas for your Amazon Web Services account in\n a Region, both for the Region as a whole and for any one DynamoDB table that you create\n there.
\n When you establish an Amazon Web Services account, the account has initial quotas on\n the maximum read capacity units and write capacity units that you can provision across\n all of your DynamoDB tables in a given Region. Also, there are per-table\n quotas that apply when you create a table there. For more information, see Service,\n Account, and Table Quotas page in the Amazon DynamoDB\n Developer Guide.
\n\n Although you can increase these quotas by filing a case at Amazon Web Services Support Center, obtaining the\n increase is not instantaneous. The DescribeLimits action lets you write\n code to compare the capacity you are currently using to those quotas imposed by your\n account so that you have enough time to apply for an increase before you hit a\n quota.
\n\n For example, you could use one of the Amazon Web Services SDKs to do the\n following:
\n\n \n - \n
Call DescribeLimits for a particular Region to obtain your\n current account quotas on provisioned capacity there.
\n \n - \n
Create a variable to hold the aggregate read capacity units provisioned for\n all your tables in that Region, and one to hold the aggregate write capacity\n units. Zero them both.
\n \n - \n
Call ListTables to obtain a list of all your DynamoDB\n tables.
\n \n - \n
For each table name listed by ListTables, do the\n following:
\n \n - \n
Call DescribeTable with the table name.
\n \n - \n
Use the data returned by DescribeTable to add the read\n capacity units and write capacity units provisioned for the table itself\n to your variables.
\n \n - \n
If the table has one or more global secondary indexes (GSIs), loop\n over these GSIs and add their provisioned capacity values to your\n variables as well.
\n \n
\n \n - \n
Report the account quotas for that Region returned by\n DescribeLimits, along with the total current provisioned\n capacity levels you have calculated.
\n \n
\n\n This will let you see whether you are getting close to your account-level\n quotas.
\n The per-table quotas apply only when you are creating a new table. They restrict the\n sum of the provisioned capacity of the new table itself and all its global secondary\n indexes.
\n For existing tables and their GSIs, DynamoDB doesn't let you increase provisioned\n capacity extremely rapidly, but the only quota that applies is that the aggregate\n provisioned capacity over all your tables and GSIs cannot exceed either of the\n per-account quotas.
\n \n \n DescribeLimits should only be called periodically. You can expect\n throttling errors if you call it more than once in a minute.
\n \n The DescribeLimits Request element has no content.
"
+ "smithy.api#documentation": "Returns the current provisioned-capacity quotas for your Amazon Web Services account in\n a Region, both for the Region as a whole and for any one DynamoDB table that you create\n there.
\n When you establish an Amazon Web Services account, the account has initial quotas on\n the maximum read capacity units and write capacity units that you can provision across\n all of your DynamoDB tables in a given Region. Also, there are per-table\n quotas that apply when you create a table there. For more information, see Service,\n Account, and Table Quotas page in the Amazon DynamoDB\n Developer Guide.
\n Although you can increase these quotas by filing a case at Amazon Web Services Support Center, obtaining the\n increase is not instantaneous. The DescribeLimits action lets you write\n code to compare the capacity you are currently using to those quotas imposed by your\n account so that you have enough time to apply for an increase before you hit a\n quota.
\n For example, you could use one of the Amazon Web Services SDKs to do the\n following:
\n \n - \n
Call DescribeLimits for a particular Region to obtain your\n current account quotas on provisioned capacity there.
\n \n - \n
Create a variable to hold the aggregate read capacity units provisioned for\n all your tables in that Region, and one to hold the aggregate write capacity\n units. Zero them both.
\n \n - \n
Call ListTables to obtain a list of all your DynamoDB\n tables.
\n \n - \n
For each table name listed by ListTables, do the\n following:
\n \n - \n
Call DescribeTable with the table name.
\n \n - \n
Use the data returned by DescribeTable to add the read\n capacity units and write capacity units provisioned for the table itself\n to your variables.
\n \n - \n
If the table has one or more global secondary indexes (GSIs), loop\n over these GSIs and add their provisioned capacity values to your\n variables as well.
\n \n
\n \n - \n
Report the account quotas for that Region returned by\n DescribeLimits, along with the total current provisioned\n capacity levels you have calculated.
\n \n
\n This will let you see whether you are getting close to your account-level\n quotas.
\n The per-table quotas apply only when you are creating a new table. They restrict the\n sum of the provisioned capacity of the new table itself and all its global secondary\n indexes.
\n For existing tables and their GSIs, DynamoDB doesn't let you increase provisioned\n capacity extremely rapidly, but the only quota that applies is that the aggregate\n provisioned capacity over all your tables and GSIs cannot exceed either of the\n per-account quotas.
\n \n \n DescribeLimits should only be called periodically. You can expect\n throttling errors if you call it more than once in a minute.
\n \n The DescribeLimits Request element has no content.
"
}
},
"com.amazonaws.dynamodb#DescribeLimitsInput": {
"type": "structure",
"members": {},
"traits": {
- "smithy.api#documentation": "Represents the input of a DescribeLimits operation. Has no\n content.
"
+ "smithy.api#documentation": "Represents the input of a DescribeLimits operation. Has no\n content.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeLimitsOutput": {
@@ -2947,7 +3045,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a DescribeLimits operation.
"
+ "smithy.api#documentation": "Represents the output of a DescribeLimits operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeTable": {
@@ -2973,7 +3072,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Returns information about the table, including the current status of the table, when\n it was created, the primary key schema, and any indexes on the table.
\n \n If you issue a DescribeTable request immediately after a\n CreateTable request, DynamoDB might return a\n ResourceNotFoundException. This is because\n DescribeTable uses an eventually consistent query, and the metadata\n for your table might not be available at that moment. Wait for a few seconds, and\n then try the DescribeTable request again.
\n ",
+ "smithy.api#documentation": "Returns information about the table, including the current status of the table, when\n it was created, the primary key schema, and any indexes on the table.
\n \n This operation only applies to Version 2019.11.21 (Current) \n of global tables.\n
\n \n \n If you issue a DescribeTable request immediately after a\n CreateTable request, DynamoDB might return a\n ResourceNotFoundException. This is because\n DescribeTable uses an eventually consistent query, and the metadata\n for your table might not be available at that moment. Wait for a few seconds, and\n then try the DescribeTable request again.
\n ",
"smithy.waiters#waitable": {
"TableExists": {
"acceptors": [
@@ -3022,7 +3121,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a DescribeTable operation.
"
+ "smithy.api#documentation": "Represents the input of a DescribeTable operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeTableOutput": {
@@ -3036,7 +3136,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a DescribeTable operation.
"
+ "smithy.api#documentation": "Represents the output of a DescribeTable operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeTableReplicaAutoScaling": {
@@ -3056,7 +3157,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Describes auto scaling settings across replicas of the global table at once.
\n \n This operation only applies to Version\n 2019.11.21 of global tables.
\n "
+ "smithy.api#documentation": "Describes auto scaling settings across replicas of the global table at once.
\n \n This operation only applies to Version 2019.11.21 (Current)\n of global tables.
\n "
}
},
"com.amazonaws.dynamodb#DescribeTableReplicaAutoScalingInput": {
@@ -3069,6 +3170,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeTableReplicaAutoScalingOutput": {
@@ -3080,6 +3184,9 @@
"smithy.api#documentation": "Represents the auto scaling properties of the table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DescribeTimeToLive": {
@@ -3118,6 +3225,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#DescribeTimeToLiveOutput": {
@@ -3129,6 +3239,9 @@
"smithy.api#documentation": ""
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#DestinationStatus": {
@@ -3198,7 +3311,7 @@
"smithy.api#documentation": "Stops replication from the DynamoDB table to the Kinesis data stream. This is done\n without deleting either of the resources.
"
}
},
- "com.amazonaws.dynamodb#Double": {
+ "com.amazonaws.dynamodb#DoubleObject": {
"type": "double"
},
"com.amazonaws.dynamodb#DuplicateItemException": {
@@ -3393,7 +3506,7 @@
"name": "dynamodb"
},
"aws.protocols#awsJson1_0": {},
- "smithy.api#documentation": "Amazon DynamoDB\n\n Amazon DynamoDB is a fully managed NoSQL database service that provides fast\n and predictable performance with seamless scalability. DynamoDB lets you\n offload the administrative burdens of operating and scaling a distributed database, so\n that you don't have to worry about hardware provisioning, setup and configuration,\n replication, software patching, or cluster scaling.
\n\n With DynamoDB, you can create database tables that can store and retrieve\n any amount of data, and serve any level of request traffic. You can scale up or scale\n down your tables' throughput capacity without downtime or performance degradation, and\n use the Amazon Web Services Management Console to monitor resource utilization and performance\n metrics.
\n\n DynamoDB automatically spreads the data and traffic for your tables over\n a sufficient number of servers to handle your throughput and storage requirements, while\n maintaining consistent and fast performance. All of your data is stored on solid state\n disks (SSDs) and automatically replicated across multiple Availability Zones in an\n Amazon Web Services Region, providing built-in high availability and data\n durability.
",
+ "smithy.api#documentation": "Amazon DynamoDB\n Amazon DynamoDB is a fully managed NoSQL database service that provides fast\n and predictable performance with seamless scalability. DynamoDB lets you\n offload the administrative burdens of operating and scaling a distributed database, so\n that you don't have to worry about hardware provisioning, setup and configuration,\n replication, software patching, or cluster scaling.
\n With DynamoDB, you can create database tables that can store and retrieve\n any amount of data, and serve any level of request traffic. You can scale up or scale\n down your tables' throughput capacity without downtime or performance degradation, and\n use the Amazon Web Services Management Console to monitor resource utilization and performance\n metrics.
\n DynamoDB automatically spreads the data and traffic for your tables over\n a sufficient number of servers to handle your throughput and storage requirements, while\n maintaining consistent and fast performance. All of your data is stored on solid state\n disks (SSDs) and automatically replicated across multiple Availability Zones in an\n Amazon Web Services Region, providing built-in high availability and data\n durability.
",
"smithy.api#title": "Amazon DynamoDB",
"smithy.api#xmlNamespace": {
"uri": "http://dynamodb.amazonaws.com/doc/2012-08-10/"
@@ -3403,7 +3516,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -3432,13 +3545,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -3446,14 +3558,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -3462,67 +3580,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -3531,187 +3624,275 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://dynamodb-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://dynamodb-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
{
"conditions": [
{
- "fn": "stringEquals",
+ "fn": "booleanEquals",
"argv": [
- "aws-us-gov",
+ true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "name"
+ "supportsFIPS"
]
}
]
}
],
- "endpoint": {
- "url": "https://dynamodb.{Region}.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ "aws-us-gov",
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "name"
+ ]
+ }
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://dynamodb.{Region}.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://dynamodb-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
},
{
"conditions": [],
- "endpoint": {
- "url": "https://dynamodb-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://dynamodb.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "local"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "http://localhost:8000",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "dynamodb",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://dynamodb.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://dynamodb.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -3720,55 +3901,13 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "local"
- ]
- }
- ],
- "endpoint": {
- "url": "http://localhost:8000",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "dynamodb"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://dynamodb.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -3777,55 +3916,68 @@
"smithy.rules#endpointTests": {
"testCases": [
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.me-south-1.amazonaws.com"
+ "url": "https://dynamodb.af-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "af-south-1",
"UseDualStack": false,
- "Region": "me-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.ca-central-1.amazonaws.com"
+ "url": "https://dynamodb.ap-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-east-1",
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb-fips.ca-central-1.amazonaws.com"
+ "url": "https://dynamodb.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "ap-northeast-1",
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.ap-southeast-1.amazonaws.com"
+ "url": "https://dynamodb.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-2",
"UseDualStack": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://dynamodb.ap-northeast-3.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "ap-northeast-3",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
@@ -3836,22 +3988,22 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-south-1",
"UseDualStack": false,
- "Region": "ap-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.eu-south-1.amazonaws.com"
+ "url": "https://dynamodb.ap-southeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-1",
"UseDualStack": false,
- "Region": "eu-south-1"
+ "UseFIPS": false
}
},
{
@@ -3862,174 +4014,174 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-2",
"UseDualStack": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.ap-northeast-1.amazonaws.com"
+ "url": "https://dynamodb.ap-southeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-3",
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.ap-northeast-2.amazonaws.com"
+ "url": "https://dynamodb.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.ap-northeast-3.amazonaws.com"
+ "url": "https://dynamodb-fips.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "ap-northeast-3"
+ "UseFIPS": true
}
},
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.sa-east-1.amazonaws.com"
+ "url": "https://dynamodb.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-central-1",
"UseDualStack": false,
- "Region": "sa-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.ap-southeast-3.amazonaws.com"
+ "url": "https://dynamodb.eu-north-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-north-1",
"UseDualStack": false,
- "Region": "ap-southeast-3"
+ "UseFIPS": false
}
},
{
- "documentation": "For region local with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "properties": {
- "authSchemes": [
- {
- "signingName": "dynamodb",
- "name": "sigv4",
- "signingRegion": "us-east-1"
- }
- ]
- },
- "url": "http://localhost:8000"
+ "url": "https://dynamodb.eu-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-south-1",
"UseDualStack": false,
- "Region": "local"
+ "UseFIPS": false
}
},
{
- "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.af-south-1.amazonaws.com"
+ "url": "https://dynamodb.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-1",
"UseDualStack": false,
- "Region": "af-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.eu-north-1.amazonaws.com"
+ "url": "https://dynamodb.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-2",
"UseDualStack": false,
- "Region": "eu-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.ap-east-1.amazonaws.com"
+ "url": "https://dynamodb.eu-west-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-3",
"UseDualStack": false,
- "Region": "ap-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region local with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.eu-west-1.amazonaws.com"
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "dynamodb",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "url": "http://localhost:8000"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "local",
"UseDualStack": false,
- "Region": "eu-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.eu-west-2.amazonaws.com"
+ "url": "https://dynamodb.me-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "me-south-1",
"UseDualStack": false,
- "Region": "eu-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.eu-west-3.amazonaws.com"
+ "url": "https://dynamodb.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "sa-east-1",
"UseDualStack": false,
- "Region": "eu-west-3"
+ "UseFIPS": false
}
},
{
@@ -4040,9 +4192,9 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
@@ -4053,9 +4205,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
@@ -4066,9 +4218,9 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
@@ -4079,22 +4231,9 @@
}
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
- "Region": "us-east-2"
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://dynamodb.eu-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": true
}
},
{
@@ -4105,9 +4244,9 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-1",
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": false
}
},
{
@@ -4118,9 +4257,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-west-1",
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": true
}
},
{
@@ -4131,9 +4270,9 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
@@ -4144,9 +4283,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": true
}
},
{
@@ -4157,9 +4296,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
@@ -4170,230 +4309,243 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.us-gov-west-1.amazonaws.com"
+ "url": "https://dynamodb.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.us-gov-west-1.amazonaws.com"
+ "url": "https://dynamodb.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-northwest-1",
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.us-gov-east-1.amazonaws.com"
+ "url": "https://dynamodb-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "us-gov-east-1"
+ "Region": "cn-north-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.us-gov-east-1.amazonaws.com"
+ "url": "https://dynamodb-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb-fips.us-gov-east-1.api.aws"
+ "url": "https://dynamodb.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.us-gov-east-1.api.aws"
+ "url": "https://dynamodb.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "us-gov-east-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://dynamodb.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://dynamodb.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://dynamodb.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "Region": "cn-northwest-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.cn-north-1.amazonaws.com.cn"
+ "url": "https://dynamodb-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "cn-north-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://dynamodb.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-east-1",
"UseDualStack": true,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://dynamodb.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://dynamodb.us-iso-west-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "us-iso-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.us-iso-west-1.c2s.ic.gov"
+ "url": "https://dynamodb-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "us-iso-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb.us-iso-east-1.c2s.ic.gov"
+ "url": "https://dynamodb.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://dynamodb-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://dynamodb-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
+ "Region": "us-east-1",
+ "UseDualStack": false,
"UseFIPS": false,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
"UseDualStack": false,
- "Region": "us-east-1",
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -4403,9 +4555,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
"Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true,
"Endpoint": "https://example.com"
}
},
@@ -4415,9 +4567,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
"Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
}
@@ -4540,7 +4692,7 @@
}
],
"traits": {
- "smithy.api#documentation": "This operation allows you to perform reads and singleton writes on data stored in\n DynamoDB, using PartiQL.
\n For PartiQL reads (SELECT statement), if the total number of processed\n items exceeds the maximum dataset size limit of 1 MB, the read stops and results are\n returned to the user as a LastEvaluatedKey value to continue the read in a\n subsequent operation. If the filter criteria in WHERE clause does not match\n any data, the read will return an empty result set.
\n A single SELECT statement response can return up to the maximum number of\n items (if using the Limit parameter) or a maximum of 1 MB of data (and then apply any\n filtering to the results using WHERE clause). If\n LastEvaluatedKey is present in the response, you need to paginate the\n result set.
"
+ "smithy.api#documentation": "This operation allows you to perform reads and singleton writes on data stored in\n DynamoDB, using PartiQL.
\n For PartiQL reads (SELECT statement), if the total number of processed\n items exceeds the maximum dataset size limit of 1 MB, the read stops and results are\n returned to the user as a LastEvaluatedKey value to continue the read in a\n subsequent operation. If the filter criteria in WHERE clause does not match\n any data, the read will return an empty result set.
\n A single SELECT statement response can return up to the maximum number of\n items (if using the Limit parameter) or a maximum of 1 MB of data (and then apply any\n filtering to the results using WHERE clause). If\n LastEvaluatedKey is present in the response, you need to paginate the\n result set. If NextToken is present, you need to paginate the result set and include \n NextToken.
"
}
},
"com.amazonaws.dynamodb#ExecuteStatementInput": {
@@ -4580,6 +4732,9 @@
"smithy.api#documentation": "The maximum number of items to evaluate (not necessarily the number of matching\n items). If DynamoDB processes the number of items up to the limit while processing the\n results, it stops the operation and returns the matching values up to that point, along\n with a key in LastEvaluatedKey to apply in a subsequent operation so you\n can pick up where you left off. Also, if the processed dataset size exceeds 1 MB before\n DynamoDB reaches this limit, it stops the operation and returns the matching values up\n to the limit, and a key in LastEvaluatedKey to apply in a subsequent\n operation to continue the operation.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ExecuteStatementOutput": {
@@ -4606,6 +4761,9 @@
"smithy.api#documentation": "The primary key of the item where the operation stopped, inclusive of the previous\n result set. Use this value to start a new operation, excluding this value in the new\n request. If LastEvaluatedKey is empty, then the \"last page\" of results has\n been processed and there is no more data to be retrieved. If\n LastEvaluatedKey is not empty, it does not necessarily mean that there\n is more data in the result set. The only way to know when you have reached the end of\n the result set is when LastEvaluatedKey is empty.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ExecuteTransaction": {
@@ -4640,7 +4798,7 @@
}
],
"traits": {
- "smithy.api#documentation": "This operation allows you to perform transactional reads or writes on data stored in\n DynamoDB, using PartiQL.
\n \n The entire transaction must consist of either read statements or write statements,\n you cannot mix both in one transaction. The EXISTS function is an exception and can\n be used to check the condition of specific attributes of the item in a similar\n manner to ConditionCheck in the TransactWriteItems API.
\n "
+ "smithy.api#documentation": "This operation allows you to perform transactional reads or writes on data stored in\n DynamoDB, using PartiQL.
\n \n The entire transaction must consist of either read statements or write statements,\n you cannot mix both in one transaction. The EXISTS function is an exception and can\n be used to check the condition of specific attributes of the item in a similar\n manner to ConditionCheck in the TransactWriteItems API.
\n "
}
},
"com.amazonaws.dynamodb#ExecuteTransactionInput": {
@@ -4666,6 +4824,9 @@
"smithy.api#documentation": "Determines the level of detail about either provisioned or on-demand throughput\n consumption that is returned in the response. For more information, see TransactGetItems and TransactWriteItems.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ExecuteTransactionOutput": {
@@ -4683,6 +4844,9 @@
"smithy.api#documentation": "The capacity units consumed by the entire operation. The values of the list are\n ordered according to the ordering of the statements.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ExpectedAttributeMap": {
@@ -4700,30 +4864,30 @@
"Value": {
"target": "com.amazonaws.dynamodb#AttributeValue",
"traits": {
- "smithy.api#documentation": "Represents the data for the expected attribute.
\n Each attribute value is described as a name-value pair. The name is the data type, and\n the value is the data itself.
\n For more information, see Data Types in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "Represents the data for the expected attribute.
\n Each attribute value is described as a name-value pair. The name is the data type, and\n the value is the data itself.
\n For more information, see Data Types in the Amazon DynamoDB Developer\n Guide.
"
}
},
"Exists": {
"target": "com.amazonaws.dynamodb#BooleanObject",
"traits": {
- "smithy.api#documentation": "Causes DynamoDB to evaluate the value before attempting a conditional\n operation:
\n \n - \n
If Exists is true, DynamoDB will check to\n see if that attribute value already exists in the table. If it is found, then\n the operation succeeds. If it is not found, the operation fails with a\n ConditionCheckFailedException.
\n \n - \n
If Exists is false, DynamoDB assumes that\n the attribute value does not exist in the table. If in fact the value does not\n exist, then the assumption is valid and the operation succeeds. If the value is\n found, despite the assumption that it does not exist, the operation fails with a\n ConditionCheckFailedException.
\n \n
\n The default setting for Exists is true. If you supply a\n Value all by itself, DynamoDB assumes the attribute exists:\n You don't have to set Exists to true, because it is\n implied.
\n DynamoDB returns a ValidationException if:
\n \n - \n
\n Exists is true but there is no Value to\n check. (You expect a value to exist, but don't specify what that value\n is.)
\n \n - \n
\n Exists is false but you also provide a\n Value. (You cannot expect an attribute to have a value, while\n also expecting it not to exist.)
\n \n
"
+ "smithy.api#documentation": "Causes DynamoDB to evaluate the value before attempting a conditional\n operation:
\n \n - \n
If Exists is true, DynamoDB will check to\n see if that attribute value already exists in the table. If it is found, then\n the operation succeeds. If it is not found, the operation fails with a\n ConditionCheckFailedException.
\n \n - \n
If Exists is false, DynamoDB assumes that\n the attribute value does not exist in the table. If in fact the value does not\n exist, then the assumption is valid and the operation succeeds. If the value is\n found, despite the assumption that it does not exist, the operation fails with a\n ConditionCheckFailedException.
\n \n
\n The default setting for Exists is true. If you supply a\n Value all by itself, DynamoDB assumes the attribute exists:\n You don't have to set Exists to true, because it is\n implied.
\n DynamoDB returns a ValidationException if:
\n \n - \n
\n Exists is true but there is no Value to\n check. (You expect a value to exist, but don't specify what that value\n is.)
\n \n - \n
\n Exists is false but you also provide a\n Value. (You cannot expect an attribute to have a value, while\n also expecting it not to exist.)
\n \n
"
}
},
"ComparisonOperator": {
"target": "com.amazonaws.dynamodb#ComparisonOperator",
"traits": {
- "smithy.api#documentation": "A comparator for evaluating attributes in the AttributeValueList. For\n example, equals, greater than, less than, etc.
\n The following comparison operators are available:
\n \n EQ | NE | LE | LT | GE | GT | NOT_NULL | NULL | CONTAINS | NOT_CONTAINS |\n BEGINS_WITH | IN | BETWEEN\n
\n The following are descriptions of each comparison operator.
\n \n - \n
\n EQ : Equal. EQ is supported for all data types,\n including lists and maps.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, Binary, String Set, Number Set, or Binary Set.\n If an item contains an AttributeValue element of a different type\n than the one provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not equal {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n NE : Not equal. NE is supported for all data types,\n including lists and maps.
\n \n AttributeValueList can contain only one AttributeValue\n of type String, Number, Binary, String Set, Number Set, or Binary Set. If an\n item contains an AttributeValue of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not equal {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n LE : Less than or equal.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n LT : Less than.
\n \n AttributeValueList can contain only one AttributeValue\n of type String, Number, or Binary (not a set type). If an item contains an\n AttributeValue element of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not compare to {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n GE : Greater than or equal.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n GT : Greater than.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n NOT_NULL : The attribute exists. NOT_NULL is supported\n for all data types, including lists and maps.
\n \n This operator tests for the existence of an attribute, not its data type.\n If the data type of attribute \"a\" is null, and you evaluate it\n using NOT_NULL, the result is a Boolean true. This\n result is because the attribute \"a\" exists; its data type is\n not relevant to the NOT_NULL comparison operator.
\n \n \n - \n
\n NULL : The attribute does not exist. NULL is supported\n for all data types, including lists and maps.
\n \n This operator tests for the nonexistence of an attribute, not its data\n type. If the data type of attribute \"a\" is null, and you\n evaluate it using NULL, the result is a Boolean\n false. This is because the attribute \"a\"\n exists; its data type is not relevant to the NULL comparison\n operator.
\n \n \n - \n
\n CONTAINS : Checks for a subsequence, or value in a set.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If the target\n attribute of the comparison is of type String, then the operator checks for a\n substring match. If the target attribute of the comparison is of type Binary,\n then the operator looks for a subsequence of the target that matches the input.\n If the target attribute of the comparison is a set (\"SS\",\n \"NS\", or \"BS\"), then the operator evaluates to\n true if it finds an exact match with any member of the set.
\n CONTAINS is supported for lists: When evaluating \"a CONTAINS b\",\n \"a\" can be a list; however, \"b\" cannot be a set, a\n map, or a list.
\n \n - \n
\n NOT_CONTAINS : Checks for absence of a subsequence, or absence of a\n value in a set.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If the target\n attribute of the comparison is a String, then the operator checks for the\n absence of a substring match. If the target attribute of the comparison is\n Binary, then the operator checks for the absence of a subsequence of the target\n that matches the input. If the target attribute of the comparison is a set\n (\"SS\", \"NS\", or \"BS\"), then the\n operator evaluates to true if it does not find an exact\n match with any member of the set.
\n NOT_CONTAINS is supported for lists: When evaluating \"a NOT CONTAINS\n b\", \"a\" can be a list; however, \"b\" cannot\n be a set, a map, or a list.
\n \n - \n
\n BEGINS_WITH : Checks for a prefix.
\n \n AttributeValueList can contain only one AttributeValue\n of type String or Binary (not a Number or a set type). The target attribute of\n the comparison must be of type String or Binary (not a Number or a set\n type).
\n \n \n - \n
\n IN : Checks for matching elements in a list.
\n \n AttributeValueList can contain one or more\n AttributeValue elements of type String, Number, or Binary.\n These attributes are compared against an existing attribute of an item. If any\n elements of the input are equal to the item attribute, the expression evaluates\n to true.
\n \n - \n
\n BETWEEN : Greater than or equal to the first value, and less than\n or equal to the second value.
\n \n AttributeValueList must contain two AttributeValue\n elements of the same type, either String, Number, or Binary (not a set type). A\n target attribute matches if the target value is greater than, or equal to, the\n first element and less than, or equal to, the second element. If an item\n contains an AttributeValue element of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not compare to {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not compare to {\"NS\":[\"6\", \"2\",\n \"1\"]}\n
\n \n
"
+ "smithy.api#documentation": "A comparator for evaluating attributes in the AttributeValueList. For\n example, equals, greater than, less than, etc.
\n The following comparison operators are available:
\n \n EQ | NE | LE | LT | GE | GT | NOT_NULL | NULL | CONTAINS | NOT_CONTAINS |\n BEGINS_WITH | IN | BETWEEN\n
\n The following are descriptions of each comparison operator.
\n \n - \n
\n EQ : Equal. EQ is supported for all data types,\n including lists and maps.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, Binary, String Set, Number Set, or Binary Set.\n If an item contains an AttributeValue element of a different type\n than the one provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not equal {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n NE : Not equal. NE is supported for all data types,\n including lists and maps.
\n \n AttributeValueList can contain only one AttributeValue\n of type String, Number, Binary, String Set, Number Set, or Binary Set. If an\n item contains an AttributeValue of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not equal {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n LE : Less than or equal.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n LT : Less than.
\n \n AttributeValueList can contain only one AttributeValue\n of type String, Number, or Binary (not a set type). If an item contains an\n AttributeValue element of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not equal {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not compare to {\"NS\":[\"6\", \"2\",\n \"1\"]}.
\n \n \n - \n
\n GE : Greater than or equal.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n GT : Greater than.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If an item contains\n an AttributeValue element of a different type than the one provided\n in the request, the value does not match. For example, {\"S\":\"6\"}\n does not equal {\"N\":\"6\"}. Also, {\"N\":\"6\"} does not\n compare to {\"NS\":[\"6\", \"2\", \"1\"]}.
\n \n \n - \n
\n NOT_NULL : The attribute exists. NOT_NULL is supported\n for all data types, including lists and maps.
\n \n This operator tests for the existence of an attribute, not its data type.\n If the data type of attribute \"a\" is null, and you evaluate it\n using NOT_NULL, the result is a Boolean true. This\n result is because the attribute \"a\" exists; its data type is\n not relevant to the NOT_NULL comparison operator.
\n \n \n - \n
\n NULL : The attribute does not exist. NULL is supported\n for all data types, including lists and maps.
\n \n This operator tests for the nonexistence of an attribute, not its data\n type. If the data type of attribute \"a\" is null, and you\n evaluate it using NULL, the result is a Boolean\n false. This is because the attribute \"a\"\n exists; its data type is not relevant to the NULL comparison\n operator.
\n \n \n - \n
\n CONTAINS : Checks for a subsequence, or value in a set.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If the target\n attribute of the comparison is of type String, then the operator checks for a\n substring match. If the target attribute of the comparison is of type Binary,\n then the operator looks for a subsequence of the target that matches the input.\n If the target attribute of the comparison is a set (\"SS\",\n \"NS\", or \"BS\"), then the operator evaluates to\n true if it finds an exact match with any member of the set.
\n CONTAINS is supported for lists: When evaluating \"a CONTAINS b\",\n \"a\" can be a list; however, \"b\" cannot be a set, a\n map, or a list.
\n \n - \n
\n NOT_CONTAINS : Checks for absence of a subsequence, or absence of a\n value in a set.
\n \n AttributeValueList can contain only one AttributeValue\n element of type String, Number, or Binary (not a set type). If the target\n attribute of the comparison is a String, then the operator checks for the\n absence of a substring match. If the target attribute of the comparison is\n Binary, then the operator checks for the absence of a subsequence of the target\n that matches the input. If the target attribute of the comparison is a set\n (\"SS\", \"NS\", or \"BS\"), then the\n operator evaluates to true if it does not find an exact\n match with any member of the set.
\n NOT_CONTAINS is supported for lists: When evaluating \"a NOT CONTAINS\n b\", \"a\" can be a list; however, \"b\" cannot\n be a set, a map, or a list.
\n \n - \n
\n BEGINS_WITH : Checks for a prefix.
\n \n AttributeValueList can contain only one AttributeValue\n of type String or Binary (not a Number or a set type). The target attribute of\n the comparison must be of type String or Binary (not a Number or a set\n type).
\n \n \n - \n
\n IN : Checks for matching elements in a list.
\n \n AttributeValueList can contain one or more\n AttributeValue elements of type String, Number, or Binary.\n These attributes are compared against an existing attribute of an item. If any\n elements of the input are equal to the item attribute, the expression evaluates\n to true.
\n \n - \n
\n BETWEEN : Greater than or equal to the first value, and less than\n or equal to the second value.
\n \n AttributeValueList must contain two AttributeValue\n elements of the same type, either String, Number, or Binary (not a set type). A\n target attribute matches if the target value is greater than, or equal to, the\n first element and less than, or equal to, the second element. If an item\n contains an AttributeValue element of a different type than the one\n provided in the request, the value does not match. For example,\n {\"S\":\"6\"} does not compare to {\"N\":\"6\"}. Also,\n {\"N\":\"6\"} does not compare to {\"NS\":[\"6\", \"2\",\n \"1\"]}\n
\n \n
"
}
},
"AttributeValueList": {
"target": "com.amazonaws.dynamodb#AttributeValueList",
"traits": {
- "smithy.api#documentation": "One or more values to evaluate against the supplied attribute. The number of values in\n the list depends on the ComparisonOperator being used.
\n For type Number, value comparisons are numeric.
\n String value comparisons for greater than, equals, or less than are based on ASCII\n character code values. For example, a is greater than A, and\n a is greater than B. For a list of code values, see http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters.
\n For Binary, DynamoDB treats each byte of the binary data as unsigned when it\n compares binary values.
\n For information on specifying data types in JSON, see JSON Data Format\n in the Amazon DynamoDB Developer Guide.
"
+ "smithy.api#documentation": "One or more values to evaluate against the supplied attribute. The number of values in\n the list depends on the ComparisonOperator being used.
\n For type Number, value comparisons are numeric.
\n String value comparisons for greater than, equals, or less than are based on ASCII\n character code values. For example, a is greater than A, and\n a is greater than B. For a list of code values, see http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters.
\n For Binary, DynamoDB treats each byte of the binary data as unsigned when it\n compares binary values.
\n For information on specifying data types in JSON, see JSON Data Format\n in the Amazon DynamoDB Developer Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents a condition to be compared with an attribute value. This condition can be\n used with DeleteItem, PutItem, or UpdateItem\n operations; if the comparison evaluates to true, the operation succeeds; if not, the\n operation fails. You can use ExpectedAttributeValue in one of two different\n ways:
\n \n - \n
Use AttributeValueList to specify one or more values to compare\n against an attribute. Use ComparisonOperator to specify how you\n want to perform the comparison. If the comparison evaluates to true, then the\n conditional operation succeeds.
\n \n - \n
Use Value to specify a value that DynamoDB will compare against\n an attribute. If the values match, then ExpectedAttributeValue\n evaluates to true and the conditional operation succeeds. Optionally, you can\n also set Exists to false, indicating that you do\n not expect to find the attribute value in the table. In this\n case, the conditional operation succeeds only if the comparison evaluates to\n false.
\n \n
\n \n Value and Exists are incompatible with\n AttributeValueList and ComparisonOperator. Note that if\n you use both sets of parameters at once, DynamoDB will return a\n ValidationException exception.
"
+ "smithy.api#documentation": "Represents a condition to be compared with an attribute value. This condition can be\n used with DeleteItem, PutItem, or UpdateItem\n operations; if the comparison evaluates to true, the operation succeeds; if not, the\n operation fails. You can use ExpectedAttributeValue in one of two different\n ways:
\n \n - \n
Use AttributeValueList to specify one or more values to compare\n against an attribute. Use ComparisonOperator to specify how you\n want to perform the comparison. If the comparison evaluates to true, then the\n conditional operation succeeds.
\n \n - \n
Use Value to specify a value that DynamoDB will compare against\n an attribute. If the values match, then ExpectedAttributeValue\n evaluates to true and the conditional operation succeeds. Optionally, you can\n also set Exists to false, indicating that you do\n not expect to find the attribute value in the table. In this\n case, the conditional operation succeeds only if the comparison evaluates to\n false.
\n \n
\n \n Value and Exists are incompatible with\n AttributeValueList and ComparisonOperator. Note that if\n you use both sets of parameters at once, DynamoDB will return a\n ValidationException exception.
"
}
},
"com.amazonaws.dynamodb#ExportArn": {
@@ -4825,7 +4989,7 @@
"S3SseAlgorithm": {
"target": "com.amazonaws.dynamodb#S3SseAlgorithm",
"traits": {
- "smithy.api#documentation": "Type of encryption used on the bucket where export data is stored. Valid values for\n S3SseAlgorithm are:
\n "
+ "smithy.api#documentation": "Type of encryption used on the bucket where export data is stored. Valid values for\n S3SseAlgorithm are:
\n "
}
},
"S3SseKmsKeyId": {
@@ -5010,7 +5174,7 @@
"ClientToken": {
"target": "com.amazonaws.dynamodb#ClientToken",
"traits": {
- "smithy.api#documentation": "Providing a ClientToken makes the call to\n ExportTableToPointInTimeInput idempotent, meaning that multiple\n identical calls have the same effect as one single call.
\n A client token is valid for 8 hours after the first request that uses it is completed.\n After 8 hours, any request with the same client token is treated as a new request. Do\n not resubmit the same request with the same client token for more than 8 hours, or the\n result might not be idempotent.
\n If you submit a request with the same client token but a change in other parameters\n within the 8-hour idempotency window, DynamoDB returns an\n ImportConflictException.
",
+ "smithy.api#documentation": "Providing a ClientToken makes the call to\n ExportTableToPointInTimeInput idempotent, meaning that multiple\n identical calls have the same effect as one single call.
\n A client token is valid for 8 hours after the first request that uses it is completed.\n After 8 hours, any request with the same client token is treated as a new request. Do\n not resubmit the same request with the same client token for more than 8 hours, or the\n result might not be idempotent.
\n If you submit a request with the same client token but a change in other parameters\n within the 8-hour idempotency window, DynamoDB returns an\n ImportConflictException.
",
"smithy.api#idempotencyToken": {}
}
},
@@ -5036,7 +5200,7 @@
"S3SseAlgorithm": {
"target": "com.amazonaws.dynamodb#S3SseAlgorithm",
"traits": {
- "smithy.api#documentation": "Type of encryption used on the bucket where export data will be stored. Valid values\n for S3SseAlgorithm are:
\n "
+ "smithy.api#documentation": "Type of encryption used on the bucket where export data will be stored. Valid values\n for S3SseAlgorithm are:
\n "
}
},
"S3SseKmsKeyId": {
@@ -5051,6 +5215,9 @@
"smithy.api#documentation": "The format for the exported data. Valid values for ExportFormat are\n DYNAMODB_JSON or ION.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ExportTableToPointInTimeOutput": {
@@ -5062,6 +5229,9 @@
"smithy.api#documentation": "Contains a description of the table export.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ExportTime": {
@@ -5189,7 +5359,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "The GetItem operation returns a set of attributes for the item with the\n given primary key. If there is no matching item, GetItem does not return\n any data and there will be no Item element in the response.
\n \n GetItem provides an eventually consistent read by default. If your\n application requires a strongly consistent read, set ConsistentRead to\n true. Although a strongly consistent read might take more time than an\n eventually consistent read, it always returns the last updated value.
"
+ "smithy.api#documentation": "The GetItem operation returns a set of attributes for the item with the\n given primary key. If there is no matching item, GetItem does not return\n any data and there will be no Item element in the response.
\n \n GetItem provides an eventually consistent read by default. If your\n application requires a strongly consistent read, set ConsistentRead to\n true. Although a strongly consistent read might take more time than an\n eventually consistent read, it always returns the last updated value.
"
}
},
"com.amazonaws.dynamodb#GetItemInput": {
@@ -5205,7 +5375,7 @@
"Key": {
"target": "com.amazonaws.dynamodb#Key",
"traits": {
- "smithy.api#documentation": "A map of attribute names to AttributeValue objects, representing the\n primary key of the item to retrieve.
\n For the primary key, you must provide all of the attributes. For example, with a\n simple primary key, you only need to provide a value for the partition key. For a\n composite primary key, you must provide values for both the partition key and the sort\n key.
",
+ "smithy.api#documentation": "A map of attribute names to AttributeValue objects, representing the\n primary key of the item to retrieve.
\n For the primary key, you must provide all of the attributes. For example, with a\n simple primary key, you only need to provide a value for the partition key. For a\n composite primary key, you must provide values for both the partition key and the sort\n key.
",
"smithy.api#required": {}
}
},
@@ -5227,18 +5397,19 @@
"ProjectionExpression": {
"target": "com.amazonaws.dynamodb#ProjectionExpression",
"traits": {
- "smithy.api#documentation": "A string that identifies one or more attributes to retrieve from the table. These\n attributes can include scalars, sets, or elements of a JSON document. The attributes in\n the expression must be separated by commas.
\n If no attribute names are specified, then all attributes are returned. If any of the\n requested attributes are not found, they do not appear in the result.
\n For more information, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "A string that identifies one or more attributes to retrieve from the table. These\n attributes can include scalars, sets, or elements of a JSON document. The attributes in\n the expression must be separated by commas.
\n If no attribute names are specified, then all attributes are returned. If any of the\n requested attributes are not found, they do not appear in the result.
\n For more information, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeNames": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeNameMap",
"traits": {
- "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a GetItem operation.
"
+ "smithy.api#documentation": "Represents the input of a GetItem operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#GetItemOutput": {
@@ -5253,12 +5424,13 @@
"ConsumedCapacity": {
"target": "com.amazonaws.dynamodb#ConsumedCapacity",
"traits": {
- "smithy.api#documentation": "The capacity units consumed by the GetItem operation. The data returned\n includes the total provisioned throughput consumed, along with statistics for the table\n and any indexes involved in the operation. ConsumedCapacity is only\n returned if the ReturnConsumedCapacity parameter was specified. For more\n information, see Read/Write Capacity Mode in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "The capacity units consumed by the GetItem operation. The data returned\n includes the total provisioned throughput consumed, along with statistics for the table\n and any indexes involved in the operation. ConsumedCapacity is only\n returned if the ReturnConsumedCapacity parameter was specified. For more\n information, see Provisioned Throughput in the Amazon DynamoDB Developer\n Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a GetItem operation.
"
+ "smithy.api#documentation": "Represents the output of a GetItem operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#GlobalSecondaryIndex": {
@@ -5274,7 +5446,7 @@
"KeySchema": {
"target": "com.amazonaws.dynamodb#KeySchema",
"traits": {
- "smithy.api#documentation": "The complete key schema for a global secondary index, which consists of one or more\n pairs of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n ",
+ "smithy.api#documentation": "The complete key schema for a global secondary index, which consists of one or more\n pairs of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n ",
"smithy.api#required": {}
}
},
@@ -5288,7 +5460,7 @@
"ProvisionedThroughput": {
"target": "com.amazonaws.dynamodb#ProvisionedThroughput",
"traits": {
- "smithy.api#documentation": "Represents the provisioned throughput settings for the specified global secondary\n index.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "Represents the provisioned throughput settings for the specified global secondary\n index.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
}
}
},
@@ -5336,7 +5508,7 @@
"KeySchema": {
"target": "com.amazonaws.dynamodb#KeySchema",
"traits": {
- "smithy.api#documentation": "The complete key schema for a global secondary index, which consists of one or more\n pairs of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across\n partitions, based on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with\n the same partition key physically close together, in sorted order by the sort key\n value.
\n "
+ "smithy.api#documentation": "The complete key schema for a global secondary index, which consists of one or more\n pairs of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across\n partitions, based on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with\n the same partition key physically close together, in sorted order by the sort key\n value.
\n "
}
},
"Projection": {
@@ -5348,29 +5520,29 @@
"IndexStatus": {
"target": "com.amazonaws.dynamodb#IndexStatus",
"traits": {
- "smithy.api#documentation": "The current state of the global secondary index:
\n \n - \n
\n CREATING - The index is being created.
\n \n - \n
\n UPDATING - The index is being updated.
\n \n - \n
\n DELETING - The index is being deleted.
\n \n - \n
\n ACTIVE - The index is ready for use.
\n \n
"
+ "smithy.api#documentation": "The current state of the global secondary index:
\n \n - \n
\n CREATING - The index is being created.
\n \n - \n
\n UPDATING - The index is being updated.
\n \n - \n
\n DELETING - The index is being deleted.
\n \n - \n
\n ACTIVE - The index is ready for use.
\n \n
"
}
},
"Backfilling": {
"target": "com.amazonaws.dynamodb#Backfilling",
"traits": {
- "smithy.api#documentation": "Indicates whether the index is currently backfilling. Backfilling\n is the process of reading items from the table and determining whether they can be added\n to the index. (Not all items will qualify: For example, a partition key cannot have any\n duplicate values.) If an item can be added to the index, DynamoDB will do so. After all\n items have been processed, the backfilling operation is complete and\n Backfilling is false.
\n You can delete an index that is being created during the Backfilling\n phase when IndexStatus is set to CREATING and Backfilling is\n true. You can't delete the index that is being created when IndexStatus is\n set to CREATING and Backfilling is false.
\n \n For indexes that were created during a CreateTable operation, the\n Backfilling attribute does not appear in the\n DescribeTable output.
\n "
+ "smithy.api#documentation": "Indicates whether the index is currently backfilling. Backfilling\n is the process of reading items from the table and determining whether they can be added\n to the index. (Not all items will qualify: For example, a partition key cannot have any\n duplicate values.) If an item can be added to the index, DynamoDB will do so. After all\n items have been processed, the backfilling operation is complete and\n Backfilling is false.
\n You can delete an index that is being created during the Backfilling\n phase when IndexStatus is set to CREATING and Backfilling is\n true. You can't delete the index that is being created when IndexStatus is\n set to CREATING and Backfilling is false.
\n \n For indexes that were created during a CreateTable operation, the\n Backfilling attribute does not appear in the\n DescribeTable output.
\n "
}
},
"ProvisionedThroughput": {
"target": "com.amazonaws.dynamodb#ProvisionedThroughputDescription",
"traits": {
- "smithy.api#documentation": "Represents the provisioned throughput settings for the specified global secondary\n index.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "Represents the provisioned throughput settings for the specified global secondary\n index.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
}
},
"IndexSizeBytes": {
- "target": "com.amazonaws.dynamodb#Long",
+ "target": "com.amazonaws.dynamodb#LongObject",
"traits": {
"smithy.api#documentation": "The total size of the specified index, in bytes. DynamoDB updates this value\n approximately every six hours. Recent changes might not be reflected in this\n value.
"
}
},
"ItemCount": {
- "target": "com.amazonaws.dynamodb#Long",
+ "target": "com.amazonaws.dynamodb#LongObject",
"traits": {
"smithy.api#documentation": "The number of items in the specified index. DynamoDB updates this value approximately\n every six hours. Recent changes might not be reflected in this value.
"
}
@@ -5404,7 +5576,7 @@
"KeySchema": {
"target": "com.amazonaws.dynamodb#KeySchema",
"traits": {
- "smithy.api#documentation": "The complete key schema for a global secondary index, which consists of one or more\n pairs of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across\n partitions, based on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with\n the same partition key physically close together, in sorted order by the sort key\n value.
\n "
+ "smithy.api#documentation": "The complete key schema for a global secondary index, which consists of one or more\n pairs of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across\n partitions, based on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with\n the same partition key physically close together, in sorted order by the sort key\n value.
\n "
}
},
"Projection": {
@@ -5442,7 +5614,7 @@
"Create": {
"target": "com.amazonaws.dynamodb#CreateGlobalSecondaryIndexAction",
"traits": {
- "smithy.api#documentation": "The parameters required for creating a global secondary index on an existing\n table:
\n "
+ "smithy.api#documentation": "The parameters required for creating a global secondary index on an existing\n table:
\n "
}
},
"Delete": {
@@ -5453,7 +5625,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents one of the following:
\n \n - \n
A new global secondary index to be added to an existing table.
\n \n - \n
New provisioned throughput parameters for an existing global secondary\n index.
\n \n - \n
An existing global secondary index to be removed from an existing\n table.
\n \n
"
+ "smithy.api#documentation": "Represents one of the following:
\n \n - \n
A new global secondary index to be added to an existing table.
\n \n - \n
New provisioned throughput parameters for an existing global secondary\n index.
\n \n - \n
An existing global secondary index to be removed from an existing\n table.
\n \n
"
}
},
"com.amazonaws.dynamodb#GlobalSecondaryIndexUpdateList": {
@@ -5527,7 +5699,7 @@
"GlobalTableStatus": {
"target": "com.amazonaws.dynamodb#GlobalTableStatus",
"traits": {
- "smithy.api#documentation": "The current state of the global table:
\n \n - \n
\n CREATING - The global table is being created.
\n \n - \n
\n UPDATING - The global table is being updated.
\n \n - \n
\n DELETING - The global table is being deleted.
\n \n - \n
\n ACTIVE - The global table is ready for use.
\n \n
"
+ "smithy.api#documentation": "The current state of the global table:
\n \n - \n
\n CREATING - The global table is being created.
\n \n - \n
\n UPDATING - The global table is being updated.
\n \n - \n
\n DELETING - The global table is being deleted.
\n \n - \n
\n ACTIVE - The global table is ready for use.
\n \n
"
}
},
"GlobalTableName": {
@@ -5897,7 +6069,7 @@
}
},
"ProcessedSizeBytes": {
- "target": "com.amazonaws.dynamodb#Long",
+ "target": "com.amazonaws.dynamodb#LongObject",
"traits": {
"smithy.api#documentation": " The total size of data processed from the source file, in Bytes.
"
}
@@ -5939,7 +6111,7 @@
"ClientToken": {
"target": "com.amazonaws.dynamodb#ClientToken",
"traits": {
- "smithy.api#documentation": "Providing a ClientToken makes the call to ImportTableInput\n idempotent, meaning that multiple identical calls have the same effect as one single\n call.
\n A client token is valid for 8 hours after the first request that uses it is completed.\n After 8 hours, any request with the same client token is treated as a new request. Do\n not resubmit the same request with the same client token for more than 8 hours, or the\n result might not be idempotent.
\n If you submit a request with the same client token but a change in other parameters\n within the 8-hour idempotency window, DynamoDB returns an\n IdempotentParameterMismatch exception.
",
+ "smithy.api#documentation": "Providing a ClientToken makes the call to ImportTableInput\n idempotent, meaning that multiple identical calls have the same effect as one single\n call.
\n A client token is valid for 8 hours after the first request that uses it is completed.\n After 8 hours, any request with the same client token is treated as a new request. Do\n not resubmit the same request with the same client token for more than 8 hours, or the\n result might not be idempotent.
\n If you submit a request with the same client token but a change in other parameters\n within the 8-hour idempotency window, DynamoDB returns an\n IdempotentParameterMismatch exception.
",
"smithy.api#idempotencyToken": {}
}
},
@@ -5976,6 +6148,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ImportTableOutput": {
@@ -5988,6 +6163,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ImportedItemCount": {
@@ -6191,7 +6369,7 @@
"SizeEstimateRangeGB": {
"target": "com.amazonaws.dynamodb#ItemCollectionSizeEstimateRange",
"traits": {
- "smithy.api#documentation": "An estimate of item collection size, in gigabytes. This value is a two-element array\n containing a lower bound and an upper bound for the estimate. The estimate includes the\n size of all the items in the table, plus the size of all attributes projected into all\n of the local secondary indexes on that table. Use this estimate to measure whether a\n local secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the precision\n or accuracy of the estimate.
"
+ "smithy.api#documentation": "An estimate of item collection size, in gigabytes. This value is a two-element array\n containing a lower bound and an upper bound for the estimate. The estimate includes the\n size of all the items in the table, plus the size of all attributes projected into all\n of the local secondary indexes on that table. Use this estimate to measure whether a\n local secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the precision\n or accuracy of the estimate.
"
}
}
},
@@ -6351,13 +6529,13 @@
"KeyType": {
"target": "com.amazonaws.dynamodb#KeyType",
"traits": {
- "smithy.api#documentation": "The role that this key attribute will assume:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across\n partitions, based on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with\n the same partition key physically close together, in sorted order by the sort key\n value.
\n ",
+ "smithy.api#documentation": "The role that this key attribute will assume:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across\n partitions, based on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with\n the same partition key physically close together, in sorted order by the sort key\n value.
\n ",
"smithy.api#required": {}
}
}
},
"traits": {
- "smithy.api#documentation": "Represents a single element of a key schema. A key schema\n specifies the attributes that make up the primary key of a table, or the key attributes\n of an index.
\n A KeySchemaElement represents exactly one attribute of the primary key.\n For example, a simple primary key would be represented by one\n KeySchemaElement (for the partition key). A composite primary key would\n require one KeySchemaElement for the partition key, and another\n KeySchemaElement for the sort key.
\n A KeySchemaElement must be a scalar, top-level attribute (not a nested\n attribute). The data type must be one of String, Number, or Binary. The attribute cannot\n be nested within a List or a Map.
"
+ "smithy.api#documentation": "Represents a single element of a key schema. A key schema\n specifies the attributes that make up the primary key of a table, or the key attributes\n of an index.
\n A KeySchemaElement represents exactly one attribute of the primary key.\n For example, a simple primary key would be represented by one\n KeySchemaElement (for the partition key). A composite primary key would\n require one KeySchemaElement for the partition key, and another\n KeySchemaElement for the sort key.
\n A KeySchemaElement must be a scalar, top-level attribute (not a nested\n attribute). The data type must be one of String, Number, or Binary. The attribute cannot\n be nested within a List or a Map.
"
}
},
"com.amazonaws.dynamodb#KeyType": {
@@ -6402,18 +6580,18 @@
"ProjectionExpression": {
"target": "com.amazonaws.dynamodb#ProjectionExpression",
"traits": {
- "smithy.api#documentation": "A string that identifies one or more attributes to retrieve from the table. These\n attributes can include scalars, sets, or elements of a JSON document. The attributes in\n the ProjectionExpression must be separated by commas.
\n If no attribute names are specified, then all attributes will be returned. If any of\n the requested attributes are not found, they will not appear in the result.
\n For more information, see Accessing Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "A string that identifies one or more attributes to retrieve from the table. These\n attributes can include scalars, sets, or elements of a JSON document. The attributes in\n the ProjectionExpression must be separated by commas.
\n If no attribute names are specified, then all attributes will be returned. If any of\n the requested attributes are not found, they will not appear in the result.
\n For more information, see Accessing Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeNames": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeNameMap",
"traits": {
- "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Accessing Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Accessing Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents a set of primary keys and, for each key, the attributes to retrieve from\n the table.
\n For each primary key, you must provide all of the key attributes.\n For example, with a simple primary key, you only need to provide the partition key. For\n a composite primary key, you must provide both the partition key\n and the sort key.
"
+ "smithy.api#documentation": "Represents a set of primary keys and, for each key, the attributes to retrieve from\n the table.
\n For each primary key, you must provide all of the key attributes.\n For example, with a simple primary key, you only need to provide the partition key. For\n a composite primary key, you must provide both the partition key\n and the sort key.
"
}
},
"com.amazonaws.dynamodb#KinesisDataStreamDestination": {
@@ -6504,7 +6682,7 @@
}
},
"traits": {
- "smithy.api#documentation": "There is no limit to the number of daily on-demand backups that can be taken.
\n For most purposes, up to 500 simultaneous table operations are allowed per account. These operations\n include CreateTable, UpdateTable,\n DeleteTable,UpdateTimeToLive,\n RestoreTableFromBackup, and RestoreTableToPointInTime.
\n When you are creating a table with one or more secondary\n indexes, you can have up to 250 such requests running at a time. However, if the table or\n index specifications are complex, then DynamoDB might temporarily reduce the number\n of concurrent operations.
\n When importing into DynamoDB, up to 50 simultaneous import table operations are allowed per account.
\n There is a soft account quota of 2,500 tables.
",
+ "smithy.api#documentation": "There is no limit to the number of daily on-demand backups that can be taken.
\n For most purposes, up to 500 simultaneous table operations are allowed per account. These operations\n include CreateTable, UpdateTable,\n DeleteTable,UpdateTimeToLive,\n RestoreTableFromBackup, and RestoreTableToPointInTime.
\n When you are creating a table with one or more secondary\n indexes, you can have up to 250 such requests running at a time. However, if the table or\n index specifications are complex, then DynamoDB might temporarily reduce the number\n of concurrent operations.
\n When importing into DynamoDB, up to 50 simultaneous import table operations are allowed per account.
\n There is a soft account quota of 2,500 tables.
",
"smithy.api#error": "client"
}
},
@@ -6534,7 +6712,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "List backups associated with an Amazon Web Services account. To list backups for a\n given table, specify TableName. ListBackups returns a\n paginated list of results with at most 1 MB worth of items in a page. You can also\n specify a maximum number of entries to be returned in a page.
\n In the request, start time is inclusive, but end time is exclusive. Note that these\n boundaries are for the time at which the original backup was requested.
\n You can call ListBackups a maximum of five times per second.
"
+ "smithy.api#documentation": "List backups associated with an Amazon Web Services account. To list backups for a\n given table, specify TableName. ListBackups returns a\n paginated list of results with at most 1 MB worth of items in a page. You can also\n specify a maximum number of entries to be returned in a page.
\n In the request, start time is inclusive, but end time is exclusive. Note that these\n boundaries are for the time at which the original backup was requested.
\n You can call ListBackups a maximum of five times per second.
"
}
},
"com.amazonaws.dynamodb#ListBackupsInput": {
@@ -6573,9 +6751,12 @@
"BackupType": {
"target": "com.amazonaws.dynamodb#BackupTypeFilter",
"traits": {
- "smithy.api#documentation": "The backups from the table specified by BackupType are listed.
\n Where BackupType can be:
\n \n - \n
\n USER - On-demand backup created by you. (The default setting if no\n other backup types are specified.)
\n \n - \n
\n SYSTEM - On-demand backup automatically created by DynamoDB.
\n \n - \n
\n ALL - All types of on-demand backups (USER and SYSTEM).
\n \n
"
+ "smithy.api#documentation": "The backups from the table specified by BackupType are listed.
\n Where BackupType can be:
\n \n - \n
\n USER - On-demand backup created by you. (The default setting if no\n other backup types are specified.)
\n \n - \n
\n SYSTEM - On-demand backup automatically created by DynamoDB.
\n \n - \n
\n ALL - All types of on-demand backups (USER and SYSTEM).
\n \n
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ListBackupsOutput": {
@@ -6590,9 +6771,12 @@
"LastEvaluatedBackupArn": {
"target": "com.amazonaws.dynamodb#BackupArn",
"traits": {
- "smithy.api#documentation": " The ARN of the backup last evaluated when the current page of results was returned,\n inclusive of the current page of results. This value may be specified as the\n ExclusiveStartBackupArn of a new ListBackups operation in\n order to fetch the next page of results.
\n If LastEvaluatedBackupArn is empty, then the last page of results has\n been processed and there are no more results to be retrieved.
\n If LastEvaluatedBackupArn is not empty, this may or may not indicate\n that there is more data to be returned. All results are guaranteed to have been returned\n if and only if no value for LastEvaluatedBackupArn is returned.
"
+ "smithy.api#documentation": " The ARN of the backup last evaluated when the current page of results was returned,\n inclusive of the current page of results. This value may be specified as the\n ExclusiveStartBackupArn of a new ListBackups operation in\n order to fetch the next page of results.
\n If LastEvaluatedBackupArn is empty, then the last page of results has\n been processed and there are no more results to be retrieved.
\n If LastEvaluatedBackupArn is not empty, this may or may not indicate\n that there is more data to be returned. All results are guaranteed to have been returned\n if and only if no value for LastEvaluatedBackupArn is returned.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ListContributorInsights": {
@@ -6642,6 +6826,9 @@
"smithy.api#documentation": "Maximum number of results to return per page.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ListContributorInsightsLimit": {
@@ -6668,6 +6855,9 @@
"smithy.api#documentation": "A token to go to the next page if there is one.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ListExports": {
@@ -6716,6 +6906,9 @@
"smithy.api#documentation": "An optional string that, if supplied, must be copied from the output of a previous\n call to ListExports. When provided in this manner, the API fetches the next\n page of results.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ListExportsMaxLimit": {
@@ -6742,6 +6935,9 @@
"smithy.api#documentation": "If this value is returned, there are additional results to be displayed. To retrieve\n them, call ListExports again, with NextToken set to this\n value.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ListGlobalTables": {
@@ -6764,7 +6960,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Lists all global tables that have a replica in the specified Region.
\n \n This operation only applies to Version\n 2017.11.29 of global tables.
\n "
+ "smithy.api#documentation": "Lists all global tables that have a replica in the specified Region.
\n \n This operation only applies to Version\n 2017.11.29 (Legacy) of global tables. We recommend using\n Version 2019.11.21 (Current)\n when creating new global tables, as it provides greater flexibility, higher efficiency and consumes less write capacity than \n 2017.11.29 (Legacy). To determine which version you are using, see \n Determining the version. \n To update existing global tables from version 2017.11.29 (Legacy) to version\n 2019.11.21 (Current), see \n Updating global tables.\n
\n "
}
},
"com.amazonaws.dynamodb#ListGlobalTablesInput": {
@@ -6779,7 +6975,7 @@
"Limit": {
"target": "com.amazonaws.dynamodb#PositiveIntegerObject",
"traits": {
- "smithy.api#documentation": "The maximum number of table names to return, if the parameter is not specified\n DynamoDB defaults to 100.
\n If the number of global tables DynamoDB finds reaches this limit, it stops the\n operation and returns the table names collected up to that point, with a table name in\n the LastEvaluatedGlobalTableName to apply in a subsequent operation to the\n ExclusiveStartGlobalTableName parameter.
"
+ "smithy.api#documentation": "The maximum number of table names to return, if the parameter is not specified\n DynamoDB defaults to 100.
\n If the number of global tables DynamoDB finds reaches this limit, it stops the\n operation and returns the table names collected up to that point, with a table name in\n the LastEvaluatedGlobalTableName to apply in a subsequent operation to the\n ExclusiveStartGlobalTableName parameter.
"
}
},
"RegionName": {
@@ -6788,6 +6984,9 @@
"smithy.api#documentation": "Lists the global tables in a specific Region.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ListGlobalTablesOutput": {
@@ -6805,6 +7004,9 @@
"smithy.api#documentation": "Last evaluated global table name.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ListImports": {
@@ -6850,6 +7052,9 @@
"smithy.api#documentation": " An optional string that, if supplied, must be copied from the output of a previous\n call to ListImports. When provided in this manner, the API fetches the next\n page of results.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ListImportsMaxLimit": {
@@ -6876,6 +7081,9 @@
"smithy.api#documentation": " If this value is returned, there are additional results to be displayed. To retrieve\n them, call ListImports again, with NextToken set to this\n value.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ListTables": {
@@ -6924,7 +7132,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a ListTables operation.
"
+ "smithy.api#documentation": "Represents the input of a ListTables operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ListTablesInputLimit": {
@@ -6942,18 +7151,19 @@
"TableNames": {
"target": "com.amazonaws.dynamodb#TableNameList",
"traits": {
- "smithy.api#documentation": "The names of the tables associated with the current account at the current endpoint.\n The maximum size of this array is 100.
\n If LastEvaluatedTableName also appears in the output, you can use this\n value as the ExclusiveStartTableName parameter in a subsequent\n ListTables request and obtain the next page of results.
"
+ "smithy.api#documentation": "The names of the tables associated with the current account at the current endpoint.\n The maximum size of this array is 100.
\n If LastEvaluatedTableName also appears in the output, you can use this\n value as the ExclusiveStartTableName parameter in a subsequent\n ListTables request and obtain the next page of results.
"
}
},
"LastEvaluatedTableName": {
"target": "com.amazonaws.dynamodb#TableName",
"traits": {
- "smithy.api#documentation": "The name of the last table in the current page of results. Use this value as the\n ExclusiveStartTableName in a new request to obtain the next page of\n results, until all the table names are returned.
\n If you do not receive a LastEvaluatedTableName value in the response,\n this means that there are no more table names to be retrieved.
"
+ "smithy.api#documentation": "The name of the last table in the current page of results. Use this value as the\n ExclusiveStartTableName in a new request to obtain the next page of\n results, until all the table names are returned.
\n If you do not receive a LastEvaluatedTableName value in the response,\n this means that there are no more table names to be retrieved.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a ListTables operation.
"
+ "smithy.api#documentation": "Represents the output of a ListTables operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ListTagsOfResource": {
@@ -6979,7 +7189,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "List all tags on an Amazon DynamoDB resource. You can call ListTagsOfResource up to 10\n times per second, per account.
\n For an overview on tagging DynamoDB resources, see Tagging for DynamoDB\n in the Amazon DynamoDB Developer Guide.
"
+ "smithy.api#documentation": "List all tags on an Amazon DynamoDB resource. You can call ListTagsOfResource up to 10\n times per second, per account.
\n For an overview on tagging DynamoDB resources, see Tagging for DynamoDB\n in the Amazon DynamoDB Developer Guide.
"
}
},
"com.amazonaws.dynamodb#ListTagsOfResourceInput": {
@@ -6998,6 +7208,9 @@
"smithy.api#documentation": "An optional string that, if supplied, must be copied from the output of a previous\n call to ListTagOfResource. When provided in this manner, this API fetches the next page\n of results.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ListTagsOfResourceOutput": {
@@ -7015,6 +7228,9 @@
"smithy.api#documentation": "If this value is returned, there are additional results to be displayed. To retrieve\n them, call ListTagsOfResource again, with NextToken set to this value.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#LocalSecondaryIndex": {
@@ -7030,7 +7246,7 @@
"KeySchema": {
"target": "com.amazonaws.dynamodb#KeySchema",
"traits": {
- "smithy.api#documentation": "The complete key schema for the local secondary index, consisting of one or more pairs\n of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n ",
+ "smithy.api#documentation": "The complete key schema for the local secondary index, consisting of one or more pairs\n of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n ",
"smithy.api#required": {}
}
},
@@ -7058,7 +7274,7 @@
"KeySchema": {
"target": "com.amazonaws.dynamodb#KeySchema",
"traits": {
- "smithy.api#documentation": "The complete key schema for the local secondary index, consisting of one or more pairs\n of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n "
+ "smithy.api#documentation": "The complete key schema for the local secondary index, consisting of one or more pairs\n of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n "
}
},
"Projection": {
@@ -7068,13 +7284,13 @@
}
},
"IndexSizeBytes": {
- "target": "com.amazonaws.dynamodb#Long",
+ "target": "com.amazonaws.dynamodb#LongObject",
"traits": {
"smithy.api#documentation": "The total size of the specified index, in bytes. DynamoDB updates this value\n approximately every six hours. Recent changes might not be reflected in this\n value.
"
}
},
"ItemCount": {
- "target": "com.amazonaws.dynamodb#Long",
+ "target": "com.amazonaws.dynamodb#LongObject",
"traits": {
"smithy.api#documentation": "The number of items in the specified index. DynamoDB updates this value\n approximately every six hours. Recent changes might not be reflected in this\n value.
"
}
@@ -7108,7 +7324,7 @@
"KeySchema": {
"target": "com.amazonaws.dynamodb#KeySchema",
"traits": {
- "smithy.api#documentation": "The complete key schema for a local secondary index, which consists of one or more\n pairs of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n "
+ "smithy.api#documentation": "The complete key schema for a local secondary index, which consists of one or more\n pairs of attribute names and key types:
\n \n - \n
\n HASH - partition key
\n \n - \n
\n RANGE - sort key
\n \n
\n \n The partition key of an item is also known as its hash\n attribute. The term \"hash attribute\" derives from DynamoDB's usage of\n an internal hash function to evenly distribute data items across partitions, based\n on their partition key values.
\n The sort key of an item is also known as its range attribute.\n The term \"range attribute\" derives from the way DynamoDB stores items with the same\n partition key physically close together, in sorted order by the sort key\n value.
\n "
}
},
"Projection": {
@@ -7135,6 +7351,12 @@
}
},
"com.amazonaws.dynamodb#Long": {
+ "type": "long",
+ "traits": {
+ "smithy.api#default": 0
+ }
+ },
+ "com.amazonaws.dynamodb#LongObject": {
"type": "long"
},
"com.amazonaws.dynamodb#MapAttributeValue": {
@@ -7265,7 +7487,7 @@
"PointInTimeRecoveryStatus": {
"target": "com.amazonaws.dynamodb#PointInTimeRecoveryStatus",
"traits": {
- "smithy.api#documentation": "The current state of point in time recovery:
\n "
+ "smithy.api#documentation": "The current state of point in time recovery:
\n "
}
},
"EarliestRestorableDateTime": {
@@ -7371,13 +7593,13 @@
"ProjectionType": {
"target": "com.amazonaws.dynamodb#ProjectionType",
"traits": {
- "smithy.api#documentation": "The set of attributes that are projected into the index:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are projected into the\n index.
\n \n - \n
\n INCLUDE - In addition to the attributes described in\n KEYS_ONLY, the secondary index will include other non-key\n attributes that you specify.
\n \n - \n
\n ALL - All of the table attributes are projected into the\n index.
\n \n
"
+ "smithy.api#documentation": "The set of attributes that are projected into the index:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are projected into the\n index.
\n \n - \n
\n INCLUDE - In addition to the attributes described in\n KEYS_ONLY, the secondary index will include other non-key\n attributes that you specify.
\n \n - \n
\n ALL - All of the table attributes are projected into the\n index.
\n \n
"
}
},
"NonKeyAttributes": {
"target": "com.amazonaws.dynamodb#NonKeyAttributeNameList",
"traits": {
- "smithy.api#documentation": "Represents the non-key attribute names which will be projected into the index.
\n For local secondary indexes, the total count of NonKeyAttributes summed\n across all of the local secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct attributes when\n determining the total.
"
+ "smithy.api#documentation": "Represents the non-key attribute names which will be projected into the index.
\n For local secondary indexes, the total count of NonKeyAttributes summed\n across all of the local secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct attributes when\n determining the total.
"
}
}
},
@@ -7417,20 +7639,20 @@
"ReadCapacityUnits": {
"target": "com.amazonaws.dynamodb#PositiveLongObject",
"traits": {
- "smithy.api#documentation": "The maximum number of strongly consistent reads consumed per second before DynamoDB\n returns a ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
\n If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
",
+ "smithy.api#documentation": "The maximum number of strongly consistent reads consumed per second before DynamoDB\n returns a ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
\n If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
",
"smithy.api#required": {}
}
},
"WriteCapacityUnits": {
"target": "com.amazonaws.dynamodb#PositiveLongObject",
"traits": {
- "smithy.api#documentation": "The maximum number of writes consumed per second before DynamoDB returns a\n ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
\n If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
",
+ "smithy.api#documentation": "The maximum number of writes consumed per second before DynamoDB returns a\n ThrottlingException. For more information, see Specifying Read and Write Requirements in the Amazon DynamoDB\n Developer Guide.
\n If read/write capacity mode is PAY_PER_REQUEST the value is set to\n 0.
",
"smithy.api#required": {}
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the provisioned throughput settings for a specified table or index. The\n settings can be modified using the UpdateTable operation.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "Represents the provisioned throughput settings for a specified table or index. The\n settings can be modified using the UpdateTable operation.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
"
}
},
"com.amazonaws.dynamodb#ProvisionedThroughputDescription": {
@@ -7584,7 +7806,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Creates a new item, or replaces an old item with a new item. If an item that has the\n same primary key as the new item already exists in the specified table, the new item\n completely replaces the existing item. You can perform a conditional put operation (add\n a new item if one with the specified primary key doesn't exist), or replace an existing\n item if it has certain attribute values. You can return the item's attribute values in\n the same operation, using the ReturnValues parameter.
\n\n When you add an item, the primary key attributes are the only required attributes.\n
\n Empty String and Binary attribute values are allowed. Attribute values of type String\n and Binary must have a length greater than zero if the attribute is used as a key\n attribute for a table or index. Set type attributes cannot be empty.
\n Invalid Requests with empty values will be rejected with a\n ValidationException exception.
\n \n To prevent a new item from replacing an existing item, use a conditional\n expression that contains the attribute_not_exists function with the\n name of the attribute being used as the partition key for the table. Since every\n record must contain that attribute, the attribute_not_exists function\n will only succeed if no matching item exists.
\n \n For more information about PutItem, see Working with\n Items in the Amazon DynamoDB Developer Guide.
"
+ "smithy.api#documentation": "Creates a new item, or replaces an old item with a new item. If an item that has the\n same primary key as the new item already exists in the specified table, the new item\n completely replaces the existing item. You can perform a conditional put operation (add\n a new item if one with the specified primary key doesn't exist), or replace an existing\n item if it has certain attribute values. You can return the item's attribute values in\n the same operation, using the ReturnValues parameter.
\n When you add an item, the primary key attributes are the only required attributes.\n
\n Empty String and Binary attribute values are allowed. Attribute values of type String\n and Binary must have a length greater than zero if the attribute is used as a key\n attribute for a table or index. Set type attributes cannot be empty.
\n Invalid Requests with empty values will be rejected with a\n ValidationException exception.
\n \n To prevent a new item from replacing an existing item, use a conditional\n expression that contains the attribute_not_exists function with the\n name of the attribute being used as the partition key for the table. Since every\n record must contain that attribute, the attribute_not_exists function\n will only succeed if no matching item exists.
\n \n For more information about PutItem, see Working with\n Items in the Amazon DynamoDB Developer Guide.
"
}
},
"com.amazonaws.dynamodb#PutItemInput": {
@@ -7600,7 +7822,7 @@
"Item": {
"target": "com.amazonaws.dynamodb#PutItemInputAttributeMap",
"traits": {
- "smithy.api#documentation": "A map of attribute name/value pairs, one for each attribute. Only the primary key\n attributes are required; you can optionally provide other attribute name-value pairs for\n the item.
\n You must provide all of the attributes for the primary key. For example, with a simple\n primary key, you only need to provide a value for the partition key. For a composite\n primary key, you must provide both values for both the partition key and the sort\n key.
\n If you specify any attributes that are part of an index key, then the data types for\n those attributes must match those of the schema in the table's attribute\n definition.
\n Empty String and Binary attribute values are allowed. Attribute values of type String\n and Binary must have a length greater than zero if the attribute is used as a key\n attribute for a table or index.
\n\n For more information about primary keys, see Primary Key in the Amazon DynamoDB Developer\n Guide.
\n Each element in the Item map is an AttributeValue\n object.
",
+ "smithy.api#documentation": "A map of attribute name/value pairs, one for each attribute. Only the primary key\n attributes are required; you can optionally provide other attribute name-value pairs for\n the item.
\n You must provide all of the attributes for the primary key. For example, with a simple\n primary key, you only need to provide a value for the partition key. For a composite\n primary key, you must provide both values for both the partition key and the sort\n key.
\n If you specify any attributes that are part of an index key, then the data types for\n those attributes must match those of the schema in the table's attribute\n definition.
\n Empty String and Binary attribute values are allowed. Attribute values of type String\n and Binary must have a length greater than zero if the attribute is used as a key\n attribute for a table or index.
\n For more information about primary keys, see Primary Key in the Amazon DynamoDB Developer\n Guide.
\n Each element in the Item map is an AttributeValue\n object.
",
"smithy.api#required": {}
}
},
@@ -7613,7 +7835,7 @@
"ReturnValues": {
"target": "com.amazonaws.dynamodb#ReturnValue",
"traits": {
- "smithy.api#documentation": "Use ReturnValues if you want to get the item attributes as they appeared\n before they were updated with the PutItem request. For\n PutItem, the valid values are:
\n \n - \n
\n NONE - If ReturnValues is not specified, or if its\n value is NONE, then nothing is returned. (This setting is the\n default for ReturnValues.)
\n \n - \n
\n ALL_OLD - If PutItem overwrote an attribute name-value\n pair, then the content of the old item is returned.
\n \n
\n The values returned are strongly consistent.
\n There is no additional cost associated with requesting a return value aside from the\n small network and processing overhead of receiving a larger response. No read capacity\n units are consumed.
\n \n The ReturnValues parameter is used by several DynamoDB operations;\n however, PutItem does not recognize any values other than\n NONE or ALL_OLD.
\n "
+ "smithy.api#documentation": "Use ReturnValues if you want to get the item attributes as they appeared\n before they were updated with the PutItem request. For\n PutItem, the valid values are:
\n \n - \n
\n NONE - If ReturnValues is not specified, or if its\n value is NONE, then nothing is returned. (This setting is the\n default for ReturnValues.)
\n \n - \n
\n ALL_OLD - If PutItem overwrote an attribute name-value\n pair, then the content of the old item is returned.
\n \n
\n The values returned are strongly consistent.
\n There is no additional cost associated with requesting a return value aside from the\n small network and processing overhead of receiving a larger response. No read capacity\n units are consumed.
\n \n The ReturnValues parameter is used by several DynamoDB operations;\n however, PutItem does not recognize any values other than\n NONE or ALL_OLD.
\n "
}
},
"ReturnConsumedCapacity": {
@@ -7634,24 +7856,25 @@
"ConditionExpression": {
"target": "com.amazonaws.dynamodb#ConditionExpression",
"traits": {
- "smithy.api#documentation": "A condition that must be satisfied in order for a conditional PutItem\n operation to succeed.
\n An expression can contain any of the following:
\n \n - \n
Functions: attribute_exists | attribute_not_exists | attribute_type |\n contains | begins_with | size\n
\n These function names are case-sensitive.
\n \n - \n
Comparison operators: = | <> |\n < | > | <= | >= |\n BETWEEN | IN \n
\n \n - \n
Logical operators: AND | OR | NOT\n
\n \n
\n For more information on condition expressions, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "A condition that must be satisfied in order for a conditional PutItem\n operation to succeed.
\n An expression can contain any of the following:
\n \n - \n
Functions: attribute_exists | attribute_not_exists | attribute_type |\n contains | begins_with | size\n
\n These function names are case-sensitive.
\n \n - \n
Comparison operators: = | <> |\n < | > | <= | >= |\n BETWEEN | IN \n
\n \n - \n
Logical operators: AND | OR | NOT\n
\n \n
\n For more information on condition expressions, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeNames": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeNameMap",
"traits": {
- "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeValues": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeValueMap",
"traits": {
- "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a PutItem operation.
"
+ "smithy.api#documentation": "Represents the input of a PutItem operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#PutItemInputAttributeMap": {
@@ -7675,18 +7898,19 @@
"ConsumedCapacity": {
"target": "com.amazonaws.dynamodb#ConsumedCapacity",
"traits": {
- "smithy.api#documentation": "The capacity units consumed by the PutItem operation. The data returned\n includes the total provisioned throughput consumed, along with statistics for the table\n and any indexes involved in the operation. ConsumedCapacity is only\n returned if the ReturnConsumedCapacity parameter was specified. For more\n information, see Read/Write Capacity Mode in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "The capacity units consumed by the PutItem operation. The data returned\n includes the total provisioned throughput consumed, along with statistics for the table\n and any indexes involved in the operation. ConsumedCapacity is only\n returned if the ReturnConsumedCapacity parameter was specified. For more\n information, see Provisioned Throughput in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ItemCollectionMetrics": {
"target": "com.amazonaws.dynamodb#ItemCollectionMetrics",
"traits": {
- "smithy.api#documentation": "Information about item collections, if any, that were affected by the\n PutItem operation. ItemCollectionMetrics is only returned\n if the ReturnItemCollectionMetrics parameter was specified. If the table\n does not have any local secondary indexes, this information is not returned in the\n response.
\n Each ItemCollectionMetrics element consists of:
\n \n - \n
\n ItemCollectionKey - The partition key value of the item collection.\n This is the same as the partition key value of the item itself.
\n \n - \n
\n SizeEstimateRangeGB - An estimate of item collection size, in\n gigabytes. This value is a two-element array containing a lower bound and an\n upper bound for the estimate. The estimate includes the size of all the items in\n the table, plus the size of all attributes projected into all of the local\n secondary indexes on that table. Use this estimate to measure whether a local\n secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the\n precision or accuracy of the estimate.
\n \n
"
+ "smithy.api#documentation": "Information about item collections, if any, that were affected by the\n PutItem operation. ItemCollectionMetrics is only returned\n if the ReturnItemCollectionMetrics parameter was specified. If the table\n does not have any local secondary indexes, this information is not returned in the\n response.
\n Each ItemCollectionMetrics element consists of:
\n \n - \n
\n ItemCollectionKey - The partition key value of the item collection.\n This is the same as the partition key value of the item itself.
\n \n - \n
\n SizeEstimateRangeGB - An estimate of item collection size, in\n gigabytes. This value is a two-element array containing a lower bound and an\n upper bound for the estimate. The estimate includes the size of all the items in\n the table, plus the size of all attributes projected into all of the local\n secondary indexes on that table. Use this estimate to measure whether a local\n secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the\n precision or accuracy of the estimate.
\n \n
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a PutItem operation.
"
+ "smithy.api#documentation": "Represents the output of a PutItem operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#PutRequest": {
@@ -7733,7 +7957,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "You must provide the name of the partition key attribute and a single value for that\n attribute. Query returns all items with that partition key value.\n Optionally, you can provide a sort key attribute and use a comparison operator to refine\n the search results.
\n\n Use the KeyConditionExpression parameter to provide a specific value for\n the partition key. The Query operation will return all of the items from\n the table or index with that partition key value. You can optionally narrow the scope of\n the Query operation by specifying a sort key value and a comparison\n operator in KeyConditionExpression. To further refine the\n Query results, you can optionally provide a\n FilterExpression. A FilterExpression determines which\n items within the results should be returned to you. All of the other results are\n discarded.
\n A Query operation always returns a result set. If no matching items are\n found, the result set will be empty. Queries that do not return results consume the\n minimum number of read capacity units for that type of read operation.
\n \n DynamoDB calculates the number of read capacity units consumed based on item\n size, not on the amount of data that is returned to an application. The number of\n capacity units consumed will be the same whether you request all of the attributes\n (the default behavior) or just some of them (using a projection expression). The\n number will also be the same whether or not you use a FilterExpression.\n
\n \n \n Query results are always sorted by the sort key value. If the data type of\n the sort key is Number, the results are returned in numeric order; otherwise, the\n results are returned in order of UTF-8 bytes. By default, the sort order is ascending.\n To reverse the order, set the ScanIndexForward parameter to false.
\n A single Query operation will read up to the maximum number of items set\n (if using the Limit parameter) or a maximum of 1 MB of data and then apply\n any filtering to the results using FilterExpression. If\n LastEvaluatedKey is present in the response, you will need to paginate\n the result set. For more information, see Paginating\n the Results in the Amazon DynamoDB Developer Guide.
\n \n FilterExpression is applied after a Query finishes, but before\n the results are returned. A FilterExpression cannot contain partition key\n or sort key attributes. You need to specify those attributes in the\n KeyConditionExpression.
\n \n A Query operation can return an empty result set and a\n LastEvaluatedKey if all the items read for the page of results are\n filtered out.
\n \n You can query a table, a local secondary index, or a global secondary index. For a\n query on a table or on a local secondary index, you can set the\n ConsistentRead parameter to true and obtain a strongly\n consistent result. Global secondary indexes support eventually consistent reads only, so\n do not specify ConsistentRead when querying a global secondary\n index.
",
+ "smithy.api#documentation": "You must provide the name of the partition key attribute and a single value for that\n attribute. Query returns all items with that partition key value.\n Optionally, you can provide a sort key attribute and use a comparison operator to refine\n the search results.
\n Use the KeyConditionExpression parameter to provide a specific value for\n the partition key. The Query operation will return all of the items from\n the table or index with that partition key value. You can optionally narrow the scope of\n the Query operation by specifying a sort key value and a comparison\n operator in KeyConditionExpression. To further refine the\n Query results, you can optionally provide a\n FilterExpression. A FilterExpression determines which\n items within the results should be returned to you. All of the other results are\n discarded.
\n A Query operation always returns a result set. If no matching items are\n found, the result set will be empty. Queries that do not return results consume the\n minimum number of read capacity units for that type of read operation.
\n \n DynamoDB calculates the number of read capacity units consumed based on item\n size, not on the amount of data that is returned to an application. The number of\n capacity units consumed will be the same whether you request all of the attributes\n (the default behavior) or just some of them (using a projection expression). The\n number will also be the same whether or not you use a FilterExpression.\n
\n \n \n Query results are always sorted by the sort key value. If the data type of\n the sort key is Number, the results are returned in numeric order; otherwise, the\n results are returned in order of UTF-8 bytes. By default, the sort order is ascending.\n To reverse the order, set the ScanIndexForward parameter to false.
\n A single Query operation will read up to the maximum number of items set\n (if using the Limit parameter) or a maximum of 1 MB of data and then apply\n any filtering to the results using FilterExpression. If\n LastEvaluatedKey is present in the response, you will need to paginate\n the result set. For more information, see Paginating\n the Results in the Amazon DynamoDB Developer Guide.
\n \n FilterExpression is applied after a Query finishes, but before\n the results are returned. A FilterExpression cannot contain partition key\n or sort key attributes. You need to specify those attributes in the\n KeyConditionExpression.
\n \n A Query operation can return an empty result set and a\n LastEvaluatedKey if all the items read for the page of results are\n filtered out.
\n \n You can query a table, a local secondary index, or a global secondary index. For a\n query on a table or on a local secondary index, you can set the\n ConsistentRead parameter to true and obtain a strongly\n consistent result. Global secondary indexes support eventually consistent reads only, so\n do not specify ConsistentRead when querying a global secondary\n index.
",
"smithy.api#paginated": {
"inputToken": "ExclusiveStartKey",
"outputToken": "LastEvaluatedKey",
@@ -7758,13 +7982,13 @@
"IndexName": {
"target": "com.amazonaws.dynamodb#IndexName",
"traits": {
- "smithy.api#documentation": "The name of an index to query. This index can be any local secondary index or global\n secondary index on the table. Note that if you use the IndexName parameter,\n you must also provide TableName.\n
"
+ "smithy.api#documentation": "The name of an index to query. This index can be any local secondary index or global\n secondary index on the table. Note that if you use the IndexName parameter,\n you must also provide TableName.\n
"
}
},
"Select": {
"target": "com.amazonaws.dynamodb#Select",
"traits": {
- "smithy.api#documentation": "The attributes to be returned in the result. You can retrieve all item attributes,\n specific item attributes, the count of matching items, or in the case of an index, some\n or all of the attributes projected into the index.
\n \n - \n
\n ALL_ATTRIBUTES - Returns all of the item attributes from the\n specified table or index. If you query a local secondary index, then for each\n matching item in the index, DynamoDB fetches the entire item from the parent\n table. If the index is configured to project all item attributes, then all of\n the data can be obtained from the local secondary index, and no fetching is\n required.
\n \n - \n
\n ALL_PROJECTED_ATTRIBUTES - Allowed only when querying an index.\n Retrieves all attributes that have been projected into the index. If the index\n is configured to project all attributes, this return value is equivalent to\n specifying ALL_ATTRIBUTES.
\n \n - \n
\n COUNT - Returns the number of matching items, rather than the\n matching items themselves.
\n \n - \n
\n SPECIFIC_ATTRIBUTES - Returns only the attributes listed in\n ProjectionExpression. This return value is equivalent to\n specifying ProjectionExpression without specifying any value for\n Select.
\n If you query or scan a local secondary index and request only attributes that\n are projected into that index, the operation will read only the index and not\n the table. If any of the requested attributes are not projected into the local\n secondary index, DynamoDB fetches each of these attributes from the parent\n table. This extra fetching incurs additional throughput cost and latency.
\n If you query or scan a global secondary index, you can only request attributes\n that are projected into the index. Global secondary index queries cannot fetch\n attributes from the parent table.
\n \n
\n If neither Select nor ProjectionExpression are specified,\n DynamoDB defaults to ALL_ATTRIBUTES when accessing a table, and\n ALL_PROJECTED_ATTRIBUTES when accessing an index. You cannot use both\n Select and ProjectionExpression together in a single\n request, unless the value for Select is SPECIFIC_ATTRIBUTES.\n (This usage is equivalent to specifying ProjectionExpression without any\n value for Select.)
\n \n If you use the ProjectionExpression parameter, then the value for\n Select can only be SPECIFIC_ATTRIBUTES. Any other\n value for Select will return an error.
\n "
+ "smithy.api#documentation": "The attributes to be returned in the result. You can retrieve all item attributes,\n specific item attributes, the count of matching items, or in the case of an index, some\n or all of the attributes projected into the index.
\n \n - \n
\n ALL_ATTRIBUTES - Returns all of the item attributes from the\n specified table or index. If you query a local secondary index, then for each\n matching item in the index, DynamoDB fetches the entire item from the parent\n table. If the index is configured to project all item attributes, then all of\n the data can be obtained from the local secondary index, and no fetching is\n required.
\n \n - \n
\n ALL_PROJECTED_ATTRIBUTES - Allowed only when querying an index.\n Retrieves all attributes that have been projected into the index. If the index\n is configured to project all attributes, this return value is equivalent to\n specifying ALL_ATTRIBUTES.
\n \n - \n
\n COUNT - Returns the number of matching items, rather than the\n matching items themselves. Note that this uses the same quantity of read capacity units \n as getting the items, and is subject to the same item size calculations.
\n \n - \n
\n SPECIFIC_ATTRIBUTES - Returns only the attributes listed in\n ProjectionExpression. This return value is equivalent to\n specifying ProjectionExpression without specifying any value for\n Select.
\n If you query or scan a local secondary index and request only attributes that\n are projected into that index, the operation will read only the index and not\n the table. If any of the requested attributes are not projected into the local\n secondary index, DynamoDB fetches each of these attributes from the parent\n table. This extra fetching incurs additional throughput cost and latency.
\n If you query or scan a global secondary index, you can only request attributes\n that are projected into the index. Global secondary index queries cannot fetch\n attributes from the parent table.
\n \n
\n If neither Select nor ProjectionExpression are specified,\n DynamoDB defaults to ALL_ATTRIBUTES when accessing a table, and\n ALL_PROJECTED_ATTRIBUTES when accessing an index. You cannot use both\n Select and ProjectionExpression together in a single\n request, unless the value for Select is SPECIFIC_ATTRIBUTES.\n (This usage is equivalent to specifying ProjectionExpression without any\n value for Select.)
\n \n If you use the ProjectionExpression parameter, then the value for\n Select can only be SPECIFIC_ATTRIBUTES. Any other\n value for Select will return an error.
\n "
}
},
"AttributesToGet": {
@@ -7782,7 +8006,7 @@
"ConsistentRead": {
"target": "com.amazonaws.dynamodb#ConsistentRead",
"traits": {
- "smithy.api#documentation": "Determines the read consistency model: If set to true, then the operation\n uses strongly consistent reads; otherwise, the operation uses eventually consistent\n reads.
\n Strongly consistent reads are not supported on global secondary indexes. If you query\n a global secondary index with ConsistentRead set to true, you\n will receive a ValidationException.
"
+ "smithy.api#documentation": "Determines the read consistency model: If set to true, then the operation\n uses strongly consistent reads; otherwise, the operation uses eventually consistent\n reads.
\n Strongly consistent reads are not supported on global secondary indexes. If you query\n a global secondary index with ConsistentRead set to true, you\n will receive a ValidationException.
"
}
},
"KeyConditions": {
@@ -7806,13 +8030,13 @@
"ScanIndexForward": {
"target": "com.amazonaws.dynamodb#BooleanObject",
"traits": {
- "smithy.api#documentation": "Specifies the order for index traversal: If true (default), the traversal\n is performed in ascending order; if false, the traversal is performed in\n descending order.
\n Items with the same partition key value are stored in sorted order by sort key. If the\n sort key data type is Number, the results are stored in numeric order. For type String,\n the results are stored in order of UTF-8 bytes. For type Binary, DynamoDB treats each\n byte of the binary data as unsigned.
\n If ScanIndexForward is true, DynamoDB returns the results in\n the order in which they are stored (by sort key value). This is the default behavior. If\n ScanIndexForward is false, DynamoDB reads the results in\n reverse order by sort key value, and then returns the results to the client.
"
+ "smithy.api#documentation": "Specifies the order for index traversal: If true (default), the traversal\n is performed in ascending order; if false, the traversal is performed in\n descending order.
\n Items with the same partition key value are stored in sorted order by sort key. If the\n sort key data type is Number, the results are stored in numeric order. For type String,\n the results are stored in order of UTF-8 bytes. For type Binary, DynamoDB treats each\n byte of the binary data as unsigned.
\n If ScanIndexForward is true, DynamoDB returns the results in\n the order in which they are stored (by sort key value). This is the default behavior. If\n ScanIndexForward is false, DynamoDB reads the results in\n reverse order by sort key value, and then returns the results to the client.
"
}
},
"ExclusiveStartKey": {
"target": "com.amazonaws.dynamodb#Key",
"traits": {
- "smithy.api#documentation": "The primary key of the first item that this operation will evaluate. Use the value\n that was returned for LastEvaluatedKey in the previous operation.
\n The data type for ExclusiveStartKey must be String, Number, or Binary. No\n set data types are allowed.
"
+ "smithy.api#documentation": "The primary key of the first item that this operation will evaluate. Use the value\n that was returned for LastEvaluatedKey in the previous operation.
\n The data type for ExclusiveStartKey must be String, Number, or Binary. No\n set data types are allowed.
"
}
},
"ReturnConsumedCapacity": {
@@ -7821,36 +8045,37 @@
"ProjectionExpression": {
"target": "com.amazonaws.dynamodb#ProjectionExpression",
"traits": {
- "smithy.api#documentation": "A string that identifies one or more attributes to retrieve from the table. These\n attributes can include scalars, sets, or elements of a JSON document. The attributes in\n the expression must be separated by commas.
\n If no attribute names are specified, then all attributes will be returned. If any of\n the requested attributes are not found, they will not appear in the result.
\n For more information, see Accessing Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "A string that identifies one or more attributes to retrieve from the table. These\n attributes can include scalars, sets, or elements of a JSON document. The attributes in\n the expression must be separated by commas.
\n If no attribute names are specified, then all attributes will be returned. If any of\n the requested attributes are not found, they will not appear in the result.
\n For more information, see Accessing Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"FilterExpression": {
"target": "com.amazonaws.dynamodb#ConditionExpression",
"traits": {
- "smithy.api#documentation": "A string that contains conditions that DynamoDB applies after the Query\n operation, but before the data is returned to you. Items that do not satisfy the\n FilterExpression criteria are not returned.
\n A FilterExpression does not allow key attributes. You cannot define a\n filter expression based on a partition key or a sort key.
\n \n A FilterExpression is applied after the items have already been read;\n the process of filtering does not consume any additional read capacity units.
\n \n For more information, see Filter Expressions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "A string that contains conditions that DynamoDB applies after the Query\n operation, but before the data is returned to you. Items that do not satisfy the\n FilterExpression criteria are not returned.
\n A FilterExpression does not allow key attributes. You cannot define a\n filter expression based on a partition key or a sort key.
\n \n A FilterExpression is applied after the items have already been read;\n the process of filtering does not consume any additional read capacity units.
\n \n For more information, see Filter Expressions in the Amazon DynamoDB Developer\n Guide.
"
}
},
"KeyConditionExpression": {
"target": "com.amazonaws.dynamodb#KeyExpression",
"traits": {
- "smithy.api#documentation": "The condition that specifies the key values for items to be retrieved by the\n Query action.
\n\n The condition must perform an equality test on a single partition key value.
\n The condition can optionally perform one of several comparison tests on a single sort\n key value. This allows Query to retrieve one item with a given partition\n key value and sort key value, or several items that have the same partition key value\n but different sort key values.
\n\n The partition key equality test is required, and must be specified in the following\n format:
\n\n \n partitionKeyName\n =\n :partitionkeyval\n
\n\n If you also want to provide a condition for the sort key, it must be combined using\n AND with the condition for the sort key. Following is an example, using\n the = comparison operator for the sort key:
\n\n \n partitionKeyName\n =\n :partitionkeyval\n AND\n sortKeyName\n =\n :sortkeyval\n
\n Valid comparisons for the sort key condition are as follows:
\n \n - \n
\n sortKeyName\n =\n :sortkeyval - true if the sort key value is equal to\n :sortkeyval.
\n \n - \n
\n sortKeyName\n <\n :sortkeyval - true if the sort key value is less than\n :sortkeyval.
\n \n - \n
\n sortKeyName\n <=\n :sortkeyval - true if the sort key value is less than or equal to\n :sortkeyval.
\n \n - \n
\n sortKeyName\n >\n :sortkeyval - true if the sort key value is greater than\n :sortkeyval.
\n \n - \n
\n sortKeyName\n >= \n :sortkeyval - true if the sort key value is greater than or equal\n to :sortkeyval.
\n \n - \n
\n sortKeyName\n BETWEEN\n :sortkeyval1\n AND\n :sortkeyval2 - true if the sort key value is greater than or equal\n to :sortkeyval1, and less than or equal to\n :sortkeyval2.
\n \n - \n
\n begins_with (\n sortKeyName, :sortkeyval\n ) - true if the sort key value begins with a particular operand.\n (You cannot use this function with a sort key that is of type Number.) Note that\n the function name begins_with is case-sensitive.
\n\n \n
\n\n Use the ExpressionAttributeValues parameter to replace tokens such as\n :partitionval and :sortval with actual values at\n runtime.
\n\n You can optionally use the ExpressionAttributeNames parameter to replace\n the names of the partition key and sort key with placeholder tokens. This option might\n be necessary if an attribute name conflicts with a DynamoDB reserved word. For example,\n the following KeyConditionExpression parameter causes an error because\n Size is a reserved word:
\n \n - \n
\n Size = :myval\n
\n \n
\n To work around this, define a placeholder (such a #S) to represent the\n attribute name Size. KeyConditionExpression then is as\n follows:
\n \n - \n
\n #S = :myval\n
\n \n
\n For a list of reserved words, see Reserved Words\n in the Amazon DynamoDB Developer Guide.
\n\n For more information on ExpressionAttributeNames and\n ExpressionAttributeValues, see Using\n Placeholders for Attribute Names and Values in the Amazon DynamoDB\n Developer Guide.
"
+ "smithy.api#documentation": "The condition that specifies the key values for items to be retrieved by the\n Query action.
\n The condition must perform an equality test on a single partition key value.
\n The condition can optionally perform one of several comparison tests on a single sort\n key value. This allows Query to retrieve one item with a given partition\n key value and sort key value, or several items that have the same partition key value\n but different sort key values.
\n The partition key equality test is required, and must be specified in the following\n format:
\n \n partitionKeyName\n =\n :partitionkeyval\n
\n If you also want to provide a condition for the sort key, it must be combined using\n AND with the condition for the sort key. Following is an example, using\n the = comparison operator for the sort key:
\n \n partitionKeyName\n =\n :partitionkeyval\n AND\n sortKeyName\n =\n :sortkeyval\n
\n Valid comparisons for the sort key condition are as follows:
\n \n - \n
\n sortKeyName\n =\n :sortkeyval - true if the sort key value is equal to\n :sortkeyval.
\n \n - \n
\n sortKeyName\n <\n :sortkeyval - true if the sort key value is less than\n :sortkeyval.
\n \n - \n
\n sortKeyName\n <=\n :sortkeyval - true if the sort key value is less than or equal to\n :sortkeyval.
\n \n - \n
\n sortKeyName\n >\n :sortkeyval - true if the sort key value is greater than\n :sortkeyval.
\n \n - \n
\n sortKeyName\n >= \n :sortkeyval - true if the sort key value is greater than or equal\n to :sortkeyval.
\n \n - \n
\n sortKeyName\n BETWEEN\n :sortkeyval1\n AND\n :sortkeyval2 - true if the sort key value is greater than or equal\n to :sortkeyval1, and less than or equal to\n :sortkeyval2.
\n \n - \n
\n begins_with (\n sortKeyName, :sortkeyval\n ) - true if the sort key value begins with a particular operand.\n (You cannot use this function with a sort key that is of type Number.) Note that\n the function name begins_with is case-sensitive.
\n \n
\n Use the ExpressionAttributeValues parameter to replace tokens such as\n :partitionval and :sortval with actual values at\n runtime.
\n You can optionally use the ExpressionAttributeNames parameter to replace\n the names of the partition key and sort key with placeholder tokens. This option might\n be necessary if an attribute name conflicts with a DynamoDB reserved word. For example,\n the following KeyConditionExpression parameter causes an error because\n Size is a reserved word:
\n \n - \n
\n Size = :myval\n
\n \n
\n To work around this, define a placeholder (such a #S) to represent the\n attribute name Size. KeyConditionExpression then is as\n follows:
\n \n - \n
\n #S = :myval\n
\n \n
\n For a list of reserved words, see Reserved Words\n in the Amazon DynamoDB Developer Guide.
\n For more information on ExpressionAttributeNames and\n ExpressionAttributeValues, see Using\n Placeholders for Attribute Names and Values in the Amazon DynamoDB\n Developer Guide.
"
}
},
"ExpressionAttributeNames": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeNameMap",
"traits": {
- "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeValues": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeValueMap",
"traits": {
- "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Specifying Conditions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Specifying Conditions in the Amazon DynamoDB Developer\n Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a Query operation.
"
+ "smithy.api#documentation": "Represents the input of a Query operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#QueryOutput": {
@@ -7866,20 +8091,20 @@
"target": "com.amazonaws.dynamodb#Integer",
"traits": {
"smithy.api#default": 0,
- "smithy.api#documentation": "The number of items in the response.
\n If you used a QueryFilter in the request, then Count is the\n number of items returned after the filter was applied, and ScannedCount is\n the number of matching items before the filter was applied.
\n If you did not use a filter in the request, then Count and\n ScannedCount are the same.
"
+ "smithy.api#documentation": "The number of items in the response.
\n If you used a QueryFilter in the request, then Count is the\n number of items returned after the filter was applied, and ScannedCount is\n the number of matching items before the filter was applied.
\n If you did not use a filter in the request, then Count and\n ScannedCount are the same.
"
}
},
"ScannedCount": {
"target": "com.amazonaws.dynamodb#Integer",
"traits": {
"smithy.api#default": 0,
- "smithy.api#documentation": "The number of items evaluated, before any QueryFilter is applied. A high\n ScannedCount value with few, or no, Count results\n indicates an inefficient Query operation. For more information, see Count and\n ScannedCount in the Amazon DynamoDB Developer\n Guide.
\n If you did not use a filter in the request, then ScannedCount is the same\n as Count.
"
+ "smithy.api#documentation": "The number of items evaluated, before any QueryFilter is applied. A high\n ScannedCount value with few, or no, Count results\n indicates an inefficient Query operation. For more information, see Count and\n ScannedCount in the Amazon DynamoDB Developer\n Guide.
\n If you did not use a filter in the request, then ScannedCount is the same\n as Count.
"
}
},
"LastEvaluatedKey": {
"target": "com.amazonaws.dynamodb#Key",
"traits": {
- "smithy.api#documentation": "The primary key of the item where the operation stopped, inclusive of the previous\n result set. Use this value to start a new operation, excluding this value in the new\n request.
\n If LastEvaluatedKey is empty, then the \"last page\" of results has been\n processed and there is no more data to be retrieved.
\n If LastEvaluatedKey is not empty, it does not necessarily mean that there\n is more data in the result set. The only way to know when you have reached the end of\n the result set is when LastEvaluatedKey is empty.
"
+ "smithy.api#documentation": "The primary key of the item where the operation stopped, inclusive of the previous\n result set. Use this value to start a new operation, excluding this value in the new\n request.
\n If LastEvaluatedKey is empty, then the \"last page\" of results has been\n processed and there is no more data to be retrieved.
\n If LastEvaluatedKey is not empty, it does not necessarily mean that there\n is more data in the result set. The only way to know when you have reached the end of\n the result set is when LastEvaluatedKey is empty.
"
}
},
"ConsumedCapacity": {
@@ -7890,7 +8115,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a Query operation.
"
+ "smithy.api#documentation": "Represents the output of a Query operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#RegionName": {
@@ -7946,7 +8172,7 @@
"ReplicaStatus": {
"target": "com.amazonaws.dynamodb#ReplicaStatus",
"traits": {
- "smithy.api#documentation": "The current state of the replica:
\n \n - \n
\n CREATING - The replica is being created.
\n \n - \n
\n UPDATING - The replica is being updated.
\n \n - \n
\n DELETING - The replica is being deleted.
\n \n - \n
\n ACTIVE - The replica is ready for use.
\n \n
"
+ "smithy.api#documentation": "The current state of the replica:
\n \n - \n
\n CREATING - The replica is being created.
\n \n - \n
\n UPDATING - The replica is being updated.
\n \n - \n
\n DELETING - The replica is being deleted.
\n \n - \n
\n ACTIVE - The replica is ready for use.
\n \n
"
}
}
},
@@ -8007,7 +8233,7 @@
"ReplicaStatus": {
"target": "com.amazonaws.dynamodb#ReplicaStatus",
"traits": {
- "smithy.api#documentation": "The current state of the replica:
\n \n - \n
\n CREATING - The replica is being created.
\n \n - \n
\n UPDATING - The replica is being updated.
\n \n - \n
\n DELETING - The replica is being deleted.
\n \n - \n
\n ACTIVE - The replica is ready for use.
\n \n - \n
\n REGION_DISABLED - The replica is inaccessible because the Amazon Web Services Region has been disabled.
\n \n If the Amazon Web Services Region remains inaccessible for more than 20\n hours, DynamoDB will remove this replica from the replication\n group. The replica will not be deleted and replication will stop from and to\n this region.
\n \n \n - \n
\n INACCESSIBLE_ENCRYPTION_CREDENTIALS - The KMS key\n used to encrypt the table is inaccessible.
\n \n If the KMS key remains inaccessible for more than 20 hours,\n DynamoDB will remove this replica from the replication group.\n The replica will not be deleted and replication will stop from and to this\n region.
\n \n \n
"
+ "smithy.api#documentation": "The current state of the replica:
\n \n - \n
\n CREATING - The replica is being created.
\n \n - \n
\n UPDATING - The replica is being updated.
\n \n - \n
\n DELETING - The replica is being deleted.
\n \n - \n
\n ACTIVE - The replica is ready for use.
\n \n - \n
\n REGION_DISABLED - The replica is inaccessible because the Amazon Web Services Region has been disabled.
\n \n If the Amazon Web Services Region remains inaccessible for more than 20\n hours, DynamoDB will remove this replica from the replication\n group. The replica will not be deleted and replication will stop from and to\n this region.
\n \n \n - \n
\n INACCESSIBLE_ENCRYPTION_CREDENTIALS - The KMS key\n used to encrypt the table is inaccessible.
\n \n If the KMS key remains inaccessible for more than 20 hours,\n DynamoDB will remove this replica from the replication group.\n The replica will not be deleted and replication will stop from and to this\n region.
\n \n \n
"
}
},
"ReplicaStatusDescription": {
@@ -8093,7 +8319,7 @@
"IndexStatus": {
"target": "com.amazonaws.dynamodb#IndexStatus",
"traits": {
- "smithy.api#documentation": "The current state of the replica global secondary index:
\n \n - \n
\n CREATING - The index is being created.
\n \n - \n
\n UPDATING - The table/index configuration is being updated. The\n table/index remains available for data operations when\n UPDATING\n
\n\n \n - \n
\n DELETING - The index is being deleted.
\n \n - \n
\n ACTIVE - The index is ready for use.
\n \n
"
+ "smithy.api#documentation": "The current state of the replica global secondary index:
\n \n - \n
\n CREATING - The index is being created.
\n \n - \n
\n UPDATING - The table/index configuration is being updated. The\n table/index remains available for data operations when\n UPDATING\n
\n \n - \n
\n DELETING - The index is being deleted.
\n \n - \n
\n ACTIVE - The index is ready for use.
\n \n
"
}
},
"ProvisionedReadCapacityAutoScalingSettings": {
@@ -8186,7 +8412,7 @@
"IndexStatus": {
"target": "com.amazonaws.dynamodb#IndexStatus",
"traits": {
- "smithy.api#documentation": " The current status of the global secondary index:
\n \n - \n
\n CREATING - The global secondary index is being created.
\n \n - \n
\n UPDATING - The global secondary index is being updated.
\n \n - \n
\n DELETING - The global secondary index is being deleted.
\n \n - \n
\n ACTIVE - The global secondary index is ready for use.
\n \n
"
+ "smithy.api#documentation": " The current status of the global secondary index:
\n \n - \n
\n CREATING - The global secondary index is being created.
\n \n - \n
\n UPDATING - The global secondary index is being updated.
\n \n - \n
\n DELETING - The global secondary index is being deleted.
\n \n - \n
\n ACTIVE - The global secondary index is ready for use.
\n \n
"
}
},
"ProvisionedReadCapacityUnits": {
@@ -8294,7 +8520,7 @@
"ReplicaStatus": {
"target": "com.amazonaws.dynamodb#ReplicaStatus",
"traits": {
- "smithy.api#documentation": "The current state of the Region:
\n \n - \n
\n CREATING - The Region is being created.
\n \n - \n
\n UPDATING - The Region is being updated.
\n \n - \n
\n DELETING - The Region is being deleted.
\n \n - \n
\n ACTIVE - The Region is ready for use.
\n \n
"
+ "smithy.api#documentation": "The current state of the Region:
\n \n - \n
\n CREATING - The Region is being created.
\n \n - \n
\n UPDATING - The Region is being updated.
\n \n - \n
\n DELETING - The Region is being deleted.
\n \n - \n
\n ACTIVE - The Region is ready for use.
\n \n
"
}
},
"ReplicaBillingModeSummary": {
@@ -8468,7 +8694,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents one of the following:
\n \n - \n
A new replica to be added to an existing global table.
\n \n - \n
New parameters for an existing replica.
\n \n - \n
An existing replica to be removed from an existing global table.
\n \n
"
+ "smithy.api#documentation": "Represents one of the following:
\n \n - \n
A new replica to be added to an existing global table.
\n \n - \n
New parameters for an existing replica.
\n \n - \n
An existing replica to be removed from an existing global table.
\n \n
"
}
},
"com.amazonaws.dynamodb#ReplicaUpdateList": {
@@ -8500,7 +8726,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents one of the following:
\n \n - \n
A new replica to be added to an existing regional table or global table. This\n request invokes the CreateTableReplica action in the destination\n Region.
\n \n - \n
New parameters for an existing replica. This request invokes the\n UpdateTable action in the destination Region.
\n \n - \n
An existing replica to be deleted. The request invokes the\n DeleteTableReplica action in the destination Region, deleting\n the replica and all if its items in the destination Region.
\n \n
\n \n When you manually remove a table or global table replica, you do not automatically\n remove any associated scalable targets, scaling policies, or CloudWatch\n alarms.
\n "
+ "smithy.api#documentation": "Represents one of the following:
\n \n - \n
A new replica to be added to an existing regional table or global table. This\n request invokes the CreateTableReplica action in the destination\n Region.
\n \n - \n
New parameters for an existing replica. This request invokes the\n UpdateTable action in the destination Region.
\n \n - \n
An existing replica to be deleted. The request invokes the\n DeleteTableReplica action in the destination Region, deleting\n the replica and all if its items in the destination Region.
\n \n
\n \n When you manually remove a table or global table replica, you do not automatically\n remove any associated scalable targets, scaling policies, or CloudWatch\n alarms.
\n "
}
},
"com.amazonaws.dynamodb#ReplicationGroupUpdateList": {
@@ -8637,7 +8863,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Creates a new table from an existing backup. Any number of users can execute up to 4\n concurrent restores (any type of restore) in a given account.
\n You can call RestoreTableFromBackup at a maximum rate of 10 times per\n second.
\n You must manually set up the following on the restored table:
\n "
+ "smithy.api#documentation": "Creates a new table from an existing backup. Any number of users can execute up to 4\n concurrent restores (any type of restore) in a given account.
\n You can call RestoreTableFromBackup at a maximum rate of 10 times per\n second.
\n You must manually set up the following on the restored table:
\n "
}
},
"com.amazonaws.dynamodb#RestoreTableFromBackupInput": {
@@ -8687,6 +8913,9 @@
"smithy.api#documentation": "The new server-side encryption settings for the restored table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#RestoreTableFromBackupOutput": {
@@ -8698,6 +8927,9 @@
"smithy.api#documentation": "The description of the table created from an existing backup.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#RestoreTableToPointInTime": {
@@ -8738,7 +8970,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Restores the specified table to the specified point in time within\n EarliestRestorableDateTime and LatestRestorableDateTime.\n You can restore your table to any point in time during the last 35 days. Any number of\n users can execute up to 4 concurrent restores (any type of restore) in a given account.
\n When you restore using point in time recovery, DynamoDB restores your table data to\n the state based on the selected date and time (day:hour:minute:second) to a new table.
\n Along with data, the following are also included on the new restored table using\n point in time recovery:
\n \n - \n
Global secondary indexes (GSIs)
\n \n - \n
Local secondary indexes (LSIs)
\n \n - \n
Provisioned read and write capacity
\n \n - \n
Encryption settings
\n \n All these settings come from the current settings of the source table at\n the time of restore.
\n \n \n
\n\n You must manually set up the following on the restored table:
\n \n - \n
Auto scaling policies
\n \n - \n
IAM policies
\n \n - \n
Amazon CloudWatch metrics and alarms
\n \n - \n
Tags
\n \n - \n
Stream settings
\n \n - \n
Time to Live (TTL) settings
\n \n - \n
Point in time recovery settings
\n \n
"
+ "smithy.api#documentation": "Restores the specified table to the specified point in time within\n EarliestRestorableDateTime and LatestRestorableDateTime.\n You can restore your table to any point in time during the last 35 days. Any number of\n users can execute up to 4 concurrent restores (any type of restore) in a given account.
\n When you restore using point in time recovery, DynamoDB restores your table data to\n the state based on the selected date and time (day:hour:minute:second) to a new table.
\n Along with data, the following are also included on the new restored table using\n point in time recovery:
\n \n - \n
Global secondary indexes (GSIs)
\n \n - \n
Local secondary indexes (LSIs)
\n \n - \n
Provisioned read and write capacity
\n \n - \n
Encryption settings
\n \n All these settings come from the current settings of the source table at\n the time of restore.
\n \n \n
\n You must manually set up the following on the restored table:
\n \n - \n
Auto scaling policies
\n \n - \n
IAM policies
\n \n - \n
Amazon CloudWatch metrics and alarms
\n \n - \n
Tags
\n \n - \n
Stream settings
\n \n - \n
Time to Live (TTL) settings
\n \n - \n
Point in time recovery settings
\n \n
"
}
},
"com.amazonaws.dynamodb#RestoreTableToPointInTimeInput": {
@@ -8805,6 +9037,9 @@
"smithy.api#documentation": "The new server-side encryption settings for the restored table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#RestoreTableToPointInTimeOutput": {
@@ -8816,6 +9051,9 @@
"smithy.api#documentation": "Represents the properties of a table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ReturnConsumedCapacity": {
@@ -8841,7 +9079,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Determines the level of detail about either provisioned or on-demand throughput\n consumption that is returned in the response:
\n \n - \n
\n INDEXES - The response includes the aggregate\n ConsumedCapacity for the operation, together with\n ConsumedCapacity for each table and secondary index that was\n accessed.
\n Note that some operations, such as GetItem and\n BatchGetItem, do not access any indexes at all. In these cases,\n specifying INDEXES will only return ConsumedCapacity\n information for table(s).
\n \n - \n
\n TOTAL - The response includes only the aggregate\n ConsumedCapacity for the operation.
\n \n - \n
\n NONE - No ConsumedCapacity details are included in the\n response.
\n \n
"
+ "smithy.api#documentation": "Determines the level of detail about either provisioned or on-demand throughput\n consumption that is returned in the response:
\n \n - \n
\n INDEXES - The response includes the aggregate\n ConsumedCapacity for the operation, together with\n ConsumedCapacity for each table and secondary index that was\n accessed.
\n Note that some operations, such as GetItem and\n BatchGetItem, do not access any indexes at all. In these cases,\n specifying INDEXES will only return ConsumedCapacity\n information for table(s).
\n \n - \n
\n TOTAL - The response includes only the aggregate\n ConsumedCapacity for the operation.
\n \n - \n
\n NONE - No ConsumedCapacity details are included in the\n response.
\n \n
"
}
},
"com.amazonaws.dynamodb#ReturnItemCollectionMetrics": {
@@ -8997,13 +9235,13 @@
"Status": {
"target": "com.amazonaws.dynamodb#SSEStatus",
"traits": {
- "smithy.api#documentation": "Represents the current state of server-side encryption. The only supported values\n are:
\n "
+ "smithy.api#documentation": "Represents the current state of server-side encryption. The only supported values\n are:
\n "
}
},
"SSEType": {
"target": "com.amazonaws.dynamodb#SSEType",
"traits": {
- "smithy.api#documentation": "Server-side encryption type. The only supported value is:
\n "
+ "smithy.api#documentation": "Server-side encryption type. The only supported value is:
\n "
}
},
"KMSMasterKeyArn": {
@@ -9038,7 +9276,7 @@
"SSEType": {
"target": "com.amazonaws.dynamodb#SSEType",
"traits": {
- "smithy.api#documentation": "Server-side encryption type. The only supported value is:
\n "
+ "smithy.api#documentation": "Server-side encryption type. The only supported value is:
\n "
}
},
"KMSMasterKeyId": {
@@ -9156,7 +9394,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "The Scan operation returns one or more items and item attributes by\n accessing every item in a table or a secondary index. To have DynamoDB return fewer\n items, you can provide a FilterExpression operation.
\n If the total number of scanned items exceeds the maximum dataset size limit of 1 MB,\n the scan stops and results are returned to the user as a LastEvaluatedKey\n value to continue the scan in a subsequent operation. The results also include the\n number of items exceeding the limit. A scan can result in no table data meeting the\n filter criteria.
\n A single Scan operation reads up to the maximum number of items set (if\n using the Limit parameter) or a maximum of 1 MB of data and then apply any\n filtering to the results using FilterExpression. If\n LastEvaluatedKey is present in the response, you need to paginate the\n result set. For more information, see Paginating the\n Results in the Amazon DynamoDB Developer Guide.
\n \n Scan operations proceed sequentially; however, for faster performance on\n a large table or secondary index, applications can request a parallel Scan\n operation by providing the Segment and TotalSegments\n parameters. For more information, see Parallel\n Scan in the Amazon DynamoDB Developer Guide.
\n \n Scan uses eventually consistent reads when accessing the data in a table;\n therefore, the result set might not include the changes to data in the table immediately\n before the operation began. If you need a consistent copy of the data, as of the time\n that the Scan begins, you can set the ConsistentRead parameter\n to true.
",
+ "smithy.api#documentation": "The Scan operation returns one or more items and item attributes by\n accessing every item in a table or a secondary index. To have DynamoDB return fewer\n items, you can provide a FilterExpression operation.
\n If the total number of scanned items exceeds the maximum dataset size limit of 1 MB,\n the scan stops and results are returned to the user as a LastEvaluatedKey\n value to continue the scan in a subsequent operation. The results also include the\n number of items exceeding the limit. A scan can result in no table data meeting the\n filter criteria.
\n A single Scan operation reads up to the maximum number of items set (if\n using the Limit parameter) or a maximum of 1 MB of data and then apply any\n filtering to the results using FilterExpression. If\n LastEvaluatedKey is present in the response, you need to paginate the\n result set. For more information, see Paginating the\n Results in the Amazon DynamoDB Developer Guide.
\n \n Scan operations proceed sequentially; however, for faster performance on\n a large table or secondary index, applications can request a parallel Scan\n operation by providing the Segment and TotalSegments\n parameters. For more information, see Parallel\n Scan in the Amazon DynamoDB Developer Guide.
\n \n Scan uses eventually consistent reads when accessing the data in a table;\n therefore, the result set might not include the changes to data in the table immediately\n before the operation began. If you need a consistent copy of the data, as of the time\n that the Scan begins, you can set the ConsistentRead parameter\n to true.
",
"smithy.api#paginated": {
"inputToken": "ExclusiveStartKey",
"outputToken": "LastEvaluatedKey",
@@ -9199,7 +9437,7 @@
"Select": {
"target": "com.amazonaws.dynamodb#Select",
"traits": {
- "smithy.api#documentation": "The attributes to be returned in the result. You can retrieve all item attributes,\n specific item attributes, the count of matching items, or in the case of an index, some\n or all of the attributes projected into the index.
\n \n - \n
\n ALL_ATTRIBUTES - Returns all of the item attributes from the\n specified table or index. If you query a local secondary index, then for each\n matching item in the index, DynamoDB fetches the entire item from the parent\n table. If the index is configured to project all item attributes, then all of\n the data can be obtained from the local secondary index, and no fetching is\n required.
\n \n - \n
\n ALL_PROJECTED_ATTRIBUTES - Allowed only when querying an index.\n Retrieves all attributes that have been projected into the index. If the index\n is configured to project all attributes, this return value is equivalent to\n specifying ALL_ATTRIBUTES.
\n \n - \n
\n COUNT - Returns the number of matching items, rather than the\n matching items themselves.
\n \n - \n
\n SPECIFIC_ATTRIBUTES - Returns only the attributes listed in\n ProjectionExpression. This return value is equivalent to\n specifying ProjectionExpression without specifying any value for\n Select.
\n If you query or scan a local secondary index and request only attributes that\n are projected into that index, the operation reads only the index and not the\n table. If any of the requested attributes are not projected into the local\n secondary index, DynamoDB fetches each of these attributes from the parent\n table. This extra fetching incurs additional throughput cost and latency.
\n If you query or scan a global secondary index, you can only request attributes\n that are projected into the index. Global secondary index queries cannot fetch\n attributes from the parent table.
\n \n
\n If neither Select nor ProjectionExpression are specified,\n DynamoDB defaults to ALL_ATTRIBUTES when accessing a table, and\n ALL_PROJECTED_ATTRIBUTES when accessing an index. You cannot use both\n Select and ProjectionExpression together in a single\n request, unless the value for Select is SPECIFIC_ATTRIBUTES.\n (This usage is equivalent to specifying ProjectionExpression without any\n value for Select.)
\n \n If you use the ProjectionExpression parameter, then the value for\n Select can only be SPECIFIC_ATTRIBUTES. Any other\n value for Select will return an error.
\n "
+ "smithy.api#documentation": "The attributes to be returned in the result. You can retrieve all item attributes,\n specific item attributes, the count of matching items, or in the case of an index, some\n or all of the attributes projected into the index.
\n \n - \n
\n ALL_ATTRIBUTES - Returns all of the item attributes from the\n specified table or index. If you query a local secondary index, then for each\n matching item in the index, DynamoDB fetches the entire item from the parent\n table. If the index is configured to project all item attributes, then all of\n the data can be obtained from the local secondary index, and no fetching is\n required.
\n \n - \n
\n ALL_PROJECTED_ATTRIBUTES - Allowed only when querying an index.\n Retrieves all attributes that have been projected into the index. If the index\n is configured to project all attributes, this return value is equivalent to\n specifying ALL_ATTRIBUTES.
\n \n - \n
\n COUNT - Returns the number of matching items, rather than the\n matching items themselves. Note that this uses the same quantity of read capacity units \n as getting the items, and is subject to the same item size calculations.
\n \n - \n
\n SPECIFIC_ATTRIBUTES - Returns only the attributes listed in\n ProjectionExpression. This return value is equivalent to\n specifying ProjectionExpression without specifying any value for\n Select.
\n If you query or scan a local secondary index and request only attributes that\n are projected into that index, the operation reads only the index and not the\n table. If any of the requested attributes are not projected into the local\n secondary index, DynamoDB fetches each of these attributes from the parent\n table. This extra fetching incurs additional throughput cost and latency.
\n If you query or scan a global secondary index, you can only request attributes\n that are projected into the index. Global secondary index queries cannot fetch\n attributes from the parent table.
\n \n
\n If neither Select nor ProjectionExpression are specified,\n DynamoDB defaults to ALL_ATTRIBUTES when accessing a table, and\n ALL_PROJECTED_ATTRIBUTES when accessing an index. You cannot use both\n Select and ProjectionExpression together in a single\n request, unless the value for Select is SPECIFIC_ATTRIBUTES.\n (This usage is equivalent to specifying ProjectionExpression without any\n value for Select.)
\n \n If you use the ProjectionExpression parameter, then the value for\n Select can only be SPECIFIC_ATTRIBUTES. Any other\n value for Select will return an error.
\n "
}
},
"ScanFilter": {
@@ -9217,7 +9455,7 @@
"ExclusiveStartKey": {
"target": "com.amazonaws.dynamodb#Key",
"traits": {
- "smithy.api#documentation": "The primary key of the first item that this operation will evaluate. Use the value\n that was returned for LastEvaluatedKey in the previous operation.
\n The data type for ExclusiveStartKey must be String, Number or Binary. No\n set data types are allowed.
\n In a parallel scan, a Scan request that includes\n ExclusiveStartKey must specify the same segment whose previous\n Scan returned the corresponding value of\n LastEvaluatedKey.
"
+ "smithy.api#documentation": "The primary key of the first item that this operation will evaluate. Use the value\n that was returned for LastEvaluatedKey in the previous operation.
\n The data type for ExclusiveStartKey must be String, Number or Binary. No\n set data types are allowed.
\n In a parallel scan, a Scan request that includes\n ExclusiveStartKey must specify the same segment whose previous\n Scan returned the corresponding value of\n LastEvaluatedKey.
"
}
},
"ReturnConsumedCapacity": {
@@ -9226,48 +9464,49 @@
"TotalSegments": {
"target": "com.amazonaws.dynamodb#ScanTotalSegments",
"traits": {
- "smithy.api#documentation": "For a parallel Scan request, TotalSegments represents the\n total number of segments into which the Scan operation will be divided. The\n value of TotalSegments corresponds to the number of application workers\n that will perform the parallel scan. For example, if you want to use four application\n threads to scan a table or an index, specify a TotalSegments value of\n 4.
\n The value for TotalSegments must be greater than or equal to 1, and less\n than or equal to 1000000. If you specify a TotalSegments value of 1, the\n Scan operation will be sequential rather than parallel.
\n If you specify TotalSegments, you must also specify\n Segment.
"
+ "smithy.api#documentation": "For a parallel Scan request, TotalSegments represents the\n total number of segments into which the Scan operation will be divided. The\n value of TotalSegments corresponds to the number of application workers\n that will perform the parallel scan. For example, if you want to use four application\n threads to scan a table or an index, specify a TotalSegments value of\n 4.
\n The value for TotalSegments must be greater than or equal to 1, and less\n than or equal to 1000000. If you specify a TotalSegments value of 1, the\n Scan operation will be sequential rather than parallel.
\n If you specify TotalSegments, you must also specify\n Segment.
"
}
},
"Segment": {
"target": "com.amazonaws.dynamodb#ScanSegment",
"traits": {
- "smithy.api#documentation": "For a parallel Scan request, Segment identifies an\n individual segment to be scanned by an application worker.
\n Segment IDs are zero-based, so the first segment is always 0. For example, if you want\n to use four application threads to scan a table or an index, then the first thread\n specifies a Segment value of 0, the second thread specifies 1, and so\n on.
\n The value of LastEvaluatedKey returned from a parallel Scan\n request must be used as ExclusiveStartKey with the same segment ID in a\n subsequent Scan operation.
\n The value for Segment must be greater than or equal to 0, and less than\n the value provided for TotalSegments.
\n If you provide Segment, you must also provide\n TotalSegments.
"
+ "smithy.api#documentation": "For a parallel Scan request, Segment identifies an\n individual segment to be scanned by an application worker.
\n Segment IDs are zero-based, so the first segment is always 0. For example, if you want\n to use four application threads to scan a table or an index, then the first thread\n specifies a Segment value of 0, the second thread specifies 1, and so\n on.
\n The value of LastEvaluatedKey returned from a parallel Scan\n request must be used as ExclusiveStartKey with the same segment ID in a\n subsequent Scan operation.
\n The value for Segment must be greater than or equal to 0, and less than\n the value provided for TotalSegments.
\n If you provide Segment, you must also provide\n TotalSegments.
"
}
},
"ProjectionExpression": {
"target": "com.amazonaws.dynamodb#ProjectionExpression",
"traits": {
- "smithy.api#documentation": "A string that identifies one or more attributes to retrieve from the specified table\n or index. These attributes can include scalars, sets, or elements of a JSON document.\n The attributes in the expression must be separated by commas.
\n If no attribute names are specified, then all attributes will be returned. If any of\n the requested attributes are not found, they will not appear in the result.
\n For more information, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "A string that identifies one or more attributes to retrieve from the specified table\n or index. These attributes can include scalars, sets, or elements of a JSON document.\n The attributes in the expression must be separated by commas.
\n If no attribute names are specified, then all attributes will be returned. If any of\n the requested attributes are not found, they will not appear in the result.
\n For more information, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"FilterExpression": {
"target": "com.amazonaws.dynamodb#ConditionExpression",
"traits": {
- "smithy.api#documentation": "A string that contains conditions that DynamoDB applies after the Scan\n operation, but before the data is returned to you. Items that do not satisfy the\n FilterExpression criteria are not returned.
\n \n A FilterExpression is applied after the items have already been read;\n the process of filtering does not consume any additional read capacity units.
\n \n For more information, see Filter Expressions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "A string that contains conditions that DynamoDB applies after the Scan\n operation, but before the data is returned to you. Items that do not satisfy the\n FilterExpression criteria are not returned.
\n \n A FilterExpression is applied after the items have already been read;\n the process of filtering does not consume any additional read capacity units.
\n \n For more information, see Filter Expressions in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeNames": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeNameMap",
"traits": {
- "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide). To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information on expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeValues": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeValueMap",
"traits": {
- "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ConsistentRead": {
"target": "com.amazonaws.dynamodb#ConsistentRead",
"traits": {
- "smithy.api#documentation": "A Boolean value that determines the read consistency model during the scan:
\n \n - \n
If ConsistentRead is false, then the data returned\n from Scan might not contain the results from other recently\n completed write operations (PutItem, UpdateItem, or\n DeleteItem).
\n \n - \n
If ConsistentRead is true, then all of the write\n operations that completed before the Scan began are guaranteed to\n be contained in the Scan response.
\n \n
\n The default setting for ConsistentRead is false.
\n The ConsistentRead parameter is not supported on global secondary\n indexes. If you scan a global secondary index with ConsistentRead set to\n true, you will receive a ValidationException.
"
+ "smithy.api#documentation": "A Boolean value that determines the read consistency model during the scan:
\n \n - \n
If ConsistentRead is false, then the data returned\n from Scan might not contain the results from other recently\n completed write operations (PutItem, UpdateItem, or\n DeleteItem).
\n \n - \n
If ConsistentRead is true, then all of the write\n operations that completed before the Scan began are guaranteed to\n be contained in the Scan response.
\n \n
\n The default setting for ConsistentRead is false.
\n The ConsistentRead parameter is not supported on global secondary\n indexes. If you scan a global secondary index with ConsistentRead set to\n true, you will receive a ValidationException.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of a Scan operation.
"
+ "smithy.api#documentation": "Represents the input of a Scan operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#ScanOutput": {
@@ -9283,31 +9522,32 @@
"target": "com.amazonaws.dynamodb#Integer",
"traits": {
"smithy.api#default": 0,
- "smithy.api#documentation": "The number of items in the response.
\n If you set ScanFilter in the request, then Count is the\n number of items returned after the filter was applied, and ScannedCount is\n the number of matching items before the filter was applied.
\n If you did not use a filter in the request, then Count is the same as\n ScannedCount.
"
+ "smithy.api#documentation": "The number of items in the response.
\n If you set ScanFilter in the request, then Count is the\n number of items returned after the filter was applied, and ScannedCount is\n the number of matching items before the filter was applied.
\n If you did not use a filter in the request, then Count is the same as\n ScannedCount.
"
}
},
"ScannedCount": {
"target": "com.amazonaws.dynamodb#Integer",
"traits": {
"smithy.api#default": 0,
- "smithy.api#documentation": "The number of items evaluated, before any ScanFilter is applied. A high\n ScannedCount value with few, or no, Count results\n indicates an inefficient Scan operation. For more information, see Count and\n ScannedCount in the Amazon DynamoDB Developer\n Guide.
\n If you did not use a filter in the request, then ScannedCount is the same\n as Count.
"
+ "smithy.api#documentation": "The number of items evaluated, before any ScanFilter is applied. A high\n ScannedCount value with few, or no, Count results\n indicates an inefficient Scan operation. For more information, see Count and\n ScannedCount in the Amazon DynamoDB Developer\n Guide.
\n If you did not use a filter in the request, then ScannedCount is the same\n as Count.
"
}
},
"LastEvaluatedKey": {
"target": "com.amazonaws.dynamodb#Key",
"traits": {
- "smithy.api#documentation": "The primary key of the item where the operation stopped, inclusive of the previous\n result set. Use this value to start a new operation, excluding this value in the new\n request.
\n If LastEvaluatedKey is empty, then the \"last page\" of results has been\n processed and there is no more data to be retrieved.
\n If LastEvaluatedKey is not empty, it does not necessarily mean that there\n is more data in the result set. The only way to know when you have reached the end of\n the result set is when LastEvaluatedKey is empty.
"
+ "smithy.api#documentation": "The primary key of the item where the operation stopped, inclusive of the previous\n result set. Use this value to start a new operation, excluding this value in the new\n request.
\n If LastEvaluatedKey is empty, then the \"last page\" of results has been\n processed and there is no more data to be retrieved.
\n If LastEvaluatedKey is not empty, it does not necessarily mean that there\n is more data in the result set. The only way to know when you have reached the end of\n the result set is when LastEvaluatedKey is empty.
"
}
},
"ConsumedCapacity": {
"target": "com.amazonaws.dynamodb#ConsumedCapacity",
"traits": {
- "smithy.api#documentation": "The capacity units consumed by the Scan operation. The data returned\n includes the total provisioned throughput consumed, along with statistics for the table\n and any indexes involved in the operation. ConsumedCapacity is only\n returned if the ReturnConsumedCapacity parameter was specified. For more\n information, see Provisioned Throughput in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "The capacity units consumed by the Scan operation. The data returned\n includes the total provisioned throughput consumed, along with statistics for the table\n and any indexes involved in the operation. ConsumedCapacity is only\n returned if the ReturnConsumedCapacity parameter was specified. For more\n information, see \n Provisioned Throughput \n in the Amazon DynamoDB Developer Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of a Scan operation.
"
+ "smithy.api#documentation": "Represents the output of a Scan operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#ScanSegment": {
@@ -9390,7 +9630,7 @@
}
},
"TableSizeBytes": {
- "target": "com.amazonaws.dynamodb#Long",
+ "target": "com.amazonaws.dynamodb#LongObject",
"traits": {
"smithy.api#documentation": "Size of the table in bytes. Note that this is an approximate value.
"
}
@@ -9425,7 +9665,7 @@
"BillingMode": {
"target": "com.amazonaws.dynamodb#BillingMode",
"traits": {
- "smithy.api#documentation": "Controls how you are charged for read and write throughput and how you manage\n capacity. This setting can be changed later.
\n \n - \n
\n PROVISIONED - Sets the read/write capacity mode to\n PROVISIONED. We recommend using PROVISIONED for\n predictable workloads.
\n \n - \n
\n PAY_PER_REQUEST - Sets the read/write capacity mode to\n PAY_PER_REQUEST. We recommend using\n PAY_PER_REQUEST for unpredictable workloads.
\n \n
"
+ "smithy.api#documentation": "Controls how you are charged for read and write throughput and how you manage\n capacity. This setting can be changed later.
\n \n - \n
\n PROVISIONED - Sets the read/write capacity mode to\n PROVISIONED. We recommend using PROVISIONED for\n predictable workloads.
\n \n - \n
\n PAY_PER_REQUEST - Sets the read/write capacity mode to\n PAY_PER_REQUEST. We recommend using\n PAY_PER_REQUEST for unpredictable workloads.
\n \n
"
}
}
},
@@ -9496,7 +9736,7 @@
"StreamViewType": {
"target": "com.amazonaws.dynamodb#StreamViewType",
"traits": {
- "smithy.api#documentation": " When an item in the table is modified, StreamViewType determines what\n information is written to the stream for this table. Valid values for\n StreamViewType are:
\n \n - \n
\n KEYS_ONLY - Only the key attributes of the modified item are\n written to the stream.
\n \n - \n
\n NEW_IMAGE - The entire item, as it appears after it was modified,\n is written to the stream.
\n \n - \n
\n OLD_IMAGE - The entire item, as it appeared before it was modified,\n is written to the stream.
\n \n - \n
\n NEW_AND_OLD_IMAGES - Both the new and the old item images of the\n item are written to the stream.
\n \n
"
+ "smithy.api#documentation": " When an item in the table is modified, StreamViewType determines what\n information is written to the stream for this table. Valid values for\n StreamViewType are:
\n \n - \n
\n KEYS_ONLY - Only the key attributes of the modified item are\n written to the stream.
\n \n - \n
\n NEW_IMAGE - The entire item, as it appears after it was modified,\n is written to the stream.
\n \n - \n
\n OLD_IMAGE - The entire item, as it appeared before it was modified,\n is written to the stream.
\n \n - \n
\n NEW_AND_OLD_IMAGES - Both the new and the old item images of the\n item are written to the stream.
\n \n
"
}
}
},
@@ -9572,7 +9812,7 @@
"TableStatus": {
"target": "com.amazonaws.dynamodb#TableStatus",
"traits": {
- "smithy.api#documentation": "The current state of the table:
\n \n - \n
\n CREATING - The table is being created.
\n \n - \n
\n UPDATING - The table is being updated.
\n \n - \n
\n DELETING - The table is being deleted.
\n \n - \n
\n ACTIVE - The table is ready for use.
\n \n
"
+ "smithy.api#documentation": "The current state of the table:
\n \n - \n
\n CREATING - The table is being created.
\n \n - \n
\n UPDATING - The table is being updated.
\n \n - \n
\n DELETING - The table is being deleted.
\n \n - \n
\n ACTIVE - The table is ready for use.
\n \n
"
}
},
"Replicas": {
@@ -9679,7 +9919,7 @@
"AttributeDefinitions": {
"target": "com.amazonaws.dynamodb#AttributeDefinitions",
"traits": {
- "smithy.api#documentation": "An array of AttributeDefinition objects. Each of these objects describes\n one attribute in the table and index key schema.
\n Each AttributeDefinition object in this array is composed of:
\n "
+ "smithy.api#documentation": "An array of AttributeDefinition objects. Each of these objects describes\n one attribute in the table and index key schema.
\n Each AttributeDefinition object in this array is composed of:
\n "
}
},
"TableName": {
@@ -9691,13 +9931,13 @@
"KeySchema": {
"target": "com.amazonaws.dynamodb#KeySchema",
"traits": {
- "smithy.api#documentation": "The primary key structure for the table. Each KeySchemaElement consists\n of:
\n \n For more information about primary keys, see Primary Key in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "The primary key structure for the table. Each KeySchemaElement consists\n of:
\n \n For more information about primary keys, see Primary Key in the Amazon DynamoDB Developer\n Guide.
"
}
},
"TableStatus": {
"target": "com.amazonaws.dynamodb#TableStatus",
"traits": {
- "smithy.api#documentation": "The current state of the table:
\n \n - \n
\n CREATING - The table is being created.
\n \n - \n
\n UPDATING - The table/index configuration is being updated. The\n table/index remains available for data operations when\n UPDATING.
\n \n - \n
\n DELETING - The table is being deleted.
\n \n - \n
\n ACTIVE - The table is ready for use.
\n \n - \n
\n INACCESSIBLE_ENCRYPTION_CREDENTIALS - The KMS key\n used to encrypt the table in inaccessible. Table operations may fail due to\n failure to use the KMS key. DynamoDB will initiate the\n table archival process when a table's KMS key remains\n inaccessible for more than seven days.
\n \n - \n
\n ARCHIVING - The table is being archived. Operations are not allowed\n until archival is complete.
\n \n - \n
\n ARCHIVED - The table has been archived. See the ArchivalReason for\n more information.
\n \n
"
+ "smithy.api#documentation": "The current state of the table:
\n \n - \n
\n CREATING - The table is being created.
\n \n - \n
\n UPDATING - The table/index configuration is being updated. The\n table/index remains available for data operations when\n UPDATING.
\n \n - \n
\n DELETING - The table is being deleted.
\n \n - \n
\n ACTIVE - The table is ready for use.
\n \n - \n
\n INACCESSIBLE_ENCRYPTION_CREDENTIALS - The KMS key\n used to encrypt the table in inaccessible. Table operations may fail due to\n failure to use the KMS key. DynamoDB will initiate the\n table archival process when a table's KMS key remains\n inaccessible for more than seven days.
\n \n - \n
\n ARCHIVING - The table is being archived. Operations are not allowed\n until archival is complete.
\n \n - \n
\n ARCHIVED - The table has been archived. See the ArchivalReason for\n more information.
\n \n
"
}
},
"CreationDateTime": {
@@ -9713,13 +9953,13 @@
}
},
"TableSizeBytes": {
- "target": "com.amazonaws.dynamodb#Long",
+ "target": "com.amazonaws.dynamodb#LongObject",
"traits": {
"smithy.api#documentation": "The total size of the specified table, in bytes. DynamoDB updates this value\n approximately every six hours. Recent changes might not be reflected in this\n value.
"
}
},
"ItemCount": {
- "target": "com.amazonaws.dynamodb#Long",
+ "target": "com.amazonaws.dynamodb#LongObject",
"traits": {
"smithy.api#documentation": "The number of items in the specified table. DynamoDB updates this value approximately\n every six hours. Recent changes might not be reflected in this value.
"
}
@@ -9745,13 +9985,13 @@
"LocalSecondaryIndexes": {
"target": "com.amazonaws.dynamodb#LocalSecondaryIndexDescriptionList",
"traits": {
- "smithy.api#documentation": "Represents one or more local secondary indexes on the table. Each index is scoped to a\n given partition key value. Tables with one or more local secondary indexes are subject\n to an item collection size limit, where the amount of data within a given item\n collection cannot exceed 10 GB. Each element is composed of:
\n \n - \n
\n IndexName - The name of the local secondary index.
\n \n - \n
\n KeySchema - Specifies the complete index key schema. The attribute\n names in the key schema must be between 1 and 255 characters (inclusive). The\n key schema must begin with the same partition key as the table.
\n \n - \n
\n Projection - Specifies attributes that are copied (projected) from\n the table into the index. These are in addition to the primary key attributes\n and index key attributes, which are automatically projected. Each attribute\n specification is composed of:
\n \n - \n
\n ProjectionType - One of the following:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are\n projected into the index.
\n \n - \n
\n INCLUDE - Only the specified table attributes are\n projected into the index. The list of projected attributes is in\n NonKeyAttributes.
\n \n - \n
\n ALL - All of the table attributes are projected\n into the index.
\n \n
\n \n - \n
\n NonKeyAttributes - A list of one or more non-key attribute\n names that are projected into the secondary index. The total count of\n attributes provided in NonKeyAttributes, summed across all\n of the secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct\n attributes when determining the total.
\n \n
\n \n - \n
\n IndexSizeBytes - Represents the total size of the index, in bytes.\n DynamoDB updates this value approximately every six hours. Recent changes might\n not be reflected in this value.
\n \n - \n
\n ItemCount - Represents the number of items in the index. DynamoDB\n updates this value approximately every six hours. Recent changes might not be\n reflected in this value.
\n \n
\n If the table is in the DELETING state, no information about indexes will\n be returned.
"
+ "smithy.api#documentation": "Represents one or more local secondary indexes on the table. Each index is scoped to a\n given partition key value. Tables with one or more local secondary indexes are subject\n to an item collection size limit, where the amount of data within a given item\n collection cannot exceed 10 GB. Each element is composed of:
\n \n - \n
\n IndexName - The name of the local secondary index.
\n \n - \n
\n KeySchema - Specifies the complete index key schema. The attribute\n names in the key schema must be between 1 and 255 characters (inclusive). The\n key schema must begin with the same partition key as the table.
\n \n - \n
\n Projection - Specifies attributes that are copied (projected) from\n the table into the index. These are in addition to the primary key attributes\n and index key attributes, which are automatically projected. Each attribute\n specification is composed of:
\n \n - \n
\n ProjectionType - One of the following:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are\n projected into the index.
\n \n - \n
\n INCLUDE - Only the specified table attributes are\n projected into the index. The list of projected attributes is in\n NonKeyAttributes.
\n \n - \n
\n ALL - All of the table attributes are projected\n into the index.
\n \n
\n \n - \n
\n NonKeyAttributes - A list of one or more non-key attribute\n names that are projected into the secondary index. The total count of\n attributes provided in NonKeyAttributes, summed across all\n of the secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct\n attributes when determining the total.
\n \n
\n \n - \n
\n IndexSizeBytes - Represents the total size of the index, in bytes.\n DynamoDB updates this value approximately every six hours. Recent changes might\n not be reflected in this value.
\n \n - \n
\n ItemCount - Represents the number of items in the index. DynamoDB\n updates this value approximately every six hours. Recent changes might not be\n reflected in this value.
\n \n
\n If the table is in the DELETING state, no information about indexes will\n be returned.
"
}
},
"GlobalSecondaryIndexes": {
"target": "com.amazonaws.dynamodb#GlobalSecondaryIndexDescriptionList",
"traits": {
- "smithy.api#documentation": "The global secondary indexes, if any, on the table. Each index is scoped to a given\n partition key value. Each element is composed of:
\n \n - \n
\n Backfilling - If true, then the index is currently in the\n backfilling phase. Backfilling occurs only when a new global secondary index is\n added to the table. It is the process by which DynamoDB populates the new index\n with data from the table. (This attribute does not appear for indexes that were\n created during a CreateTable operation.)
\n You can delete an index that is being created during the\n Backfilling phase when IndexStatus is set to\n CREATING and Backfilling is true. You can't delete the index that\n is being created when IndexStatus is set to CREATING and\n Backfilling is false. (This attribute does not appear for\n indexes that were created during a CreateTable operation.)
\n \n - \n
\n IndexName - The name of the global secondary index.
\n \n - \n
\n IndexSizeBytes - The total size of the global secondary index, in\n bytes. DynamoDB updates this value approximately every six hours. Recent changes\n might not be reflected in this value.
\n \n - \n
\n IndexStatus - The current status of the global secondary\n index:
\n \n - \n
\n CREATING - The index is being created.
\n \n - \n
\n UPDATING - The index is being updated.
\n \n - \n
\n DELETING - The index is being deleted.
\n \n - \n
\n ACTIVE - The index is ready for use.
\n \n
\n \n - \n
\n ItemCount - The number of items in the global secondary index.\n DynamoDB updates this value approximately every six hours. Recent changes might\n not be reflected in this value.
\n \n - \n
\n KeySchema - Specifies the complete index key schema. The attribute\n names in the key schema must be between 1 and 255 characters (inclusive). The\n key schema must begin with the same partition key as the table.
\n \n - \n
\n Projection - Specifies attributes that are copied (projected) from\n the table into the index. These are in addition to the primary key attributes\n and index key attributes, which are automatically projected. Each attribute\n specification is composed of:
\n \n - \n
\n ProjectionType - One of the following:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are\n projected into the index.
\n \n - \n
\n INCLUDE - In addition to the attributes described\n in KEYS_ONLY, the secondary index will include\n other non-key attributes that you specify.
\n \n - \n
\n ALL - All of the table attributes are projected\n into the index.
\n \n
\n \n - \n
\n NonKeyAttributes - A list of one or more non-key attribute\n names that are projected into the secondary index. The total count of\n attributes provided in NonKeyAttributes, summed across all\n of the secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct\n attributes when determining the total.
\n \n
\n \n - \n
\n ProvisionedThroughput - The provisioned throughput settings for the\n global secondary index, consisting of read and write capacity units, along with\n data about increases and decreases.
\n \n
\n If the table is in the DELETING state, no information about indexes will\n be returned.
"
+ "smithy.api#documentation": "The global secondary indexes, if any, on the table. Each index is scoped to a given\n partition key value. Each element is composed of:
\n \n - \n
\n Backfilling - If true, then the index is currently in the\n backfilling phase. Backfilling occurs only when a new global secondary index is\n added to the table. It is the process by which DynamoDB populates the new index\n with data from the table. (This attribute does not appear for indexes that were\n created during a CreateTable operation.)
\n You can delete an index that is being created during the\n Backfilling phase when IndexStatus is set to\n CREATING and Backfilling is true. You can't delete the index that\n is being created when IndexStatus is set to CREATING and\n Backfilling is false. (This attribute does not appear for\n indexes that were created during a CreateTable operation.)
\n \n - \n
\n IndexName - The name of the global secondary index.
\n \n - \n
\n IndexSizeBytes - The total size of the global secondary index, in\n bytes. DynamoDB updates this value approximately every six hours. Recent changes\n might not be reflected in this value.
\n \n - \n
\n IndexStatus - The current status of the global secondary\n index:
\n \n - \n
\n CREATING - The index is being created.
\n \n - \n
\n UPDATING - The index is being updated.
\n \n - \n
\n DELETING - The index is being deleted.
\n \n - \n
\n ACTIVE - The index is ready for use.
\n \n
\n \n - \n
\n ItemCount - The number of items in the global secondary index.\n DynamoDB updates this value approximately every six hours. Recent changes might\n not be reflected in this value.
\n \n - \n
\n KeySchema - Specifies the complete index key schema. The attribute\n names in the key schema must be between 1 and 255 characters (inclusive). The\n key schema must begin with the same partition key as the table.
\n \n - \n
\n Projection - Specifies attributes that are copied (projected) from\n the table into the index. These are in addition to the primary key attributes\n and index key attributes, which are automatically projected. Each attribute\n specification is composed of:
\n \n - \n
\n ProjectionType - One of the following:
\n \n - \n
\n KEYS_ONLY - Only the index and primary keys are\n projected into the index.
\n \n - \n
\n INCLUDE - In addition to the attributes described\n in KEYS_ONLY, the secondary index will include\n other non-key attributes that you specify.
\n \n - \n
\n ALL - All of the table attributes are projected\n into the index.
\n \n
\n \n - \n
\n NonKeyAttributes - A list of one or more non-key attribute\n names that are projected into the secondary index. The total count of\n attributes provided in NonKeyAttributes, summed across all\n of the secondary indexes, must not exceed 100. If you project the same\n attribute into two different indexes, this counts as two distinct\n attributes when determining the total.
\n \n
\n \n - \n
\n ProvisionedThroughput - The provisioned throughput settings for the\n global secondary index, consisting of read and write capacity units, along with\n data about increases and decreases.
\n \n
\n If the table is in the DELETING state, no information about indexes will\n be returned.
"
}
},
"StreamSpecification": {
@@ -9763,7 +10003,7 @@
"LatestStreamLabel": {
"target": "com.amazonaws.dynamodb#String",
"traits": {
- "smithy.api#documentation": "A timestamp, in ISO 8601 format, for this stream.
\n\n Note that LatestStreamLabel is not a unique identifier for the stream,\n because it is possible that a stream from another table might have the same timestamp.\n However, the combination of the following three elements is guaranteed to be\n unique:
\n "
+ "smithy.api#documentation": "A timestamp, in ISO 8601 format, for this stream.
\n Note that LatestStreamLabel is not a unique identifier for the stream,\n because it is possible that a stream from another table might have the same timestamp.\n However, the combination of the following three elements is guaranteed to be\n unique:
\n "
}
},
"LatestStreamArn": {
@@ -9807,6 +10047,12 @@
"traits": {
"smithy.api#documentation": "Contains details of the table class.
"
}
+ },
+ "DeletionProtectionEnabled": {
+ "target": "com.amazonaws.dynamodb#DeletionProtectionEnabled",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether deletion protection is enabled (true) or disabled (false) on the table.
"
+ }
}
},
"traits": {
@@ -9925,7 +10171,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Describes a tag. A tag is a key-value pair. You can add up to 50 tags to a single\n DynamoDB table.
\n Amazon Web Services-assigned tag names and values are automatically assigned the\n aws: prefix, which the user cannot assign. Amazon Web Services-assigned\n tag names do not count towards the tag limit of 50. User-assigned tag names have the\n prefix user: in the Cost Allocation Report. You cannot backdate the\n application of a tag.
\n For an overview on tagging DynamoDB resources, see Tagging\n for DynamoDB in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "Describes a tag. A tag is a key-value pair. You can add up to 50 tags to a single\n DynamoDB table.
\n Amazon Web Services-assigned tag names and values are automatically assigned the\n aws: prefix, which the user cannot assign. Amazon Web Services-assigned\n tag names do not count towards the tag limit of 50. User-assigned tag names have the\n prefix user: in the Cost Allocation Report. You cannot backdate the\n application of a tag.
\n For an overview on tagging DynamoDB resources, see Tagging\n for DynamoDB in the Amazon DynamoDB Developer\n Guide.
"
}
},
"com.amazonaws.dynamodb#TagKeyList": {
@@ -9978,7 +10224,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Associate a set of tags with an Amazon DynamoDB resource. You can then activate these\n user-defined tags so that they appear on the Billing and Cost Management console for\n cost allocation tracking. You can call TagResource up to five times per second, per\n account.
\n For an overview on tagging DynamoDB resources, see Tagging for DynamoDB\n in the Amazon DynamoDB Developer Guide.
"
+ "smithy.api#documentation": "Associate a set of tags with an Amazon DynamoDB resource. You can then activate these\n user-defined tags so that they appear on the Billing and Cost Management console for\n cost allocation tracking. You can call TagResource up to five times per second, per\n account.
\n For an overview on tagging DynamoDB resources, see Tagging for DynamoDB\n in the Amazon DynamoDB Developer Guide.
"
}
},
"com.amazonaws.dynamodb#TagResourceInput": {
@@ -9998,6 +10244,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#TagValueString": {
@@ -10157,7 +10406,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "\n TransactGetItems is a synchronous operation that atomically retrieves\n multiple items from one or more tables (but not from indexes) in a single account and\n Region. A TransactGetItems call can contain up to 100\n TransactGetItem objects, each of which contains a Get\n structure that specifies an item to retrieve from a table in the account and Region. A\n call to TransactGetItems cannot retrieve items from tables in more than one\n Amazon Web Services account or Region. The aggregate size of the items in the\n transaction cannot exceed 4 MB.
\n DynamoDB rejects the entire TransactGetItems request if any of\n the following is true:
\n \n - \n
A conflicting operation is in the process of updating an item to be\n read.
\n \n - \n
There is insufficient provisioned capacity for the transaction to be\n completed.
\n \n - \n
There is a user error, such as an invalid data format.
\n \n - \n
The aggregate size of the items in the transaction cannot exceed 4 MB.
\n \n
"
+ "smithy.api#documentation": "\n TransactGetItems is a synchronous operation that atomically retrieves\n multiple items from one or more tables (but not from indexes) in a single account and\n Region. A TransactGetItems call can contain up to 100\n TransactGetItem objects, each of which contains a Get\n structure that specifies an item to retrieve from a table in the account and Region. A\n call to TransactGetItems cannot retrieve items from tables in more than one\n Amazon Web Services account or Region. The aggregate size of the items in the\n transaction cannot exceed 4 MB.
\n DynamoDB rejects the entire TransactGetItems request if any of\n the following is true:
\n \n - \n
A conflicting operation is in the process of updating an item to be\n read.
\n \n - \n
There is insufficient provisioned capacity for the transaction to be\n completed.
\n \n - \n
There is a user error, such as an invalid data format.
\n \n - \n
The aggregate size of the items in the transaction exceeded 4 MB.
\n \n
"
}
},
"com.amazonaws.dynamodb#TransactGetItemsInput": {
@@ -10176,6 +10425,9 @@
"smithy.api#documentation": "A value of TOTAL causes consumed capacity information to be returned, and\n a value of NONE prevents that information from being returned. No other\n value is valid.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#TransactGetItemsOutput": {
@@ -10190,9 +10442,12 @@
"Responses": {
"target": "com.amazonaws.dynamodb#ItemResponseList",
"traits": {
- "smithy.api#documentation": "An ordered array of up to 100 ItemResponse objects, each of which\n corresponds to the TransactGetItem object in the same position in the\n TransactItems array. Each ItemResponse object\n contains a Map of the name-value pairs that are the projected attributes of the\n requested item.
\n If a requested item could not be retrieved, the corresponding\n ItemResponse object is Null, or if the requested item has no projected\n attributes, the corresponding ItemResponse object is an empty Map.
"
+ "smithy.api#documentation": "An ordered array of up to 100 ItemResponse objects, each of which\n corresponds to the TransactGetItem object in the same position in the\n TransactItems array. Each ItemResponse object\n contains a Map of the name-value pairs that are the projected attributes of the\n requested item.
\n If a requested item could not be retrieved, the corresponding\n ItemResponse object is Null, or if the requested item has no projected\n attributes, the corresponding ItemResponse object is an empty Map.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#TransactWriteItem": {
@@ -10277,7 +10532,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "\n TransactWriteItems is a synchronous write operation that groups up to 100\n action requests. These actions can target items in different tables, but not in\n different Amazon Web Services accounts or Regions, and no two actions can target the same\n item. For example, you cannot both ConditionCheck and Update\n the same item. The aggregate size of the items in the transaction cannot exceed 4\n MB.
\n\n The actions are completed atomically so that either all of them succeed, or all of\n them fail. They are defined by the following objects:
\n\n \n - \n
\n Put — Initiates a PutItem\n operation to write a new item. This structure specifies the primary key of the\n item to be written, the name of the table to write it in, an optional condition\n expression that must be satisfied for the write to succeed, a list of the item's\n attributes, and a field indicating whether to retrieve the item's attributes if\n the condition is not met.
\n \n - \n
\n Update — Initiates an UpdateItem\n operation to update an existing item. This structure specifies the primary key\n of the item to be updated, the name of the table where it resides, an optional\n condition expression that must be satisfied for the update to succeed, an\n expression that defines one or more attributes to be updated, and a field\n indicating whether to retrieve the item's attributes if the condition is not\n met.
\n \n - \n
\n Delete — Initiates a DeleteItem\n operation to delete an existing item. This structure specifies the primary key\n of the item to be deleted, the name of the table where it resides, an optional\n condition expression that must be satisfied for the deletion to succeed, and a\n field indicating whether to retrieve the item's attributes if the condition is\n not met.
\n \n - \n
\n ConditionCheck — Applies a condition to an item\n that is not being modified by the transaction. This structure specifies the\n primary key of the item to be checked, the name of the table where it resides, a\n condition expression that must be satisfied for the transaction to succeed, and\n a field indicating whether to retrieve the item's attributes if the condition is\n not met.
\n \n
\n\n DynamoDB rejects the entire TransactWriteItems request if any of the\n following is true:
\n \n - \n
A condition in one of the condition expressions is not met.
\n \n - \n
An ongoing operation is in the process of updating the same item.
\n \n - \n
There is insufficient provisioned capacity for the transaction to be\n completed.
\n \n - \n
An item size becomes too large (bigger than 400 KB), a local secondary index\n (LSI) becomes too large, or a similar validation error occurs because of changes\n made by the transaction.
\n \n - \n
The aggregate size of the items in the transaction exceeds 4 MB.
\n \n - \n
There is a user error, such as an invalid data format.
\n \n
"
+ "smithy.api#documentation": "\n TransactWriteItems is a synchronous write operation that groups up to 100\n action requests. These actions can target items in different tables, but not in\n different Amazon Web Services accounts or Regions, and no two actions can target the same\n item. For example, you cannot both ConditionCheck and Update\n the same item. The aggregate size of the items in the transaction cannot exceed 4\n MB.
\n The actions are completed atomically so that either all of them succeed, or all of\n them fail. They are defined by the following objects:
\n \n - \n
\n Put — Initiates a PutItem\n operation to write a new item. This structure specifies the primary key of the\n item to be written, the name of the table to write it in, an optional condition\n expression that must be satisfied for the write to succeed, a list of the item's\n attributes, and a field indicating whether to retrieve the item's attributes if\n the condition is not met.
\n \n - \n
\n Update — Initiates an UpdateItem\n operation to update an existing item. This structure specifies the primary key\n of the item to be updated, the name of the table where it resides, an optional\n condition expression that must be satisfied for the update to succeed, an\n expression that defines one or more attributes to be updated, and a field\n indicating whether to retrieve the item's attributes if the condition is not\n met.
\n \n - \n
\n Delete — Initiates a DeleteItem\n operation to delete an existing item. This structure specifies the primary key\n of the item to be deleted, the name of the table where it resides, an optional\n condition expression that must be satisfied for the deletion to succeed, and a\n field indicating whether to retrieve the item's attributes if the condition is\n not met.
\n \n - \n
\n ConditionCheck — Applies a condition to an item\n that is not being modified by the transaction. This structure specifies the\n primary key of the item to be checked, the name of the table where it resides, a\n condition expression that must be satisfied for the transaction to succeed, and\n a field indicating whether to retrieve the item's attributes if the condition is\n not met.
\n \n
\n DynamoDB rejects the entire TransactWriteItems request if any of the\n following is true:
\n \n - \n
A condition in one of the condition expressions is not met.
\n \n - \n
An ongoing operation is in the process of updating the same item.
\n \n - \n
There is insufficient provisioned capacity for the transaction to be\n completed.
\n \n - \n
An item size becomes too large (bigger than 400 KB), a local secondary index\n (LSI) becomes too large, or a similar validation error occurs because of changes\n made by the transaction.
\n \n - \n
The aggregate size of the items in the transaction exceeds 4 MB.
\n \n - \n
There is a user error, such as an invalid data format.
\n \n
"
}
},
"com.amazonaws.dynamodb#TransactWriteItemsInput": {
@@ -10302,10 +10557,13 @@
"ClientRequestToken": {
"target": "com.amazonaws.dynamodb#ClientRequestToken",
"traits": {
- "smithy.api#documentation": "Providing a ClientRequestToken makes the call to\n TransactWriteItems idempotent, meaning that multiple identical calls\n have the same effect as one single call.
\n Although multiple identical calls using the same client request token produce the same\n result on the server (no side effects), the responses to the calls might not be the\n same. If the ReturnConsumedCapacity> parameter is set, then the initial\n TransactWriteItems call returns the amount of write capacity units\n consumed in making the changes. Subsequent TransactWriteItems calls with\n the same client token return the number of read capacity units consumed in reading the\n item.
\n A client request token is valid for 10 minutes after the first request that uses it is\n completed. After 10 minutes, any request with the same client token is treated as a new\n request. Do not resubmit the same request with the same client token for more than 10\n minutes, or the result might not be idempotent.
\n If you submit a request with the same client token but a change in other parameters\n within the 10-minute idempotency window, DynamoDB returns an\n IdempotentParameterMismatch exception.
",
+ "smithy.api#documentation": "Providing a ClientRequestToken makes the call to\n TransactWriteItems idempotent, meaning that multiple identical calls\n have the same effect as one single call.
\n Although multiple identical calls using the same client request token produce the same\n result on the server (no side effects), the responses to the calls might not be the\n same. If the ReturnConsumedCapacity parameter is set, then the initial\n TransactWriteItems call returns the amount of write capacity units\n consumed in making the changes. Subsequent TransactWriteItems calls with\n the same client token return the number of read capacity units consumed in reading the\n item.
\n A client request token is valid for 10 minutes after the first request that uses it is\n completed. After 10 minutes, any request with the same client token is treated as a new\n request. Do not resubmit the same request with the same client token for more than 10\n minutes, or the result might not be idempotent.
\n If you submit a request with the same client token but a change in other parameters\n within the 10-minute idempotency window, DynamoDB returns an\n IdempotentParameterMismatch exception.
",
"smithy.api#idempotencyToken": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#TransactWriteItemsOutput": {
@@ -10323,6 +10581,9 @@
"smithy.api#documentation": "A list of tables that were processed by TransactWriteItems and, for each\n table, information about any item collections that were affected by individual\n UpdateItem, PutItem, or DeleteItem\n operations.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#TransactionCanceledException": {
@@ -10339,7 +10600,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The entire transaction request was canceled.
\n DynamoDB cancels a TransactWriteItems request under the following\n circumstances:
\n \n - \n
A condition in one of the condition expressions is not met.
\n \n - \n
A table in the TransactWriteItems request is in a different\n account or region.
\n \n - \n
More than one action in the TransactWriteItems operation\n targets the same item.
\n \n - \n
There is insufficient provisioned capacity for the transaction to be\n completed.
\n \n - \n
An item size becomes too large (larger than 400 KB), or a local secondary\n index (LSI) becomes too large, or a similar validation error occurs because of\n changes made by the transaction.
\n \n - \n
There is a user error, such as an invalid data format.
\n \n
\n\n DynamoDB cancels a TransactGetItems request under the\n following circumstances:
\n \n - \n
There is an ongoing TransactGetItems operation that conflicts\n with a concurrent PutItem, UpdateItem,\n DeleteItem or TransactWriteItems request. In this\n case the TransactGetItems operation fails with a\n TransactionCanceledException.
\n \n - \n
A table in the TransactGetItems request is in a different\n account or region.
\n \n - \n
There is insufficient provisioned capacity for the transaction to be\n completed.
\n \n - \n
There is a user error, such as an invalid data format.
\n \n
\n\n \n If using Java, DynamoDB lists the cancellation reasons on the\n CancellationReasons property. This property is not set for other\n languages. Transaction cancellation reasons are ordered in the order of requested\n items, if an item has no error it will have None code and\n Null message.
\n \n Cancellation reason codes and possible error messages:
\n \n - \n
No Errors:
\n \n - \n
Code: None\n
\n \n - \n
Message: null\n
\n \n
\n \n - \n
Conditional Check Failed:
\n \n \n - \n
Item Collection Size Limit Exceeded:
\n \n \n - \n
Transaction Conflict:
\n \n \n - \n
Provisioned Throughput Exceeded:
\n \n \n - \n
Throttling Error:
\n \n - \n
Code: ThrottlingError\n
\n \n - \n
Messages:
\n \n - \n
Throughput exceeds the current capacity of your table or\n index. DynamoDB is automatically scaling your table or\n index so please try again shortly. If exceptions persist, check\n if you have a hot key:\n https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-design.html.
\n \n This message is returned when writes get throttled on an\n On-Demand table as DynamoDB is automatically\n scaling the table.
\n \n \n - \n
Throughput exceeds the current capacity for one or more\n global secondary indexes. DynamoDB is automatically\n scaling your index so please try again shortly.
\n \n This message is returned when when writes get throttled on\n an On-Demand GSI as DynamoDB is automatically\n scaling the GSI.
\n \n \n
\n\n \n
\n \n - \n
Validation Error:
\n \n - \n
Code: ValidationError\n
\n \n - \n
Messages:
\n \n - \n
One or more parameter values were invalid.
\n \n - \n
The update expression attempted to update the secondary\n index key beyond allowed size limits.
\n \n - \n
The update expression attempted to update the secondary\n index key to unsupported type.
\n \n - \n
An operand in the update expression has an incorrect data\n type.
\n \n - \n
Item size to update has exceeded the maximum allowed\n size.
\n \n - \n
Number overflow. Attempting to store a number with\n magnitude larger than supported range.
\n \n - \n
Type mismatch for attribute to update.
\n \n - \n
Nesting Levels have exceeded supported limits.
\n \n - \n
The document path provided in the update expression is\n invalid for update.
\n \n - \n
The provided expression refers to an attribute that does\n not exist in the item.
\n \n
\n\n \n
\n \n
",
+ "smithy.api#documentation": "The entire transaction request was canceled.
\n DynamoDB cancels a TransactWriteItems request under the following\n circumstances:
\n \n - \n
A condition in one of the condition expressions is not met.
\n \n - \n
A table in the TransactWriteItems request is in a different\n account or region.
\n \n - \n
More than one action in the TransactWriteItems operation\n targets the same item.
\n \n - \n
There is insufficient provisioned capacity for the transaction to be\n completed.
\n \n - \n
An item size becomes too large (larger than 400 KB), or a local secondary\n index (LSI) becomes too large, or a similar validation error occurs because of\n changes made by the transaction.
\n \n - \n
There is a user error, such as an invalid data format.
\n \n
\n DynamoDB cancels a TransactGetItems request under the\n following circumstances:
\n \n - \n
There is an ongoing TransactGetItems operation that conflicts\n with a concurrent PutItem, UpdateItem,\n DeleteItem or TransactWriteItems request. In this\n case the TransactGetItems operation fails with a\n TransactionCanceledException.
\n \n - \n
A table in the TransactGetItems request is in a different\n account or region.
\n \n - \n
There is insufficient provisioned capacity for the transaction to be\n completed.
\n \n - \n
There is a user error, such as an invalid data format.
\n \n
\n \n If using Java, DynamoDB lists the cancellation reasons on the\n CancellationReasons property. This property is not set for other\n languages. Transaction cancellation reasons are ordered in the order of requested\n items, if an item has no error it will have None code and\n Null message.
\n \n Cancellation reason codes and possible error messages:
\n \n - \n
No Errors:
\n \n - \n
Code: None\n
\n \n - \n
Message: null\n
\n \n
\n \n - \n
Conditional Check Failed:
\n \n \n - \n
Item Collection Size Limit Exceeded:
\n \n \n - \n
Transaction Conflict:
\n \n \n - \n
Provisioned Throughput Exceeded:
\n \n \n - \n
Throttling Error:
\n \n - \n
Code: ThrottlingError\n
\n \n - \n
Messages:
\n \n - \n
Throughput exceeds the current capacity of your table or\n index. DynamoDB is automatically scaling your table or\n index so please try again shortly. If exceptions persist, check\n if you have a hot key:\n https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-design.html.
\n \n This message is returned when writes get throttled on an\n On-Demand table as DynamoDB is automatically\n scaling the table.
\n \n \n - \n
Throughput exceeds the current capacity for one or more\n global secondary indexes. DynamoDB is automatically\n scaling your index so please try again shortly.
\n \n This message is returned when writes get throttled on\n an On-Demand GSI as DynamoDB is automatically\n scaling the GSI.
\n \n \n
\n \n
\n \n - \n
Validation Error:
\n \n - \n
Code: ValidationError\n
\n \n - \n
Messages:
\n \n - \n
One or more parameter values were invalid.
\n \n - \n
The update expression attempted to update the secondary\n index key beyond allowed size limits.
\n \n - \n
The update expression attempted to update the secondary\n index key to unsupported type.
\n \n - \n
An operand in the update expression has an incorrect data\n type.
\n \n - \n
Item size to update has exceeded the maximum allowed\n size.
\n \n - \n
Number overflow. Attempting to store a number with\n magnitude larger than supported range.
\n \n - \n
Type mismatch for attribute to update.
\n \n - \n
Nesting Levels have exceeded supported limits.
\n \n - \n
The document path provided in the update expression is\n invalid for update.
\n \n - \n
The provided expression refers to an attribute that does\n not exist in the item.
\n \n
\n \n
\n \n
",
"smithy.api#error": "client"
}
},
@@ -10363,7 +10624,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The transaction with the given request token is already in progress.
",
+ "smithy.api#documentation": "The transaction with the given request token is already in progress.
\n \n Recommended Settings \n
\n \n \n This is a general recommendation for handling the TransactionInProgressException. These settings help \n ensure that the client retries will trigger completion of the ongoing TransactWriteItems request.\n
\n \n \n - \n
\n Set clientExecutionTimeout to a value that allows at least one retry to be processed after 5 \n seconds have elapsed since the first attempt for the TransactWriteItems operation.\n
\n \n - \n
\n Set socketTimeout to a value a little lower than the requestTimeout setting.\n
\n \n - \n
\n requestTimeout should be set based on the time taken for the individual retries of a single \n HTTP request for your use case, but setting it to 1 second or higher should work well to reduce chances of \n retries and TransactionInProgressException errors.\n
\n \n - \n
\n Use exponential backoff when retrying and tune backoff if needed.\n
\n \n
\n \n Assuming default retry policy, \n example timeout settings based on the guidelines above are as follows: \n
\n Example timeline:
\n \n - \n
0-1000 first attempt
\n \n - \n
1000-1500 first sleep/delay (default retry policy uses 500 ms as base delay for 4xx errors)
\n \n - \n
1500-2500 second attempt
\n \n - \n
2500-3500 second sleep/delay (500 * 2, exponential backoff)
\n \n - \n
3500-4500 third attempt
\n \n - \n
4500-6500 third sleep/delay (500 * 2^2)
\n \n - \n
6500-7500 fourth attempt (this can trigger inline recovery since 5 seconds have elapsed since the first attempt reached TC)
\n \n
",
"smithy.api#error": "client"
}
},
@@ -10396,7 +10657,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Removes the association of tags from an Amazon DynamoDB resource. You can call\n UntagResource up to five times per second, per account.
\n For an overview on tagging DynamoDB resources, see Tagging for DynamoDB\n in the Amazon DynamoDB Developer Guide.
"
+ "smithy.api#documentation": "Removes the association of tags from an Amazon DynamoDB resource. You can call\n UntagResource up to five times per second, per account.
\n For an overview on tagging DynamoDB resources, see Tagging for DynamoDB\n in the Amazon DynamoDB Developer Guide.
"
}
},
"com.amazonaws.dynamodb#UntagResourceInput": {
@@ -10416,6 +10677,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#Update": {
@@ -10497,7 +10761,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "\n UpdateContinuousBackups enables or disables point in time recovery for\n the specified table. A successful UpdateContinuousBackups call returns the\n current ContinuousBackupsDescription. Continuous backups are\n ENABLED on all tables at table creation. If point in time recovery is\n enabled, PointInTimeRecoveryStatus will be set to ENABLED.
\n Once continuous backups and point in time recovery are enabled, you can restore to\n any point in time within EarliestRestorableDateTime and\n LatestRestorableDateTime.
\n \n LatestRestorableDateTime is typically 5 minutes before the current time.\n You can restore your table to any point in time during the last 35 days.
"
+ "smithy.api#documentation": "\n UpdateContinuousBackups enables or disables point in time recovery for\n the specified table. A successful UpdateContinuousBackups call returns the\n current ContinuousBackupsDescription. Continuous backups are\n ENABLED on all tables at table creation. If point in time recovery is\n enabled, PointInTimeRecoveryStatus will be set to ENABLED.
\n Once continuous backups and point in time recovery are enabled, you can restore to\n any point in time within EarliestRestorableDateTime and\n LatestRestorableDateTime.
\n \n LatestRestorableDateTime is typically 5 minutes before the current time.\n You can restore your table to any point in time during the last 35 days.
"
}
},
"com.amazonaws.dynamodb#UpdateContinuousBackupsInput": {
@@ -10517,6 +10781,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#UpdateContinuousBackupsOutput": {
@@ -10528,6 +10795,9 @@
"smithy.api#documentation": "Represents the continuous backups and point in time recovery settings on the\n table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#UpdateContributorInsights": {
@@ -10573,6 +10843,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#UpdateContributorInsightsOutput": {
@@ -10596,6 +10869,9 @@
"smithy.api#documentation": "The status of contributor insights
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#UpdateExpression": {
@@ -10614,7 +10890,7 @@
"ProvisionedThroughput": {
"target": "com.amazonaws.dynamodb#ProvisionedThroughput",
"traits": {
- "smithy.api#documentation": "Represents the provisioned throughput settings for the specified global secondary\n index.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
",
+ "smithy.api#documentation": "Represents the provisioned throughput settings for the specified global secondary\n index.
\n For current minimum and maximum provisioned throughput values, see Service,\n Account, and Table Quotas in the Amazon DynamoDB Developer\n Guide.
",
"smithy.api#required": {}
}
}
@@ -10655,7 +10931,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Adds or removes replicas in the specified global table. The global table must already\n exist to be able to use this operation. Any replica to be added must be empty, have the\n same name as the global table, have the same key schema, have DynamoDB Streams enabled,\n and have the same provisioned and maximum write capacity units.
\n \n Although you can use UpdateGlobalTable to add replicas and remove\n replicas in a single request, for simplicity we recommend that you issue separate\n requests for adding or removing replicas.
\n \n If global secondary indexes are specified, then the following conditions must also be\n met:
\n \n - \n
The global secondary indexes must have the same name.
\n \n - \n
The global secondary indexes must have the same hash key and sort key (if\n present).
\n \n - \n
The global secondary indexes must have the same provisioned and maximum write\n capacity units.
\n \n
"
+ "smithy.api#documentation": "Adds or removes replicas in the specified global table. The global table must already\n exist to be able to use this operation. Any replica to be added must be empty, have the\n same name as the global table, have the same key schema, have DynamoDB Streams enabled,\n and have the same provisioned and maximum write capacity units.
\n \n This operation only applies to Version\n 2017.11.29 (Legacy) of global tables. We recommend using\n Version 2019.11.21 (Current)\n when creating new global tables, as it provides greater flexibility, higher efficiency and consumes less write capacity than \n 2017.11.29 (Legacy). To determine which version you are using, see \n Determining the version. \n To update existing global tables from version 2017.11.29 (Legacy) to version\n 2019.11.21 (Current), see \n Updating global tables.\n
\n \n \n \n This operation only applies to Version\n 2017.11.29 of global tables. If you are using global tables Version\n 2019.11.21 you can use DescribeTable instead.\n
\n \n Although you can use UpdateGlobalTable to add replicas and remove\n replicas in a single request, for simplicity we recommend that you issue separate\n requests for adding or removing replicas.\n
\n \n If global secondary indexes are specified, then the following conditions must also be\n met:
\n \n - \n
The global secondary indexes must have the same name.
\n \n - \n
The global secondary indexes must have the same hash key and sort key (if\n present).
\n \n - \n
The global secondary indexes must have the same provisioned and maximum write\n capacity units.
\n \n
"
}
},
"com.amazonaws.dynamodb#UpdateGlobalTableInput": {
@@ -10675,6 +10951,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#UpdateGlobalTableOutput": {
@@ -10686,6 +10965,9 @@
"smithy.api#documentation": "Contains the details of the global table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#UpdateGlobalTableSettings": {
@@ -10723,7 +11005,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Updates settings for a global table.
"
+ "smithy.api#documentation": "Updates settings for a global table.
\n \n This operation only applies to Version\n 2017.11.29 (Legacy) of global tables. We recommend using\n Version 2019.11.21 (Current)\n when creating new global tables, as it provides greater flexibility, higher efficiency and consumes less write capacity than \n 2017.11.29 (Legacy). To determine which version you are using, see \n Determining the version. \n To update existing global tables from version 2017.11.29 (Legacy) to version\n 2019.11.21 (Current), see \n Updating global tables.\n
\n "
}
},
"com.amazonaws.dynamodb#UpdateGlobalTableSettingsInput": {
@@ -10739,7 +11021,7 @@
"GlobalTableBillingMode": {
"target": "com.amazonaws.dynamodb#BillingMode",
"traits": {
- "smithy.api#documentation": "The billing mode of the global table. If GlobalTableBillingMode is not\n specified, the global table defaults to PROVISIONED capacity billing\n mode.
\n \n - \n
\n PROVISIONED - We recommend using PROVISIONED for\n predictable workloads. PROVISIONED sets the billing mode to Provisioned Mode.
\n \n - \n
\n PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST\n for unpredictable workloads. PAY_PER_REQUEST sets the billing mode\n to On-Demand Mode.
\n \n
"
+ "smithy.api#documentation": "The billing mode of the global table. If GlobalTableBillingMode is not\n specified, the global table defaults to PROVISIONED capacity billing\n mode.
\n \n - \n
\n PROVISIONED - We recommend using PROVISIONED for\n predictable workloads. PROVISIONED sets the billing mode to Provisioned Mode.
\n \n - \n
\n PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST\n for unpredictable workloads. PAY_PER_REQUEST sets the billing mode\n to On-Demand Mode.
\n \n
"
}
},
"GlobalTableProvisionedWriteCapacityUnits": {
@@ -10766,6 +11048,9 @@
"smithy.api#documentation": "Represents the settings for a global table in a Region that will be modified.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#UpdateGlobalTableSettingsOutput": {
@@ -10783,6 +11068,9 @@
"smithy.api#documentation": "The Region-specific settings for the global table.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#UpdateItem": {
@@ -10823,7 +11111,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Edits an existing item's attributes, or adds a new item to the table if it does not\n already exist. You can put, delete, or add attribute values. You can also perform a\n conditional update on an existing item (insert a new attribute name-value pair if it\n doesn't exist, or replace an existing name-value pair if it has certain expected\n attribute values).
\n You can also return the item's attribute values in the same UpdateItem\n operation using the ReturnValues parameter.
"
+ "smithy.api#documentation": "Edits an existing item's attributes, or adds a new item to the table if it does not\n already exist. You can put, delete, or add attribute values. You can also perform a\n conditional update on an existing item (insert a new attribute name-value pair if it\n doesn't exist, or replace an existing name-value pair if it has certain expected\n attribute values).
\n You can also return the item's attribute values in the same UpdateItem\n operation using the ReturnValues parameter.
"
}
},
"com.amazonaws.dynamodb#UpdateItemInput": {
@@ -10839,7 +11127,7 @@
"Key": {
"target": "com.amazonaws.dynamodb#Key",
"traits": {
- "smithy.api#documentation": "The primary key of the item to be updated. Each element consists of an attribute name\n and a value for that attribute.
\n For the primary key, you must provide all of the attributes. For example, with a\n simple primary key, you only need to provide a value for the partition key. For a\n composite primary key, you must provide values for both the partition key and the sort\n key.
",
+ "smithy.api#documentation": "The primary key of the item to be updated. Each element consists of an attribute name\n and a value for that attribute.
\n For the primary key, you must provide all of the attributes. For example, with a\n simple primary key, you only need to provide a value for the partition key. For a\n composite primary key, you must provide values for both the partition key and the sort\n key.
",
"smithy.api#required": {}
}
},
@@ -10864,7 +11152,7 @@
"ReturnValues": {
"target": "com.amazonaws.dynamodb#ReturnValue",
"traits": {
- "smithy.api#documentation": "Use ReturnValues if you want to get the item attributes as they appear\n before or after they are updated. For UpdateItem, the valid values\n are:
\n \n - \n
\n NONE - If ReturnValues is not specified, or if its\n value is NONE, then nothing is returned. (This setting is the\n default for ReturnValues.)
\n \n - \n
\n ALL_OLD - Returns all of the attributes of the item, as they\n appeared before the UpdateItem operation.
\n \n - \n
\n UPDATED_OLD - Returns only the updated attributes, as they appeared\n before the UpdateItem operation.
\n \n - \n
\n ALL_NEW - Returns all of the attributes of the item, as they appear\n after the UpdateItem operation.
\n \n - \n
\n UPDATED_NEW - Returns only the updated attributes, as they appear\n after the UpdateItem operation.
\n \n
\n There is no additional cost associated with requesting a return value aside from the\n small network and processing overhead of receiving a larger response. No read capacity\n units are consumed.
\n The values returned are strongly consistent.
"
+ "smithy.api#documentation": "Use ReturnValues if you want to get the item attributes as they appear\n before or after they are successfully updated. For UpdateItem, the valid values\n are:
\n \n - \n
\n NONE - If ReturnValues is not specified, or if its\n value is NONE, then nothing is returned. (This setting is the\n default for ReturnValues.)
\n \n - \n
\n ALL_OLD - Returns all of the attributes of the item, as they\n appeared before the UpdateItem operation.
\n \n - \n
\n UPDATED_OLD - Returns only the updated attributes, as they appeared\n before the UpdateItem operation.
\n \n - \n
\n ALL_NEW - Returns all of the attributes of the item, as they appear\n after the UpdateItem operation.
\n \n - \n
\n UPDATED_NEW - Returns only the updated attributes, as they appear\n after the UpdateItem operation.
\n \n
\n There is no additional cost associated with requesting a return value aside from the\n small network and processing overhead of receiving a larger response. No read capacity\n units are consumed.
\n The values returned are strongly consistent.
"
}
},
"ReturnConsumedCapacity": {
@@ -10879,30 +11167,31 @@
"UpdateExpression": {
"target": "com.amazonaws.dynamodb#UpdateExpression",
"traits": {
- "smithy.api#documentation": "An expression that defines one or more attributes to be updated, the action to be\n performed on them, and new values for them.
\n The following action values are available for UpdateExpression.
\n \n - \n
\n SET - Adds one or more attributes and values to an item. If any of\n these attributes already exist, they are replaced by the new values. You can\n also use SET to add or subtract from an attribute that is of type\n Number. For example: SET myNum = myNum + :val\n
\n \n SET supports the following functions:
\n \n - \n
\n if_not_exists (path, operand) - if the item does not\n contain an attribute at the specified path, then\n if_not_exists evaluates to operand; otherwise, it\n evaluates to path. You can use this function to avoid overwriting an\n attribute that may already be present in the item.
\n \n - \n
\n list_append (operand, operand) - evaluates to a list with a\n new element added to it. You can append the new element to the start or\n the end of the list by reversing the order of the operands.
\n \n
\n These function names are case-sensitive.
\n \n - \n
\n REMOVE - Removes one or more attributes from an item.
\n \n - \n
\n ADD - Adds the specified value to the item, if the attribute does\n not already exist. If the attribute does exist, then the behavior of\n ADD depends on the data type of the attribute:
\n \n - \n
If the existing attribute is a number, and if Value is\n also a number, then Value is mathematically added to the\n existing attribute. If Value is a negative number, then it\n is subtracted from the existing attribute.
\n \n If you use ADD to increment or decrement a number\n value for an item that doesn't exist before the update, DynamoDB\n uses 0 as the initial value.
\n Similarly, if you use ADD for an existing item to\n increment or decrement an attribute value that doesn't exist before\n the update, DynamoDB uses 0 as the initial value. For\n example, suppose that the item you want to update doesn't have an\n attribute named itemcount, but you decide to\n ADD the number 3 to this attribute\n anyway. DynamoDB will create the itemcount attribute,\n set its initial value to 0, and finally add\n 3 to it. The result will be a new\n itemcount attribute in the item, with a value of\n 3.
\n \n \n - \n
If the existing data type is a set and if Value is also a\n set, then Value is added to the existing set. For example,\n if the attribute value is the set [1,2], and the\n ADD action specified [3], then the final\n attribute value is [1,2,3]. An error occurs if an\n ADD action is specified for a set attribute and the\n attribute type specified does not match the existing set type.
\n Both sets must have the same primitive data type. For example, if the\n existing data type is a set of strings, the Value must also\n be a set of strings.
\n \n
\n \n The ADD action only supports Number and set data types. In\n addition, ADD can only be used on top-level attributes, not\n nested attributes.
\n \n \n - \n
\n DELETE - Deletes an element from a set.
\n If a set of values is specified, then those values are subtracted from the old\n set. For example, if the attribute value was the set [a,b,c] and\n the DELETE action specifies [a,c], then the final\n attribute value is [b]. Specifying an empty set is an error.
\n \n The DELETE action only supports set data types. In addition,\n DELETE can only be used on top-level attributes, not nested\n attributes.
\n \n\n \n
\n You can have many actions in a single expression, such as the following: SET\n a=:value1, b=:value2 DELETE :value3, :value4, :value5\n
\n For more information on update expressions, see Modifying\n Items and Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "An expression that defines one or more attributes to be updated, the action to be\n performed on them, and new values for them.
\n The following action values are available for UpdateExpression.
\n \n - \n
\n SET - Adds one or more attributes and values to an item. If any of\n these attributes already exist, they are replaced by the new values. You can\n also use SET to add or subtract from an attribute that is of type\n Number. For example: SET myNum = myNum + :val\n
\n \n SET supports the following functions:
\n \n - \n
\n if_not_exists (path, operand) - if the item does not\n contain an attribute at the specified path, then\n if_not_exists evaluates to operand; otherwise, it\n evaluates to path. You can use this function to avoid overwriting an\n attribute that may already be present in the item.
\n \n - \n
\n list_append (operand, operand) - evaluates to a list with a\n new element added to it. You can append the new element to the start or\n the end of the list by reversing the order of the operands.
\n \n
\n These function names are case-sensitive.
\n \n - \n
\n REMOVE - Removes one or more attributes from an item.
\n \n - \n
\n ADD - Adds the specified value to the item, if the attribute does\n not already exist. If the attribute does exist, then the behavior of\n ADD depends on the data type of the attribute:
\n \n - \n
If the existing attribute is a number, and if Value is\n also a number, then Value is mathematically added to the\n existing attribute. If Value is a negative number, then it\n is subtracted from the existing attribute.
\n \n If you use ADD to increment or decrement a number\n value for an item that doesn't exist before the update, DynamoDB\n uses 0 as the initial value.
\n Similarly, if you use ADD for an existing item to\n increment or decrement an attribute value that doesn't exist before\n the update, DynamoDB uses 0 as the initial value. For\n example, suppose that the item you want to update doesn't have an\n attribute named itemcount, but you decide to\n ADD the number 3 to this attribute\n anyway. DynamoDB will create the itemcount attribute,\n set its initial value to 0, and finally add\n 3 to it. The result will be a new\n itemcount attribute in the item, with a value of\n 3.
\n \n \n - \n
If the existing data type is a set and if Value is also a\n set, then Value is added to the existing set. For example,\n if the attribute value is the set [1,2], and the\n ADD action specified [3], then the final\n attribute value is [1,2,3]. An error occurs if an\n ADD action is specified for a set attribute and the\n attribute type specified does not match the existing set type.
\n Both sets must have the same primitive data type. For example, if the\n existing data type is a set of strings, the Value must also\n be a set of strings.
\n \n
\n \n The ADD action only supports Number and set data types. In\n addition, ADD can only be used on top-level attributes, not\n nested attributes.
\n \n \n - \n
\n DELETE - Deletes an element from a set.
\n If a set of values is specified, then those values are subtracted from the old\n set. For example, if the attribute value was the set [a,b,c] and\n the DELETE action specifies [a,c], then the final\n attribute value is [b]. Specifying an empty set is an error.
\n \n The DELETE action only supports set data types. In addition,\n DELETE can only be used on top-level attributes, not nested\n attributes.
\n \n \n
\n You can have many actions in a single expression, such as the following: SET\n a=:value1, b=:value2 DELETE :value3, :value4, :value5\n
\n For more information on update expressions, see Modifying\n Items and Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ConditionExpression": {
"target": "com.amazonaws.dynamodb#ConditionExpression",
"traits": {
- "smithy.api#documentation": "A condition that must be satisfied in order for a conditional update to\n succeed.
\n An expression can contain any of the following:
\n \n - \n
Functions: attribute_exists | attribute_not_exists | attribute_type |\n contains | begins_with | size\n
\n These function names are case-sensitive.
\n \n - \n
Comparison operators: = | <> |\n < | > | <= | >= |\n BETWEEN | IN \n
\n \n - \n
Logical operators: AND | OR | NOT\n
\n \n
\n For more information about condition expressions, see Specifying Conditions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "A condition that must be satisfied in order for a conditional update to\n succeed.
\n An expression can contain any of the following:
\n \n - \n
Functions: attribute_exists | attribute_not_exists | attribute_type |\n contains | begins_with | size\n
\n These function names are case-sensitive.
\n \n - \n
Comparison operators: = | <> |\n < | > | <= | >= |\n BETWEEN | IN \n
\n \n - \n
Logical operators: AND | OR | NOT\n
\n \n
\n For more information about condition expressions, see Specifying Conditions in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeNames": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeNameMap",
"traits": {
- "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide.) To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information about expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more substitution tokens for attribute names in an expression. The following\n are some use cases for using ExpressionAttributeNames:
\n \n - \n
To access an attribute whose name conflicts with a DynamoDB reserved\n word.
\n \n - \n
To create a placeholder for repeating occurrences of an attribute name in an\n expression.
\n \n - \n
To prevent special characters in an attribute name from being misinterpreted\n in an expression.
\n \n
\n Use the # character in an expression to dereference\n an attribute name. For example, consider the following attribute name:
\n \n - \n
\n Percentile\n
\n \n
\n The name of this attribute conflicts with a reserved word, so it cannot be used\n directly in an expression. (For the complete list of reserved words, see Reserved Words in the Amazon DynamoDB Developer\n Guide.) To work around this, you could specify the following for\n ExpressionAttributeNames:
\n \n You could then use this substitution in an expression, as in this example:
\n \n - \n
\n #P = :val\n
\n \n
\n \n Tokens that begin with the : character are\n expression attribute values, which are placeholders for the\n actual value at runtime.
\n \n For more information about expression attribute names, see Specifying Item Attributes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ExpressionAttributeValues": {
"target": "com.amazonaws.dynamodb#ExpressionAttributeValueMap",
"traits": {
- "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "One or more values that can be substituted in an expression.
\n Use the : (colon) character in an expression to\n dereference an attribute value. For example, suppose that you wanted to check whether\n the value of the ProductStatus attribute was one of the following:
\n \n Available | Backordered | Discontinued\n
\n You would first need to specify ExpressionAttributeValues as\n follows:
\n \n { \":avail\":{\"S\":\"Available\"}, \":back\":{\"S\":\"Backordered\"},\n \":disc\":{\"S\":\"Discontinued\"} }\n
\n You could then use these values in an expression, such as this:
\n \n ProductStatus IN (:avail, :back, :disc)\n
\n For more information on expression attribute values, see Condition Expressions in the Amazon DynamoDB Developer\n Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of an UpdateItem operation.
"
+ "smithy.api#documentation": "Represents the input of an UpdateItem operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#UpdateItemOutput": {
@@ -10911,24 +11200,25 @@
"Attributes": {
"target": "com.amazonaws.dynamodb#AttributeMap",
"traits": {
- "smithy.api#documentation": "A map of attribute values as they appear before or after the UpdateItem\n operation, as determined by the ReturnValues parameter.
\n The Attributes map is only present if ReturnValues was\n specified as something other than NONE in the request. Each element\n represents one attribute.
"
+ "smithy.api#documentation": "A map of attribute values as they appear before or after the UpdateItem\n operation, as determined by the ReturnValues parameter.
\n The Attributes map is only present if the update was successful and ReturnValues was\n specified as something other than NONE in the request. Each element\n represents one attribute.
"
}
},
"ConsumedCapacity": {
"target": "com.amazonaws.dynamodb#ConsumedCapacity",
"traits": {
- "smithy.api#documentation": "The capacity units consumed by the UpdateItem operation. The data\n returned includes the total provisioned throughput consumed, along with statistics for\n the table and any indexes involved in the operation. ConsumedCapacity is\n only returned if the ReturnConsumedCapacity parameter was specified. For\n more information, see Provisioned Throughput in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "The capacity units consumed by the UpdateItem operation. The data\n returned includes the total provisioned throughput consumed, along with statistics for\n the table and any indexes involved in the operation. ConsumedCapacity is\n only returned if the ReturnConsumedCapacity parameter was specified. For\n more information, see Provisioned Throughput in the Amazon DynamoDB Developer\n Guide.
"
}
},
"ItemCollectionMetrics": {
"target": "com.amazonaws.dynamodb#ItemCollectionMetrics",
"traits": {
- "smithy.api#documentation": "Information about item collections, if any, that were affected by the\n UpdateItem operation. ItemCollectionMetrics is only\n returned if the ReturnItemCollectionMetrics parameter was specified. If the\n table does not have any local secondary indexes, this information is not returned in the\n response.
\n Each ItemCollectionMetrics element consists of:
\n \n - \n
\n ItemCollectionKey - The partition key value of the item collection.\n This is the same as the partition key value of the item itself.
\n \n - \n
\n SizeEstimateRangeGB - An estimate of item collection size, in\n gigabytes. This value is a two-element array containing a lower bound and an\n upper bound for the estimate. The estimate includes the size of all the items in\n the table, plus the size of all attributes projected into all of the local\n secondary indexes on that table. Use this estimate to measure whether a local\n secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the\n precision or accuracy of the estimate.
\n \n
"
+ "smithy.api#documentation": "Information about item collections, if any, that were affected by the\n UpdateItem operation. ItemCollectionMetrics is only\n returned if the ReturnItemCollectionMetrics parameter was specified. If the\n table does not have any local secondary indexes, this information is not returned in the\n response.
\n Each ItemCollectionMetrics element consists of:
\n \n - \n
\n ItemCollectionKey - The partition key value of the item collection.\n This is the same as the partition key value of the item itself.
\n \n - \n
\n SizeEstimateRangeGB - An estimate of item collection size, in\n gigabytes. This value is a two-element array containing a lower bound and an\n upper bound for the estimate. The estimate includes the size of all the items in\n the table, plus the size of all attributes projected into all of the local\n secondary indexes on that table. Use this estimate to measure whether a local\n secondary index is approaching its size limit.
\n The estimate is subject to change over time; therefore, do not rely on the\n precision or accuracy of the estimate.
\n \n
"
}
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of an UpdateItem operation.
"
+ "smithy.api#documentation": "Represents the output of an UpdateItem operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#UpdateReplicationGroupMemberAction": {
@@ -10999,7 +11289,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "Modifies the provisioned throughput settings, global secondary indexes, or DynamoDB\n Streams settings for a given table.
\n You can only perform one of the following operations at once:
\n \n - \n
Modify the provisioned throughput settings of the table.
\n \n - \n
Remove a global secondary index from the table.
\n \n - \n
Create a new global secondary index on the table. After the index begins\n backfilling, you can use UpdateTable to perform other\n operations.
\n \n
\n \n UpdateTable is an asynchronous operation; while it is executing, the table\n status changes from ACTIVE to UPDATING. While it is\n UPDATING, you cannot issue another UpdateTable request.\n When the table returns to the ACTIVE state, the UpdateTable\n operation is complete.
"
+ "smithy.api#documentation": "Modifies the provisioned throughput settings, global secondary indexes, or DynamoDB\n Streams settings for a given table.
\n \n This operation only applies to Version 2019.11.21 (Current) \n of global tables.\n
\n \n You can only perform one of the following operations at once:
\n \n - \n
Modify the provisioned throughput settings of the table.
\n \n - \n
Remove a global secondary index from the table.
\n \n - \n
Create a new global secondary index on the table. After the index begins\n backfilling, you can use UpdateTable to perform other\n operations.
\n \n
\n \n UpdateTable is an asynchronous operation; while it is executing, the table\n status changes from ACTIVE to UPDATING. While it is\n UPDATING, you cannot issue another UpdateTable request.\n When the table returns to the ACTIVE state, the UpdateTable\n operation is complete.
"
}
},
"com.amazonaws.dynamodb#UpdateTableInput": {
@@ -11021,7 +11311,7 @@
"BillingMode": {
"target": "com.amazonaws.dynamodb#BillingMode",
"traits": {
- "smithy.api#documentation": "Controls how you are charged for read and write throughput and how you manage\n capacity. When switching from pay-per-request to provisioned capacity, initial\n provisioned capacity values must be set. The initial provisioned capacity values are\n estimated based on the consumed read and write capacity of your table and global\n secondary indexes over the past 30 minutes.
\n \n - \n
\n PROVISIONED - We recommend using PROVISIONED for\n predictable workloads. PROVISIONED sets the billing mode to Provisioned Mode.
\n \n - \n
\n PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST\n for unpredictable workloads. PAY_PER_REQUEST sets the billing mode\n to On-Demand Mode.
\n \n
"
+ "smithy.api#documentation": "Controls how you are charged for read and write throughput and how you manage\n capacity. When switching from pay-per-request to provisioned capacity, initial\n provisioned capacity values must be set. The initial provisioned capacity values are\n estimated based on the consumed read and write capacity of your table and global\n secondary indexes over the past 30 minutes.
\n \n - \n
\n PROVISIONED - We recommend using PROVISIONED for\n predictable workloads. PROVISIONED sets the billing mode to Provisioned Mode.
\n \n - \n
\n PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST\n for unpredictable workloads. PAY_PER_REQUEST sets the billing mode\n to On-Demand Mode.
\n \n
"
}
},
"ProvisionedThroughput": {
@@ -11033,13 +11323,13 @@
"GlobalSecondaryIndexUpdates": {
"target": "com.amazonaws.dynamodb#GlobalSecondaryIndexUpdateList",
"traits": {
- "smithy.api#documentation": "An array of one or more global secondary indexes for the table. For each index in the\n array, you can request one action:
\n \n - \n
\n Create - add a new global secondary index to the table.
\n \n - \n
\n Update - modify the provisioned throughput settings of an existing\n global secondary index.
\n \n - \n
\n Delete - remove a global secondary index from the table.
\n \n
\n You can create or delete only one global secondary index per UpdateTable\n operation.
\n For more information, see Managing Global\n Secondary Indexes in the Amazon DynamoDB Developer\n Guide.
"
+ "smithy.api#documentation": "An array of one or more global secondary indexes for the table. For each index in the\n array, you can request one action:
\n \n - \n
\n Create - add a new global secondary index to the table.
\n \n - \n
\n Update - modify the provisioned throughput settings of an existing\n global secondary index.
\n \n - \n
\n Delete - remove a global secondary index from the table.
\n \n
\n You can create or delete only one global secondary index per UpdateTable\n operation.
\n For more information, see Managing Global\n Secondary Indexes in the Amazon DynamoDB Developer\n Guide.
"
}
},
"StreamSpecification": {
"target": "com.amazonaws.dynamodb#StreamSpecification",
"traits": {
- "smithy.api#documentation": "Represents the DynamoDB Streams configuration for the table.
\n \n You receive a ResourceInUseException if you try to enable a stream on\n a table that already has a stream, or if you try to disable a stream on a table that\n doesn't have a stream.
\n "
+ "smithy.api#documentation": "Represents the DynamoDB Streams configuration for the table.
\n \n You receive a ResourceInUseException if you try to enable a stream on\n a table that already has a stream, or if you try to disable a stream on a table that\n doesn't have a stream.
\n "
}
},
"SSESpecification": {
@@ -11051,7 +11341,7 @@
"ReplicaUpdates": {
"target": "com.amazonaws.dynamodb#ReplicationGroupUpdateList",
"traits": {
- "smithy.api#documentation": "A list of replica update actions (create, delete, or update) for the table.
\n \n This property only applies to Version\n 2019.11.21 of global tables.
\n "
+ "smithy.api#documentation": "A list of replica update actions (create, delete, or update) for the table.
\n \n This property only applies to Version 2019.11.21 (Current)\n of global tables.\n
\n "
}
},
"TableClass": {
@@ -11059,10 +11349,17 @@
"traits": {
"smithy.api#documentation": "The table class of the table to be updated. Valid values are STANDARD and\n STANDARD_INFREQUENT_ACCESS.
"
}
+ },
+ "DeletionProtectionEnabled": {
+ "target": "com.amazonaws.dynamodb#DeletionProtectionEnabled",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether deletion protection is to be enabled (true) or disabled (false) on the table.
"
+ }
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of an UpdateTable operation.
"
+ "smithy.api#documentation": "Represents the input of an UpdateTable operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#UpdateTableOutput": {
@@ -11076,7 +11373,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the output of an UpdateTable operation.
"
+ "smithy.api#documentation": "Represents the output of an UpdateTable operation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#UpdateTableReplicaAutoScaling": {
@@ -11102,7 +11400,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Updates auto scaling settings on your global tables at once.
\n \n This operation only applies to Version\n 2019.11.21 of global tables.
\n "
+ "smithy.api#documentation": "Updates auto scaling settings on your global tables at once.
\n \n This operation only applies to Version 2019.11.21 (Current) \n of global tables.\n
\n "
}
},
"com.amazonaws.dynamodb#UpdateTableReplicaAutoScalingInput": {
@@ -11130,6 +11428,9 @@
"smithy.api#documentation": "Represents the auto scaling settings of replicas of the table that will be\n modified.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#UpdateTableReplicaAutoScalingOutput": {
@@ -11141,6 +11442,9 @@
"smithy.api#documentation": "Returns information about the auto scaling settings of a table with replicas.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#UpdateTimeToLive": {
@@ -11172,7 +11476,7 @@
"aws.api#clientDiscoveredEndpoint": {
"required": false
},
- "smithy.api#documentation": "The UpdateTimeToLive method enables or disables Time to Live (TTL) for\n the specified table. A successful UpdateTimeToLive call returns the current\n TimeToLiveSpecification. It can take up to one hour for the change to\n fully process. Any additional UpdateTimeToLive calls for the same table\n during this one hour duration result in a ValidationException.
\n TTL compares the current time in epoch time format to the time stored in the TTL\n attribute of an item. If the epoch time value stored in the attribute is less than the\n current time, the item is marked as expired and subsequently deleted.
\n \n The epoch time format is the number of seconds elapsed since 12:00:00 AM January\n 1, 1970 UTC.
\n \n DynamoDB deletes expired items on a best-effort basis to ensure availability of\n throughput for other data operations.
\n \n DynamoDB typically deletes expired items within two days of expiration. The exact\n duration within which an item gets deleted after expiration is specific to the\n nature of the workload. Items that have expired and not been deleted will still show\n up in reads, queries, and scans.
\n \n As items are deleted, they are removed from any local secondary index and global\n secondary index immediately in the same eventually consistent way as a standard delete\n operation.
\n For more information, see Time To Live in the\n Amazon DynamoDB Developer Guide.
"
+ "smithy.api#documentation": "The UpdateTimeToLive method enables or disables Time to Live (TTL) for\n the specified table. A successful UpdateTimeToLive call returns the current\n TimeToLiveSpecification. It can take up to one hour for the change to\n fully process. Any additional UpdateTimeToLive calls for the same table\n during this one hour duration result in a ValidationException.
\n TTL compares the current time in epoch time format to the time stored in the TTL\n attribute of an item. If the epoch time value stored in the attribute is less than the\n current time, the item is marked as expired and subsequently deleted.
\n \n The epoch time format is the number of seconds elapsed since 12:00:00 AM January\n 1, 1970 UTC.
\n \n DynamoDB deletes expired items on a best-effort basis to ensure availability of\n throughput for other data operations.
\n \n DynamoDB typically deletes expired items within two days of expiration. The exact\n duration within which an item gets deleted after expiration is specific to the\n nature of the workload. Items that have expired and not been deleted will still show\n up in reads, queries, and scans.
\n \n As items are deleted, they are removed from any local secondary index and global\n secondary index immediately in the same eventually consistent way as a standard delete\n operation.
\n For more information, see Time To Live in the\n Amazon DynamoDB Developer Guide.
"
}
},
"com.amazonaws.dynamodb#UpdateTimeToLiveInput": {
@@ -11194,7 +11498,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Represents the input of an UpdateTimeToLive operation.
"
+ "smithy.api#documentation": "Represents the input of an UpdateTimeToLive operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.dynamodb#UpdateTimeToLiveOutput": {
@@ -11206,6 +11511,9 @@
"smithy.api#documentation": "Represents the output of an UpdateTimeToLive operation.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.dynamodb#WriteRequest": {
diff --git a/aws/sdk/aws-models/ec2.json b/aws/sdk/aws-models/ec2.json
index ee225e1375..b159cff5a5 100644
--- a/aws/sdk/aws-models/ec2.json
+++ b/aws/sdk/aws-models/ec2.json
@@ -632,7 +632,9 @@
"target": "com.amazonaws.ec2#VpcPeeringConnectionIdWithResolver",
"traits": {
"aws.protocols#ec2QueryName": "VpcPeeringConnectionId",
+ "smithy.api#clientOptional": {},
"smithy.api#documentation": "The ID of the VPC peering connection. You must specify this parameter in the\n\t\t\trequest.
",
+ "smithy.api#required": {},
"smithy.api#xmlName": "vpcPeeringConnectionId"
}
}
@@ -1674,6 +1676,12 @@
"traits": {
"smithy.api#documentation": "The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which to allocate\n the Dedicated Host.
"
}
+ },
+ "HostMaintenance": {
+ "target": "com.amazonaws.ec2#HostMaintenance",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether to enable or disable host maintenance for the Dedicated Host. For\n more information, see Host\n maintenance in the Amazon EC2 User Guide.
"
+ }
}
},
"traits": {
@@ -2073,6 +2081,9 @@
{
"target": "com.amazonaws.ec2#AssignPrivateIpAddresses"
},
+ {
+ "target": "com.amazonaws.ec2#AssignPrivateNatGatewayAddress"
+ },
{
"target": "com.amazonaws.ec2#AssociateAddress"
},
@@ -2094,6 +2105,9 @@
{
"target": "com.amazonaws.ec2#AssociateIpamResourceDiscovery"
},
+ {
+ "target": "com.amazonaws.ec2#AssociateNatGatewayAddress"
+ },
{
"target": "com.amazonaws.ec2#AssociateRouteTable"
},
@@ -3174,6 +3188,9 @@
{
"target": "com.amazonaws.ec2#DisassociateIpamResourceDiscovery"
},
+ {
+ "target": "com.amazonaws.ec2#DisassociateNatGatewayAddress"
+ },
{
"target": "com.amazonaws.ec2#DisassociateRouteTable"
},
@@ -3774,6 +3791,9 @@
{
"target": "com.amazonaws.ec2#UnassignPrivateIpAddresses"
},
+ {
+ "target": "com.amazonaws.ec2#UnassignPrivateNatGatewayAddress"
+ },
{
"target": "com.amazonaws.ec2#UnmonitorInstances"
},
@@ -3809,7 +3829,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -3838,13 +3858,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -3852,14 +3871,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -3868,67 +3893,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -3937,187 +3937,286 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://ec2-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://ec2-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
{
"conditions": [
{
- "fn": "stringEquals",
+ "fn": "booleanEquals",
"argv": [
- "aws-us-gov",
+ true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "name"
+ "supportsFIPS"
]
}
]
}
],
- "endpoint": {
- "url": "https://ec2.{Region}.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ "aws-us-gov",
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "name"
+ ]
+ }
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://ec2.{Region}.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://ec2-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
},
{
"conditions": [],
- "endpoint": {
- "url": "https://ec2-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://ec2.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "us-gov-east-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://ec2.us-gov-east-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "us-gov-west-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://ec2.us-gov-west-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://ec2.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://ec2.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -4126,66 +4225,13 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "us-gov-east-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://ec2.us-gov-east-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "us-gov-west-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://ec2.us-gov-west-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://ec2.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -4194,653 +4240,666 @@
"smithy.rules#endpointTests": {
"testCases": [
{
- "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-iso-west-1.c2s.ic.gov"
+ "url": "https://ec2.af-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "af-south-1",
"UseDualStack": false,
- "Region": "us-iso-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-iso-east-1.c2s.ic.gov"
+ "url": "https://ec2.ap-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://ec2.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "ap-northeast-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.cn-north-1.amazonaws.com.cn"
+ "url": "https://ec2.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-2",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://ec2.ap-northeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-3",
"UseDualStack": false,
- "Region": "cn-northwest-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://ec2.ap-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "ap-south-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://ec2.ap-south-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
- "Region": "cn-north-1"
+ "Region": "ap-south-1",
+ "UseDualStack": true,
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://ec2.ap-southeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "ap-southeast-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://ec2.ap-southeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-2",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://ec2.ap-southeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "ap-southeast-3",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-gov-east-1.amazonaws.com"
+ "url": "https://ec2.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-gov-west-1.amazonaws.com"
+ "url": "https://ec2-fips.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.us-gov-east-1.api.aws"
+ "url": "https://ec2.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "UseDualStack": true,
- "Region": "us-gov-east-1"
+ "Region": "eu-central-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-gov-east-1.amazonaws.com"
+ "url": "https://ec2.eu-north-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "eu-north-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-gov-east-1.api.aws"
+ "url": "https://ec2.eu-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "us-gov-east-1"
+ "Region": "eu-south-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.sa-east-1.amazonaws.com"
+ "url": "https://ec2.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-1",
"UseDualStack": false,
- "Region": "sa-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2.sa-east-1.api.aws"
+ "url": "https://ec2.eu-west-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-1",
"UseDualStack": true,
- "Region": "sa-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-east-2.amazonaws.com"
+ "url": "https://ec2.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-2",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.us-east-2.amazonaws.com"
+ "url": "https://ec2.eu-west-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "eu-west-3",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-east-2.api.aws"
+ "url": "https://ec2.me-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "us-east-2"
+ "Region": "me-south-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.eu-north-1.amazonaws.com"
+ "url": "https://ec2.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "sa-east-1",
"UseDualStack": false,
- "Region": "eu-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2.me-south-1.amazonaws.com"
+ "url": "https://ec2.sa-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "me-south-1"
+ "Region": "sa-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.eu-west-3.amazonaws.com"
+ "url": "https://ec2.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "eu-west-3"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.eu-west-2.amazonaws.com"
+ "url": "https://ec2-fips.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "eu-west-2"
+ "UseFIPS": true
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2.eu-west-1.amazonaws.com"
+ "url": "https://ec2.us-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "eu-west-1"
+ "Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.eu-west-1.api.aws"
+ "url": "https://ec2.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "eu-west-1"
+ "Region": "us-east-2",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-east-1.amazonaws.com"
+ "url": "https://ec2-fips.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.us-east-1.amazonaws.com"
+ "url": "https://ec2.us-east-2.api.aws"
}
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
- "Region": "us-east-1"
+ "Region": "us-east-2",
+ "UseDualStack": true,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-east-1.api.aws"
+ "url": "https://ec2.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "us-east-1"
+ "Region": "us-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ap-northeast-3.amazonaws.com"
+ "url": "https://ec2-fips.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-1",
"UseDualStack": false,
- "Region": "ap-northeast-3"
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ap-northeast-2.amazonaws.com"
+ "url": "https://ec2.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ap-northeast-1.amazonaws.com"
+ "url": "https://ec2-fips.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ap-south-1.amazonaws.com"
+ "url": "https://ec2.us-west-2.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "ap-south-1"
+ "Region": "us-west-2",
+ "UseDualStack": true,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ap-south-1.api.aws"
+ "url": "https://ec2-fips.us-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "ap-south-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.af-south-1.amazonaws.com"
+ "url": "https://ec2.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "af-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-west-2.amazonaws.com"
+ "url": "https://ec2.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-northwest-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.us-west-2.amazonaws.com"
+ "url": "https://ec2-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
+ "UseDualStack": true,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://ec2-fips.cn-north-1.amazonaws.com.cn"
+ }
+ },
+ "params": {
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-west-2.api.aws"
+ "url": "https://ec2.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": true,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.us-west-1.amazonaws.com"
+ "url": "https://ec2.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.us-west-1.amazonaws.com"
+ "url": "https://ec2.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ca-central-1.amazonaws.com"
+ "url": "https://ec2-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "ca-central-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.ca-central-1.amazonaws.com"
+ "url": "https://ec2.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ap-southeast-3.amazonaws.com"
+ "url": "https://ec2.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "ap-southeast-3"
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ap-southeast-2.amazonaws.com"
+ "url": "https://ec2.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ap-southeast-1.amazonaws.com"
+ "url": "https://ec2.us-iso-west-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-iso-west-1",
"UseDualStack": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.eu-central-1.amazonaws.com"
+ "url": "https://ec2-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.eu-south-1.amazonaws.com"
+ "url": "https://ec2.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "eu-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2.ap-east-1.amazonaws.com"
+ "url": "https://ec2-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "ap-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
- "url": "https://ec2-fips.us-east-1.api.aws"
+ "url": "https://example.com"
}
},
"params": {
- "UseFIPS": true,
- "UseDualStack": true,
- "Region": "us-east-1"
+ "Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false,
+ "Endpoint": "https://example.com"
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-east-1",
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -4850,9 +4909,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
"Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true,
"Endpoint": "https://example.com"
}
},
@@ -4862,9 +4921,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
"Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
}
@@ -5648,6 +5707,78 @@
}
}
},
+ "com.amazonaws.ec2#AssignPrivateNatGatewayAddress": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.ec2#AssignPrivateNatGatewayAddressRequest"
+ },
+ "output": {
+ "target": "com.amazonaws.ec2#AssignPrivateNatGatewayAddressResult"
+ },
+ "traits": {
+ "smithy.api#documentation": "Assigns one or more private IPv4 addresses to a private NAT gateway. For more information, see Work with NAT gateways in the Amazon Virtual Private Cloud User Guide.
"
+ }
+ },
+ "com.amazonaws.ec2#AssignPrivateNatGatewayAddressRequest": {
+ "type": "structure",
+ "members": {
+ "NatGatewayId": {
+ "target": "com.amazonaws.ec2#NatGatewayId",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The NAT gateway ID.
",
+ "smithy.api#required": {}
+ }
+ },
+ "PrivateIpAddresses": {
+ "target": "com.amazonaws.ec2#IpList",
+ "traits": {
+ "smithy.api#documentation": "The private IPv4 addresses you want to assign to the private NAT gateway.
",
+ "smithy.api#xmlName": "PrivateIpAddress"
+ }
+ },
+ "PrivateIpAddressCount": {
+ "target": "com.amazonaws.ec2#PrivateIpAddressCount",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": 0,
+ "smithy.api#documentation": "The number of private IP addresses to assign to the NAT gateway. You can't specify this parameter when also specifying private IP addresses.
"
+ }
+ },
+ "DryRun": {
+ "target": "com.amazonaws.ec2#Boolean",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": false,
+ "smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.ec2#AssignPrivateNatGatewayAddressResult": {
+ "type": "structure",
+ "members": {
+ "NatGatewayId": {
+ "target": "com.amazonaws.ec2#NatGatewayId",
+ "traits": {
+ "aws.protocols#ec2QueryName": "NatGatewayId",
+ "smithy.api#documentation": "The NAT gateway ID.
",
+ "smithy.api#xmlName": "natGatewayId"
+ }
+ },
+ "NatGatewayAddresses": {
+ "target": "com.amazonaws.ec2#NatGatewayAddressList",
+ "traits": {
+ "aws.protocols#ec2QueryName": "NatGatewayAddressSet",
+ "smithy.api#documentation": "NAT gateway IP addresses.
",
+ "smithy.api#xmlName": "natGatewayAddressSet"
+ }
+ }
+ }
+ },
"com.amazonaws.ec2#AssignedPrivateIpAddress": {
"type": "structure",
"members": {
@@ -5701,7 +5832,7 @@
}
},
"PublicIp": {
- "target": "com.amazonaws.ec2#String",
+ "target": "com.amazonaws.ec2#EipAllocationPublicIp",
"traits": {
"smithy.api#documentation": "[EC2-Classic] The Elastic IP address to associate with the instance. This is required for\n EC2-Classic.
"
}
@@ -5894,15 +6025,19 @@
"type": "structure",
"members": {
"CertificateArn": {
- "target": "com.amazonaws.ec2#ResourceArn",
+ "target": "com.amazonaws.ec2#CertificateId",
"traits": {
- "smithy.api#documentation": "The ARN of the ACM certificate with which to associate the IAM role.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ARN of the ACM certificate with which to associate the IAM role.
",
+ "smithy.api#required": {}
}
},
"RoleArn": {
- "target": "com.amazonaws.ec2#ResourceArn",
+ "target": "com.amazonaws.ec2#RoleId",
"traits": {
- "smithy.api#documentation": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM \n\t\t\tcertificate.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM \n\t\t\tcertificate.
",
+ "smithy.api#required": {}
}
},
"DryRun": {
@@ -6062,7 +6197,7 @@
"target": "com.amazonaws.ec2#AssociateIpamResourceDiscoveryResult"
},
"traits": {
- "smithy.api#documentation": "Associates an IPAM resource discovery with an Amazon VPC IPAM. A resource discovery is an IPAM component that enables IPAM Service to manage and monitor resources that belong to the owning account.
"
+ "smithy.api#documentation": "Associates an IPAM resource discovery with an Amazon VPC IPAM. A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.
"
}
},
"com.amazonaws.ec2#AssociateIpamResourceDiscoveryRequest": {
@@ -6124,6 +6259,79 @@
}
}
},
+ "com.amazonaws.ec2#AssociateNatGatewayAddress": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.ec2#AssociateNatGatewayAddressRequest"
+ },
+ "output": {
+ "target": "com.amazonaws.ec2#AssociateNatGatewayAddressResult"
+ },
+ "traits": {
+ "smithy.api#documentation": "Associates Elastic IP addresses (EIPs) and private IPv4 addresses with a public NAT gateway. For more information, see Work with NAT gateways in the Amazon Virtual Private Cloud User Guide.
\n By default, you can associate up to 2 Elastic IP addresses per public NAT gateway. You can increase the limit by requesting a quota adjustment. For more information, see Elastic IP address quotas in the Amazon Virtual Private Cloud User Guide.
"
+ }
+ },
+ "com.amazonaws.ec2#AssociateNatGatewayAddressRequest": {
+ "type": "structure",
+ "members": {
+ "NatGatewayId": {
+ "target": "com.amazonaws.ec2#NatGatewayId",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The NAT gateway ID.
",
+ "smithy.api#required": {}
+ }
+ },
+ "AllocationIds": {
+ "target": "com.amazonaws.ec2#AllocationIdList",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The allocation IDs of EIPs that you want to associate with your NAT gateway.
",
+ "smithy.api#required": {},
+ "smithy.api#xmlName": "AllocationId"
+ }
+ },
+ "PrivateIpAddresses": {
+ "target": "com.amazonaws.ec2#IpList",
+ "traits": {
+ "smithy.api#documentation": "The private IPv4 addresses that you want to assign to the NAT gateway.
",
+ "smithy.api#xmlName": "PrivateIpAddress"
+ }
+ },
+ "DryRun": {
+ "target": "com.amazonaws.ec2#Boolean",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": false,
+ "smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.ec2#AssociateNatGatewayAddressResult": {
+ "type": "structure",
+ "members": {
+ "NatGatewayId": {
+ "target": "com.amazonaws.ec2#NatGatewayId",
+ "traits": {
+ "aws.protocols#ec2QueryName": "NatGatewayId",
+ "smithy.api#documentation": "The NAT gateway ID.
",
+ "smithy.api#xmlName": "natGatewayId"
+ }
+ },
+ "NatGatewayAddresses": {
+ "target": "com.amazonaws.ec2#NatGatewayAddressList",
+ "traits": {
+ "aws.protocols#ec2QueryName": "NatGatewayAddressSet",
+ "smithy.api#documentation": "The IP addresses.
",
+ "smithy.api#xmlName": "natGatewayAddressSet"
+ }
+ }
+ }
+ },
"com.amazonaws.ec2#AssociateRouteTable": {
"type": "operation",
"input": {
@@ -6278,19 +6486,25 @@
"TransitGatewayMulticastDomainId": {
"target": "com.amazonaws.ec2#TransitGatewayMulticastDomainId",
"traits": {
- "smithy.api#documentation": "The ID of the transit gateway multicast domain.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the transit gateway multicast domain.
",
+ "smithy.api#required": {}
}
},
"TransitGatewayAttachmentId": {
"target": "com.amazonaws.ec2#TransitGatewayAttachmentId",
"traits": {
- "smithy.api#documentation": "The ID of the transit gateway attachment to associate with the transit gateway multicast domain.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the transit gateway attachment to associate with the transit gateway multicast domain.
",
+ "smithy.api#required": {}
}
},
"SubnetIds": {
"target": "com.amazonaws.ec2#TransitGatewaySubnetIdList",
"traits": {
- "smithy.api#documentation": "The IDs of the subnets to associate with the transit gateway multicast domain.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The IDs of the subnets to associate with the transit gateway multicast domain.
",
+ "smithy.api#required": {}
}
},
"DryRun": {
@@ -8330,6 +8544,12 @@
"traits": {
"smithy.api#enumValue": "uefi"
}
+ },
+ "uefi_preferred": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "uefi-preferred"
+ }
}
}
},
@@ -9001,7 +9221,7 @@
"target": "com.amazonaws.ec2#CancelImageLaunchPermissionResult"
},
"traits": {
- "smithy.api#documentation": "Removes your Amazon Web Services account from the launch permissions for the specified AMI. For more\n information, see Cancel having an AMI shared with your Amazon Web Services account \n in the Amazon EC2 User Guide.
"
+ "smithy.api#documentation": "Removes your Amazon Web Services account from the launch permissions for the specified AMI. For more\n information, see \n Cancel having an AMI shared with your Amazon Web Services account in the \n Amazon EC2 User Guide.
"
}
},
"com.amazonaws.ec2#CancelImageLaunchPermissionRequest": {
@@ -9168,7 +9388,7 @@
"target": "com.amazonaws.ec2#CancelSpotFleetRequestsResponse"
},
"traits": {
- "smithy.api#documentation": "Cancels the specified Spot Fleet requests.
\n After you cancel a Spot Fleet request, the Spot Fleet launches no new Spot Instances.\n You must specify whether the Spot Fleet should also terminate its Spot Instances. If you\n terminate the instances, the Spot Fleet request enters the\n cancelled_terminating state. Otherwise, the Spot Fleet request enters\n the cancelled_running state and the instances continue to run until they\n are interrupted or you terminate them manually.
"
+ "smithy.api#documentation": "Cancels the specified Spot Fleet requests.
\n After you cancel a Spot Fleet request, the Spot Fleet launches no new instances.
\n You must also specify whether a canceled Spot Fleet request should terminate its instances. If you\n choose to terminate the instances, the Spot Fleet request enters the\n cancelled_terminating state. Otherwise, the Spot Fleet request enters\n the cancelled_running state and the instances continue to run until they\n are interrupted or you terminate them manually.
"
}
},
"com.amazonaws.ec2#CancelSpotFleetRequestsError": {
@@ -9237,7 +9457,7 @@
"aws.protocols#ec2QueryName": "DryRun",
"smithy.api#clientOptional": {},
"smithy.api#default": false,
- "smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually\n making the request, and provides an error response. If you have the required\n permissions, the error response is DryRunOperation. Otherwise, it is\n UnauthorizedOperation.
",
+ "smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
",
"smithy.api#xmlName": "dryRun"
}
},
@@ -9257,7 +9477,7 @@
"aws.protocols#ec2QueryName": "TerminateInstances",
"smithy.api#clientOptional": {},
"smithy.api#default": false,
- "smithy.api#documentation": "Indicates whether to terminate instances for a Spot Fleet request if it is canceled\n successfully.
",
+ "smithy.api#documentation": "Indicates whether to terminate the associated instances when the Spot Fleet request is canceled. \n The default is to terminate the instances.
\n To let the instances continue to run after the Spot Fleet request is canceled, specify\n no-terminate-instances.
",
"smithy.api#required": {},
"smithy.api#xmlName": "terminateInstances"
}
@@ -10408,6 +10628,9 @@
"smithy.api#documentation": "Information about the client certificate to be used for authentication.
"
}
},
+ "com.amazonaws.ec2#CertificateId": {
+ "type": "string"
+ },
"com.amazonaws.ec2#CidrAuthorizationContext": {
"type": "structure",
"members": {
@@ -12409,7 +12632,7 @@
}
},
"PresignedUrl": {
- "target": "com.amazonaws.ec2#String",
+ "target": "com.amazonaws.ec2#CopySnapshotRequestPSU",
"traits": {
"aws.protocols#ec2QueryName": "PresignedUrl",
"smithy.api#documentation": "When you copy an encrypted source snapshot using the Amazon EC2 Query API, you must supply a\n pre-signed URL. This parameter is optional for unencrypted snapshots. For more information,\n see Query\n requests.
\n The PresignedUrl should use the snapshot source endpoint, the\n CopySnapshot action, and include the SourceRegion,\n SourceSnapshotId, and DestinationRegion parameters. The\n PresignedUrl must be signed using Amazon Web Services Signature Version 4. Because EBS\n snapshots are stored in Amazon S3, the signing algorithm for this parameter uses the same logic\n that is described in Authenticating Requests: Using Query\n Parameters (Amazon Web Services Signature Version 4) in the Amazon Simple Storage Service API Reference. An\n invalid or improperly signed PresignedUrl will cause the copy operation to fail\n asynchronously, and the snapshot will move to an error state.
",
@@ -12454,6 +12677,12 @@
"smithy.api#input": {}
}
},
+ "com.amazonaws.ec2#CopySnapshotRequestPSU": {
+ "type": "string",
+ "traits": {
+ "smithy.api#sensitive": {}
+ }
+ },
"com.amazonaws.ec2#CopySnapshotResult": {
"type": "structure",
"members": {
@@ -13359,8 +13588,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "For devices that support BGP, the customer gateway's BGP ASN.
\n Default: 65000
",
- "smithy.api#required": {}
+ "smithy.api#documentation": "For devices that support BGP, the customer gateway's BGP ASN.
\n Default: 65000
"
}
},
"PublicIp": {
@@ -13812,7 +14040,7 @@
"ExcessCapacityTerminationPolicy": {
"target": "com.amazonaws.ec2#FleetExcessCapacityTerminationPolicy",
"traits": {
- "smithy.api#documentation": "Indicates whether running instances should be terminated if the total target capacity of\n the EC2 Fleet is decreased below the current size of the EC2 Fleet.
"
+ "smithy.api#documentation": "Indicates whether running instances should be terminated if the total target capacity of\n the EC2 Fleet is decreased below the current size of the EC2 Fleet.
\n Supported only for fleets of type maintain.
"
}
},
"LaunchTemplateConfigs": {
@@ -14646,7 +14874,7 @@
"target": "com.amazonaws.ec2#CreateIpamResourceDiscoveryResult"
},
"traits": {
- "smithy.api#documentation": "Creates an IPAM resource discovery. A resource discovery is an IPAM component that enables IPAM Service to manage and monitor resources that belong to the owning account.
"
+ "smithy.api#documentation": "Creates an IPAM resource discovery. A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.
"
}
},
"com.amazonaws.ec2#CreateIpamResourceDiscoveryRequest": {
@@ -15041,9 +15269,7 @@
"DestinationCidrBlock": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#clientOptional": {},
- "smithy.api#documentation": "The CIDR range used for destination matches. Routing decisions are based on \n the most specific match.
",
- "smithy.api#required": {}
+ "smithy.api#documentation": "The CIDR range used for destination matches. Routing decisions are based on \n the most specific match.
"
}
},
"LocalGatewayRouteTableId": {
@@ -15073,6 +15299,12 @@
"traits": {
"smithy.api#documentation": "The ID of the network interface.
"
}
+ },
+ "DestinationPrefixListId": {
+ "target": "com.amazonaws.ec2#PrefixListResourceId",
+ "traits": {
+ "smithy.api#documentation": "\n The ID of the prefix list. Use a prefix list in place of DestinationCidrBlock. You \n cannot use DestinationPrefixListId and DestinationCidrBlock in the same request.\n
"
+ }
}
},
"traits": {
@@ -15409,7 +15641,7 @@
"target": "com.amazonaws.ec2#SubnetId",
"traits": {
"smithy.api#clientOptional": {},
- "smithy.api#documentation": "The subnet in which to create the NAT gateway.
",
+ "smithy.api#documentation": "The ID of the subnet in which to create the NAT gateway.
",
"smithy.api#required": {}
}
},
@@ -15431,6 +15663,28 @@
"traits": {
"smithy.api#documentation": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.
"
}
+ },
+ "SecondaryAllocationIds": {
+ "target": "com.amazonaws.ec2#AllocationIdList",
+ "traits": {
+ "smithy.api#documentation": "Secondary EIP allocation IDs. For more information about secondary addresses, see Create a NAT gateway in the Amazon Virtual Private Cloud User Guide.
",
+ "smithy.api#xmlName": "SecondaryAllocationId"
+ }
+ },
+ "SecondaryPrivateIpAddresses": {
+ "target": "com.amazonaws.ec2#IpList",
+ "traits": {
+ "smithy.api#documentation": "Secondary private IPv4 addresses. For more information about secondary addresses, see Create a NAT gateway in the Amazon Virtual Private Cloud User Guide.
",
+ "smithy.api#xmlName": "SecondaryPrivateIpAddress"
+ }
+ },
+ "SecondaryPrivateIpAddressCount": {
+ "target": "com.amazonaws.ec2#PrivateIpAddressCount",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": 0,
+ "smithy.api#documentation": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see Create a NAT gateway in the Amazon Virtual Private Cloud User Guide.
"
+ }
}
},
"traits": {
@@ -19057,7 +19311,7 @@
"VolumeType": {
"target": "com.amazonaws.ec2#VolumeType",
"traits": {
- "smithy.api#documentation": "The volume type. This parameter can be one of the following values:
\n \n - \n
General Purpose SSD: gp2 | gp3\n
\n \n - \n
Provisioned IOPS SSD: io1 | io2\n
\n \n - \n
Throughput Optimized HDD: st1\n
\n \n - \n
Cold HDD: sc1\n
\n \n - \n
Magnetic: standard\n
\n \n
\n For more information, see Amazon EBS volume types in the\n Amazon Elastic Compute Cloud User Guide.
\n Default: gp2\n
"
+ "smithy.api#documentation": "The volume type. This parameter can be one of the following values:
\n \n - \n
General Purpose SSD: gp2 | gp3\n
\n \n - \n
Provisioned IOPS SSD: io1 | io2\n
\n \n - \n
Throughput Optimized HDD: st1\n
\n \n - \n
Cold HDD: sc1\n
\n \n - \n
Magnetic: standard\n
\n \n
\n \n Throughput Optimized HDD (st1) and Cold HDD (sc1) volumes can't be used as boot volumes.
\n \n For more information, see Amazon EBS volume types in the\n Amazon Elastic Compute Cloud User Guide.
\n Default: gp2\n
"
}
},
"DryRun": {
@@ -19473,7 +19727,9 @@
"target": "com.amazonaws.ec2#VpcId",
"traits": {
"aws.protocols#ec2QueryName": "VpcId",
+ "smithy.api#clientOptional": {},
"smithy.api#documentation": "The ID of the requester VPC. You must specify this parameter in the\n\t\t\trequest.
",
+ "smithy.api#required": {},
"smithy.api#xmlName": "vpcId"
}
},
@@ -20718,7 +20974,7 @@
"target": "com.amazonaws.ec2#DeleteFleetsResult"
},
"traits": {
- "smithy.api#documentation": "Deletes the specified EC2 Fleet.
\n After you delete an EC2 Fleet, it launches no new instances.
\n You must specify whether a deleted EC2 Fleet should also terminate its instances. If you\n choose to terminate the instances, the EC2 Fleet enters the deleted_terminating\n state. Otherwise, the EC2 Fleet enters the deleted_running state, and the instances\n continue to run until they are interrupted or you terminate them manually.
\n For instant fleets, EC2 Fleet must terminate the instances when the fleet is\n deleted. A deleted instant fleet with running instances is not\n supported.
\n \n Restrictions\n
\n \n - \n
You can delete up to 25 instant fleets in a single request. If you exceed this\n number, no instant fleets are deleted and an error is returned. There is no\n restriction on the number of fleets of type maintain or request that can be deleted\n in a single request.
\n \n - \n
Up to 1000 instances can be terminated in a single request to delete\n instant fleets.
\n \n
\n For more information, see Delete an EC2\n Fleet in the Amazon EC2 User Guide.
"
+ "smithy.api#documentation": "Deletes the specified EC2 Fleets.
\n After you delete an EC2 Fleet, it launches no new instances.
\n You must also specify whether a deleted EC2 Fleet should terminate its instances. If you\n choose to terminate the instances, the EC2 Fleet enters the deleted_terminating\n state. Otherwise, the EC2 Fleet enters the deleted_running state, and the instances\n continue to run until they are interrupted or you terminate them manually.
\n For instant fleets, EC2 Fleet must terminate the instances when the fleet is\n deleted. A deleted instant fleet with running instances is not\n supported.
\n \n Restrictions\n
\n \n - \n
You can delete up to 25 instant fleets in a single request. If you exceed this\n number, no instant fleets are deleted and an error is returned. There is no\n restriction on the number of fleets of type maintain or request that can be deleted\n in a single request.
\n \n - \n
Up to 1000 instances can be terminated in a single request to delete\n instant fleets.
\n \n
\n For more information, see Delete an EC2\n Fleet in the Amazon EC2 User Guide.
"
}
},
"com.amazonaws.ec2#DeleteFleetsRequest": {
@@ -20746,7 +21002,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": false,
- "smithy.api#documentation": "Indicates whether to terminate the instances when the EC2 Fleet is deleted. The default is to\n terminate the instances.
\n To let the instances continue to run after the EC2 Fleet is deleted, specify\n NoTerminateInstances. Supported only for fleets of type\n maintain and request.
\n For instant fleets, you cannot specify NoTerminateInstances. A\n deleted instant fleet with running instances is not supported.
",
+ "smithy.api#documentation": "Indicates whether to terminate the associated instances when the EC2 Fleet is deleted. The default is to\n terminate the instances.
\n To let the instances continue to run after the EC2 Fleet is deleted, specify\n no-terminate-instances. Supported only for fleets of type\n maintain and request.
\n For instant fleets, you cannot specify NoTerminateInstances. A\n deleted instant fleet with running instances is not supported.
",
"smithy.api#required": {}
}
}
@@ -21077,7 +21333,7 @@
"target": "com.amazonaws.ec2#DeleteIpamResourceDiscoveryResult"
},
"traits": {
- "smithy.api#documentation": "Deletes an IPAM resource discovery. A resource discovery is an IPAM component that enables IPAM Service to manage and monitor resources that belong to the owning account.
"
+ "smithy.api#documentation": "Deletes an IPAM resource discovery. A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.
"
}
},
"com.amazonaws.ec2#DeleteIpamResourceDiscoveryRequest": {
@@ -21456,9 +21712,7 @@
"DestinationCidrBlock": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#clientOptional": {},
- "smithy.api#documentation": "The CIDR range for the route. This must match the CIDR for the route exactly.
",
- "smithy.api#required": {}
+ "smithy.api#documentation": "The CIDR range for the route. This must match the CIDR for the route exactly.
"
}
},
"LocalGatewayRouteTableId": {
@@ -21476,6 +21730,12 @@
"smithy.api#default": false,
"smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
"
}
+ },
+ "DestinationPrefixListId": {
+ "target": "com.amazonaws.ec2#PrefixListResourceId",
+ "traits": {
+ "smithy.api#documentation": "\n Use a prefix list in place of DestinationCidrBlock. You cannot use \n DestinationPrefixListId and DestinationCidrBlock in the same request.\n
"
+ }
}
},
"traits": {
@@ -22767,7 +23027,7 @@
"type": "structure",
"members": {
"TrafficMirrorFilterRuleId": {
- "target": "com.amazonaws.ec2#TrafficMirrorFilterRuleId",
+ "target": "com.amazonaws.ec2#TrafficMirrorFilterRuleIdWithResolver",
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#documentation": "The ID of the Traffic Mirror rule.
",
@@ -24212,7 +24472,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"smithy.api#clientOptional": {},
- "smithy.api#documentation": "The CIDR you want to deprovision from the pool.
",
+ "smithy.api#documentation": "The CIDR you want to deprovision from the pool. Enter the CIDR you want to deprovision with a netmask of /32. You must rerun this command for each IP address in the CIDR range. If your CIDR is a /24, you will have to run this command to deprovision each of the 256 IP addresses in the /24 CIDR.
",
"smithy.api#required": {}
}
}
@@ -24830,7 +25090,7 @@
"Filters": {
"target": "com.amazonaws.ec2#FilterList",
"traits": {
- "smithy.api#documentation": "The filters.
\n \n - \n
\n group-name - For Availability Zones, use the Region name. For Local\n Zones, use the name of the group associated with the Local Zone (for example,\n us-west-2-lax-1) For Wavelength Zones, use the name of the group associated\n with the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1).
\n \n - \n
\n message - The Zone message.
\n \n - \n
\n opt-in-status - The opt-in status (opted-in, and\n not-opted-in | opt-in-not-required).
\n \n - \n
\n parent-zoneID - The ID of the zone that handles some of the Local Zone\n and Wavelength Zone control plane operations, such as API calls.
\n \n - \n
\n parent-zoneName - The ID of the zone that handles some of the Local Zone\n and Wavelength Zone control plane operations, such as API calls.
\n \n - \n
\n region-name - The name of the Region for the Zone (for example,\n us-east-1).
\n \n - \n
\n state - The state of the Availability Zone, the Local Zone, or the\n Wavelength Zone (available).
\n \n - \n
\n zone-id - The ID of the Availability Zone (for example,\n use1-az1), the Local Zone (for example, usw2-lax1-az1), or the\n Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1).
\n \n - \n
\n zone-type - The type of zone, for example, local-zone.
\n \n - \n
\n zone-name - The name of the Availability Zone (for example,\n us-east-1a), the Local Zone (for example, us-west-2-lax-1a), or\n the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1).
\n \n - \n
\n zone-type - The type of zone, for example, local-zone.
\n \n
",
+ "smithy.api#documentation": "The filters.
\n \n - \n
\n group-name - For Availability Zones, use the Region name. For Local\n Zones, use the name of the group associated with the Local Zone (for example,\n us-west-2-lax-1) For Wavelength Zones, use the name of the group associated\n with the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1).
\n \n - \n
\n message - The Zone message.
\n \n - \n
\n opt-in-status - The opt-in status (opted-in |\n not-opted-in | opt-in-not-required).
\n \n - \n
\n parent-zoneID - The ID of the zone that handles some of the Local Zone\n and Wavelength Zone control plane operations, such as API calls.
\n \n - \n
\n parent-zoneName - The ID of the zone that handles some of the Local Zone\n and Wavelength Zone control plane operations, such as API calls.
\n \n - \n
\n region-name - The name of the Region for the Zone (for example,\n us-east-1).
\n \n - \n
\n state - The state of the Availability Zone, the Local Zone, or the\n Wavelength Zone (available).
\n \n - \n
\n zone-id - The ID of the Availability Zone (for example,\n use1-az1), the Local Zone (for example, usw2-lax1-az1), or the\n Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1).
\n \n - \n
\n zone-name - The name of the Availability Zone (for example,\n us-east-1a), the Local Zone (for example, us-west-2-lax-1a), or\n the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1).
\n \n - \n
\n zone-type - The type of zone (availability-zone | \n local-zone | wavelength-zone).
\n \n
",
"smithy.api#xmlName": "Filter"
}
},
@@ -25454,7 +25714,7 @@
"aws.protocols#ec2QueryName": "MaxResults",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
\n Constraint: If the value is greater than 1000, we return only 1000 items.
",
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
\n Constraint: If the value is greater than 1000, we return only 1000 items.
",
"smithy.api#xmlName": "maxResults"
}
},
@@ -25462,7 +25722,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next page of results.
",
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -25486,7 +25746,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -26333,7 +26593,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -26341,7 +26601,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
}
},
@@ -26364,7 +26624,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -26421,13 +26681,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"Filters": {
@@ -26457,7 +26717,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -26771,13 +27031,13 @@
"MaxResults": {
"target": "com.amazonaws.ec2#DescribeFastLaunchImagesRequestMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return in a single call. To retrieve the remaining results, \n\t\t\tmake another request with the returned NextToken value. If this parameter is not specified, \n\t\t\tthen all results are returned.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#NextToken",
"traits": {
- "smithy.api#documentation": "The token for the next set of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"DryRun": {
@@ -26817,7 +27077,7 @@
"target": "com.amazonaws.ec2#NextToken",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use for the next set of results. This value is null when there are \n\t\t\tno more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -26864,7 +27124,7 @@
"aws.protocols#ec2QueryName": "MaxParallelLaunches",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of parallel instances that are launched for creating resources.
",
+ "smithy.api#documentation": "The maximum number of instances that Amazon EC2 can launch at the same time to create \n\t\t\tpre-provisioned snapshots for Windows faster launching.
",
"smithy.api#xmlName": "maxParallelLaunches"
}
},
@@ -27059,13 +27319,13 @@
"MaxResults": {
"target": "com.amazonaws.ec2#DescribeFastSnapshotRestoresMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output. \n\tFor more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#NextToken",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"DryRun": {
@@ -27096,7 +27356,7 @@
"target": "com.amazonaws.ec2#NextToken",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -27176,13 +27436,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 1 and\n 1000. The default value is 1000. To retrieve the remaining results, make another call with\n the returned NextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next set of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"FleetId": {
@@ -27221,7 +27481,7 @@
"target": "com.amazonaws.ec2#DateTime",
"traits": {
"aws.protocols#ec2QueryName": "LastEvaluatedTime",
- "smithy.api#documentation": "The last date and time for the events, in UTC format (for example,\n YYYY-MM-DDTHH:MM:SSZ).\n All records up to this time were retrieved.
\n If nextToken indicates that there are more results, this value is not\n present.
",
+ "smithy.api#documentation": "The last date and time for the events, in UTC format (for example,\n YYYY-MM-DDTHH:MM:SSZ).\n All records up to this time were retrieved.
\n If nextToken indicates that there are more items, this value is not\n present.
",
"smithy.api#xmlName": "lastEvaluatedTime"
}
},
@@ -27229,7 +27489,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next set of results.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -27279,13 +27539,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 1 and\n 1000. The default value is 1000. To retrieve the remaining results, make another call with\n the returned NextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next set of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"FleetId": {
@@ -27323,7 +27583,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next set of results.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -27437,13 +27697,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 1 and\n 1000. The default value is 1000. To retrieve the remaining results, make another call with\n the returned NextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next set of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"FleetIds": {
@@ -27472,7 +27732,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next set of results.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -27533,13 +27793,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token to request the next page of items. Pagination continues from the end of the items returned by the previous request.
"
}
}
},
@@ -27562,7 +27822,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to request the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -28028,13 +28288,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. To retrieve the remaining\n results, make another call with the returned NextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of\n items, make another request with the token returned in the output. For more information, \n see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#NextToken",
"traits": {
- "smithy.api#documentation": "The token to request the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
}
},
@@ -28057,7 +28317,7 @@
"target": "com.amazonaws.ec2#NextToken",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -28323,13 +28583,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
}
},
@@ -28352,7 +28612,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -28456,6 +28716,33 @@
"outputToken": "NextToken",
"items": "ImportSnapshotTasks",
"pageSize": "MaxResults"
+ },
+ "smithy.waiters#waitable": {
+ "SnapshotImported": {
+ "acceptors": [
+ {
+ "state": "success",
+ "matcher": {
+ "output": {
+ "path": "ImportSnapshotTasks[].SnapshotTaskDetail.Status",
+ "expected": "completed",
+ "comparator": "allStringEquals"
+ }
+ }
+ },
+ {
+ "state": "failure",
+ "matcher": {
+ "output": {
+ "path": "ImportSnapshotTasks[].SnapshotTaskDetail.Status",
+ "expected": "error",
+ "comparator": "anyStringEquals"
+ }
+ }
+ }
+ ],
+ "minDelay": 15
+ }
}
}
},
@@ -28632,13 +28919,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. To retrieve the remaining\n results, make another call with the returned NextToken value. This value\n can be between 5 and 1000. You cannot specify this parameter and the instance IDs\n parameter in the same call.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
\n You cannot specify this parameter and the instance IDs\n parameter in the same call.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token to retrieve the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
}
},
@@ -28661,7 +28948,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null\n when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -28873,13 +29160,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. To retrieve the remaining\n results, make another call with the returned NextToken value. This value\n can be between 5 and 1000. You cannot specify this parameter and the instance IDs\n parameter in the same call.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
\n You cannot specify this parameter and the instance IDs parameter in the same request.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token to retrieve the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"DryRun": {
@@ -28922,7 +29209,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null\n when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -28973,13 +29260,13 @@
"MaxResults": {
"target": "com.amazonaws.ec2#DITOMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return for the request in a single page. The remaining results\n can be seen by sending another request with the next token value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#NextToken",
"traits": {
- "smithy.api#documentation": "The token to retrieve the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
}
},
@@ -29002,7 +29289,7 @@
"target": "com.amazonaws.ec2#NextToken",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there\n are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -29054,13 +29341,13 @@
"MaxResults": {
"target": "com.amazonaws.ec2#DITMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return for the request in a single page. The remaining results\n can be seen by sending another request with the next token value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#NextToken",
"traits": {
- "smithy.api#documentation": "The token to retrieve the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
}
},
@@ -29083,7 +29370,7 @@
"target": "com.amazonaws.ec2#NextToken",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there\n are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -29287,7 +29574,7 @@
"aws.protocols#ec2QueryName": "MaxResults",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. To retrieve the remaining\n results, make another call with the returned NextToken value. This value\n can be between 5 and 1000. You cannot specify this parameter and the instance IDs\n parameter in the same call.
",
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
\n You cannot specify this parameter and the instance IDs parameter in the same request.
",
"smithy.api#xmlName": "maxResults"
}
},
@@ -29295,7 +29582,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to request the next page of results.
",
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -29319,7 +29606,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null\n when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -29410,7 +29697,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -29418,7 +29705,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
}
},
@@ -29441,7 +29728,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -29539,7 +29826,7 @@
"target": "com.amazonaws.ec2#DescribeIpamResourceDiscoveriesResult"
},
"traits": {
- "smithy.api#documentation": "Describes IPAM resource discoveries. A resource discovery is an IPAM component that enables IPAM Service to manage and monitor resources that belong to the owning account.
",
+ "smithy.api#documentation": "Describes IPAM resource discoveries. A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.
",
"smithy.api#paginated": {
"inputToken": "NextToken",
"outputToken": "NextToken",
@@ -31067,7 +31354,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
},
"NatGatewayIds": {
@@ -31080,7 +31367,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
}
},
@@ -31103,7 +31390,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -31167,7 +31454,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -31175,7 +31462,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
}
},
@@ -31198,7 +31485,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -31717,7 +32004,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token to request the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n\t\t Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -31725,7 +32012,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. To retrieve the remaining results,\n\t\t\tmake another call with the returned NextToken value. If this parameter is not specified, up to 50 results are returned by default.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items,\n\t\t\tmake another request with the token returned in the output. If this parameter is not specified, \n\t\t\tup to 50 results are returned by default. For more information, see\n\t\t\tPagination.
"
}
}
},
@@ -31749,7 +32036,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items.\n\t\t This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -31843,7 +32130,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token to retrieve the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n\t\t Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -31851,7 +32138,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of items to return for this request. The request returns a token that you\n can specify in a subsequent call to get the next set of results. You cannot specify this\n parameter and the network interface IDs parameter in the same request.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items,\n\t\t make another request with the token returned in the output. You cannot specify this\n\t\t parameter and the network interface IDs parameter in the same request. For more information, \n\t\t see Pagination.
"
}
}
},
@@ -31875,13 +32162,10 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n\t\t This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
- },
- "traits": {
- "smithy.api#documentation": "Contains the output of DescribeNetworkInterfaces.
"
}
},
"com.amazonaws.ec2#DescribePlacementGroups": {
@@ -32308,13 +32592,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output. \n\tFor more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#NextToken",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"DryRun": {
@@ -32345,7 +32629,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -32781,7 +33065,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -32789,7 +33073,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
}
},
@@ -32812,7 +33096,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -33141,7 +33425,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -33149,7 +33433,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. To retrieve the remaining\n results, make another request with the returned NextToken value. This value\n can be between 5 and 1000. If this parameter is not specified, then all results are\n returned.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of \n items, make another request with the token returned in the output. This value\n can be between 5 and 1000. If this parameter is not specified, then all items are\n returned. For more information, see Pagination.
"
}
}
},
@@ -33172,7 +33456,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -33269,7 +33553,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token to request the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -33277,7 +33561,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. To retrieve the remaining\n results, make another request with the returned NextToken value. This value\n can be between 5 and 1000. If this parameter is not specified, then all results are\n returned.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items,\n make another request with the token returned in the output. This value can be between 5 and 1000. \n If this parameter is not specified, then all items are returned. For more information, see \n Pagination.
"
}
}
},
@@ -33300,7 +33584,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -33423,13 +33707,13 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
"target": "com.amazonaws.ec2#DescribeSnapshotTierStatusMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output. \n\tFor more information, see Pagination.
"
}
}
},
@@ -33452,7 +33736,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -33467,7 +33751,7 @@
"target": "com.amazonaws.ec2#DescribeSnapshotsResult"
},
"traits": {
- "smithy.api#documentation": "Describes the specified EBS snapshots available to you or all of the EBS snapshots\n available to you.
\n The snapshots available to you include public snapshots, private snapshots that you own,\n and private snapshots owned by other Amazon Web Services accounts for which you have explicit create volume\n permissions.
\n The create volume permissions fall into the following categories:
\n \n - \n
\n public: The owner of the snapshot granted create volume\n permissions for the snapshot to the all group. All Amazon Web Services accounts have create\n volume permissions for these snapshots.
\n \n - \n
\n explicit: The owner of the snapshot granted create volume\n permissions to a specific Amazon Web Services account.
\n \n - \n
\n implicit: An Amazon Web Services account has implicit create volume permissions\n for all snapshots it owns.
\n \n
\n The list of snapshots returned can be filtered by specifying snapshot IDs, snapshot\n owners, or Amazon Web Services accounts with create volume permissions. If no options are specified, \n Amazon EC2 returns all snapshots for which you have create volume permissions.
\n If you specify one or more snapshot IDs, only snapshots that have the specified IDs are\n returned. If you specify an invalid snapshot ID, an error is returned. If you specify a\n snapshot ID for which you do not have access, it is not included in the returned\n results.
\n If you specify one or more snapshot owners using the OwnerIds option, only\n snapshots from the specified owners and for which you have access are returned. The results\n can include the Amazon Web Services account IDs of the specified owners, amazon for snapshots\n owned by Amazon, or self for snapshots that you own.
\n If you specify a list of restorable users, only snapshots with create snapshot permissions\n for those users are returned. You can specify Amazon Web Services account IDs (if you own the snapshots),\n self for snapshots for which you own or have explicit permissions, or\n all for public snapshots.
\n If you are describing a long list of snapshots, we recommend that you paginate the output to make the\n list more manageable. The MaxResults parameter sets the maximum number of results\n returned in a single page. If the list of results exceeds your MaxResults value,\n then that number of results is returned along with a NextToken value that can be\n passed to a subsequent DescribeSnapshots request to retrieve the remaining\n results.
\n To get the state of fast snapshot restores for a snapshot, use DescribeFastSnapshotRestores.
\n For more information about EBS snapshots, see Amazon EBS snapshots in the Amazon Elastic Compute Cloud User Guide.
",
+ "smithy.api#documentation": "Describes the specified EBS snapshots available to you or all of the EBS snapshots\n available to you.
\n The snapshots available to you include public snapshots, private snapshots that you own,\n and private snapshots owned by other Amazon Web Services accounts for which you have explicit create volume\n permissions.
\n The create volume permissions fall into the following categories:
\n \n - \n
\n public: The owner of the snapshot granted create volume\n permissions for the snapshot to the all group. All Amazon Web Services accounts have create\n volume permissions for these snapshots.
\n \n - \n
\n explicit: The owner of the snapshot granted create volume\n permissions to a specific Amazon Web Services account.
\n \n - \n
\n implicit: An Amazon Web Services account has implicit create volume permissions\n for all snapshots it owns.
\n \n
\n The list of snapshots returned can be filtered by specifying snapshot IDs, snapshot\n owners, or Amazon Web Services accounts with create volume permissions. If no options are specified, \n Amazon EC2 returns all snapshots for which you have create volume permissions.
\n If you specify one or more snapshot IDs, only snapshots that have the specified IDs are\n returned. If you specify an invalid snapshot ID, an error is returned. If you specify a\n snapshot ID for which you do not have access, it is not included in the returned\n results.
\n If you specify one or more snapshot owners using the OwnerIds option, only\n snapshots from the specified owners and for which you have access are returned. The results\n can include the Amazon Web Services account IDs of the specified owners, amazon for snapshots\n owned by Amazon, or self for snapshots that you own.
\n If you specify a list of restorable users, only snapshots with create snapshot permissions\n for those users are returned. You can specify Amazon Web Services account IDs (if you own the snapshots),\n self for snapshots for which you own or have explicit permissions, or\n all for public snapshots.
\n If you are describing a long list of snapshots, we recommend that you paginate the output to make the\n list more manageable. For more information, see Pagination.
\n To get the state of fast snapshot restores for a snapshot, use DescribeFastSnapshotRestores.
\n For more information about EBS snapshots, see Amazon EBS snapshots in the Amazon Elastic Compute Cloud User Guide.
",
"smithy.api#paginated": {
"inputToken": "NextToken",
"outputToken": "NextToken",
@@ -33518,13 +33802,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of snapshot results returned by DescribeSnapshots in\n paginated output. When this parameter is used, DescribeSnapshots only returns\n MaxResults results in a single page along with a NextToken\n response element. The remaining results of the initial request can be seen by sending another\n DescribeSnapshots request with the returned NextToken value. This\n value can be between 5 and 1,000; if MaxResults is given a value larger than 1,000,\n only 1,000 results are returned. If this parameter is not used, then\n DescribeSnapshots returns all results. You cannot specify this parameter and\n the snapshot IDs parameter in the same request.
"
+ "smithy.api#documentation": "The maximum number of snapshots to return for this request.\n This value can be between 5 and 1,000; if this value is larger than 1,000, only 1,000 results are returned. \n If this parameter is not used, then the request returns all snapshots. \n You cannot specify this parameter and the snapshot IDs parameter in the same request. For more information, \n see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The NextToken value returned from a previous paginated\n DescribeSnapshots request where MaxResults was used and the\n results exceeded the value of that parameter. Pagination continues from the end of the\n previous results that returned the NextToken value. This value is\n null when there are no more results to return.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"OwnerIds": {
@@ -33578,7 +33862,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The NextToken value to include in a future DescribeSnapshots\n request. When the results of a DescribeSnapshots request exceed\n MaxResults, this value can be used to retrieve the next page of results. This\n value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to return the next page of snapshots. \n This value is null when there are no more snapshots to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -33672,7 +33956,7 @@
"aws.protocols#ec2QueryName": "MaxResults",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 1\n and 1000. The default value is 1000. To retrieve the remaining results, make another\n call with the returned NextToken value.
",
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
",
"smithy.api#xmlName": "maxResults"
}
},
@@ -33680,7 +33964,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next set of results.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -33715,7 +33999,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token required to retrieve the next set of results. This value is\n null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -33782,7 +34066,7 @@
"aws.protocols#ec2QueryName": "MaxResults",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 1\n and 1000. The default value is 1000. To retrieve the remaining results, make another\n call with the returned NextToken value.
",
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
",
"smithy.api#xmlName": "maxResults"
}
},
@@ -33790,7 +34074,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next set of results.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -33835,7 +34119,7 @@
"target": "com.amazonaws.ec2#DateTime",
"traits": {
"aws.protocols#ec2QueryName": "LastEvaluatedTime",
- "smithy.api#documentation": "The last date and time for the events, in UTC format (for example,\n YYYY-MM-DDTHH:MM:SSZ).\n All records up to this time were retrieved.
\n If nextToken indicates that there are more results, this value is not\n present.
",
+ "smithy.api#documentation": "The last date and time for the events, in UTC format (for example,\n YYYY-MM-DDTHH:MM:SSZ).\n All records up to this time were retrieved.
\n If nextToken indicates that there are more items, this value is not\n present.
",
"smithy.api#xmlName": "lastEvaluatedTime"
}
},
@@ -33843,7 +34127,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token required to retrieve the next set of results. This value is\n null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -33906,7 +34190,7 @@
"aws.protocols#ec2QueryName": "MaxResults",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 1\n and 1000. The default value is 1000. To retrieve the remaining results, make another\n call with the returned NextToken value.
",
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
",
"smithy.api#xmlName": "maxResults"
}
},
@@ -33914,7 +34198,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next set of results.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -33939,7 +34223,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token required to retrieve the next set of results. This value is\n null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -33966,7 +34250,7 @@
"target": "com.amazonaws.ec2#DescribeSpotInstanceRequestsResult"
},
"traits": {
- "smithy.api#documentation": "Describes the specified Spot Instance requests.
\n You can use DescribeSpotInstanceRequests to find a running Spot Instance by\n examining the response. If the status of the Spot Instance is fulfilled, the\n instance ID appears in the response and contains the identifier of the instance.\n Alternatively, you can use DescribeInstances\n with a filter to look for instances where the instance lifecycle is\n spot.
\n We recommend that you set MaxResults to a value between 5 and 1000 to\n limit the number of results returned. This paginates the output, which makes the list\n more manageable and returns the results faster. If the list of results exceeds your\n MaxResults value, then that number of results is returned along with a\n NextToken value that can be passed to a subsequent\n DescribeSpotInstanceRequests request to retrieve the remaining\n results.
\n Spot Instance requests are deleted four hours after they are canceled and their instances are\n terminated.
",
+ "smithy.api#documentation": "Describes the specified Spot Instance requests.
\n You can use DescribeSpotInstanceRequests to find a running Spot Instance by\n examining the response. If the status of the Spot Instance is fulfilled, the\n instance ID appears in the response and contains the identifier of the instance.\n Alternatively, you can use DescribeInstances\n with a filter to look for instances where the instance lifecycle is\n spot.
\n We recommend that you set MaxResults to a value between 5 and 1000 to\n limit the number of items returned. This paginates the output, which makes the list\n more manageable and returns the items faster. If the list of items exceeds your\n MaxResults value, then that number of items is returned along with a\n NextToken value that can be passed to a subsequent\n DescribeSpotInstanceRequests request to retrieve the remaining\n items.
\n Spot Instance requests are deleted four hours after they are canceled and their instances are\n terminated.
",
"smithy.api#paginated": {
"inputToken": "NextToken",
"outputToken": "NextToken",
@@ -34081,7 +34365,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token to request the next set of results. This value is null when\n there are no more results to return.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -34089,7 +34373,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 5\n and 1000. To retrieve the remaining results, make another call with the returned\n NextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
}
},
@@ -34113,7 +34397,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next set of results. This value is null\n when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -34189,7 +34473,7 @@
"aws.protocols#ec2QueryName": "MaxResults",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 1\n and 1000. The default value is 1000. To retrieve the remaining results, make another\n call with the returned NextToken value.
",
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
",
"smithy.api#xmlName": "maxResults"
}
},
@@ -34197,7 +34481,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next set of results.
",
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -34229,7 +34513,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token required to retrieve the next set of results. This value is null or an empty\n string when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -34299,13 +34583,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items,\n make another request with the token returned in the output. For more information, \n see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#DescribeStaleSecurityGroupsNextToken",
"traits": {
- "smithy.api#documentation": "The token for the next set of items to return. (You received this token from a prior call.)
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"VpcId": {
@@ -34328,7 +34612,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n If there are no additional items to return, the string is empty.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -34388,7 +34672,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -34396,7 +34680,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. To retrieve the remaining\n results, make another call with the returned NextToken value. This value can be\n between 1 and 200. You cannot specify this parameter and the ImageIDs parameter\n in the same call.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
\n You cannot specify this parameter and the ImageIDs parameter\n in the same call.
"
}
}
},
@@ -34429,7 +34713,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null\n when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -34510,7 +34794,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -34518,7 +34802,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
}
},
@@ -34541,7 +34825,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -34591,7 +34875,7 @@
"aws.protocols#ec2QueryName": "MaxResults",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call.\n This value can be between 5 and 1000. \n\t\t\tTo retrieve the remaining results, make another call with the returned NextToken value.
",
+ "smithy.api#documentation": "The maximum number of items to return for this request. This value can be between 5 and 1000. \n To get the next page of items, make another request with the token returned in the output.\n For more information, see Pagination.
",
"smithy.api#xmlName": "maxResults"
}
},
@@ -34599,7 +34883,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to retrieve the next page of results.
",
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -34615,7 +34899,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is\n null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -36382,13 +36666,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of volume results returned by DescribeVolumeStatus in\n paginated output. When this parameter is used, the request only returns\n MaxResults results in a single page along with a NextToken\n response element. The remaining results of the initial request can be seen by sending another\n request with the returned NextToken value. This value can be between 5 and 1,000;\n if MaxResults is given a value larger than 1,000, only 1,000 results are returned.\n If this parameter is not used, then DescribeVolumeStatus returns all results. You\n cannot specify this parameter and the volume IDs parameter in the same request.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request. To get the next page of items,\n make another request with the token returned in the output. This value can be between 5 and 1,000;\n if the value is larger than 1,000, only 1,000 results are returned. If this parameter is not used, \n then all items are returned. You cannot specify this parameter and the volume IDs parameter in the \n same request. For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The NextToken value to include in a future DescribeVolumeStatus\n request. When the results of the request exceed MaxResults, this value can be\n used to retrieve the next page of results. This value is null when there are no\n more results to return.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"VolumeIds": {
@@ -36420,7 +36704,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null\n when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -36443,7 +36727,7 @@
"target": "com.amazonaws.ec2#DescribeVolumesResult"
},
"traits": {
- "smithy.api#documentation": "Describes the specified EBS volumes or all of your EBS volumes.
\n If you are describing a long list of volumes, we recommend that you paginate the output to make the list\n more manageable. The MaxResults parameter sets the maximum number of results\n returned in a single page. If the list of results exceeds your MaxResults value,\n then that number of results is returned along with a NextToken value that can be\n passed to a subsequent DescribeVolumes request to retrieve the remaining\n results.
\n For more information about EBS volumes, see Amazon EBS volumes in the Amazon Elastic Compute Cloud User Guide.
",
+ "smithy.api#documentation": "Describes the specified EBS volumes or all of your EBS volumes.
\n If you are describing a long list of volumes, we recommend that you paginate the output to make the list\n more manageable. For more information, see Pagination.
\n For more information about EBS volumes, see Amazon EBS volumes in the Amazon Elastic Compute Cloud User Guide.
",
"smithy.api#paginated": {
"inputToken": "NextToken",
"outputToken": "NextToken",
@@ -36574,7 +36858,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The nextToken value returned by a previous paginated request.
"
+ "smithy.api#documentation": "The token returned by a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -36582,7 +36866,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results (up to a limit of 500) to be returned in a paginated\n request.
"
+ "smithy.api#documentation": "The maximum number of results (up to a limit of 500) to be returned in a paginated\n request. For more information, see Pagination.
"
}
}
},
@@ -36605,7 +36889,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "Token for pagination, null if there are no more results
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null if there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -36644,7 +36928,7 @@
"aws.protocols#ec2QueryName": "MaxResults",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of volume results returned by DescribeVolumes in paginated\n output. When this parameter is used, DescribeVolumes only returns\n MaxResults results in a single page along with a NextToken\n response element. The remaining results of the initial request can be seen by sending another\n DescribeVolumes request with the returned NextToken value. This\n value can be between 5 and 500; if MaxResults is given a value larger than 500,\n only 500 results are returned. If this parameter is not used, then\n DescribeVolumes returns all results. You cannot specify this parameter and the\n volume IDs parameter in the same request.
",
+ "smithy.api#documentation": "The maximum number of volumes to return for this request. \n This value can be between 5 and 500; if you specify a value larger than 500, only 500 items are returned. \n If this parameter is not used, then all items are returned. You cannot specify this parameter and the\n volume IDs parameter in the same request. For more information, see Pagination.
",
"smithy.api#xmlName": "maxResults"
}
},
@@ -36652,7 +36936,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The NextToken value returned from a previous paginated\n DescribeVolumes request where MaxResults was used and the results\n exceeded the value of that parameter. Pagination continues from the end of the previous\n results that returned the NextToken value. This value is null when\n there are no more results to return.
",
+ "smithy.api#documentation": "The token returned from a previous paginated request. \n Pagination continues from the end of the items returned from the previous request.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -36676,7 +36960,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The NextToken value to include in a future DescribeVolumes\n request. When the results of a DescribeVolumes request exceed\n MaxResults, this value can be used to retrieve the next page of results. This\n value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -36823,7 +37107,7 @@
"aws.protocols#ec2QueryName": "MaxResults",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
",
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
",
"smithy.api#xmlName": "maxResults"
}
},
@@ -36831,7 +37115,7 @@
"target": "com.amazonaws.ec2#DescribeVpcClassicLinkDnsSupportNextToken",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next page of results.
",
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -36854,7 +37138,7 @@
"target": "com.amazonaws.ec2#DescribeVpcClassicLinkDnsSupportNextToken",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
},
@@ -37507,7 +37791,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -37515,7 +37799,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
}
},
@@ -37538,7 +37822,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -37639,7 +37923,7 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
@@ -37647,7 +37931,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output.\n\tFor more information, see Pagination.
"
}
}
},
@@ -37670,7 +37954,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -38713,7 +38997,7 @@
"aws.protocols#ec2QueryName": "MaxParallelLaunches",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of parallel instances to launch for creating resources.
",
+ "smithy.api#documentation": "The maximum number of instances that Amazon EC2 can launch at the same time to \n\t\t\tcreate pre-provisioned snapshots for Windows faster launching.
",
"smithy.api#xmlName": "maxParallelLaunches"
}
},
@@ -39383,7 +39667,7 @@
}
},
"PublicIp": {
- "target": "com.amazonaws.ec2#String",
+ "target": "com.amazonaws.ec2#EipAllocationPublicIp",
"traits": {
"smithy.api#documentation": "[EC2-Classic] The Elastic IP address. Required for EC2-Classic.
"
}
@@ -39484,15 +39768,19 @@
"type": "structure",
"members": {
"CertificateArn": {
- "target": "com.amazonaws.ec2#ResourceArn",
+ "target": "com.amazonaws.ec2#CertificateId",
"traits": {
- "smithy.api#documentation": "The ARN of the ACM certificate from which to disassociate the IAM role.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ARN of the ACM certificate from which to disassociate the IAM role.
",
+ "smithy.api#required": {}
}
},
"RoleArn": {
- "target": "com.amazonaws.ec2#ResourceArn",
+ "target": "com.amazonaws.ec2#RoleId",
"traits": {
- "smithy.api#documentation": "The ARN of the IAM role to disassociate.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ARN of the IAM role to disassociate.
",
+ "smithy.api#required": {}
}
},
"DryRun": {
@@ -39630,7 +39918,7 @@
"target": "com.amazonaws.ec2#DisassociateIpamResourceDiscoveryResult"
},
"traits": {
- "smithy.api#documentation": "Disassociates a resource discovery from an Amazon VPC IPAM. A resource discovery is an IPAM component that enables IPAM Service to manage and monitor resources that belong to the owning account.
"
+ "smithy.api#documentation": "Disassociates a resource discovery from an Amazon VPC IPAM. A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.
"
}
},
"com.amazonaws.ec2#DisassociateIpamResourceDiscoveryRequest": {
@@ -39670,6 +39958,80 @@
}
}
},
+ "com.amazonaws.ec2#DisassociateNatGatewayAddress": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.ec2#DisassociateNatGatewayAddressRequest"
+ },
+ "output": {
+ "target": "com.amazonaws.ec2#DisassociateNatGatewayAddressResult"
+ },
+ "traits": {
+ "smithy.api#documentation": "Disassociates secondary Elastic IP addresses (EIPs) from a public NAT gateway. You cannot disassociate your primary EIP. For more information, see Edit secondary IP address associations in the Amazon Virtual Private Cloud User Guide.
\n While disassociating is in progress, you cannot associate/disassociate additional EIPs while the connections are being drained. You are, however, allowed to delete the NAT gateway.
\n An EIP will only be released at the end of MaxDrainDurationSeconds. The EIPs stay\n associated and support the existing connections but do not support any new connections\n (new connections are distributed across the remaining associated EIPs). As the existing\n connections drain out, the EIPs (and the corresponding private IPs mapped to them) get\n released.
"
+ }
+ },
+ "com.amazonaws.ec2#DisassociateNatGatewayAddressRequest": {
+ "type": "structure",
+ "members": {
+ "NatGatewayId": {
+ "target": "com.amazonaws.ec2#NatGatewayId",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The NAT gateway ID.
",
+ "smithy.api#required": {}
+ }
+ },
+ "AssociationIds": {
+ "target": "com.amazonaws.ec2#EipAssociationIdList",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The association IDs of EIPs that have been associated with the NAT gateway.
",
+ "smithy.api#required": {},
+ "smithy.api#xmlName": "AssociationId"
+ }
+ },
+ "MaxDrainDurationSeconds": {
+ "target": "com.amazonaws.ec2#DrainSeconds",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": 0,
+ "smithy.api#documentation": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.
"
+ }
+ },
+ "DryRun": {
+ "target": "com.amazonaws.ec2#Boolean",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": false,
+ "smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.ec2#DisassociateNatGatewayAddressResult": {
+ "type": "structure",
+ "members": {
+ "NatGatewayId": {
+ "target": "com.amazonaws.ec2#NatGatewayId",
+ "traits": {
+ "aws.protocols#ec2QueryName": "NatGatewayId",
+ "smithy.api#documentation": "The NAT gateway ID.
",
+ "smithy.api#xmlName": "natGatewayId"
+ }
+ },
+ "NatGatewayAddresses": {
+ "target": "com.amazonaws.ec2#NatGatewayAddressList",
+ "traits": {
+ "aws.protocols#ec2QueryName": "NatGatewayAddressSet",
+ "smithy.api#documentation": "Information about the NAT gateway IP addresses.
",
+ "smithy.api#xmlName": "natGatewayAddressSet"
+ }
+ }
+ }
+ },
"com.amazonaws.ec2#DisassociateRouteTable": {
"type": "operation",
"input": {
@@ -39779,19 +40141,25 @@
"TransitGatewayMulticastDomainId": {
"target": "com.amazonaws.ec2#TransitGatewayMulticastDomainId",
"traits": {
- "smithy.api#documentation": "The ID of the transit gateway multicast domain.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the transit gateway multicast domain.
",
+ "smithy.api#required": {}
}
},
"TransitGatewayAttachmentId": {
"target": "com.amazonaws.ec2#TransitGatewayAttachmentId",
"traits": {
- "smithy.api#documentation": "The ID of the attachment.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the attachment.
",
+ "smithy.api#required": {}
}
},
"SubnetIds": {
"target": "com.amazonaws.ec2#TransitGatewaySubnetIdList",
"traits": {
- "smithy.api#documentation": "The IDs of the subnets;
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The IDs of the subnets;
",
+ "smithy.api#required": {}
}
},
"DryRun": {
@@ -40351,6 +40719,16 @@
"smithy.api#documentation": "The DNS records created for the endpoint.
",
"smithy.api#xmlName": "dnsRecordIpType"
}
+ },
+ "PrivateDnsOnlyForInboundResolverEndpoint": {
+ "target": "com.amazonaws.ec2#Boolean",
+ "traits": {
+ "aws.protocols#ec2QueryName": "PrivateDnsOnlyForInboundResolverEndpoint",
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": false,
+ "smithy.api#documentation": "Indicates whether to enable private DNS only for inbound endpoints.
",
+ "smithy.api#xmlName": "privateDnsOnlyForInboundResolverEndpoint"
+ }
}
},
"traits": {
@@ -40365,6 +40743,14 @@
"traits": {
"smithy.api#documentation": "The DNS records created for the endpoint.
"
}
+ },
+ "PrivateDnsOnlyForInboundResolverEndpoint": {
+ "target": "com.amazonaws.ec2#Boolean",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": false,
+ "smithy.api#documentation": "Indicates whether to enable private DNS only for inbound endpoints. This option is\n available only for services that support both gateway and interface endpoints. It routes\n traffic that originates from the VPC to the gateway endpoint and traffic that originates\n from on-premises to the interface endpoint.
"
+ }
}
},
"traits": {
@@ -40471,6 +40857,16 @@
}
}
},
+ "com.amazonaws.ec2#DrainSeconds": {
+ "type": "integer",
+ "traits": {
+ "smithy.api#default": 0,
+ "smithy.api#range": {
+ "min": 1,
+ "max": 4000
+ }
+ }
+ },
"com.amazonaws.ec2#DynamicRoutingValue": {
"type": "enum",
"members": {
@@ -40569,7 +40965,7 @@
"aws.protocols#ec2QueryName": "Encrypted",
"smithy.api#clientOptional": {},
"smithy.api#default": false,
- "smithy.api#documentation": "Indicates whether the encryption state of an EBS volume is changed while being\n restored from a backing snapshot. The effect of setting the encryption state to true depends on \nthe volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see Amazon EBS encryption in the Amazon EC2 User Guide.
\n In no case can you remove encryption from an encrypted volume.
\n Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For\n more information, see Supported instance types.
\n This parameter is not returned by DescribeImageAttribute.
",
+ "smithy.api#documentation": "Indicates whether the encryption state of an EBS volume is changed while being\n restored from a backing snapshot. The effect of setting the encryption state to true depends on \nthe volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see Amazon EBS encryption in the Amazon EC2 User Guide.
\n In no case can you remove encryption from an encrypted volume.
\n Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For\n more information, see Supported instance types.
\n This parameter is not returned by DescribeImageAttribute.
\n For CreateImage and RegisterImage, whether you can \n include this parameter, and the allowed values differ depending on the type of block \n device mapping you are creating.
\n \n - \n
If you are creating a block device mapping for a new (empty) \n volume, you can include this parameter, and specify either true \n for an encrypted volume, or false for an unencrypted volume. If you omit \n this parameter, it defaults to false (unencrypted).
\n \n - \n
If you are creating a block device mapping from an existing \n encrypted or unencrypted snapshot, you must omit this parameter. If you \n include this parameter, the request will fail, regardless of the value that you \n specify.
\n \n - \n
If you are creating a block device mapping from an existing \n unencrypted volume, you can include this parameter, but you must specify \n false. If you specify true, the request will fail. In this \n case, we recommend that you omit the parameter.
\n \n - \n
If you are creating a block device mapping from an existing \n encrypted volume, you can include this parameter, and specify either \n true or false. However, if you specify false, \n the parameter is ignored and the block device mapping is always encrypted. In this \n case, we recommend that you omit the parameter.
\n \n
",
"smithy.api#xmlName": "encrypted"
}
}
@@ -40877,6 +41273,18 @@
}
}
},
+ "com.amazonaws.ec2#EipAllocationPublicIp": {
+ "type": "string"
+ },
+ "com.amazonaws.ec2#EipAssociationIdList": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.ec2#ElasticIpAssociationId",
+ "traits": {
+ "smithy.api#xmlName": "item"
+ }
+ }
+ },
"com.amazonaws.ec2#ElasticGpuAssociation": {
"type": "structure",
"members": {
@@ -41485,7 +41893,7 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of parallel instances to launch for creating resources. Value must be 6 or greater.
"
+ "smithy.api#documentation": "The maximum number of instances that Amazon EC2 can launch at the same time to create \n\t\t\tpre-provisioned snapshots for Windows faster launching. Value must be \n\t\t\t6 or greater.
"
}
},
"DryRun": {
@@ -41524,7 +41932,7 @@
"target": "com.amazonaws.ec2#FastLaunchSnapshotConfigurationResponse",
"traits": {
"aws.protocols#ec2QueryName": "SnapshotConfiguration",
- "smithy.api#documentation": "The configuration settings that were defined for creating and managing the pre-provisioned snapshots \n\t\t\tfor faster launching of the Windows AMI. This property is returned when the associated \n\t\t\tresourceType is snapshot.
",
+ "smithy.api#documentation": "Settings to create and manage the pre-provisioned snapshots that Amazon EC2 uses for faster \n\t\t\tlaunches from the Windows AMI. This property is returned when the associated \n\t\t\tresourceType is snapshot.
",
"smithy.api#xmlName": "snapshotConfiguration"
}
},
@@ -41542,7 +41950,7 @@
"aws.protocols#ec2QueryName": "MaxParallelLaunches",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of parallel instances to launch for creating resources.
",
+ "smithy.api#documentation": "The maximum number of instances that Amazon EC2 can launch at the same time to \n\t\t\tcreate pre-provisioned snapshots for Windows faster launching.
",
"smithy.api#xmlName": "maxParallelLaunches"
}
},
@@ -44208,7 +44616,7 @@
"target": "com.amazonaws.ec2#FleetExcessCapacityTerminationPolicy",
"traits": {
"aws.protocols#ec2QueryName": "ExcessCapacityTerminationPolicy",
- "smithy.api#documentation": "Indicates whether running instances should be terminated if the target capacity of the\n EC2 Fleet is decreased below the current size of the EC2 Fleet.
",
+ "smithy.api#documentation": "Indicates whether running instances should be terminated if the target capacity of the\n EC2 Fleet is decreased below the current size of the EC2 Fleet.
\n Supported only for fleets of type maintain.
",
"smithy.api#xmlName": "excessCapacityTerminationPolicy"
}
},
@@ -44480,7 +44888,7 @@
"target": "com.amazonaws.ec2#InstanceType",
"traits": {
"aws.protocols#ec2QueryName": "InstanceType",
- "smithy.api#documentation": "The instance type.
\n \n If you specify InstanceType, you can't specify\n InstanceRequirements.
\n ",
+ "smithy.api#documentation": "The instance type.
\n \n mac1.metal is not supported as a launch template override.
\n \n If you specify InstanceType, you can't specify\n InstanceRequirements.
\n ",
"smithy.api#xmlName": "instanceType"
}
},
@@ -44581,7 +44989,7 @@
"InstanceType": {
"target": "com.amazonaws.ec2#InstanceType",
"traits": {
- "smithy.api#documentation": "The instance type.
\n \n If you specify InstanceType, you can't specify\n InstanceRequirements.
\n "
+ "smithy.api#documentation": "The instance type.
\n \n mac1.metal is not supported as a launch template override.
\n \n If you specify InstanceType, you can't specify\n InstanceRequirements.
\n "
}
},
"MaxPrice": {
@@ -44627,7 +45035,7 @@
"InstanceRequirements": {
"target": "com.amazonaws.ec2#InstanceRequirementsRequest",
"traits": {
- "smithy.api#documentation": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will\n identify instance types with those attributes.
\n \n If you specify InstanceRequirements, you can't specify\n InstanceType.
\n "
+ "smithy.api#documentation": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will\n identify instance types with those attributes.
\n \n If you specify InstanceRequirements, you can't specify\n InstanceType.
\n "
}
},
"ImageId": {
@@ -45559,9 +45967,11 @@
"type": "structure",
"members": {
"CertificateArn": {
- "target": "com.amazonaws.ec2#ResourceArn",
+ "target": "com.amazonaws.ec2#CertificateId",
"traits": {
- "smithy.api#documentation": "The ARN of the ACM certificate for which to view the associated IAM roles, encryption keys, and Amazon \n\t\t\tS3 object information.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ARN of the ACM certificate for which to view the associated IAM roles, encryption keys, and Amazon \n\t\t\tS3 object information.
",
+ "smithy.api#required": {}
}
},
"DryRun": {
@@ -46525,13 +46935,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 1 and\u2028 \n 1000. The default value is 1000. To retrieve the remaining results, make another call with\u2028 \n the returned NextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next set of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
}
},
@@ -46554,7 +46964,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next set of results.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -47098,7 +47508,7 @@
"target": "com.amazonaws.ec2#GetIpamResourceCidrsResult"
},
"traits": {
- "smithy.api#documentation": "Returns resource CIDRs managed by IPAM in a given scope. If an IPAM is associated with more than one resource discovery, the resource CIDRs across all of the resource discoveries is returned. A resource discovery is an IPAM component that enables IPAM Service to manage and monitor resources that belong to the owning account.
",
+ "smithy.api#documentation": "Returns resource CIDRs managed by IPAM in a given scope. If an IPAM is associated with more than one resource discovery, the resource CIDRs across all of the resource discoveries is returned. A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.
",
"smithy.api#paginated": {
"inputToken": "NextToken",
"outputToken": "NextToken",
@@ -47891,13 +48301,13 @@
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The maximum number of results to return in a single call. Specify a value between 1 and\u2028 \n 1000. The default value is 1000. To retrieve the remaining results, make another call with\u2028 \n the returned NextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next set of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
}
},
@@ -47920,7 +48330,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token for the next set of results.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -48130,7 +48540,9 @@
"TransitGatewayMulticastDomainId": {
"target": "com.amazonaws.ec2#TransitGatewayMulticastDomainId",
"traits": {
- "smithy.api#documentation": "The ID of the transit gateway multicast domain.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the transit gateway multicast domain.
",
+ "smithy.api#required": {}
}
},
"Filters": {
@@ -49279,6 +49691,14 @@
"smithy.api#documentation": "The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which the\n Dedicated Host is allocated.
",
"smithy.api#xmlName": "outpostArn"
}
+ },
+ "HostMaintenance": {
+ "target": "com.amazonaws.ec2#HostMaintenance",
+ "traits": {
+ "aws.protocols#ec2QueryName": "HostMaintenance",
+ "smithy.api#documentation": "Indicates whether host maintenance is enabled or disabled for the Dedicated\n Host.
",
+ "smithy.api#xmlName": "hostMaintenance"
+ }
}
},
"traits": {
@@ -49335,6 +49755,23 @@
}
}
},
+ "com.amazonaws.ec2#HostMaintenance": {
+ "type": "enum",
+ "members": {
+ "on": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "on"
+ }
+ },
+ "off": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "off"
+ }
+ }
+ }
+ },
"com.amazonaws.ec2#HostOffering": {
"type": "structure",
"members": {
@@ -50707,7 +51144,7 @@
"target": "com.amazonaws.ec2#ImportImageResult"
},
"traits": {
- "smithy.api#documentation": "Import single or multi-volume disk images or EBS snapshots into an Amazon Machine Image (AMI).
\n \n Amazon Web Services VM Import/Export strongly recommends specifying a value for either the\n --license-type or --usage-operation parameter when you create a new\n VM Import task. This ensures your operating system is licensed appropriately and your billing is\n optimized.
\n \n For more information, see Importing a \n VM as an image using VM Import/Export in the VM Import/Export User Guide.
"
+ "smithy.api#documentation": "\n To import your virtual machines (VMs) with a console-based experience, you can use the\n Import virtual machine images to Amazon Web Services template in the Migration Hub Orchestrator console. For more\n information, see the \n Migration Hub Orchestrator User Guide\n .
\n \n Import single or multi-volume disk images or EBS snapshots into an Amazon Machine Image (AMI).
\n \n Amazon Web Services VM Import/Export strongly recommends specifying a value for either the\n --license-type or --usage-operation parameter when you create a new\n VM Import task. This ensures your operating system is licensed appropriately and your billing is\n optimized.
\n \n For more information, see Importing a \n VM as an image using VM Import/Export in the VM Import/Export User Guide.
"
}
},
"com.amazonaws.ec2#ImportImageLicenseConfigurationRequest": {
@@ -52334,7 +52771,7 @@
"target": "com.amazonaws.ec2#BootModeValues",
"traits": {
"aws.protocols#ec2QueryName": "BootMode",
- "smithy.api#documentation": "The boot mode of the instance. For more information, see Boot modes in the\n Amazon EC2 User Guide.
",
+ "smithy.api#documentation": "The boot mode that was specified by the AMI. If the value is uefi-preferred, \n the AMI supports both UEFI and Legacy BIOS. The currentInstanceBootMode parameter \n is the boot mode that is used to boot the instance at launch or start.
\n \n The operating system contained in the AMI must be configured to support the specified boot mode.
\n \n For more information, see Boot modes in the\n Amazon EC2 User Guide.
",
"smithy.api#xmlName": "bootMode"
}
},
@@ -52393,6 +52830,14 @@
"smithy.api#documentation": "Provides information on the recovery and maintenance options of your instance.
",
"smithy.api#xmlName": "maintenanceOptions"
}
+ },
+ "CurrentInstanceBootMode": {
+ "target": "com.amazonaws.ec2#InstanceBootModeValues",
+ "traits": {
+ "aws.protocols#ec2QueryName": "CurrentInstanceBootMode",
+ "smithy.api#documentation": "The boot mode that is used to boot the instance at launch or start. For more information, see Boot modes in the\n Amazon EC2 User Guide.
",
+ "smithy.api#xmlName": "currentInstanceBootMode"
+ }
}
},
"traits": {
@@ -52743,6 +53188,23 @@
}
}
},
+ "com.amazonaws.ec2#InstanceBootModeValues": {
+ "type": "enum",
+ "members": {
+ "legacy_bios": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "legacy-bios"
+ }
+ },
+ "uefi": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "uefi"
+ }
+ }
+ }
+ },
"com.amazonaws.ec2#InstanceCapacity": {
"type": "structure",
"members": {
@@ -52862,7 +53324,9 @@
"InstanceId": {
"target": "com.amazonaws.ec2#InstanceId",
"traits": {
- "smithy.api#documentation": "The ID of the instance.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the instance.
",
+ "smithy.api#required": {}
}
},
"CpuCredits": {
@@ -53329,6 +53793,9 @@
}
}
},
+ "com.amazonaws.ec2#InstanceIdWithVolumeResolver": {
+ "type": "string"
+ },
"com.amazonaws.ec2#InstanceIdsSet": {
"type": "list",
"member": {
@@ -54660,9 +55127,11 @@
"type": "structure",
"members": {
"InstanceId": {
- "target": "com.amazonaws.ec2#InstanceId",
+ "target": "com.amazonaws.ec2#InstanceIdWithVolumeResolver",
"traits": {
- "smithy.api#documentation": "The instance to specify which volumes should be snapshotted.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The instance to specify which volumes should be snapshotted.
",
+ "smithy.api#required": {}
}
},
"ExcludeBootVolume": {
@@ -58807,6 +59276,120 @@
"traits": {
"smithy.api#enumValue": "r6idn.32xlarge"
}
+ },
+ "c7g_metal": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "c7g.metal"
+ }
+ },
+ "m7g_medium": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "m7g.medium"
+ }
+ },
+ "m7g_large": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "m7g.large"
+ }
+ },
+ "m7g_xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "m7g.xlarge"
+ }
+ },
+ "m7g_2xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "m7g.2xlarge"
+ }
+ },
+ "m7g_4xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "m7g.4xlarge"
+ }
+ },
+ "m7g_8xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "m7g.8xlarge"
+ }
+ },
+ "m7g_12xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "m7g.12xlarge"
+ }
+ },
+ "m7g_16xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "m7g.16xlarge"
+ }
+ },
+ "m7g_metal": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "m7g.metal"
+ }
+ },
+ "r7g_medium": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7g.medium"
+ }
+ },
+ "r7g_large": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7g.large"
+ }
+ },
+ "r7g_xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7g.xlarge"
+ }
+ },
+ "r7g_2xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7g.2xlarge"
+ }
+ },
+ "r7g_4xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7g.4xlarge"
+ }
+ },
+ "r7g_8xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7g.8xlarge"
+ }
+ },
+ "r7g_12xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7g.12xlarge"
+ }
+ },
+ "r7g_16xlarge": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7g.16xlarge"
+ }
+ },
+ "r7g_metal": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "r7g.metal"
+ }
}
}
},
@@ -59363,6 +59946,15 @@
}
}
},
+ "com.amazonaws.ec2#IpList": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.ec2#String",
+ "traits": {
+ "smithy.api#xmlName": "item"
+ }
+ }
+ },
"com.amazonaws.ec2#IpPermission": {
"type": "structure",
"members": {
@@ -60933,7 +61525,7 @@
}
},
"traits": {
- "smithy.api#documentation": "A resource discovery is an IPAM component that enables IPAM Service to manage and monitor resources that belong to the owning account.
"
+ "smithy.api#documentation": "A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.
"
}
},
"com.amazonaws.ec2#IpamResourceDiscoveryAssociation": {
@@ -62182,10 +62774,10 @@
"type": "structure",
"members": {
"UserData": {
- "target": "com.amazonaws.ec2#String",
+ "target": "com.amazonaws.ec2#SensitiveUserData",
"traits": {
"aws.protocols#ec2QueryName": "UserData",
- "smithy.api#documentation": "The Base64-encoded user data for the instance.
",
+ "smithy.api#documentation": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.
",
"smithy.api#xmlName": "userData"
}
},
@@ -62574,7 +63166,7 @@
"target": "com.amazonaws.ec2#LaunchTemplateOverridesList",
"traits": {
"aws.protocols#ec2QueryName": "Overrides",
- "smithy.api#documentation": "Any parameters that you specify override the same parameters in the launch\n template.
",
+ "smithy.api#documentation": "Any parameters that you specify override the same parameters in the launch\n template.
",
"smithy.api#xmlName": "overrides"
}
}
@@ -63712,7 +64304,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "SpotPrice",
- "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to \n increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\n \n If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\n ",
+ "smithy.api#documentation": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to \n increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
\n \n If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
\n ",
"smithy.api#xmlName": "spotPrice"
}
},
@@ -63748,7 +64340,7 @@
"aws.protocols#ec2QueryName": "Priority",
"smithy.api#clientOptional": {},
"smithy.api#default": 0,
- "smithy.api#documentation": "The priority for the launch template override. The highest priority is launched\n first.
\n If OnDemandAllocationStrategy is set to prioritized, Spot Fleet\n uses priority to determine which launch template override to use first in fulfilling\n On-Demand capacity.
\n If the Spot AllocationStrategy is set to\n capacityOptimizedPrioritized, Spot Fleet uses priority on a best-effort basis\n to determine which launch template override to use in fulfilling Spot capacity, but\n optimizes for capacity first.
\n Valid values are whole numbers starting at 0. The lower the number, the\n higher the priority. If no number is set, the launch template override has the lowest\n priority. You can set the same priority for different launch template overrides.
",
+ "smithy.api#documentation": "The priority for the launch template override. The highest priority is launched\n first.
\n If OnDemandAllocationStrategy is set to prioritized, Spot Fleet\n uses priority to determine which launch template override to use first in fulfilling\n On-Demand capacity.
\n If the Spot AllocationStrategy is set to\n capacityOptimizedPrioritized, Spot Fleet uses priority on a best-effort basis\n to determine which launch template override to use in fulfilling Spot capacity, but\n optimizes for capacity first.
\n Valid values are whole numbers starting at 0. The lower the number, the\n higher the priority. If no number is set, the launch template override has the lowest\n priority. You can set the same priority for different launch template overrides.
",
"smithy.api#xmlName": "priority"
}
},
@@ -63756,7 +64348,7 @@
"target": "com.amazonaws.ec2#InstanceRequirements",
"traits": {
"aws.protocols#ec2QueryName": "InstanceRequirements",
- "smithy.api#documentation": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify\n instance types with the provided requirements, and then use your On-Demand and Spot\n allocation strategies to launch instances from these instance types, in the same way as\n when you specify a list of instance types.
\n \n If you specify InstanceRequirements, you can't specify\n InstanceType.
\n ",
+ "smithy.api#documentation": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify\n instance types with the provided requirements, and then use your On-Demand and Spot\n allocation strategies to launch instances from these instance types, in the same way as\n when you specify a list of instance types.
\n \n If you specify InstanceRequirements, you can't specify\n InstanceType.
\n ",
"smithy.api#xmlName": "instanceRequirements"
}
}
@@ -64381,13 +64973,13 @@
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
"
}
},
"MaxResults": {
"target": "com.amazonaws.ec2#ListImagesInRecycleBinMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
\n If you do not specify a value for MaxResults, the request \n returns 1,000 items per page by default. For more information, see \n \n Pagination.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n To get the next page of items, make another request with the token returned in the output.\n\t For more information, see Pagination.
"
}
},
"DryRun": {
@@ -64418,7 +65010,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. This value is null when there\n are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -64457,13 +65049,13 @@
"MaxResults": {
"target": "com.amazonaws.ec2#ListSnapshotsInRecycleBinMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to return with a single call.\n\tTo retrieve the remaining results, make another call with the returned nextToken value.
"
+ "smithy.api#documentation": "The maximum number of items to return for this request.\n\tTo get the next page of items, make another request with the token returned in the output. \n\tFor more information, see Pagination.
"
}
},
"NextToken": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The token for the next page of results.
"
+ "smithy.api#documentation": "The token returned from a previous paginated request.\n Pagination continues from the end of the items returned by the previous request.
"
}
},
"SnapshotIds": {
@@ -64501,7 +65093,7 @@
"target": "com.amazonaws.ec2#String",
"traits": {
"aws.protocols#ec2QueryName": "NextToken",
- "smithy.api#documentation": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
",
+ "smithy.api#documentation": "The token to include in another request to get the next page of items. \n This value is null when there are no more items to return.
",
"smithy.api#xmlName": "nextToken"
}
}
@@ -64826,6 +65418,14 @@
"smithy.api#documentation": "The ID of the network interface.
",
"smithy.api#xmlName": "networkInterfaceId"
}
+ },
+ "DestinationPrefixListId": {
+ "target": "com.amazonaws.ec2#PrefixListResourceId",
+ "traits": {
+ "aws.protocols#ec2QueryName": "DestinationPrefixListId",
+ "smithy.api#documentation": "\n The ID of the prefix list.\n
",
+ "smithy.api#xmlName": "destinationPrefixListId"
+ }
}
},
"traits": {
@@ -66391,7 +66991,7 @@
"ExcessCapacityTerminationPolicy": {
"target": "com.amazonaws.ec2#FleetExcessCapacityTerminationPolicy",
"traits": {
- "smithy.api#documentation": "Indicates whether running instances should be terminated if the total target capacity of\n the EC2 Fleet is decreased below the current size of the EC2 Fleet.
"
+ "smithy.api#documentation": "Indicates whether running instances should be terminated if the total target capacity of\n the EC2 Fleet is decreased below the current size of the EC2 Fleet.
\n Supported only for fleets of type maintain.
"
}
},
"LaunchTemplateConfigs": {
@@ -66591,6 +67191,12 @@
"traits": {
"smithy.api#documentation": "Specifies the instance family to be supported by the Dedicated Host. Specify this\n parameter to modify a Dedicated Host to support multiple instance types within its\n current instance family.
\n If you want to modify a Dedicated Host to support a specific instance type only, omit\n this parameter and specify InstanceType instead. You\n cannot specify InstanceFamily and InstanceType in the same request.
"
}
+ },
+ "HostMaintenance": {
+ "target": "com.amazonaws.ec2#HostMaintenance",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether to enable or disable host maintenance for the Dedicated Host. For\n more information, see Host\n maintenance in the Amazon EC2 User Guide.
"
+ }
}
},
"traits": {
@@ -66715,7 +67321,7 @@
"target": "smithy.api#Unit"
},
"traits": {
- "smithy.api#documentation": "Modifies the specified attribute of the specified AMI. You can specify only one attribute at a time.\n You can use the Attribute parameter to specify the attribute or one of the following parameters: \n Description or LaunchPermission.
\n Images with an Amazon Web Services Marketplace product code cannot be made public.
\n To enable the SriovNetSupport enhanced networking attribute of an image, enable SriovNetSupport on an instance \n and create an AMI from the instance.
"
+ "smithy.api#documentation": "Modifies the specified attribute of the specified AMI. You can specify only one attribute at a time.
\n To specify the attribute, you can use the Attribute parameter, or one of the following parameters: \n Description, ImdsSupport, or LaunchPermission.
\n Images with an Amazon Web Services Marketplace product code cannot be made public.
\n To enable the SriovNetSupport enhanced networking attribute of an image, enable SriovNetSupport on an instance \n and create an AMI from the instance.
"
}
},
"com.amazonaws.ec2#ModifyImageAttributeRequest": {
@@ -66724,7 +67330,7 @@
"Attribute": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The name of the attribute to modify.
\n Valid values: description | launchPermission\n
"
+ "smithy.api#documentation": "The name of the attribute to modify.
\n Valid values: description | imdsSupport | launchPermission\n
"
}
},
"Description": {
@@ -66777,7 +67383,7 @@
"Value": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The value of the attribute being modified. \n This parameter can be used only when the Attribute parameter is description.
"
+ "smithy.api#documentation": "The value of the attribute being modified. \n This parameter can be used only when the Attribute parameter is description or imdsSupport.
"
}
},
"DryRun": {
@@ -66803,6 +67409,12 @@
"smithy.api#documentation": "The Amazon Resource Name (ARN) of an organizational unit (OU). This parameter can be used only when the Attribute parameter is launchPermission.
",
"smithy.api#xmlName": "OrganizationalUnitArn"
}
+ },
+ "ImdsSupport": {
+ "target": "com.amazonaws.ec2#AttributeValue",
+ "traits": {
+ "smithy.api#documentation": "Set to v2.0 to indicate that IMDSv2 is specified in the AMI. Instances\n launched from this AMI will have HttpTokens automatically set to\n required so that, by default, the instance requires that IMDSv2 is used when\n requesting instance metadata. In addition, HttpPutResponseHopLimit is set to\n 2. For more information, see Configure\n the AMI in the Amazon EC2 User Guide.
\n \n Do not use this parameter unless your AMI software supports IMDSv2. After you set the value to v2.0, \n you can't undo it. The only way to “reset” your AMI is to create a new AMI from the underlying snapshot.
\n "
+ }
}
},
"traits": {
@@ -67730,7 +68342,7 @@
"target": "com.amazonaws.ec2#ModifyIpamResourceDiscoveryResult"
},
"traits": {
- "smithy.api#documentation": "Modifies a resource discovery. A resource discovery is an IPAM component that enables IPAM Service to manage and monitor resources that belong to the owning account.
"
+ "smithy.api#documentation": "Modifies a resource discovery. A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.
"
}
},
"com.amazonaws.ec2#ModifyIpamResourceDiscoveryRequest": {
@@ -67942,9 +68554,7 @@
"DestinationCidrBlock": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#clientOptional": {},
- "smithy.api#documentation": "The CIDR block used for destination matches. The value that you provide must match the CIDR of an existing route in the table.
",
- "smithy.api#required": {}
+ "smithy.api#documentation": "The CIDR block used for destination matches. The value that you provide must match the CIDR of an existing route in the table.
"
}
},
"LocalGatewayRouteTableId": {
@@ -67974,6 +68584,12 @@
"smithy.api#default": false,
"smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
"
}
+ },
+ "DestinationPrefixListId": {
+ "target": "com.amazonaws.ec2#PrefixListResourceId",
+ "traits": {
+ "smithy.api#documentation": "\n The ID of the prefix list. Use a prefix list in place of DestinationCidrBlock. You \n cannot use DestinationPrefixListId and DestinationCidrBlock in the same request.\n
"
+ }
}
},
"traits": {
@@ -68182,7 +68798,9 @@
"InstanceId": {
"target": "com.amazonaws.ec2#InstanceId",
"traits": {
- "smithy.api#documentation": "The ID of the instance.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the instance.
",
+ "smithy.api#required": {}
}
},
"PrivateDnsHostnameType": {
@@ -68502,7 +69120,7 @@
"target": "com.amazonaws.ec2#ExcessCapacityTerminationPolicy",
"traits": {
"aws.protocols#ec2QueryName": "ExcessCapacityTerminationPolicy",
- "smithy.api#documentation": "Indicates whether running Spot Instances should be terminated if the target capacity\n of the Spot Fleet request is decreased below the current size of the Spot Fleet.
",
+ "smithy.api#documentation": "Indicates whether running instances should be terminated if the target capacity\n of the Spot Fleet request is decreased below the current size of the Spot Fleet.
\n Supported only for fleets of type maintain.
",
"smithy.api#xmlName": "excessCapacityTerminationPolicy"
}
},
@@ -68743,7 +69361,7 @@
"type": "structure",
"members": {
"TrafficMirrorFilterRuleId": {
- "target": "com.amazonaws.ec2#TrafficMirrorFilterRuleId",
+ "target": "com.amazonaws.ec2#TrafficMirrorFilterRuleIdWithResolver",
"traits": {
"smithy.api#clientOptional": {},
"smithy.api#documentation": "The ID of the Traffic Mirror rule.
",
@@ -70435,7 +71053,7 @@
"target": "com.amazonaws.ec2#ModifyVpcPeeringConnectionOptionsResult"
},
"traits": {
- "smithy.api#documentation": "\n We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\n \n Modifies the VPC peering connection options on one side of a VPC peering connection. You can do the following:
\n \n - \n
Enable/disable communication over the peering connection between an EC2-Classic instance that's linked to your VPC (using ClassicLink) and instances in the peer VPC.
\n \n - \n
Enable/disable communication over the peering connection between instances in your VPC and an EC2-Classic instance that's linked to the peer VPC.
\n \n - \n
Enable/disable the ability to resolve public DNS hostnames to private IP\n addresses when queried from instances in the peer VPC.
\n \n
\n If the peered VPCs are in the same Amazon Web Services account, you can enable DNS resolution \n for queries from the local VPC. This ensures that queries from the local VPC resolve to private IP\n addresses in the peer VPC. This option is not available if the peered VPCs are in different\n different Amazon Web Services accounts or different Regions. For peered VPCs in different \n Amazon Web Services accounts, each Amazon Web Services account owner must initiate a separate request \n to modify the peering connection options. For inter-region peering connections, you must use the \n Region for the requester VPC to modify the requester VPC peering options and the Region for the \n accepter VPC to modify the accepter VPC peering options. To verify which VPCs are the accepter and \n the requester for a VPC peering connection, use the DescribeVpcPeeringConnections command.
"
+ "smithy.api#documentation": "\n We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.
\n \n Modifies the VPC peering connection options on one side of a VPC peering connection. You can do the following:
\n \n - \n
Enable/disable communication over the peering connection between an EC2-Classic instance that's linked to your VPC (using ClassicLink) and instances in the peer VPC.
\n \n - \n
Enable/disable communication over the peering connection between instances in your VPC and an EC2-Classic instance that's linked to the peer VPC.
\n \n - \n
Enable/disable the ability to resolve public DNS hostnames to private IP\n addresses when queried from instances in the peer VPC.
\n \n
\n If the peered VPCs are in the same Amazon Web Services account, you can enable DNS\n resolution for queries from the local VPC. This ensures that queries from the local VPC\n resolve to private IP addresses in the peer VPC. This option is not available if the\n peered VPCs are in different Amazon Web Services accounts or different Regions. For\n peered VPCs in different Amazon Web Services accounts, each Amazon Web Services account\n owner must initiate a separate request to modify the peering connection options. For\n inter-region peering connections, you must use the Region for the requester VPC to\n modify the requester VPC peering options and the Region for the accepter VPC to modify\n the accepter VPC peering options. To verify which VPCs are the accepter and the\n requester for a VPC peering connection, use the DescribeVpcPeeringConnections command.
"
}
},
"com.amazonaws.ec2#ModifyVpcPeeringConnectionOptionsRequest": {
@@ -71385,6 +72003,40 @@
"smithy.api#documentation": "[Public NAT gateway only] The Elastic IP address associated with the NAT gateway.
",
"smithy.api#xmlName": "publicIp"
}
+ },
+ "AssociationId": {
+ "target": "com.amazonaws.ec2#String",
+ "traits": {
+ "aws.protocols#ec2QueryName": "AssociationId",
+ "smithy.api#documentation": "[Public NAT gateway only] The association ID of the Elastic IP address that's associated with the NAT gateway.
",
+ "smithy.api#xmlName": "associationId"
+ }
+ },
+ "IsPrimary": {
+ "target": "com.amazonaws.ec2#Boolean",
+ "traits": {
+ "aws.protocols#ec2QueryName": "IsPrimary",
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": false,
+ "smithy.api#documentation": "Defines if the IP address is the primary address.
",
+ "smithy.api#xmlName": "isPrimary"
+ }
+ },
+ "FailureMessage": {
+ "target": "com.amazonaws.ec2#String",
+ "traits": {
+ "aws.protocols#ec2QueryName": "FailureMessage",
+ "smithy.api#documentation": "The address failure message.
",
+ "smithy.api#xmlName": "failureMessage"
+ }
+ },
+ "Status": {
+ "target": "com.amazonaws.ec2#NatGatewayAddressStatus",
+ "traits": {
+ "aws.protocols#ec2QueryName": "Status",
+ "smithy.api#documentation": "The address status.
",
+ "smithy.api#xmlName": "status"
+ }
}
},
"traits": {
@@ -71400,6 +72052,47 @@
}
}
},
+ "com.amazonaws.ec2#NatGatewayAddressStatus": {
+ "type": "enum",
+ "members": {
+ "ASSIGNING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "assigning"
+ }
+ },
+ "UNASSIGNING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "unassigning"
+ }
+ },
+ "ASSOCIATING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "associating"
+ }
+ },
+ "DISASSOCIATING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "disassociating"
+ }
+ },
+ "SUCCEEDED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "succeeded"
+ }
+ },
+ "FAILED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "failed"
+ }
+ }
+ }
+ },
"com.amazonaws.ec2#NatGatewayId": {
"type": "string"
},
@@ -75568,6 +76261,16 @@
}
}
},
+ "com.amazonaws.ec2#PrivateIpAddressCount": {
+ "type": "integer",
+ "traits": {
+ "smithy.api#default": 0,
+ "smithy.api#range": {
+ "min": 1,
+ "max": 7
+ }
+ }
+ },
"com.amazonaws.ec2#PrivateIpAddressSpecification": {
"type": "structure",
"members": {
@@ -76608,22 +77311,32 @@
}
},
"com.amazonaws.ec2#RIProductDescription": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "Linux/UNIX"
- },
- {
- "value": "Linux/UNIX (Amazon VPC)"
- },
- {
- "value": "Windows"
- },
- {
- "value": "Windows (Amazon VPC)"
+ "type": "enum",
+ "members": {
+ "Linux_UNIX": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Linux/UNIX"
}
- ]
+ },
+ "Linux_UNIX_Amazon_VPC_": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Linux/UNIX (Amazon VPC)"
+ }
+ },
+ "Windows": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Windows"
+ }
+ },
+ "Windows_Amazon_VPC_": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Windows (Amazon VPC)"
+ }
+ }
}
},
"com.amazonaws.ec2#RamdiskId": {
@@ -76957,7 +77670,7 @@
"BootMode": {
"target": "com.amazonaws.ec2#BootModeValues",
"traits": {
- "smithy.api#documentation": "The boot mode of the AMI. For more information, see Boot modes in the\n Amazon EC2 User Guide.
"
+ "smithy.api#documentation": "The boot mode of the AMI. A value of uefi-preferred indicates that the AMI supports both UEFI and Legacy BIOS.
\n \n The operating system contained in the AMI must be configured to support the specified boot mode.
\n \n For more information, see Boot modes in the\n Amazon EC2 User Guide.
"
}
},
"TpmSupport": {
@@ -77088,7 +77801,9 @@
"TransitGatewayMulticastDomainId": {
"target": "com.amazonaws.ec2#TransitGatewayMulticastDomainId",
"traits": {
- "smithy.api#documentation": "The ID of the transit gateway multicast domain.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the transit gateway multicast domain.
",
+ "smithy.api#required": {}
}
},
"GroupIpAddress": {
@@ -77100,7 +77815,9 @@
"NetworkInterfaceIds": {
"target": "com.amazonaws.ec2#TransitGatewayNetworkInterfaceIdList",
"traits": {
- "smithy.api#documentation": "The group members' network interface IDs to register with the transit gateway multicast group.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The group members' network interface IDs to register with the transit gateway multicast group.
",
+ "smithy.api#required": {}
}
},
"DryRun": {
@@ -77147,7 +77864,9 @@
"TransitGatewayMulticastDomainId": {
"target": "com.amazonaws.ec2#TransitGatewayMulticastDomainId",
"traits": {
- "smithy.api#documentation": "The ID of the transit gateway multicast domain.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the transit gateway multicast domain.
",
+ "smithy.api#required": {}
}
},
"GroupIpAddress": {
@@ -77159,7 +77878,9 @@
"NetworkInterfaceIds": {
"target": "com.amazonaws.ec2#TransitGatewayNetworkInterfaceIdList",
"traits": {
- "smithy.api#documentation": "The group sources' network interface IDs to register with the transit gateway multicast group.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The group sources' network interface IDs to register with the transit gateway multicast group.
",
+ "smithy.api#required": {}
}
},
"DryRun": {
@@ -78613,7 +79334,7 @@
"ImageId": {
"target": "com.amazonaws.ec2#ImageId",
"traits": {
- "smithy.api#documentation": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which\n will resolve to an AMI ID on launch.
\n Valid formats:
\n \n - \n
\n ami-17characters00000\n
\n \n - \n
\n resolve:ssm:parameter-name\n
\n \n - \n
\n resolve:ssm:parameter-name:version-number\n
\n \n - \n
\n resolve:ssm:parameter-name:label\n
\n \n
\n For more information, see Use a Systems \n Manager parameter instead of an AMI ID in the Amazon Elastic Compute Cloud User Guide.
"
+ "smithy.api#documentation": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which\n will resolve to an AMI ID on launch.
\n Valid formats:
\n \n - \n
\n ami-17characters00000\n
\n \n - \n
\n resolve:ssm:parameter-name\n
\n \n - \n
\n resolve:ssm:parameter-name:version-number\n
\n \n - \n
\n resolve:ssm:parameter-name:label\n
\n \n
\n For more information, see Use a Systems Manager parameter to find an AMI in the Amazon Elastic Compute Cloud User Guide.
"
}
},
"InstanceType": {
@@ -79105,10 +79826,10 @@
}
},
"UserData": {
- "target": "com.amazonaws.ec2#String",
+ "target": "com.amazonaws.ec2#SensitiveUserData",
"traits": {
"aws.protocols#ec2QueryName": "UserData",
- "smithy.api#documentation": "The Base64-encoded user data for the instance. User data is limited to 16 KB.
",
+ "smithy.api#documentation": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.
",
"smithy.api#xmlName": "userData"
}
}
@@ -81181,7 +81902,7 @@
}
},
"UserData": {
- "target": "com.amazonaws.ec2#String",
+ "target": "com.amazonaws.ec2#SensitiveUserData",
"traits": {
"aws.protocols#ec2QueryName": "UserData",
"smithy.api#documentation": "The user data for the instance.
",
@@ -82064,6 +82785,9 @@
}
}
},
+ "com.amazonaws.ec2#RoleId": {
+ "type": "string"
+ },
"com.amazonaws.ec2#RootDeviceType": {
"type": "enum",
"members": {
@@ -82947,7 +83671,7 @@
"AWSAccessKeyId": {
"target": "com.amazonaws.ec2#String",
"traits": {
- "smithy.api#documentation": "The access key ID of the owner of the bucket. Before you specify a value for your access\n key ID, review and follow the guidance in Best practices for managing\n Amazon Web Services access keys.
"
+ "smithy.api#documentation": "The access key ID of the owner of the bucket. Before you specify a value for your access\n key ID, review and follow the guidance in Best\n Practices for Amazon Web Services accounts in the Account ManagementReference\n Guide.
"
}
},
"Bucket": {
@@ -83600,7 +84324,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Describes the launch specification for a Scheduled Instance.
\n If you are launching the Scheduled Instance in EC2-VPC, you must specify the ID of the subnet.\n You can specify the subnet using either SubnetId or NetworkInterface.
"
+ "smithy.api#documentation": "Describes the launch specification for a Scheduled Instance.
\n If you are launching the Scheduled Instance in EC2-VPC, you must specify the ID of the subnet.\n You can specify the subnet using either SubnetId or NetworkInterface.
",
+ "smithy.api#sensitive": {}
}
},
"com.amazonaws.ec2#ScheduledInstancesMonitoring": {
@@ -83804,7 +84529,7 @@
"Filters": {
"target": "com.amazonaws.ec2#FilterList",
"traits": {
- "smithy.api#documentation": "One or more filters.
\n \n - \n
\n route-search.exact-match - The exact match of the specified filter.
\n \n - \n
\n route-search.longest-prefix-match - The longest prefix that matches the route.
\n \n - \n
\n route-search.subnet-of-match - The routes with a subnet that match the specified CIDR filter.
\n \n - \n
\n route-search.supernet-of-match - The routes with a CIDR that encompass the CIDR filter. \n For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match \n as 10.0.1.0/30, then the result returns 10.0.1.0/29.
\n \n - \n
\n state - The state of the route.
\n \n - \n
\n type - The route type.
\n \n
",
+ "smithy.api#documentation": "One or more filters.
\n \n - \n
\n prefix-list-id - The ID of the prefix list.
\n \n - \n
\n route-search.exact-match - The exact match of the specified filter.
\n \n - \n
\n route-search.longest-prefix-match - The longest prefix that matches the route.
\n \n - \n
\n route-search.subnet-of-match - The routes with a subnet that match the specified CIDR filter.
\n \n - \n
\n route-search.supernet-of-match - The routes with a CIDR that encompass the CIDR filter. \n For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match \n as 10.0.1.0/30, then the result returns 10.0.1.0/29.
\n \n - \n
\n state - The state of the route.
\n \n - \n
\n type - The route type.
\n \n
",
"smithy.api#xmlName": "Filter"
}
},
@@ -83878,7 +84603,9 @@
"TransitGatewayMulticastDomainId": {
"target": "com.amazonaws.ec2#TransitGatewayMulticastDomainId",
"traits": {
- "smithy.api#documentation": "The ID of the transit gateway multicast domain.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the transit gateway multicast domain.
",
+ "smithy.api#required": {}
}
},
"Filters": {
@@ -84416,7 +85143,9 @@
"SecurityGroupRuleId": {
"target": "com.amazonaws.ec2#SecurityGroupRuleId",
"traits": {
- "smithy.api#documentation": "The ID of the security group rule.
"
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The ID of the security group rule.
",
+ "smithy.api#required": {}
}
},
"SecurityGroupRule": {
@@ -85911,10 +86640,10 @@
}
},
"UserData": {
- "target": "com.amazonaws.ec2#String",
+ "target": "com.amazonaws.ec2#SensitiveUserData",
"traits": {
"aws.protocols#ec2QueryName": "UserData",
- "smithy.api#documentation": "The Base64-encoded user data that instances use when starting up.
",
+ "smithy.api#documentation": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.
",
"smithy.api#xmlName": "userData"
}
},
@@ -85940,7 +86669,7 @@
"target": "com.amazonaws.ec2#InstanceRequirements",
"traits": {
"aws.protocols#ec2QueryName": "InstanceRequirements",
- "smithy.api#documentation": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will\n identify instance types with those attributes.
\n \n If you specify InstanceRequirements, you can't specify\n InstanceType.
\n ",
+ "smithy.api#documentation": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will\n identify instance types with those attributes.
\n \n If you specify InstanceRequirements, you can't specify\n InstanceType.
\n ",
"smithy.api#xmlName": "instanceRequirements"
}
}
@@ -86062,7 +86791,7 @@
"target": "com.amazonaws.ec2#ExcessCapacityTerminationPolicy",
"traits": {
"aws.protocols#ec2QueryName": "ExcessCapacityTerminationPolicy",
- "smithy.api#documentation": "Indicates whether running Spot Instances should be terminated if you decrease the\n target capacity of the Spot Fleet request below the current size of the Spot\n Fleet.
",
+ "smithy.api#documentation": "Indicates whether running instances should be terminated if you decrease the\n target capacity of the Spot Fleet request below the current size of the Spot Fleet.
\n Supported only for fleets of type maintain.
",
"smithy.api#xmlName": "excessCapacityTerminationPolicy"
}
},
@@ -88491,7 +89220,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The tags to apply to a resource when the resource is being created.
\n \n The Valid Values lists all the resource types that can be tagged.\n However, the action you're using might not support tagging all of these resource types.\n If you try to tag a resource type that is unsupported for the action you're using,\n you'll get an error.
\n "
+ "smithy.api#documentation": "The tags to apply to a resource when the resource is being created. When you specify a tag, you must \n specify the resource type to tag, otherwise the request will fail.
\n \n The Valid Values lists all the resource types that can be tagged.\n However, the action you're using might not support tagging all of these resource types.\n If you try to tag a resource type that is unsupported for the action you're using,\n you'll get an error.
\n "
}
},
"com.amazonaws.ec2#TagSpecificationList": {
@@ -89455,7 +90184,7 @@
"target": "com.amazonaws.ec2#TrafficMirrorFilterRuleField"
}
},
- "com.amazonaws.ec2#TrafficMirrorFilterRuleId": {
+ "com.amazonaws.ec2#TrafficMirrorFilterRuleIdWithResolver": {
"type": "string"
},
"com.amazonaws.ec2#TrafficMirrorFilterRuleList": {
@@ -93194,6 +93923,80 @@
"smithy.api#input": {}
}
},
+ "com.amazonaws.ec2#UnassignPrivateNatGatewayAddress": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.ec2#UnassignPrivateNatGatewayAddressRequest"
+ },
+ "output": {
+ "target": "com.amazonaws.ec2#UnassignPrivateNatGatewayAddressResult"
+ },
+ "traits": {
+ "smithy.api#documentation": "Unassigns secondary private IPv4 addresses from a private NAT gateway. You cannot unassign your primary private IP. For more information, see Edit secondary IP address associations in the Amazon Virtual Private Cloud User Guide.
\n While unassigning is in progress, you cannot assign/unassign additional IP addresses while the connections are being drained. You are, however, allowed to delete the NAT gateway.
\n A private IP address will only be released at the end of MaxDrainDurationSeconds. The\n private IP addresses stay associated and support the existing connections but do not\n support any new connections (new connections are distributed across the remaining\n assigned private IP address). After the existing connections drain out, the private IP\n addresses get released.
\n \n "
+ }
+ },
+ "com.amazonaws.ec2#UnassignPrivateNatGatewayAddressRequest": {
+ "type": "structure",
+ "members": {
+ "NatGatewayId": {
+ "target": "com.amazonaws.ec2#NatGatewayId",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The NAT gateway ID.
",
+ "smithy.api#required": {}
+ }
+ },
+ "PrivateIpAddresses": {
+ "target": "com.amazonaws.ec2#IpList",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#documentation": "The private IPv4 addresses you want to unassign.
",
+ "smithy.api#required": {},
+ "smithy.api#xmlName": "PrivateIpAddress"
+ }
+ },
+ "MaxDrainDurationSeconds": {
+ "target": "com.amazonaws.ec2#DrainSeconds",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": 0,
+ "smithy.api#documentation": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.
"
+ }
+ },
+ "DryRun": {
+ "target": "com.amazonaws.ec2#Boolean",
+ "traits": {
+ "smithy.api#clientOptional": {},
+ "smithy.api#default": false,
+ "smithy.api#documentation": "Checks whether you have the required permissions for the action, without actually making the request, \n and provides an error response. If you have the required permissions, the error response is DryRunOperation. \n Otherwise, it is UnauthorizedOperation.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.ec2#UnassignPrivateNatGatewayAddressResult": {
+ "type": "structure",
+ "members": {
+ "NatGatewayId": {
+ "target": "com.amazonaws.ec2#NatGatewayId",
+ "traits": {
+ "aws.protocols#ec2QueryName": "NatGatewayId",
+ "smithy.api#documentation": "The NAT gateway ID.
",
+ "smithy.api#xmlName": "natGatewayId"
+ }
+ },
+ "NatGatewayAddresses": {
+ "target": "com.amazonaws.ec2#NatGatewayAddressList",
+ "traits": {
+ "aws.protocols#ec2QueryName": "NatGatewayAddressSet",
+ "smithy.api#documentation": "Information about the NAT gateway IP addresses.
",
+ "smithy.api#xmlName": "natGatewayAddressSet"
+ }
+ }
+ }
+ },
"com.amazonaws.ec2#UnlimitedSupportedInstanceFamily": {
"type": "enum",
"members": {
diff --git a/aws/sdk/aws-models/ecs.json b/aws/sdk/aws-models/ecs.json
index eabba64bc6..b408252d21 100644
--- a/aws/sdk/aws-models/ecs.json
+++ b/aws/sdk/aws-models/ecs.json
@@ -113,6 +113,9 @@
{
"target": "com.amazonaws.ecs#DeleteService"
},
+ {
+ "target": "com.amazonaws.ecs#DeleteTaskDefinitions"
+ },
{
"target": "com.amazonaws.ecs#DeleteTaskSet"
},
@@ -274,7 +277,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -303,13 +306,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -317,14 +319,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -333,67 +341,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -402,154 +385,215 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://ecs-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://ecs-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://ecs-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://ecs-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://ecs.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
+ }
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
@@ -557,7 +601,7 @@
{
"conditions": [],
"endpoint": {
- "url": "https://ecs.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://ecs.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -566,28 +610,13 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://ecs.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -596,16 +625,16 @@
"smithy.rules#endpointTests": {
"testCases": [
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.sa-east-1.amazonaws.com"
+ "url": "https://ecs.af-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "sa-east-1"
+ "UseFIPS": false,
+ "Region": "af-south-1"
}
},
{
@@ -616,35 +645,61 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "ap-east-1"
}
},
{
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.eu-south-1.amazonaws.com"
+ "url": "https://ecs.ap-northeast-1.amazonaws.com"
}
},
"params": {
+ "UseDualStack": false,
"UseFIPS": false,
+ "Region": "ap-northeast-1"
+ }
+ },
+ {
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://ecs.ap-northeast-2.amazonaws.com"
+ }
+ },
+ "params": {
"UseDualStack": false,
- "Region": "eu-south-1"
+ "UseFIPS": false,
+ "Region": "ap-northeast-2"
}
},
{
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.eu-central-1.amazonaws.com"
+ "url": "https://ecs.ap-northeast-3.amazonaws.com"
}
},
"params": {
+ "UseDualStack": false,
"UseFIPS": false,
+ "Region": "ap-northeast-3"
+ }
+ },
+ {
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://ecs.ap-south-1.amazonaws.com"
+ }
+ },
+ "params": {
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": false,
+ "Region": "ap-south-1"
}
},
{
@@ -655,8 +710,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "ap-southeast-1"
}
},
@@ -668,8 +723,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "ap-southeast-2"
}
},
@@ -681,8 +736,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "ap-southeast-3"
}
},
@@ -694,126 +749,113 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "ca-central-1"
}
},
{
- "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.us-west-1.amazonaws.com"
+ "url": "https://ecs.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": false,
+ "Region": "eu-central-1"
}
},
{
- "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.us-west-1.amazonaws.com"
+ "url": "https://ecs.eu-north-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-west-1"
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://ecs.us-west-2.amazonaws.com"
- }
- },
- "params": {
"UseFIPS": false,
- "UseDualStack": false,
- "Region": "us-west-2"
+ "Region": "eu-north-1"
}
},
{
- "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.us-west-2.amazonaws.com"
+ "url": "https://ecs.eu-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false,
+ "Region": "eu-south-1"
}
},
{
- "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.af-south-1.amazonaws.com"
+ "url": "https://ecs.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "af-south-1"
+ "UseFIPS": false,
+ "Region": "eu-west-1"
}
},
{
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.ap-south-1.amazonaws.com"
+ "url": "https://ecs.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-south-1"
+ "UseFIPS": false,
+ "Region": "eu-west-2"
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.ap-northeast-1.amazonaws.com"
+ "url": "https://ecs.eu-west-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": false,
+ "Region": "eu-west-3"
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.ap-northeast-2.amazonaws.com"
+ "url": "https://ecs.me-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": false,
+ "Region": "me-south-1"
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.ap-northeast-3.amazonaws.com"
+ "url": "https://ecs.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-northeast-3"
+ "UseFIPS": false,
+ "Region": "sa-east-1"
}
},
{
@@ -824,8 +866,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "us-east-1"
}
},
@@ -837,100 +879,87 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "us-east-1"
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.eu-west-1.amazonaws.com"
+ "url": "https://ecs.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "eu-west-1"
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://ecs.eu-west-2.amazonaws.com"
- }
- },
- "params": {
"UseFIPS": false,
- "UseDualStack": false,
- "Region": "eu-west-2"
+ "Region": "us-east-2"
}
},
{
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.eu-west-3.amazonaws.com"
+ "url": "https://ecs-fips.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "eu-west-3"
+ "UseFIPS": true,
+ "Region": "us-east-2"
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.me-south-1.amazonaws.com"
+ "url": "https://ecs.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "me-south-1"
+ "UseFIPS": false,
+ "Region": "us-west-1"
}
},
{
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.eu-north-1.amazonaws.com"
+ "url": "https://ecs-fips.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "eu-north-1"
+ "UseFIPS": true,
+ "Region": "us-west-1"
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.us-east-2.amazonaws.com"
+ "url": "https://ecs.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false,
+ "Region": "us-west-2"
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.us-east-2.amazonaws.com"
+ "url": "https://ecs-fips.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": true,
+ "Region": "us-west-2"
}
},
{
@@ -941,8 +970,8 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": true,
+ "UseFIPS": true,
"Region": "us-east-1"
}
},
@@ -954,241 +983,254 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": true,
+ "UseFIPS": false,
"Region": "us-east-1"
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.us-gov-west-1.amazonaws.com"
+ "url": "https://ecs.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.us-gov-west-1.amazonaws.com"
+ "url": "https://ecs.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false,
+ "Region": "cn-northwest-1"
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ecs.us-gov-east-1.amazonaws.com"
+ "url": "https://ecs-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseDualStack": true,
+ "UseFIPS": true,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.us-gov-east-1.amazonaws.com"
+ "url": "https://ecs-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": true,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.us-gov-east-1.api.aws"
+ "url": "https://ecs.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": false,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.us-gov-east-1.api.aws"
+ "url": "https://ecs.us-gov-east-1.amazonaws.com"
}
},
"params": {
+ "UseDualStack": false,
"UseFIPS": false,
- "UseDualStack": true,
"Region": "us-gov-east-1"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://ecs-fips.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": true,
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://ecs.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false,
+ "Region": "us-gov-west-1"
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://ecs-fips.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "cn-northwest-1"
+ "UseFIPS": true,
+ "Region": "us-gov-west-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ecs.cn-north-1.amazonaws.com.cn"
+ "url": "https://ecs-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "cn-north-1"
+ "UseDualStack": true,
+ "UseFIPS": true,
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://ecs.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": true,
- "Region": "cn-north-1"
+ "UseFIPS": false,
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://ecs.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": false,
+ "Region": "us-iso-east-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://ecs.us-iso-west-1.c2s.ic.gov"
}
},
"params": {
+ "UseDualStack": false,
"UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "us-iso-west-1"
}
},
{
- "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.us-iso-west-1.c2s.ic.gov"
+ "url": "https://ecs-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-iso-west-1"
+ "UseFIPS": true,
+ "Region": "us-iso-east-1"
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs.us-iso-east-1.c2s.ic.gov"
+ "url": "https://ecs.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false,
+ "Region": "us-isob-east-1"
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://ecs-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://ecs-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": true,
+ "Region": "us-isob-east-1"
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
},
+ {
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
+ "UseDualStack": false,
+ "UseFIPS": false,
+ "Endpoint": "https://example.com"
+ }
+ },
{
"documentation": "For custom endpoint with fips enabled and dualstack disabled",
"expect": {
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
@@ -1199,8 +1241,8 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
"UseDualStack": true,
+ "UseFIPS": false,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
@@ -1392,7 +1434,7 @@
"managedTerminationProtection": {
"target": "com.amazonaws.ecs#ManagedTerminationProtection",
"traits": {
- "smithy.api#documentation": "The managed termination protection setting to use for the Auto Scaling group capacity\n\t\t\tprovider. This determines whether the Auto Scaling group has managed termination\n\t\t\tprotection. The default is disabled.
\n \n When using managed termination protection, managed scaling must also be used\n\t\t\t\totherwise managed termination protection doesn't work.
\n \n When managed termination protection is enabled, Amazon ECS prevents the Amazon EC2 instances in\n\t\t\tan Auto Scaling group that contain tasks from being terminated during a scale-in action.\n\t\t\tThe Auto Scaling group and each instance in the Auto Scaling group must have instance\n\t\t\tprotection from scale-in actions enabled as well. For more information, see Instance Protection in the Auto Scaling User Guide.
\n When managed termination protection is disabled, your Amazon EC2 instances aren't protected\n\t\t\tfrom termination when the Auto Scaling group scales in.
"
+ "smithy.api#documentation": "The managed termination protection setting to use for the Auto Scaling group capacity\n\t\t\tprovider. This determines whether the Auto Scaling group has managed termination\n\t\t\tprotection. The default is off.
\n \n When using managed termination protection, managed scaling must also be used\n\t\t\t\totherwise managed termination protection doesn't work.
\n \n When managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto\n\t\t\tScaling group that contain tasks from being terminated during a scale-in action. The\n\t\t\tAuto Scaling group and each instance in the Auto Scaling group must have instance\n\t\t\tprotection from scale-in actions enabled as well. For more information, see Instance Protection in the Auto Scaling User Guide.
\n When managed termination protection is off, your Amazon EC2 instances aren't protected from\n\t\t\ttermination when the Auto Scaling group scales in.
"
}
}
},
@@ -1412,7 +1454,7 @@
"managedTerminationProtection": {
"target": "com.amazonaws.ecs#ManagedTerminationProtection",
"traits": {
- "smithy.api#documentation": "The managed termination protection setting to use for the Auto Scaling group capacity\n\t\t\tprovider. This determines whether the Auto Scaling group has managed termination\n\t\t\tprotection.
\n \n When using managed termination protection, managed scaling must also be used\n\t\t\t\totherwise managed termination protection doesn't work.
\n \n When managed termination protection is enabled, Amazon ECS prevents the Amazon EC2 instances in\n\t\t\tan Auto Scaling group that contain tasks from being terminated during a scale-in action.\n\t\t\tThe Auto Scaling group and each instance in the Auto Scaling group must have instance\n\t\t\tprotection from scale-in actions enabled. For more information, see Instance Protection in the Auto Scaling User Guide.
\n When managed termination protection is disabled, your Amazon EC2 instances aren't protected\n\t\t\tfrom termination when the Auto Scaling group scales in.
"
+ "smithy.api#documentation": "The managed termination protection setting to use for the Auto Scaling group capacity\n\t\t\tprovider. This determines whether the Auto Scaling group has managed termination\n\t\t\tprotection.
\n \n When using managed termination protection, managed scaling must also be used\n\t\t\t\totherwise managed termination protection doesn't work.
\n \n When managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto\n\t\t\tScaling group that contain tasks from being terminated during a scale-in action. The\n\t\t\tAuto Scaling group and each instance in the Auto Scaling group must have instance\n\t\t\tprotection from scale-in actions on. For more information, see Instance Protection in the Auto Scaling User Guide.
\n When managed termination protection is off, your Amazon EC2 instances aren't protected from\n\t\t\ttermination when the Auto Scaling group scales in.
"
}
}
},
@@ -1756,7 +1798,7 @@
"settings": {
"target": "com.amazonaws.ecs#ClusterSettings",
"traits": {
- "smithy.api#documentation": "The settings for the cluster. This parameter indicates whether CloudWatch Container Insights\n\t\t\tis enabled or disabled for a cluster.
"
+ "smithy.api#documentation": "The settings for the cluster. This parameter indicates whether CloudWatch Container Insights is on\n\t\t\tor off for a cluster.
"
}
},
"capacityProviders": {
@@ -1938,7 +1980,7 @@
"value": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The value to set for the cluster setting. The supported values are\n\t\t\t\tenabled and disabled. If enabled is\n\t\t\tspecified, CloudWatch Container Insights will be enabled for the cluster, otherwise it will be\n\t\t\tdisabled unless the containerInsights account setting is enabled. If a\n\t\t\tcluster value is specified, it will override the containerInsights value\n\t\t\tset with PutAccountSetting or PutAccountSettingDefault.
"
+ "smithy.api#documentation": "The value to set for the cluster setting. The supported values are enabled and\n\t\t\t\tdisabled. If enabled is specified, CloudWatch Container Insights\n\t\t\twill be enabled for the cluster, otherwise it will be off unless the\n\t\t\t\tcontainerInsights account setting is turned on. If a cluster value is\n\t\t\tspecified, it will override the containerInsights value set with PutAccountSetting or PutAccountSettingDefault.
"
}
}
},
@@ -2299,7 +2341,7 @@
"disableNetworking": {
"target": "com.amazonaws.ecs#BoxedBoolean",
"traits": {
- "smithy.api#documentation": "When this parameter is true, networking is disabled within the container. This\n\t\t\tparameter maps to NetworkDisabled in the Create a container\n\t\t\tsection of the Docker Remote API.
\n \n This parameter is not supported for Windows containers.
\n "
+ "smithy.api#documentation": "When this parameter is true, networking is off within the container. This parameter maps to\n\t\t\t\tNetworkDisabled in the Create a container section of\n\t\t\tthe Docker Remote API.
\n \n This parameter is not supported for Windows containers.
\n "
}
},
"privileged": {
@@ -2359,7 +2401,7 @@
"ulimits": {
"target": "com.amazonaws.ecs#UlimitList",
"traits": {
- "smithy.api#documentation": "A list of ulimits to set in the container. If a ulimit value\n\t\t\tis specified in a task definition, it overrides the default values set by Docker. This\n\t\t\tparameter maps to Ulimits in the Create a container section\n\t\t\tof the Docker Remote API and the --ulimit option to docker run. Valid naming values are displayed\n\t\t\tin the Ulimit data type.
\n Amazon ECS tasks hosted on Fargate use the default\n\t\t\t\t\t\t\tresource limit values set by the operating system with the exception of\n\t\t\t\t\t\t\tthe nofile resource limit parameter which Fargate\n\t\t\t\t\t\t\toverrides. The nofile resource limit sets a restriction on\n\t\t\t\t\t\t\tthe number of open files that a container can use. The default\n\t\t\t\t\t\t\t\tnofile soft limit is 1024 and hard limit\n\t\t\t\t\t\t\tis 4096.
\n This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'\n
\n \n This parameter is not supported for Windows containers.
\n "
+ "smithy.api#documentation": "A list of ulimits to set in the container. If a ulimit value\n\t\t\tis specified in a task definition, it overrides the default values set by Docker. This\n\t\t\tparameter maps to Ulimits in the Create a container section\n\t\t\tof the Docker Remote API and the --ulimit option to docker run. Valid naming values are displayed\n\t\t\tin the Ulimit data type.
\n Amazon ECS tasks hosted on Fargate use the default\n\t\t\t\t\t\t\tresource limit values set by the operating system with the exception of\n\t\t\t\t\t\t\tthe nofile resource limit parameter which Fargate\n\t\t\t\t\t\t\toverrides. The nofile resource limit sets a restriction on\n\t\t\t\t\t\t\tthe number of open files that a container can use. The default\n\t\t\t\t\t\t\t\tnofile soft limit is 1024 and the default hard limit\n\t\t\t\t\t\t\tis 4096.
\n This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'\n
\n \n This parameter is not supported for Windows containers.
\n "
}
},
"logConfiguration": {
@@ -2811,6 +2853,9 @@
"smithy.api#documentation": "The metadata that you apply to the capacity provider to categorize and organize them\n\t\t\tmore conveniently. Each tag consists of a key and an optional value. You define both of\n\t\t\tthem.
\n The following basic restrictions apply to tags:
\n \n - \n
Maximum number of tags per resource - 50
\n \n - \n
For each resource, each tag key must be unique, and each tag key can have only\n one value.
\n \n - \n
Maximum key length - 128 Unicode characters in UTF-8
\n \n - \n
Maximum value length - 256 Unicode characters in UTF-8
\n \n - \n
If your tagging schema is used across multiple services and resources,\n remember that other services may have restrictions on allowed characters.\n Generally allowed characters are: letters, numbers, and spaces representable in\n UTF-8, and the following characters: + - = . _ : / @.
\n \n - \n
Tag keys and values are case-sensitive.
\n \n - \n
Do not use aws:, AWS:, or any upper or lowercase\n combination of such as a prefix for either keys or values as it is reserved for\n Amazon Web Services use. You cannot edit or delete tag keys or values with this prefix. Tags with\n this prefix do not count against your tags per resource limit.
\n \n
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#CreateCapacityProviderResponse": {
@@ -2822,6 +2867,9 @@
"smithy.api#documentation": "The full description of the new capacity provider.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#CreateCluster": {
@@ -2844,7 +2892,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a new Amazon ECS cluster. By default, your account receives a default\n\t\t\tcluster when you launch your first container instance. However, you can create your own\n\t\t\tcluster with a unique name with the CreateCluster action.
\n \n When you call the CreateCluster API operation, Amazon ECS attempts to\n\t\t\t\tcreate the Amazon ECS service-linked role for your account. This is so that it can manage\n\t\t\t\trequired resources in other Amazon Web Services services on your behalf. However, if the IAM user\n\t\t\t\tthat makes the call doesn't have permissions to create the service-linked role, it\n\t\t\t\tisn't created. For more information, see Using\n\t\t\t\t\tservice-linked roles for Amazon ECS in the Amazon Elastic Container Service Developer Guide.
\n "
+ "smithy.api#documentation": "Creates a new Amazon ECS cluster. By default, your account receives a default\n\t\t\tcluster when you launch your first container instance. However, you can create your own\n\t\t\tcluster with a unique name with the CreateCluster action.
\n \n When you call the CreateCluster API operation, Amazon ECS attempts to\n\t\t\t\tcreate the Amazon ECS service-linked role for your account. This is so that it can manage\n\t\t\t\trequired resources in other Amazon Web Services services on your behalf. However, if the user\n\t\t\t\tthat makes the call doesn't have permissions to create the service-linked role, it\n\t\t\t\tisn't created. For more information, see Using\n\t\t\t\t\tservice-linked roles for Amazon ECS in the Amazon Elastic Container Service Developer Guide.
\n "
}
},
"com.amazonaws.ecs#CreateClusterRequest": {
@@ -2877,13 +2925,13 @@
"capacityProviders": {
"target": "com.amazonaws.ecs#StringList",
"traits": {
- "smithy.api#documentation": "The short name of one or more capacity providers to associate with the cluster. A\n\t\t\tcapacity provider must be associated with a cluster before it can be included as part of\n\t\t\tthe default capacity provider strategy of the cluster or used in a capacity provider\n\t\t\tstrategy when calling the CreateService or RunTask\n\t\t\tactions.
\n If specifying a capacity provider that uses an Auto Scaling group, the capacity\n\t\t\tprovider must be created but not associated with another cluster. New Auto Scaling group\n\t\t\tcapacity providers can be created with the CreateCapacityProvider API\n\t\t\toperation.
\n To use a Fargate capacity provider, specify either the FARGATE or\n\t\t\t\tFARGATE_SPOT capacity providers. The Fargate capacity providers are\n\t\t\tavailable to all accounts and only need to be associated with a cluster to be\n\t\t\tused.
\n The PutClusterCapacityProviders API operation is used to update the\n\t\t\tlist of available capacity providers for a cluster after the cluster is created.
"
+ "smithy.api#documentation": "The short name of one or more capacity providers to associate with the cluster. A\n\t\t\tcapacity provider must be associated with a cluster before it can be included as part of\n\t\t\tthe default capacity provider strategy of the cluster or used in a capacity provider\n\t\t\tstrategy when calling the CreateService or RunTask\n\t\t\tactions.
\n If specifying a capacity provider that uses an Auto Scaling group, the capacity\n\t\t\tprovider must be created but not associated with another cluster. New Auto Scaling group\n\t\t\tcapacity providers can be created with the CreateCapacityProvider API\n\t\t\toperation.
\n To use a Fargate capacity provider, specify either the FARGATE or\n\t\t\t\tFARGATE_SPOT capacity providers. The Fargate capacity providers are\n\t\t\tavailable to all accounts and only need to be associated with a cluster to be\n\t\t\tused.
\n The PutCapacityProvider API operation is used to update the\n\t\t\tlist of available capacity providers for a cluster after the cluster is created.
"
}
},
"defaultCapacityProviderStrategy": {
"target": "com.amazonaws.ecs#CapacityProviderStrategy",
"traits": {
- "smithy.api#documentation": "The capacity provider strategy to set as the default for the cluster. After a default\n\t\t\tcapacity provider strategy is set for a cluster, when you call the RunTask or CreateService APIs with no capacity\n\t\t\tprovider strategy or launch type specified, the default capacity provider strategy for\n\t\t\tthe cluster is used.
\n If a default capacity provider strategy isn't defined for a cluster when it was\n\t\t\tcreated, it can be defined later with the PutClusterCapacityProviders\n\t\t\tAPI operation.
"
+ "smithy.api#documentation": "The capacity provider strategy to set as the default for the cluster. After a default\n\t\t\tcapacity provider strategy is set for a cluster, when you call the CreateService or RunTask APIs with no capacity\n\t\t\tprovider strategy or launch type specified, the default capacity provider strategy for\n\t\t\tthe cluster is used.
\n If a default capacity provider strategy isn't defined for a cluster when it was\n\t\t\tcreated, it can be defined later with the PutClusterCapacityProviders\n\t\t\tAPI operation.
"
}
},
"serviceConnectDefaults": {
@@ -2892,6 +2940,9 @@
"smithy.api#documentation": "Use this parameter to set a default Service Connect namespace. After you set a default \n\tService Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as\n\tclient services in the namespace. This setting only applies to new services that set the enabled parameter to\n\ttrue in the ServiceConnectConfiguration.\n\tYou can set the namespace of each service individually in the ServiceConnectConfiguration to override this default\n\tparameter.
\n Tasks that run in a namespace can use short names to connect\n\tto services in the namespace. Tasks can connect to services across all of the clusters in the namespace.\n\tTasks connect through a managed proxy container\n\tthat collects logs and metrics for increased visibility.\n\tOnly the tasks that Amazon ECS services create are supported with Service Connect.\n\tFor more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#CreateClusterResponse": {
@@ -2903,6 +2954,9 @@
"smithy.api#documentation": "The full description of your new cluster.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#CreateService": {
@@ -3090,6 +3144,9 @@
"smithy.api#documentation": "The configuration for this service to discover and connect to\n\tservices, and be discovered by, and connected from, other services within a namespace.
\n Tasks that run in a namespace can use short names to connect\n\tto services in the namespace. Tasks can connect to services across all of the clusters in the namespace.\n\tTasks connect through a managed proxy container\n\tthat collects logs and metrics for increased visibility.\n\tOnly the tasks that Amazon ECS services create are supported with Service Connect.\n\tFor more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#CreateServiceResponse": {
@@ -3101,6 +3158,9 @@
"smithy.api#documentation": "The full description of your service following the create call.
\n A service will return either a capacityProviderStrategy or\n\t\t\t\tlaunchType parameter, but not both, depending where one was specified\n\t\t\twhen it was created.
\n If a service is using the ECS deployment controller, the\n\t\t\t\tdeploymentController and taskSets parameters will not be\n\t\t\treturned.
\n if the service uses the CODE_DEPLOY deployment controller, the\n\t\t\t\tdeploymentController, taskSets and\n\t\t\t\tdeployments parameters will be returned, however the\n\t\t\t\tdeployments parameter will be an empty list.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#CreateTaskSet": {
@@ -3234,6 +3294,9 @@
"smithy.api#documentation": "The metadata that you apply to the task set to help you categorize and organize them.\n\t\t\tEach tag consists of a key and an optional value. You define both. When a service is\n\t\t\tdeleted, the tags are deleted.
\n The following basic restrictions apply to tags:
\n \n - \n
Maximum number of tags per resource - 50
\n \n - \n
For each resource, each tag key must be unique, and each tag key can have only\n one value.
\n \n - \n
Maximum key length - 128 Unicode characters in UTF-8
\n \n - \n
Maximum value length - 256 Unicode characters in UTF-8
\n \n - \n
If your tagging schema is used across multiple services and resources,\n remember that other services may have restrictions on allowed characters.\n Generally allowed characters are: letters, numbers, and spaces representable in\n UTF-8, and the following characters: + - = . _ : / @.
\n \n - \n
Tag keys and values are case-sensitive.
\n \n - \n
Do not use aws:, AWS:, or any upper or lowercase\n combination of such as a prefix for either keys or values as it is reserved for\n Amazon Web Services use. You cannot edit or delete tag keys or values with this prefix. Tags with\n this prefix do not count against your tags per resource limit.
\n \n
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#CreateTaskSetResponse": {
@@ -3245,6 +3308,9 @@
"smithy.api#documentation": "Information about a set of Amazon ECS tasks in either an CodeDeploy or an\n\t\t\t\tEXTERNAL deployment. A task set includes details such as the desired\n\t\t\tnumber of tasks, how many tasks are running, and whether the task set serves production\n\t\t\ttraffic.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DeleteAccountSetting": {
@@ -3267,7 +3333,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Disables an account setting for a specified IAM user, IAM role, or the root user for\n\t\t\tan account.
"
+ "smithy.api#documentation": "Disables an account setting for a specified user, role, or the root user for\n\t\t\tan account.
"
}
},
"com.amazonaws.ecs#DeleteAccountSettingRequest": {
@@ -3283,9 +3349,12 @@
"principalArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the principal. It can be an IAM user, IAM role, or\n\t\t\tthe root user. If you specify the root user, it disables the account setting for all IAM\n\t\t\tusers, IAM roles, and the root user of the account unless an IAM user or role explicitly\n\t\t\toverrides these settings. If this field is omitted, the setting is changed only for the\n\t\t\tauthenticated user.
"
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the principal. It can be an user, role, or\n\t\t\tthe root user. If you specify the root user, it disables the account setting for all users, roles, and the root user of the account unless a user or role explicitly\n\t\t\toverrides these settings. If this field is omitted, the setting is changed only for the\n\t\t\tauthenticated user.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DeleteAccountSettingResponse": {
@@ -3297,6 +3366,9 @@
"smithy.api#documentation": "The account setting for the specified principal ARN.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DeleteAttributes": {
@@ -3338,6 +3410,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DeleteAttributesResponse": {
@@ -3349,6 +3424,9 @@
"smithy.api#documentation": "A list of attribute objects that were successfully deleted from your resource.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DeleteCapacityProvider": {
@@ -3384,6 +3462,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DeleteCapacityProviderResponse": {
@@ -3395,6 +3476,9 @@
"smithy.api#documentation": "The details of the capacity provider.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DeleteCluster": {
@@ -3445,6 +3529,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DeleteClusterResponse": {
@@ -3456,6 +3543,9 @@
"smithy.api#documentation": "The full description of the deleted cluster.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DeleteService": {
@@ -3509,6 +3599,9 @@
"smithy.api#documentation": "If true, allows you to delete a service even if it wasn't scaled down to\n\t\t\tzero tasks. It's only necessary to use this if the service uses the REPLICA\n\t\t\tscheduling strategy.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DeleteServiceResponse": {
@@ -3520,6 +3613,70 @@
"smithy.api#documentation": "The full description of the deleted service.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
+ }
+ },
+ "com.amazonaws.ecs#DeleteTaskDefinitions": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.ecs#DeleteTaskDefinitionsRequest"
+ },
+ "output": {
+ "target": "com.amazonaws.ecs#DeleteTaskDefinitionsResponse"
+ },
+ "errors": [
+ {
+ "target": "com.amazonaws.ecs#AccessDeniedException"
+ },
+ {
+ "target": "com.amazonaws.ecs#ClientException"
+ },
+ {
+ "target": "com.amazonaws.ecs#InvalidParameterException"
+ },
+ {
+ "target": "com.amazonaws.ecs#ServerException"
+ }
+ ],
+ "traits": {
+ "smithy.api#documentation": "Deletes one or more task definitions.
\n You must deregister a task definition revision before you delete it. For more information,\n\t\t\tsee DeregisterTaskDefinition.
\n When you delete a task definition revision, it is immediately transitions from the\n\t\tINACTIVE to DELETE_IN_PROGRESS. Existing tasks and services\n\t\tthat reference a DELETE_IN_PROGRESS task definition revision continue to run\n\t\twithout disruption. Existing services that reference a DELETE_IN_PROGRESS task\n\t\tdefinition revision can still scale up or down by modifying the service's desired\n\t\tcount.
\n You can't use a DELETE_IN_PROGRESS task definition revision to run new tasks\n\t\t\tor create new services. You also can't update an existing service to reference a\n\t\t\tDELETE_IN_PROGRESS task definition revision.
\n A task definition revision will stay in DELETE_IN_PROGRESS status until\n\t\t\tall the associated tasks and services have been terminated.
"
+ }
+ },
+ "com.amazonaws.ecs#DeleteTaskDefinitionsRequest": {
+ "type": "structure",
+ "members": {
+ "taskDefinitions": {
+ "target": "com.amazonaws.ecs#StringList",
+ "traits": {
+ "smithy.api#documentation": "The family and revision (family:revision) or\n\t\t\tfull Amazon Resource Name (ARN) of the task definition to delete. You must specify a\n\t\t\t\trevision.
\n You can specify up to 10 task definitions as a comma separated list.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.ecs#DeleteTaskDefinitionsResponse": {
+ "type": "structure",
+ "members": {
+ "taskDefinitions": {
+ "target": "com.amazonaws.ecs#TaskDefinitionList",
+ "traits": {
+ "smithy.api#documentation": "The list of deleted task definitions.
"
+ }
+ },
+ "failures": {
+ "target": "com.amazonaws.ecs#Failures",
+ "traits": {
+ "smithy.api#documentation": "Any failures associated with the call.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DeleteTaskSet": {
@@ -3593,6 +3750,9 @@
"smithy.api#documentation": "If true, you can delete a task set even if it hasn't been scaled down to\n\t\t\tzero.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DeleteTaskSetResponse": {
@@ -3604,6 +3764,9 @@
"smithy.api#documentation": "Details about the task set.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#Deployment": {
@@ -3778,7 +3941,7 @@
}
},
"traits": {
- "smithy.api#documentation": "\n The deployment circuit breaker can only be used for services using the rolling\n\t\t\t\tupdate (ECS) deployment type that aren't behind a Classic Load Balancer.
\n \n The deployment circuit breaker determines whether a\n\t\t\tservice deployment will fail if the service can't reach a steady state. If enabled, a\n\t\t\tservice deployment will transition to a failed state and stop launching new tasks. You\n\t\t\tcan also configure Amazon ECS to roll back your service to the last completed deployment\n\t\t\tafter a failure. For more information, see Rolling\n\t\t\t\tupdate in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "\n The deployment circuit breaker can only be used for services using the rolling\n\t\t\t\tupdate (ECS) deployment type.
\n \n The deployment circuit breaker determines whether a\n\t\t\tservice deployment will fail if the service can't reach a steady state. If enabled, a\n\t\t\tservice deployment will transition to a failed state and stop launching new tasks. You\n\t\t\tcan also configure Amazon ECS to roll back your service to the last completed deployment\n\t\t\tafter a failure. For more information, see Rolling\n\t\t\t\tupdate in the Amazon Elastic Container Service Developer Guide.
"
}
},
"com.amazonaws.ecs#DeploymentConfiguration": {
@@ -3787,7 +3950,7 @@
"deploymentCircuitBreaker": {
"target": "com.amazonaws.ecs#DeploymentCircuitBreaker",
"traits": {
- "smithy.api#documentation": "\n The deployment circuit breaker can only be used for services using the rolling\n\t\t\t\tupdate (ECS) deployment type.
\n \n The deployment circuit breaker determines whether a\n\t\t\tservice deployment will fail if the service can't reach a steady state. If deployment\n\t\t\tcircuit breaker is enabled, a service deployment will transition to a failed state and\n\t\t\tstop launching new tasks. If rollback is enabled, when a service deployment fails, the\n\t\t\tservice is rolled back to the last deployment that completed successfully.
"
+ "smithy.api#documentation": "\n The deployment circuit breaker can only be used for services using the rolling\n\t\t\t\tupdate (ECS) deployment type.
\n \n The deployment circuit breaker determines whether a\n\t\t\tservice deployment will fail if the service can't reach a steady state. If you use the deployment\n\t\t\tcircuit breaker, a service deployment will transition to a failed state and\n\t\t\tstop launching new tasks. If you use the rollback option, when a service deployment fails, the\n\t\t\tservice is rolled back to the last deployment that completed successfully. For more information, see Rolling\n\t\t\t\tupdate in the Amazon Elastic Container Service Developer\n\t\t\t\t\tGuide\n
"
}
},
"maximumPercent": {
@@ -3928,6 +4091,9 @@
"smithy.api#documentation": "Forces the container instance to be deregistered. If you have tasks running on the\n\t\t\tcontainer instance when you deregister it with the force option, these\n\t\t\ttasks remain running until you terminate the instance or the tasks stop through some\n\t\t\tother means, but they're orphaned (no longer monitored or accounted for by Amazon ECS). If an\n\t\t\torphaned task on your container instance is part of an Amazon ECS service, then the service\n\t\t\tscheduler starts another copy of that task, on a different container instance if\n\t\t\tpossible.
\n Any containers in orphaned service tasks that are registered with a Classic Load Balancer or an Application Load Balancer\n\t\t\ttarget group are deregistered. They begin connection draining according to the settings\n\t\t\ton the load balancer or target group.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DeregisterContainerInstanceResponse": {
@@ -3939,6 +4105,9 @@
"smithy.api#documentation": "The container instance that was deregistered.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DeregisterTaskDefinition": {
@@ -3961,7 +4130,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deregisters the specified task definition by family and revision. Upon deregistration,\n\t\t\tthe task definition is marked as INACTIVE. Existing tasks and services that\n\t\t\treference an INACTIVE task definition continue to run without disruption.\n\t\t\tExisting services that reference an INACTIVE task definition can still\n\t\t\tscale up or down by modifying the service's desired count.
\n You can't use an INACTIVE task definition to run new tasks or create new\n\t\t\tservices, and you can't update an existing service to reference an INACTIVE\n\t\t\ttask definition. However, there may be up to a 10-minute window following deregistration\n\t\t\twhere these restrictions have not yet taken effect.
\n \n At this time, INACTIVE task definitions remain discoverable in your\n\t\t\t\taccount indefinitely. However, this behavior is subject to change in the future. We\n\t\t\t\tdon't recommend that you rely on INACTIVE task definitions persisting\n\t\t\t\tbeyond the lifecycle of any associated tasks and services.
\n "
+ "smithy.api#documentation": "Deregisters the specified task definition by family and revision. Upon deregistration, the\n\t\t\ttask definition is marked as INACTIVE. Existing tasks and services that\n\t\t\treference an INACTIVE task definition continue to run without disruption.\n\t\t\tExisting services that reference an INACTIVE task definition can still\n\t\t\tscale up or down by modifying the service's desired count. If you want to delete a task\n\t\t\tdefinition revision, you must first deregister the task definition revision.
\n You can't use an INACTIVE task definition to run new tasks or create new\n\t\t\tservices, and you can't update an existing service to reference an INACTIVE\n\t\t\ttask definition. However, there may be up to a 10-minute window following deregistration\n\t\t\twhere these restrictions have not yet taken effect.
\n \n At this time, INACTIVE task definitions remain discoverable in your\n\t\t\t\taccount indefinitely. However, this behavior is subject to change in the future. We\n\t\t\t\tdon't recommend that you rely on INACTIVE task definitions persisting\n\t\t\t\tbeyond the lifecycle of any associated tasks and services.
\n \n You must deregister a task definition revision before you delete it. For more information,\n\t\t\tsee DeleteTaskDefinitions.
"
}
},
"com.amazonaws.ecs#DeregisterTaskDefinitionRequest": {
@@ -3974,6 +4143,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DeregisterTaskDefinitionResponse": {
@@ -3985,6 +4157,9 @@
"smithy.api#documentation": "The full description of the deregistered task.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DescribeCapacityProviders": {
@@ -4037,6 +4212,9 @@
"smithy.api#documentation": "The nextToken value returned from a previous paginated\n\t\t\t\tDescribeCapacityProviders request where maxResults was\n\t\t\tused and the results exceeded the value of that parameter. Pagination continues from the\n\t\t\tend of the previous results that returned the nextToken value.
\n \n This token should be treated as an opaque identifier that is only used to\n retrieve the next items in a list and not for other programmatic purposes.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DescribeCapacityProvidersResponse": {
@@ -4060,6 +4238,9 @@
"smithy.api#documentation": "The nextToken value to include in a future\n\t\t\t\tDescribeCapacityProviders request. When the results of a\n\t\t\t\tDescribeCapacityProviders request exceed maxResults, this\n\t\t\tvalue can be used to retrieve the next page of results. This value is null\n\t\t\twhen there are no more results to return.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DescribeClusters": {
@@ -4100,6 +4281,9 @@
"smithy.api#documentation": "Determines whether to include additional information about the clusters in the\n\t\t\tresponse. If this field is omitted, this information isn't included.
\n If ATTACHMENTS is specified, the attachments for the container instances\n\t\t\tor tasks within the cluster are included, for example the capacity providers.
\n If SETTINGS is specified, the settings for the cluster are\n\t\t\tincluded.
\n If CONFIGURATIONS is specified, the configuration for the cluster is\n\t\t\tincluded.
\n If STATISTICS is specified, the task and service count is included,\n\t\t\tseparated by launch type.
\n If TAGS is specified, the metadata tags associated with the cluster are\n\t\t\tincluded.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DescribeClustersResponse": {
@@ -4117,6 +4301,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DescribeContainerInstances": {
@@ -4167,6 +4354,9 @@
"smithy.api#documentation": "Specifies whether you want to see the resource tags for the container instance. If\n\t\t\t\tTAGS is specified, the tags are included in the response. If\n\t\t\t\tCONTAINER_INSTANCE_HEALTH is specified, the container instance health\n\t\t\tis included in the response. If this field is omitted, tags and container instance\n\t\t\thealth status aren't included in the response.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DescribeContainerInstancesResponse": {
@@ -4184,6 +4374,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DescribeServices": {
@@ -4306,6 +4499,9 @@
"smithy.api#documentation": "Determines whether you want to see the resource tags for the service. If\n\t\t\t\tTAGS is specified, the tags are included in the response. If this field\n\t\t\tis omitted, tags aren't included in the response.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DescribeServicesResponse": {
@@ -4323,6 +4519,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DescribeTaskDefinition": {
@@ -4364,6 +4563,9 @@
"smithy.api#documentation": "Determines whether to see the resource tags for the task definition. If\n\t\t\t\tTAGS is specified, the tags are included in the response. If this field\n\t\t\tis omitted, tags aren't included in the response.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DescribeTaskDefinitionResponse": {
@@ -4381,6 +4583,9 @@
"smithy.api#documentation": "The metadata that's applied to the task definition to help you categorize and organize\n\t\t\tthem. Each tag consists of a key and an optional value. You define both.
\n The following basic restrictions apply to tags:
\n \n - \n
Maximum number of tags per resource - 50
\n \n - \n
For each resource, each tag key must be unique, and each tag key can have only\n one value.
\n \n - \n
Maximum key length - 128 Unicode characters in UTF-8
\n \n - \n
Maximum value length - 256 Unicode characters in UTF-8
\n \n - \n
If your tagging schema is used across multiple services and resources,\n remember that other services may have restrictions on allowed characters.\n Generally allowed characters are: letters, numbers, and spaces representable in\n UTF-8, and the following characters: + - = . _ : / @.
\n \n - \n
Tag keys and values are case-sensitive.
\n \n - \n
Do not use aws:, AWS:, or any upper or lowercase\n combination of such as a prefix for either keys or values as it is reserved for\n Amazon Web Services use. You cannot edit or delete tag keys or values with this prefix. Tags with\n this prefix do not count against your tags per resource limit.
\n \n
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DescribeTaskSets": {
@@ -4450,6 +4655,9 @@
"smithy.api#documentation": "Specifies whether to see the resource tags for the task set. If TAGS is\n\t\t\tspecified, the tags are included in the response. If this field is omitted, tags aren't\n\t\t\tincluded in the response.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DescribeTaskSetsResponse": {
@@ -4467,6 +4675,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DescribeTasks": {
@@ -4569,6 +4780,9 @@
"smithy.api#documentation": "Specifies whether you want to see the resource tags for the task. If TAGS\n\t\t\tis specified, the tags are included in the response. If this field is omitted, tags\n\t\t\taren't included in the response.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DescribeTasksResponse": {
@@ -4586,6 +4800,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DesiredStatus": {
@@ -4708,6 +4925,9 @@
"smithy.api#documentation": "The short name or full Amazon Resource Name (ARN) of the cluster that the container instance belongs\n\t\t\tto.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#DiscoverPollEndpointResponse": {
@@ -4731,6 +4951,9 @@
"smithy.api#documentation": "The endpoint for the Amazon ECS agent to poll for Service Connect configuration.\n\t\t\tFor more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#DockerLabelsMap": {
@@ -4798,7 +5021,7 @@
"iam": {
"target": "com.amazonaws.ecs#EFSAuthorizationConfigIAM",
"traits": {
- "smithy.api#documentation": "Determines whether to use the Amazon ECS task IAM role defined in a task definition when\n\t\t\tmounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the\n\t\t\t\tEFSVolumeConfiguration. If this parameter is omitted, the default value\n\t\t\tof DISABLED is used. For more information, see Using\n\t\t\t\tAmazon EFS access points in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "Determines whether to use the Amazon ECS task role defined in a task definition when\n\t\t\tmounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the\n\t\t\t\tEFSVolumeConfiguration. If this parameter is omitted, the default value\n\t\t\tof DISABLED is used. For more information, see Using\n\t\t\t\tAmazon EFS access points in the Amazon Elastic Container Service Developer Guide.
"
}
}
},
@@ -5011,7 +5234,7 @@
"target": "com.amazonaws.ecs#Boolean",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "Determines whether to use encryption on the CloudWatch logs. If not specified,\n\t\t\tencryption will be disabled.
"
+ "smithy.api#documentation": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption\n\t\t\twill be off.
"
}
},
"s3BucketName": {
@@ -5098,6 +5321,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ExecuteCommandResponse": {
@@ -5140,6 +5366,9 @@
"smithy.api#documentation": "The Amazon Resource Name (ARN) of the task.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#FSxWindowsFileServerAuthorizationConfig": {
@@ -5323,6 +5552,9 @@
"smithy.api#documentation": "A list of up to 100 task IDs or full ARN entries.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#GetTaskProtectionResponse": {
@@ -5340,6 +5572,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#GpuIds": {
@@ -5354,7 +5589,7 @@
"command": {
"target": "com.amazonaws.ecs#StringList",
"traits": {
- "smithy.api#documentation": "A string array representing the command that the container runs to determine if it is\n\t\t\thealthy. The string array must start with CMD to run the command arguments\n\t\t\tdirectly, or CMD-SHELL to run the command with the container's default\n\t\t\tshell.
\n When you use the Amazon Web Services Management Console JSON panel, the Command Line Interface, or the APIs, enclose the list\n\t\t\tof commands in brackets.
\n \n [ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]\n
\n You don't need to include the brackets when you use the Amazon Web Services Management Console.
\n \n \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" \n
\n An exit code of 0 indicates success, and non-zero exit code indicates failure. For\n\t\t\tmore information, see HealthCheck in the Create a container\n\t\t\tsection of the Docker Remote API.
",
+ "smithy.api#documentation": "A string array representing the command that the container runs to determine if it is\n\t\t\thealthy. The string array must start with CMD to run the command arguments\n\t\t\tdirectly, or CMD-SHELL to run the command with the container's default\n\t\t\tshell.
\n When you use the Amazon Web Services Management Console JSON panel, the Command Line Interface, or the APIs, enclose the list of\n\t\t\tcommands in double quotes and brackets.
\n \n [ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]\n
\n You don't include the double quotes and brackets when you use the Amazon Web Services Management Console.
\n \n CMD-SHELL, curl -f http://localhost/ || exit 1\n
\n An exit code of 0 indicates success, and non-zero exit code indicates failure. For\n\t\t\tmore information, see HealthCheck in the Create a container\n\t\t\tsection of the Docker Remote API.
",
"smithy.api#required": {}
}
},
@@ -5379,7 +5614,7 @@
"startPeriod": {
"target": "com.amazonaws.ecs#BoxedInteger",
"traits": {
- "smithy.api#documentation": "The optional grace period to provide containers time to bootstrap before failed health\n\t\t\tchecks count towards the maximum number of retries. You can specify between 0 and 300\n\t\t\tseconds. By default, the startPeriod is disabled.
\n \n If a health check succeeds within the startPeriod, then the container\n\t\t\t\tis considered healthy and any subsequent failures count toward the maximum number of\n\t\t\t\tretries.
\n "
+ "smithy.api#documentation": "The optional grace period to provide containers time to bootstrap before failed health\n\t\t\tchecks count towards the maximum number of retries. You can specify between 0 and 300\n\t\t\tseconds. By default, the startPeriod is off.
\n \n If a health check succeeds within the startPeriod, then the container\n\t\t\t\tis considered healthy and any subsequent failures count toward the maximum number of\n\t\t\t\tretries.
\n "
}
}
},
@@ -5797,7 +6032,7 @@
"principalArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The ARN of the principal, which can be an IAM user, IAM role, or the root user. If\n\t\t\tthis field is omitted, the account settings are listed only for the authenticated\n\t\t\tuser.
\n \n Federated users assume the account setting of the root user and can't have\n\t\t\t\texplicit account settings set for them.
\n "
+ "smithy.api#documentation": "The ARN of the principal, which can be a user, role, or the root user. If\n\t\t\tthis field is omitted, the account settings are listed only for the authenticated\n\t\t\tuser.
\n \n Federated users assume the account setting of the root user and can't have\n\t\t\t\texplicit account settings set for them.
\n "
}
},
"effectiveSettings": {
@@ -5820,6 +6055,9 @@
"smithy.api#documentation": "The maximum number of account setting results returned by\n\t\t\t\tListAccountSettings in paginated output. When this parameter is used,\n\t\t\t\tListAccountSettings only returns maxResults results in a\n\t\t\tsingle page along with a nextToken response element. The remaining results\n\t\t\tof the initial request can be seen by sending another ListAccountSettings\n\t\t\trequest with the returned nextToken value. This value can be between\n\t\t\t1 and 10. If this\n\t\t\tparameter isn't used, then ListAccountSettings returns up to\n\t\t\t10 results and a nextToken value\n\t\t\tif applicable.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListAccountSettingsResponse": {
@@ -5837,6 +6075,9 @@
"smithy.api#documentation": "The nextToken value to include in a future\n\t\t\t\tListAccountSettings request. When the results of a\n\t\t\t\tListAccountSettings request exceed maxResults, this value\n\t\t\tcan be used to retrieve the next page of results. This value is null when\n\t\t\tthere are no more results to return.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#ListAttributes": {
@@ -5905,6 +6146,9 @@
"smithy.api#documentation": "The maximum number of cluster results that ListAttributes returned in\n\t\t\tpaginated output. When this parameter is used, ListAttributes only returns\n\t\t\t\tmaxResults results in a single page along with a nextToken\n\t\t\tresponse element. The remaining results of the initial request can be seen by sending\n\t\t\tanother ListAttributes request with the returned nextToken\n\t\t\tvalue. This value can be between 1 and 100. If this\n\t\t\tparameter isn't used, then ListAttributes returns up to\n\t\t\t100 results and a nextToken value if applicable.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListAttributesResponse": {
@@ -5922,6 +6166,9 @@
"smithy.api#documentation": "The nextToken value to include in a future ListAttributes\n\t\t\trequest. When the results of a ListAttributes request exceed\n\t\t\t\tmaxResults, this value can be used to retrieve the next page of\n\t\t\tresults. This value is null when there are no more results to\n\t\t\treturn.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#ListClusters": {
@@ -5968,6 +6215,9 @@
"smithy.api#documentation": "The maximum number of cluster results that ListClusters returned in\n\t\t\tpaginated output. When this parameter is used, ListClusters only returns\n\t\t\t\tmaxResults results in a single page along with a nextToken\n\t\t\tresponse element. The remaining results of the initial request can be seen by sending\n\t\t\tanother ListClusters request with the returned nextToken\n\t\t\tvalue. This value can be between 1 and 100. If this\n\t\t\tparameter isn't used, then ListClusters returns up to 100\n\t\t\tresults and a nextToken value if applicable.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListClustersResponse": {
@@ -5985,6 +6235,9 @@
"smithy.api#documentation": "The nextToken value to include in a future ListClusters\n\t\t\trequest. When the results of a ListClusters request exceed\n\t\t\t\tmaxResults, this value can be used to retrieve the next page of\n\t\t\tresults. This value is null when there are no more results to\n\t\t\treturn.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#ListContainerInstances": {
@@ -6052,6 +6305,9 @@
"smithy.api#documentation": "Filters the container instances by status. For example, if you specify the\n\t\t\t\tDRAINING status, the results include only container instances that have\n\t\t\tbeen set to DRAINING using UpdateContainerInstancesState.\n\t\t\tIf you don't specify this parameter, the default is to include container instances set\n\t\t\tto all states other than INACTIVE.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListContainerInstancesResponse": {
@@ -6069,6 +6325,9 @@
"smithy.api#documentation": "The nextToken value to include in a future\n\t\t\t\tListContainerInstances request. When the results of a\n\t\t\t\tListContainerInstances request exceed maxResults, this\n\t\t\tvalue can be used to retrieve the next page of results. This value is null\n\t\t\twhen there are no more results to return.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#ListServices": {
@@ -6157,6 +6416,9 @@
"smithy.api#documentation": "The maximum number of service results that ListServicesByNamespace\n\t\t\treturns in paginated output. When this parameter is used,\n\t\t\t\tListServicesByNamespace only returns maxResults results in\n\t\t\ta single page along with a nextToken response element. The remaining\n\t\t\tresults of the initial request can be seen by sending another\n\t\t\t\tListServicesByNamespace request with the returned\n\t\t\t\tnextToken value. This value can be between 1 and\n\t\t\t100. If this parameter isn't used, then\n\t\t\t\tListServicesByNamespace returns up to\n\t\t\t10 results and a nextToken\n\t\t\tvalue if applicable.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListServicesByNamespaceResponse": {
@@ -6174,6 +6436,9 @@
"smithy.api#documentation": "The nextToken value to include in a future\n\t\t\t\tListServicesByNamespace request. When the results of a\n\t\t\t\tListServicesByNamespace request exceed maxResults, this\n\t\t\tvalue can be used to retrieve the next page of results. When there are no more results\n\t\t\tto return, this value is null.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#ListServicesRequest": {
@@ -6209,6 +6474,9 @@
"smithy.api#documentation": "The scheduling strategy to use when filtering the ListServices\n\t\t\tresults.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListServicesResponse": {
@@ -6226,6 +6494,9 @@
"smithy.api#documentation": "The nextToken value to include in a future ListServices\n\t\t\trequest. When the results of a ListServices request exceed\n\t\t\t\tmaxResults, this value can be used to retrieve the next page of\n\t\t\tresults. This value is null when there are no more results to\n\t\t\treturn.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#ListTagsForResource": {
@@ -6264,6 +6535,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListTagsForResourceResponse": {
@@ -6275,6 +6549,9 @@
"smithy.api#documentation": "The tags for the resource.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#ListTaskDefinitionFamilies": {
@@ -6333,6 +6610,9 @@
"smithy.api#documentation": "The maximum number of task definition family results that\n\t\t\t\tListTaskDefinitionFamilies returned in paginated output. When this\n\t\t\tparameter is used, ListTaskDefinitions only returns maxResults\n\t\t\tresults in a single page along with a nextToken response element. The\n\t\t\tremaining results of the initial request can be seen by sending another\n\t\t\t\tListTaskDefinitionFamilies request with the returned\n\t\t\t\tnextToken value. This value can be between 1 and\n\t\t\t100. If this parameter isn't used, then\n\t\t\t\tListTaskDefinitionFamilies returns up to 100 results\n\t\t\tand a nextToken value if applicable.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListTaskDefinitionFamiliesResponse": {
@@ -6350,6 +6630,9 @@
"smithy.api#documentation": "The nextToken value to include in a future\n\t\t\t\tListTaskDefinitionFamilies request. When the results of a\n\t\t\t\tListTaskDefinitionFamilies request exceed maxResults, this\n\t\t\tvalue can be used to retrieve the next page of results. This value is null\n\t\t\twhen there are no more results to return.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#ListTaskDefinitions": {
@@ -6414,6 +6697,9 @@
"smithy.api#documentation": "The maximum number of task definition results that ListTaskDefinitions\n\t\t\treturned in paginated output. When this parameter is used,\n\t\t\t\tListTaskDefinitions only returns maxResults results in a\n\t\t\tsingle page along with a nextToken response element. The remaining results\n\t\t\tof the initial request can be seen by sending another ListTaskDefinitions\n\t\t\trequest with the returned nextToken value. This value can be between\n\t\t\t1 and 100. If this parameter isn't used, then\n\t\t\t\tListTaskDefinitions returns up to 100 results and a\n\t\t\t\tnextToken value if applicable.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListTaskDefinitionsResponse": {
@@ -6431,6 +6717,9 @@
"smithy.api#documentation": "The nextToken value to include in a future\n\t\t\t\tListTaskDefinitions request. When the results of a\n\t\t\t\tListTaskDefinitions request exceed maxResults, this value\n\t\t\tcan be used to retrieve the next page of results. This value is null when\n\t\t\tthere are no more results to return.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#ListTasks": {
@@ -6525,6 +6814,9 @@
"smithy.api#documentation": "The launch type to use when filtering the ListTasks results.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#ListTasksResponse": {
@@ -6542,6 +6834,9 @@
"smithy.api#documentation": "The nextToken value to include in a future ListTasks\n\t\t\trequest. When the results of a ListTasks request exceed\n\t\t\t\tmaxResults, this value can be used to retrieve the next page of\n\t\t\tresults. This value is null when there are no more results to\n\t\t\treturn.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#LoadBalancer": {
@@ -6802,7 +7097,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The managed scaling settings for the Auto Scaling group capacity provider.
\n When managed scaling is enabled, Amazon ECS manages the scale-in and scale-out actions of\n\t\t\tthe Auto Scaling group. Amazon ECS manages a target tracking scaling policy using an Amazon ECS\n\t\t\tmanaged CloudWatch metric with the specified targetCapacity value as the target\n\t\t\tvalue for the metric. For more information, see Using managed scaling in the Amazon Elastic Container Service Developer Guide.
\n If managed scaling is disabled, the user must manage the scaling of the Auto Scaling\n\t\t\tgroup.
"
+ "smithy.api#documentation": "The managed scaling settings for the Auto Scaling group capacity provider.
\n When managed scaling is enabled, Amazon ECS manages the scale-in and scale-out actions of\n\t\t\tthe Auto Scaling group. Amazon ECS manages a target tracking scaling policy using an Amazon ECS\n\t\t\tmanaged CloudWatch metric with the specified targetCapacity value as the target\n\t\t\tvalue for the metric. For more information, see Using managed scaling in the Amazon Elastic Container Service Developer Guide.
\n If managed scaling is off, the user must manage the scaling of the Auto Scaling\n\t\t\tgroup.
"
}
},
"com.amazonaws.ecs#ManagedScalingInstanceWarmupPeriod": {
@@ -6952,7 +7247,7 @@
"containerPortRange": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The port number range on the container that's bound to the dynamically mapped host port range.
\n The following rules apply when you specify a containerPortRange:
\n \n - \n
You must use either the bridge network mode or the awsvpc\n\t\t\t\t\tnetwork mode.
\n \n - \n
This parameter is available for both the EC2 and Fargate launch types.
\n \n - \n
This parameter is available for both the Linux and Windows operating systems.
\n \n - \n
The container instance must have at least version 1.67.0 of the container agent\n\t\t\t\t\tand at least version 1.67.0-1 of the ecs-init package
\n \n - \n
You can specify a maximum of 100 port ranges per container.
\n \n - \n
You do not specify a hostPortRange. The value of the hostPortRange is set\n\t\t\t\t\tas follows:
\n \n - \n
For containers in a task with the awsvpc network mode,\n\t\t\t\t\t\t\tthe hostPort is set to the same value as the\n\t\t\t\t\t\t\t\tcontainerPort. This is a static mapping\n\t\t\t\t\t\t\tstrategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.
\n \n
\n \n - \n
The containerPortRange valid values are between 1 and\n\t\t\t\t\t65535.
\n \n - \n
A port can only be included in one port mapping per container.
\n \n - \n
You cannot specify overlapping port ranges.
\n \n - \n
The first port in the range must be less than last port in the range.
\n \n - \n
Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.
\n For more information, see Issue #11185 on the Github website.
\n For information about how to turn off the docker-proxy in the Docker daemon config file, see Docker daemon in the Amazon ECS Developer Guide.
\n \n
\n You can call \n DescribeTasks\n to view the hostPortRange which\n\t\t\tare the host ports that are bound to the container ports.
"
+ "smithy.api#documentation": "The port number range on the container that's bound to the dynamically mapped host port\n\t\t\trange.
\n The following rules apply when you specify a containerPortRange:
\n \n - \n
You must use either the bridge network mode or the awsvpc\n\t\t\t\t\tnetwork mode.
\n \n - \n
This parameter is available for both the EC2 and Fargate launch types.
\n \n - \n
This parameter is available for both the Linux and Windows operating systems.
\n \n - \n
The container instance must have at least version 1.67.0 of the container agent\n\t\t\t\t\tand at least version 1.67.0-1 of the ecs-init package
\n \n - \n
You can specify a maximum of 100 port ranges per container.
\n \n - \n
You do not specify a hostPortRange. The value of the hostPortRange is set\n\t\t\t\t\tas follows:
\n \n - \n
For containers in a task with the awsvpc network mode,\n\t\t\t\t\t\t\tthe hostPort is set to the same value as the\n\t\t\t\t\t\t\t\tcontainerPort. This is a static mapping\n\t\t\t\t\t\t\tstrategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.
\n \n
\n \n - \n
The containerPortRange valid values are between 1 and\n\t\t\t\t\t65535.
\n \n - \n
A port can only be included in one port mapping per container.
\n \n - \n
You cannot specify overlapping port ranges.
\n \n - \n
The first port in the range must be less than last port in the range.
\n \n - \n
Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.
\n For more information, see Issue #11185 on the Github website.
\n For information about how to turn off the docker-proxy in the Docker daemon config file, see Docker daemon in the Amazon ECS Developer Guide.
\n \n
\n You can call \n DescribeTasks\n to view the hostPortRange which\n\t\t\tare the host ports that are bound to the container ports.
"
}
},
"hostPortRange": {
@@ -6983,7 +7278,7 @@
}
},
"traits": {
- "smithy.api#documentation": "An object representing the network configuration for a task or service.
"
+ "smithy.api#documentation": "The network configuration for a task or service.
"
}
},
"com.amazonaws.ecs#NetworkInterface": {
@@ -7320,7 +7615,7 @@
"containerPortRange": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The port number range on the container that's bound to the dynamically mapped host port range.
\n The following rules apply when you specify a containerPortRange:
\n \n - \n
You must use either the bridge network mode or the awsvpc\n\t\t\t\t\tnetwork mode.
\n \n - \n
This parameter is available for both the EC2 and Fargate launch types.
\n \n - \n
This parameter is available for both the Linux and Windows operating systems.
\n \n - \n
The container instance must have at least version 1.67.0 of the container agent\n\t\t\t\t\tand at least version 1.67.0-1 of the ecs-init package
\n \n - \n
You can specify a maximum of 100 port ranges per container.
\n \n - \n
You do not specify a hostPortRange. The value of the hostPortRange is set\n\t\t\t\t\tas follows:
\n \n - \n
For containers in a task with the awsvpc network mode,\n\t\t\t\t\t\t\tthe hostPort is set to the same value as the\n\t\t\t\t\t\t\t\tcontainerPort. This is a static mapping\n\t\t\t\t\t\t\tstrategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.
\n \n
\n \n - \n
The containerPortRange valid values are between 1 and\n\t\t\t\t\t65535.
\n \n - \n
A port can only be included in one port mapping per container.
\n \n - \n
You cannot specify overlapping port ranges.
\n \n - \n
The first port in the range must be less than last port in the range.
\n \n - \n
Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.
\n For more information, see Issue #11185 on the Github website.
\n For information about how to turn off the docker-proxy in the Docker daemon config file, see Docker daemon in the Amazon ECS Developer Guide.
\n \n
\n You can call \n DescribeTasks\n to view the hostPortRange which\n\t\t\tare the host ports that are bound to the container ports.
"
+ "smithy.api#documentation": "The port number range on the container that's bound to the dynamically mapped host port\n\t\t\trange.
\n The following rules apply when you specify a containerPortRange:
\n \n - \n
You must use either the bridge network mode or the awsvpc\n\t\t\t\t\tnetwork mode.
\n \n - \n
This parameter is available for both the EC2 and Fargate launch types.
\n \n - \n
This parameter is available for both the Linux and Windows operating systems.
\n \n - \n
The container instance must have at least version 1.67.0 of the container agent\n\t\t\t\t\tand at least version 1.67.0-1 of the ecs-init package
\n \n - \n
You can specify a maximum of 100 port ranges per container.
\n \n - \n
You do not specify a hostPortRange. The value of the hostPortRange is set\n\t\t\t\t\tas follows:
\n \n - \n
For containers in a task with the awsvpc network mode,\n\t\t\t\t\t\t\tthe hostPort is set to the same value as the\n\t\t\t\t\t\t\t\tcontainerPort. This is a static mapping\n\t\t\t\t\t\t\tstrategy.
\n \n - \n
For containers in a task with the bridge network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.
\n \n
\n \n - \n
The containerPortRange valid values are between 1 and\n\t\t\t\t\t65535.
\n \n - \n
A port can only be included in one port mapping per container.
\n \n - \n
You cannot specify overlapping port ranges.
\n \n - \n
The first port in the range must be less than last port in the range.
\n \n - \n
Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.
\n For more information, see Issue #11185 on the Github website.
\n For information about how to turn off the docker-proxy in the Docker daemon config file, see Docker daemon in the Amazon ECS Developer Guide.
\n \n
\n You can call \n DescribeTasks\n to view the hostPortRange which\n\t\t\tare the host ports that are bound to the container ports.
"
}
}
},
@@ -7379,7 +7674,7 @@
"target": "com.amazonaws.ecs#Boolean",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "The protection status of the task. If scale-in protection is enabled for a task, the\n\t\t\tvalue is true. Otherwise, it is false.
"
+ "smithy.api#documentation": "The protection status of the task. If scale-in protection is on for a task, the\n\t\t\tvalue is true. Otherwise, it is false.
"
}
},
"expirationDate": {
@@ -7463,7 +7758,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Modifies an account setting. Account settings are set on a per-Region basis.
\n If you change the account setting for the root user, the default settings for all of\n\t\t\tthe IAM users and roles that no individual account setting was specified are reset for.\n\t\t\tFor more information, see Account\n\t\t\t\tSettings in the Amazon Elastic Container Service Developer Guide.
\n When serviceLongArnFormat, taskLongArnFormat, or\n\t\t\t\tcontainerInstanceLongArnFormat are specified, the Amazon Resource Name\n\t\t\t(ARN) and resource ID format of the resource type for a specified IAM user, IAM role, or\n\t\t\tthe root user for an account is affected. The opt-in and opt-out account setting must be\n\t\t\tset for each Amazon ECS resource separately. The ARN and resource ID format of a resource\n\t\t\tis defined by the opt-in status of the IAM user or role that created the resource. You\n\t\t\tmust turn on this setting to use Amazon ECS features such as resource tagging.
\n When awsvpcTrunking is specified, the elastic network interface (ENI)\n\t\t\tlimit for any new container instances that support the feature is changed. If\n\t\t\t\tawsvpcTrunking is enabled, any new container instances that support the\n\t\t\tfeature are launched have the increased ENI limits available to them. For more\n\t\t\tinformation, see Elastic Network\n\t\t\t\tInterface Trunking in the Amazon Elastic Container Service Developer Guide.
\n When containerInsights is specified, the default setting indicating\n\t\t\twhether CloudWatch Container Insights is enabled for your clusters is changed. If\n\t\t\t\tcontainerInsights is enabled, any new clusters that are created will\n\t\t\thave Container Insights enabled unless you disable it during cluster creation. For more\n\t\t\tinformation, see CloudWatch\n\t\t\t\tContainer Insights in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "Modifies an account setting. Account settings are set on a per-Region basis.
\n If you change the account setting for the root user, the default settings for all of\n\t\t\tthe users and roles that no individual account setting was specified are reset for.\n\t\t\tFor more information, see Account\n\t\t\t\tSettings in the Amazon Elastic Container Service Developer Guide.
\n When serviceLongArnFormat, taskLongArnFormat, or\n\t\t\t\tcontainerInstanceLongArnFormat are specified, the Amazon Resource Name\n\t\t\t(ARN) and resource ID format of the resource type for a specified user, role, or\n\t\t\tthe root user for an account is affected. The opt-in and opt-out account setting must be\n\t\t\tset for each Amazon ECS resource separately. The ARN and resource ID format of a resource\n\t\t\tis defined by the opt-in status of the user or role that created the resource. You\n\t\t\tmust turn on this setting to use Amazon ECS features such as resource tagging.
\n When awsvpcTrunking is specified, the elastic network interface (ENI)\n\t\t\tlimit for any new container instances that support the feature is changed. If\n\t\t\t\tawsvpcTrunking is enabled, any new container instances that support the\n\t\t\tfeature are launched have the increased ENI limits available to them. For more\n\t\t\tinformation, see Elastic Network\n\t\t\t\tInterface Trunking in the Amazon Elastic Container Service Developer Guide.
\n When containerInsights is specified, the default setting indicating\n\t\t\twhether CloudWatch Container Insights is enabled for your clusters is changed. If\n\t\t\t\tcontainerInsights is enabled, any new clusters that are created will\n\t\t\thave Container Insights enabled unless you disable it during cluster creation. For more\n\t\t\tinformation, see CloudWatch\n\t\t\t\tContainer Insights in the Amazon Elastic Container Service Developer Guide.
"
}
},
"com.amazonaws.ecs#PutAccountSettingDefault": {
@@ -7486,7 +7781,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Modifies an account setting for all IAM users on an account for whom no individual\n\t\t\taccount setting has been specified. Account settings are set on a per-Region\n\t\t\tbasis.
"
+ "smithy.api#documentation": "Modifies an account setting for all users on an account for whom no individual\n\t\t\taccount setting has been specified. Account settings are set on a per-Region\n\t\t\tbasis.
"
}
},
"com.amazonaws.ecs#PutAccountSettingDefaultRequest": {
@@ -7506,6 +7801,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#PutAccountSettingDefaultResponse": {
@@ -7517,6 +7815,9 @@
"smithy.api#documentation": "The current setting for a resource.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#PutAccountSettingRequest": {
@@ -7539,9 +7840,12 @@
"principalArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The ARN of the principal, which can be an IAM user, IAM role, or the root user. If\n\t\t\tyou specify the root user, it modifies the account setting for all IAM users, IAM roles,\n\t\t\tand the root user of the account unless an IAM user or role explicitly overrides these\n\t\t\tsettings. If this field is omitted, the setting is changed only for the authenticated\n\t\t\tuser.
\n \n Federated users assume the account setting of the root user and can't have\n\t\t\t\texplicit account settings set for them.
\n "
+ "smithy.api#documentation": "The ARN of the principal, which can be a user, role, or the root user. If\n\t\t\tyou specify the root user, it modifies the account setting for all users, roles,\n\t\t\tand the root user of the account unless a user or role explicitly overrides these\n\t\t\tsettings. If this field is omitted, the setting is changed only for the authenticated\n\t\t\tuser.
\n \n Federated users assume the account setting of the root user and can't have\n\t\t\t\texplicit account settings set for them.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#PutAccountSettingResponse": {
@@ -7553,6 +7857,9 @@
"smithy.api#documentation": "The current account setting for a resource.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#PutAttributes": {
@@ -7597,6 +7904,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#PutAttributesResponse": {
@@ -7608,6 +7918,9 @@
"smithy.api#documentation": "The attributes applied to your resource.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#PutClusterCapacityProviders": {
@@ -7666,6 +7979,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#PutClusterCapacityProvidersResponse": {
@@ -7677,6 +7993,9 @@
"smithy.api#documentation": "Details about the cluster.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#RegisterContainerInstance": {
@@ -7759,6 +8078,9 @@
"smithy.api#documentation": "The metadata that you apply to the container instance to help you categorize and\n\t\t\torganize them. Each tag consists of a key and an optional value. You define both.
\n The following basic restrictions apply to tags:
\n \n - \n
Maximum number of tags per resource - 50
\n \n - \n
For each resource, each tag key must be unique, and each tag key can have only\n one value.
\n \n - \n
Maximum key length - 128 Unicode characters in UTF-8
\n \n - \n
Maximum value length - 256 Unicode characters in UTF-8
\n \n - \n
If your tagging schema is used across multiple services and resources,\n remember that other services may have restrictions on allowed characters.\n Generally allowed characters are: letters, numbers, and spaces representable in\n UTF-8, and the following characters: + - = . _ : / @.
\n \n - \n
Tag keys and values are case-sensitive.
\n \n - \n
Do not use aws:, AWS:, or any upper or lowercase\n combination of such as a prefix for either keys or values as it is reserved for\n Amazon Web Services use. You cannot edit or delete tag keys or values with this prefix. Tags with\n this prefix do not count against your tags per resource limit.
\n \n
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#RegisterContainerInstanceResponse": {
@@ -7770,6 +8092,9 @@
"smithy.api#documentation": "The container instance that was registered.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#RegisterTaskDefinition": {
@@ -7792,7 +8117,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Registers a new task definition from the supplied family and\n\t\t\t\tcontainerDefinitions. Optionally, you can add data volumes to your\n\t\t\tcontainers with the volumes parameter. For more information about task\n\t\t\tdefinition parameters and defaults, see Amazon ECS Task\n\t\t\t\tDefinitions in the Amazon Elastic Container Service Developer Guide.
\n You can specify an IAM role for your task with the taskRoleArn parameter.\n\t\t\tWhen you specify an IAM role for a task, its containers can then use the latest versions\n\t\t\tof the CLI or SDKs to make API requests to the Amazon Web Services services that are specified in\n\t\t\tthe IAM policy that's associated with the role. For more information, see IAM\n\t\t\t\tRoles for Tasks in the Amazon Elastic Container Service Developer Guide.
\n You can specify a Docker networking mode for the containers in your task definition\n\t\t\twith the networkMode parameter. The available network modes correspond to\n\t\t\tthose described in Network\n\t\t\t\tsettings in the Docker run reference. If you specify the awsvpc\n\t\t\tnetwork mode, the task is allocated an elastic network interface, and you must specify a\n\t\t\t\tNetworkConfiguration when you create a service or run a task with\n\t\t\tthe task definition. For more information, see Task Networking\n\t\t\tin the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "Registers a new task definition from the supplied family and\n\t\t\t\tcontainerDefinitions. Optionally, you can add data volumes to your\n\t\t\tcontainers with the volumes parameter. For more information about task\n\t\t\tdefinition parameters and defaults, see Amazon ECS Task\n\t\t\t\tDefinitions in the Amazon Elastic Container Service Developer Guide.
\n You can specify a role for your task with the taskRoleArn parameter.\n\t\t\tWhen you specify a role for a task, its containers can then use the latest versions\n\t\t\tof the CLI or SDKs to make API requests to the Amazon Web Services services that are specified in\n\t\t\tthe policy that's associated with the role. For more information, see IAM\n\t\t\t\tRoles for Tasks in the Amazon Elastic Container Service Developer Guide.
\n You can specify a Docker networking mode for the containers in your task definition\n\t\t\twith the networkMode parameter. The available network modes correspond to\n\t\t\tthose described in Network\n\t\t\t\tsettings in the Docker run reference. If you specify the awsvpc\n\t\t\tnetwork mode, the task is allocated an elastic network interface, and you must specify a\n\t\t\t\tNetworkConfiguration when you create a service or run a task with\n\t\t\tthe task definition. For more information, see Task Networking\n\t\t\tin the Amazon Elastic Container Service Developer Guide.
"
}
},
"com.amazonaws.ecs#RegisterTaskDefinitionRequest": {
@@ -7902,6 +8227,9 @@
"smithy.api#documentation": "The operating system that your tasks definitions run on. A platform family is\n\t\t\tspecified only for tasks using the Fargate launch type.
\n When you specify a task definition in a service, this value must match the\n\t\t\t\truntimePlatform value of the service.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#RegisterTaskDefinitionResponse": {
@@ -7919,6 +8247,9 @@
"smithy.api#documentation": "The list of tags associated with the task definition.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#RepositoryCredentials": {
@@ -8209,10 +8540,13 @@
"taskDefinition": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The family and revision (family:revision) or\n\t\t\tfull ARN of the task definition to run. If a revision isn't specified,\n\t\t\tthe latest ACTIVE revision is used.
\n When you create an IAM policy for run-task, you can set the resource to be the latest\n\t\t\ttask definition revision, or a specific revision.
\n The full ARN value must match the value that you specified as the\n\t\t\t\tResource of the IAM principal's permissions policy.
\n When you specify the policy resource as the latest task definition version (by setting\n\t\t\tthe Resource in the policy to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName),\n\t\t\tthen set this value to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName.
\n When you specify the policy resource as a specific task definition version (by setting\n\t\t\tthe Resource in the policy to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:1 or\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:*),\n\t\t\tthen set this value to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:1.
\n For more information, see Policy Resources for Amazon ECS in the Amazon Elastic Container Service developer Guide.
",
+ "smithy.api#documentation": "The family and revision (family:revision) or\n\t\t\tfull ARN of the task definition to run. If a revision isn't specified,\n\t\t\tthe latest ACTIVE revision is used.
\n When you create a policy for run-task, you can set the resource to be the latest\n\t\t\ttask definition revision, or a specific revision.
\n The full ARN value must match the value that you specified as the\n\t\t\t\tResource of the principal's permissions policy.
\n When you specify the policy resource as the latest task definition version (by setting\n\t\t\tthe Resource in the policy to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName),\n\t\t\tthen set this value to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName.
\n When you specify the policy resource as a specific task definition version (by setting\n\t\t\tthe Resource in the policy to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:1 or\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:*),\n\t\t\tthen set this value to\n\t\t\t\tarn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:1.
\n For more information, see Policy Resources for Amazon ECS in the Amazon Elastic Container Service developer Guide.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#RunTaskResponse": {
@@ -8230,6 +8564,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#RuntimePlatform": {
@@ -8841,13 +9178,13 @@
"value": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "Determines whether the account setting is enabled or disabled for the specified\n\t\t\tresource.
"
+ "smithy.api#documentation": "Determines whether the account setting is on or off for the specified resource.
"
}
},
"principalArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The ARN of the principal. It can be an IAM user, IAM role, or the root user. If this\n\t\t\tfield is omitted, the authenticated user is assumed.
"
+ "smithy.api#documentation": "The ARN of the principal. It can be a user, role, or the root user. If this\n\t\t\tfield is omitted, the authenticated user is assumed.
"
}
}
},
@@ -9035,6 +9372,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#StartTaskResponse": {
@@ -9052,6 +9392,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#Statistics": {
@@ -9098,7 +9441,7 @@
"task": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The task ID or full Amazon Resource Name (ARN) of the task to stop.
",
+ "smithy.api#documentation": "The task ID of the task to stop.
",
"smithy.api#required": {}
}
},
@@ -9108,6 +9451,9 @@
"smithy.api#documentation": "An optional message specified when a task is stopped. For example, if you're using a\n\t\t\tcustom scheduler, you can use this parameter to specify the reason for stopping the task\n\t\t\there, and the message appears in subsequent DescribeTasks API\n\t\t\toperations on this task. Up to 255 characters are allowed in this message.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#StopTaskResponse": {
@@ -9119,6 +9465,9 @@
"smithy.api#documentation": "The task that was stopped.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#String": {
@@ -9181,6 +9530,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#SubmitAttachmentStateChangesResponse": {
@@ -9192,6 +9544,9 @@
"smithy.api#documentation": "Acknowledgement of the state change.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#SubmitContainerStateChange": {
@@ -9268,6 +9623,9 @@
"smithy.api#documentation": "The network bindings of the container.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#SubmitContainerStateChangeResponse": {
@@ -9279,6 +9637,9 @@
"smithy.api#documentation": "Acknowledgement of the state change.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#SubmitTaskStateChange": {
@@ -9370,6 +9731,9 @@
"smithy.api#documentation": "The Unix timestamp for the time when the task execution stopped.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#SubmitTaskStateChangeResponse": {
@@ -9381,6 +9745,9 @@
"smithy.api#documentation": "Acknowledgement of the state change.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#SystemControl": {
@@ -9491,11 +9858,17 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#TagResourceResponse": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.ecs#TagValue": {
"type": "string",
@@ -9973,6 +10346,12 @@
"target": "com.amazonaws.ecs#TaskDefinitionField"
}
},
+ "com.amazonaws.ecs#TaskDefinitionList": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.ecs#TaskDefinition"
+ }
+ },
"com.amazonaws.ecs#TaskDefinitionPlacementConstraint": {
"type": "structure",
"members": {
@@ -10024,6 +10403,12 @@
"traits": {
"smithy.api#enumValue": "INACTIVE"
}
+ },
+ "DELETE_IN_PROGRESS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DELETE_IN_PROGRESS"
+ }
}
}
},
@@ -10068,7 +10453,7 @@
"executionRoleArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more\n\t\t\tinformation, see Amazon ECS task\n\t\t\t\texecution IAM role in the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the task execution role override for the task. For more\n\t\t\tinformation, see Amazon ECS task\n\t\t\t\texecution IAM role in the Amazon Elastic Container Service Developer Guide.
"
}
},
"memory": {
@@ -10080,7 +10465,7 @@
"taskRoleArn": {
"target": "com.amazonaws.ecs#String",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers\n\t\t\tin this task are granted the permissions that are specified in this role. For more\n\t\t\tinformation, see IAM Role for Tasks\n\t\t\tin the Amazon Elastic Container Service Developer Guide.
"
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the role that containers in this task can assume. All containers\n\t\t\tin this task are granted the permissions that are specified in this role. For more\n\t\t\tinformation, see IAM Role for Tasks\n\t\t\tin the Amazon Elastic Container Service Developer Guide.
"
}
},
"ephemeralStorage": {
@@ -10414,7 +10799,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The ulimit settings to pass to the container.
\n Amazon ECS tasks hosted on Fargate use the default\n\t\t\t\t\t\t\tresource limit values set by the operating system with the exception of\n\t\t\t\t\t\t\tthe nofile resource limit parameter which Fargate\n\t\t\t\t\t\t\toverrides. The nofile resource limit sets a restriction on\n\t\t\t\t\t\t\tthe number of open files that a container can use. The default\n\t\t\t\t\t\t\t\tnofile soft limit is 1024 and hard limit\n\t\t\t\t\t\t\tis 4096.
"
+ "smithy.api#documentation": "The ulimit settings to pass to the container.
\n Amazon ECS tasks hosted on Fargate use the default\n\t\t\t\t\t\t\tresource limit values set by the operating system with the exception of\n\t\t\t\t\t\t\tthe nofile resource limit parameter which Fargate\n\t\t\t\t\t\t\toverrides. The nofile resource limit sets a restriction on\n\t\t\t\t\t\t\tthe number of open files that a container can use. The default\n\t\t\t\t\t\t\t\tnofile soft limit is 1024 and the default hard limit\n\t\t\t\t\t\t\tis 4096.
\n You can specify the ulimit settings for a container in a task\n\t\t\tdefinition.
"
}
},
"com.amazonaws.ecs#UlimitList": {
@@ -10576,11 +10961,17 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UntagResourceResponse": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.ecs#UpdateCapacityProvider": {
"type": "operation",
@@ -10622,6 +11013,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UpdateCapacityProviderResponse": {
@@ -10633,6 +11027,9 @@
"smithy.api#documentation": "Details about the capacity provider.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#UpdateCluster": {
@@ -10689,6 +11086,9 @@
"smithy.api#documentation": "Use this parameter to set a default Service Connect namespace. After you set a default \n\tService Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as\n\tclient services in the namespace. This setting only applies to new services that set the enabled parameter to\n\ttrue in the ServiceConnectConfiguration.\n\tYou can set the namespace of each service individually in the ServiceConnectConfiguration to override this default\n\tparameter.
\n Tasks that run in a namespace can use short names to connect\n\tto services in the namespace. Tasks can connect to services across all of the clusters in the namespace.\n\tTasks connect through a managed proxy container\n\tthat collects logs and metrics for increased visibility.\n\tOnly the tasks that Amazon ECS services create are supported with Service Connect.\n\tFor more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UpdateClusterResponse": {
@@ -10700,6 +11100,9 @@
"smithy.api#documentation": "Details about the cluster.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#UpdateClusterSettings": {
@@ -10745,6 +11148,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UpdateClusterSettingsResponse": {
@@ -10756,6 +11162,9 @@
"smithy.api#documentation": "Details about the cluster
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#UpdateContainerAgent": {
@@ -10809,6 +11218,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UpdateContainerAgentResponse": {
@@ -10820,6 +11232,9 @@
"smithy.api#documentation": "The container instance that the container agent was updated for.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#UpdateContainerInstancesState": {
@@ -10871,6 +11286,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UpdateContainerInstancesStateResponse": {
@@ -10888,6 +11306,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#UpdateInProgressException": {
@@ -10943,7 +11364,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Modifies the parameters of a service.
\n For services using the rolling update (ECS) you can update the desired\n\t\t\tcount, deployment configuration, network configuration, load balancers, service\n\t\t\tregistries, enable ECS managed tags option, propagate tags option, task placement\n\t\t\tconstraints and strategies, and task definition. When you update any of these\n\t\t\tparameters, Amazon ECS starts new tasks with the new configuration.
\n For services using the blue/green (CODE_DEPLOY) deployment controller,\n\t\t\tonly the desired count, deployment configuration, health check grace period, task\n\t\t\tplacement constraints and strategies, enable ECS managed tags option, and propagate tags\n\t\t\tcan be updated using this API. If the network configuration, platform version, task\n\t\t\tdefinition, or load balancer need to be updated, create a new CodeDeploy deployment. For more\n\t\t\tinformation, see CreateDeployment in the CodeDeploy API Reference.
\n For services using an external deployment controller, you can update only the desired\n\t\t\tcount, task placement constraints and strategies, health check grace period, enable ECS\n\t\t\tmanaged tags option, and propagate tags option, using this API. If the launch type, load\n\t\t\tbalancer, network configuration, platform version, or task definition need to be\n\t\t\tupdated, create a new task set For more information, see CreateTaskSet.
\n You can add to or subtract from the number of instantiations of a task definition in a\n\t\t\tservice by specifying the cluster that the service is running in and a new\n\t\t\t\tdesiredCount parameter.
\n If you have updated the Docker image of your application, you can create a new task\n\t\t\tdefinition with that image and deploy it to your service. The service scheduler uses the\n\t\t\tminimum healthy percent and maximum percent parameters (in the service's deployment\n\t\t\tconfiguration) to determine the deployment strategy.
\n \n If your updated Docker image uses the same tag as what is in the existing task\n\t\t\t\tdefinition for your service (for example, my_image:latest), you don't\n\t\t\t\tneed to create a new revision of your task definition. You can update the service\n\t\t\t\tusing the forceNewDeployment option. The new tasks launched by the\n\t\t\t\tdeployment pull the current image/tag combination from your repository when they\n\t\t\t\tstart.
\n \n You can also update the deployment configuration of a service. When a deployment is\n\t\t\ttriggered by updating the task definition of a service, the service scheduler uses the\n\t\t\tdeployment configuration parameters, minimumHealthyPercent and\n\t\t\t\tmaximumPercent, to determine the deployment strategy.
\n \n - \n
If minimumHealthyPercent is below 100%, the scheduler can ignore\n\t\t\t\t\t\tdesiredCount temporarily during a deployment. For example, if\n\t\t\t\t\t\tdesiredCount is four tasks, a minimum of 50% allows the\n\t\t\t\t\tscheduler to stop two existing tasks before starting two new tasks. Tasks for\n\t\t\t\t\tservices that don't use a load balancer are considered healthy if they're in the\n\t\t\t\t\t\tRUNNING state. Tasks for services that use a load balancer are\n\t\t\t\t\tconsidered healthy if they're in the RUNNING state and are reported\n\t\t\t\t\tas healthy by the load balancer.
\n \n - \n
The maximumPercent parameter represents an upper limit on the\n\t\t\t\t\tnumber of running tasks during a deployment. You can use it to define the\n\t\t\t\t\tdeployment batch size. For example, if desiredCount is four tasks,\n\t\t\t\t\ta maximum of 200% starts four new tasks before stopping the four older tasks\n\t\t\t\t\t(provided that the cluster resources required to do this are available).
\n \n
\n When UpdateService stops a task during a deployment, the equivalent\n\t\t\tof docker stop is issued to the containers running in the task. This\n\t\t\tresults in a SIGTERM and a 30-second timeout. After this,\n\t\t\t\tSIGKILL is sent and the containers are forcibly stopped. If the\n\t\t\tcontainer handles the SIGTERM gracefully and exits within 30 seconds from\n\t\t\treceiving it, no SIGKILL is sent.
\n When the service scheduler launches new tasks, it determines task placement in your\n\t\t\tcluster with the following logic.
\n \n - \n
Determine which of the container instances in your cluster can support your\n\t\t\t\t\tservice's task definition. For example, they have the required CPU, memory,\n\t\t\t\t\tports, and container instance attributes.
\n \n - \n
By default, the service scheduler attempts to balance tasks across\n\t\t\t\t\tAvailability Zones in this manner even though you can choose a different\n\t\t\t\t\tplacement strategy.
\n \n - \n
Sort the valid container instances by the fewest number of running\n\t\t\t\t\t\t\ttasks for this service in the same Availability Zone as the instance.\n\t\t\t\t\t\t\tFor example, if zone A has one running service task and zones B and C\n\t\t\t\t\t\t\teach have zero, valid container instances in either zone B or C are\n\t\t\t\t\t\t\tconsidered optimal for placement.
\n \n - \n
Place the new service task on a valid container instance in an optimal\n\t\t\t\t\t\t\tAvailability Zone (based on the previous steps), favoring container\n\t\t\t\t\t\t\tinstances with the fewest number of running tasks for this\n\t\t\t\t\t\t\tservice.
\n \n
\n \n
\n When the service scheduler stops running tasks, it attempts to maintain balance across\n\t\t\tthe Availability Zones in your cluster using the following logic:
\n \n - \n
Sort the container instances by the largest number of running tasks for this\n\t\t\t\t\tservice in the same Availability Zone as the instance. For example, if zone A\n\t\t\t\t\thas one running service task and zones B and C each have two, container\n\t\t\t\t\tinstances in either zone B or C are considered optimal for termination.
\n \n - \n
Stop the task on a container instance in an optimal Availability Zone (based\n\t\t\t\t\ton the previous steps), favoring container instances with the largest number of\n\t\t\t\t\trunning tasks for this service.
\n \n
\n \n You must have a service-linked role when you update any of the following service\n\t\t\t\tproperties. If you specified a custom IAM role when you created the service, Amazon ECS\n\t\t\t\tautomatically replaces the roleARN associated with the service with the ARN of your\n\t\t\t\tservice-linked role. For more information, see Service-linked roles in the Amazon Elastic Container Service Developer Guide.
\n \n - \n
\n loadBalancers,\n
\n \n - \n
\n serviceRegistries\n
\n \n
\n "
+ "smithy.api#documentation": "Modifies the parameters of a service.
\n For services using the rolling update (ECS) you can update the desired\n\t\t\tcount, deployment configuration, network configuration, load balancers, service\n\t\t\tregistries, enable ECS managed tags option, propagate tags option, task placement\n\t\t\tconstraints and strategies, and task definition. When you update any of these\n\t\t\tparameters, Amazon ECS starts new tasks with the new configuration.
\n For services using the blue/green (CODE_DEPLOY) deployment controller,\n\t\t\tonly the desired count, deployment configuration, health check grace period, task\n\t\t\tplacement constraints and strategies, enable ECS managed tags option, and propagate tags\n\t\t\tcan be updated using this API. If the network configuration, platform version, task\n\t\t\tdefinition, or load balancer need to be updated, create a new CodeDeploy deployment. For more\n\t\t\tinformation, see CreateDeployment in the CodeDeploy API Reference.
\n For services using an external deployment controller, you can update only the desired\n\t\t\tcount, task placement constraints and strategies, health check grace period, enable ECS\n\t\t\tmanaged tags option, and propagate tags option, using this API. If the launch type, load\n\t\t\tbalancer, network configuration, platform version, or task definition need to be\n\t\t\tupdated, create a new task set For more information, see CreateTaskSet.
\n You can add to or subtract from the number of instantiations of a task definition in a\n\t\t\tservice by specifying the cluster that the service is running in and a new\n\t\t\t\tdesiredCount parameter.
\n If you have updated the Docker image of your application, you can create a new task\n\t\t\tdefinition with that image and deploy it to your service. The service scheduler uses the\n\t\t\tminimum healthy percent and maximum percent parameters (in the service's deployment\n\t\t\tconfiguration) to determine the deployment strategy.
\n \n If your updated Docker image uses the same tag as what is in the existing task\n\t\t\t\tdefinition for your service (for example, my_image:latest), you don't\n\t\t\t\tneed to create a new revision of your task definition. You can update the service\n\t\t\t\tusing the forceNewDeployment option. The new tasks launched by the\n\t\t\t\tdeployment pull the current image/tag combination from your repository when they\n\t\t\t\tstart.
\n \n You can also update the deployment configuration of a service. When a deployment is\n\t\t\ttriggered by updating the task definition of a service, the service scheduler uses the\n\t\t\tdeployment configuration parameters, minimumHealthyPercent and\n\t\t\t\tmaximumPercent, to determine the deployment strategy.
\n \n - \n
If minimumHealthyPercent is below 100%, the scheduler can ignore\n\t\t\t\t\t\tdesiredCount temporarily during a deployment. For example, if\n\t\t\t\t\t\tdesiredCount is four tasks, a minimum of 50% allows the\n\t\t\t\t\tscheduler to stop two existing tasks before starting two new tasks. Tasks for\n\t\t\t\t\tservices that don't use a load balancer are considered healthy if they're in the\n\t\t\t\t\t\tRUNNING state. Tasks for services that use a load balancer are\n\t\t\t\t\tconsidered healthy if they're in the RUNNING state and are reported\n\t\t\t\t\tas healthy by the load balancer.
\n \n - \n
The maximumPercent parameter represents an upper limit on the\n\t\t\t\t\tnumber of running tasks during a deployment. You can use it to define the\n\t\t\t\t\tdeployment batch size. For example, if desiredCount is four tasks,\n\t\t\t\t\ta maximum of 200% starts four new tasks before stopping the four older tasks\n\t\t\t\t\t(provided that the cluster resources required to do this are available).
\n \n
\n When UpdateService stops a task during a deployment, the equivalent\n\t\t\tof docker stop is issued to the containers running in the task. This\n\t\t\tresults in a SIGTERM and a 30-second timeout. After this,\n\t\t\t\tSIGKILL is sent and the containers are forcibly stopped. If the\n\t\t\tcontainer handles the SIGTERM gracefully and exits within 30 seconds from\n\t\t\treceiving it, no SIGKILL is sent.
\n When the service scheduler launches new tasks, it determines task placement in your\n\t\t\tcluster with the following logic.
\n \n - \n
Determine which of the container instances in your cluster can support your\n\t\t\t\t\tservice's task definition. For example, they have the required CPU, memory,\n\t\t\t\t\tports, and container instance attributes.
\n \n - \n
By default, the service scheduler attempts to balance tasks across\n\t\t\t\t\tAvailability Zones in this manner even though you can choose a different\n\t\t\t\t\tplacement strategy.
\n \n - \n
Sort the valid container instances by the fewest number of running\n\t\t\t\t\t\t\ttasks for this service in the same Availability Zone as the instance.\n\t\t\t\t\t\t\tFor example, if zone A has one running service task and zones B and C\n\t\t\t\t\t\t\teach have zero, valid container instances in either zone B or C are\n\t\t\t\t\t\t\tconsidered optimal for placement.
\n \n - \n
Place the new service task on a valid container instance in an optimal\n\t\t\t\t\t\t\tAvailability Zone (based on the previous steps), favoring container\n\t\t\t\t\t\t\tinstances with the fewest number of running tasks for this\n\t\t\t\t\t\t\tservice.
\n \n
\n \n
\n When the service scheduler stops running tasks, it attempts to maintain balance across\n\t\t\tthe Availability Zones in your cluster using the following logic:
\n \n - \n
Sort the container instances by the largest number of running tasks for this\n\t\t\t\t\tservice in the same Availability Zone as the instance. For example, if zone A\n\t\t\t\t\thas one running service task and zones B and C each have two, container\n\t\t\t\t\tinstances in either zone B or C are considered optimal for termination.
\n \n - \n
Stop the task on a container instance in an optimal Availability Zone (based\n\t\t\t\t\ton the previous steps), favoring container instances with the largest number of\n\t\t\t\t\trunning tasks for this service.
\n \n
\n \n You must have a service-linked role when you update any of the following service\n\t\t\t\tproperties. If you specified a custom role when you created the service, Amazon ECS\n\t\t\t\tautomatically replaces the roleARN associated with the service with the ARN of your\n\t\t\t\tservice-linked role. For more information, see Service-linked roles in the Amazon Elastic Container Service Developer Guide.
\n \n - \n
\n loadBalancers,\n
\n \n - \n
\n serviceRegistries\n
\n \n
\n "
}
},
"com.amazonaws.ecs#UpdateServicePrimaryTaskSet": {
@@ -11011,6 +11432,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UpdateServicePrimaryTaskSetResponse": {
@@ -11022,6 +11446,9 @@
"smithy.api#documentation": "The details about the task set.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#UpdateServiceRequest": {
@@ -11137,6 +11564,9 @@
"smithy.api#documentation": "The configuration for this service to discover and connect to\n\tservices, and be discovered by, and connected from, other services within a namespace.
\n Tasks that run in a namespace can use short names to connect\n\tto services in the namespace. Tasks can connect to services across all of the clusters in the namespace.\n\tTasks connect through a managed proxy container\n\tthat collects logs and metrics for increased visibility.\n\tOnly the tasks that Amazon ECS services create are supported with Service Connect.\n\tFor more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UpdateServiceResponse": {
@@ -11148,6 +11578,9 @@
"smithy.api#documentation": "The full description of your service following the update call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#UpdateTaskProtection": {
@@ -11216,6 +11649,9 @@
"smithy.api#documentation": "If you set protectionEnabled to true, you can specify the\n\t\t\tduration for task protection in minutes. You can specify a value from 1 minute to up to\n\t\t\t2,880 minutes (48 hours). During this time, your task will not be terminated by scale-in\n\t\t\tevents from Service Auto Scaling or deployments. After this time period lapses,\n\t\t\t\tprotectionEnabled will be reset to false.
\n If you don’t specify the time, then the task is automatically protected for 120\n\t\t\tminutes (2 hours).
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UpdateTaskProtectionResponse": {
@@ -11233,6 +11669,9 @@
"smithy.api#documentation": "Any failures associated with the call.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#UpdateTaskSet": {
@@ -11307,6 +11746,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.ecs#UpdateTaskSetResponse": {
@@ -11318,6 +11760,9 @@
"smithy.api#documentation": "Details about the task set.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.ecs#VersionInfo": {
diff --git a/aws/sdk/aws-models/glacier.json b/aws/sdk/aws-models/glacier.json
index 878e57eea2..6fc9d21fe1 100644
--- a/aws/sdk/aws-models/glacier.json
+++ b/aws/sdk/aws-models/glacier.json
@@ -89,7 +89,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options to abort a multipart upload identified by the upload ID.
\n\n For information about the underlying REST API, see Abort Multipart\n Upload. For conceptual information, see Working with Archives in\n Amazon S3 Glacier.
"
+ "smithy.api#documentation": "Provides options to abort a multipart upload identified by the upload ID.
\n\n For information about the underlying REST API, see Abort Multipart\n Upload. For conceptual information, see Working with Archives in\n Amazon S3 Glacier.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#AbortVaultLock": {
@@ -144,7 +145,8 @@
}
},
"traits": {
- "smithy.api#documentation": "The input values for AbortVaultLock.
"
+ "smithy.api#documentation": "The input values for AbortVaultLock.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#AccessControlPolicyList": {
@@ -154,22 +156,26 @@
}
},
"com.amazonaws.glacier#ActionCode": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "ArchiveRetrieval",
- "name": "ArchiveRetrieval"
- },
- {
- "value": "InventoryRetrieval",
- "name": "InventoryRetrieval"
- },
- {
- "value": "Select",
- "name": "Select"
+ "type": "enum",
+ "members": {
+ "ArchiveRetrieval": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ArchiveRetrieval"
+ }
+ },
+ "InventoryRetrieval": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "InventoryRetrieval"
}
- ]
+ },
+ "Select": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Select"
+ }
+ }
}
},
"com.amazonaws.glacier#AddTagsToVault": {
@@ -233,7 +239,8 @@
}
},
"traits": {
- "smithy.api#documentation": "The input values for AddTagsToVault.
"
+ "smithy.api#documentation": "The input values for AddTagsToVault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#ArchiveCreationOutput": {
@@ -348,38 +355,50 @@
}
},
"com.amazonaws.glacier#CannedACL": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "private",
- "name": "Private"
- },
- {
- "value": "public-read",
- "name": "PublicRead"
- },
- {
- "value": "public-read-write",
- "name": "PublicReadWrite"
- },
- {
- "value": "aws-exec-read",
- "name": "AwsExecRead"
- },
- {
- "value": "authenticated-read",
- "name": "AuthenticatedRead"
- },
- {
- "value": "bucket-owner-read",
- "name": "BucketOwnerRead"
- },
- {
- "value": "bucket-owner-full-control",
- "name": "BucketOwnerFullControl"
+ "type": "enum",
+ "members": {
+ "Private": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "private"
+ }
+ },
+ "PublicRead": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "public-read"
+ }
+ },
+ "PublicReadWrite": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "public-read-write"
+ }
+ },
+ "AwsExecRead": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "aws-exec-read"
}
- ]
+ },
+ "AuthenticatedRead": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "authenticated-read"
+ }
+ },
+ "BucketOwnerRead": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "bucket-owner-read"
+ }
+ },
+ "BucketOwnerFullControl": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "bucket-owner-full-control"
+ }
+ }
}
},
"com.amazonaws.glacier#CompleteMultipartUpload": {
@@ -456,7 +475,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options to complete a multipart upload operation. This informs Amazon\n Glacier that all the archive parts have been uploaded and Amazon S3 Glacier (Glacier) can now assemble\n the archive from the uploaded parts. After assembling and saving the archive to the vault,\n Glacier returns the URI path of the newly created archive resource.
"
+ "smithy.api#documentation": "Provides options to complete a multipart upload operation. This informs Amazon\n Glacier that all the archive parts have been uploaded and Amazon S3 Glacier (Glacier) can now assemble\n the archive from the uploaded parts. After assembling and saving the archive to the vault,\n Glacier returns the URI path of the newly created archive resource.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#CompleteVaultLock": {
@@ -519,7 +539,8 @@
}
},
"traits": {
- "smithy.api#documentation": "The input values for CompleteVaultLock.
"
+ "smithy.api#documentation": "The input values for CompleteVaultLock.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#CreateVault": {
@@ -574,7 +595,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options to create a vault.
"
+ "smithy.api#documentation": "Provides options to create a vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#CreateVaultOutput": {
@@ -589,7 +611,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#DataRetrievalPolicy": {
@@ -695,7 +718,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for deleting an archive from an Amazon S3 Glacier vault.
"
+ "smithy.api#documentation": "Provides options for deleting an archive from an Amazon S3 Glacier vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#DeleteVault": {
@@ -781,7 +805,8 @@
}
},
"traits": {
- "smithy.api#documentation": "DeleteVaultAccessPolicy input.
"
+ "smithy.api#documentation": "DeleteVaultAccessPolicy input.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#DeleteVaultInput": {
@@ -805,7 +830,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for deleting a vault from Amazon S3 Glacier.
"
+ "smithy.api#documentation": "Provides options for deleting a vault from Amazon S3 Glacier.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#DeleteVaultNotifications": {
@@ -860,7 +886,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for deleting a vault notification configuration from an Amazon\n Glacier vault.
"
+ "smithy.api#documentation": "Provides options for deleting a vault notification configuration from an Amazon\n Glacier vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#DescribeJob": {
@@ -923,7 +950,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for retrieving a job description.
"
+ "smithy.api#documentation": "Provides options for retrieving a job description.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#DescribeVault": {
@@ -1014,7 +1042,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for retrieving metadata for a specific vault in Amazon\n Glacier.
"
+ "smithy.api#documentation": "Provides options for retrieving metadata for a specific vault in Amazon\n Glacier.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#DescribeVaultOutput": {
@@ -1090,48 +1119,54 @@
}
},
"com.amazonaws.glacier#EncryptionType": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "aws:kms",
- "name": "KMS"
- },
- {
- "value": "AES256",
- "name": "S3"
+ "type": "enum",
+ "members": {
+ "KMS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "aws:kms"
}
- ]
+ },
+ "S3": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "AES256"
+ }
+ }
}
},
"com.amazonaws.glacier#ExpressionType": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "SQL",
- "name": "SQL"
+ "type": "enum",
+ "members": {
+ "SQL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "SQL"
}
- ]
+ }
}
},
"com.amazonaws.glacier#FileHeaderInfo": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "USE",
- "name": "Use"
- },
- {
- "value": "IGNORE",
- "name": "Ignore"
- },
- {
- "value": "NONE",
- "name": "None"
+ "type": "enum",
+ "members": {
+ "Use": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "USE"
}
- ]
+ },
+ "Ignore": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "IGNORE"
+ }
+ },
+ "None": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "NONE"
+ }
+ }
}
},
"com.amazonaws.glacier#GetDataRetrievalPolicy": {
@@ -1175,7 +1210,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Input for GetDataRetrievalPolicy.
"
+ "smithy.api#documentation": "Input for GetDataRetrievalPolicy.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#GetDataRetrievalPolicyOutput": {
@@ -1189,7 +1225,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to the GetDataRetrievalPolicy\n request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to the GetDataRetrievalPolicy\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#GetJobOutput": {
@@ -1259,7 +1296,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for downloading output of an Amazon S3 Glacier job.
"
+ "smithy.api#documentation": "Provides options for downloading output of an Amazon S3 Glacier job.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#GetJobOutputOutput": {
@@ -1318,7 +1356,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#GetVaultAccessPolicy": {
@@ -1373,7 +1412,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Input for GetVaultAccessPolicy.
"
+ "smithy.api#documentation": "Input for GetVaultAccessPolicy.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#GetVaultAccessPolicyOutput": {
@@ -1388,7 +1428,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Output for GetVaultAccessPolicy.
"
+ "smithy.api#documentation": "Output for GetVaultAccessPolicy.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#GetVaultLock": {
@@ -1443,7 +1484,8 @@
}
},
"traits": {
- "smithy.api#documentation": "The input values for GetVaultLock.
"
+ "smithy.api#documentation": "The input values for GetVaultLock.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#GetVaultLockOutput": {
@@ -1475,7 +1517,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#GetVaultNotifications": {
@@ -1530,7 +1573,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for retrieving the notification configuration set on an Amazon\n Glacier vault.
"
+ "smithy.api#documentation": "Provides options for retrieving the notification configuration set on an Amazon\n Glacier vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#GetVaultNotificationsOutput": {
@@ -1545,7 +1589,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#Glacier": {
@@ -1674,7 +1719,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -1703,13 +1748,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -1717,14 +1761,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -1733,67 +1783,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -1802,187 +1827,286 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://glacier-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://glacier-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
{
"conditions": [
{
- "fn": "stringEquals",
+ "fn": "booleanEquals",
"argv": [
- "aws-us-gov",
+ true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "name"
+ "supportsFIPS"
]
}
]
}
],
- "endpoint": {
- "url": "https://glacier.{Region}.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ "aws-us-gov",
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "name"
+ ]
+ }
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://glacier.{Region}.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://glacier-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
},
{
"conditions": [],
- "endpoint": {
- "url": "https://glacier-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://glacier.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "us-gov-east-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://glacier.us-gov-east-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "us-gov-west-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://glacier.us-gov-west-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://glacier.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://glacier.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -1991,66 +2115,13 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "us-gov-east-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://glacier.us-gov-east-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "us-gov-west-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://glacier.us-gov-west-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://glacier.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -2059,16 +2130,16 @@
"smithy.rules#endpointTests": {
"testCases": [
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.sa-east-1.amazonaws.com"
+ "url": "https://glacier.af-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "af-south-1",
"UseDualStack": false,
- "Region": "sa-east-1"
+ "UseFIPS": false
}
},
{
@@ -2079,334 +2150,334 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-east-1",
"UseDualStack": false,
- "Region": "ap-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.eu-south-1.amazonaws.com"
+ "url": "https://glacier.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-1",
"UseDualStack": false,
- "Region": "eu-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.eu-central-1.amazonaws.com"
+ "url": "https://glacier.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-2",
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.ap-southeast-1.amazonaws.com"
+ "url": "https://glacier.ap-northeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-3",
"UseDualStack": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.ap-southeast-2.amazonaws.com"
+ "url": "https://glacier.ap-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-south-1",
"UseDualStack": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.ap-southeast-3.amazonaws.com"
+ "url": "https://glacier.ap-southeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-1",
"UseDualStack": false,
- "Region": "ap-southeast-3"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.ca-central-1.amazonaws.com"
+ "url": "https://glacier.ap-southeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-2",
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.ca-central-1.amazonaws.com"
+ "url": "https://glacier.ap-southeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "ap-southeast-3",
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-west-1.amazonaws.com"
+ "url": "https://glacier.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.us-west-1.amazonaws.com"
+ "url": "https://glacier-fips.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-west-2.amazonaws.com"
+ "url": "https://glacier.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-central-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.us-west-2.amazonaws.com"
+ "url": "https://glacier.eu-north-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "eu-north-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.af-south-1.amazonaws.com"
+ "url": "https://glacier.eu-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-south-1",
"UseDualStack": false,
- "Region": "af-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.ap-south-1.amazonaws.com"
+ "url": "https://glacier.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-1",
"UseDualStack": false,
- "Region": "ap-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.ap-northeast-1.amazonaws.com"
+ "url": "https://glacier.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-2",
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.ap-northeast-2.amazonaws.com"
+ "url": "https://glacier.eu-west-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-3",
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.ap-northeast-3.amazonaws.com"
+ "url": "https://glacier.me-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "me-south-1",
"UseDualStack": false,
- "Region": "ap-northeast-3"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-east-1.amazonaws.com"
+ "url": "https://glacier.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "sa-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.us-east-1.amazonaws.com"
+ "url": "https://glacier.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.eu-west-1.amazonaws.com"
+ "url": "https://glacier-fips.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "eu-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.eu-west-2.amazonaws.com"
+ "url": "https://glacier.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "eu-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.eu-west-3.amazonaws.com"
+ "url": "https://glacier-fips.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "eu-west-3"
+ "UseFIPS": true
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.me-south-1.amazonaws.com"
+ "url": "https://glacier.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-1",
"UseDualStack": false,
- "Region": "me-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.eu-north-1.amazonaws.com"
+ "url": "https://glacier-fips.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-1",
"UseDualStack": false,
- "Region": "eu-north-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-east-2.amazonaws.com"
+ "url": "https://glacier.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.us-east-2.amazonaws.com"
+ "url": "https://glacier-fips.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": true
}
},
{
@@ -2417,9 +2488,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
@@ -2430,230 +2501,243 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-gov-west-1.amazonaws.com"
+ "url": "https://glacier.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-gov-west-1.amazonaws.com"
+ "url": "https://glacier.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-northwest-1",
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-gov-east-1.amazonaws.com"
+ "url": "https://glacier-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "us-gov-east-1"
+ "Region": "cn-north-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-gov-east-1.amazonaws.com"
+ "url": "https://glacier-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.us-gov-east-1.api.aws"
+ "url": "https://glacier.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-gov-east-1.api.aws"
+ "url": "https://glacier.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "us-gov-east-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://glacier.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://glacier.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://glacier.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "Region": "cn-northwest-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://glacier.cn-north-1.amazonaws.com.cn"
+ "url": "https://glacier-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "cn-north-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://glacier.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-east-1",
"UseDualStack": true,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://glacier.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://glacier.us-iso-west-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "us-iso-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-iso-west-1.c2s.ic.gov"
+ "url": "https://glacier-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "us-iso-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier.us-iso-east-1.c2s.ic.gov"
+ "url": "https://glacier.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://glacier-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://glacier-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
+ "Region": "us-east-1",
+ "UseDualStack": false,
"UseFIPS": false,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
"UseDualStack": false,
- "Region": "us-east-1",
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -2663,9 +2747,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
"Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true,
"Endpoint": "https://example.com"
}
},
@@ -2675,9 +2759,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
"Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
}
@@ -2945,7 +3029,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for initiating an Amazon S3 Glacier job.
"
+ "smithy.api#documentation": "Provides options for initiating an Amazon S3 Glacier job.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#InitiateJobOutput": {
@@ -2974,7 +3059,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#InitiateMultipartUpload": {
@@ -3043,7 +3129,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for initiating a multipart upload to an Amazon S3 Glacier\n vault.
"
+ "smithy.api#documentation": "Provides options for initiating a multipart upload to an Amazon S3 Glacier\n vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#InitiateMultipartUploadOutput": {
@@ -3065,7 +3152,8 @@
}
},
"traits": {
- "smithy.api#documentation": "The Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "The Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#InitiateVaultLock": {
@@ -3127,7 +3215,8 @@
}
},
"traits": {
- "smithy.api#documentation": "The input values for InitiateVaultLock.
"
+ "smithy.api#documentation": "The input values for InitiateVaultLock.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#InitiateVaultLockOutput": {
@@ -3142,7 +3231,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#InputSerialization": {
@@ -3464,7 +3554,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for retrieving a job list for an Amazon S3 Glacier vault.
"
+ "smithy.api#documentation": "Provides options for retrieving a job list for an Amazon S3 Glacier vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#ListJobsOutput": {
@@ -3484,7 +3575,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#ListMultipartUploads": {
@@ -3559,7 +3651,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for retrieving list of in-progress multipart uploads for an Amazon\n Glacier vault.
"
+ "smithy.api#documentation": "Provides options for retrieving list of in-progress multipart uploads for an Amazon\n Glacier vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#ListMultipartUploadsOutput": {
@@ -3579,7 +3672,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#ListParts": {
@@ -3662,7 +3756,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options for retrieving a list of parts of an archive that have been uploaded\n in a specific multipart upload.
"
+ "smithy.api#documentation": "Provides options for retrieving a list of parts of an archive that have been uploaded\n in a specific multipart upload.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#ListPartsOutput": {
@@ -3713,7 +3808,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#ListProvisionedCapacity": {
@@ -3755,6 +3851,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#ListProvisionedCapacityOutput": {
@@ -3766,6 +3865,9 @@
"smithy.api#documentation": "The response body contains the following JSON fields.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#ListTagsForVault": {
@@ -3820,7 +3922,8 @@
}
},
"traits": {
- "smithy.api#documentation": "The input value for ListTagsForVaultInput.
"
+ "smithy.api#documentation": "The input value for ListTagsForVaultInput.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#ListTagsForVaultOutput": {
@@ -3834,7 +3937,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#ListVaults": {
@@ -3901,7 +4005,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options to retrieve the vault list owned by the calling user's account. The\n list provides metadata information for each vault.
"
+ "smithy.api#documentation": "Provides options to retrieve the vault list owned by the calling user's account. The\n list provides metadata information for each vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#ListVaultsOutput": {
@@ -3921,7 +4026,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#MissingParameterValueException": {
@@ -4016,30 +4122,38 @@
}
},
"com.amazonaws.glacier#Permission": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "FULL_CONTROL",
- "name": "FULL_CONTROL"
- },
- {
- "value": "WRITE",
- "name": "WRITE"
- },
- {
- "value": "WRITE_ACP",
- "name": "WRITE_ACP"
- },
- {
- "value": "READ",
- "name": "READ"
- },
- {
- "value": "READ_ACP",
- "name": "READ_ACP"
+ "type": "enum",
+ "members": {
+ "FULL_CONTROL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FULL_CONTROL"
+ }
+ },
+ "WRITE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "WRITE"
+ }
+ },
+ "WRITE_ACP": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "WRITE_ACP"
}
- ]
+ },
+ "READ": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "READ"
+ }
+ },
+ "READ_ACP": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "READ_ACP"
+ }
+ }
}
},
"com.amazonaws.glacier#PolicyEnforcedException": {
@@ -4144,6 +4258,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#PurchaseProvisionedCapacityOutput": {
@@ -4156,21 +4273,26 @@
"smithy.api#httpHeader": "x-amz-capacity-id"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#QuoteFields": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "ALWAYS",
- "name": "Always"
- },
- {
- "value": "ASNEEDED",
- "name": "AsNeeded"
+ "type": "enum",
+ "members": {
+ "Always": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ALWAYS"
+ }
+ },
+ "AsNeeded": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ASNEEDED"
}
- ]
+ }
}
},
"com.amazonaws.glacier#RemoveTagsFromVault": {
@@ -4231,7 +4353,8 @@
}
},
"traits": {
- "smithy.api#documentation": "The input value for RemoveTagsFromVaultInput.
"
+ "smithy.api#documentation": "The input value for RemoveTagsFromVaultInput.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#RequestTimeoutException": {
@@ -4453,7 +4576,8 @@
}
},
"traits": {
- "smithy.api#documentation": "SetDataRetrievalPolicy input.
"
+ "smithy.api#documentation": "SetDataRetrievalPolicy input.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#SetVaultAccessPolicy": {
@@ -4515,7 +4639,8 @@
}
},
"traits": {
- "smithy.api#documentation": "SetVaultAccessPolicy input.
"
+ "smithy.api#documentation": "SetVaultAccessPolicy input.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#SetVaultNotifications": {
@@ -4577,48 +4702,57 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options to configure notifications that will be sent when specific events\n happen to a vault.
"
+ "smithy.api#documentation": "Provides options to configure notifications that will be sent when specific events\n happen to a vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#Size": {
"type": "long"
},
"com.amazonaws.glacier#StatusCode": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "InProgress",
- "name": "InProgress"
- },
- {
- "value": "Succeeded",
- "name": "Succeeded"
- },
- {
- "value": "Failed",
- "name": "Failed"
+ "type": "enum",
+ "members": {
+ "InProgress": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "InProgress"
}
- ]
+ },
+ "Succeeded": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Succeeded"
+ }
+ },
+ "Failed": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Failed"
+ }
+ }
}
},
"com.amazonaws.glacier#StorageClass": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "STANDARD",
- "name": "Standard"
- },
- {
- "value": "REDUCED_REDUNDANCY",
- "name": "ReducedRedundancy"
- },
- {
- "value": "STANDARD_IA",
- "name": "StandardInfrequentAccess"
+ "type": "enum",
+ "members": {
+ "Standard": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STANDARD"
+ }
+ },
+ "ReducedRedundancy": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "REDUCED_REDUNDANCY"
+ }
+ },
+ "StandardInfrequentAccess": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STANDARD_IA"
}
- ]
+ }
}
},
"com.amazonaws.glacier#Stream": {
@@ -4649,22 +4783,26 @@
"type": "string"
},
"com.amazonaws.glacier#Type": {
- "type": "string",
- "traits": {
- "smithy.api#enum": [
- {
- "value": "AmazonCustomerByEmail",
- "name": "AmazonCustomerByEmail"
- },
- {
- "value": "CanonicalUser",
- "name": "CanonicalUser"
- },
- {
- "value": "Group",
- "name": "Group"
+ "type": "enum",
+ "members": {
+ "AmazonCustomerByEmail": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "AmazonCustomerByEmail"
}
- ]
+ },
+ "CanonicalUser": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "CanonicalUser"
+ }
+ },
+ "Group": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Group"
+ }
+ }
}
},
"com.amazonaws.glacier#UploadArchive": {
@@ -4744,7 +4882,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options to add an archive to a vault.
"
+ "smithy.api#documentation": "Provides options to add an archive to a vault.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#UploadListElement": {
@@ -4871,7 +5010,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Provides options to upload a part of an archive in a multipart upload\n operation.
"
+ "smithy.api#documentation": "Provides options to upload a part of an archive in a multipart upload\n operation.
",
+ "smithy.api#input": {}
}
},
"com.amazonaws.glacier#UploadMultipartPartOutput": {
@@ -4886,7 +5026,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
"
+ "smithy.api#documentation": "Contains the Amazon S3 Glacier response to your request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.glacier#UploadsList": {
diff --git a/aws/sdk/aws-models/iam.json b/aws/sdk/aws-models/iam.json
index da5df834e7..bd2c1ac793 100644
--- a/aws/sdk/aws-models/iam.json
+++ b/aws/sdk/aws-models/iam.json
@@ -530,7 +530,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -559,13 +559,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -573,14 +572,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -589,64 +594,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "stringEquals",
+ "fn": "isSet",
"argv": [
{
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "name"
- ]
- },
- "aws"
+ "ref": "Region"
+ }
]
}
],
@@ -655,22 +638,13 @@
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
- ]
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
}
],
"type": "tree",
@@ -678,100 +652,221 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsFIPS"
+ "name"
+ ]
+ },
+ "aws"
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam-fips.{Region}.api.aws",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
},
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam-fips.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://iam-fips.{Region}.api.aws",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsFIPS"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam.{Region}.api.aws",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://iam-fips.amazonaws.com",
+ "url": "https://iam.amazonaws.com",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "iam"
+ "signingName": "iam",
+ "signingRegion": "us-east-1"
}
]
},
@@ -781,433 +876,433 @@
}
]
},
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsDualStack"
+ "name"
]
- }
+ },
+ "aws-cn"
]
}
],
"type": "tree",
"rules": [
{
- "conditions": [],
- "endpoint": {
- "url": "https://iam.{Region}.api.aws",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://iam.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam-fips.{Region}.api.amazonwebservices.com.cn",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
+ }
+ ]
},
- "name"
- ]
- },
- "aws-cn"
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
{
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam-fips.{Region}.amazonaws.com.cn",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
+ }
]
},
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam.{Region}.api.amazonwebservices.com.cn",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://iam-fips.{Region}.api.amazonwebservices.com.cn",
- "properties": {},
+ "url": "https://iam.cn-north-1.amazonaws.com.cn",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "cn-north-1"
+ }
+ ]
+ },
"headers": {}
},
"type": "endpoint"
}
]
},
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsFIPS"
+ "name"
]
- }
+ },
+ "aws-us-gov"
]
}
],
"type": "tree",
"rules": [
{
- "conditions": [],
- "endpoint": {
- "url": "https://iam-fips.{Region}.amazonaws.com.cn",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsDualStack"
+ true
]
- }
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://iam.{Region}.api.amazonwebservices.com.cn",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://iam.cn-north-1.amazonaws.com.cn",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "cn-north-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "name"
- ]
- },
- "aws-us-gov"
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
},
- "supportsFIPS"
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam-fips.{Region}.api.aws",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
},
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam.us-gov.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "us-gov-west-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://iam-fips.{Region}.api.aws",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsFIPS"
+ true
]
}
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam.{Region}.api.aws",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
+ }
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"endpoint": {
@@ -1216,8 +1311,8 @@
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "iam"
+ "signingName": "iam",
+ "signingRegion": "us-gov-west-1"
}
]
},
@@ -1227,234 +1322,182 @@
}
]
},
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsDualStack"
+ "name"
]
- }
+ },
+ "aws-iso"
]
}
],
"type": "tree",
"rules": [
{
- "conditions": [],
- "endpoint": {
- "url": "https://iam.{Region}.api.aws",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://iam.us-gov.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "name"
- ]
- },
- "aws-iso"
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam-fips.{Region}.c2s.ic.gov",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://iam-fips.{Region}.c2s.ic.gov",
- "properties": {},
+ "url": "https://iam.us-iso-east-1.c2s.ic.gov",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "us-iso-east-1"
+ }
+ ]
+ },
"headers": {}
},
"type": "endpoint"
}
]
},
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://iam.us-iso-east-1.c2s.ic.gov",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-iso-east-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "name"
- ]
- },
- "aws-iso-b"
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsFIPS"
+ "name"
]
- }
+ },
+ "aws-iso-b"
]
}
],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam-fips.{Region}.sc2s.sgov.gov",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
+ }
+ ]
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://iam-fips.{Region}.sc2s.sgov.gov",
- "properties": {},
+ "url": "https://iam.us-isob-east-1.sc2s.sgov.gov",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "us-isob-east-1"
+ }
+ ]
+ },
"headers": {}
},
"type": "endpoint"
@@ -1462,147 +1505,257 @@
]
},
{
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://iam.us-isob-east-1.sc2s.sgov.gov",
- "properties": {
- "authSchemes": [
+ "conditions": [
{
- "name": "sigv4",
- "signingRegion": "us-isob-east-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
},
- "supportsFIPS"
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
},
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "aws-global"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://iam-fips.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "aws-us-gov-global"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://iam.us-gov.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "us-gov-west-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://iam-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsFIPS"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://iam.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
@@ -1620,13 +1773,13 @@
}
],
"endpoint": {
- "url": "https://iam-fips.amazonaws.com",
+ "url": "https://iam.amazonaws.com",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "iam"
+ "signingName": "iam",
+ "signingRegion": "us-east-1"
}
]
},
@@ -1642,18 +1795,18 @@
{
"ref": "Region"
},
- "aws-us-gov-global"
+ "aws-cn-global"
]
}
],
"endpoint": {
- "url": "https://iam.us-gov.amazonaws.com",
+ "url": "https://iam.cn-north-1.amazonaws.com.cn",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "iam"
+ "signingName": "iam",
+ "signingRegion": "cn-north-1"
}
]
},
@@ -1662,67 +1815,90 @@
"type": "endpoint"
},
{
- "conditions": [],
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "aws-us-gov-global"
+ ]
+ }
+ ],
"endpoint": {
- "url": "https://iam-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
+ "url": "https://iam.us-gov.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "us-gov-west-1"
+ }
+ ]
+ },
"headers": {}
},
"type": "endpoint"
- }
- ]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "aws-iso-global"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://iam.us-iso-east-1.c2s.ic.gov",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "us-iso-east-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
{
- "fn": "getAttr",
- "argv": [
+ "conditions": [
{
- "ref": "PartitionResult"
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "aws-iso-b-global"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://iam.us-isob-east-1.sc2s.sgov.gov",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "us-isob-east-1"
+ }
+ ]
},
- "supportsDualStack"
- ]
- }
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "type": "tree",
- "rules": [
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://iam.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://iam.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -1731,163 +1907,13 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://iam.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-cn-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://iam.cn-north-1.amazonaws.com.cn",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "cn-north-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-us-gov-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://iam.us-gov.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-iso-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://iam.us-iso-east-1.c2s.ic.gov",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-iso-east-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-iso-b-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://iam.us-isob-east-1.sc2s.sgov.gov",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-isob-east-1",
- "signingName": "iam"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://iam.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -1902,8 +1928,8 @@
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
+ "signingName": "iam",
"signingRegion": "us-east-1"
}
]
@@ -1912,8 +1938,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "aws-global"
}
},
@@ -1924,8 +1950,8 @@
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
+ "signingName": "iam",
"signingRegion": "us-east-1"
}
]
@@ -1934,8 +1960,8 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "aws-global"
}
},
@@ -1947,8 +1973,8 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": true,
+ "UseFIPS": true,
"Region": "us-east-1"
}
},
@@ -1959,8 +1985,8 @@
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
+ "signingName": "iam",
"signingRegion": "us-east-1"
}
]
@@ -1969,8 +1995,8 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "us-east-1"
}
},
@@ -1982,8 +2008,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": true,
+ "UseFIPS": false,
"Region": "us-east-1"
}
},
@@ -1994,8 +2020,8 @@
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
+ "signingName": "iam",
"signingRegion": "us-east-1"
}
]
@@ -2004,20 +2030,103 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "us-east-1"
}
},
{
- "documentation": "For region aws-us-gov-global with FIPS disabled and DualStack disabled",
+ "documentation": "For region aws-cn-global with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "iam",
+ "signingRegion": "cn-north-1"
+ }
+ ]
+ },
+ "url": "https://iam.cn-north-1.amazonaws.com.cn"
+ }
+ },
+ "params": {
+ "UseDualStack": false,
+ "UseFIPS": false,
+ "Region": "aws-cn-global"
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://iam-fips.cn-north-1.api.amazonwebservices.com.cn"
+ }
+ },
+ "params": {
+ "UseDualStack": true,
+ "UseFIPS": true,
+ "Region": "cn-north-1"
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://iam-fips.cn-north-1.amazonaws.com.cn"
+ }
+ },
+ "params": {
+ "UseDualStack": false,
+ "UseFIPS": true,
+ "Region": "cn-north-1"
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://iam.cn-north-1.api.amazonwebservices.com.cn"
+ }
+ },
+ "params": {
+ "UseDualStack": true,
+ "UseFIPS": false,
+ "Region": "cn-north-1"
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
"properties": {
"authSchemes": [
{
+ "name": "sigv4",
"signingName": "iam",
+ "signingRegion": "cn-north-1"
+ }
+ ]
+ },
+ "url": "https://iam.cn-north-1.amazonaws.com.cn"
+ }
+ },
+ "params": {
+ "UseDualStack": false,
+ "UseFIPS": false,
+ "Region": "cn-north-1"
+ }
+ },
+ {
+ "documentation": "For region aws-us-gov-global with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
"name": "sigv4",
+ "signingName": "iam",
"signingRegion": "us-gov-west-1"
}
]
@@ -2026,8 +2135,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "aws-us-gov-global"
}
},
@@ -2038,8 +2147,8 @@
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
+ "signingName": "iam",
"signingRegion": "us-gov-west-1"
}
]
@@ -2048,8 +2157,8 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "aws-us-gov-global"
}
},
@@ -2061,8 +2170,8 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": true,
+ "UseFIPS": true,
"Region": "us-gov-east-1"
}
},
@@ -2073,8 +2182,8 @@
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
+ "signingName": "iam",
"signingRegion": "us-gov-west-1"
}
]
@@ -2083,8 +2192,8 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "us-gov-east-1"
}
},
@@ -2096,8 +2205,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": true,
+ "UseFIPS": false,
"Region": "us-gov-east-1"
}
},
@@ -2108,8 +2217,8 @@
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
+ "signingName": "iam",
"signingRegion": "us-gov-west-1"
}
]
@@ -2118,219 +2227,149 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "us-gov-east-1"
}
},
{
- "documentation": "For region aws-iso-b-global with FIPS disabled and DualStack disabled",
+ "documentation": "For region aws-iso-global with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
- "signingRegion": "us-isob-east-1"
+ "signingName": "iam",
+ "signingRegion": "us-iso-east-1"
}
]
},
- "url": "https://iam.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://iam.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "aws-iso-b-global"
+ "UseFIPS": false,
+ "Region": "aws-iso-global"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://iam-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://iam-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": true,
+ "Region": "us-iso-east-1"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
- "signingRegion": "us-isob-east-1"
+ "signingName": "iam",
+ "signingRegion": "us-iso-east-1"
}
]
},
- "url": "https://iam.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://iam.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false,
+ "Region": "us-iso-east-1"
}
},
{
- "documentation": "For region aws-cn-global with FIPS disabled and DualStack disabled",
+ "documentation": "For region aws-iso-b-global with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
- "signingRegion": "cn-north-1"
+ "signingName": "iam",
+ "signingRegion": "us-isob-east-1"
}
]
},
- "url": "https://iam.cn-north-1.amazonaws.com.cn"
- }
- },
- "params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "aws-cn-global"
- }
- },
- {
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://iam-fips.cn-north-1.api.amazonwebservices.com.cn"
- }
- },
- "params": {
- "UseFIPS": true,
- "UseDualStack": true,
- "Region": "cn-north-1"
- }
- },
- {
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://iam-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://iam.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "cn-north-1"
- }
- },
- {
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://iam.cn-north-1.api.amazonwebservices.com.cn"
- }
- },
- "params": {
"UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "aws-iso-b-global"
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "properties": {
- "authSchemes": [
- {
- "signingName": "iam",
- "name": "sigv4",
- "signingRegion": "cn-north-1"
- }
- ]
- },
- "url": "https://iam.cn-north-1.amazonaws.com.cn"
+ "url": "https://iam-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": true,
+ "Region": "us-isob-east-1"
}
},
{
- "documentation": "For region aws-iso-global with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
"properties": {
"authSchemes": [
{
- "signingName": "iam",
"name": "sigv4",
- "signingRegion": "us-iso-east-1"
+ "signingName": "iam",
+ "signingRegion": "us-isob-east-1"
}
]
},
- "url": "https://iam.us-iso-east-1.c2s.ic.gov"
+ "url": "https://iam.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "aws-iso-global"
+ "UseFIPS": false,
+ "Region": "us-isob-east-1"
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
- "url": "https://iam-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://example.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-iso-east-1"
- }
- },
- {
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "properties": {
- "authSchemes": [
- {
- "signingName": "iam",
- "name": "sigv4",
- "signingRegion": "us-iso-east-1"
- }
- ]
- },
- "url": "https://iam.us-iso-east-1.c2s.ic.gov"
- }
- },
- "params": {
"UseFIPS": false,
- "UseDualStack": false,
- "Region": "us-iso-east-1"
+ "Region": "us-east-1",
+ "Endpoint": "https://example.com"
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-east-1",
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -2340,8 +2379,8 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
@@ -2352,8 +2391,8 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
"UseDualStack": true,
+ "UseFIPS": false,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
@@ -2406,7 +2445,7 @@
"EntityPath": {
"target": "com.amazonaws.iam#organizationsEntityPathType",
"traits": {
- "smithy.api#documentation": "The path of the Organizations entity (root, organizational unit, or account) from which an\n authenticated principal last attempted to access the service. Amazon Web Services does not report\n unauthenticated requests.
\n This field is null if no principals (IAM users, IAM roles, or root users) in the\n reported Organizations entity attempted to access the service within the tracking period.
"
+ "smithy.api#documentation": "The path of the Organizations entity (root, organizational unit, or account) from which an\n authenticated principal last attempted to access the service. Amazon Web Services does not report\n unauthenticated requests.
\n This field is null if no principals (IAM users, IAM roles, or root user) in the\n reported Organizations entity attempted to access the service within the tracking period.
"
}
},
"LastAuthenticatedTime": {
@@ -2418,7 +2457,7 @@
"TotalAuthenticatedEntities": {
"target": "com.amazonaws.iam#integerType",
"traits": {
- "smithy.api#documentation": "The number of accounts with authenticated principals (root users, IAM users, and IAM\n roles) that attempted to access the service in the tracking period.
"
+ "smithy.api#documentation": "The number of accounts with authenticated principals (root user, IAM users, and IAM\n roles) that attempted to access the service in the tracking period.
"
}
}
},
@@ -2573,7 +2612,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds a new client ID (also known as audience) to the list of client IDs already\n registered for the specified IAM OpenID Connect (OIDC) provider resource.
\n This operation is idempotent; it does not fail or return an error if you add an\n existing client ID to the provider.
"
+ "smithy.api#documentation": "Adds a new client ID (also known as audience) to the list of client IDs already\n registered for the specified IAM OpenID Connect (OIDC) provider resource.
\n This operation is idempotent; it does not fail or return an error if you add an\n existing client ID to the provider.
"
}
},
"com.amazonaws.iam#AddClientIDToOpenIDConnectProviderRequest": {
@@ -2593,6 +2632,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#AddRoleToInstanceProfile": {
@@ -2621,7 +2663,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds the specified IAM role to the specified instance profile. An instance profile\n can contain only one role, and this quota cannot be increased. You can remove the\n existing role and then add a different role to an instance profile. You must then wait\n for the change to appear across all of Amazon Web Services because of eventual\n consistency. To force the change, you must disassociate the instance profile and then associate the\n instance profile, or you can stop your instance and then restart it.
\n \n The caller of this operation must be granted the PassRole permission\n on the IAM role by a permissions policy.
\n \n For more information about roles, see Working with roles. For more\n information about instance profiles, see About instance\n profiles.
"
+ "smithy.api#documentation": "Adds the specified IAM role to the specified instance profile. An instance profile\n can contain only one role, and this quota cannot be increased. You can remove the\n existing role and then add a different role to an instance profile. You must then wait\n for the change to appear across all of Amazon Web Services because of eventual\n consistency. To force the change, you must disassociate the instance profile and then associate the\n instance profile, or you can stop your instance and then restart it.
\n \n The caller of this operation must be granted the PassRole permission\n on the IAM role by a permissions policy.
\n \n For more information about roles, see Working with roles. For more\n information about instance profiles, see About instance\n profiles.
"
}
},
"com.amazonaws.iam#AddRoleToInstanceProfileRequest": {
@@ -2630,17 +2672,20 @@
"InstanceProfileName": {
"target": "com.amazonaws.iam#instanceProfileNameType",
"traits": {
- "smithy.api#documentation": "The name of the instance profile to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the instance profile to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the role to add.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the role to add.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#AddUserToGroup": {
@@ -2672,17 +2717,20 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name of the group to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the group to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user to add.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user to add.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ArnListType": {
@@ -2717,7 +2765,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Attaches the specified managed policy to the specified IAM group.
\n You use this operation to attach a managed policy to a group. To embed an inline\n policy in a group, use PutGroupPolicy.
\n As a best practice, you can validate your IAM policies. \n To learn more, see Validating IAM policies \n in the IAM User Guide.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Attaches the specified managed policy to the specified IAM group.
\n You use this operation to attach a managed policy to a group. To embed an inline\n policy in a group, use PutGroupPolicy.
\n As a best practice, you can validate your IAM policies. \n To learn more, see Validating IAM policies \n in the IAM User Guide.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#AttachGroupPolicyRequest": {
@@ -2726,17 +2774,20 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) of the group to attach the policy to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) of the group to attach the policy to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#AttachRolePolicy": {
@@ -2768,7 +2819,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Attaches the specified managed policy to the specified IAM role. When you attach a\n managed policy to a role, the managed policy becomes part of the role's permission\n (access) policy.
\n \n You cannot use a managed policy as the role's trust policy. The role's trust\n policy is created at the same time as the role, using CreateRole.\n You can update a role's trust policy using UpdateAssumeRolePolicy.
\n \n Use this operation to attach a managed policy to a role. To embed\n an inline policy in a role, use PutRolePolicy. For more information\n about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n As a best practice, you can validate your IAM policies. \n To learn more, see Validating IAM policies \n in the IAM User Guide.
"
+ "smithy.api#documentation": "Attaches the specified managed policy to the specified IAM role. When you attach a\n managed policy to a role, the managed policy becomes part of the role's permission\n (access) policy.
\n \n You cannot use a managed policy as the role's trust policy. The role's trust\n policy is created at the same time as the role, using CreateRole.\n You can update a role's trust policy using UpdateAssumeRolePolicy.
\n \n Use this operation to attach a managed policy to a role. To embed\n an inline policy in a role, use PutRolePolicy. For more information\n about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n As a best practice, you can validate your IAM policies. \n To learn more, see Validating IAM policies \n in the IAM User Guide.
"
}
},
"com.amazonaws.iam#AttachRolePolicyRequest": {
@@ -2777,17 +2828,20 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) of the role to attach the policy to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) of the role to attach the policy to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#AttachUserPolicy": {
@@ -2816,7 +2870,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Attaches the specified managed policy to the specified user.
\n You use this operation to attach a managed policy to a user. To\n embed an inline policy in a user, use PutUserPolicy.
\n As a best practice, you can validate your IAM policies. \n To learn more, see Validating IAM policies \n in the IAM User Guide.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Attaches the specified managed policy to the specified user.
\n You use this operation to attach a managed policy to a user. To\n embed an inline policy in a user, use PutUserPolicy.
\n As a best practice, you can validate your IAM policies. \n To learn more, see Validating IAM policies \n in the IAM User Guide.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#AttachUserPolicyRequest": {
@@ -2825,17 +2879,20 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) of the IAM user to attach the policy to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) of the IAM user to attach the policy to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#AttachedPermissionsBoundary": {
@@ -2910,7 +2967,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Changes the password of the IAM user who is calling this operation. This operation\n can be performed using the CLI, the Amazon Web Services API, or the My\n Security Credentials page in the Amazon Web Services Management Console. The Amazon Web Services account root user\n password is not affected by this operation.
\n Use UpdateLoginProfile to use the CLI, the Amazon Web Services API, or the\n Users page in the IAM console to change the\n password for any IAM user. For more information about modifying passwords, see Managing\n passwords in the IAM User Guide.
"
+ "smithy.api#documentation": "Changes the password of the IAM user who is calling this operation. This operation\n can be performed using the CLI, the Amazon Web Services API, or the My\n Security Credentials page in the Amazon Web Services Management Console. The Amazon Web Services account root user password is\n not affected by this operation.
\n Use UpdateLoginProfile to use the CLI, the Amazon Web Services API, or the\n Users page in the IAM console to change the\n password for any IAM user. For more information about modifying passwords, see Managing\n passwords in the IAM User Guide.
"
}
},
"com.amazonaws.iam#ChangePasswordRequest": {
@@ -2926,10 +2983,13 @@
"NewPassword": {
"target": "com.amazonaws.iam#passwordType",
"traits": {
- "smithy.api#documentation": "The new password. The new password must conform to the Amazon Web Services account's password\n policy, if one exists.
\n The regex pattern \n that is used to validate this parameter is a string of characters. That string can include almost any printable \n ASCII character from the space (\\u0020) through the end of the ASCII character range (\\u00FF). \n You can also include the tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) \n characters. Any of these characters are valid in a password. However, many tools, such \n as the Amazon Web Services Management Console, might restrict the ability to type certain characters because they have \n special meaning within that tool.
",
+ "smithy.api#documentation": "The new password. The new password must conform to the Amazon Web Services account's password\n policy, if one exists.
\n The regex pattern \n that is used to validate this parameter is a string of characters. That string can include almost any printable \n ASCII character from the space (\\u0020) through the end of the ASCII character range (\\u00FF). \n You can also include the tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) \n characters. Any of these characters are valid in a password. However, many tools, such \n as the Amazon Web Services Management Console, might restrict the ability to type certain characters because they have \n special meaning within that tool.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ColumnNumber": {
@@ -3111,7 +3171,7 @@
}
],
"traits": {
- "smithy.api#documentation": " Creates a new Amazon Web Services secret access key and corresponding Amazon Web Services access key ID for the\n specified user. The default status for new keys is Active.
\n If you do not specify a user name, IAM determines the user name implicitly based on\n the Amazon Web Services access key ID signing the request. This operation works for access keys under\n the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root\n user credentials. This is true even if the Amazon Web Services account has no associated users.
\n For information about quotas on the number of keys you can create, see IAM and STS\n quotas in the IAM User Guide.
\n \n To ensure the security of your Amazon Web Services account, the secret access key is accessible\n only during key and user creation. You must save the key (for example, in a text\n file) if you want to be able to access it again. If a secret key is lost, you can\n delete the access keys for the associated user and then create new keys.
\n "
+ "smithy.api#documentation": " Creates a new Amazon Web Services secret access key and corresponding Amazon Web Services access key ID for the\n specified user. The default status for new keys is Active.
\n If you do not specify a user name, IAM determines the user name implicitly based on\n the Amazon Web Services access key ID signing the request. This operation works for access keys under\n the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root\n user credentials. This is true even if the Amazon Web Services account has no associated users.
\n For information about quotas on the number of keys you can create, see IAM and STS\n quotas in the IAM User Guide.
\n \n To ensure the security of your Amazon Web Services account, the secret access key is accessible\n only during key and user creation. You must save the key (for example, in a text\n file) if you want to be able to access it again. If a secret key is lost, you can\n delete the access keys for the associated user and then create new keys.
\n "
}
},
"com.amazonaws.iam#CreateAccessKeyRequest": {
@@ -3120,9 +3180,12 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user that the new key will belong to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the IAM user that the new key will belong to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateAccessKeyResponse": {
@@ -3137,7 +3200,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreateAccessKey request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful CreateAccessKey request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateAccountAlias": {
@@ -3169,10 +3233,13 @@
"AccountAlias": {
"target": "com.amazonaws.iam#accountAliasType",
"traits": {
- "smithy.api#documentation": "The account alias to create.
\n This parameter allows (through its regex pattern) a string of characters consisting of \n lowercase letters, digits, and dashes. You cannot start or finish with a dash, nor can you have \n two dashes in a row.
",
+ "smithy.api#documentation": "The account alias to create.
\n This parameter allows (through its regex pattern) a string of characters consisting of \n lowercase letters, digits, and dashes. You cannot start or finish with a dash, nor can you have \n two dashes in a row.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateGroup": {
@@ -3198,7 +3265,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a new group.
\n For information about the number of groups you can create, see IAM and STS\n quotas in the IAM User Guide.
"
+ "smithy.api#documentation": "Creates a new group.
\n For information about the number of groups you can create, see IAM and STS\n quotas in the IAM User Guide.
"
}
},
"com.amazonaws.iam#CreateGroupRequest": {
@@ -3207,16 +3274,19 @@
"Path": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": " The path to the group. For more information about paths, see IAM\n identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path to the group. For more information about paths, see IAM\n identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name of the group to create. Do not include the path in this value.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
",
+ "smithy.api#documentation": "The name of the group to create. Do not include the path in this value.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateGroupResponse": {
@@ -3231,7 +3301,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreateGroup request.
"
+ "smithy.api#documentation": "Contains the response to a successful CreateGroup request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateInstanceProfile": {
@@ -3260,7 +3331,7 @@
}
],
"traits": {
- "smithy.api#documentation": " Creates a new instance profile. For information about instance profiles, see Using\n roles for applications on Amazon EC2 in the\n IAM User Guide, and Instance profiles in the Amazon EC2 User Guide.
\n For information about the number of instance profiles you can create, see IAM object\n quotas in the IAM User Guide.
"
+ "smithy.api#documentation": " Creates a new instance profile. For information about instance profiles, see Using\n roles for applications on Amazon EC2 in the\n IAM User Guide, and Instance profiles in the Amazon EC2 User Guide.
\n For information about the number of instance profiles you can create, see IAM object\n quotas in the IAM User Guide.
"
}
},
"com.amazonaws.iam#CreateInstanceProfileRequest": {
@@ -3269,14 +3340,14 @@
"InstanceProfileName": {
"target": "com.amazonaws.iam#instanceProfileNameType",
"traits": {
- "smithy.api#documentation": "The name of the instance profile to create.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the instance profile to create.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"Path": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": " The path to the instance profile. For more information about paths, see IAM\n Identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path to the instance profile. For more information about paths, see IAM\n Identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"Tags": {
@@ -3285,6 +3356,9 @@
"smithy.api#documentation": "A list of tags that you want to attach to the newly created IAM instance profile.\n Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateInstanceProfileResponse": {
@@ -3299,7 +3373,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreateInstanceProfile request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful CreateInstanceProfile request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateLoginProfile": {
@@ -3328,7 +3403,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a password for the specified IAM user. A password allows an IAM user to\n access Amazon Web Services services through the Amazon Web Services Management Console.
\n You can use the CLI, the Amazon Web Services API, or the Users\n page in the IAM console to create a password for any IAM user. Use ChangePassword to update your own existing password in the My Security Credentials page in the Amazon Web Services Management Console.
\n For more information about managing passwords, see Managing passwords in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Creates a password for the specified IAM user. A password allows an IAM user to\n access Amazon Web Services services through the Amazon Web Services Management Console.
\n You can use the CLI, the Amazon Web Services API, or the Users\n page in the IAM console to create a password for any IAM user. Use ChangePassword to update your own existing password in the My Security Credentials page in the Amazon Web Services Management Console.
\n For more information about managing passwords, see Managing passwords in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#CreateLoginProfileRequest": {
@@ -3337,14 +3412,14 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user to create a password for. The user must already\n exist.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the IAM user to create a password for. The user must already\n exist.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"Password": {
"target": "com.amazonaws.iam#passwordType",
"traits": {
- "smithy.api#documentation": "The new password for the user.
\n The regex pattern \n that is used to validate this parameter is a string of characters. That string can include almost any printable \n ASCII character from the space (\\u0020) through the end of the ASCII character range (\\u00FF). \n You can also include the tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) \n characters. Any of these characters are valid in a password. However, many tools, such \n as the Amazon Web Services Management Console, might restrict the ability to type certain characters because they have \n special meaning within that tool.
",
+ "smithy.api#documentation": "The new password for the user.
\n The regex pattern \n that is used to validate this parameter is a string of characters. That string can include almost any printable \n ASCII character from the space (\\u0020) through the end of the ASCII character range (\\u00FF). \n You can also include the tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) \n characters. Any of these characters are valid in a password. However, many tools, such \n as the Amazon Web Services Management Console, might restrict the ability to type certain characters because they have \n special meaning within that tool.
",
"smithy.api#required": {}
}
},
@@ -3355,6 +3430,9 @@
"smithy.api#documentation": "Specifies whether the user is required to set a new password on next sign-in.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateLoginProfileResponse": {
@@ -3369,7 +3447,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreateLoginProfile request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful CreateLoginProfile request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateOpenIDConnectProvider": {
@@ -3398,7 +3477,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC).
\n The OIDC provider that you create with this operation can be used as a principal in a\n role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and\n the OIDC provider.
\n If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't\n need to create a separate IAM identity provider. These OIDC identity providers are\n already built-in to Amazon Web Services and are available for your use. Instead, you can move directly\n to creating new roles using your identity provider. To learn more, see Creating\n a role for web identity or OpenID connect federation in the IAM\n User Guide.
\n When you create the IAM OIDC provider, you specify the following:
\n \n - \n
The URL of the OIDC identity provider (IdP) to trust
\n \n - \n
A list of client IDs (also known as audiences) that identify the application\n or applications allowed to authenticate using the OIDC provider
\n \n - \n
A list of thumbprints of one or more server certificates that the IdP\n uses
\n \n
\n You get all of this information from the OIDC IdP you want to use to access\n Amazon Web Services.
\n \n Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our\n library of trusted certificate authorities (CAs) instead of using a certificate\n thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, and\n those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these\n cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.
\n \n \n The trust for the OIDC provider is derived from the IAM provider that this\n operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged\n users.
\n "
+ "smithy.api#documentation": "Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC).
\n The OIDC provider that you create with this operation can be used as a principal in a\n role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and\n the OIDC provider.
\n If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't\n need to create a separate IAM identity provider. These OIDC identity providers are\n already built-in to Amazon Web Services and are available for your use. Instead, you can move directly\n to creating new roles using your identity provider. To learn more, see Creating\n a role for web identity or OpenID connect federation in the IAM\n User Guide.
\n When you create the IAM OIDC provider, you specify the following:
\n \n - \n
The URL of the OIDC identity provider (IdP) to trust
\n \n - \n
A list of client IDs (also known as audiences) that identify the application\n or applications allowed to authenticate using the OIDC provider
\n \n - \n
A list of tags that are attached to the specified IAM OIDC provider
\n \n - \n
A list of thumbprints of one or more server certificates that the IdP\n uses
\n \n
\n You get all of this information from the OIDC IdP you want to use to access\n Amazon Web Services.
\n \n Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our\n library of trusted certificate authorities (CAs) instead of using a certificate\n thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0,\n and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these\n cases, your legacy thumbprint remains in your configuration, but is no longer used for\n validation.
\n \n \n The trust for the OIDC provider is derived from the IAM provider that this\n operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged\n users.
\n "
}
},
"com.amazonaws.iam#CreateOpenIDConnectProviderRequest": {
@@ -3407,20 +3486,20 @@
"Url": {
"target": "com.amazonaws.iam#OpenIDConnectProviderUrlType",
"traits": {
- "smithy.api#documentation": "The URL of the identity provider. The URL must begin with https:// and\n should correspond to the iss claim in the provider's OpenID Connect ID\n tokens. Per the OIDC standard, path components are allowed but query parameters are not.\n Typically the URL consists of only a hostname, like\n https://server.example.org or https://example.com. The URL\n should not contain a port number.
\n You cannot register the same provider multiple times in a single Amazon Web Services account. If you\n try to submit a URL that has already been used for an OpenID Connect provider in the\n Amazon Web Services account, you will get an error.
",
+ "smithy.api#documentation": "The URL of the identity provider. The URL must begin with https:// and\n should correspond to the iss claim in the provider's OpenID Connect ID\n tokens. Per the OIDC standard, path components are allowed but query parameters are not.\n Typically the URL consists of only a hostname, like\n https://server.example.org or https://example.com. The URL\n should not contain a port number.
\n You cannot register the same provider multiple times in a single Amazon Web Services account. If you\n try to submit a URL that has already been used for an OpenID Connect provider in the\n Amazon Web Services account, you will get an error.
",
"smithy.api#required": {}
}
},
"ClientIDList": {
"target": "com.amazonaws.iam#clientIDListType",
"traits": {
- "smithy.api#documentation": "Provides a list of client IDs, also known as audiences. When a mobile or web app\n registers with an OpenID Connect provider, they establish a value that identifies the\n application. This is the value that's sent as the client_id parameter on\n OAuth requests.
\n You can register multiple client IDs with the same provider. For example, you might\n have multiple applications that use the same OIDC provider. You cannot register more\n than 100 client IDs with a single IAM OIDC provider.
\n There is no defined format for a client ID. The\n CreateOpenIDConnectProviderRequest operation accepts client IDs up to\n 255 characters long.
"
+ "smithy.api#documentation": "Provides a list of client IDs, also known as audiences. When a mobile or web app\n registers with an OpenID Connect provider, they establish a value that identifies the\n application. This is the value that's sent as the client_id parameter on\n OAuth requests.
\n You can register multiple client IDs with the same provider. For example, you might\n have multiple applications that use the same OIDC provider. You cannot register more\n than 100 client IDs with a single IAM OIDC provider.
\n There is no defined format for a client ID. The\n CreateOpenIDConnectProviderRequest operation accepts client IDs up to\n 255 characters long.
"
}
},
"ThumbprintList": {
"target": "com.amazonaws.iam#thumbprintListType",
"traits": {
- "smithy.api#documentation": "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity\n provider's server certificates. Typically this list includes only one entry. However,\n IAM lets you have up to five thumbprints for an OIDC provider. This lets you maintain\n multiple thumbprints if the identity provider is rotating certificates.
\n The server certificate thumbprint is the hex-encoded SHA-1 hash value of the X.509\n certificate used by the domain where the OpenID Connect provider makes its keys\n available. It is always a 40-character string.
\n You must provide at least one thumbprint when creating an IAM OIDC provider. For\n example, assume that the OIDC provider is server.example.com and the\n provider stores its keys at https://keys.server.example.com/openid-connect. In that\n case, the thumbprint string would be the hex-encoded SHA-1 hash value of the certificate\n used by https://keys.server.example.com.\n
\n For more information about obtaining the OIDC provider thumbprint, see Obtaining the\n thumbprint for an OpenID Connect provider in the IAM User\n Guide.
",
+ "smithy.api#documentation": "A list of server certificate thumbprints for the OpenID Connect (OIDC) identity\n provider's server certificates. Typically this list includes only one entry. However,\n IAM lets you have up to five thumbprints for an OIDC provider. This lets you maintain\n multiple thumbprints if the identity provider is rotating certificates.
\n The server certificate thumbprint is the hex-encoded SHA-1 hash value of the X.509\n certificate used by the domain where the OpenID Connect provider makes its keys\n available. It is always a 40-character string.
\n You must provide at least one thumbprint when creating an IAM OIDC provider. For\n example, assume that the OIDC provider is server.example.com and the\n provider stores its keys at https://keys.server.example.com/openid-connect. In that\n case, the thumbprint string would be the hex-encoded SHA-1 hash value of the certificate\n used by https://keys.server.example.com.\n
\n For more information about obtaining the OIDC provider thumbprint, see Obtaining the\n thumbprint for an OpenID Connect provider in the IAM user\n Guide.
",
"smithy.api#required": {}
}
},
@@ -3430,6 +3509,9 @@
"smithy.api#documentation": "A list of tags that you want to attach to the new IAM OpenID Connect (OIDC) provider.\n Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateOpenIDConnectProviderResponse": {
@@ -3449,7 +3531,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreateOpenIDConnectProvider\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful CreateOpenIDConnectProvider\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreatePolicy": {
@@ -3481,7 +3564,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a new managed policy for your Amazon Web Services account.
\n This operation creates a policy version with a version identifier of v1\n and sets v1 as the policy's default version. For more information about policy versions,\n see Versioning for managed policies in the\n IAM User Guide.
\n As a best practice, you can validate your IAM policies. \n To learn more, see Validating IAM policies \n in the IAM User Guide.
\n For more information about managed policies in general, see Managed\n policies and inline policies in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Creates a new managed policy for your Amazon Web Services account.
\n This operation creates a policy version with a version identifier of v1\n and sets v1 as the policy's default version. For more information about policy versions,\n see Versioning for managed policies in the\n IAM User Guide.
\n As a best practice, you can validate your IAM policies. \n To learn more, see Validating IAM policies \n in the IAM User Guide.
\n For more information about managed policies in general, see Managed\n policies and inline policies in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#CreatePolicyRequest": {
@@ -3490,27 +3573,27 @@
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The friendly name of the policy.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
",
+ "smithy.api#documentation": "The friendly name of the policy.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
",
"smithy.api#required": {}
}
},
"Path": {
"target": "com.amazonaws.iam#policyPathType",
"traits": {
- "smithy.api#documentation": "The path for the policy.
\n For more information about paths, see IAM identifiers in the\n IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
\n \n You cannot use an asterisk (*) in the path name.
\n "
+ "smithy.api#documentation": "The path for the policy.
\n For more information about paths, see IAM identifiers in the\n IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
\n \n You cannot use an asterisk (*) in the path name.
\n "
}
},
"PolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The JSON policy document that you want to use as the content for the new\n policy.
\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n To learn more about JSON policy grammar, see Grammar of the IAM JSON\n policy language in the IAM User Guide.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The JSON policy document that you want to use as the content for the new\n policy.
\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n To learn more about JSON policy grammar, see Grammar of the IAM JSON\n policy language in the IAM User Guide.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
},
"Description": {
"target": "com.amazonaws.iam#policyDescriptionType",
"traits": {
- "smithy.api#documentation": "A friendly description of the policy.
\n Typically used to store information about the permissions defined in the policy. For\n example, \"Grants access to production DynamoDB tables.\"
\n The policy description is immutable. After a value is assigned, it cannot be\n changed.
"
+ "smithy.api#documentation": "A friendly description of the policy.
\n Typically used to store information about the permissions defined in the policy. For\n example, \"Grants access to production DynamoDB tables.\"
\n The policy description is immutable. After a value is assigned, it cannot be\n changed.
"
}
},
"Tags": {
@@ -3519,6 +3602,9 @@
"smithy.api#documentation": "A list of tags that you want to attach to the new IAM customer managed policy.\n Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreatePolicyResponse": {
@@ -3532,7 +3618,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreatePolicy request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful CreatePolicy request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreatePolicyVersion": {
@@ -3561,7 +3648,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a new version of the specified managed policy. To update a managed policy, you\n create a new policy version. A managed policy can have up to five versions. If the\n policy has five versions, you must delete an existing version using DeletePolicyVersion before you create a new version.
\n Optionally, you can set the new version as the policy's default version. The default\n version is the version that is in effect for the IAM users, groups, and roles to which\n the policy is attached.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Creates a new version of the specified managed policy. To update a managed policy, you\n create a new policy version. A managed policy can have up to five versions. If the\n policy has five versions, you must delete an existing version using DeletePolicyVersion before you create a new version.
\n Optionally, you can set the new version as the policy's default version. The default\n version is the version that is in effect for the IAM users, groups, and roles to which\n the policy is attached.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#CreatePolicyVersionRequest": {
@@ -3570,14 +3657,14 @@
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy to which you want to add a new\n version.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy to which you want to add a new\n version.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
"PolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The JSON policy document that you want to use as the content for this new version of\n the policy.
\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The JSON policy document that you want to use as the content for this new version of\n the policy.
\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
},
@@ -3585,9 +3672,12 @@
"target": "com.amazonaws.iam#booleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "Specifies whether to set this version as the policy's default version.
\n When this parameter is true, the new policy version becomes the operative\n version. That is, it becomes the version that is in effect for the IAM users, groups,\n and roles that the policy is attached to.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Specifies whether to set this version as the policy's default version.
\n When this parameter is true, the new policy version becomes the operative\n version. That is, it becomes the version that is in effect for the IAM users, groups,\n and roles that the policy is attached to.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreatePolicyVersionResponse": {
@@ -3601,7 +3691,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreatePolicyVersion request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful CreatePolicyVersion request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateRole": {
@@ -3642,20 +3733,20 @@
"Path": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": " The path to the role. For more information about paths, see IAM\n Identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path to the role. For more information about paths, see IAM\n Identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the role to create.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
",
+ "smithy.api#documentation": "The name of the role to create.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"AssumeRolePolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The trust relationship policy document that grants an entity permission to assume the\n role.
\n In IAM, you must provide a JSON policy that has been converted to a string. However,\n for CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML\n format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
\n Upon success, the response includes the same trust policy in JSON format.
",
+ "smithy.api#documentation": "The trust relationship policy document that grants an entity permission to assume the\n role.
\n In IAM, you must provide a JSON policy that has been converted to a string. However,\n for CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML\n format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
\n Upon success, the response includes the same trust policy in JSON format.
",
"smithy.api#required": {}
}
},
@@ -3668,13 +3759,13 @@
"MaxSessionDuration": {
"target": "com.amazonaws.iam#roleMaxSessionDurationType",
"traits": {
- "smithy.api#documentation": "The maximum session duration (in seconds) that you want to set for the specified role.\n If you do not specify a value for this setting, the default value of one hour is\n applied. This setting can have a value from 1 hour to 12 hours.
\n Anyone who assumes the role from the CLI or API can use the DurationSeconds\n API parameter or the duration-seconds CLI parameter to request a longer\n session. The MaxSessionDuration setting determines the maximum duration\n that can be requested using the DurationSeconds parameter. If users don't\n specify a value for the DurationSeconds parameter, their security\n credentials are valid for one hour by default. This applies when you use the\n AssumeRole* API operations or the assume-role* CLI\n operations but does not apply when you use those operations to create a console URL. For\n more information, see Using IAM roles in the IAM User Guide.
"
+ "smithy.api#documentation": "The maximum session duration (in seconds) that you want to set for the specified role.\n If you do not specify a value for this setting, the default value of one hour is\n applied. This setting can have a value from 1 hour to 12 hours.
\n Anyone who assumes the role from the CLI or API can use the\n DurationSeconds API parameter or the duration-seconds\n CLI parameter to request a longer session. The MaxSessionDuration setting\n determines the maximum duration that can be requested using the\n DurationSeconds parameter. If users don't specify a value for the\n DurationSeconds parameter, their security credentials are valid for one\n hour by default. This applies when you use the AssumeRole* API operations\n or the assume-role* CLI operations but does not apply when you use those\n operations to create a console URL. For more information, see Using IAM\n roles in the IAM User Guide.
"
}
},
"PermissionsBoundary": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The ARN of the policy that is used to set the permissions boundary for the\n role.
"
+ "smithy.api#documentation": "The ARN of the managed policy that is used to set the permissions boundary for the\n role.
\n A permissions boundary policy defines the maximum permissions that identity-based\n policies can grant to an entity, but does not grant permissions. Permissions boundaries\n do not define the maximum permissions that a resource-based policy can grant to an\n entity. To learn more, see Permissions boundaries\n for IAM entities in the IAM User Guide.
\n For more information about policy types, see Policy types\n in the IAM User Guide.
"
}
},
"Tags": {
@@ -3683,6 +3774,9 @@
"smithy.api#documentation": "A list of tags that you want to attach to the new role. Each tag consists of a key name and an associated value.\n For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateRoleResponse": {
@@ -3697,7 +3791,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreateRole request.
"
+ "smithy.api#documentation": "Contains the response to a successful CreateRole request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateSAMLProvider": {
@@ -3726,7 +3821,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates an IAM resource that describes an identity provider (IdP) that supports SAML\n 2.0.
\n The SAML provider resource that you create with this operation can be used as a\n principal in an IAM role's trust policy. Such a policy can enable federated users who\n sign in using the SAML IdP to assume the role. You can create an IAM role that\n supports Web-based single sign-on (SSO) to the Amazon Web Services Management Console or one that supports API access\n to Amazon Web Services.
\n When you create the SAML provider resource, you upload a SAML metadata document that\n you get from your IdP. That document includes the issuer's name, expiration information,\n and keys that can be used to validate the SAML authentication response (assertions) that\n the IdP sends. You must generate the metadata document using the identity management\n software that is used as your organization's IdP.
\n \n This operation requires Signature Version 4.
\n \n For more information, see Enabling SAML 2.0\n federated users to access the Amazon Web Services Management Console and About SAML 2.0-based\n federation in the IAM User Guide.
"
+ "smithy.api#documentation": "Creates an IAM resource that describes an identity provider (IdP) that supports SAML\n 2.0.
\n The SAML provider resource that you create with this operation can be used as a\n principal in an IAM role's trust policy. Such a policy can enable federated users who\n sign in using the SAML IdP to assume the role. You can create an IAM role that\n supports Web-based single sign-on (SSO) to the Amazon Web Services Management Console or one that supports API access\n to Amazon Web Services.
\n When you create the SAML provider resource, you upload a SAML metadata document that\n you get from your IdP. That document includes the issuer's name, expiration information,\n and keys that can be used to validate the SAML authentication response (assertions) that\n the IdP sends. You must generate the metadata document using the identity management\n software that is used as your organization's IdP.
\n \n This operation requires Signature Version 4.
\n \n For more information, see Enabling SAML 2.0\n federated users to access the Amazon Web Services Management Console and About SAML 2.0-based\n federation in the IAM User Guide.
"
}
},
"com.amazonaws.iam#CreateSAMLProviderRequest": {
@@ -3735,14 +3830,14 @@
"SAMLMetadataDocument": {
"target": "com.amazonaws.iam#SAMLMetadataDocumentType",
"traits": {
- "smithy.api#documentation": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The\n document includes the issuer's name, expiration information, and keys that can be used\n to validate the SAML authentication response (assertions) that are received from the\n IdP. You must generate the metadata document using the identity management software that\n is used as your organization's IdP.
\n For more information, see About SAML 2.0-based\n federation in the IAM User Guide\n
",
+ "smithy.api#documentation": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The\n document includes the issuer's name, expiration information, and keys that can be used\n to validate the SAML authentication response (assertions) that are received from the\n IdP. You must generate the metadata document using the identity management software that\n is used as your organization's IdP.
\n For more information, see About SAML 2.0-based\n federation in the IAM User Guide\n
",
"smithy.api#required": {}
}
},
"Name": {
"target": "com.amazonaws.iam#SAMLProviderNameType",
"traits": {
- "smithy.api#documentation": "The name of the provider to create.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the provider to create.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -3752,6 +3847,9 @@
"smithy.api#documentation": "A list of tags that you want to attach to the new IAM SAML provider.\n Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateSAMLProviderResponse": {
@@ -3771,7 +3869,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreateSAMLProvider request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful CreateSAMLProvider request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateServiceLinkedRole": {
@@ -3797,7 +3896,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates an IAM role that is linked to a specific Amazon Web Services service. The service controls\n the attached policies and when the role can be deleted. This helps ensure that the\n service is not broken by an unexpectedly changed or deleted role, which could put your\n Amazon Web Services resources into an unknown state. Allowing the service to control the role helps\n improve service stability and proper cleanup when a service and its role are no longer\n needed. For more information, see Using service-linked\n roles in the IAM User Guide.
\n To attach a policy to this service-linked role, you must make the request using the\n Amazon Web Services service that depends on this role.
"
+ "smithy.api#documentation": "Creates an IAM role that is linked to a specific Amazon Web Services service. The service controls\n the attached policies and when the role can be deleted. This helps ensure that the\n service is not broken by an unexpectedly changed or deleted role, which could put your\n Amazon Web Services resources into an unknown state. Allowing the service to control the role helps\n improve service stability and proper cleanup when a service and its role are no longer\n needed. For more information, see Using service-linked\n roles in the IAM User Guide.
\n To attach a policy to this service-linked role, you must make the request using the\n Amazon Web Services service that depends on this role.
"
}
},
"com.amazonaws.iam#CreateServiceLinkedRoleRequest": {
@@ -3806,7 +3905,7 @@
"AWSServiceName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The service principal for the Amazon Web Services service to which this role is attached. You use a\n string similar to a URL but without the http:// in front. For example:\n elasticbeanstalk.amazonaws.com.
\n Service principals are unique and case-sensitive. To find the exact service principal\n for your service-linked role, see Amazon Web Services services\n that work with IAM in the IAM User Guide. Look for\n the services that have Yes in the Service-Linked Role column. Choose the Yes link to view the service-linked role documentation for that\n service.
",
+ "smithy.api#documentation": "The service principal for the Amazon Web Services service to which this role is attached. You use a\n string similar to a URL but without the http:// in front. For example:\n elasticbeanstalk.amazonaws.com.
\n Service principals are unique and case-sensitive. To find the exact service principal\n for your service-linked role, see Amazon Web Services services\n that work with IAM in the IAM User Guide. Look for\n the services that have Yes in the Service-Linked Role column. Choose the Yes link to view the service-linked role documentation for that\n service.
",
"smithy.api#required": {}
}
},
@@ -3819,9 +3918,12 @@
"CustomSuffix": {
"target": "com.amazonaws.iam#customSuffixType",
"traits": {
- "smithy.api#documentation": "\n A string that you provide, which is combined with the service-provided prefix to form\n the complete role name. If you make multiple requests for the same service, then you\n must supply a different CustomSuffix for each request. Otherwise the\n request fails with a duplicate role name error. For example, you could add\n -1 or -debug to the suffix.
\n Some services do not support the CustomSuffix parameter. If you provide\n an optional suffix and the operation fails, try the operation again without the\n suffix.
"
+ "smithy.api#documentation": "\n A string that you provide, which is combined with the service-provided prefix to form\n the complete role name. If you make multiple requests for the same service, then you\n must supply a different CustomSuffix for each request. Otherwise the\n request fails with a duplicate role name error. For example, you could add\n -1 or -debug to the suffix.
\n Some services do not support the CustomSuffix parameter. If you provide\n an optional suffix and the operation fails, try the operation again without the\n suffix.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateServiceLinkedRoleResponse": {
@@ -3833,6 +3935,9 @@
"smithy.api#documentation": "A Role object that contains details about the newly created\n role.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateServiceSpecificCredential": {
@@ -3855,7 +3960,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Generates a set of credentials consisting of a user name and password that can be used\n to access the service specified in the request. These credentials are generated by\n IAM, and can be used only for the specified service.
\n You can have a maximum of two sets of service-specific credentials for each supported\n service per user.
\n You can create service-specific credentials for CodeCommit and Amazon Keyspaces (for Apache\n Cassandra).
\n You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.
\n For more information about service-specific credentials, see Using IAM\n with CodeCommit: Git credentials, SSH keys, and Amazon Web Services access keys in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Generates a set of credentials consisting of a user name and password that can be used\n to access the service specified in the request. These credentials are generated by\n IAM, and can be used only for the specified service.
\n You can have a maximum of two sets of service-specific credentials for each supported\n service per user.
\n You can create service-specific credentials for CodeCommit and Amazon Keyspaces (for Apache\n Cassandra).
\n You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.
\n For more information about service-specific credentials, see Using IAM\n with CodeCommit: Git credentials, SSH keys, and Amazon Web Services access keys in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#CreateServiceSpecificCredentialRequest": {
@@ -3864,7 +3969,7 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user that is to be associated with the credentials. The new\n service-specific credentials have the same permissions as the associated user except\n that they can be used only to access the specified service.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the IAM user that is to be associated with the credentials. The new\n service-specific credentials have the same permissions as the associated user except\n that they can be used only to access the specified service.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -3875,6 +3980,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateServiceSpecificCredentialResponse": {
@@ -3883,9 +3991,12 @@
"ServiceSpecificCredential": {
"target": "com.amazonaws.iam#ServiceSpecificCredential",
"traits": {
- "smithy.api#documentation": "A structure that contains information about the newly created service-specific\n credential.
\n \n This is the only time that the password for this credential set is available. It\n cannot be recovered later. Instead, you must reset the password with ResetServiceSpecificCredential.
\n "
+ "smithy.api#documentation": "A structure that contains information about the newly created service-specific\n credential.
\n \n This is the only time that the password for this credential set is available. It\n cannot be recovered later. Instead, you must reset the password with ResetServiceSpecificCredential.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateUser": {
@@ -3917,7 +4028,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a new IAM user for your Amazon Web Services account.
\n For information about quotas for the number of IAM users you can create, see IAM and STS\n quotas in the IAM User Guide.
"
+ "smithy.api#documentation": "Creates a new IAM user for your Amazon Web Services account.
\n For information about quotas for the number of IAM users you can create, see IAM and STS\n quotas in the IAM User Guide.
"
}
},
"com.amazonaws.iam#CreateUserRequest": {
@@ -3926,20 +4037,20 @@
"Path": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": " The path for the user name. For more information about paths, see IAM\n identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path for the user name. For more information about paths, see IAM\n identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the user to create.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
",
+ "smithy.api#documentation": "The name of the user to create.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
",
"smithy.api#required": {}
}
},
"PermissionsBoundary": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The ARN of the policy that is used to set the permissions boundary for the\n user.
"
+ "smithy.api#documentation": "The ARN of the managed policy that is used to set the permissions boundary for the\n user.
\n A permissions boundary policy defines the maximum permissions that identity-based\n policies can grant to an entity, but does not grant permissions. Permissions boundaries\n do not define the maximum permissions that a resource-based policy can grant to an\n entity. To learn more, see Permissions boundaries\n for IAM entities in the IAM User Guide.
\n For more information about policy types, see Policy types\n in the IAM User Guide.
"
}
},
"Tags": {
@@ -3948,6 +4059,9 @@
"smithy.api#documentation": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value.\n For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateUserResponse": {
@@ -3961,7 +4075,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreateUser request.
"
+ "smithy.api#documentation": "Contains the response to a successful CreateUser request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CreateVirtualMFADevice": {
@@ -3990,7 +4105,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a new virtual MFA device for the Amazon Web Services account. After creating the virtual\n MFA, use EnableMFADevice to attach the MFA device to an IAM user.\n For more information about creating and working with virtual MFA devices, see Using a virtual MFA\n device in the IAM User Guide.
\n For information about the maximum number of MFA devices you can create, see IAM and STS\n quotas in the IAM User Guide.
\n \n The seed information contained in the QR code and the Base32 string should be\n treated like any other secret access information. In other words, protect the seed\n information as you would your Amazon Web Services access keys or your passwords. After you\n provision your virtual device, you should ensure that the information is destroyed\n following secure procedures.
\n "
+ "smithy.api#documentation": "Creates a new virtual MFA device for the Amazon Web Services account. After creating the virtual\n MFA, use EnableMFADevice to attach the MFA device to an IAM user.\n For more information about creating and working with virtual MFA devices, see Using a virtual MFA\n device in the IAM User Guide.
\n For information about the maximum number of MFA devices you can create, see IAM and STS\n quotas in the IAM User Guide.
\n \n The seed information contained in the QR code and the Base32 string should be\n treated like any other secret access information. In other words, protect the seed\n information as you would your Amazon Web Services access keys or your passwords. After you\n provision your virtual device, you should ensure that the information is destroyed\n following secure procedures.
\n "
}
},
"com.amazonaws.iam#CreateVirtualMFADeviceRequest": {
@@ -3999,13 +4114,13 @@
"Path": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": " The path for the virtual MFA device. For more information about paths, see IAM\n identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path for the virtual MFA device. For more information about paths, see IAM\n identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"VirtualMFADeviceName": {
"target": "com.amazonaws.iam#virtualMFADeviceName",
"traits": {
- "smithy.api#documentation": "The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA\n device.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA\n device.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -4015,6 +4130,9 @@
"smithy.api#documentation": "A list of tags that you want to attach to the new IAM virtual MFA device.\n Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#CreateVirtualMFADeviceResponse": {
@@ -4029,7 +4147,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful CreateVirtualMFADevice request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful CreateVirtualMFADevice request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#CredentialReportExpiredException": {
@@ -4106,7 +4225,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deactivates the specified MFA device and removes it from association with the user\n name for which it was originally enabled.
\n For more information about creating and working with virtual MFA devices, see Enabling a virtual\n multi-factor authentication (MFA) device in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Deactivates the specified MFA device and removes it from association with the user\n name for which it was originally enabled.
\n For more information about creating and working with virtual MFA devices, see Enabling a virtual\n multi-factor authentication (MFA) device in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#DeactivateMFADeviceRequest": {
@@ -4115,17 +4234,20 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user whose MFA device you want to deactivate.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user whose MFA device you want to deactivate.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"SerialNumber": {
"target": "com.amazonaws.iam#serialNumberType",
"traits": {
- "smithy.api#documentation": "The serial number that uniquely identifies the MFA device. For virtual MFA devices,\n the serial number is the device ARN.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of upper and lowercase alphanumeric characters with no spaces. You can also include any of the \n following characters: =,.@:/-
",
+ "smithy.api#documentation": "The serial number that uniquely identifies the MFA device. For virtual MFA devices,\n the serial number is the device ARN.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of upper and lowercase alphanumeric characters with no spaces. You can also include any of the \n following characters: =,.@:/-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteAccessKey": {
@@ -4148,7 +4270,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the access key pair associated with the specified IAM user.
\n If you do not specify a user name, IAM determines the user name implicitly based on\n the Amazon Web Services access key ID signing the request. This operation works for access keys under\n the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root\n user credentials even if the Amazon Web Services account has no associated users.
"
+ "smithy.api#documentation": "Deletes the access key pair associated with the specified IAM user.
\n If you do not specify a user name, IAM determines the user name implicitly based on\n the Amazon Web Services access key ID signing the request. This operation works for access keys under\n the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root\n user credentials even if the Amazon Web Services account has no associated users.
"
}
},
"com.amazonaws.iam#DeleteAccessKeyRequest": {
@@ -4157,16 +4279,19 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user whose access key pair you want to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the user whose access key pair you want to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"AccessKeyId": {
"target": "com.amazonaws.iam#accessKeyIdType",
"traits": {
- "smithy.api#documentation": "The access key ID for the access key ID and secret access key you want to\n delete.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The access key ID for the access key ID and secret access key you want to\n delete.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteAccountAlias": {
@@ -4198,10 +4323,13 @@
"AccountAlias": {
"target": "com.amazonaws.iam#accountAliasType",
"traits": {
- "smithy.api#documentation": "The name of the account alias to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of \n lowercase letters, digits, and dashes. You cannot start or finish with a dash, nor can you have \n two dashes in a row.
",
+ "smithy.api#documentation": "The name of the account alias to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of \n lowercase letters, digits, and dashes. You cannot start or finish with a dash, nor can you have \n two dashes in a row.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteAccountPasswordPolicy": {
@@ -4290,7 +4418,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified inline policy that is embedded in the specified IAM\n group.
\n A group can also have managed policies attached to it. To detach a managed policy from\n a group, use DetachGroupPolicy. For more information about policies,\n refer to Managed policies and inline\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Deletes the specified inline policy that is embedded in the specified IAM\n group.
\n A group can also have managed policies attached to it. To detach a managed policy from\n a group, use DetachGroupPolicy. For more information about policies,\n refer to Managed policies and inline\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#DeleteGroupPolicyRequest": {
@@ -4299,17 +4427,20 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) identifying the group that the policy is embedded\n in.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) identifying the group that the policy is embedded\n in.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The name identifying the policy document to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name identifying the policy document to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteGroupRequest": {
@@ -4318,10 +4449,13 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM group to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the IAM group to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteInstanceProfile": {
@@ -4347,7 +4481,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified instance profile. The instance profile must not have an\n associated role.
\n \n Make sure that you do not have any Amazon EC2 instances running with the instance\n profile you are about to delete. Deleting a role or instance profile that is\n associated with a running instance will break any applications running on the\n instance.
\n \n For more information about instance profiles, see About instance\n profiles.
"
+ "smithy.api#documentation": "Deletes the specified instance profile. The instance profile must not have an\n associated role.
\n \n Make sure that you do not have any Amazon EC2 instances running with the instance\n profile you are about to delete. Deleting a role or instance profile that is\n associated with a running instance will break any applications running on the\n instance.
\n \n For more information about instance profiles, see About instance\n profiles.
"
}
},
"com.amazonaws.iam#DeleteInstanceProfileRequest": {
@@ -4356,10 +4490,13 @@
"InstanceProfileName": {
"target": "com.amazonaws.iam#instanceProfileNameType",
"traits": {
- "smithy.api#documentation": "The name of the instance profile to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the instance profile to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteLoginProfile": {
@@ -4385,7 +4522,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the password for the specified IAM user, For more information, see Managing\n passwords for IAM users.
\n You can use the CLI, the Amazon Web Services API, or the Users\n page in the IAM console to delete a password for any IAM user. You can use ChangePassword to update, but not delete, your own password in the\n My Security Credentials page in the\n Amazon Web Services Management Console.
\n \n Deleting a user's password does not prevent a user from accessing Amazon Web Services through\n the command line interface or the API. To prevent all user access, you must also\n either make any access keys inactive or delete them. For more information about\n making keys inactive or deleting them, see UpdateAccessKey and\n DeleteAccessKey.
\n "
+ "smithy.api#documentation": "Deletes the password for the specified IAM user, For more information, see Managing\n passwords for IAM users.
\n You can use the CLI, the Amazon Web Services API, or the Users\n page in the IAM console to delete a password for any IAM user. You can use ChangePassword to update, but not delete, your own password in the\n My Security Credentials page in the\n Amazon Web Services Management Console.
\n \n Deleting a user's password does not prevent a user from accessing Amazon Web Services through\n the command line interface or the API. To prevent all user access, you must also\n either make any access keys inactive or delete them. For more information about\n making keys inactive or deleting them, see UpdateAccessKey and\n DeleteAccessKey.
\n "
}
},
"com.amazonaws.iam#DeleteLoginProfileRequest": {
@@ -4394,10 +4531,13 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the user whose password you want to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user whose password you want to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteOpenIDConnectProvider": {
@@ -4420,7 +4560,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
\n Deleting an IAM OIDC provider resource does not update any roles that reference the\n provider as a principal in their trust policies. Any attempt to assume a role that\n references a deleted provider fails.
\n This operation is idempotent; it does not fail or return an error if you call the\n operation for a provider that does not exist.
"
+ "smithy.api#documentation": "Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
\n Deleting an IAM OIDC provider resource does not update any roles that reference the\n provider as a principal in their trust policies. Any attempt to assume a role that\n references a deleted provider fails.
\n This operation is idempotent; it does not fail or return an error if you call the\n operation for a provider that does not exist.
"
}
},
"com.amazonaws.iam#DeleteOpenIDConnectProviderRequest": {
@@ -4433,6 +4573,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeletePolicy": {
@@ -4461,7 +4604,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified managed policy.
\n Before you can delete a managed policy, you must first detach the policy from all\n users, groups, and roles that it is attached to. In addition, you must delete all the\n policy's versions. The following steps describe the process for deleting a managed\n policy:
\n \n - \n
Detach the policy from all users, groups, and roles that the policy is\n attached to, using DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy. To\n list all the users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy.
\n \n - \n
Delete all versions of the policy using DeletePolicyVersion.\n To list the policy's versions, use ListPolicyVersions. You\n cannot use DeletePolicyVersion to delete the version that is\n marked as the default version. You delete the policy's default version in the\n next step of the process.
\n \n - \n
Delete the policy (this automatically deletes the policy's default version)\n using this operation.
\n \n
\n For information about managed policies, see Managed policies and inline\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Deletes the specified managed policy.
\n Before you can delete a managed policy, you must first detach the policy from all\n users, groups, and roles that it is attached to. In addition, you must delete all the\n policy's versions. The following steps describe the process for deleting a managed\n policy:
\n \n - \n
Detach the policy from all users, groups, and roles that the policy is\n attached to, using DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy. To\n list all the users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy.
\n \n - \n
Delete all versions of the policy using DeletePolicyVersion.\n To list the policy's versions, use ListPolicyVersions. You\n cannot use DeletePolicyVersion to delete the version that is\n marked as the default version. You delete the policy's default version in the\n next step of the process.
\n \n - \n
Delete the policy (this automatically deletes the policy's default version)\n using this operation.
\n \n
\n For information about managed policies, see Managed policies and inline\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#DeletePolicyRequest": {
@@ -4470,10 +4613,13 @@
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to delete.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to delete.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeletePolicyVersion": {
@@ -4502,7 +4648,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified version from the specified managed policy.
\n You cannot delete the default version from a policy using this operation. To delete\n the default version from a policy, use DeletePolicy. To find out which\n version of a policy is marked as the default version, use ListPolicyVersions.
\n For information about versions for managed policies, see Versioning for managed\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Deletes the specified version from the specified managed policy.
\n You cannot delete the default version from a policy using this operation. To delete\n the default version from a policy, use DeletePolicy. To find out which\n version of a policy is marked as the default version, use ListPolicyVersions.
\n For information about versions for managed policies, see Versioning for managed\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#DeletePolicyVersionRequest": {
@@ -4511,17 +4657,20 @@
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy from which you want to delete a\n version.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy from which you want to delete a\n version.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
"VersionId": {
"target": "com.amazonaws.iam#policyVersionIdType",
"traits": {
- "smithy.api#documentation": "The policy version to delete.
\n This parameter allows (through its regex pattern) a string of characters that \n consists of the lowercase letter 'v' followed by one or two digits, and optionally \n followed by a period '.' and a string of letters and digits.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
",
+ "smithy.api#documentation": "The policy version to delete.
\n This parameter allows (through its regex pattern) a string of characters that \n consists of the lowercase letter 'v' followed by one or two digits, and optionally \n followed by a period '.' and a string of letters and digits.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteRole": {
@@ -4553,7 +4702,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified role. The role must not have any policies attached. For more\n information about roles, see Working with roles.
\n \n Make sure that you do not have any Amazon EC2 instances running with the role you\n are about to delete. Deleting a role or instance profile that is associated with a\n running instance will break any applications running on the instance.
\n "
+ "smithy.api#documentation": "Deletes the specified role. Unlike the Amazon Web Services Management Console, when you delete a role\n programmatically, you must delete the items attached to the role manually, or the\n deletion fails. For more information, see Deleting an IAM role. Before attempting to delete a role, remove the\n following attached items:
\n \n \n Make sure that you do not have any Amazon EC2 instances running with the role you\n are about to delete. Deleting a role or instance profile that is associated with a\n running instance will break any applications running on the instance.
\n "
}
},
"com.amazonaws.iam#DeleteRolePermissionsBoundary": {
@@ -4576,7 +4725,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the permissions boundary for the specified IAM role.
\n \n Deleting the permissions boundary for a role might increase its permissions. For\n example, it might allow anyone who assumes the role to perform all the actions\n granted in its permissions policies.
\n "
+ "smithy.api#documentation": "Deletes the permissions boundary for the specified IAM role.
\n \n Deleting the permissions boundary for a role might increase its permissions. For\n example, it might allow anyone who assumes the role to perform all the actions\n granted in its permissions policies.
\n "
}
},
"com.amazonaws.iam#DeleteRolePermissionsBoundaryRequest": {
@@ -4589,6 +4738,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteRolePolicy": {
@@ -4614,7 +4766,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified inline policy that is embedded in the specified IAM\n role.
\n A role can also have managed policies attached to it. To detach a managed policy from\n a role, use DetachRolePolicy. For more information about policies,\n refer to Managed policies and inline\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Deletes the specified inline policy that is embedded in the specified IAM\n role.
\n A role can also have managed policies attached to it. To detach a managed policy from\n a role, use DetachRolePolicy. For more information about policies,\n refer to Managed policies and inline\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#DeleteRolePolicyRequest": {
@@ -4623,17 +4775,20 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) identifying the role that the policy is embedded\n in.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) identifying the role that the policy is embedded\n in.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The name of the inline policy to delete from the specified IAM role.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the inline policy to delete from the specified IAM role.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteRoleRequest": {
@@ -4642,10 +4797,13 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the role to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the role to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteSAMLProvider": {
@@ -4671,7 +4829,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes a SAML provider resource in IAM.
\n Deleting the provider resource from IAM does not update any roles that reference the\n SAML provider resource's ARN as a principal in their trust policies. Any attempt to\n assume a role that references a non-existent provider resource ARN fails.
\n \n This operation requires Signature Version 4.
\n "
+ "smithy.api#documentation": "Deletes a SAML provider resource in IAM.
\n Deleting the provider resource from IAM does not update any roles that reference the\n SAML provider resource's ARN as a principal in their trust policies. Any attempt to\n assume a role that references a non-existent provider resource ARN fails.
\n \n This operation requires Signature Version 4.
\n "
}
},
"com.amazonaws.iam#DeleteSAMLProviderRequest": {
@@ -4684,6 +4842,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteSSHPublicKey": {
@@ -4700,7 +4861,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified SSH public key.
\n The SSH public key deleted by this operation is used only for authenticating the\n associated IAM user to an CodeCommit repository. For more information about using SSH keys\n to authenticate to an CodeCommit repository, see Set up CodeCommit for\n SSH connections in the CodeCommit User Guide.
"
+ "smithy.api#documentation": "Deletes the specified SSH public key.
\n The SSH public key deleted by this operation is used only for authenticating the\n associated IAM user to an CodeCommit repository. For more information about using SSH keys\n to authenticate to an CodeCommit repository, see Set up CodeCommit for\n SSH connections in the CodeCommit User Guide.
"
}
},
"com.amazonaws.iam#DeleteSSHPublicKeyRequest": {
@@ -4709,17 +4870,20 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user associated with the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the IAM user associated with the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"SSHPublicKeyId": {
"target": "com.amazonaws.iam#publicKeyIdType",
"traits": {
- "smithy.api#documentation": "The unique identifier for the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The unique identifier for the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteServerCertificate": {
@@ -4745,7 +4909,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified server certificate.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic also includes a list of Amazon Web Services services that can use the server certificates that\n you manage with IAM.
\n \n If you are using a server certificate with Elastic Load Balancing, deleting the\n certificate could have implications for your application. If Elastic Load Balancing\n doesn't detect the deletion of bound certificates, it may continue to use the\n certificates. This could cause Elastic Load Balancing to stop accepting traffic. We\n recommend that you remove the reference to the certificate from Elastic Load\n Balancing before using this command to delete the certificate. For more information,\n see DeleteLoadBalancerListeners in the Elastic Load Balancing API\n Reference.
\n "
+ "smithy.api#documentation": "Deletes the specified server certificate.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic also includes a list of Amazon Web Services services that can use the server certificates that\n you manage with IAM.
\n \n If you are using a server certificate with Elastic Load Balancing, deleting the\n certificate could have implications for your application. If Elastic Load Balancing\n doesn't detect the deletion of bound certificates, it may continue to use the\n certificates. This could cause Elastic Load Balancing to stop accepting traffic. We\n recommend that you remove the reference to the certificate from Elastic Load\n Balancing before using this command to delete the certificate. For more information,\n see DeleteLoadBalancerListeners in the Elastic Load Balancing API\n Reference.
\n "
}
},
"com.amazonaws.iam#DeleteServerCertificateRequest": {
@@ -4754,10 +4918,13 @@
"ServerCertificateName": {
"target": "com.amazonaws.iam#serverCertificateNameType",
"traits": {
- "smithy.api#documentation": "The name of the server certificate you want to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the server certificate you want to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteServiceLinkedRole": {
@@ -4780,7 +4947,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Submits a service-linked role deletion request and returns a\n DeletionTaskId, which you can use to check the status of the deletion.\n Before you call this operation, confirm that the role has no active sessions and that\n any resources used by the role in the linked service are deleted. If you call this\n operation more than once for the same service-linked role and an earlier deletion task\n is not complete, then the DeletionTaskId of the earlier request is\n returned.
\n If you submit a deletion request for a service-linked role whose linked service is\n still accessing a resource, then the deletion task fails. If it fails, the GetServiceLinkedRoleDeletionStatus operation returns the reason for the\n failure, usually including the resources that must be deleted. To delete the\n service-linked role, you must first remove those resources from the linked service and\n then submit the deletion request again. Resources are specific to the service that is\n linked to the role. For more information about removing resources from a service, see\n the Amazon Web Services documentation for your\n service.
\n For more information about service-linked roles, see Roles terms and concepts: Amazon Web Services service-linked role in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Submits a service-linked role deletion request and returns a\n DeletionTaskId, which you can use to check the status of the deletion.\n Before you call this operation, confirm that the role has no active sessions and that\n any resources used by the role in the linked service are deleted. If you call this\n operation more than once for the same service-linked role and an earlier deletion task\n is not complete, then the DeletionTaskId of the earlier request is\n returned.
\n If you submit a deletion request for a service-linked role whose linked service is\n still accessing a resource, then the deletion task fails. If it fails, the GetServiceLinkedRoleDeletionStatus operation returns the reason for the\n failure, usually including the resources that must be deleted. To delete the\n service-linked role, you must first remove those resources from the linked service and\n then submit the deletion request again. Resources are specific to the service that is\n linked to the role. For more information about removing resources from a service, see\n the Amazon Web Services documentation for your\n service.
\n For more information about service-linked roles, see Roles terms and concepts: Amazon Web Services service-linked role in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#DeleteServiceLinkedRoleRequest": {
@@ -4793,6 +4960,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteServiceLinkedRoleResponse": {
@@ -4805,6 +4975,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#DeleteServiceSpecificCredential": {
@@ -4830,16 +5003,19 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user associated with the service-specific credential. If this\n value is not specified, then the operation assumes the user whose credentials are used\n to call the operation.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the IAM user associated with the service-specific credential. If this\n value is not specified, then the operation assumes the user whose credentials are used\n to call the operation.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"ServiceSpecificCredentialId": {
"target": "com.amazonaws.iam#serviceSpecificCredentialId",
"traits": {
- "smithy.api#documentation": "The unique identifier of the service-specific credential. You can get this value by\n calling ListServiceSpecificCredentials.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The unique identifier of the service-specific credential. You can get this value by\n calling ListServiceSpecificCredentials.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteSigningCertificate": {
@@ -4862,7 +5038,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes a signing certificate associated with the specified IAM user.
\n If you do not specify a user name, IAM determines the user name implicitly based on\n the Amazon Web Services access key ID signing the request. This operation works for access keys under\n the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root\n user credentials even if the Amazon Web Services account has no associated IAM users.
"
+ "smithy.api#documentation": "Deletes a signing certificate associated with the specified IAM user.
\n If you do not specify a user name, IAM determines the user name implicitly based on\n the Amazon Web Services access key ID signing the request. This operation works for access keys under\n the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root\n user credentials even if the Amazon Web Services account has no associated IAM users.
"
}
},
"com.amazonaws.iam#DeleteSigningCertificateRequest": {
@@ -4871,16 +5047,19 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user the signing certificate belongs to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the user the signing certificate belongs to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"CertificateId": {
"target": "com.amazonaws.iam#certificateIdType",
"traits": {
- "smithy.api#documentation": "The ID of the signing certificate to delete.
\n The format of this parameter, as described by its regex pattern, is a string of\n characters that can be upper- or lower-cased letters or digits.
",
+ "smithy.api#documentation": "The ID of the signing certificate to delete.
\n The format of this parameter, as described by its regex pattern, is a string of\n characters that can be upper- or lower-cased letters or digits.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteUser": {
@@ -4909,7 +5088,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified IAM user. Unlike the Amazon Web Services Management Console, when you delete a user\n programmatically, you must delete the items attached to the user manually, or the\n deletion fails. For more information, see Deleting an IAM\n user. Before attempting to delete a user, remove the following items:
\n "
+ "smithy.api#documentation": "Deletes the specified IAM user. Unlike the Amazon Web Services Management Console, when you delete a user\n programmatically, you must delete the items attached to the user manually, or the\n deletion fails. For more information, see Deleting an IAM\n user. Before attempting to delete a user, remove the following items:
\n "
}
},
"com.amazonaws.iam#DeleteUserPermissionsBoundary": {
@@ -4929,7 +5108,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the permissions boundary for the specified IAM user.
\n \n Deleting the permissions boundary for a user might increase its permissions by\n allowing the user to perform all the actions granted in its permissions policies.\n
\n "
+ "smithy.api#documentation": "Deletes the permissions boundary for the specified IAM user.
\n \n Deleting the permissions boundary for a user might increase its permissions by\n allowing the user to perform all the actions granted in its permissions policies.\n
\n "
}
},
"com.amazonaws.iam#DeleteUserPermissionsBoundaryRequest": {
@@ -4942,6 +5121,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteUserPolicy": {
@@ -4964,7 +5146,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes the specified inline policy that is embedded in the specified IAM\n user.
\n A user can also have managed policies attached to it. To detach a managed policy from\n a user, use DetachUserPolicy. For more information about policies,\n refer to Managed policies and inline\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Deletes the specified inline policy that is embedded in the specified IAM\n user.
\n A user can also have managed policies attached to it. To detach a managed policy from\n a user, use DetachUserPolicy. For more information about policies,\n refer to Managed policies and inline\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#DeleteUserPolicyRequest": {
@@ -4973,17 +5155,20 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) identifying the user that the policy is embedded\n in.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) identifying the user that the policy is embedded\n in.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The name identifying the policy document to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name identifying the policy document to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteUserRequest": {
@@ -4992,10 +5177,13 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user to delete.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeleteVirtualMFADevice": {
@@ -5021,7 +5209,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes a virtual MFA device.
\n \n You must deactivate a user's virtual MFA device before you can delete it. For\n information about deactivating MFA devices, see DeactivateMFADevice.
\n "
+ "smithy.api#documentation": "Deletes a virtual MFA device.
\n \n You must deactivate a user's virtual MFA device before you can delete it. For\n information about deactivating MFA devices, see DeactivateMFADevice.
\n "
}
},
"com.amazonaws.iam#DeleteVirtualMFADeviceRequest": {
@@ -5030,10 +5218,13 @@
"SerialNumber": {
"target": "com.amazonaws.iam#serialNumberType",
"traits": {
- "smithy.api#documentation": "The serial number that uniquely identifies the MFA device. For virtual MFA devices,\n the serial number is the same as the ARN.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of upper and lowercase alphanumeric characters with no spaces. You can also include any of the \n following characters: =,.@:/-
",
+ "smithy.api#documentation": "The serial number that uniquely identifies the MFA device. For virtual MFA devices,\n the serial number is the same as the ARN.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of upper and lowercase alphanumeric characters with no spaces. You can also include any of the \n following characters: =,.@:/-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DeletionTaskFailureReasonType": {
@@ -5117,7 +5308,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Removes the specified managed policy from the specified IAM group.
\n A group can also have inline policies embedded with it. To delete an inline policy,\n use DeleteGroupPolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Removes the specified managed policy from the specified IAM group.
\n A group can also have inline policies embedded with it. To delete an inline policy,\n use DeleteGroupPolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#DetachGroupPolicyRequest": {
@@ -5126,17 +5317,20 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) of the IAM group to detach the policy from.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) of the IAM group to detach the policy from.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to detach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to detach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DetachRolePolicy": {
@@ -5165,7 +5359,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Removes the specified managed policy from the specified role.
\n A role can also have inline policies embedded with it. To delete an inline policy, use\n DeleteRolePolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Removes the specified managed policy from the specified role.
\n A role can also have inline policies embedded with it. To delete an inline policy, use\n DeleteRolePolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#DetachRolePolicyRequest": {
@@ -5174,17 +5368,20 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) of the IAM role to detach the policy from.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) of the IAM role to detach the policy from.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to detach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to detach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DetachUserPolicy": {
@@ -5210,7 +5407,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Removes the specified managed policy from the specified user.
\n A user can also have inline policies embedded with it. To delete an inline policy, use\n DeleteUserPolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Removes the specified managed policy from the specified user.
\n A user can also have inline policies embedded with it. To delete an inline policy, use\n DeleteUserPolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#DetachUserPolicyRequest": {
@@ -5219,17 +5416,20 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) of the IAM user to detach the policy from.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) of the IAM user to detach the policy from.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to detach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy you want to detach.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#DuplicateCertificateException": {
@@ -5304,31 +5504,34 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user for whom you want to enable the MFA device.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the IAM user for whom you want to enable the MFA device.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"SerialNumber": {
"target": "com.amazonaws.iam#serialNumberType",
"traits": {
- "smithy.api#documentation": "The serial number that uniquely identifies the MFA device. For virtual MFA devices,\n the serial number is the device ARN.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of upper and lowercase alphanumeric characters with no spaces. You can also include any of the \n following characters: =,.@:/-
",
+ "smithy.api#documentation": "The serial number that uniquely identifies the MFA device. For virtual MFA devices,\n the serial number is the device ARN.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of upper and lowercase alphanumeric characters with no spaces. You can also include any of the \n following characters: =,.@:/-
",
"smithy.api#required": {}
}
},
"AuthenticationCode1": {
"target": "com.amazonaws.iam#authenticationCodeType",
"traits": {
- "smithy.api#documentation": "An authentication code emitted by the device.
\n The format for this parameter is a string of six digits.
\n \n Submit your request immediately after generating the authentication codes. If you\n generate the codes and then wait too long to submit the request, the MFA device\n successfully associates with the user but the MFA device becomes out of sync. This\n happens because time-based one-time passwords (TOTP) expire after a short period of\n time. If this happens, you can resync the\n device.
\n ",
+ "smithy.api#documentation": "An authentication code emitted by the device.
\n The format for this parameter is a string of six digits.
\n \n Submit your request immediately after generating the authentication codes. If you\n generate the codes and then wait too long to submit the request, the MFA device\n successfully associates with the user but the MFA device becomes out of sync. This\n happens because time-based one-time passwords (TOTP) expire after a short period of\n time. If this happens, you can resync the\n device.
\n ",
"smithy.api#required": {}
}
},
"AuthenticationCode2": {
"target": "com.amazonaws.iam#authenticationCodeType",
"traits": {
- "smithy.api#documentation": "A subsequent authentication code emitted by the device.
\n The format for this parameter is a string of six digits.
\n \n Submit your request immediately after generating the authentication codes. If you\n generate the codes and then wait too long to submit the request, the MFA device\n successfully associates with the user but the MFA device becomes out of sync. This\n happens because time-based one-time passwords (TOTP) expire after a short period of\n time. If this happens, you can resync the\n device.
\n ",
+ "smithy.api#documentation": "A subsequent authentication code emitted by the device.
\n The format for this parameter is a string of six digits.
\n \n Submit your request immediately after generating the authentication codes. If you\n generate the codes and then wait too long to submit the request, the MFA device\n successfully associates with the user but the MFA device becomes out of sync. This\n happens because time-based one-time passwords (TOTP) expire after a short period of\n time. If this happens, you can resync the\n device.
\n ",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#EntityAlreadyExistsException": {
@@ -5609,7 +5812,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GenerateCredentialReport\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful GenerateCredentialReport\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GenerateOrganizationsAccessReport": {
@@ -5626,7 +5830,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Generates a report for service last accessed data for Organizations. You can generate a\n report for any entities (organization root, organizational unit, or account) or policies\n in your organization.
\n To call this operation, you must be signed in using your Organizations management account\n credentials. You can use your long-term IAM user or root user credentials, or\n temporary credentials from assuming an IAM role. SCPs must be enabled for your\n organization root. You must have the required IAM and Organizations permissions. For more\n information, see Refining permissions using\n service last accessed data in the\n IAM User Guide.
\n You can generate a service last accessed data report for entities by specifying only\n the entity's path. This data includes a list of services that are allowed by any service\n control policies (SCPs) that apply to the entity.
\n You can generate a service last accessed data report for a policy by specifying an\n entity's path and an optional Organizations policy ID. This data includes a list of services that\n are allowed by the specified SCP.
\n For each service in both report types, the data includes the most recent account\n activity that the policy allows to account principals in the entity or the entity's\n children. For important information about the data, reporting period, permissions\n required, troubleshooting, and supported Regions see Reducing permissions using\n service last accessed data in the\n IAM User Guide.
\n \n The data includes all attempts to access Amazon Web Services, not just the successful ones. This\n includes all attempts that were made using the Amazon Web Services Management Console, the Amazon Web Services API through any\n of the SDKs, or any of the command line tools. An unexpected entry in the service\n last accessed data does not mean that an account has been compromised, because the\n request might have been denied. Refer to your CloudTrail logs as the authoritative\n source for information about all API calls and whether they were successful or\n denied access. For more information, see Logging IAM events with\n CloudTrail in the IAM User Guide.
\n \n This operation returns a JobId. Use this parameter in the \n GetOrganizationsAccessReport\n operation to check the status of\n the report generation. To check the status of this request, use the JobId\n parameter in the \n GetOrganizationsAccessReport\n operation\n and test the JobStatus response parameter. When the job is complete, you\n can retrieve the report.
\n To generate a service last accessed data report for entities, specify an entity path\n without specifying the optional Organizations policy ID. The type of entity that you specify\n determines the data returned in the report.
\n \n - \n
\n Root – When you specify the\n organizations root as the entity, the resulting report lists all of the services\n allowed by SCPs that are attached to your root. For each service, the report\n includes data for all accounts in your organization except the\n management account, because the management account is not limited by SCPs.
\n \n - \n
\n OU – When you specify an\n organizational unit (OU) as the entity, the resulting report lists all of the\n services allowed by SCPs that are attached to the OU and its parents. For each\n service, the report includes data for all accounts in the OU or its children.\n This data excludes the management account, because the management account is not\n limited by SCPs.
\n \n - \n
\n management account – When you specify the\n management account, the resulting report lists all Amazon Web Services services, because the\n management account is not limited by SCPs. For each service, the report includes\n data for only the management account.
\n \n - \n
\n Account – When you specify another\n account as the entity, the resulting report lists all of the services allowed by\n SCPs that are attached to the account and its parents. For each service, the\n report includes data for only the specified account.
\n \n
\n To generate a service last accessed data report for policies, specify an entity path\n and the optional Organizations policy ID. The type of entity that you specify determines the data\n returned for each service.
\n \n - \n
\n Root – When you specify the root\n entity and a policy ID, the resulting report lists all of the services that are\n allowed by the specified SCP. For each service, the report includes data for all\n accounts in your organization to which the SCP applies. This data excludes the\n management account, because the management account is not limited by SCPs. If the\n SCP is not attached to any entities in the organization, then the report will\n return a list of services with no data.
\n \n - \n
\n OU – When you specify an OU entity and\n a policy ID, the resulting report lists all of the services that are allowed by\n the specified SCP. For each service, the report includes data for all accounts\n in the OU or its children to which the SCP applies. This means that other\n accounts outside the OU that are affected by the SCP might not be included in\n the data. This data excludes the management account, because the\n management account is not limited by SCPs. If the SCP is not attached to the OU\n or one of its children, the report will return a list of services with no\n data.
\n \n - \n
\n management account – When you specify the\n management account, the resulting report lists all Amazon Web Services services, because the\n management account is not limited by SCPs. If you specify a policy ID in the CLI\n or API, the policy is ignored. For each service, the report includes data for\n only the management account.
\n \n - \n
\n Account – When you specify another\n account entity and a policy ID, the resulting report lists all of the services\n that are allowed by the specified SCP. For each service, the report includes\n data for only the specified account. This means that other accounts in the\n organization that are affected by the SCP might not be included in the data. If\n the SCP is not attached to the account, the report will return a list of\n services with no data.
\n \n
\n \n Service last accessed data does not use other policy types when determining\n whether a principal could access a service. These other policy types include\n identity-based policies, resource-based policies, access control lists, IAM\n permissions boundaries, and STS assume role policies. It only applies SCP logic.\n For more about the evaluation of policy types, see Evaluating policies in the\n IAM User Guide.
\n \n For more information about service last accessed data, see Reducing policy scope by\n viewing user activity in the IAM User Guide.
"
+ "smithy.api#documentation": "Generates a report for service last accessed data for Organizations. You can generate a\n report for any entities (organization root, organizational unit, or account) or policies\n in your organization.
\n To call this operation, you must be signed in using your Organizations management account\n credentials. You can use your long-term IAM user or root user credentials, or temporary\n credentials from assuming an IAM role. SCPs must be enabled for your organization\n root. You must have the required IAM and Organizations permissions. For more information, see\n Refining permissions using service last accessed data in the\n IAM User Guide.
\n You can generate a service last accessed data report for entities by specifying only\n the entity's path. This data includes a list of services that are allowed by any service\n control policies (SCPs) that apply to the entity.
\n You can generate a service last accessed data report for a policy by specifying an\n entity's path and an optional Organizations policy ID. This data includes a list of services that\n are allowed by the specified SCP.
\n For each service in both report types, the data includes the most recent account\n activity that the policy allows to account principals in the entity or the entity's\n children. For important information about the data, reporting period, permissions\n required, troubleshooting, and supported Regions see Reducing permissions using\n service last accessed data in the\n IAM User Guide.
\n \n The data includes all attempts to access Amazon Web Services, not just the successful ones. This\n includes all attempts that were made using the Amazon Web Services Management Console, the Amazon Web Services API through any\n of the SDKs, or any of the command line tools. An unexpected entry in the service\n last accessed data does not mean that an account has been compromised, because the\n request might have been denied. Refer to your CloudTrail logs as the authoritative\n source for information about all API calls and whether they were successful or\n denied access. For more information, see Logging IAM events with\n CloudTrail in the IAM User Guide.
\n \n This operation returns a JobId. Use this parameter in the \n GetOrganizationsAccessReport\n operation to check the status of\n the report generation. To check the status of this request, use the JobId\n parameter in the \n GetOrganizationsAccessReport\n operation\n and test the JobStatus response parameter. When the job is complete, you\n can retrieve the report.
\n To generate a service last accessed data report for entities, specify an entity path\n without specifying the optional Organizations policy ID. The type of entity that you specify\n determines the data returned in the report.
\n \n - \n
\n Root – When you specify the\n organizations root as the entity, the resulting report lists all of the services\n allowed by SCPs that are attached to your root. For each service, the report\n includes data for all accounts in your organization except the\n management account, because the management account is not limited by SCPs.
\n \n - \n
\n OU – When you specify an\n organizational unit (OU) as the entity, the resulting report lists all of the\n services allowed by SCPs that are attached to the OU and its parents. For each\n service, the report includes data for all accounts in the OU or its children.\n This data excludes the management account, because the management account is not\n limited by SCPs.
\n \n - \n
\n management account – When you specify the\n management account, the resulting report lists all Amazon Web Services services, because the\n management account is not limited by SCPs. For each service, the report includes\n data for only the management account.
\n \n - \n
\n Account – When you specify another\n account as the entity, the resulting report lists all of the services allowed by\n SCPs that are attached to the account and its parents. For each service, the\n report includes data for only the specified account.
\n \n
\n To generate a service last accessed data report for policies, specify an entity path\n and the optional Organizations policy ID. The type of entity that you specify determines the data\n returned for each service.
\n \n - \n
\n Root – When you specify the root\n entity and a policy ID, the resulting report lists all of the services that are\n allowed by the specified SCP. For each service, the report includes data for all\n accounts in your organization to which the SCP applies. This data excludes the\n management account, because the management account is not limited by SCPs. If the\n SCP is not attached to any entities in the organization, then the report will\n return a list of services with no data.
\n \n - \n
\n OU – When you specify an OU entity and\n a policy ID, the resulting report lists all of the services that are allowed by\n the specified SCP. For each service, the report includes data for all accounts\n in the OU or its children to which the SCP applies. This means that other\n accounts outside the OU that are affected by the SCP might not be included in\n the data. This data excludes the management account, because the\n management account is not limited by SCPs. If the SCP is not attached to the OU\n or one of its children, the report will return a list of services with no\n data.
\n \n - \n
\n management account – When you specify the\n management account, the resulting report lists all Amazon Web Services services, because the\n management account is not limited by SCPs. If you specify a policy ID in the CLI\n or API, the policy is ignored. For each service, the report includes data for\n only the management account.
\n \n - \n
\n Account – When you specify another\n account entity and a policy ID, the resulting report lists all of the services\n that are allowed by the specified SCP. For each service, the report includes\n data for only the specified account. This means that other accounts in the\n organization that are affected by the SCP might not be included in the data. If\n the SCP is not attached to the account, the report will return a list of\n services with no data.
\n \n
\n \n Service last accessed data does not use other policy types when determining\n whether a principal could access a service. These other policy types include\n identity-based policies, resource-based policies, access control lists, IAM\n permissions boundaries, and STS assume role policies. It only applies SCP logic.\n For more about the evaluation of policy types, see Evaluating policies in the\n IAM User Guide.
\n \n For more information about service last accessed data, see Reducing policy scope by\n viewing user activity in the IAM User Guide.
"
}
},
"com.amazonaws.iam#GenerateOrganizationsAccessReportRequest": {
@@ -5642,9 +5846,12 @@
"OrganizationsPolicyId": {
"target": "com.amazonaws.iam#organizationsPolicyIdType",
"traits": {
- "smithy.api#documentation": "The identifier of the Organizations service control policy (SCP). This parameter is\n optional.
\n This ID is used to generate information about when an account principal that is\n limited by the SCP attempted to access an Amazon Web Services service.
"
+ "smithy.api#documentation": "The identifier of the Organizations service control policy (SCP). This parameter is\n optional.
\n This ID is used to generate information about when an account principal that is\n limited by the SCP attempted to access an Amazon Web Services service.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GenerateOrganizationsAccessReportResponse": {
@@ -5656,6 +5863,9 @@
"smithy.api#documentation": "The job identifier that you can use in the GetOrganizationsAccessReport operation.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GenerateServiceLastAccessedDetails": {
@@ -5675,7 +5885,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Generates a report that includes details about when an IAM resource (user, group,\n role, or policy) was last used in an attempt to access Amazon Web Services services. Recent activity\n usually appears within four hours. IAM reports activity for at least the last 400\n days, or less if your Region began supporting this feature within the last year. For\n more information, see Regions where data is tracked.
\n \n The service last accessed data includes all attempts to access an Amazon Web Services API, not\n just the successful ones. This includes all attempts that were made using the\n Amazon Web Services Management Console, the Amazon Web Services API through any of the SDKs, or any of the command line tools.\n An unexpected entry in the service last accessed data does not mean that your\n account has been compromised, because the request might have been denied. Refer to\n your CloudTrail logs as the authoritative source for information about all API calls\n and whether they were successful or denied access. For more information, see Logging\n IAM events with CloudTrail in the\n IAM User Guide.
\n \n The GenerateServiceLastAccessedDetails operation returns a\n JobId. Use this parameter in the following operations to retrieve the\n following details from your report:
\n \n - \n
\n GetServiceLastAccessedDetails – Use this operation\n for users, groups, roles, or policies to list every Amazon Web Services service that the\n resource could access using permissions policies. For each service, the response\n includes information about the most recent access attempt.
\n The JobId returned by\n GenerateServiceLastAccessedDetail must be used by the same role\n within a session, or by the same user when used to call\n GetServiceLastAccessedDetail.
\n \n - \n
\n GetServiceLastAccessedDetailsWithEntities – Use this\n operation for groups and policies to list information about the associated\n entities (users or roles) that attempted to access a specific Amazon Web Services service.\n
\n \n
\n To check the status of the GenerateServiceLastAccessedDetails request,\n use the JobId parameter in the same operations and test the\n JobStatus response parameter.
\n For additional information about the permissions policies that allow an identity\n (user, group, or role) to access specific services, use the ListPoliciesGrantingServiceAccess operation.
\n \n Service last accessed data does not use other policy types when determining\n whether a resource could access a service. These other policy types include\n resource-based policies, access control lists, Organizations policies, IAM permissions\n boundaries, and STS assume role policies. It only applies permissions policy\n logic. For more about the evaluation of policy types, see Evaluating policies in the\n IAM User Guide.
\n \n For more information about service and action last accessed data, see Reducing permissions using service last accessed data in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Generates a report that includes details about when an IAM resource (user, group,\n role, or policy) was last used in an attempt to access Amazon Web Services services. Recent activity\n usually appears within four hours. IAM reports activity for at least the last 400\n days, or less if your Region began supporting this feature within the last year. For\n more information, see Regions where data is tracked.
\n \n The service last accessed data includes all attempts to access an Amazon Web Services API, not\n just the successful ones. This includes all attempts that were made using the\n Amazon Web Services Management Console, the Amazon Web Services API through any of the SDKs, or any of the command line tools.\n An unexpected entry in the service last accessed data does not mean that your\n account has been compromised, because the request might have been denied. Refer to\n your CloudTrail logs as the authoritative source for information about all API calls\n and whether they were successful or denied access. For more information, see Logging\n IAM events with CloudTrail in the\n IAM User Guide.
\n \n The GenerateServiceLastAccessedDetails operation returns a\n JobId. Use this parameter in the following operations to retrieve the\n following details from your report:
\n \n - \n
\n GetServiceLastAccessedDetails – Use this operation\n for users, groups, roles, or policies to list every Amazon Web Services service that the\n resource could access using permissions policies. For each service, the response\n includes information about the most recent access attempt.
\n The JobId returned by\n GenerateServiceLastAccessedDetail must be used by the same role\n within a session, or by the same user when used to call\n GetServiceLastAccessedDetail.
\n \n - \n
\n GetServiceLastAccessedDetailsWithEntities – Use this\n operation for groups and policies to list information about the associated\n entities (users or roles) that attempted to access a specific Amazon Web Services service.\n
\n \n
\n To check the status of the GenerateServiceLastAccessedDetails request,\n use the JobId parameter in the same operations and test the\n JobStatus response parameter.
\n For additional information about the permissions policies that allow an identity\n (user, group, or role) to access specific services, use the ListPoliciesGrantingServiceAccess operation.
\n \n Service last accessed data does not use other policy types when determining\n whether a resource could access a service. These other policy types include\n resource-based policies, access control lists, Organizations policies, IAM permissions\n boundaries, and STS assume role policies. It only applies permissions policy\n logic. For more about the evaluation of policy types, see Evaluating policies in the\n IAM User Guide.
\n \n For more information about service and action last accessed data, see Reducing permissions using service last accessed data in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#GenerateServiceLastAccessedDetailsRequest": {
@@ -5694,6 +5904,9 @@
"smithy.api#documentation": "The level of detail that you want to generate. You can specify whether you want to\n generate information about the last attempt to access services or actions. If you\n specify service-level granularity, this operation generates only service data. If you\n specify action-level granularity, it generates service and action data. If you don't\n include this optional parameter, the operation generates service data.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GenerateServiceLastAccessedDetailsResponse": {
@@ -5705,6 +5918,9 @@
"smithy.api#documentation": "The JobId that you can use in the GetServiceLastAccessedDetails or GetServiceLastAccessedDetailsWithEntities operations. The\n JobId returned by GenerateServiceLastAccessedDetail must\n be used by the same role within a session, or by the same user when used to call\n GetServiceLastAccessedDetail.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetAccessKeyLastUsed": {
@@ -5730,10 +5946,13 @@
"AccessKeyId": {
"target": "com.amazonaws.iam#accessKeyIdType",
"traits": {
- "smithy.api#documentation": "The identifier of an access key.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The identifier of an access key.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetAccessKeyLastUsedResponse": {
@@ -5742,7 +5961,7 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user that owns this access key.
\n "
+ "smithy.api#documentation": "The name of the IAM user that owns this access key.
\n "
}
},
"AccessKeyLastUsed": {
@@ -5753,7 +5972,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetAccessKeyLastUsed request.\n It is also returned as a member of the AccessKeyMetaData structure returned\n by the ListAccessKeys action.
"
+ "smithy.api#documentation": "Contains the response to a successful GetAccessKeyLastUsed request.\n It is also returned as a member of the AccessKeyMetaData structure returned\n by the ListAccessKeys action.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetAccountAuthorizationDetails": {
@@ -5770,7 +5990,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves information about all IAM users, groups, roles, and policies in your Amazon Web Services\n account, including their relationships to one another. Use this operation to obtain a\n snapshot of the configuration of IAM permissions (users, groups, roles, and policies)\n in your account.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n You can optionally filter the results using the Filter parameter. You can\n paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Retrieves information about all IAM users, groups, roles, and policies in your Amazon Web Services\n account, including their relationships to one another. Use this operation to obtain a\n snapshot of the configuration of IAM permissions (users, groups, roles, and policies)\n in your account.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n You can optionally filter the results using the Filter parameter. You can\n paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -5784,7 +6004,7 @@
"Filter": {
"target": "com.amazonaws.iam#entityListType",
"traits": {
- "smithy.api#documentation": "A list of entity types used to filter the results. Only the entities that match the\n types you specify are included in the output. Use the value\n LocalManagedPolicy to include customer managed policies.
\n The format for this parameter is a comma-separated (if more than one) list of strings.\n Each string value in the list must be one of the valid values listed below.
"
+ "smithy.api#documentation": "A list of entity types used to filter the results. Only the entities that match the\n types you specify are included in the output. Use the value\n LocalManagedPolicy to include customer managed policies.
\n The format for this parameter is a comma-separated (if more than one) list of strings.\n Each string value in the list must be one of the valid values listed below.
"
}
},
"MaxItems": {
@@ -5799,6 +6019,9 @@
"smithy.api#documentation": "Use this parameter only when paginating results and only after \n you receive a response indicating that the results are truncated. Set it to the value of the\n Marker element in the response that you received to indicate where the next call \n should start.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetAccountAuthorizationDetailsResponse": {
@@ -5843,7 +6066,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetAccountAuthorizationDetails\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful GetAccountAuthorizationDetails\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetAccountPasswordPolicy": {
@@ -5878,7 +6102,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetAccountPasswordPolicy\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful GetAccountPasswordPolicy\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetAccountSummary": {
@@ -5895,7 +6120,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves information about IAM entity usage and IAM quotas in the Amazon Web Services\n account.
\n For information about IAM quotas, see IAM and STS quotas in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Retrieves information about IAM entity usage and IAM quotas in the Amazon Web Services\n account.
\n For information about IAM quotas, see IAM and STS quotas in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#GetAccountSummaryResponse": {
@@ -5909,7 +6134,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetAccountSummary request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetAccountSummary request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetContextKeysForCustomPolicy": {
@@ -5926,7 +6152,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Gets a list of all of the context keys referenced in the input policies. The policies\n are supplied as a list of one or more strings. To get the context keys from policies\n associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy.
\n Context keys are variables maintained by Amazon Web Services and its services that provide details\n about the context of an API query request. Context keys can be evaluated by testing\n against a value specified in an IAM policy. Use\n GetContextKeysForCustomPolicy to understand what key names and values\n you must supply when you call SimulateCustomPolicy. Note that all\n parameters are shown in unencoded form here for clarity but must be URL encoded to be\n included as a part of a real HTML request.
"
+ "smithy.api#documentation": "Gets a list of all of the context keys referenced in the input policies. The policies\n are supplied as a list of one or more strings. To get the context keys from policies\n associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy.
\n Context keys are variables maintained by Amazon Web Services and its services that provide details\n about the context of an API query request. Context keys can be evaluated by testing\n against a value specified in an IAM policy. Use\n GetContextKeysForCustomPolicy to understand what key names and values\n you must supply when you call SimulateCustomPolicy. Note that all\n parameters are shown in unencoded form here for clarity but must be URL encoded to be\n included as a part of a real HTML request.
"
}
},
"com.amazonaws.iam#GetContextKeysForCustomPolicyRequest": {
@@ -5935,10 +6161,13 @@
"PolicyInputList": {
"target": "com.amazonaws.iam#SimulationPolicyListType",
"traits": {
- "smithy.api#documentation": "A list of policies for which you want the list of context keys referenced in those\n policies. Each document is specified as a string containing the complete, valid JSON\n text of an IAM policy.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "A list of policies for which you want the list of context keys referenced in those\n policies. Each document is specified as a string containing the complete, valid JSON\n text of an IAM policy.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetContextKeysForPolicyResponse": {
@@ -5972,7 +6201,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Gets a list of all of the context keys referenced in all the IAM policies that are\n attached to the specified IAM entity. The entity can be an IAM user, group, or role.\n If you specify a user, then the request also includes all of the policies attached to\n groups that the user is a member of.
\n You can optionally include a list of one or more additional policies, specified as\n strings. If you want to include only a list of policies by string,\n use GetContextKeysForCustomPolicy instead.
\n \n Note: This operation discloses information about the\n permissions granted to other users. If you do not want users to see other user's\n permissions, then consider allowing them to use GetContextKeysForCustomPolicy instead.
\n Context keys are variables maintained by Amazon Web Services and its services that provide details\n about the context of an API query request. Context keys can be evaluated by testing\n against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call SimulatePrincipalPolicy.
"
+ "smithy.api#documentation": "Gets a list of all of the context keys referenced in all the IAM policies that are\n attached to the specified IAM entity. The entity can be an IAM user, group, or role.\n If you specify a user, then the request also includes all of the policies attached to\n groups that the user is a member of.
\n You can optionally include a list of one or more additional policies, specified as\n strings. If you want to include only a list of policies by string,\n use GetContextKeysForCustomPolicy instead.
\n \n Note: This operation discloses information about the\n permissions granted to other users. If you do not want users to see other user's\n permissions, then consider allowing them to use GetContextKeysForCustomPolicy instead.
\n Context keys are variables maintained by Amazon Web Services and its services that provide details\n about the context of an API query request. Context keys can be evaluated by testing\n against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call SimulatePrincipalPolicy.
"
}
},
"com.amazonaws.iam#GetContextKeysForPrincipalPolicyRequest": {
@@ -5981,16 +6210,19 @@
"PolicySourceArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The ARN of a user, group, or role whose policies contain the context keys that you\n want listed. If you specify a user, the list includes context keys that are found in all\n policies that are attached to the user. The list also includes all groups that the user\n is a member of. If you pick a group or a role, then it includes only those context keys\n that are found in policies attached to that entity. Note that all parameters are shown\n in unencoded form here for clarity, but must be URL encoded to be included as a part of\n a real HTML request.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The ARN of a user, group, or role whose policies contain the context keys that you\n want listed. If you specify a user, the list includes context keys that are found in all\n policies that are attached to the user. The list also includes all groups that the user\n is a member of. If you pick a group or a role, then it includes only those context keys\n that are found in policies attached to that entity. Note that all parameters are shown\n in unencoded form here for clarity, but must be URL encoded to be included as a part of\n a real HTML request.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
"PolicyInputList": {
"target": "com.amazonaws.iam#SimulationPolicyListType",
"traits": {
- "smithy.api#documentation": "An optional list of additional policies for which you want the list of context keys\n that are referenced.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
+ "smithy.api#documentation": "An optional list of additional policies for which you want the list of context keys\n that are referenced.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetCredentialReport": {
@@ -6042,7 +6274,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetCredentialReport request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetCredentialReport request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetGroup": {
@@ -6088,7 +6321,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves the specified inline policy document that is embedded in the specified IAM\n group.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n An IAM group can also have managed policies attached to it. To retrieve a managed\n policy document that is attached to a group, use GetPolicy to\n determine the policy's default version, then use GetPolicyVersion to\n retrieve the policy document.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Retrieves the specified inline policy document that is embedded in the specified IAM\n group.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n An IAM group can also have managed policies attached to it. To retrieve a managed\n policy document that is attached to a group, use GetPolicy to\n determine the policy's default version, then use GetPolicyVersion to\n retrieve the policy document.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#GetGroupPolicyRequest": {
@@ -6097,17 +6330,20 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name of the group the policy is associated with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the group the policy is associated with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The name of the policy document to get.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the policy document to get.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetGroupPolicyResponse": {
@@ -6130,13 +6366,14 @@
"PolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The policy document.
\n\n IAM stores policies in JSON format. However, resources that were created using CloudFormation\n templates can be formatted in YAML. CloudFormation always converts a YAML policy to JSON format\n before submitting it to IAM.
",
+ "smithy.api#documentation": "The policy document.
\n IAM stores policies in JSON format. However, resources that were created using CloudFormation\n templates can be formatted in YAML. CloudFormation always converts a YAML policy to JSON format\n before submitting it to IAM.
",
"smithy.api#required": {}
}
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetGroupPolicy request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetGroupPolicy request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetGroupRequest": {
@@ -6145,7 +6382,7 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name of the group.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the group.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -6161,6 +6398,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetGroupResponse": {
@@ -6195,7 +6435,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetGroup request.
"
+ "smithy.api#documentation": "Contains the response to a successful GetGroup request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetInstanceProfile": {
@@ -6243,10 +6484,13 @@
"InstanceProfileName": {
"target": "com.amazonaws.iam#instanceProfileNameType",
"traits": {
- "smithy.api#documentation": "The name of the instance profile to get information about.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the instance profile to get information about.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetInstanceProfileResponse": {
@@ -6261,7 +6505,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetInstanceProfile request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetInstanceProfile request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetLoginProfile": {
@@ -6281,7 +6526,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves the user name for the specified IAM user. A login profile is created when\n you create a password for the user to access the Amazon Web Services Management Console. If the user does not exist\n or does not have a password, the operation returns a 404 (NoSuchEntity)\n error.
\n If you create an IAM user with access to the console, the CreateDate\n reflects the date you created the initial password for the user.
\n If you create an IAM user with programmatic access, and then later add a password\n for the user to access the Amazon Web Services Management Console, the CreateDate reflects the initial\n password creation date. A user with programmatic access does not have a login profile\n unless you create a password for the user to access the Amazon Web Services Management Console.
"
+ "smithy.api#documentation": "Retrieves the user name for the specified IAM user. A login profile is created when\n you create a password for the user to access the Amazon Web Services Management Console. If the user does not exist\n or does not have a password, the operation returns a 404 (NoSuchEntity)\n error.
\n If you create an IAM user with access to the console, the CreateDate\n reflects the date you created the initial password for the user.
\n If you create an IAM user with programmatic access, and then later add a password\n for the user to access the Amazon Web Services Management Console, the CreateDate reflects the initial\n password creation date. A user with programmatic access does not have a login profile\n unless you create a password for the user to access the Amazon Web Services Management Console.
"
}
},
"com.amazonaws.iam#GetLoginProfileRequest": {
@@ -6290,10 +6535,13 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the user whose login profile you want to retrieve.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user whose login profile you want to retrieve.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetLoginProfileResponse": {
@@ -6308,7 +6556,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetLoginProfile request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetLoginProfile request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetOpenIDConnectProvider": {
@@ -6340,10 +6589,13 @@
"OpenIDConnectProviderArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM to get\n information for. You can get a list of OIDC provider resource ARNs by using the ListOpenIDConnectProviders operation.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM to get\n information for. You can get a list of OIDC provider resource ARNs by using the ListOpenIDConnectProviders operation.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetOpenIDConnectProviderResponse": {
@@ -6381,7 +6633,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetOpenIDConnectProvider\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful GetOpenIDConnectProvider\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetOrganizationsAccessReport": {
@@ -6398,7 +6651,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves the service last accessed data report for Organizations that was previously\n generated using the \n GenerateOrganizationsAccessReport\n \n operation. This operation retrieves the status of your report job and the report\n contents.
\n Depending on the parameters that you passed when you generated the report, the data\n returned could include different information. For details, see GenerateOrganizationsAccessReport.
\n To call this operation, you must be signed in to the management account in your\n organization. SCPs must be enabled for your organization root. You must have permissions\n to perform this operation. For more information, see Refining permissions using\n service last accessed data in the\n IAM User Guide.
\n For each service that principals in an account (root users, IAM users, or IAM\n roles) could access using SCPs, the operation returns details about the most recent\n access attempt. If there was no attempt, the service is listed without details about the\n most recent attempt to access the service. If the operation fails, it returns the reason\n that it failed.
\n By default, the list is sorted by service namespace.
"
+ "smithy.api#documentation": "Retrieves the service last accessed data report for Organizations that was previously\n generated using the \n GenerateOrganizationsAccessReport\n \n operation. This operation retrieves the status of your report job and the report\n contents.
\n Depending on the parameters that you passed when you generated the report, the data\n returned could include different information. For details, see GenerateOrganizationsAccessReport.
\n To call this operation, you must be signed in to the management account in your\n organization. SCPs must be enabled for your organization root. You must have permissions\n to perform this operation. For more information, see Refining permissions using\n service last accessed data in the\n IAM User Guide.
\n For each service that principals in an account (root user, IAM users, or IAM roles)\n could access using SCPs, the operation returns details about the most recent access\n attempt. If there was no attempt, the service is listed without details about the most\n recent attempt to access the service. If the operation fails, it returns the reason that\n it failed.
\n By default, the list is sorted by service namespace.
"
}
},
"com.amazonaws.iam#GetOrganizationsAccessReportRequest": {
@@ -6429,6 +6682,9 @@
"smithy.api#documentation": "The key that is used to sort the results. If you choose the namespace key, the results\n are returned in alphabetical order. If you choose the time key, the results are sorted\n numerically by the date and time.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetOrganizationsAccessReportResponse": {
@@ -6451,7 +6707,7 @@
"JobCompletionDate": {
"target": "com.amazonaws.iam#dateType",
"traits": {
- "smithy.api#documentation": "The date and time, in ISO 8601 date-time\n format, when the generated report job was completed or failed.
\n This field is null if the job is still in progress, as indicated by a job status value\n of IN_PROGRESS.
"
+ "smithy.api#documentation": "The date and time, in ISO 8601 date-time\n format, when the generated report job was completed or failed.
\n This field is null if the job is still in progress, as indicated by a job status value\n of IN_PROGRESS.
"
}
},
"NumberOfServicesAccessible": {
@@ -6488,6 +6744,9 @@
"ErrorDetails": {
"target": "com.amazonaws.iam#ErrorDetails"
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetPolicy": {
@@ -6510,7 +6769,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves information about the specified managed policy, including the policy's\n default version and the total number of IAM users, groups, and roles to which the\n policy is attached. To retrieve the list of the specific users, groups, and roles that\n the policy is attached to, use ListEntitiesForPolicy. This operation\n returns metadata about the policy. To retrieve the actual policy document for a specific\n version of the policy, use GetPolicyVersion.
\n This operation retrieves information about managed policies. To retrieve information\n about an inline policy that is embedded with an IAM user, group, or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
",
+ "smithy.api#documentation": "Retrieves information about the specified managed policy, including the policy's\n default version and the total number of IAM users, groups, and roles to which the\n policy is attached. To retrieve the list of the specific users, groups, and roles that\n the policy is attached to, use ListEntitiesForPolicy. This operation\n returns metadata about the policy. To retrieve the actual policy document for a specific\n version of the policy, use GetPolicyVersion.
\n This operation retrieves information about managed policies. To retrieve information\n about an inline policy that is embedded with an IAM user, group, or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
",
"smithy.api#suppress": [
"WaitableTraitInvalidErrorType"
],
@@ -6541,10 +6800,13 @@
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the managed policy that you want information\n about.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the managed policy that you want information\n about.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetPolicyResponse": {
@@ -6558,7 +6820,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetPolicy request.
"
+ "smithy.api#documentation": "Contains the response to a successful GetPolicy request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetPolicyVersion": {
@@ -6581,7 +6844,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves information about the specified version of the specified managed policy,\n including the policy document.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n To list the available versions for a policy, use ListPolicyVersions.
\n This operation retrieves information about managed policies. To retrieve information\n about an inline policy that is embedded in a user, group, or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
\n For more information about the types of policies, see Managed policies and inline\n policies in the IAM User Guide.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Retrieves information about the specified version of the specified managed policy,\n including the policy document.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n To list the available versions for a policy, use ListPolicyVersions.
\n This operation retrieves information about managed policies. To retrieve information\n about an inline policy that is embedded in a user, group, or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
\n For more information about the types of policies, see Managed policies and inline\n policies in the IAM User Guide.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#GetPolicyVersionRequest": {
@@ -6590,17 +6853,20 @@
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the managed policy that you want information\n about.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the managed policy that you want information\n about.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
"VersionId": {
"target": "com.amazonaws.iam#policyVersionIdType",
"traits": {
- "smithy.api#documentation": "Identifies the policy version to retrieve.
\n This parameter allows (through its regex pattern) a string of characters that \n consists of the lowercase letter 'v' followed by one or two digits, and optionally \n followed by a period '.' and a string of letters and digits.
",
+ "smithy.api#documentation": "Identifies the policy version to retrieve.
\n This parameter allows (through its regex pattern) a string of characters that \n consists of the lowercase letter 'v' followed by one or two digits, and optionally \n followed by a period '.' and a string of letters and digits.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetPolicyVersionResponse": {
@@ -6614,7 +6880,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetPolicyVersion request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetPolicyVersion request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetRole": {
@@ -6634,7 +6901,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves information about the specified role, including the role's path, GUID, ARN,\n and the role's trust policy that grants permission to assume the role. For more\n information about roles, see Working with roles.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n ",
+ "smithy.api#documentation": "Retrieves information about the specified role, including the role's path, GUID, ARN,\n and the role's trust policy that grants permission to assume the role. For more\n information about roles, see Working with roles.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n ",
"smithy.api#suppress": [
"WaitableTraitInvalidErrorType"
],
@@ -6676,7 +6943,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves the specified inline policy document that is embedded with the specified\n IAM role.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n An IAM role can also have managed policies attached to it. To retrieve a managed\n policy document that is attached to a role, use GetPolicy to determine\n the policy's default version, then use GetPolicyVersion to retrieve\n the policy document.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n For more information about roles, see Using roles to delegate permissions and\n federate identities.
"
+ "smithy.api#documentation": "Retrieves the specified inline policy document that is embedded with the specified\n IAM role.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n An IAM role can also have managed policies attached to it. To retrieve a managed\n policy document that is attached to a role, use GetPolicy to determine\n the policy's default version, then use GetPolicyVersion to retrieve\n the policy document.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n For more information about roles, see Using roles to delegate permissions and\n federate identities.
"
}
},
"com.amazonaws.iam#GetRolePolicyRequest": {
@@ -6685,17 +6952,20 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the role associated with the policy.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the role associated with the policy.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The name of the policy document to get.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the policy document to get.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetRolePolicyResponse": {
@@ -6718,13 +6988,14 @@
"PolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The policy document.
\n IAM stores policies in JSON format. However, resources that were created using CloudFormation\n templates can be formatted in YAML. CloudFormation always converts a YAML policy to JSON format\n before submitting it to IAM.
",
+ "smithy.api#documentation": "The policy document.
\n IAM stores policies in JSON format. However, resources that were created using CloudFormation\n templates can be formatted in YAML. CloudFormation always converts a YAML policy to JSON format\n before submitting it to IAM.
",
"smithy.api#required": {}
}
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetRolePolicy request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetRolePolicy request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetRoleRequest": {
@@ -6733,10 +7004,13 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM role to get information about.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the IAM role to get information about.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetRoleResponse": {
@@ -6751,7 +7025,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetRole request.
"
+ "smithy.api#documentation": "Contains the response to a successful GetRole request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetSAMLProvider": {
@@ -6774,7 +7049,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns the SAML provider metadocument that was uploaded when the IAM SAML provider\n resource object was created or updated.
\n \n This operation requires Signature Version 4.
\n "
+ "smithy.api#documentation": "Returns the SAML provider metadocument that was uploaded when the IAM SAML provider\n resource object was created or updated.
\n \n This operation requires Signature Version 4.
\n "
}
},
"com.amazonaws.iam#GetSAMLProviderRequest": {
@@ -6783,10 +7058,13 @@
"SAMLProviderArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the SAML provider resource object in IAM to get\n information about.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the SAML provider resource object in IAM to get\n information about.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetSAMLProviderResponse": {
@@ -6818,7 +7096,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetSAMLProvider request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetSAMLProvider request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetSSHPublicKey": {
@@ -6838,7 +7117,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves the specified SSH public key, including metadata about the key.
\n The SSH public key retrieved by this operation is used only for authenticating the\n associated IAM user to an CodeCommit repository. For more information about using SSH keys\n to authenticate to an CodeCommit repository, see Set up CodeCommit for SSH\n connections in the CodeCommit User Guide.
"
+ "smithy.api#documentation": "Retrieves the specified SSH public key, including metadata about the key.
\n The SSH public key retrieved by this operation is used only for authenticating the\n associated IAM user to an CodeCommit repository. For more information about using SSH keys\n to authenticate to an CodeCommit repository, see Set up CodeCommit for SSH\n connections in the CodeCommit User Guide.
"
}
},
"com.amazonaws.iam#GetSSHPublicKeyRequest": {
@@ -6847,14 +7126,14 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user associated with the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the IAM user associated with the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"SSHPublicKeyId": {
"target": "com.amazonaws.iam#publicKeyIdType",
"traits": {
- "smithy.api#documentation": "The unique identifier for the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The unique identifier for the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
},
@@ -6865,6 +7144,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetSSHPublicKeyResponse": {
@@ -6878,7 +7160,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetSSHPublicKey\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful GetSSHPublicKey\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetServerCertificate": {
@@ -6898,7 +7181,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves information about the specified server certificate stored in IAM.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic includes a list of Amazon Web Services services that can use the server certificates that you\n manage with IAM.
"
+ "smithy.api#documentation": "Retrieves information about the specified server certificate stored in IAM.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic includes a list of Amazon Web Services services that can use the server certificates that you\n manage with IAM.
"
}
},
"com.amazonaws.iam#GetServerCertificateRequest": {
@@ -6907,10 +7190,13 @@
"ServerCertificateName": {
"target": "com.amazonaws.iam#serverCertificateNameType",
"traits": {
- "smithy.api#documentation": "The name of the server certificate you want to retrieve information about.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the server certificate you want to retrieve information about.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetServerCertificateResponse": {
@@ -6925,7 +7211,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetServerCertificate request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetServerCertificate request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetServiceLastAccessedDetails": {
@@ -6945,7 +7232,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves a service last accessed report that was created using the\n GenerateServiceLastAccessedDetails operation. You can use the\n JobId parameter in GetServiceLastAccessedDetails to\n retrieve the status of your report job. When the report is complete, you can retrieve\n the generated report. The report includes a list of Amazon Web Services services that the resource\n (user, group, role, or managed policy) can access.
\n \n Service last accessed data does not use other policy types when determining\n whether a resource could access a service. These other policy types include\n resource-based policies, access control lists, Organizations policies, IAM permissions\n boundaries, and STS assume role policies. It only applies permissions policy\n logic. For more about the evaluation of policy types, see Evaluating policies in the\n IAM User Guide.
\n \n For each service that the resource could access using permissions policies, the\n operation returns details about the most recent access attempt. If there was no attempt,\n the service is listed without details about the most recent attempt to access the\n service. If the operation fails, the GetServiceLastAccessedDetails\n operation returns the reason that it failed.
\n The GetServiceLastAccessedDetails operation returns a list of services.\n This list includes the number of entities that have attempted to access the service and\n the date and time of the last attempt. It also returns the ARN of the following entity,\n depending on the resource ARN that you used to generate the report:
\n \n - \n
\n User – Returns the user ARN that you\n used to generate the report
\n \n - \n
\n Group – Returns the ARN of the group\n member (user) that last attempted to access the service
\n \n - \n
\n Role – Returns the role ARN that you\n used to generate the report
\n \n - \n
\n Policy – Returns the ARN of the user\n or role that last used the policy to attempt to access the service
\n \n
\n By default, the list is sorted by service namespace.
\n If you specified ACTION_LEVEL granularity when you generated the report,\n this operation returns service and action last accessed data. This includes the most\n recent access attempt for each tracked action within a service. Otherwise, this\n operation returns only service data.
\n For more information about service and action last accessed data, see Reducing permissions using service last accessed data in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Retrieves a service last accessed report that was created using the\n GenerateServiceLastAccessedDetails operation. You can use the\n JobId parameter in GetServiceLastAccessedDetails to\n retrieve the status of your report job. When the report is complete, you can retrieve\n the generated report. The report includes a list of Amazon Web Services services that the resource\n (user, group, role, or managed policy) can access.
\n \n Service last accessed data does not use other policy types when determining\n whether a resource could access a service. These other policy types include\n resource-based policies, access control lists, Organizations policies, IAM permissions\n boundaries, and STS assume role policies. It only applies permissions policy\n logic. For more about the evaluation of policy types, see Evaluating policies in the\n IAM User Guide.
\n \n For each service that the resource could access using permissions policies, the\n operation returns details about the most recent access attempt. If there was no attempt,\n the service is listed without details about the most recent attempt to access the\n service. If the operation fails, the GetServiceLastAccessedDetails\n operation returns the reason that it failed.
\n The GetServiceLastAccessedDetails operation returns a list of services.\n This list includes the number of entities that have attempted to access the service and\n the date and time of the last attempt. It also returns the ARN of the following entity,\n depending on the resource ARN that you used to generate the report:
\n \n - \n
\n User – Returns the user ARN that you\n used to generate the report
\n \n - \n
\n Group – Returns the ARN of the group\n member (user) that last attempted to access the service
\n \n - \n
\n Role – Returns the role ARN that you\n used to generate the report
\n \n - \n
\n Policy – Returns the ARN of the user\n or role that last used the policy to attempt to access the service
\n \n
\n By default, the list is sorted by service namespace.
\n If you specified ACTION_LEVEL granularity when you generated the report,\n this operation returns service and action last accessed data. This includes the most\n recent access attempt for each tracked action within a service. Otherwise, this\n operation returns only service data.
\n For more information about service and action last accessed data, see Reducing permissions using service last accessed data in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#GetServiceLastAccessedDetailsRequest": {
@@ -6970,6 +7257,9 @@
"smithy.api#documentation": "Use this parameter only when paginating results and only after \n you receive a response indicating that the results are truncated. Set it to the value of the\n Marker element in the response that you received to indicate where the next call \n should start.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetServiceLastAccessedDetailsResponse": {
@@ -7005,7 +7295,7 @@
"JobCompletionDate": {
"target": "com.amazonaws.iam#dateType",
"traits": {
- "smithy.api#documentation": "The date and time, in ISO 8601 date-time\n format, when the generated report job was completed or failed.
\n This field is null if the job is still in progress, as indicated by a job status value\n of IN_PROGRESS.
",
+ "smithy.api#documentation": "The date and time, in ISO 8601 date-time\n format, when the generated report job was completed or failed.
\n This field is null if the job is still in progress, as indicated by a job status value\n of IN_PROGRESS.
",
"smithy.api#required": {}
}
},
@@ -7028,6 +7318,9 @@
"smithy.api#documentation": "An object that contains details about the reason the operation failed.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetServiceLastAccessedDetailsWithEntities": {
@@ -7047,7 +7340,7 @@
}
],
"traits": {
- "smithy.api#documentation": "After you generate a group or policy report using the\n GenerateServiceLastAccessedDetails operation, you can use the\n JobId parameter in\n GetServiceLastAccessedDetailsWithEntities. This operation retrieves the\n status of your report job and a list of entities that could have used group or policy\n permissions to access the specified service.
\n \n - \n
\n Group – For a group report, this\n operation returns a list of users in the group that could have used the group’s\n policies in an attempt to access the service.
\n \n - \n
\n Policy – For a policy report, this\n operation returns a list of entities (users or roles) that could have used the\n policy in an attempt to access the service.
\n \n
\n You can also use this operation for user or role reports to retrieve details about\n those entities.
\n If the operation fails, the GetServiceLastAccessedDetailsWithEntities\n operation returns the reason that it failed.
\n By default, the list of associated entities is sorted by date, with the most recent\n access listed first.
"
+ "smithy.api#documentation": "After you generate a group or policy report using the\n GenerateServiceLastAccessedDetails operation, you can use the\n JobId parameter in\n GetServiceLastAccessedDetailsWithEntities. This operation retrieves the\n status of your report job and a list of entities that could have used group or policy\n permissions to access the specified service.
\n \n - \n
\n Group – For a group report, this\n operation returns a list of users in the group that could have used the group’s\n policies in an attempt to access the service.
\n \n - \n
\n Policy – For a policy report, this\n operation returns a list of entities (users or roles) that could have used the\n policy in an attempt to access the service.
\n \n
\n You can also use this operation for user or role reports to retrieve details about\n those entities.
\n If the operation fails, the GetServiceLastAccessedDetailsWithEntities\n operation returns the reason that it failed.
\n By default, the list of associated entities is sorted by date, with the most recent\n access listed first.
"
}
},
"com.amazonaws.iam#GetServiceLastAccessedDetailsWithEntitiesRequest": {
@@ -7063,7 +7356,7 @@
"ServiceNamespace": {
"target": "com.amazonaws.iam#serviceNamespaceType",
"traits": {
- "smithy.api#documentation": "The service namespace for an Amazon Web Services service. Provide the service namespace to learn\n when the IAM entity last attempted to access the specified service.
\n To learn the service namespace for a service, see Actions, resources, and condition keys for Amazon Web Services services in the\n IAM User Guide. Choose the name of the service to view\n details for that service. In the first paragraph, find the service prefix. For example,\n (service prefix: a4b). For more information about service namespaces,\n see Amazon Web Services\n service namespaces in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The service namespace for an Amazon Web Services service. Provide the service namespace to learn\n when the IAM entity last attempted to access the specified service.
\n To learn the service namespace for a service, see Actions, resources, and condition keys for Amazon Web Services services in the\n IAM User Guide. Choose the name of the service to view\n details for that service. In the first paragraph, find the service prefix. For example,\n (service prefix: a4b). For more information about service namespaces,\n see Amazon Web Services\n service namespaces in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
@@ -7079,6 +7372,9 @@
"smithy.api#documentation": "Use this parameter only when paginating results and only after \n you receive a response indicating that the results are truncated. Set it to the value of the\n Marker element in the response that you received to indicate where the next call \n should start.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetServiceLastAccessedDetailsWithEntitiesResponse": {
@@ -7101,7 +7397,7 @@
"JobCompletionDate": {
"target": "com.amazonaws.iam#dateType",
"traits": {
- "smithy.api#documentation": "The date and time, in ISO 8601 date-time\n format, when the generated report job was completed or failed.
\n This field is null if the job is still in progress, as indicated by a job status value\n of IN_PROGRESS.
",
+ "smithy.api#documentation": "The date and time, in ISO 8601 date-time\n format, when the generated report job was completed or failed.
\n This field is null if the job is still in progress, as indicated by a job status value\n of IN_PROGRESS.
",
"smithy.api#required": {}
}
},
@@ -7131,6 +7427,9 @@
"smithy.api#documentation": "An object that contains details about the reason the operation failed.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetServiceLinkedRoleDeletionStatus": {
@@ -7166,6 +7465,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetServiceLinkedRoleDeletionStatusResponse": {
@@ -7184,6 +7486,9 @@
"smithy.api#documentation": "An object that contains details about the reason the deletion failed.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetUser": {
@@ -7203,7 +7508,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves information about the specified IAM user, including the user's creation\n date, path, unique ID, and ARN.
\n If you do not specify a user name, IAM determines the user name implicitly based on\n the Amazon Web Services access key ID used to sign the request to this operation.
",
+ "smithy.api#documentation": "Retrieves information about the specified IAM user, including the user's creation\n date, path, unique ID, and ARN.
\n If you do not specify a user name, IAM determines the user name implicitly based on\n the Amazon Web Services access key ID used to sign the request to this operation.
",
"smithy.api#suppress": [
"WaitableTraitInvalidErrorType"
],
@@ -7245,7 +7550,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves the specified inline policy document that is embedded in the specified IAM\n user.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n An IAM user can also have managed policies attached to it. To retrieve a managed\n policy document that is attached to a user, use GetPolicy to determine\n the policy's default version. Then use GetPolicyVersion to retrieve\n the policy document.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Retrieves the specified inline policy document that is embedded in the specified IAM\n user.
\n \n Policies returned by this operation are URL-encoded compliant \n with RFC 3986. You can use a URL \n decoding method to convert the policy back to plain JSON text. For example, if you use Java, you \n can use the decode method of the java.net.URLDecoder utility class in \n the Java SDK. Other languages and SDKs provide similar functionality.
\n \n An IAM user can also have managed policies attached to it. To retrieve a managed\n policy document that is attached to a user, use GetPolicy to determine\n the policy's default version. Then use GetPolicyVersion to retrieve\n the policy document.
\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#GetUserPolicyRequest": {
@@ -7254,17 +7559,20 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user who the policy is associated with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user who the policy is associated with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The name of the policy document to get.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the policy document to get.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetUserPolicyResponse": {
@@ -7287,13 +7595,14 @@
"PolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The policy document.
\n\n IAM stores policies in JSON format. However, resources that were created using CloudFormation\n templates can be formatted in YAML. CloudFormation always converts a YAML policy to JSON format\n before submitting it to IAM.
",
+ "smithy.api#documentation": "The policy document.
\n IAM stores policies in JSON format. However, resources that were created using CloudFormation\n templates can be formatted in YAML. CloudFormation always converts a YAML policy to JSON format\n before submitting it to IAM.
",
"smithy.api#required": {}
}
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetUserPolicy request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful GetUserPolicy request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#GetUserRequest": {
@@ -7302,9 +7611,12 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user to get information about.
\n This parameter is optional. If it is not included, it defaults to the user making the\n request. This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the user to get information about.
\n This parameter is optional. If it is not included, it defaults to the user making the\n request. This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#GetUserResponse": {
@@ -7313,13 +7625,14 @@
"User": {
"target": "com.amazonaws.iam#User",
"traits": {
- "smithy.api#documentation": "A structure containing details about the IAM user.
\n \n Due to a service issue, password last used data does not include password use from\n May 3, 2018 22:50 PDT to May 23, 2018 14:08 PDT. This affects last sign-in dates shown in the IAM console and password last used\n dates in the IAM credential\n report, and returned by this operation. If users signed in during the\n affected time, the password last used date that is returned is the date the user\n last signed in before May 3, 2018. For users that signed in after May 23, 2018 14:08\n PDT, the returned password last used date is accurate.
\n You can use password last used information to identify unused credentials for\n deletion. For example, you might delete users who did not sign in to Amazon Web Services in the\n last 90 days. In cases like this, we recommend that you adjust your evaluation\n window to include dates after May 23, 2018. Alternatively, if your users use access\n keys to access Amazon Web Services programmatically you can refer to access key last used\n information because it is accurate for all dates.
\n ",
+ "smithy.api#documentation": "A structure containing details about the IAM user.
\n \n Due to a service issue, password last used data does not include password use from\n May 3, 2018 22:50 PDT to May 23, 2018 14:08 PDT. This affects last sign-in dates shown in the IAM console and password last used\n dates in the IAM credential\n report, and returned by this operation. If users signed in during the\n affected time, the password last used date that is returned is the date the user\n last signed in before May 3, 2018. For users that signed in after May 23, 2018 14:08\n PDT, the returned password last used date is accurate.
\n You can use password last used information to identify unused credentials for\n deletion. For example, you might delete users who did not sign in to Amazon Web Services in the\n last 90 days. In cases like this, we recommend that you adjust your evaluation\n window to include dates after May 23, 2018. Alternatively, if your users use access\n keys to access Amazon Web Services programmatically you can refer to access key last used\n information because it is accurate for all dates.
\n ",
"smithy.api#required": {}
}
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful GetUser request.
"
+ "smithy.api#documentation": "Contains the response to a successful GetUser request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#Group": {
@@ -7582,7 +7895,7 @@
"code": "LimitExceeded",
"httpResponseCode": 409
},
- "smithy.api#documentation": "The request was rejected because it attempted to create resources beyond the current Amazon Web Services\n account limits. The error message describes the limit exceeded.
",
+ "smithy.api#documentation": "The request was rejected because it attempted to create resources beyond the current\n Amazon Web Services account limits. The error message describes the limit exceeded.
",
"smithy.api#error": "client",
"smithy.api#httpError": 409
}
@@ -7610,7 +7923,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns information about the access key IDs associated with the specified IAM user.\n If there is none, the operation returns an empty list.
\n Although each user is limited to a small number of keys, you can still paginate the\n results using the MaxItems and Marker parameters.
\n If the UserName is not specified, the user name is determined implicitly\n based on the Amazon Web Services access key ID used to sign the request. If a temporary access key is\n used, then UserName is required. If a long-term key is assigned to the\n user, then UserName is not required. This operation works for access keys\n under the Amazon Web Services account. Consequently, you can use this operation to manage\n Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated\n users.
\n \n To ensure the security of your Amazon Web Services account, the secret access key is accessible\n only during key and user creation.
\n ",
+ "smithy.api#documentation": "Returns information about the access key IDs associated with the specified IAM user.\n If there is none, the operation returns an empty list.
\n Although each user is limited to a small number of keys, you can still paginate the\n results using the MaxItems and Marker parameters.
\n If the UserName is not specified, the user name is determined implicitly\n based on the Amazon Web Services access key ID used to sign the request. If a temporary access key is\n used, then UserName is required. If a long-term key is assigned to the\n user, then UserName is not required. This operation works for access keys\n under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user\n credentials even if the Amazon Web Services account has no associated users.
\n \n To ensure the security of your Amazon Web Services account, the secret access key is accessible\n only during key and user creation.
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -7625,7 +7938,7 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the user.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"Marker": {
@@ -7640,6 +7953,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListAccessKeysResponse": {
@@ -7667,7 +7983,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListAccessKeys request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListAccessKeys request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListAccountAliases": {
@@ -7708,6 +8025,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListAccountAliasesResponse": {
@@ -7735,7 +8055,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListAccountAliases request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListAccountAliases request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListAttachedGroupPolicies": {
@@ -7758,7 +8079,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists all managed policies that are attached to the specified IAM group.
\n An IAM group can also have inline policies embedded with it. To list the inline\n policies for a group, use ListGroupPolicies. For information about\n policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. You can use the PathPrefix parameter to limit the list of\n policies to only those matching the specified path prefix. If there are no policies\n attached to the specified group (or none that match the specified path prefix), the\n operation returns an empty list.
",
+ "smithy.api#documentation": "Lists all managed policies that are attached to the specified IAM group.
\n An IAM group can also have inline policies embedded with it. To list the inline\n policies for a group, use ListGroupPolicies. For information about\n policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. You can use the PathPrefix parameter to limit the list of\n policies to only those matching the specified path prefix. If there are no policies\n attached to the specified group (or none that match the specified path prefix), the\n operation returns an empty list.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -7773,14 +8094,14 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) of the group to list attached policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) of the group to list attached policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PathPrefix": {
"target": "com.amazonaws.iam#policyPathType",
"traits": {
- "smithy.api#documentation": "The path prefix for filtering the results. This parameter is optional. If it is not\n included, it defaults to a slash (/), listing all policies.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": "The path prefix for filtering the results. This parameter is optional. If it is not\n included, it defaults to a slash (/), listing all policies.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"Marker": {
@@ -7795,6 +8116,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListAttachedGroupPoliciesResponse": {
@@ -7821,7 +8145,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListAttachedGroupPolicies\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListAttachedGroupPolicies\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListAttachedRolePolicies": {
@@ -7844,7 +8169,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists all managed policies that are attached to the specified IAM role.
\n An IAM role can also have inline policies embedded with it. To list the inline\n policies for a role, use ListRolePolicies. For information about\n policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. You can use the PathPrefix parameter to limit the list of\n policies to only those matching the specified path prefix. If there are no policies\n attached to the specified role (or none that match the specified path prefix), the\n operation returns an empty list.
",
+ "smithy.api#documentation": "Lists all managed policies that are attached to the specified IAM role.
\n An IAM role can also have inline policies embedded with it. To list the inline\n policies for a role, use ListRolePolicies. For information about\n policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. You can use the PathPrefix parameter to limit the list of\n policies to only those matching the specified path prefix. If there are no policies\n attached to the specified role (or none that match the specified path prefix), the\n operation returns an empty list.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -7859,14 +8184,14 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) of the role to list attached policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) of the role to list attached policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PathPrefix": {
"target": "com.amazonaws.iam#policyPathType",
"traits": {
- "smithy.api#documentation": "The path prefix for filtering the results. This parameter is optional. If it is not\n included, it defaults to a slash (/), listing all policies.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": "The path prefix for filtering the results. This parameter is optional. If it is not\n included, it defaults to a slash (/), listing all policies.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"Marker": {
@@ -7881,6 +8206,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListAttachedRolePoliciesResponse": {
@@ -7907,7 +8235,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListAttachedRolePolicies\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListAttachedRolePolicies\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListAttachedUserPolicies": {
@@ -7930,7 +8259,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists all managed policies that are attached to the specified IAM user.
\n An IAM user can also have inline policies embedded with it. To list the inline\n policies for a user, use ListUserPolicies. For information about\n policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. You can use the PathPrefix parameter to limit the list of\n policies to only those matching the specified path prefix. If there are no policies\n attached to the specified group (or none that match the specified path prefix), the\n operation returns an empty list.
",
+ "smithy.api#documentation": "Lists all managed policies that are attached to the specified IAM user.
\n An IAM user can also have inline policies embedded with it. To list the inline\n policies for a user, use ListUserPolicies. For information about\n policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. You can use the PathPrefix parameter to limit the list of\n policies to only those matching the specified path prefix. If there are no policies\n attached to the specified group (or none that match the specified path prefix), the\n operation returns an empty list.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -7945,14 +8274,14 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name (friendly name, not ARN) of the user to list attached policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name (friendly name, not ARN) of the user to list attached policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PathPrefix": {
"target": "com.amazonaws.iam#policyPathType",
"traits": {
- "smithy.api#documentation": "The path prefix for filtering the results. This parameter is optional. If it is not\n included, it defaults to a slash (/), listing all policies.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": "The path prefix for filtering the results. This parameter is optional. If it is not\n included, it defaults to a slash (/), listing all policies.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"Marker": {
@@ -7967,6 +8296,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListAttachedUserPoliciesResponse": {
@@ -7993,7 +8325,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListAttachedUserPolicies\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListAttachedUserPolicies\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListEntitiesForPolicy": {
@@ -8016,7 +8349,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists all IAM users, groups, and roles that the specified managed policy is attached\n to.
\n You can use the optional EntityFilter parameter to limit the results to a\n particular type of entity (users, groups, or roles). For example, to list only the roles\n that are attached to the specified policy, set EntityFilter to\n Role.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Lists all IAM users, groups, and roles that the specified managed policy is attached\n to.
\n You can use the optional EntityFilter parameter to limit the results to a\n particular type of entity (users, groups, or roles). For example, to list only the roles\n that are attached to the specified policy, set EntityFilter to\n Role.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -8030,26 +8363,26 @@
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy for which you want the\n versions.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy for which you want the\n versions.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
"EntityFilter": {
"target": "com.amazonaws.iam#EntityType",
"traits": {
- "smithy.api#documentation": "The entity type to use for filtering the results.
\n For example, when EntityFilter is Role, only the roles that\n are attached to the specified policy are returned. This parameter is optional. If it is\n not included, all attached entities (users, groups, and roles) are returned. The\n argument for this parameter must be one of the valid values listed below.
"
+ "smithy.api#documentation": "The entity type to use for filtering the results.
\n For example, when EntityFilter is Role, only the roles that\n are attached to the specified policy are returned. This parameter is optional. If it is\n not included, all attached entities (users, groups, and roles) are returned. The\n argument for this parameter must be one of the valid values listed below.
"
}
},
"PathPrefix": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": "The path prefix for filtering the results. This parameter is optional. If it is not\n included, it defaults to a slash (/), listing all entities.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": "The path prefix for filtering the results. This parameter is optional. If it is not\n included, it defaults to a slash (/), listing all entities.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"PolicyUsageFilter": {
"target": "com.amazonaws.iam#PolicyUsageType",
"traits": {
- "smithy.api#documentation": "The policy usage method to use for filtering the results.
\n To list only permissions policies,\n set PolicyUsageFilter to PermissionsPolicy. To list only\n the policies used to set permissions boundaries, set the value\n to PermissionsBoundary.
\n This parameter is optional. If it is not included, all policies are returned.
"
+ "smithy.api#documentation": "The policy usage method to use for filtering the results.
\n To list only permissions policies,\n set PolicyUsageFilter to PermissionsPolicy. To list only\n the policies used to set permissions boundaries, set the value\n to PermissionsBoundary.
\n This parameter is optional. If it is not included, all policies are returned.
"
}
},
"Marker": {
@@ -8064,6 +8397,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListEntitiesForPolicyResponse": {
@@ -8102,7 +8438,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListEntitiesForPolicy request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListEntitiesForPolicy request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListGroupPolicies": {
@@ -8122,7 +8459,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the names of the inline policies that are embedded in the specified IAM\n group.
\n An IAM group can also have managed policies attached to it. To list the managed\n policies that are attached to a group, use ListAttachedGroupPolicies.\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. If there are no inline policies embedded with the specified group, the\n operation returns an empty list.
",
+ "smithy.api#documentation": "Lists the names of the inline policies that are embedded in the specified IAM\n group.
\n An IAM group can also have managed policies attached to it. To list the managed\n policies that are attached to a group, use ListAttachedGroupPolicies.\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. If there are no inline policies embedded with the specified group, the\n operation returns an empty list.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -8137,7 +8474,7 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name of the group to list policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the group to list policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -8153,6 +8490,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListGroupPoliciesResponse": {
@@ -8161,7 +8501,7 @@
"PolicyNames": {
"target": "com.amazonaws.iam#policyNameListType",
"traits": {
- "smithy.api#documentation": "A list of policy names.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "A list of policy names.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -8180,7 +8520,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListGroupPolicies request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListGroupPolicies request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListGroups": {
@@ -8197,7 +8538,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the IAM groups that have the specified path prefix.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Lists the IAM groups that have the specified path prefix.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -8223,7 +8564,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the IAM groups that the specified IAM user belongs to.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Lists the IAM groups that the specified IAM user belongs to.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -8238,7 +8579,7 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user to list groups for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user to list groups for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -8254,6 +8595,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListGroupsForUserResponse": {
@@ -8281,7 +8625,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListGroupsForUser request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListGroupsForUser request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListGroupsRequest": {
@@ -8290,7 +8635,7 @@
"PathPrefix": {
"target": "com.amazonaws.iam#pathPrefixType",
"traits": {
- "smithy.api#documentation": " The path prefix for filtering the results. For example, the prefix\n /division_abc/subdivision_xyz/ gets all groups whose path starts with\n /division_abc/subdivision_xyz/.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all groups. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path prefix for filtering the results. For example, the prefix\n /division_abc/subdivision_xyz/ gets all groups whose path starts with\n /division_abc/subdivision_xyz/.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all groups. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"Marker": {
@@ -8305,6 +8650,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListGroupsResponse": {
@@ -8332,7 +8680,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListGroups request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListGroups request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListInstanceProfileTags": {
@@ -8377,6 +8726,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListInstanceProfileTagsResponse": {
@@ -8402,6 +8754,9 @@
"smithy.api#documentation": "When IsTruncated is true, this element\n is present and contains the value to use for the Marker parameter in a subsequent \n pagination request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListInstanceProfiles": {
@@ -8418,7 +8773,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the instance profiles that have the specified path prefix. If there are none,\n the operation returns an empty list. For more information about instance profiles, see\n About\n instance profiles.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for an instance profile, see GetInstanceProfile.
\n \n You can paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Lists the instance profiles that have the specified path prefix. If there are none,\n the operation returns an empty list. For more information about instance profiles, see\n About\n instance profiles.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for an instance profile, see GetInstanceProfile.
\n \n You can paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -8444,7 +8799,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the instance profiles that have the specified associated IAM role. If there\n are none, the operation returns an empty list. For more information about instance\n profiles, go to About instance\n profiles.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Lists the instance profiles that have the specified associated IAM role. If there\n are none, the operation returns an empty list. For more information about instance\n profiles, go to About instance\n profiles.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -8459,7 +8814,7 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the role to list instance profiles for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the role to list instance profiles for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -8475,6 +8830,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListInstanceProfilesForRoleResponse": {
@@ -8502,7 +8860,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListInstanceProfilesForRole\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListInstanceProfilesForRole\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListInstanceProfilesRequest": {
@@ -8511,7 +8870,7 @@
"PathPrefix": {
"target": "com.amazonaws.iam#pathPrefixType",
"traits": {
- "smithy.api#documentation": " The path prefix for filtering the results. For example, the prefix\n /application_abc/component_xyz/ gets all instance profiles whose path\n starts with /application_abc/component_xyz/.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all instance profiles. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path prefix for filtering the results. For example, the prefix\n /application_abc/component_xyz/ gets all instance profiles whose path\n starts with /application_abc/component_xyz/.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all instance profiles. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"Marker": {
@@ -8526,6 +8885,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListInstanceProfilesResponse": {
@@ -8553,7 +8915,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListInstanceProfiles request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListInstanceProfiles request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListMFADeviceTags": {
@@ -8601,6 +8964,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListMFADeviceTagsResponse": {
@@ -8626,6 +8992,9 @@
"smithy.api#documentation": "When IsTruncated is true, this element\n is present and contains the value to use for the Marker parameter in a subsequent \n pagination request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListMFADevices": {
@@ -8645,7 +9014,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the MFA devices for an IAM user. If the request includes a IAM user name,\n then this operation lists all the MFA devices associated with the specified user. If you\n do not specify a user name, IAM determines the user name implicitly based on the Amazon Web Services\n access key ID signing the request for this operation.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Lists the MFA devices for an IAM user. If the request includes a IAM user name,\n then this operation lists all the MFA devices associated with the specified user. If you\n do not specify a user name, IAM determines the user name implicitly based on the Amazon Web Services\n access key ID signing the request for this operation.
\n You can paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -8660,7 +9029,7 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user whose MFA devices you want to list.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the user whose MFA devices you want to list.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"Marker": {
@@ -8675,6 +9044,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListMFADevicesResponse": {
@@ -8702,7 +9074,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListMFADevices request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListMFADevices request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListOpenIDConnectProviderTags": {
@@ -8750,6 +9123,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListOpenIDConnectProviderTagsResponse": {
@@ -8775,6 +9151,9 @@
"smithy.api#documentation": "When IsTruncated is true, this element\n is present and contains the value to use for the Marker parameter in a subsequent \n pagination request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListOpenIDConnectProviders": {
@@ -8791,12 +9170,15 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists information about the IAM OpenID Connect (OIDC) provider resource objects\n defined in the Amazon Web Services account.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for an OIDC provider, see GetOpenIDConnectProvider.
\n "
+ "smithy.api#documentation": "Lists information about the IAM OpenID Connect (OIDC) provider resource objects\n defined in the Amazon Web Services account.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for an OIDC provider, see GetOpenIDConnectProvider.
\n "
}
},
"com.amazonaws.iam#ListOpenIDConnectProvidersRequest": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#input": {}
+ }
},
"com.amazonaws.iam#ListOpenIDConnectProvidersResponse": {
"type": "structure",
@@ -8809,7 +9191,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListOpenIDConnectProviders\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListOpenIDConnectProviders\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListPolicies": {
@@ -8826,7 +9209,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists all the managed policies that are available in your Amazon Web Services account, including\n your own customer-defined managed policies and all Amazon Web Services managed policies.
\n You can filter the list of policies that is returned using the optional\n OnlyAttached, Scope, and PathPrefix\n parameters. For example, to list only the customer managed policies in your Amazon Web Services\n account, set Scope to Local. To list only Amazon Web Services managed\n policies, set Scope to AWS.
\n You can paginate the results using the MaxItems and Marker\n parameters.
\n For more information about managed policies, see Managed policies and inline\n policies in the IAM User Guide.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a customer manged policy, see\n GetPolicy.
\n ",
+ "smithy.api#documentation": "Lists all the managed policies that are available in your Amazon Web Services account, including\n your own customer-defined managed policies and all Amazon Web Services managed policies.
\n You can filter the list of policies that is returned using the optional\n OnlyAttached, Scope, and PathPrefix\n parameters. For example, to list only the customer managed policies in your Amazon Web Services\n account, set Scope to Local. To list only Amazon Web Services managed\n policies, set Scope to AWS.
\n You can paginate the results using the MaxItems and Marker\n parameters.
\n For more information about managed policies, see Managed policies and inline\n policies in the IAM User Guide.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a customer manged policy, see\n GetPolicy.
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -8852,7 +9235,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Retrieves a list of policies that the IAM identity (user, group, or role) can use to\n access each specified service.
\n \n This operation does not use other policy types when determining whether a resource\n could access a service. These other policy types include resource-based policies,\n access control lists, Organizations policies, IAM permissions boundaries, and STS\n assume role policies. It only applies permissions policy logic. For more about the\n evaluation of policy types, see Evaluating policies in the\n IAM User Guide.
\n \n The list of policies returned by the operation depends on the ARN of the identity that\n you provide.
\n \n - \n
\n User – The list of policies includes\n the managed and inline policies that are attached to the user directly. The list\n also includes any additional managed and inline policies that are attached to\n the group to which the user belongs.
\n \n - \n
\n Group – The list of policies includes\n only the managed and inline policies that are attached to the group directly.\n Policies that are attached to the group’s user are not included.
\n \n - \n
\n Role – The list of policies includes\n only the managed and inline policies that are attached to the role.
\n \n
\n For each managed policy, this operation returns the ARN and policy name. For each\n inline policy, it returns the policy name and the entity to which it is attached. Inline\n policies do not have an ARN. For more information about these policy types, see Managed policies and inline policies in the\n IAM User Guide.
\n Policies that are attached to users and roles as permissions boundaries are not\n returned. To view which managed policy is currently used to set the permissions boundary\n for a user or role, use the GetUser or GetRole\n operations.
"
+ "smithy.api#documentation": "Retrieves a list of policies that the IAM identity (user, group, or role) can use to\n access each specified service.
\n \n This operation does not use other policy types when determining whether a resource\n could access a service. These other policy types include resource-based policies,\n access control lists, Organizations policies, IAM permissions boundaries, and STS\n assume role policies. It only applies permissions policy logic. For more about the\n evaluation of policy types, see Evaluating policies in the\n IAM User Guide.
\n \n The list of policies returned by the operation depends on the ARN of the identity that\n you provide.
\n \n - \n
\n User – The list of policies includes\n the managed and inline policies that are attached to the user directly. The list\n also includes any additional managed and inline policies that are attached to\n the group to which the user belongs.
\n \n - \n
\n Group – The list of policies includes\n only the managed and inline policies that are attached to the group directly.\n Policies that are attached to the group’s user are not included.
\n \n - \n
\n Role – The list of policies includes\n only the managed and inline policies that are attached to the role.
\n \n
\n For each managed policy, this operation returns the ARN and policy name. For each\n inline policy, it returns the policy name and the entity to which it is attached. Inline\n policies do not have an ARN. For more information about these policy types, see Managed policies and inline policies in the\n IAM User Guide.
\n Policies that are attached to users and roles as permissions boundaries are not\n returned. To view which managed policy is currently used to set the permissions boundary\n for a user or role, use the GetUser or GetRole\n operations.
"
}
},
"com.amazonaws.iam#ListPoliciesGrantingServiceAccessEntry": {
@@ -8894,10 +9277,13 @@
"ServiceNamespaces": {
"target": "com.amazonaws.iam#serviceNamespaceListType",
"traits": {
- "smithy.api#documentation": "The service namespace for the Amazon Web Services services whose policies you want to list.
\n To learn the service namespace for a service, see Actions, resources, and condition keys for Amazon Web Services services in the\n IAM User Guide. Choose the name of the service to view\n details for that service. In the first paragraph, find the service prefix. For example,\n (service prefix: a4b). For more information about service namespaces,\n see Amazon Web Services\n service namespaces in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The service namespace for the Amazon Web Services services whose policies you want to list.
\n To learn the service namespace for a service, see Actions, resources, and condition keys for Amazon Web Services services in the\n IAM User Guide. Choose the name of the service to view\n details for that service. In the first paragraph, find the service prefix. For example,\n (service prefix: a4b). For more information about service namespaces,\n see Amazon Web Services\n service namespaces in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListPoliciesGrantingServiceAccessResponse": {
@@ -8923,6 +9309,9 @@
"smithy.api#documentation": "When IsTruncated is true, this element\n is present and contains the value to use for the Marker parameter in a subsequent \n pagination request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListPoliciesRequest": {
@@ -8931,14 +9320,14 @@
"Scope": {
"target": "com.amazonaws.iam#policyScopeType",
"traits": {
- "smithy.api#documentation": "The scope to use for filtering the results.
\n To list only Amazon Web Services managed policies, set Scope to AWS. To\n list only the customer managed policies in your Amazon Web Services account, set Scope to\n Local.
\n This parameter is optional. If it is not included, or if it is set to\n All, all policies are returned.
"
+ "smithy.api#documentation": "The scope to use for filtering the results.
\n To list only Amazon Web Services managed policies, set Scope to AWS. To\n list only the customer managed policies in your Amazon Web Services account, set Scope to\n Local.
\n This parameter is optional. If it is not included, or if it is set to\n All, all policies are returned.
"
}
},
"OnlyAttached": {
"target": "com.amazonaws.iam#booleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "A flag to filter the results to only the attached policies.
\n When OnlyAttached is true, the returned list contains only\n the policies that are attached to an IAM user, group, or role. When\n OnlyAttached is false, or when the parameter is not\n included, all policies are returned.
"
+ "smithy.api#documentation": "A flag to filter the results to only the attached policies.
\n When OnlyAttached is true, the returned list contains only\n the policies that are attached to an IAM user, group, or role. When\n OnlyAttached is false, or when the parameter is not\n included, all policies are returned.
"
}
},
"PathPrefix": {
@@ -8950,7 +9339,7 @@
"PolicyUsageFilter": {
"target": "com.amazonaws.iam#PolicyUsageType",
"traits": {
- "smithy.api#documentation": "The policy usage method to use for filtering the results.
\n To list only permissions policies,\n set PolicyUsageFilter to PermissionsPolicy. To list only\n the policies used to set permissions boundaries, set the value\n to PermissionsBoundary.
\n This parameter is optional. If it is not included, all policies are returned.
"
+ "smithy.api#documentation": "The policy usage method to use for filtering the results.
\n To list only permissions policies,\n set PolicyUsageFilter to PermissionsPolicy. To list only\n the policies used to set permissions boundaries, set the value\n to PermissionsBoundary.
\n This parameter is optional. If it is not included, all policies are returned.
"
}
},
"Marker": {
@@ -8965,6 +9354,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListPoliciesResponse": {
@@ -8991,7 +9383,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListPolicies request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListPolicies request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListPolicyTags": {
@@ -9039,6 +9432,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListPolicyTagsResponse": {
@@ -9064,6 +9460,9 @@
"smithy.api#documentation": "When IsTruncated is true, this element\n is present and contains the value to use for the Marker parameter in a subsequent \n pagination request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListPolicyVersions": {
@@ -9086,7 +9485,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists information about the versions of the specified managed policy, including the\n version that is currently set as the policy's default version.
\n For more information about managed policies, see Managed policies and inline\n policies in the IAM User Guide.
",
+ "smithy.api#documentation": "Lists information about the versions of the specified managed policy, including the\n version that is currently set as the policy's default version.
\n For more information about managed policies, see Managed policies and inline\n policies in the IAM User Guide.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -9101,7 +9500,7 @@
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy for which you want the\n versions.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy for which you want the\n versions.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
@@ -9117,6 +9516,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListPolicyVersionsResponse": {
@@ -9125,7 +9527,7 @@
"Versions": {
"target": "com.amazonaws.iam#policyDocumentVersionListType",
"traits": {
- "smithy.api#documentation": "A list of policy versions.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "A list of policy versions.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
"
}
},
"IsTruncated": {
@@ -9143,7 +9545,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListPolicyVersions request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListPolicyVersions request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListRolePolicies": {
@@ -9163,7 +9566,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the names of the inline policies that are embedded in the specified IAM\n role.
\n An IAM role can also have managed policies attached to it. To list the managed\n policies that are attached to a role, use ListAttachedRolePolicies.\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. If there are no inline policies embedded with the specified role, the\n operation returns an empty list.
",
+ "smithy.api#documentation": "Lists the names of the inline policies that are embedded in the specified IAM\n role.
\n An IAM role can also have managed policies attached to it. To list the managed\n policies that are attached to a role, use ListAttachedRolePolicies.\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. If there are no inline policies embedded with the specified role, the\n operation returns an empty list.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -9178,7 +9581,7 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the role to list policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the role to list policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -9194,6 +9597,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListRolePoliciesResponse": {
@@ -9221,7 +9627,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListRolePolicies request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListRolePolicies request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListRoleTags": {
@@ -9266,6 +9673,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListRoleTagsResponse": {
@@ -9291,6 +9701,9 @@
"smithy.api#documentation": "When IsTruncated is true, this element\n is present and contains the value to use for the Marker parameter in a subsequent \n pagination request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListRoles": {
@@ -9307,7 +9720,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the IAM roles that have the specified path prefix. If there are none, the\n operation returns an empty list. For more information about roles, see Working with\n roles.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a role, see GetRole.
\n \n You can paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Lists the IAM roles that have the specified path prefix. If there are none, the\n operation returns an empty list. For more information about roles, see Working with\n roles.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a role, see GetRole.
\n \n You can paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -9322,7 +9735,7 @@
"PathPrefix": {
"target": "com.amazonaws.iam#pathPrefixType",
"traits": {
- "smithy.api#documentation": " The path prefix for filtering the results. For example, the prefix\n /application_abc/component_xyz/ gets all roles whose path starts with\n /application_abc/component_xyz/.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all roles. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path prefix for filtering the results. For example, the prefix\n /application_abc/component_xyz/ gets all roles whose path starts with\n /application_abc/component_xyz/.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all roles. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"Marker": {
@@ -9337,6 +9750,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListRolesResponse": {
@@ -9364,7 +9780,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListRoles request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListRoles request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListSAMLProviderTags": {
@@ -9412,6 +9829,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListSAMLProviderTagsResponse": {
@@ -9437,6 +9857,9 @@
"smithy.api#documentation": "When IsTruncated is true, this element\n is present and contains the value to use for the Marker parameter in a subsequent \n pagination request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListSAMLProviders": {
@@ -9453,12 +9876,15 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the SAML provider resource objects defined in IAM in the account.\n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a SAML provider, see GetSAMLProvider.
\n \n This operation requires Signature Version 4.
\n "
+ "smithy.api#documentation": "Lists the SAML provider resource objects defined in IAM in the account.\n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a SAML provider, see GetSAMLProvider.
\n \n This operation requires Signature Version 4.
\n "
}
},
"com.amazonaws.iam#ListSAMLProvidersRequest": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#input": {}
+ }
},
"com.amazonaws.iam#ListSAMLProvidersResponse": {
"type": "structure",
@@ -9471,7 +9897,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListSAMLProviders request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListSAMLProviders request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListSSHPublicKeys": {
@@ -9488,7 +9915,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns information about the SSH public keys associated with the specified IAM\n user. If none exists, the operation returns an empty list.
\n The SSH public keys returned by this operation are used only for authenticating the\n IAM user to an CodeCommit repository. For more information about using SSH keys to\n authenticate to an CodeCommit repository, see Set up CodeCommit for\n SSH connections in the CodeCommit User Guide.
\n Although each user is limited to a small number of keys, you can still paginate the\n results using the MaxItems and Marker parameters.
",
+ "smithy.api#documentation": "Returns information about the SSH public keys associated with the specified IAM\n user. If none exists, the operation returns an empty list.
\n The SSH public keys returned by this operation are used only for authenticating the\n IAM user to an CodeCommit repository. For more information about using SSH keys to\n authenticate to an CodeCommit repository, see Set up CodeCommit for\n SSH connections in the CodeCommit User Guide.
\n Although each user is limited to a small number of keys, you can still paginate the\n results using the MaxItems and Marker parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -9503,7 +9930,7 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user to list SSH public keys for. If none is specified, the\n UserName field is determined implicitly based on the Amazon Web Services access key\n used to sign the request.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the IAM user to list SSH public keys for. If none is specified, the\n UserName field is determined implicitly based on the Amazon Web Services access key\n used to sign the request.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"Marker": {
@@ -9518,6 +9945,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListSSHPublicKeysResponse": {
@@ -9544,7 +9974,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListSSHPublicKeys\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListSSHPublicKeys\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListServerCertificateTags": {
@@ -9589,6 +10020,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListServerCertificateTagsResponse": {
@@ -9614,6 +10048,9 @@
"smithy.api#documentation": "When IsTruncated is true, this element\n is present and contains the value to use for the Marker parameter in a subsequent \n pagination request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListServerCertificates": {
@@ -9630,7 +10067,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the server certificates stored in IAM that have the specified path prefix. If\n none exist, the operation returns an empty list.
\n You can paginate the results using the MaxItems and Marker\n parameters.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic also includes a list of Amazon Web Services services that can use the server certificates that\n you manage with IAM.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a servercertificate, see GetServerCertificate.
\n ",
+ "smithy.api#documentation": "Lists the server certificates stored in IAM that have the specified path prefix. If\n none exist, the operation returns an empty list.
\n You can paginate the results using the MaxItems and Marker\n parameters.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic also includes a list of Amazon Web Services services that can use the server certificates that\n you manage with IAM.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a servercertificate, see GetServerCertificate.
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -9645,7 +10082,7 @@
"PathPrefix": {
"target": "com.amazonaws.iam#pathPrefixType",
"traits": {
- "smithy.api#documentation": " The path prefix for filtering the results. For example:\n /company/servercerts would get all server certificates for which the\n path starts with /company/servercerts.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all server certificates. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path prefix for filtering the results. For example:\n /company/servercerts would get all server certificates for which the\n path starts with /company/servercerts.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all server certificates. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"Marker": {
@@ -9660,6 +10097,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListServerCertificatesResponse": {
@@ -9687,7 +10127,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListServerCertificates request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListServerCertificates request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListServiceSpecificCredentials": {
@@ -9716,7 +10157,7 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the user whose service-specific credentials you want information about. If\n this value is not specified, then the operation assumes the user whose credentials are\n used to call the operation.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the user whose service-specific credentials you want information about. If\n this value is not specified, then the operation assumes the user whose credentials are\n used to call the operation.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"ServiceName": {
@@ -9725,6 +10166,9 @@
"smithy.api#documentation": "Filters the returned results to only those for the specified Amazon Web Services service. If not\n specified, then Amazon Web Services returns service-specific credentials for all services.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListServiceSpecificCredentialsResponse": {
@@ -9736,6 +10180,9 @@
"smithy.api#documentation": "A list of structures that each contain details about a service-specific\n credential.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListSigningCertificates": {
@@ -9755,7 +10202,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns information about the signing certificates associated with the specified IAM\n user. If none exists, the operation returns an empty list.
\n Although each user is limited to a small number of signing certificates, you can still\n paginate the results using the MaxItems and Marker\n parameters.
\n If the UserName field is not specified, the user name is determined\n implicitly based on the Amazon Web Services access key ID used to sign the request for this operation.\n This operation works for access keys under the Amazon Web Services account. Consequently, you can use\n this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account\n has no associated users.
",
+ "smithy.api#documentation": "Returns information about the signing certificates associated with the specified IAM\n user. If none exists, the operation returns an empty list.
\n Although each user is limited to a small number of signing certificates, you can still\n paginate the results using the MaxItems and Marker\n parameters.
\n If the UserName field is not specified, the user name is determined\n implicitly based on the Amazon Web Services access key ID used to sign the request for this operation.\n This operation works for access keys under the Amazon Web Services account. Consequently, you can use\n this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no\n associated users.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -9770,7 +10217,7 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user whose signing certificates you want to examine.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the IAM user whose signing certificates you want to examine.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"Marker": {
@@ -9785,6 +10232,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListSigningCertificatesResponse": {
@@ -9812,7 +10262,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListSigningCertificates\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListSigningCertificates\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListUserPolicies": {
@@ -9832,7 +10283,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the names of the inline policies embedded in the specified IAM user.
\n An IAM user can also have managed policies attached to it. To list the managed\n policies that are attached to a user, use ListAttachedUserPolicies.\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. If there are no inline policies embedded with the specified user, the\n operation returns an empty list.
",
+ "smithy.api#documentation": "Lists the names of the inline policies embedded in the specified IAM user.
\n An IAM user can also have managed policies attached to it. To list the managed\n policies that are attached to a user, use ListAttachedUserPolicies.\n For more information about policies, see Managed policies and inline\n policies in the IAM User Guide.
\n You can paginate the results using the MaxItems and Marker\n parameters. If there are no inline policies embedded with the specified user, the\n operation returns an empty list.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -9847,7 +10298,7 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user to list policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user to list policies for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
@@ -9863,6 +10314,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListUserPoliciesResponse": {
@@ -9890,7 +10344,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListUserPolicies request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListUserPolicies request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListUserTags": {
@@ -9941,6 +10396,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListUserTagsResponse": {
@@ -9966,6 +10424,9 @@
"smithy.api#documentation": "When IsTruncated is true, this element\n is present and contains the value to use for the Marker parameter in a subsequent \n pagination request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListUsers": {
@@ -9982,7 +10443,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Lists the IAM users that have the specified path prefix. If no path prefix is\n specified, the operation returns all users in the Amazon Web Services account. If there are none, the\n operation returns an empty list.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a user, see GetUser.
\n \n You can paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Lists the IAM users that have the specified path prefix. If no path prefix is\n specified, the operation returns all users in the Amazon Web Services account. If there are none, the\n operation returns an empty list.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a user, see GetUser.
\n \n You can paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -9997,7 +10458,7 @@
"PathPrefix": {
"target": "com.amazonaws.iam#pathPrefixType",
"traits": {
- "smithy.api#documentation": " The path prefix for filtering the results. For example:\n /division_abc/subdivision_xyz/, which would get all user names whose\n path starts with /division_abc/subdivision_xyz/.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all user names. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": " The path prefix for filtering the results. For example:\n /division_abc/subdivision_xyz/, which would get all user names whose\n path starts with /division_abc/subdivision_xyz/.
\n This parameter is optional. If it is not included, it defaults to a slash (/), listing\n all user names. This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"Marker": {
@@ -10012,6 +10473,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListUsersResponse": {
@@ -10039,7 +10503,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListUsers request.
"
+ "smithy.api#documentation": "Contains the response to a successful ListUsers request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ListVirtualMFADevices": {
@@ -10051,7 +10516,7 @@
"target": "com.amazonaws.iam#ListVirtualMFADevicesResponse"
},
"traits": {
- "smithy.api#documentation": "Lists the virtual MFA devices defined in the Amazon Web Services account by assignment status. If\n you do not specify an assignment status, the operation returns a list of all virtual MFA\n devices. Assignment status can be Assigned, Unassigned, or\n Any.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view tag information for a virtual MFA device, see ListMFADeviceTags.
\n \n You can paginate the results using the MaxItems and Marker\n parameters.
",
+ "smithy.api#documentation": "Lists the virtual MFA devices defined in the Amazon Web Services account by assignment status. If\n you do not specify an assignment status, the operation returns a list of all virtual MFA\n devices. Assignment status can be Assigned, Unassigned, or\n Any.
\n \n IAM resource-listing operations return a subset of the available \n attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view tag information for a virtual MFA device, see ListMFADeviceTags.
\n \n You can paginate the results using the MaxItems and Marker\n parameters.
",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -10081,6 +10546,9 @@
"smithy.api#documentation": "Use this only when paginating results to indicate the \n maximum number of items you want in the response. If additional items exist beyond the maximum \n you specify, the IsTruncated response element is true.
\n If you do not include this parameter, the number of items defaults to 100. Note that\n IAM might return fewer results, even when there are more results available. In that case, the\n IsTruncated response element returns true, and Marker \n contains a value to include in the subsequent call that tells the service where to continue \n from.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ListVirtualMFADevicesResponse": {
@@ -10108,7 +10576,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful ListVirtualMFADevices request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful ListVirtualMFADevices request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#LoginProfile": {
@@ -10884,7 +11353,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds or updates an inline policy document that is embedded in the specified IAM\n group.
\n A user can also have managed policies attached to it. To attach a managed policy to a\n group, use AttachGroupPolicy. To create a new managed policy, use\n CreatePolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
\n For information about the maximum number of inline policies that you can embed in a\n group, see IAM and STS quotas in the IAM User Guide.
\n \n Because policy documents can be large, you should use POST rather than GET when\n calling PutGroupPolicy. For general information about using the Query\n API with IAM, see Making query requests in the\n IAM User Guide.
\n "
+ "smithy.api#documentation": "Adds or updates an inline policy document that is embedded in the specified IAM\n group.
\n A user can also have managed policies attached to it. To attach a managed policy to a\n group, use AttachGroupPolicy. To create a new managed policy, use\n CreatePolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
\n For information about the maximum number of inline policies that you can embed in a\n group, see IAM and STS quotas in the IAM User Guide.
\n \n Because policy documents can be large, you should use POST rather than GET when\n calling PutGroupPolicy. For general information about using the Query\n API with IAM, see Making query requests in the\n IAM User Guide.
\n "
}
},
"com.amazonaws.iam#PutGroupPolicyRequest": {
@@ -10893,24 +11362,27 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name of the group to associate the policy with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-.
",
+ "smithy.api#documentation": "The name of the group to associate the policy with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-.
",
"smithy.api#required": {}
}
},
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The name of the policy document.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the policy document.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The policy document.
\n\n You must provide policies in JSON format in IAM. However, for CloudFormation templates\n formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always\n converts a YAML policy to JSON format before submitting it to = IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The policy document.
\n You must provide policies in JSON format in IAM. However, for CloudFormation templates\n formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always\n converts a YAML policy to JSON format before submitting it to = IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#PutRolePermissionsBoundary": {
@@ -10939,7 +11411,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds or updates the policy that is specified as the IAM role's permissions boundary.\n You can use an Amazon Web Services managed policy or a customer managed policy to set the boundary for\n a role. Use the boundary to control the maximum permissions that the role can have.\n Setting a permissions boundary is an advanced feature that can affect the permissions\n for the role.
\n You cannot set the boundary for a service-linked role.
\n \n Policies used as permissions boundaries do not provide permissions. You must also\n attach a permissions policy to the role. To learn how the effective permissions for\n a role are evaluated, see IAM JSON policy\n evaluation logic in the IAM User Guide.
\n "
+ "smithy.api#documentation": "Adds or updates the policy that is specified as the IAM role's permissions boundary.\n You can use an Amazon Web Services managed policy or a customer managed policy to set the boundary for\n a role. Use the boundary to control the maximum permissions that the role can have.\n Setting a permissions boundary is an advanced feature that can affect the permissions\n for the role.
\n You cannot set the boundary for a service-linked role.
\n \n Policies used as permissions boundaries do not provide permissions. You must also\n attach a permissions policy to the role. To learn how the effective permissions for\n a role are evaluated, see IAM JSON policy\n evaluation logic in the IAM User Guide.
\n "
}
},
"com.amazonaws.iam#PutRolePermissionsBoundaryRequest": {
@@ -10955,10 +11427,13 @@
"PermissionsBoundary": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The ARN of the policy that is used to set the permissions boundary for the\n role.
",
+ "smithy.api#documentation": "The ARN of the managed policy that is used to set the permissions boundary for the\n role.
\n A permissions boundary policy defines the maximum permissions that identity-based\n policies can grant to an entity, but does not grant permissions. Permissions boundaries\n do not define the maximum permissions that a resource-based policy can grant to an\n entity. To learn more, see Permissions boundaries\n for IAM entities in the IAM User Guide.
\n For more information about policy types, see Policy types\n in the IAM User Guide.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#PutRolePolicy": {
@@ -10987,7 +11462,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds or updates an inline policy document that is embedded in the specified IAM\n role.
\n When you embed an inline policy in a role, the inline policy is used as part of the\n role's access (permissions) policy. The role's trust policy is created at the same time\n as the role, using CreateRole. You can update a role's trust policy\n using UpdateAssumeRolePolicy. For more information about IAM roles,\n see Using roles to\n delegate permissions and federate identities.
\n A role can also have a managed policy attached to it. To attach a managed policy to a\n role, use AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
\n For information about the maximum number of inline policies that you can embed with a\n role, see IAM and STS quotas in the IAM User Guide.
\n \n Because policy documents can be large, you should use POST rather than GET when\n calling PutRolePolicy. For general information about using the Query\n API with IAM, see Making query requests in the\n IAM User Guide.
\n "
+ "smithy.api#documentation": "Adds or updates an inline policy document that is embedded in the specified IAM\n role.
\n When you embed an inline policy in a role, the inline policy is used as part of the\n role's access (permissions) policy. The role's trust policy is created at the same time\n as the role, using CreateRole. You can update a role's trust policy\n using UpdateAssumeRolePolicy. For more information about IAM roles,\n see Using roles to\n delegate permissions and federate identities.
\n A role can also have a managed policy attached to it. To attach a managed policy to a\n role, use AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
\n For information about the maximum number of inline policies that you can embed with a\n role, see IAM and STS quotas in the IAM User Guide.
\n \n Because policy documents can be large, you should use POST rather than GET when\n calling PutRolePolicy. For general information about using the Query\n API with IAM, see Making query requests in the\n IAM User Guide.
\n "
}
},
"com.amazonaws.iam#PutRolePolicyRequest": {
@@ -10996,24 +11471,27 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the role to associate the policy with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the role to associate the policy with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The name of the policy document.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the policy document.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The policy document.
\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The policy document.
\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#PutUserPermissionsBoundary": {
@@ -11039,7 +11517,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds or updates the policy that is specified as the IAM user's permissions boundary.\n You can use an Amazon Web Services managed policy or a customer managed policy to set the boundary for\n a user. Use the boundary to control the maximum permissions that the user can have.\n Setting a permissions boundary is an advanced feature that can affect the permissions\n for the user.
\n \n Policies that are used as permissions boundaries do not provide permissions. You\n must also attach a permissions policy to the user. To learn how the effective\n permissions for a user are evaluated, see IAM JSON policy\n evaluation logic in the IAM User Guide.
\n "
+ "smithy.api#documentation": "Adds or updates the policy that is specified as the IAM user's permissions\n boundary. You can use an Amazon Web Services managed policy or a customer managed policy to set the\n boundary for a user. Use the boundary to control the maximum permissions that the user\n can have. Setting a permissions boundary is an advanced feature that can affect the\n permissions for the user.
\n \n Policies that are used as permissions boundaries do not provide permissions. You\n must also attach a permissions policy to the user. To learn how the effective\n permissions for a user are evaluated, see IAM JSON policy\n evaluation logic in the IAM User Guide.
\n "
}
},
"com.amazonaws.iam#PutUserPermissionsBoundaryRequest": {
@@ -11055,10 +11533,13 @@
"PermissionsBoundary": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The ARN of the policy that is used to set the permissions boundary for the\n user.
",
+ "smithy.api#documentation": "The ARN of the managed policy that is used to set the permissions boundary for the\n user.
\n A permissions boundary policy defines the maximum permissions that identity-based\n policies can grant to an entity, but does not grant permissions. Permissions boundaries\n do not define the maximum permissions that a resource-based policy can grant to an\n entity. To learn more, see Permissions boundaries\n for IAM entities in the IAM User Guide.
\n For more information about policy types, see Policy types\n in the IAM User Guide.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#PutUserPolicy": {
@@ -11084,7 +11565,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds or updates an inline policy document that is embedded in the specified IAM\n user.
\n An IAM user can also have a managed policy attached to it. To attach a managed\n policy to a user, use AttachUserPolicy. To create a new managed\n policy, use CreatePolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
\n For information about the maximum number of inline policies that you can embed in a\n user, see IAM and STS quotas in the IAM User Guide.
\n \n Because policy documents can be large, you should use POST rather than GET when\n calling PutUserPolicy. For general information about using the Query\n API with IAM, see Making query requests in the\n IAM User Guide.
\n "
+ "smithy.api#documentation": "Adds or updates an inline policy document that is embedded in the specified IAM\n user.
\n An IAM user can also have a managed policy attached to it. To attach a managed\n policy to a user, use AttachUserPolicy. To create a new managed\n policy, use CreatePolicy. For information about policies, see Managed\n policies and inline policies in the\n IAM User Guide.
\n For information about the maximum number of inline policies that you can embed in a\n user, see IAM and STS quotas in the IAM User Guide.
\n \n Because policy documents can be large, you should use POST rather than GET when\n calling PutUserPolicy. For general information about using the Query\n API with IAM, see Making query requests in the\n IAM User Guide.
\n "
}
},
"com.amazonaws.iam#PutUserPolicyRequest": {
@@ -11093,24 +11574,27 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user to associate the policy with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user to associate the policy with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyName": {
"target": "com.amazonaws.iam#policyNameType",
"traits": {
- "smithy.api#documentation": "The name of the policy document.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the policy document.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The policy document.
\n\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The policy document.
\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ReasonType": {
@@ -11151,7 +11635,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Removes the specified client ID (also known as audience) from the list of client IDs\n registered for the specified IAM OpenID Connect (OIDC) provider resource\n object.
\n This operation is idempotent; it does not fail or return an error if you try to remove\n a client ID that does not exist.
"
+ "smithy.api#documentation": "Removes the specified client ID (also known as audience) from the list of client IDs\n registered for the specified IAM OpenID Connect (OIDC) provider resource\n object.
\n This operation is idempotent; it does not fail or return an error if you try to remove\n a client ID that does not exist.
"
}
},
"com.amazonaws.iam#RemoveClientIDFromOpenIDConnectProviderRequest": {
@@ -11160,7 +11644,7 @@
"OpenIDConnectProviderArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM OIDC provider resource to remove the\n client ID from. You can get a list of OIDC provider ARNs by using the ListOpenIDConnectProviders operation.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM OIDC provider resource to remove the\n client ID from. You can get a list of OIDC provider ARNs by using the ListOpenIDConnectProviders operation.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
@@ -11171,6 +11655,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#RemoveRoleFromInstanceProfile": {
@@ -11196,7 +11683,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Removes the specified IAM role from the specified EC2 instance profile.
\n \n Make sure that you do not have any Amazon EC2 instances running with the role you\n are about to remove from the instance profile. Removing a role from an instance\n profile that is associated with a running instance might break any applications\n running on the instance.
\n \n For more information about IAM roles, see Working with roles. For more\n information about instance profiles, see About instance\n profiles.
"
+ "smithy.api#documentation": "Removes the specified IAM role from the specified EC2 instance profile.
\n \n Make sure that you do not have any Amazon EC2 instances running with the role you\n are about to remove from the instance profile. Removing a role from an instance\n profile that is associated with a running instance might break any applications\n running on the instance.
\n \n For more information about IAM roles, see Working with roles. For more\n information about instance profiles, see About instance\n profiles.
"
}
},
"com.amazonaws.iam#RemoveRoleFromInstanceProfileRequest": {
@@ -11205,17 +11692,20 @@
"InstanceProfileName": {
"target": "com.amazonaws.iam#instanceProfileNameType",
"traits": {
- "smithy.api#documentation": "The name of the instance profile to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the instance profile to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the role to remove.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the role to remove.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#RemoveUserFromGroup": {
@@ -11247,17 +11737,20 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "The name of the group to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the group to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user to remove.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user to remove.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ReportContentType": {
@@ -11340,16 +11833,19 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user associated with the service-specific credential. If this\n value is not specified, then the operation assumes the user whose credentials are used\n to call the operation.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the IAM user associated with the service-specific credential. If this\n value is not specified, then the operation assumes the user whose credentials are used\n to call the operation.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"ServiceSpecificCredentialId": {
"target": "com.amazonaws.iam#serviceSpecificCredentialId",
"traits": {
- "smithy.api#documentation": "The unique identifier of the service-specific credential.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The unique identifier of the service-specific credential.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#ResetServiceSpecificCredentialResponse": {
@@ -11358,9 +11854,12 @@
"ServiceSpecificCredential": {
"target": "com.amazonaws.iam#ServiceSpecificCredential",
"traits": {
- "smithy.api#documentation": "A structure with details about the updated service-specific credential, including the\n new password.
\n \n This is the only time that you can access the\n password. You cannot recover the password later, but you can reset it again.
\n "
+ "smithy.api#documentation": "A structure with details about the updated service-specific credential, including the\n new password.
\n \n This is the only time that you can access the\n password. You cannot recover the password later, but you can reset it again.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#ResourceHandlingOptionType": {
@@ -11462,7 +11961,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Synchronizes the specified MFA device with its IAM resource object on the Amazon Web Services\n servers.
\n For more information about creating and working with virtual MFA devices, see Using a virtual MFA\n device in the IAM User Guide.
"
+ "smithy.api#documentation": "Synchronizes the specified MFA device with its IAM resource object on the Amazon Web Services\n servers.
\n For more information about creating and working with virtual MFA devices, see Using a virtual MFA\n device in the IAM User Guide.
"
}
},
"com.amazonaws.iam#ResyncMFADeviceRequest": {
@@ -11471,31 +11970,34 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user whose MFA device you want to resynchronize.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user whose MFA device you want to resynchronize.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"SerialNumber": {
"target": "com.amazonaws.iam#serialNumberType",
"traits": {
- "smithy.api#documentation": "Serial number that uniquely identifies the MFA device.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "Serial number that uniquely identifies the MFA device.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"AuthenticationCode1": {
"target": "com.amazonaws.iam#authenticationCodeType",
"traits": {
- "smithy.api#documentation": "An authentication code emitted by the device.
\n The format for this parameter is a sequence of six digits.
",
+ "smithy.api#documentation": "An authentication code emitted by the device.
\n The format for this parameter is a sequence of six digits.
",
"smithy.api#required": {}
}
},
"AuthenticationCode2": {
"target": "com.amazonaws.iam#authenticationCodeType",
"traits": {
- "smithy.api#documentation": "A subsequent authentication code emitted by the device.
\n The format for this parameter is a sequence of six digits.
",
+ "smithy.api#documentation": "A subsequent authentication code emitted by the device.
\n The format for this parameter is a sequence of six digits.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#Role": {
@@ -11569,7 +12071,7 @@
"RoleLastUsed": {
"target": "com.amazonaws.iam#RoleLastUsed",
"traits": {
- "smithy.api#documentation": "Contains information about the last time that an IAM role was used. This includes the\n date and time and the Region in which the role was last used. Activity is only reported for\n the trailing 400 days. This period can be shorter if your Region began supporting these\n features within the last year. The role might have been used more than 400 days ago. For\n more information, see Regions where data is tracked in the IAM User\n Guide.
"
+ "smithy.api#documentation": "Contains information about the last time that an IAM role was used. This includes the\n date and time and the Region in which the role was last used. Activity is only reported for\n the trailing 400 days. This period can be shorter if your Region began supporting these\n features within the last year. The role might have been used more than 400 days ago. For\n more information, see Regions where data is tracked in the IAM user\n Guide.
"
}
}
},
@@ -11646,7 +12148,7 @@
"RoleLastUsed": {
"target": "com.amazonaws.iam#RoleLastUsed",
"traits": {
- "smithy.api#documentation": "Contains information about the last time that an IAM role was used. This includes the\n date and time and the Region in which the role was last used. Activity is only reported for\n the trailing 400 days. This period can be shorter if your Region began supporting these\n features within the last year. The role might have been used more than 400 days ago. For\n more information, see Regions where data is tracked in the IAM User\n Guide.
"
+ "smithy.api#documentation": "Contains information about the last time that an IAM role was used. This includes the\n date and time and the Region in which the role was last used. Activity is only reported for\n the trailing 400 days. This period can be shorter if your Region began supporting these\n features within the last year. The role might have been used more than 400 days ago. For\n more information, see Regions where data is tracked in the IAM User Guide.
"
}
}
},
@@ -11671,7 +12173,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains information about the last time that an IAM role was used. This includes the\n date and time and the Region in which the role was last used. Activity is only reported for\n the trailing 400 days. This period can be shorter if your Region began supporting these\n features within the last year. The role might have been used more than 400 days ago. For\n more information, see Regions where data is tracked in the IAM User\n Guide.
\n This data type is returned as a response element in the GetRole and\n GetAccountAuthorizationDetails operations.
"
+ "smithy.api#documentation": "Contains information about the last time that an IAM role was used. This includes the\n date and time and the Region in which the role was last used. Activity is only reported for\n the trailing 400 days. This period can be shorter if your Region began supporting these\n features within the last year. The role might have been used more than 400 days ago. For\n more information, see Regions where data is tracked in the IAM user\n Guide.
\n This data type is returned as a response element in the GetRole and\n GetAccountAuthorizationDetails operations.
"
}
},
"com.amazonaws.iam#RoleUsageListType": {
@@ -12152,7 +12654,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Sets the specified version of the specified policy as the policy's default (operative)\n version.
\n This operation affects all users, groups, and roles that the policy is attached to. To\n list the users, groups, and roles that the policy is attached to, use ListEntitiesForPolicy.
\n For information about managed policies, see Managed policies and inline\n policies in the IAM User Guide.
"
+ "smithy.api#documentation": "Sets the specified version of the specified policy as the policy's default (operative)\n version.
\n This operation affects all users, groups, and roles that the policy is attached to. To\n list the users, groups, and roles that the policy is attached to, use ListEntitiesForPolicy.
\n For information about managed policies, see Managed policies and inline\n policies in the IAM User Guide.
"
}
},
"com.amazonaws.iam#SetDefaultPolicyVersionRequest": {
@@ -12161,17 +12663,20 @@
"PolicyArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy whose default version you want to\n set.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM policy whose default version you want to\n set.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
"VersionId": {
"target": "com.amazonaws.iam#policyVersionIdType",
"traits": {
- "smithy.api#documentation": "The version of the policy to set as the default (operative) version.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
",
+ "smithy.api#documentation": "The version of the policy to set as the default (operative) version.
\n For more information about managed policy versions, see Versioning for managed\n policies in the IAM User Guide.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#SetSecurityTokenServicePreferences": {
@@ -12188,7 +12693,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Sets the specified version of the global endpoint token as the token version used for\n the Amazon Web Services account.
\n By default, Security Token Service (STS) is available as a global service, and all STS requests\n go to a single endpoint at https://sts.amazonaws.com. Amazon Web Services recommends\n using Regional STS endpoints to reduce latency, build in redundancy, and increase\n session token availability. For information about Regional endpoints for STS, see\n Security Token Service\n endpoints and quotas in the Amazon Web Services General Reference.
\n If you make an STS call to the global endpoint, the resulting session tokens might\n be valid in some Regions but not others. It depends on the version that is set in this\n operation. Version 1 tokens are valid only in Amazon Web Services Regions that are\n available by default. These tokens do not work in manually enabled Regions, such as Asia\n Pacific (Hong Kong). Version 2 tokens are valid in all Regions. However, version 2\n tokens are longer and might affect systems where you temporarily store tokens. For\n information, see Activating and\n deactivating STS in an Amazon Web Services Region in the\n IAM User Guide.
\n To view the current session token version, see the\n GlobalEndpointTokenVersion entry in the response of the GetAccountSummary operation.
"
+ "smithy.api#documentation": "Sets the specified version of the global endpoint token as the token version used for\n the Amazon Web Services account.
\n By default, Security Token Service (STS) is available as a global service, and all STS requests\n go to a single endpoint at https://sts.amazonaws.com. Amazon Web Services recommends\n using Regional STS endpoints to reduce latency, build in redundancy, and increase\n session token availability. For information about Regional endpoints for STS, see\n Security Token Service\n endpoints and quotas in the Amazon Web Services General Reference.
\n If you make an STS call to the global endpoint, the resulting session tokens might\n be valid in some Regions but not others. It depends on the version that is set in this\n operation. Version 1 tokens are valid only in Amazon Web Services Regions that are\n available by default. These tokens do not work in manually enabled Regions, such as Asia\n Pacific (Hong Kong). Version 2 tokens are valid in all Regions. However, version 2\n tokens are longer and might affect systems where you temporarily store tokens. For\n information, see Activating and\n deactivating STS in an Amazon Web Services Region in the\n IAM User Guide.
\n To view the current session token version, see the\n GlobalEndpointTokenVersion entry in the response of the GetAccountSummary operation.
"
}
},
"com.amazonaws.iam#SetSecurityTokenServicePreferencesRequest": {
@@ -12197,10 +12702,13 @@
"GlobalEndpointTokenVersion": {
"target": "com.amazonaws.iam#globalEndpointTokenVersion",
"traits": {
- "smithy.api#documentation": "The version of the global endpoint token. Version 1 tokens are valid only in Amazon Web Services Regions that are available by default. These tokens do not work in\n manually enabled Regions, such as Asia Pacific (Hong Kong). Version 2 tokens are valid\n in all Regions. However, version 2 tokens are longer and might affect systems where you\n temporarily store tokens.
\n For information, see Activating and\n deactivating STS in an Amazon Web Services Region in the\n IAM User Guide.
",
+ "smithy.api#documentation": "The version of the global endpoint token. Version 1 tokens are valid only in Amazon Web Services Regions that are available by default. These tokens do not work in\n manually enabled Regions, such as Asia Pacific (Hong Kong). Version 2 tokens are valid\n in all Regions. However, version 2 tokens are longer and might affect systems where you\n temporarily store tokens.
\n For information, see Activating and\n deactivating STS in an Amazon Web Services Region in the\n IAM User Guide.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#SigningCertificate": {
@@ -12262,7 +12770,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Simulate how a set of IAM policies and optionally a resource-based policy works with\n a list of API operations and Amazon Web Services resources to determine the policies' effective\n permissions. The policies are provided as strings.
\n The simulation does not perform the API operations; it only checks the authorization\n to determine if the simulated policies allow or deny the operations. You can simulate\n resources that don't exist in your account.
\n If you want to simulate existing policies that are attached to an IAM user, group,\n or role, use SimulatePrincipalPolicy instead.
\n Context keys are variables that are maintained by Amazon Web Services and its services and which\n provide details about the context of an API query request. You can use the\n Condition element of an IAM policy to evaluate context keys. To get\n the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy.
\n If the output is long, you can use MaxItems and Marker\n parameters to paginate the results.
\n For more information about using the policy simulator, see Testing IAM policies\n with the IAM policy simulator in the\n IAM User Guide.
",
+ "smithy.api#documentation": "Simulate how a set of IAM policies and optionally a resource-based policy works with\n a list of API operations and Amazon Web Services resources to determine the policies' effective\n permissions. The policies are provided as strings.
\n The simulation does not perform the API operations; it only checks the authorization\n to determine if the simulated policies allow or deny the operations. You can simulate\n resources that don't exist in your account.
\n If you want to simulate existing policies that are attached to an IAM user, group,\n or role, use SimulatePrincipalPolicy instead.
\n Context keys are variables that are maintained by Amazon Web Services and its services and which\n provide details about the context of an API query request. You can use the\n Condition element of an IAM policy to evaluate context keys. To get\n the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy.
\n If the output is long, you can use MaxItems and Marker\n parameters to paginate the results.
\n \n The IAM policy simulator evaluates statements in the identity-based policy and\n the inputs that you provide during simulation. The policy simulator results can\n differ from your live Amazon Web Services environment. We recommend that you check your policies\n against your live Amazon Web Services environment after testing using the policy simulator to\n confirm that you have the desired results. For more information about using the\n policy simulator, see Testing IAM\n policies with the IAM policy simulator in the\n IAM User Guide.
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -12277,14 +12785,14 @@
"PolicyInputList": {
"target": "com.amazonaws.iam#SimulationPolicyListType",
"traits": {
- "smithy.api#documentation": "A list of policy documents to include in the simulation. Each document is specified as\n a string containing the complete, valid JSON text of an IAM policy. Do not include any\n resource-based policies in this parameter. Any resource-based policy must be submitted\n with the ResourcePolicy parameter. The policies cannot be \"scope-down\"\n policies, such as you could include in a call to GetFederationToken or one of\n the AssumeRole API operations. In other words, do not use policies designed to\n restrict what a user can do while using the temporary credentials.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "A list of policy documents to include in the simulation. Each document is specified as\n a string containing the complete, valid JSON text of an IAM policy. Do not include any\n resource-based policies in this parameter. Any resource-based policy must be submitted\n with the ResourcePolicy parameter. The policies cannot be \"scope-down\"\n policies, such as you could include in a call to GetFederationToken or one of\n the AssumeRole API operations. In other words, do not use policies designed to\n restrict what a user can do while using the temporary credentials.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
},
"PermissionsBoundaryPolicyInputList": {
"target": "com.amazonaws.iam#SimulationPolicyListType",
"traits": {
- "smithy.api#documentation": "The IAM permissions boundary policy to simulate. The permissions boundary sets the\n maximum permissions that an IAM entity can have. You can input only one permissions\n boundary when you pass a policy to this operation. For more information about\n permissions boundaries, see Permissions boundaries for IAM\n entities in the IAM User Guide. The policy input is\n specified as a string that contains the complete, valid JSON text of a permissions\n boundary policy.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
+ "smithy.api#documentation": "The IAM permissions boundary policy to simulate. The permissions boundary sets the\n maximum permissions that an IAM entity can have. You can input only one permissions\n boundary when you pass a policy to this operation. For more information about\n permissions boundaries, see Permissions boundaries for IAM\n entities in the IAM User Guide. The policy input is\n specified as a string that contains the complete, valid JSON text of a permissions\n boundary policy.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
}
},
"ActionNames": {
@@ -12297,25 +12805,25 @@
"ResourceArns": {
"target": "com.amazonaws.iam#ResourceNameListType",
"traits": {
- "smithy.api#documentation": "A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is\n not provided, then the value defaults to * (all resources). Each API in the\n ActionNames parameter is evaluated for each resource in this list. The\n simulation determines the access result (allowed or denied) of each combination and\n reports it in the response. You can simulate resources that don't exist in your\n account.
\n The simulation does not automatically retrieve policies for the specified resources.\n If you want to include a resource policy in the simulation, then you must include the\n policy as a string in the ResourcePolicy parameter.
\n If you include a ResourcePolicy, then it must be applicable to all of the\n resources included in the simulation or you receive an invalid input error.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
"
+ "smithy.api#documentation": "A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is\n not provided, then the value defaults to * (all resources). Each API in the\n ActionNames parameter is evaluated for each resource in this list. The\n simulation determines the access result (allowed or denied) of each combination and\n reports it in the response. You can simulate resources that don't exist in your\n account.
\n The simulation does not automatically retrieve policies for the specified resources.\n If you want to include a resource policy in the simulation, then you must include the\n policy as a string in the ResourcePolicy parameter.
\n If you include a ResourcePolicy, then it must be applicable to all of the\n resources included in the simulation or you receive an invalid input error.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
\n \n Simulation of resource-based policies isn't supported for IAM roles.
\n "
}
},
"ResourcePolicy": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "A resource-based policy to include in the simulation provided as a string. Each\n resource in the simulation is treated as if it had this policy attached. You can include\n only one resource-based policy in a simulation.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
+ "smithy.api#documentation": "A resource-based policy to include in the simulation provided as a string. Each\n resource in the simulation is treated as if it had this policy attached. You can include\n only one resource-based policy in a simulation.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
\n \n Simulation of resource-based policies isn't supported for IAM roles.
\n "
}
},
"ResourceOwner": {
"target": "com.amazonaws.iam#ResourceNameType",
"traits": {
- "smithy.api#documentation": "An ARN representing the Amazon Web Services account ID that specifies the owner of any simulated\n resource that does not identify its owner in the resource ARN. Examples of resource ARNs\n include an S3 bucket or object. If ResourceOwner is specified, it is also\n used as the account owner of any ResourcePolicy included in the simulation.\n If the ResourceOwner parameter is not specified, then the owner of the\n resources and the resource policy defaults to the account of the identity provided in\n CallerArn. This parameter is required only if you specify a\n resource-based policy and account that owns the resource is different from the account\n that owns the simulated calling user CallerArn.
\n The ARN for an account uses the following syntax:\n arn:aws:iam::AWS-account-ID:root. For example,\n to represent the account with the 112233445566 ID, use the following ARN:\n arn:aws:iam::112233445566-ID:root.
"
+ "smithy.api#documentation": "An ARN representing the Amazon Web Services account ID that specifies the owner of any simulated\n resource that does not identify its owner in the resource ARN. Examples of resource ARNs\n include an S3 bucket or object. If ResourceOwner is specified, it is also\n used as the account owner of any ResourcePolicy included in the simulation.\n If the ResourceOwner parameter is not specified, then the owner of the\n resources and the resource policy defaults to the account of the identity provided in\n CallerArn. This parameter is required only if you specify a\n resource-based policy and account that owns the resource is different from the account\n that owns the simulated calling user CallerArn.
\n The ARN for an account uses the following syntax:\n arn:aws:iam::AWS-account-ID:root. For example,\n to represent the account with the 112233445566 ID, use the following ARN:\n arn:aws:iam::112233445566-ID:root.
"
}
},
"CallerArn": {
"target": "com.amazonaws.iam#ResourceNameType",
"traits": {
- "smithy.api#documentation": "The ARN of the IAM user that you want to use as the simulated caller of the API\n operations. CallerArn is required if you include a\n ResourcePolicy so that the policy's Principal element has\n a value to use in evaluating the policy.
\n You can specify only the ARN of an IAM user. You cannot specify the ARN of an\n assumed role, federated user, or a service principal.
"
+ "smithy.api#documentation": "The ARN of the IAM user that you want to use as the simulated caller of the API\n operations. CallerArn is required if you include a\n ResourcePolicy so that the policy's Principal element has\n a value to use in evaluating the policy.
\n You can specify only the ARN of an IAM user. You cannot specify the ARN of an\n assumed role, federated user, or a service principal.
"
}
},
"ContextEntries": {
@@ -12327,7 +12835,7 @@
"ResourceHandlingOption": {
"target": "com.amazonaws.iam#ResourceHandlingOptionType",
"traits": {
- "smithy.api#documentation": "Specifies the type of simulation to run. Different API operations that support\n resource-based policies require different combinations of resources. By specifying the\n type of simulation to run, you enable the policy simulator to enforce the presence of\n the required resources to ensure reliable simulation results. If your simulation does\n not match one of the following scenarios, then you can omit this parameter. The\n following list shows each of the supported scenario values and the resources that you\n must define to run the simulation.
\n Each of the EC2 scenarios requires that you specify instance, image, and security\n group resources. If your scenario includes an EBS volume, then you must specify that\n volume as a resource. If the EC2 scenario includes VPC, then you must supply the network\n interface resource. If it includes an IP subnet, then you must specify the subnet\n resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User\n Guide.
\n \n - \n
\n EC2-VPC-InstanceStore\n
\n instance, image, security group, network interface
\n \n - \n
\n EC2-VPC-InstanceStore-Subnet\n
\n instance, image, security group, network interface, subnet
\n \n - \n
\n EC2-VPC-EBS\n
\n instance, image, security group, network interface, volume
\n \n - \n
\n EC2-VPC-EBS-Subnet\n
\n instance, image, security group, network interface, subnet, volume
\n \n
"
+ "smithy.api#documentation": "Specifies the type of simulation to run. Different API operations that support\n resource-based policies require different combinations of resources. By specifying the\n type of simulation to run, you enable the policy simulator to enforce the presence of\n the required resources to ensure reliable simulation results. If your simulation does\n not match one of the following scenarios, then you can omit this parameter. The\n following list shows each of the supported scenario values and the resources that you\n must define to run the simulation.
\n Each of the EC2 scenarios requires that you specify instance, image, and security\n group resources. If your scenario includes an EBS volume, then you must specify that\n volume as a resource. If the EC2 scenario includes VPC, then you must supply the network\n interface resource. If it includes an IP subnet, then you must specify the subnet\n resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User\n Guide.
\n \n - \n
\n EC2-VPC-InstanceStore\n
\n instance, image, security group, network interface
\n \n - \n
\n EC2-VPC-InstanceStore-Subnet\n
\n instance, image, security group, network interface, subnet
\n \n - \n
\n EC2-VPC-EBS\n
\n instance, image, security group, network interface, volume
\n \n - \n
\n EC2-VPC-EBS-Subnet\n
\n instance, image, security group, network interface, subnet, volume
\n \n
"
}
},
"MaxItems": {
@@ -12342,6 +12850,9 @@
"smithy.api#documentation": "Use this parameter only when paginating results and only after \n you receive a response indicating that the results are truncated. Set it to the value of the\n Marker element in the response that you received to indicate where the next call \n should start.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#SimulatePolicyResponse": {
@@ -12391,7 +12902,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Simulate how a set of IAM policies attached to an IAM entity works with a list of\n API operations and Amazon Web Services resources to determine the policies' effective permissions. The\n entity can be an IAM user, group, or role. If you specify a user, then the simulation\n also includes all of the policies that are attached to groups that the user belongs to.\n You can simulate resources that don't exist in your account.
\n You can optionally include a list of one or more additional policies specified as\n strings to include in the simulation. If you want to simulate only policies specified as\n strings, use SimulateCustomPolicy instead.
\n You can also optionally include one resource-based policy to be evaluated with each of\n the resources included in the simulation.
\n The simulation does not perform the API operations; it only checks the authorization\n to determine if the simulated policies allow or deny the operations.
\n \n Note: This operation discloses information about the\n permissions granted to other users. If you do not want users to see other user's\n permissions, then consider allowing them to use SimulateCustomPolicy\n instead.
\n Context keys are variables maintained by Amazon Web Services and its services that provide details\n about the context of an API query request. You can use the Condition\n element of an IAM policy to evaluate context keys. To get the list of context keys\n that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy.
\n If the output is long, you can use the MaxItems and Marker\n parameters to paginate the results.
\n For more information about using the policy simulator, see Testing IAM policies\n with the IAM policy simulator in the\n IAM User Guide.
",
+ "smithy.api#documentation": "Simulate how a set of IAM policies attached to an IAM entity works with a list of\n API operations and Amazon Web Services resources to determine the policies' effective permissions. The\n entity can be an IAM user, group, or role. If you specify a user, then the simulation\n also includes all of the policies that are attached to groups that the user belongs to.\n You can simulate resources that don't exist in your account.
\n You can optionally include a list of one or more additional policies specified as\n strings to include in the simulation. If you want to simulate only policies specified as\n strings, use SimulateCustomPolicy instead.
\n You can also optionally include one resource-based policy to be evaluated with each of\n the resources included in the simulation for IAM users only.
\n The simulation does not perform the API operations; it only checks the authorization\n to determine if the simulated policies allow or deny the operations.
\n \n Note: This operation discloses information about the\n permissions granted to other users. If you do not want users to see other user's\n permissions, then consider allowing them to use SimulateCustomPolicy\n instead.
\n Context keys are variables maintained by Amazon Web Services and its services that provide details\n about the context of an API query request. You can use the Condition\n element of an IAM policy to evaluate context keys. To get the list of context keys\n that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy.
\n If the output is long, you can use the MaxItems and Marker\n parameters to paginate the results.
\n \n The IAM policy simulator evaluates statements in the identity-based policy and\n the inputs that you provide during simulation. The policy simulator results can\n differ from your live Amazon Web Services environment. We recommend that you check your policies\n against your live Amazon Web Services environment after testing using the policy simulator to\n confirm that you have the desired results. For more information about using the\n policy simulator, see Testing IAM\n policies with the IAM policy simulator in the\n IAM User Guide.
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "Marker",
@@ -12406,20 +12917,20 @@
"PolicySourceArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to\n include in the simulation. If you specify a user, group, or role, the simulation\n includes all policies that are associated with that entity. If you specify a user, the\n simulation also includes all policies that are attached to any groups the user belongs\n to.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to\n include in the simulation. If you specify a user, group, or role, the simulation\n includes all policies that are associated with that entity. If you specify a user, the\n simulation also includes all policies that are attached to any groups the user belongs\n to.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
"PolicyInputList": {
"target": "com.amazonaws.iam#SimulationPolicyListType",
"traits": {
- "smithy.api#documentation": "An optional list of additional policy documents to include in the simulation. Each\n document is specified as a string containing the complete, valid JSON text of an IAM\n policy.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
+ "smithy.api#documentation": "An optional list of additional policy documents to include in the simulation. Each\n document is specified as a string containing the complete, valid JSON text of an IAM\n policy.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
}
},
"PermissionsBoundaryPolicyInputList": {
"target": "com.amazonaws.iam#SimulationPolicyListType",
"traits": {
- "smithy.api#documentation": "The IAM permissions boundary policy to simulate. The permissions boundary sets the\n maximum permissions that the entity can have. You can input only one permissions\n boundary when you pass a policy to this operation. An IAM entity can only have one\n permissions boundary in effect at a time. For example, if a permissions boundary is\n attached to an entity and you pass in a different permissions boundary policy using this\n parameter, then the new permissions boundary policy is used for the simulation. For more\n information about permissions boundaries, see Permissions boundaries for IAM\n entities in the IAM User Guide. The policy input is\n specified as a string containing the complete, valid JSON text of a permissions boundary\n policy.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
+ "smithy.api#documentation": "The IAM permissions boundary policy to simulate. The permissions boundary sets the\n maximum permissions that the entity can have. You can input only one permissions\n boundary when you pass a policy to this operation. An IAM entity can only have one\n permissions boundary in effect at a time. For example, if a permissions boundary is\n attached to an entity and you pass in a different permissions boundary policy using this\n parameter, then the new permissions boundary policy is used for the simulation. For more\n information about permissions boundaries, see Permissions boundaries for IAM\n entities in the IAM User Guide. The policy input is\n specified as a string containing the complete, valid JSON text of a permissions boundary\n policy.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
}
},
"ActionNames": {
@@ -12432,13 +12943,13 @@
"ResourceArns": {
"target": "com.amazonaws.iam#ResourceNameListType",
"traits": {
- "smithy.api#documentation": "A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is\n not provided, then the value defaults to * (all resources). Each API in the\n ActionNames parameter is evaluated for each resource in this list. The\n simulation determines the access result (allowed or denied) of each combination and\n reports it in the response. You can simulate resources that don't exist in your\n account.
\n The simulation does not automatically retrieve policies for the specified resources.\n If you want to include a resource policy in the simulation, then you must include the\n policy as a string in the ResourcePolicy parameter.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
"
+ "smithy.api#documentation": "A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is\n not provided, then the value defaults to * (all resources). Each API in the\n ActionNames parameter is evaluated for each resource in this list. The\n simulation determines the access result (allowed or denied) of each combination and\n reports it in the response. You can simulate resources that don't exist in your\n account.
\n The simulation does not automatically retrieve policies for the specified resources.\n If you want to include a resource policy in the simulation, then you must include the\n policy as a string in the ResourcePolicy parameter.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
\n \n Simulation of resource-based policies isn't supported for IAM roles.
\n "
}
},
"ResourcePolicy": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "A resource-based policy to include in the simulation provided as a string. Each\n resource in the simulation is treated as if it had this policy attached. You can include\n only one resource-based policy in a simulation.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
+ "smithy.api#documentation": "A resource-based policy to include in the simulation provided as a string. Each\n resource in the simulation is treated as if it had this policy attached. You can include\n only one resource-based policy in a simulation.
\n The maximum length of the policy document that you can pass in this operation,\n including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
\n \n Simulation of resource-based policies isn't supported for IAM roles.
\n "
}
},
"ResourceOwner": {
@@ -12450,7 +12961,7 @@
"CallerArn": {
"target": "com.amazonaws.iam#ResourceNameType",
"traits": {
- "smithy.api#documentation": "The ARN of the IAM user that you want to specify as the simulated caller of the API\n operations. If you do not specify a CallerArn, it defaults to the ARN of\n the user that you specify in PolicySourceArn, if you specified a user. If\n you include both a PolicySourceArn (for example,\n arn:aws:iam::123456789012:user/David) and a CallerArn (for\n example, arn:aws:iam::123456789012:user/Bob), the result is that you\n simulate calling the API operations as Bob, as if Bob had David's policies.
\n You can specify only the ARN of an IAM user. You cannot specify the ARN of an\n assumed role, federated user, or a service principal.
\n \n CallerArn is required if you include a ResourcePolicy and\n the PolicySourceArn is not the ARN for an IAM user. This is required so\n that the resource-based policy's Principal element has a value to use in\n evaluating the policy.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
"
+ "smithy.api#documentation": "The ARN of the IAM user that you want to specify as the simulated caller of the API\n operations. If you do not specify a CallerArn, it defaults to the ARN of\n the user that you specify in PolicySourceArn, if you specified a user. If\n you include both a PolicySourceArn (for example,\n arn:aws:iam::123456789012:user/David) and a CallerArn (for\n example, arn:aws:iam::123456789012:user/Bob), the result is that you\n simulate calling the API operations as Bob, as if Bob had David's policies.
\n You can specify only the ARN of an IAM user. You cannot specify the ARN of an\n assumed role, federated user, or a service principal.
\n \n CallerArn is required if you include a ResourcePolicy and\n the PolicySourceArn is not the ARN for an IAM user. This is required so\n that the resource-based policy's Principal element has a value to use in\n evaluating the policy.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
"
}
},
"ContextEntries": {
@@ -12462,7 +12973,7 @@
"ResourceHandlingOption": {
"target": "com.amazonaws.iam#ResourceHandlingOptionType",
"traits": {
- "smithy.api#documentation": "Specifies the type of simulation to run. Different API operations that support\n resource-based policies require different combinations of resources. By specifying the\n type of simulation to run, you enable the policy simulator to enforce the presence of\n the required resources to ensure reliable simulation results. If your simulation does\n not match one of the following scenarios, then you can omit this parameter. The\n following list shows each of the supported scenario values and the resources that you\n must define to run the simulation.
\n Each of the EC2 scenarios requires that you specify instance, image, and security\n group resources. If your scenario includes an EBS volume, then you must specify that\n volume as a resource. If the EC2 scenario includes VPC, then you must supply the network\n interface resource. If it includes an IP subnet, then you must specify the subnet\n resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User\n Guide.
\n \n - \n
\n EC2-VPC-InstanceStore\n
\n instance, image, security group, network interface
\n \n - \n
\n EC2-VPC-InstanceStore-Subnet\n
\n instance, image, security group, network interface, subnet
\n \n - \n
\n EC2-VPC-EBS\n
\n instance, image, security group, network interface, volume
\n \n - \n
\n EC2-VPC-EBS-Subnet\n
\n instance, image, security group, network interface, subnet, volume
\n \n
"
+ "smithy.api#documentation": "Specifies the type of simulation to run. Different API operations that support\n resource-based policies require different combinations of resources. By specifying the\n type of simulation to run, you enable the policy simulator to enforce the presence of\n the required resources to ensure reliable simulation results. If your simulation does\n not match one of the following scenarios, then you can omit this parameter. The\n following list shows each of the supported scenario values and the resources that you\n must define to run the simulation.
\n Each of the EC2 scenarios requires that you specify instance, image, and security\n group resources. If your scenario includes an EBS volume, then you must specify that\n volume as a resource. If the EC2 scenario includes VPC, then you must supply the network\n interface resource. If it includes an IP subnet, then you must specify the subnet\n resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User\n Guide.
\n \n - \n
\n EC2-VPC-InstanceStore\n
\n instance, image, security group, network interface
\n \n - \n
\n EC2-VPC-InstanceStore-Subnet\n
\n instance, image, security group, network interface, subnet
\n \n - \n
\n EC2-VPC-EBS\n
\n instance, image, security group, network interface, volume
\n \n - \n
\n EC2-VPC-EBS-Subnet\n
\n instance, image, security group, network interface, subnet, volume
\n \n
"
}
},
"MaxItems": {
@@ -12477,6 +12988,9 @@
"smithy.api#documentation": "Use this parameter only when paginating results and only after \n you receive a response indicating that the results are truncated. Set it to the value of the\n Marker element in the response that you received to indicate where the next call \n should start.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#SimulationPolicyListType": {
@@ -12591,6 +13105,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#TagMFADevice": {
@@ -12639,6 +13156,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#TagOpenIDConnectProvider": {
@@ -12667,7 +13187,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider. For\n more information about these providers, see About web identity federation. If\n a tag with the same key name already exists, then that tag is overwritten with the new\n value.
\n A tag consists of a key name and an associated value. By assigning tags to your\n resources, you can do the following:
\n \n - \n
\n Administrative grouping and discovery - Attach\n tags to resources to aid in organization and search. For example, you could search for all\n resources with the key name Project and the value\n MyImportantProject. Or search for all resources with the key name\n Cost Center and the value 41200.
\n \n - \n
\n Access control - Include tags in IAM user-based\n and resource-based policies. You can use tags to restrict access to only an OIDC provider\n that has a specified tag attached. For examples of policies that show how to use tags to\n control access, see Control access using IAM tags in the\n IAM User Guide.
\n \n
\n \n \n - \n
If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n - \n
Amazon Web Services always interprets the tag Value as a single string. If you\n need to store an array, you can store comma-separated values in the string. However, you\n must interpret the value in your code.
\n \n
\n "
+ "smithy.api#documentation": "Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider. For\n more information about these providers, see About web identity federation. If\n a tag with the same key name already exists, then that tag is overwritten with the new\n value.
\n A tag consists of a key name and an associated value. By assigning tags to your\n resources, you can do the following:
\n \n - \n
\n Administrative grouping and discovery - Attach\n tags to resources to aid in organization and search. For example, you could search for all\n resources with the key name Project and the value\n MyImportantProject. Or search for all resources with the key name\n Cost Center and the value 41200.
\n \n - \n
\n Access control - Include tags in IAM identity-based\n and resource-based policies. You can use tags to restrict access to only an OIDC provider\n that has a specified tag attached. For examples of policies that show how to use tags to\n control access, see Control access using IAM tags in the\n IAM User Guide.
\n \n
\n \n \n - \n
If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n - \n
Amazon Web Services always interprets the tag Value as a single string. If you\n need to store an array, you can store comma-separated values in the string. However, you\n must interpret the value in your code.
\n \n
\n "
}
},
"com.amazonaws.iam#TagOpenIDConnectProviderRequest": {
@@ -12687,6 +13207,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#TagPolicy": {
@@ -12735,6 +13258,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#TagRole": {
@@ -12783,6 +13309,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#TagSAMLProvider": {
@@ -12831,6 +13360,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#TagServerCertificate": {
@@ -12879,6 +13411,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#TagUser": {
@@ -12907,7 +13442,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds one or more tags to an IAM user. If a tag with the same key name already exists,\n then that tag is overwritten with the new value.
\n A tag consists of a key name and an associated value. By assigning tags to your\n resources, you can do the following:
\n \n - \n
\n Administrative grouping and discovery - Attach\n tags to resources to aid in organization and search. For example, you could search for all\n resources with the key name Project and the value\n MyImportantProject. Or search for all resources with the key name\n Cost Center and the value 41200.
\n \n - \n
\n Access control - Include tags in IAM user-based\n and resource-based policies. You can use tags to restrict access to only an IAM\n requesting user that has a specified tag attached. You can also restrict access to only\n those resources that have a certain tag attached. For examples of policies that show how\n to use tags to control access, see Control access using IAM tags in the\n IAM User Guide.
\n \n - \n
\n Cost allocation - Use tags to help track which\n individuals and teams are using which Amazon Web Services resources.
\n \n
\n \n \n - \n
If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n - \n
Amazon Web Services always interprets the tag Value as a single string. If you\n need to store an array, you can store comma-separated values in the string. However, you\n must interpret the value in your code.
\n \n
\n \n For more information about tagging, see Tagging IAM identities in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Adds one or more tags to an IAM user. If a tag with the same key name already exists,\n then that tag is overwritten with the new value.
\n A tag consists of a key name and an associated value. By assigning tags to your\n resources, you can do the following:
\n \n - \n
\n Administrative grouping and discovery - Attach\n tags to resources to aid in organization and search. For example, you could search for all\n resources with the key name Project and the value\n MyImportantProject. Or search for all resources with the key name\n Cost Center and the value 41200.
\n \n - \n
\n Access control - Include tags in IAM identity-based\n and resource-based policies. You can use tags to restrict access to only an IAM\n requesting user that has a specified tag attached. You can also restrict access to only\n those resources that have a certain tag attached. For examples of policies that show how\n to use tags to control access, see Control access using IAM tags in the\n IAM User Guide.
\n \n - \n
\n Cost allocation - Use tags to help track which\n individuals and teams are using which Amazon Web Services resources.
\n \n
\n \n \n - \n
If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n - \n
Amazon Web Services always interprets the tag Value as a single string. If you\n need to store an array, you can store comma-separated values in the string. However, you\n must interpret the value in your code.
\n \n
\n \n For more information about tagging, see Tagging IAM identities in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#TagUserRequest": {
@@ -12927,6 +13462,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#TrackedActionLastAccessed": {
@@ -13041,6 +13579,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UntagMFADevice": {
@@ -13086,6 +13627,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UntagOpenIDConnectProvider": {
@@ -13131,6 +13675,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UntagPolicy": {
@@ -13176,6 +13723,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UntagRole": {
@@ -13218,6 +13768,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UntagSAMLProvider": {
@@ -13263,6 +13816,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UntagServerCertificate": {
@@ -13308,6 +13864,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UntagUser": {
@@ -13350,6 +13909,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateAccessKey": {
@@ -13372,7 +13934,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Changes the status of the specified access key from Active to Inactive, or vice versa.\n This operation can be used to disable a user's key as part of a key rotation\n workflow.
\n If the UserName is not specified, the user name is determined implicitly\n based on the Amazon Web Services access key ID used to sign the request. If a temporary access key is\n used, then UserName is required. If a long-term key is assigned to the\n user, then UserName is not required. This operation works for access keys\n under the Amazon Web Services account. Consequently, you can use this operation to manage\n Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated\n users.
\n For information about rotating keys, see Managing keys and certificates\n in the IAM User Guide.
"
+ "smithy.api#documentation": "Changes the status of the specified access key from Active to Inactive, or vice versa.\n This operation can be used to disable a user's key as part of a key rotation\n workflow.
\n If the UserName is not specified, the user name is determined implicitly\n based on the Amazon Web Services access key ID used to sign the request. If a temporary access key is\n used, then UserName is required. If a long-term key is assigned to the\n user, then UserName is not required. This operation works for access keys\n under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user\n credentials even if the Amazon Web Services account has no associated users.
\n For information about rotating keys, see Managing keys and certificates\n in the IAM User Guide.
"
}
},
"com.amazonaws.iam#UpdateAccessKeyRequest": {
@@ -13381,13 +13943,13 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user whose key you want to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the user whose key you want to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"AccessKeyId": {
"target": "com.amazonaws.iam#accessKeyIdType",
"traits": {
- "smithy.api#documentation": "The access key ID of the secret access key you want to update.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The access key ID of the secret access key you want to update.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
},
@@ -13398,6 +13960,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateAccountPasswordPolicy": {
@@ -13423,7 +13988,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Updates the password policy settings for the Amazon Web Services account.
\n \n This operation does not support partial updates. No parameters are required, but\n if you do not specify a parameter, that parameter's value reverts to its default\n value. See the Request Parameters section for each\n parameter's default value. Also note that some parameters do not allow the default\n parameter to be explicitly set. Instead, to invoke the default value, do not include\n that parameter when you invoke the operation.
\n \n For more information about using a password policy, see Managing an IAM password\n policy in the IAM User Guide.
"
+ "smithy.api#documentation": "Updates the password policy settings for the Amazon Web Services account.
\n \n This operation does not support partial updates. No parameters are required, but\n if you do not specify a parameter, that parameter's value reverts to its default\n value. See the Request Parameters section for each\n parameter's default value. Also note that some parameters do not allow the default\n parameter to be explicitly set. Instead, to invoke the default value, do not include\n that parameter when you invoke the operation.
\n \n For more information about using a password policy, see Managing an IAM password\n policy in the IAM User Guide.
"
}
},
"com.amazonaws.iam#UpdateAccountPasswordPolicyRequest": {
@@ -13432,62 +13997,65 @@
"MinimumPasswordLength": {
"target": "com.amazonaws.iam#minimumPasswordLengthType",
"traits": {
- "smithy.api#documentation": "The minimum number of characters allowed in an IAM user password.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of 6.
"
+ "smithy.api#documentation": "The minimum number of characters allowed in an IAM user password.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of 6.
"
}
},
"RequireSymbols": {
"target": "com.amazonaws.iam#booleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "Specifies whether IAM user passwords must contain at least one of the following\n non-alphanumeric characters:
\n ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that passwords do not require at least one\n symbol character.
"
+ "smithy.api#documentation": "Specifies whether IAM user passwords must contain at least one of the following\n non-alphanumeric characters:
\n ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that passwords do not require at least one\n symbol character.
"
}
},
"RequireNumbers": {
"target": "com.amazonaws.iam#booleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "Specifies whether IAM user passwords must contain at least one numeric character (0\n to 9).
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that passwords do not require at least one\n numeric character.
"
+ "smithy.api#documentation": "Specifies whether IAM user passwords must contain at least one numeric character (0\n to 9).
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that passwords do not require at least one\n numeric character.
"
}
},
"RequireUppercaseCharacters": {
"target": "com.amazonaws.iam#booleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "Specifies whether IAM user passwords must contain at least one uppercase character\n from the ISO basic Latin alphabet (A to Z).
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that passwords do not require at least one\n uppercase character.
"
+ "smithy.api#documentation": "Specifies whether IAM user passwords must contain at least one uppercase character\n from the ISO basic Latin alphabet (A to Z).
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that passwords do not require at least one\n uppercase character.
"
}
},
"RequireLowercaseCharacters": {
"target": "com.amazonaws.iam#booleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "Specifies whether IAM user passwords must contain at least one lowercase character\n from the ISO basic Latin alphabet (a to z).
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that passwords do not require at least one\n lowercase character.
"
+ "smithy.api#documentation": "Specifies whether IAM user passwords must contain at least one lowercase character\n from the ISO basic Latin alphabet (a to z).
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that passwords do not require at least one\n lowercase character.
"
}
},
"AllowUsersToChangePassword": {
"target": "com.amazonaws.iam#booleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": " Allows all IAM users in your account to use the Amazon Web Services Management Console to change their own\n passwords. For more information, see Permitting\n IAM users to change their own passwords in the\n IAM User Guide.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that IAM users in the account do not\n automatically have permissions to change their own password.
"
+ "smithy.api#documentation": " Allows all IAM users in your account to use the Amazon Web Services Management Console to change their own\n passwords. For more information, see Permitting\n IAM users to change their own passwords in the\n IAM User Guide.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that IAM users in the account do not\n automatically have permissions to change their own password.
"
}
},
"MaxPasswordAge": {
"target": "com.amazonaws.iam#maxPasswordAgeType",
"traits": {
- "smithy.api#documentation": "The number of days that an IAM user password is valid.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of 0. The result is that IAM user passwords never expire.
"
+ "smithy.api#documentation": "The number of days that an IAM user password is valid.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of 0. The result is that IAM user passwords never expire.
"
}
},
"PasswordReusePrevention": {
"target": "com.amazonaws.iam#passwordReusePreventionType",
"traits": {
- "smithy.api#documentation": "Specifies the number of previous passwords that IAM users are prevented from\n reusing.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of 0. The result is that IAM users are not prevented from reusing\n previous passwords.
"
+ "smithy.api#documentation": "Specifies the number of previous passwords that IAM users are prevented from\n reusing.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of 0. The result is that IAM users are not prevented from reusing\n previous passwords.
"
}
},
"HardExpiry": {
"target": "com.amazonaws.iam#booleanObjectType",
"traits": {
- "smithy.api#documentation": " Prevents IAM users who are accessing the account via the Amazon Web Services Management Console from setting a\n new console password after their password has expired. The IAM user cannot access the\n console until an administrator resets the password.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that IAM users can change their passwords\n after they expire and continue to sign in as the user.
\n \n In the Amazon Web Services Management Console, the custom password policy option Allow\n users to change their own password gives IAM users permissions to\n iam:ChangePassword for only their user and to the\n iam:GetAccountPasswordPolicy action. This option does not attach a\n permissions policy to each user, rather the permissions are applied at the\n account-level for all users by IAM. IAM users with\n iam:ChangePassword permission and active access keys can reset\n their own expired console password using the CLI or API.
\n "
+ "smithy.api#documentation": " Prevents IAM users who are accessing the account via the Amazon Web Services Management Console from setting a\n new console password after their password has expired. The IAM user cannot access the\n console until an administrator resets the password.
\n If you do not specify a value for this parameter, then the operation uses the default\n value of false. The result is that IAM users can change their passwords\n after they expire and continue to sign in as the user.
\n \n In the Amazon Web Services Management Console, the custom password policy option Allow\n users to change their own password gives IAM users permissions to\n iam:ChangePassword for only their user and to the\n iam:GetAccountPasswordPolicy action. This option does not attach a\n permissions policy to each user, rather the permissions are applied at the\n account-level for all users by IAM. IAM users with\n iam:ChangePassword permission and active access keys can reset\n their own expired console password using the CLI or API.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateAssumeRolePolicy": {
@@ -13525,17 +14093,20 @@
"RoleName": {
"target": "com.amazonaws.iam#roleNameType",
"traits": {
- "smithy.api#documentation": "The name of the role to update with the new policy.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the role to update with the new policy.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"PolicyDocument": {
"target": "com.amazonaws.iam#policyDocumentType",
"traits": {
- "smithy.api#documentation": "The policy that grants an entity permission to assume the role.
\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The policy that grants an entity permission to assume the role.
\n You must provide policies in JSON format in IAM. However, for CloudFormation\n templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to\n IAM.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateGroup": {
@@ -13561,7 +14132,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Updates the name and/or the path of the specified IAM group.
\n \n You should understand the implications of changing a group's path or name. For\n more information, see Renaming users and\n groups in the IAM User Guide.
\n \n \n The person making the request (the principal), must have permission to change the\n role group with the old name and the new name. For example, to change the group\n named Managers to MGRs, the principal must have a policy\n that allows them to update both groups. If the principal has permission to update\n the Managers group, but not the MGRs group, then the\n update fails. For more information about permissions, see Access management.\n
\n "
+ "smithy.api#documentation": "Updates the name and/or the path of the specified IAM group.
\n \n You should understand the implications of changing a group's path or name. For\n more information, see Renaming users and\n groups in the IAM User Guide.
\n \n \n The person making the request (the principal), must have permission to change the\n role group with the old name and the new name. For example, to change the group\n named Managers to MGRs, the principal must have a policy\n that allows them to update both groups. If the principal has permission to update\n the Managers group, but not the MGRs group, then the\n update fails. For more information about permissions, see Access management.\n
\n "
}
},
"com.amazonaws.iam#UpdateGroupRequest": {
@@ -13570,22 +14141,25 @@
"GroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "Name of the IAM group to update. If you're changing the name of the group, this is\n the original name.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "Name of the IAM group to update. If you're changing the name of the group, this is\n the original name.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"NewPath": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": "New path for the IAM group. Only include this if changing the group's path.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": "New path for the IAM group. Only include this if changing the group's path.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"NewGroupName": {
"target": "com.amazonaws.iam#groupNameType",
"traits": {
- "smithy.api#documentation": "New name for the IAM group. Only include this if changing the group's name.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
"
+ "smithy.api#documentation": "New name for the IAM group. Only include this if changing the group's name.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateLoginProfile": {
@@ -13614,7 +14188,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Changes the password for the specified IAM user. You can use the CLI,\n the Amazon Web Services API, or the Users page in the IAM console\n to change the password for any IAM user. Use ChangePassword to\n change your own password in the My Security Credentials\n page in the Amazon Web Services Management Console.
\n For more information about modifying passwords, see Managing passwords in the\n IAM User Guide.
"
+ "smithy.api#documentation": "Changes the password for the specified IAM user. You can use the CLI, the Amazon Web Services\n API, or the Users page in the IAM console to change\n the password for any IAM user. Use ChangePassword to change your own\n password in the My Security Credentials page in the\n Amazon Web Services Management Console.
\n For more information about modifying passwords, see Managing passwords in the\n IAM User Guide.
"
}
},
"com.amazonaws.iam#UpdateLoginProfileRequest": {
@@ -13623,14 +14197,14 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the user whose password you want to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the user whose password you want to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"Password": {
"target": "com.amazonaws.iam#passwordType",
"traits": {
- "smithy.api#documentation": "The new password for the specified IAM user.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
\n However, the format can be further restricted by the account administrator by setting\n a password policy on the Amazon Web Services account. For more information, see UpdateAccountPasswordPolicy.
"
+ "smithy.api#documentation": "The new password for the specified IAM user.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
\n However, the format can be further restricted by the account administrator by setting\n a password policy on the Amazon Web Services account. For more information, see UpdateAccountPasswordPolicy.
"
}
},
"PasswordResetRequired": {
@@ -13639,6 +14213,9 @@
"smithy.api#documentation": "Allows this new password to be used only once by requiring the specified IAM user to\n set a new password on next sign-in.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateOpenIDConnectProviderThumbprint": {
@@ -13661,7 +14238,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Replaces the existing list of server certificate thumbprints associated with an OpenID\n Connect (OIDC) provider resource object with a new list of thumbprints.
\n The list that you pass with this operation completely replaces the existing list of\n thumbprints. (The lists are not merged.)
\n Typically, you need to update a thumbprint only when the identity provider certificate\n changes, which occurs rarely. However, if the provider's certificate\n does change, any attempt to assume an IAM role that specifies\n the OIDC provider as a principal fails until the certificate thumbprint is\n updated.
\n \n Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our\n library of trusted certificate authorities (CAs) instead of using a certificate\n thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, and\n those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these\n cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.
\n \n \n Trust for the OIDC provider is derived from the provider certificate and is\n validated by the thumbprint. Therefore, it is best to limit access to the\n UpdateOpenIDConnectProviderThumbprint operation to highly\n privileged users.
\n "
+ "smithy.api#documentation": "Replaces the existing list of server certificate thumbprints associated with an OpenID\n Connect (OIDC) provider resource object with a new list of thumbprints.
\n The list that you pass with this operation completely replaces the existing list of\n thumbprints. (The lists are not merged.)
\n Typically, you need to update a thumbprint only when the identity provider certificate\n changes, which occurs rarely. However, if the provider's certificate\n does change, any attempt to assume an IAM role that specifies\n the OIDC provider as a principal fails until the certificate thumbprint is\n updated.
\n \n Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our\n library of trusted certificate authorities (CAs) instead of using a certificate\n thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0,\n and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these\n cases, your legacy thumbprint remains in your configuration, but is no longer used for\n validation.
\n \n \n Trust for the OIDC provider is derived from the provider certificate and is\n validated by the thumbprint. Therefore, it is best to limit access to the\n UpdateOpenIDConnectProviderThumbprint operation to highly\n privileged users.
\n "
}
},
"com.amazonaws.iam#UpdateOpenIDConnectProviderThumbprintRequest": {
@@ -13670,7 +14247,7 @@
"OpenIDConnectProviderArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for which\n you want to update the thumbprint. You can get a list of OIDC provider ARNs by using the\n ListOpenIDConnectProviders operation.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for which\n you want to update the thumbprint. You can get a list of OIDC provider ARNs by using the\n ListOpenIDConnectProviders operation.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
},
@@ -13681,6 +14258,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateRole": {
@@ -13726,7 +14306,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Use UpdateRole instead.
\n Modifies only the description of a role. This operation performs the same function as\n the Description parameter in the UpdateRole operation.
"
+ "smithy.api#documentation": "Use UpdateRole instead.
\n Modifies only the description of a role. This operation performs the same function as\n the Description parameter in the UpdateRole operation.
"
}
},
"com.amazonaws.iam#UpdateRoleDescriptionRequest": {
@@ -13746,6 +14326,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateRoleDescriptionResponse": {
@@ -13757,6 +14340,9 @@
"smithy.api#documentation": "A structure that contains details about the modified role.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#UpdateRoleRequest": {
@@ -13778,14 +14364,20 @@
"MaxSessionDuration": {
"target": "com.amazonaws.iam#roleMaxSessionDurationType",
"traits": {
- "smithy.api#documentation": "The maximum session duration (in seconds) that you want to set for the specified role.\n If you do not specify a value for this setting, the default value of one hour is\n applied. This setting can have a value from 1 hour to 12 hours.
\n Anyone who assumes the role from the CLI or API can use the\n DurationSeconds API parameter or the duration-seconds CLI\n parameter to request a longer session. The MaxSessionDuration setting\n determines the maximum duration that can be requested using the\n DurationSeconds parameter. If users don't specify a value for the\n DurationSeconds parameter, their security credentials are valid for one\n hour by default. This applies when you use the AssumeRole* API operations\n or the assume-role* CLI operations but does not apply when you use those\n operations to create a console URL. For more information, see Using IAM\n roles in the IAM User Guide.
"
+ "smithy.api#documentation": "The maximum session duration (in seconds) that you want to set for the specified role.\n If you do not specify a value for this setting, the default value of one hour is\n applied. This setting can have a value from 1 hour to 12 hours.
\n Anyone who assumes the role from the CLI or API can use the\n DurationSeconds API parameter or the duration-seconds\n CLI parameter to request a longer session. The MaxSessionDuration setting\n determines the maximum duration that can be requested using the\n DurationSeconds parameter. If users don't specify a value for the\n DurationSeconds parameter, their security credentials are valid for one\n hour by default. This applies when you use the AssumeRole* API operations\n or the assume-role* CLI operations but does not apply when you use those\n operations to create a console URL. For more information, see Using IAM\n roles in the IAM User Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateRoleResponse": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.iam#UpdateSAMLProvider": {
"type": "operation",
@@ -13810,7 +14402,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Updates the metadata document for an existing SAML provider resource object.
\n \n This operation requires Signature Version 4.
\n "
+ "smithy.api#documentation": "Updates the metadata document for an existing SAML provider resource object.
\n \n This operation requires Signature Version 4.
\n "
}
},
"com.amazonaws.iam#UpdateSAMLProviderRequest": {
@@ -13826,10 +14418,13 @@
"SAMLProviderArn": {
"target": "com.amazonaws.iam#arnType",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the SAML provider to update.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the SAML provider to update.
\n For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateSAMLProviderResponse": {
@@ -13843,7 +14438,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful UpdateSAMLProvider request.\n
"
+ "smithy.api#documentation": "Contains the response to a successful UpdateSAMLProvider request.\n
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#UpdateSSHPublicKey": {
@@ -13860,7 +14456,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Sets the status of an IAM user's SSH public key to active or inactive. SSH public\n keys that are inactive cannot be used for authentication. This operation can be used to\n disable a user's SSH public key as part of a key rotation work flow.
\n The SSH public key affected by this operation is used only for authenticating the\n associated IAM user to an CodeCommit repository. For more information about using SSH keys\n to authenticate to an CodeCommit repository, see Set up CodeCommit for\n SSH connections in the CodeCommit User Guide.
"
+ "smithy.api#documentation": "Sets the status of an IAM user's SSH public key to active or inactive. SSH public\n keys that are inactive cannot be used for authentication. This operation can be used to\n disable a user's SSH public key as part of a key rotation work flow.
\n The SSH public key affected by this operation is used only for authenticating the\n associated IAM user to an CodeCommit repository. For more information about using SSH keys\n to authenticate to an CodeCommit repository, see Set up CodeCommit for\n SSH connections in the CodeCommit User Guide.
"
}
},
"com.amazonaws.iam#UpdateSSHPublicKeyRequest": {
@@ -13869,14 +14465,14 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user associated with the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the IAM user associated with the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"SSHPublicKeyId": {
"target": "com.amazonaws.iam#publicKeyIdType",
"traits": {
- "smithy.api#documentation": "The unique identifier for the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The unique identifier for the SSH public key.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
},
@@ -13887,6 +14483,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateServerCertificate": {
@@ -13912,7 +14511,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Updates the name and/or the path of the specified server certificate stored in\n IAM.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic also includes a list of Amazon Web Services services that can use the server certificates that\n you manage with IAM.
\n \n You should understand the implications of changing a server certificate's path or\n name. For more information, see Renaming a server certificate in the\n IAM User Guide.
\n \n \n The person making the request (the principal), must have permission to change the\n server certificate with the old name and the new name. For example, to change the\n certificate named ProductionCert to ProdCert, the\n principal must have a policy that allows them to update both certificates. If the\n principal has permission to update the ProductionCert group, but not\n the ProdCert certificate, then the update fails. For more information\n about permissions, see Access management in the IAM User Guide.
\n "
+ "smithy.api#documentation": "Updates the name and/or the path of the specified server certificate stored in\n IAM.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic also includes a list of Amazon Web Services services that can use the server certificates that\n you manage with IAM.
\n \n You should understand the implications of changing a server certificate's path or\n name. For more information, see Renaming a server certificate in the\n IAM User Guide.
\n \n \n The person making the request (the principal), must have permission to change the\n server certificate with the old name and the new name. For example, to change the\n certificate named ProductionCert to ProdCert, the\n principal must have a policy that allows them to update both certificates. If the\n principal has permission to update the ProductionCert group, but not\n the ProdCert certificate, then the update fails. For more information\n about permissions, see Access management in the IAM User Guide.
\n "
}
},
"com.amazonaws.iam#UpdateServerCertificateRequest": {
@@ -13921,22 +14520,25 @@
"ServerCertificateName": {
"target": "com.amazonaws.iam#serverCertificateNameType",
"traits": {
- "smithy.api#documentation": "The name of the server certificate that you want to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the server certificate that you want to update.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"NewPath": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": "The new path for the server certificate. Include this only if you are updating the\n server certificate's path.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": "The new path for the server certificate. Include this only if you are updating the\n server certificate's path.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"NewServerCertificateName": {
"target": "com.amazonaws.iam#serverCertificateNameType",
"traits": {
- "smithy.api#documentation": "The new name for the server certificate. Include this only if you are updating the\n server certificate's name. The name of the certificate cannot contain any spaces.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The new name for the server certificate. Include this only if you are updating the\n server certificate's name. The name of the certificate cannot contain any spaces.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateServiceSpecificCredential": {
@@ -13962,13 +14564,13 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user associated with the service-specific credential. If you do\n not specify this value, then the operation assumes the user whose credentials are used\n to call the operation.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the IAM user associated with the service-specific credential. If you do\n not specify this value, then the operation assumes the user whose credentials are used\n to call the operation.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"ServiceSpecificCredentialId": {
"target": "com.amazonaws.iam#serviceSpecificCredentialId",
"traits": {
- "smithy.api#documentation": "The unique identifier of the service-specific credential.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The unique identifier of the service-specific credential.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
},
@@ -13979,6 +14581,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateSigningCertificate": {
@@ -14001,7 +14606,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Changes the status of the specified user signing certificate from active to disabled,\n or vice versa. This operation can be used to disable an IAM user's signing certificate\n as part of a certificate rotation work flow.
\n If the UserName field is not specified, the user name is determined\n implicitly based on the Amazon Web Services access key ID used to sign the request. This operation\n works for access keys under the Amazon Web Services account. Consequently, you can use this operation\n to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no\n associated users.
"
+ "smithy.api#documentation": "Changes the status of the specified user signing certificate from active to disabled,\n or vice versa. This operation can be used to disable an IAM user's signing\n certificate as part of a certificate rotation work flow.
\n If the UserName field is not specified, the user name is determined\n implicitly based on the Amazon Web Services access key ID used to sign the request. This operation\n works for access keys under the Amazon Web Services account. Consequently, you can use this operation\n to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated\n users.
"
}
},
"com.amazonaws.iam#UpdateSigningCertificateRequest": {
@@ -14010,13 +14615,13 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user the signing certificate belongs to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the IAM user the signing certificate belongs to.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"CertificateId": {
"target": "com.amazonaws.iam#certificateIdType",
"traits": {
- "smithy.api#documentation": "The ID of the signing certificate you want to update.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
+ "smithy.api#documentation": "The ID of the signing certificate you want to update.
\n This parameter allows (through its regex pattern) a string of characters that can \n consist of any upper or lowercased letter or digit.
",
"smithy.api#required": {}
}
},
@@ -14027,6 +14632,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UpdateUser": {
@@ -14058,7 +14666,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Updates the name and/or the path of the specified IAM user.
\n \n You should understand the implications of changing an IAM user's path or name.\n For more information, see Renaming an IAM\n user and Renaming an IAM\n group in the IAM User Guide.
\n \n \n To change a user name, the requester must have appropriate permissions on both\n the source object and the target object. For example, to change Bob to Robert, the\n entity making the request must have permission on Bob and Robert, or must have\n permission on all (*). For more information about permissions, see Permissions and policies.
\n "
+ "smithy.api#documentation": "Updates the name and/or the path of the specified IAM user.
\n \n You should understand the implications of changing an IAM user's path or\n name. For more information, see Renaming an IAM\n user and Renaming an IAM\n group in the IAM User Guide.
\n \n \n To change a user name, the requester must have appropriate permissions on both\n the source object and the target object. For example, to change Bob to Robert, the\n entity making the request must have permission on Bob and Robert, or must have\n permission on all (*). For more information about permissions, see Permissions and policies.
\n "
}
},
"com.amazonaws.iam#UpdateUserRequest": {
@@ -14067,22 +14675,25 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "Name of the user to update. If you're changing the name of the user, this is the\n original user name.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "Name of the user to update. If you're changing the name of the user, this is the\n original user name.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"NewPath": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": "New path for the IAM user. Include this parameter only if you're changing the user's\n path.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
+ "smithy.api#documentation": "New path for the IAM user. Include this parameter only if you're changing the user's\n path.
\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
"
}
},
"NewUserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "New name for the user. Include this parameter only if you're changing the user's\n name.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
"
+ "smithy.api#documentation": "New name for the user. Include this parameter only if you're changing the user's\n name.
\n IAM user, group, role, and policy names must be unique within the account. Names are\n not distinguished by case. For example, you cannot create resources named both\n \"MyResource\" and \"myresource\".
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UploadSSHPublicKey": {
@@ -14111,7 +14722,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Uploads an SSH public key and associates it with the specified IAM user.
\n The SSH public key uploaded by this operation can be used only for authenticating the\n associated IAM user to an CodeCommit repository. For more information about using SSH keys\n to authenticate to an CodeCommit repository, see Set up CodeCommit for\n SSH connections in the CodeCommit User Guide.
"
+ "smithy.api#documentation": "Uploads an SSH public key and associates it with the specified IAM user.
\n The SSH public key uploaded by this operation can be used only for authenticating the\n associated IAM user to an CodeCommit repository. For more information about using SSH keys\n to authenticate to an CodeCommit repository, see Set up CodeCommit for\n SSH connections in the CodeCommit User Guide.
"
}
},
"com.amazonaws.iam#UploadSSHPublicKeyRequest": {
@@ -14120,17 +14731,20 @@
"UserName": {
"target": "com.amazonaws.iam#userNameType",
"traits": {
- "smithy.api#documentation": "The name of the IAM user to associate the SSH public key with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name of the IAM user to associate the SSH public key with.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"SSHPublicKeyBody": {
"target": "com.amazonaws.iam#publicKeyMaterialType",
"traits": {
- "smithy.api#documentation": "The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.\n The minimum bit-length of the public key is 2048 bits. For example, you can generate a\n 2048-bit key, and the resulting PEM file is 1679 bytes long.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.\n The minimum bit-length of the public key is 2048 bits. For example, you can generate a\n 2048-bit key, and the resulting PEM file is 1679 bytes long.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UploadSSHPublicKeyResponse": {
@@ -14144,7 +14758,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful UploadSSHPublicKey\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful UploadSSHPublicKey\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#UploadServerCertificate": {
@@ -14179,7 +14794,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Uploads a server certificate entity for the Amazon Web Services account. The server certificate\n entity includes a public key certificate, a private key, and an optional certificate\n chain, which should all be PEM-encoded.
\n We recommend that you use Certificate Manager to\n provision, manage, and deploy your server certificates. With ACM you can request a\n certificate, deploy it to Amazon Web Services resources, and let ACM handle certificate renewals for\n you. Certificates provided by ACM are free. For more information about using ACM,\n see the Certificate Manager User\n Guide.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic includes a list of Amazon Web Services services that can use the server certificates that you\n manage with IAM.
\n For information about the number of server certificates you can upload, see IAM and STS\n quotas in the IAM User Guide.
\n \n Because the body of the public key certificate, private key, and the certificate\n chain can be large, you should use POST rather than GET when calling\n UploadServerCertificate. For information about setting up\n signatures and authorization through the API, see Signing Amazon Web Services API\n requests in the Amazon Web Services General Reference. For general\n information about using the Query API with IAM, see Calling the API by making HTTP query\n requests in the IAM User Guide.
\n "
+ "smithy.api#documentation": "Uploads a server certificate entity for the Amazon Web Services account. The server certificate\n entity includes a public key certificate, a private key, and an optional certificate\n chain, which should all be PEM-encoded.
\n We recommend that you use Certificate Manager to\n provision, manage, and deploy your server certificates. With ACM you can request a\n certificate, deploy it to Amazon Web Services resources, and let ACM handle certificate renewals for\n you. Certificates provided by ACM are free. For more information about using ACM,\n see the Certificate Manager User\n Guide.
\n For more information about working with server certificates, see Working\n with server certificates in the IAM User Guide. This\n topic includes a list of Amazon Web Services services that can use the server certificates that you\n manage with IAM.
\n For information about the number of server certificates you can upload, see IAM and STS\n quotas in the IAM User Guide.
\n \n Because the body of the public key certificate, private key, and the certificate\n chain can be large, you should use POST rather than GET when calling\n UploadServerCertificate. For information about setting up\n signatures and authorization through the API, see Signing Amazon Web Services API\n requests in the Amazon Web Services General Reference. For general\n information about using the Query API with IAM, see Calling the API by making HTTP query\n requests in the IAM User Guide.
\n "
}
},
"com.amazonaws.iam#UploadServerCertificateRequest": {
@@ -14188,34 +14803,34 @@
"Path": {
"target": "com.amazonaws.iam#pathType",
"traits": {
- "smithy.api#documentation": "The path for the server certificate. For more information about paths, see IAM\n identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
\n \n If you are uploading a server certificate specifically for use with Amazon\n CloudFront distributions, you must specify a path using the path\n parameter. The path must begin with /cloudfront and must include a\n trailing slash (for example, /cloudfront/test/).
\n "
+ "smithy.api#documentation": "The path for the server certificate. For more information about paths, see IAM\n identifiers in the IAM User Guide.
\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its regex pattern) a string of characters consisting \n of either a forward slash (/) by itself or a string that must begin and end with forward slashes.\n In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including \n most punctuation characters, digits, and upper and lowercased letters.
\n \n If you are uploading a server certificate specifically for use with Amazon\n CloudFront distributions, you must specify a path using the path\n parameter. The path must begin with /cloudfront and must include a\n trailing slash (for example, /cloudfront/test/).
\n "
}
},
"ServerCertificateName": {
"target": "com.amazonaws.iam#serverCertificateNameType",
"traits": {
- "smithy.api#documentation": "The name for the server certificate. Do not include the path in this value. The name\n of the certificate cannot contain any spaces.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
+ "smithy.api#documentation": "The name for the server certificate. Do not include the path in this value. The name\n of the certificate cannot contain any spaces.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
",
"smithy.api#required": {}
}
},
"CertificateBody": {
"target": "com.amazonaws.iam#certificateBodyType",
"traits": {
- "smithy.api#documentation": "The contents of the public key certificate in PEM-encoded format.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The contents of the public key certificate in PEM-encoded format.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
},
"PrivateKey": {
"target": "com.amazonaws.iam#privateKeyType",
"traits": {
- "smithy.api#documentation": "The contents of the private key in PEM-encoded format.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The contents of the private key in PEM-encoded format.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
},
"CertificateChain": {
"target": "com.amazonaws.iam#certificateChainType",
"traits": {
- "smithy.api#documentation": "The contents of the certificate chain. This is typically a concatenation of the\n PEM-encoded public key certificates of the chain.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
+ "smithy.api#documentation": "The contents of the certificate chain. This is typically a concatenation of the\n PEM-encoded public key certificates of the chain.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
"
}
},
"Tags": {
@@ -14224,6 +14839,9 @@
"smithy.api#documentation": "A list of tags that you want to attach to the new IAM server certificate resource.\n Each tag consists of a key name and an associated value. For more information about tagging, see Tagging IAM resources in the\n IAM User Guide.
\n \n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request \n fails and the resource is not created.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UploadServerCertificateResponse": {
@@ -14243,7 +14861,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful UploadServerCertificate\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful UploadServerCertificate\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#UploadSigningCertificate": {
@@ -14278,7 +14897,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Uploads an X.509 signing certificate and associates it with the specified IAM user.\n Some Amazon Web Services services require you to use certificates to validate requests that are signed\n with a corresponding private key. When you upload the certificate, its default status is\n Active.
\n For information about when you would use an X.509 signing certificate, see Managing\n server certificates in IAM in the\n IAM User Guide.
\n If the UserName is not specified, the IAM user name is determined\n implicitly based on the Amazon Web Services access key ID used to sign the request. This operation\n works for access keys under the Amazon Web Services account. Consequently, you can use this operation\n to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no\n associated users.
\n \n Because the body of an X.509 certificate can be large, you should use POST rather\n than GET when calling UploadSigningCertificate. For information about\n setting up signatures and authorization through the API, see Signing\n Amazon Web Services API requests in the Amazon Web Services General Reference. For\n general information about using the Query API with IAM, see Making query\n requests in the IAM User Guide.
\n "
+ "smithy.api#documentation": "Uploads an X.509 signing certificate and associates it with the specified IAM user.\n Some Amazon Web Services services require you to use certificates to validate requests that are signed\n with a corresponding private key. When you upload the certificate, its default status is\n Active.
\n For information about when you would use an X.509 signing certificate, see Managing\n server certificates in IAM in the\n IAM User Guide.
\n If the UserName is not specified, the IAM user name is determined\n implicitly based on the Amazon Web Services access key ID used to sign the request. This operation\n works for access keys under the Amazon Web Services account. Consequently, you can use this operation\n to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated\n users.
\n \n Because the body of an X.509 certificate can be large, you should use POST rather\n than GET when calling UploadSigningCertificate. For information about\n setting up signatures and authorization through the API, see Signing\n Amazon Web Services API requests in the Amazon Web Services General Reference. For\n general information about using the Query API with IAM, see Making query\n requests in the IAM User Guide.
\n "
}
},
"com.amazonaws.iam#UploadSigningCertificateRequest": {
@@ -14287,16 +14906,19 @@
"UserName": {
"target": "com.amazonaws.iam#existingUserNameType",
"traits": {
- "smithy.api#documentation": "The name of the user the signing certificate is for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
+ "smithy.api#documentation": "The name of the user the signing certificate is for.
\n This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric \n characters with no spaces. You can also include any of the following characters: _+=,.@-
"
}
},
"CertificateBody": {
"target": "com.amazonaws.iam#certificateBodyType",
"traits": {
- "smithy.api#documentation": "The contents of the signing certificate.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
+ "smithy.api#documentation": "The contents of the signing certificate.
\n The regex pattern \n used to validate this parameter is a string of characters consisting of the following:
\n \n - \n
Any printable ASCII \n character ranging from the space character (\\u0020) through the end of the ASCII character range
\n \n - \n
The printable characters in the Basic Latin and Latin-1 Supplement character set \n (through \\u00FF)
\n \n - \n
The special characters tab (\\u0009), line feed (\\u000A), and \n carriage return (\\u000D)
\n \n
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.iam#UploadSigningCertificateResponse": {
@@ -14311,7 +14933,8 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the response to a successful UploadSigningCertificate\n request.
"
+ "smithy.api#documentation": "Contains the response to a successful UploadSigningCertificate\n request.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.iam#User": {
diff --git a/aws/sdk/aws-models/kms.json b/aws/sdk/aws-models/kms.json
index d4ce662672..cd4fd4edd6 100644
--- a/aws/sdk/aws-models/kms.json
+++ b/aws/sdk/aws-models/kms.json
@@ -176,10 +176,13 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the KMS key whose deletion is being canceled.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies the KMS key whose deletion is being canceled.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#CancelKeyDeletionResponse": {
@@ -191,6 +194,9 @@
"smithy.api#documentation": "The Amazon Resource Name (key ARN) of the KMS key whose deletion is canceled.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#CiphertextType": {
@@ -240,7 +246,7 @@
"code": "CloudHsmClusterInvalidConfigurationException",
"httpResponseCode": 400
},
- "smithy.api#documentation": "The request was rejected because the associated CloudHSM cluster did not meet the\n configuration requirements for an CloudHSM key store.
\n\n \n - \n
The CloudHSM cluster must be configured with private subnets in at least two different\n Availability Zones in the Region.
\n \n - \n
The security group for\n the cluster (cloudhsm-cluster--sg) must\n include inbound rules and outbound rules that allow TCP traffic on ports 2223-2225. The\n Source in the inbound rules and the Destination in the outbound rules must match the security group\n ID. These rules are set by default when you create the CloudHSM cluster. Do not delete or\n change them. To get information about a particular security group, use the DescribeSecurityGroups operation.
\n \n - \n
The CloudHSM cluster must contain at least as many HSMs as the operation requires. To add\n HSMs, use the CloudHSM CreateHsm operation.
\n For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, the CloudHSM cluster must have at least two\n active HSMs, each in a different Availability Zone. For the ConnectCustomKeyStore operation, the CloudHSM must contain at least one active\n HSM.
\n \n
\n For information about the requirements for an CloudHSM cluster that is associated with an\n CloudHSM key store, see Assemble the Prerequisites\n in the Key Management Service Developer Guide. For information about creating a private subnet for an CloudHSM cluster,\n see Create a Private\n Subnet in the CloudHSM User Guide. For information about cluster security groups, see\n Configure a Default Security\n Group in the \n CloudHSM User Guide\n .
",
+ "smithy.api#documentation": "The request was rejected because the associated CloudHSM cluster did not meet the\n configuration requirements for an CloudHSM key store.
\n \n - \n
The CloudHSM cluster must be configured with private subnets in at least two different\n Availability Zones in the Region.
\n \n - \n
The security group for\n the cluster (cloudhsm-cluster--sg) must\n include inbound rules and outbound rules that allow TCP traffic on ports 2223-2225. The\n Source in the inbound rules and the Destination in the outbound rules must match the security group\n ID. These rules are set by default when you create the CloudHSM cluster. Do not delete or\n change them. To get information about a particular security group, use the DescribeSecurityGroups operation.
\n \n - \n
The CloudHSM cluster must contain at least as many HSMs as the operation requires. To add\n HSMs, use the CloudHSM CreateHsm operation.
\n For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, the CloudHSM cluster must have at least two\n active HSMs, each in a different Availability Zone. For the ConnectCustomKeyStore operation, the CloudHSM must contain at least one active\n HSM.
\n \n
\n For information about the requirements for an CloudHSM cluster that is associated with an\n CloudHSM key store, see Assemble the Prerequisites\n in the Key Management Service Developer Guide. For information about creating a private subnet for an CloudHSM cluster,\n see Create a Private\n Subnet in the CloudHSM User Guide. For information about cluster security groups, see\n Configure a Default Security\n Group in the \n CloudHSM User Guide\n .
",
"smithy.api#error": "client",
"smithy.api#httpError": 400
}
@@ -322,7 +328,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Connects or reconnects a custom key store to its backing key store. For an CloudHSM key\n store, ConnectCustomKeyStore connects the key store to its associated CloudHSM\n cluster. For an external key store, ConnectCustomKeyStore connects the key store\n to the external key store proxy that communicates with your external key manager.
\n The custom key store must be connected before you can create KMS keys in the key store or\n use the KMS keys it contains. You can disconnect and reconnect a custom key store at any\n time.
\n The connection process for a custom key store can take an extended amount of time to\n complete. This operation starts the connection process, but it does not wait for it to\n complete. When it succeeds, this operation quickly returns an HTTP 200 response and a JSON\n object with no properties. However, this response does not indicate that the custom key store\n is connected. To get the connection state of the custom key store, use the DescribeCustomKeyStores operation.
\n This operation is part of the custom key stores feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nkey store that you own and manage.
\n The ConnectCustomKeyStore operation might fail for various reasons. To find\n the reason, use the DescribeCustomKeyStores operation and see the\n ConnectionErrorCode in the response. For help interpreting the\n ConnectionErrorCode, see CustomKeyStoresListEntry.
\n To fix the failure, use the DisconnectCustomKeyStore operation to\n disconnect the custom key store, correct the error, use the UpdateCustomKeyStore operation if necessary, and then use\n ConnectCustomKeyStore again.
\n \n CloudHSM key store\n
\n During the connection process for an CloudHSM key store, KMS finds the CloudHSM cluster that\n is associated with the custom key store, creates the connection infrastructure, connects to\n the cluster, logs into the CloudHSM client as the kmsuser CU, and rotates its\n password.
\n To connect an CloudHSM key store, its associated CloudHSM cluster must have at least one active\n HSM. To get the number of active HSMs in a cluster, use the DescribeClusters operation. To add HSMs\n to the cluster, use the CreateHsm operation. Also, the \n kmsuser crypto\n user (CU) must not be logged into the cluster. This prevents KMS from using this\n account to log in.
\n If you are having trouble connecting or disconnecting a CloudHSM key store, see Troubleshooting an CloudHSM key\n store in the Key Management Service Developer Guide.
\n \n External key store\n
\n When you connect an external key store that uses public endpoint connectivity, KMS tests\n its ability to communicate with your external key manager by sending a request via the\n external key store proxy.
\n When you connect to an external key store that uses VPC endpoint service connectivity,\n KMS establishes the networking elements that it needs to communicate with your external key\n manager via the external key store proxy. This includes creating an interface endpoint to the\n VPC endpoint service and a private hosted zone for traffic between KMS and the VPC endpoint\n service.
\n To connect an external key store, KMS must be able to connect to the external key store\n proxy, the external key store proxy must be able to communicate with your external key\n manager, and the external key manager must be available for cryptographic operations.
\n If you are having trouble connecting or disconnecting an external key store, see Troubleshooting an external\n key store in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n \n Required permissions: kms:ConnectCustomKeyStore (IAM policy)
\n \n Related operations\n
\n "
+ "smithy.api#documentation": "Connects or reconnects a custom key store to its backing key store. For an CloudHSM key\n store, ConnectCustomKeyStore connects the key store to its associated CloudHSM\n cluster. For an external key store, ConnectCustomKeyStore connects the key store\n to the external key store proxy that communicates with your external key manager.
\n The custom key store must be connected before you can create KMS keys in the key store or\n use the KMS keys it contains. You can disconnect and reconnect a custom key store at any\n time.
\n The connection process for a custom key store can take an extended amount of time to\n complete. This operation starts the connection process, but it does not wait for it to\n complete. When it succeeds, this operation quickly returns an HTTP 200 response and a JSON\n object with no properties. However, this response does not indicate that the custom key store\n is connected. To get the connection state of the custom key store, use the DescribeCustomKeyStores operation.
\n This operation is part of the custom key stores feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nkey store that you own and manage.
\n The ConnectCustomKeyStore operation might fail for various reasons. To find\n the reason, use the DescribeCustomKeyStores operation and see the\n ConnectionErrorCode in the response. For help interpreting the\n ConnectionErrorCode, see CustomKeyStoresListEntry.
\n To fix the failure, use the DisconnectCustomKeyStore operation to\n disconnect the custom key store, correct the error, use the UpdateCustomKeyStore operation if necessary, and then use\n ConnectCustomKeyStore again.
\n \n CloudHSM key store\n
\n During the connection process for an CloudHSM key store, KMS finds the CloudHSM cluster that\n is associated with the custom key store, creates the connection infrastructure, connects to\n the cluster, logs into the CloudHSM client as the kmsuser CU, and rotates its\n password.
\n To connect an CloudHSM key store, its associated CloudHSM cluster must have at least one active\n HSM. To get the number of active HSMs in a cluster, use the DescribeClusters operation. To add HSMs\n to the cluster, use the CreateHsm operation. Also, the \n kmsuser crypto\n user (CU) must not be logged into the cluster. This prevents KMS from using this\n account to log in.
\n If you are having trouble connecting or disconnecting a CloudHSM key store, see Troubleshooting an CloudHSM key\n store in the Key Management Service Developer Guide.
\n \n External key store\n
\n When you connect an external key store that uses public endpoint connectivity, KMS tests\n its ability to communicate with your external key manager by sending a request via the\n external key store proxy.
\n When you connect to an external key store that uses VPC endpoint service connectivity,\n KMS establishes the networking elements that it needs to communicate with your external key\n manager via the external key store proxy. This includes creating an interface endpoint to the\n VPC endpoint service and a private hosted zone for traffic between KMS and the VPC endpoint\n service.
\n To connect an external key store, KMS must be able to connect to the external key store\n proxy, the external key store proxy must be able to communicate with your external key\n manager, and the external key manager must be available for cryptographic operations.
\n If you are having trouble connecting or disconnecting an external key store, see Troubleshooting an external\n key store in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n \n Required permissions: kms:ConnectCustomKeyStore (IAM policy)
\n \n Related operations\n
\n "
}
},
"com.amazonaws.kms#ConnectCustomKeyStoreRequest": {
@@ -335,11 +341,17 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ConnectCustomKeyStoreResponse": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.kms#ConnectionErrorCodeType": {
"type": "enum",
@@ -521,7 +533,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a friendly name for a KMS key.
\n \n Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see ABAC for KMS in the Key Management Service Developer Guide.
\n \n You can use an alias to identify a KMS key in the KMS console, in the DescribeKey operation and in cryptographic operations, such as Encrypt and\n GenerateDataKey. You can also change the KMS key that's associated with\n the alias (UpdateAlias) or delete the alias (DeleteAlias)\n at any time. These operations don't affect the underlying KMS key.
\n You can associate the alias with any customer managed key in the same Amazon Web Services Region. Each\n alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases.\n A valid KMS key is required. You can't create an alias without a KMS key.
\n The alias must be unique in the account and Region, but you can have aliases with the same\n name in different Regions. For detailed information about aliases, see Using aliases in the\n Key Management Service Developer Guide.
\n This operation does not return a response. To get the alias that you created, use the\n ListAliases operation.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.
\n\n \n Required permissions\n
\n \n For details, see Controlling access to aliases in the\n Key Management Service Developer Guide.
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Creates a friendly name for a KMS key.
\n \n Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see ABAC for KMS in the Key Management Service Developer Guide.
\n \n You can use an alias to identify a KMS key in the KMS console, in the DescribeKey operation and in cryptographic operations, such as Encrypt and\n GenerateDataKey. You can also change the KMS key that's associated with\n the alias (UpdateAlias) or delete the alias (DeleteAlias)\n at any time. These operations don't affect the underlying KMS key.
\n You can associate the alias with any customer managed key in the same Amazon Web Services Region. Each\n alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases.\n A valid KMS key is required. You can't create an alias without a KMS key.
\n The alias must be unique in the account and Region, but you can have aliases with the same\n name in different Regions. For detailed information about aliases, see Using aliases in the\n Key Management Service Developer Guide.
\n This operation does not return a response. To get the alias that you created, use the\n ListAliases operation.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.
\n \n Required permissions\n
\n \n For details, see Controlling access to aliases in the\n Key Management Service Developer Guide.
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#CreateAliasRequest": {
@@ -537,10 +549,13 @@
"TargetKeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Associates the alias with the specified customer managed key. The KMS key must\n be in the same Amazon Web Services Region.
\n A valid key ID is required. If you supply a null or empty string value, this operation\n returns an error.
\n For help finding the key ID and ARN, see Finding the Key ID and\n ARN in the \n Key Management Service Developer Guide\n .
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Associates the alias with the specified customer managed key. The KMS key must\n be in the same Amazon Web Services Region.
\n A valid key ID is required. If you supply a null or empty string value, this operation\n returns an error.
\n For help finding the key ID and ARN, see Finding the Key ID and\n ARN in the \n Key Management Service Developer Guide\n .
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#CreateCustomKeyStore": {
@@ -605,7 +620,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a custom key store backed by a key store that you own and manage. When you use a\n KMS key in a custom key store for a cryptographic operation, the cryptographic operation is\n actually performed in your key store using your keys. KMS supports CloudHSM key stores\n backed by an CloudHSM cluster\n and external key stores backed by an external key store proxy and\n external key manager outside of Amazon Web Services.
\n This operation is part of the custom key stores feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nkey store that you own and manage.
\n Before you create the custom key store, the required elements must be in place and\n operational. We recommend that you use the test tools that KMS provides to verify the\n configuration your external key store proxy. For details about the required elements and\n verification tests, see Assemble the prerequisites (for\n CloudHSM key stores) or Assemble the prerequisites (for\n external key stores) in the Key Management Service Developer Guide.
\n To create a custom key store, use the following parameters.
\n \n - \n
To create an CloudHSM key store, specify the CustomKeyStoreName,\n CloudHsmClusterId, KeyStorePassword, and\n TrustAnchorCertificate. The CustomKeyStoreType parameter is\n optional for CloudHSM key stores. If you include it, set it to the default value,\n AWS_CLOUDHSM. For help with failures, see Troubleshooting an CloudHSM key store in the\n Key Management Service Developer Guide.
\n \n - \n
To create an external key store, specify the CustomKeyStoreName and a\n CustomKeyStoreType of EXTERNAL_KEY_STORE. Also, specify values\n for XksProxyConnectivity, XksProxyAuthenticationCredential,\n XksProxyUriEndpoint, and XksProxyUriPath. If your\n XksProxyConnectivity value is VPC_ENDPOINT_SERVICE, specify\n the XksProxyVpcEndpointServiceName parameter. For help with failures, see\n Troubleshooting\n an external key store in the Key Management Service Developer Guide.
\n \n
\n \n For external key stores:
\n Some external key managers provide a simpler method for creating an external key store.\n For details, see your external key manager documentation.
\n When creating an external key store in the KMS console, you can upload a JSON-based\n proxy configuration file with the desired values. You cannot use a proxy configuration\n with the CreateCustomKeyStore operation. However, you can use the values in\n the file to help you determine the correct values for the CreateCustomKeyStore\n parameters.
\n \n When the operation completes successfully, it returns the ID of the new custom key store.\n Before you can use your new custom key store, you need to use the ConnectCustomKeyStore operation to connect a new CloudHSM key store to its CloudHSM\n cluster, or to connect a new external key store to the external key store proxy for your\n external key manager. Even if you are not going to use your custom key store immediately, you\n might want to connect it to verify that all settings are correct and then disconnect it until\n you are ready to use it.
\n For help with failures, see Troubleshooting a custom key store in the\n Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n \n Required permissions: kms:CreateCustomKeyStore (IAM policy).
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Creates a custom key store backed by a key store that you own and manage. When you use a\n KMS key in a custom key store for a cryptographic operation, the cryptographic operation is\n actually performed in your key store using your keys. KMS supports CloudHSM key stores\n backed by an CloudHSM cluster\n and external key stores backed by an external key store proxy and\n external key manager outside of Amazon Web Services.
\n This operation is part of the custom key stores feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nkey store that you own and manage.
\n Before you create the custom key store, the required elements must be in place and\n operational. We recommend that you use the test tools that KMS provides to verify the\n configuration your external key store proxy. For details about the required elements and\n verification tests, see Assemble the prerequisites (for\n CloudHSM key stores) or Assemble the prerequisites (for\n external key stores) in the Key Management Service Developer Guide.
\n To create a custom key store, use the following parameters.
\n \n - \n
To create an CloudHSM key store, specify the CustomKeyStoreName,\n CloudHsmClusterId, KeyStorePassword, and\n TrustAnchorCertificate. The CustomKeyStoreType parameter is\n optional for CloudHSM key stores. If you include it, set it to the default value,\n AWS_CLOUDHSM. For help with failures, see Troubleshooting an CloudHSM key store in the\n Key Management Service Developer Guide.
\n \n - \n
To create an external key store, specify the CustomKeyStoreName and a\n CustomKeyStoreType of EXTERNAL_KEY_STORE. Also, specify values\n for XksProxyConnectivity, XksProxyAuthenticationCredential,\n XksProxyUriEndpoint, and XksProxyUriPath. If your\n XksProxyConnectivity value is VPC_ENDPOINT_SERVICE, specify\n the XksProxyVpcEndpointServiceName parameter. For help with failures, see\n Troubleshooting\n an external key store in the Key Management Service Developer Guide.
\n \n
\n \n For external key stores:
\n Some external key managers provide a simpler method for creating an external key store.\n For details, see your external key manager documentation.
\n When creating an external key store in the KMS console, you can upload a JSON-based\n proxy configuration file with the desired values. You cannot use a proxy configuration\n with the CreateCustomKeyStore operation. However, you can use the values in\n the file to help you determine the correct values for the CreateCustomKeyStore\n parameters.
\n \n When the operation completes successfully, it returns the ID of the new custom key store.\n Before you can use your new custom key store, you need to use the ConnectCustomKeyStore operation to connect a new CloudHSM key store to its CloudHSM\n cluster, or to connect a new external key store to the external key store proxy for your\n external key manager. Even if you are not going to use your custom key store immediately, you\n might want to connect it to verify that all settings are correct and then disconnect it until\n you are ready to use it.
\n For help with failures, see Troubleshooting a custom key store in the\n Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n \n Required permissions: kms:CreateCustomKeyStore (IAM policy).
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#CreateCustomKeyStoreRequest": {
@@ -672,6 +687,9 @@
"smithy.api#documentation": "Indicates how KMS communicates with the external key store proxy. This parameter is\n required for custom key stores with a CustomKeyStoreType of\n EXTERNAL_KEY_STORE.
\n If the external key store proxy uses a public endpoint, specify\n PUBLIC_ENDPOINT. If the external key store proxy uses a Amazon VPC\n endpoint service for communication with KMS, specify VPC_ENDPOINT_SERVICE. For\n help making this choice, see Choosing a connectivity option in the Key Management Service Developer Guide.
\n An Amazon VPC endpoint service keeps your communication with KMS in a private address space\n entirely within Amazon Web Services, but it requires more configuration, including establishing a Amazon VPC with multiple subnets, a VPC endpoint service, a network load balancer, and a\n verified private DNS name. A public endpoint is simpler to set up, but it might be slower and\n might not fulfill your security requirements. You might consider testing with a public\n endpoint, and then establishing a VPC endpoint service for production tasks. Note that this\n choice does not determine the location of the external key store proxy. Even if you choose a\n VPC endpoint service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in\n your corporate data center.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#CreateCustomKeyStoreResponse": {
@@ -683,6 +701,9 @@
"smithy.api#documentation": "A unique identifier for the new custom key store.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#CreateGrant": {
@@ -729,21 +750,21 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the KMS key for the grant. The grant gives principals permission to use this\n KMS key.
\n \n Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies the KMS key for the grant. The grant gives principals permission to use this\n KMS key.
\n Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
"GranteePrincipal": {
"target": "com.amazonaws.kms#PrincipalIdType",
"traits": {
- "smithy.api#documentation": "The identity that gets the permissions specified in the grant.
\n To specify the principal, use the Amazon Resource Name (ARN) of an\n Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, IAM roles,\n federated users, and assumed role users. For examples of the ARN syntax to use for specifying\n a principal, see Amazon Web Services Identity and Access\n Management (IAM) in the Example ARNs section of the Amazon Web Services General\n Reference.
",
+ "smithy.api#documentation": "The identity that gets the permissions specified in the grant.
\n To specify the grantee principal, use the Amazon Resource Name (ARN) of an\n Amazon Web Services principal. Valid principals include Amazon Web Services accounts, IAM users, IAM roles,\n federated users, and assumed role users. For help with the ARN syntax for a principal, see\n IAM ARNs in the \n Identity and Access Management User Guide\n .
",
"smithy.api#required": {}
}
},
"RetiringPrincipal": {
"target": "com.amazonaws.kms#PrincipalIdType",
"traits": {
- "smithy.api#documentation": "The principal that has permission to use the RetireGrant operation to\n retire the grant.
\n To specify the principal, use the Amazon Resource Name (ARN) of an\n Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, federated\n users, and assumed role users. For examples of the ARN syntax to use for specifying a\n principal, see Amazon Web Services Identity and Access\n Management (IAM) in the Example ARNs section of the Amazon Web Services General\n Reference.
\n The grant determines the retiring principal. Other principals might have permission to\n retire the grant or revoke the grant. For details, see RevokeGrant and\n Retiring and\n revoking grants in the Key Management Service Developer Guide.
"
+ "smithy.api#documentation": "The principal that has permission to use the RetireGrant operation to\n retire the grant.
\n To specify the principal, use the Amazon Resource Name (ARN) of an\n Amazon Web Services principal. Valid principals include Amazon Web Services accounts, IAM users, IAM roles,\n federated users, and assumed role users. For help with the ARN syntax for a principal, see\n IAM ARNs in the \n Identity and Access Management User Guide\n .
\n The grant determines the retiring principal. Other principals might have permission to\n retire the grant or revoke the grant. For details, see RevokeGrant and\n Retiring and\n revoking grants in the Key Management Service Developer Guide.
"
}
},
"Operations": {
@@ -771,6 +792,9 @@
"smithy.api#documentation": "A friendly name for the grant. Use this value to prevent the unintended creation of\n duplicate grants when retrying this request.
\n When this value is absent, all CreateGrant requests result in a new grant\n with a unique GrantId even if all the supplied parameters are identical. This can\n result in unintended duplicates when you retry the CreateGrant request.
\n When this value is present, you can retry a CreateGrant request with\n identical parameters; if the grant already exists, the original GrantId is\n returned without creating a new grant. Note that the returned grant token is unique with every\n CreateGrant request, even when a duplicate GrantId is returned.\n All grant tokens for the same grant ID can be used interchangeably.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#CreateGrantResponse": {
@@ -788,6 +812,9 @@
"smithy.api#documentation": "The unique identifier for the grant.
\n You can use the GrantId in a ListGrants, RetireGrant, or RevokeGrant operation.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#CreateKey": {
@@ -840,7 +867,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a unique customer managed KMS key in your Amazon Web Services account and Region.\n You can use a KMS key in cryptographic operations, such as encryption and signing. Some Amazon Web Services\n services let you use KMS keys that you create and manage to protect your service\n resources.
\n A KMS key is a logical representation of a cryptographic key. In addition to the key\n material used in cryptographic operations, a KMS key includes metadata, such as the key ID,\n key policy, creation date, description, and key state. For details, see Managing keys in the\n Key Management Service Developer Guide\n
\n Use the parameters of CreateKey to specify the type of KMS key, the source of\n its key material, its key policy, description, tags, and other properties.
\n \n KMS has replaced the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.
\n \n\n\n To create different types of KMS keys, use the following guidance:
\n\n \n - Symmetric encryption KMS key
\n - \n
By default, CreateKey creates a symmetric encryption KMS key with key\n material that KMS generates. This is the basic and most widely used type of KMS key, and\n provides the best performance.
\n To create a symmetric encryption KMS key, you don't need to specify any parameters.\n The default value for KeySpec, SYMMETRIC_DEFAULT, the default\n value for KeyUsage, ENCRYPT_DECRYPT, and the default value for\n Origin, AWS_KMS, create a symmetric encryption KMS key with\n KMS key material.
\n If you need a key for basic encryption and decryption or you are creating a KMS key\n to protect your resources in an Amazon Web Services service, create a symmetric encryption KMS key.\n The key material in a symmetric encryption key never leaves KMS unencrypted. You can\n use a symmetric encryption KMS key to encrypt and decrypt data up to 4,096 bytes, but\n they are typically used to generate data keys and data keys pairs. For details, see\n GenerateDataKey and GenerateDataKeyPair.
\n
\n \n - Asymmetric KMS keys
\n - \n
To create an asymmetric KMS key, use the KeySpec parameter to specify\n the type of key material in the KMS key. Then, use the KeyUsage parameter\n to determine whether the KMS key will be used to encrypt and decrypt or sign and verify.\n You can't change these properties after the KMS key is created.
\n Asymmetric KMS keys contain an RSA key pair, Elliptic Curve (ECC) key pair, or an SM2 key pair (China Regions only). The private key in an asymmetric \n KMS key never leaves KMS unencrypted. However, you can use the GetPublicKey operation to download the public key\n so it can be used outside of KMS. KMS keys with RSA or SM2 key pairs can be used to encrypt or decrypt data or sign and verify messages (but not both). \n KMS keys with ECC key pairs can be used only to sign and verify messages. \n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n
\n \n - HMAC KMS key
\n - \n
To create an HMAC KMS key, set the KeySpec parameter to a key spec\n value for HMAC KMS keys. Then set the KeyUsage parameter to\n GENERATE_VERIFY_MAC. You must set the key usage even though\n GENERATE_VERIFY_MAC is the only valid key usage value for HMAC KMS keys.\n You can't change these properties after the KMS key is created.
\n HMAC KMS keys are symmetric keys that never leave KMS unencrypted. You can use\n HMAC keys to generate (GenerateMac) and verify (VerifyMac) HMAC codes for messages up to 4096 bytes.
\n HMAC KMS keys are not supported in all Amazon Web Services Regions. If you try to create an HMAC\n KMS key in an Amazon Web Services Region in which HMAC keys are not supported, the\n CreateKey operation returns an\n UnsupportedOperationException. For a list of Regions in which HMAC KMS keys\n are supported, see HMAC keys in\n KMS in the Key Management Service Developer Guide.
\n
\n \n - Multi-Region primary keys
\n - Imported key material
\n - \n
To create a multi-Region primary key in the local Amazon Web Services Region,\n use the MultiRegion parameter with a value of True. To create\n a multi-Region replica key, that is, a KMS key with the same key ID\n and key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its\n primary key to a replica key, use the UpdatePrimaryRegion\n operation.
\n You can create multi-Region KMS keys for all supported KMS key types: symmetric\n encryption KMS keys, HMAC KMS keys, asymmetric encryption KMS keys, and asymmetric\n signing KMS keys. You can also create multi-Region keys with imported key material.\n However, you can't create multi-Region keys in a custom key store.
\n This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n
\n \n - \n
To import your own key material into a KMS key, begin by creating a symmetric\n encryption KMS key with no key material. To do this, use the Origin\n parameter of CreateKey with a value of EXTERNAL. Next, use\n GetParametersForImport operation to get a public key and import\n token, and use the public key to encrypt your key material. Then, use ImportKeyMaterial with your import token to import the key material. For\n step-by-step instructions, see Importing Key Material in the \n Key Management Service Developer Guide\n .
\n This feature supports only symmetric encryption KMS keys, including multi-Region\n symmetric encryption KMS keys. You cannot import key material into any other type of KMS\n key.
\n To create a multi-Region primary key with imported key material, use the\n Origin parameter of CreateKey with a value of\n EXTERNAL and the MultiRegion parameter with a value of\n True. To create replicas of the multi-Region primary key, use the ReplicateKey operation. For instructions, see Importing key material into\n multi-Region keys. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n
\n \n - Custom key store
\n - \n
A custom key store lets you protect your Amazon Web Services resources using keys in a backing key\n store that you own and manage. When you request a cryptographic operation with a KMS key\n in a custom key store, the operation is performed in the backing key store using its\n cryptographic keys.
\n KMS supports CloudHSM key stores backed by an CloudHSM cluster and external key stores backed by an\n external key manager outside of Amazon Web Services. When you create a KMS key in an CloudHSM key store,\n KMS generates an encryption key in the CloudHSM cluster and associates it with the KMS\n key. When you create a KMS key in an external key store, you specify an existing\n encryption key in the external key manager.
\n \n Some external key managers provide a simpler method for creating a KMS key in an\n external key store. For details, see your external key manager documentation.
\n \n Before you create a KMS key in a custom key store, the ConnectionState\n of the key store must be CONNECTED. To connect the custom key store, use\n the ConnectCustomKeyStore operation. To find the\n ConnectionState, use the DescribeCustomKeyStores\n operation.
\n To create a KMS key in a custom key store, use the CustomKeyStoreId.\n Use the default KeySpec value, SYMMETRIC_DEFAULT, and the\n default KeyUsage value, ENCRYPT_DECRYPT to create a symmetric\n encryption key. No other key type is supported in a custom key store.
\n To create a KMS key in an CloudHSM key store, use the\n Origin parameter with a value of AWS_CLOUDHSM. The CloudHSM\n cluster that is associated with the custom key store must have at least two active HSMs\n in different Availability Zones in the Amazon Web Services Region.
\n To create a KMS key in an external key store, use the Origin parameter\n with a value of EXTERNAL_KEY_STORE and an XksKeyId parameter\n that identifies an existing external key.
\n \n Some external key managers provide a simpler method for creating a KMS key in an\n external key store. For details, see your external key manager documentation.
\n \n \n
\n \n Cross-account use: No. You cannot use this operation to\n create a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:CreateKey (IAM policy). To use the\n Tags parameter, kms:TagResource (IAM policy). For examples and information about related\n permissions, see Allow a user to create\n KMS keys in the Key Management Service Developer Guide.
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Creates a unique customer managed KMS key in your Amazon Web Services account and Region.\n You can use a KMS key in cryptographic operations, such as encryption and signing. Some Amazon Web Services\n services let you use KMS keys that you create and manage to protect your service\n resources.
\n A KMS key is a logical representation of a cryptographic key. In addition to the key\n material used in cryptographic operations, a KMS key includes metadata, such as the key ID,\n key policy, creation date, description, and key state. For details, see Managing keys in the\n Key Management Service Developer Guide\n
\n Use the parameters of CreateKey to specify the type of KMS key, the source of\n its key material, its key policy, description, tags, and other properties.
\n \n KMS has replaced the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.
\n \n To create different types of KMS keys, use the following guidance:
\n \n - Symmetric encryption KMS key
\n - \n
By default, CreateKey creates a symmetric encryption KMS key with key\n material that KMS generates. This is the basic and most widely used type of KMS key, and\n provides the best performance.
\n To create a symmetric encryption KMS key, you don't need to specify any parameters.\n The default value for KeySpec, SYMMETRIC_DEFAULT, the default\n value for KeyUsage, ENCRYPT_DECRYPT, and the default value for\n Origin, AWS_KMS, create a symmetric encryption KMS key with\n KMS key material.
\n If you need a key for basic encryption and decryption or you are creating a KMS key\n to protect your resources in an Amazon Web Services service, create a symmetric encryption KMS key.\n The key material in a symmetric encryption key never leaves KMS unencrypted. You can\n use a symmetric encryption KMS key to encrypt and decrypt data up to 4,096 bytes, but\n they are typically used to generate data keys and data keys pairs. For details, see\n GenerateDataKey and GenerateDataKeyPair.
\n
\n \n - Asymmetric KMS keys
\n - \n
To create an asymmetric KMS key, use the KeySpec parameter to specify\n the type of key material in the KMS key. Then, use the KeyUsage parameter\n to determine whether the KMS key will be used to encrypt and decrypt or sign and verify.\n You can't change these properties after the KMS key is created.
\n Asymmetric KMS keys contain an RSA key pair, Elliptic Curve (ECC) key pair, or an SM2 key pair (China Regions only). The private key in an asymmetric \n KMS key never leaves KMS unencrypted. However, you can use the GetPublicKey operation to download the public key\n so it can be used outside of KMS. KMS keys with RSA or SM2 key pairs can be used to encrypt or decrypt data or sign and verify messages (but not both). \n KMS keys with ECC key pairs can be used only to sign and verify messages. \n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n
\n \n - HMAC KMS key
\n - \n
To create an HMAC KMS key, set the KeySpec parameter to a key spec\n value for HMAC KMS keys. Then set the KeyUsage parameter to\n GENERATE_VERIFY_MAC. You must set the key usage even though\n GENERATE_VERIFY_MAC is the only valid key usage value for HMAC KMS keys.\n You can't change these properties after the KMS key is created.
\n HMAC KMS keys are symmetric keys that never leave KMS unencrypted. You can use\n HMAC keys to generate (GenerateMac) and verify (VerifyMac) HMAC codes for messages up to 4096 bytes.
\n HMAC KMS keys are not supported in all Amazon Web Services Regions. If you try to create an HMAC\n KMS key in an Amazon Web Services Region in which HMAC keys are not supported, the\n CreateKey operation returns an\n UnsupportedOperationException. For a list of Regions in which HMAC KMS keys\n are supported, see HMAC keys in\n KMS in the Key Management Service Developer Guide.
\n
\n \n - Multi-Region primary keys
\n - Imported key material
\n - \n
To create a multi-Region primary key in the local Amazon Web Services Region,\n use the MultiRegion parameter with a value of True. To create\n a multi-Region replica key, that is, a KMS key with the same key ID\n and key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its\n primary key to a replica key, use the UpdatePrimaryRegion\n operation.
\n You can create multi-Region KMS keys for all supported KMS key types: symmetric\n encryption KMS keys, HMAC KMS keys, asymmetric encryption KMS keys, and asymmetric\n signing KMS keys. You can also create multi-Region keys with imported key material.\n However, you can't create multi-Region keys in a custom key store.
\n This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n
\n \n - \n
To import your own key material into a KMS key, begin by creating a symmetric\n encryption KMS key with no key material. To do this, use the Origin\n parameter of CreateKey with a value of EXTERNAL. Next, use\n GetParametersForImport operation to get a public key and import\n token, and use the public key to encrypt your key material. Then, use ImportKeyMaterial with your import token to import the key material. For\n step-by-step instructions, see Importing Key Material in the \n Key Management Service Developer Guide\n .
\n This feature supports only symmetric encryption KMS keys, including multi-Region\n symmetric encryption KMS keys. You cannot import key material into any other type of KMS\n key.
\n To create a multi-Region primary key with imported key material, use the\n Origin parameter of CreateKey with a value of\n EXTERNAL and the MultiRegion parameter with a value of\n True. To create replicas of the multi-Region primary key, use the ReplicateKey operation. For instructions, see Importing key material into\n multi-Region keys. For more information about multi-Region keys, see Multi-Region keys in KMS in the Key Management Service Developer Guide.
\n
\n \n - Custom key store
\n - \n
A custom key store lets you protect your Amazon Web Services resources using keys in a backing key\n store that you own and manage. When you request a cryptographic operation with a KMS key\n in a custom key store, the operation is performed in the backing key store using its\n cryptographic keys.
\n KMS supports CloudHSM key stores backed by an CloudHSM cluster and external key stores backed by an\n external key manager outside of Amazon Web Services. When you create a KMS key in an CloudHSM key store,\n KMS generates an encryption key in the CloudHSM cluster and associates it with the KMS\n key. When you create a KMS key in an external key store, you specify an existing\n encryption key in the external key manager.
\n \n Some external key managers provide a simpler method for creating a KMS key in an\n external key store. For details, see your external key manager documentation.
\n \n Before you create a KMS key in a custom key store, the ConnectionState\n of the key store must be CONNECTED. To connect the custom key store, use\n the ConnectCustomKeyStore operation. To find the\n ConnectionState, use the DescribeCustomKeyStores\n operation.
\n To create a KMS key in a custom key store, use the CustomKeyStoreId.\n Use the default KeySpec value, SYMMETRIC_DEFAULT, and the\n default KeyUsage value, ENCRYPT_DECRYPT to create a symmetric\n encryption key. No other key type is supported in a custom key store.
\n To create a KMS key in an CloudHSM key store, use the\n Origin parameter with a value of AWS_CLOUDHSM. The CloudHSM\n cluster that is associated with the custom key store must have at least two active HSMs\n in different Availability Zones in the Amazon Web Services Region.
\n To create a KMS key in an external key store, use the Origin parameter\n with a value of EXTERNAL_KEY_STORE and an XksKeyId parameter\n that identifies an existing external key.
\n \n Some external key managers provide a simpler method for creating a KMS key in an\n external key store. For details, see your external key manager documentation.
\n \n \n
\n \n Cross-account use: No. You cannot use this operation to\n create a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:CreateKey (IAM policy). To use the\n Tags parameter, kms:TagResource (IAM policy). For examples and information about related\n permissions, see Allow a user to create\n KMS keys in the Key Management Service Developer Guide.
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#CreateKeyRequest": {
@@ -849,7 +876,7 @@
"Policy": {
"target": "com.amazonaws.kms#PolicyType",
"traits": {
- "smithy.api#documentation": "The key policy to attach to the KMS key.
\n If you provide a key policy, it must meet the following criteria:
\n \n - \n
If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must allow the principal that is making the CreateKey request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk\n that the KMS key becomes unmanageable. For more information, refer to the scenario in the\n Default Key Policy section of the \n Key Management Service Developer Guide\n .
\n \n - \n
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.
\n \n
\n If you do not provide a key policy, KMS attaches a default key policy to the KMS key.\n For more information, see Default Key Policy in the\n Key Management Service Developer Guide.
\n The key policy size quota is 32 kilobytes (32768 bytes).
\n For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
"
+ "smithy.api#documentation": "The key policy to attach to the KMS key.
\n If you provide a key policy, it must meet the following criteria:
\n \n - \n
The key policy must allow the calling principal to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk that\n the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit\n this condition, set BypassPolicyLockoutSafetyCheck to true.)
\n \n - \n
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal, you might need to enforce a delay before including the new principal in a key\n policy because the new principal might not be immediately visible to KMS. For more\n information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.
\n \n
\n If you do not provide a key policy, KMS attaches a default key policy to the KMS key.\n For more information, see Default key policy in the\n Key Management Service Developer Guide.
\n The key policy size quota is 32 kilobytes (32768 bytes).
\n For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
"
}
},
"Description": {
@@ -876,7 +903,7 @@
"KeySpec": {
"target": "com.amazonaws.kms#KeySpec",
"traits": {
- "smithy.api#documentation": "Specifies the type of KMS key to create. The default value,\n SYMMETRIC_DEFAULT, creates a KMS key with a 256-bit AES-GCM key that is used for encryption and decryption, except in China Regions, \n where it creates a 128-bit symmetric key that uses SM4 encryption. For help choosing a key spec for your KMS key, see Choosing a KMS key type in the \n Key Management Service Developer Guide\n .
\n The KeySpec determines whether the KMS key contains a symmetric key or an\n asymmetric key pair. It also determines the algorithms that the KMS key supports. You can't\n change the KeySpec after the KMS key is created. To further restrict the\n algorithms that can be used with the KMS key, use a condition key in its key policy or IAM\n policy. For more information, see kms:EncryptionAlgorithm, kms:MacAlgorithm or kms:Signing Algorithm in the \n Key Management Service Developer Guide\n .
\n \n \n Amazon Web Services services that\n are integrated with KMS use symmetric encryption KMS keys to protect your data.\n These services do not support asymmetric KMS keys or HMAC KMS keys.
\n \n KMS supports the following key specs for KMS keys:
\n \n - \n
Symmetric encryption key (default)
\n \n - \n
\n SYMMETRIC_DEFAULT\n
\n \n
\n \n - \n
HMAC keys (symmetric)
\n \n - \n
\n HMAC_224\n
\n \n - \n
\n HMAC_256\n
\n \n - \n
\n HMAC_384\n
\n \n - \n
\n HMAC_512\n
\n \n
\n \n - \n
Asymmetric RSA key pairs
\n \n - \n
\n RSA_2048\n
\n \n - \n
\n RSA_3072\n
\n \n - \n
\n RSA_4096\n
\n \n
\n \n - \n
Asymmetric NIST-recommended elliptic curve key pairs
\n \n - \n
\n ECC_NIST_P256 (secp256r1)
\n \n - \n
\n ECC_NIST_P384 (secp384r1)
\n \n - \n
\n ECC_NIST_P521 (secp521r1)
\n \n
\n \n - \n
Other asymmetric elliptic curve key pairs
\n \n \n - \n
SM2 key pairs (China Regions only)
\n \n \n
"
+ "smithy.api#documentation": "Specifies the type of KMS key to create. The default value,\n SYMMETRIC_DEFAULT, creates a KMS key with a 256-bit AES-GCM key that is used for encryption and decryption, except in China Regions, \n where it creates a 128-bit symmetric key that uses SM4 encryption. For help choosing a key spec for your KMS key, see Choosing a KMS key type in the \n Key Management Service Developer Guide\n .
\n The KeySpec determines whether the KMS key contains a symmetric key or an\n asymmetric key pair. It also determines the algorithms that the KMS key supports. You can't\n change the KeySpec after the KMS key is created. To further restrict the\n algorithms that can be used with the KMS key, use a condition key in its key policy or IAM\n policy. For more information, see kms:EncryptionAlgorithm, kms:MacAlgorithm or kms:Signing Algorithm in the \n Key Management Service Developer Guide\n .
\n \n \n Amazon Web Services services that\n are integrated with KMS use symmetric encryption KMS keys to protect your data.\n These services do not support asymmetric KMS keys or HMAC KMS keys.
\n \n KMS supports the following key specs for KMS keys:
\n \n - \n
Symmetric encryption key (default)
\n \n - \n
\n SYMMETRIC_DEFAULT\n
\n \n
\n \n - \n
HMAC keys (symmetric)
\n \n - \n
\n HMAC_224\n
\n \n - \n
\n HMAC_256\n
\n \n - \n
\n HMAC_384\n
\n \n - \n
\n HMAC_512\n
\n \n
\n \n - \n
Asymmetric RSA key pairs
\n \n - \n
\n RSA_2048\n
\n \n - \n
\n RSA_3072\n
\n \n - \n
\n RSA_4096\n
\n \n
\n \n - \n
Asymmetric NIST-recommended elliptic curve key pairs
\n \n - \n
\n ECC_NIST_P256 (secp256r1)
\n \n - \n
\n ECC_NIST_P384 (secp384r1)
\n \n - \n
\n ECC_NIST_P521 (secp521r1)
\n \n
\n \n - \n
Other asymmetric elliptic curve key pairs
\n \n \n - \n
SM2 key pairs (China Regions only)
\n \n \n
"
}
},
"Origin": {
@@ -895,7 +922,7 @@
"target": "com.amazonaws.kms#BooleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "A flag to indicate whether to bypass the key policy lockout safety check.
\n \n Setting this value to true increases the risk that the KMS key becomes unmanageable. Do\n not set this value to true indiscriminately.
\n For more information, refer to the scenario in the Default Key Policy section in the \n Key Management Service Developer Guide\n .
\n \n Use this parameter only when you include a policy in the request and you intend to prevent\n the principal that is making the request from making a subsequent PutKeyPolicy request on the KMS key.
\n The default value is false.
"
+ "smithy.api#documentation": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.
\n \n Setting this value to true increases the risk that the KMS key becomes unmanageable. Do\n not set this value to true indiscriminately.
\n For more information, see Default key policy in the Key Management Service Developer Guide.
\n \n Use this parameter only when you intend to prevent the principal that is making the\n request from making a subsequent PutKeyPolicy request on the KMS key.
"
}
},
"Tags": {
@@ -916,6 +943,9 @@
"smithy.api#documentation": "Identifies the external key that\n serves as key material for the KMS key in an external key store. Specify the ID that\n the external key store proxy uses to refer to the external key. For help, see the\n documentation for your external key store proxy.
\n This parameter is required for a KMS key with an Origin value of\n EXTERNAL_KEY_STORE. It is not valid for KMS keys with any other\n Origin value.
\n The external key must be an existing 256-bit AES symmetric encryption key hosted outside\n of Amazon Web Services in an external key manager associated with the external key store specified by the\n CustomKeyStoreId parameter. This key must be enabled and configured to perform\n encryption and decryption. Each KMS key in an external key store must use a different external\n key. For details, see Requirements for a KMS key in an external\n key store in the Key Management Service Developer Guide.
\n Each KMS key in an external key store is associated two backing keys. One is key material\n that KMS generates. The other is the external key specified by this parameter. When you use\n the KMS key in an external key store to encrypt data, the encryption operation is performed\n first by KMS using the KMS key material, and then by the external key manager using the\n specified external key, a process known as double encryption. For\n details, see Double\n encryption in the Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#CreateKeyResponse": {
@@ -927,6 +957,9 @@
"smithy.api#documentation": "Metadata associated with the KMS key.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#CustomKeyStoreHasCMKsException": {
@@ -1074,7 +1107,7 @@
"ConnectionErrorCode": {
"target": "com.amazonaws.kms#ConnectionErrorCodeType",
"traits": {
- "smithy.api#documentation": "Describes the connection error. This field appears in the response only when the\n ConnectionState is FAILED.
\n Many failures can be resolved by updating the properties of the custom key store. To\n update a custom key store, disconnect it (DisconnectCustomKeyStore), correct\n the errors (UpdateCustomKeyStore), and try to connect again (ConnectCustomKeyStore). For additional help resolving these errors, see How to Fix a\n Connection Failure in Key Management Service Developer Guide.
\n \n All custom key stores:\n
\n \n - \n
\n INTERNAL_ERROR — KMS could not complete the request due to an\n internal error. Retry the request. For ConnectCustomKeyStore requests,\n disconnect the custom key store before trying to connect again.
\n \n - \n
\n NETWORK_ERRORS — Network errors are preventing KMS from\n connecting the custom key store to its backing key store.
\n \n
\n\n \n CloudHSM key stores:\n
\n \n - \n
\n CLUSTER_NOT_FOUND — KMS cannot find the CloudHSM cluster with the\n specified cluster ID.
\n \n - \n
\n INSUFFICIENT_CLOUDHSM_HSMS — The associated CloudHSM cluster does not\n contain any active HSMs. To connect a custom key store to its CloudHSM cluster, the cluster\n must contain at least one active HSM.
\n \n - \n
\n INSUFFICIENT_FREE_ADDRESSES_IN_SUBNET — At least one private subnet\n associated with the CloudHSM cluster doesn't have any available IP addresses. A CloudHSM key\n store connection requires one free IP address in each of the associated private subnets,\n although two are preferable. For details, see How to Fix a Connection\n Failure in the Key Management Service Developer Guide.
\n \n - \n
\n INVALID_CREDENTIALS — The KeyStorePassword for the\n custom key store doesn't match the current password of the kmsuser crypto\n user in the CloudHSM cluster. Before you can connect your custom key store to its CloudHSM\n cluster, you must change the kmsuser account password and update the\n KeyStorePassword value for the custom key store.
\n \n - \n
\n SUBNET_NOT_FOUND — A subnet in the CloudHSM cluster configuration was\n deleted. If KMS cannot find all of the subnets in the cluster configuration, attempts to\n connect the custom key store to the CloudHSM cluster fail. To fix this error, create a\n cluster from a recent backup and associate it with your custom key store. (This process\n creates a new cluster configuration with a VPC and private subnets.) For details, see\n How\n to Fix a Connection Failure in the Key Management Service Developer Guide.
\n \n - \n
\n USER_LOCKED_OUT — The kmsuser CU account is locked\n out of the associated CloudHSM cluster due to too many failed password attempts. Before you\n can connect your custom key store to its CloudHSM cluster, you must change the\n kmsuser account password and update the key store password value for the\n custom key store.
\n \n - \n
\n USER_LOGGED_IN — The kmsuser CU account is logged\n into the associated CloudHSM cluster. This prevents KMS from rotating the\n kmsuser account password and logging into the cluster. Before you can\n connect your custom key store to its CloudHSM cluster, you must log the kmsuser\n CU out of the cluster. If you changed the kmsuser password to log into the\n cluster, you must also and update the key store password value for the custom key store.\n For help, see How to Log Out and\n Reconnect in the Key Management Service Developer Guide.
\n \n - \n
\n USER_NOT_FOUND — KMS cannot find a kmsuser CU\n account in the associated CloudHSM cluster. Before you can connect your custom key store to\n its CloudHSM cluster, you must create a kmsuser CU account in the cluster, and\n then update the key store password value for the custom key store.
\n \n
\n\n \n External key stores:\n
\n \n - \n
\n INVALID_CREDENTIALS — One or both of the\n XksProxyAuthenticationCredential values is not valid on the specified\n external key store proxy.
\n \n - \n
\n XKS_PROXY_ACCESS_DENIED — KMS requests are denied access to the\n external key store proxy. If the external key store proxy has authorization rules, verify\n that they permit KMS to communicate with the proxy on your behalf.
\n \n - \n
\n XKS_PROXY_INVALID_CONFIGURATION — A configuration error is\n preventing the external key store from connecting to its proxy. Verify the value of the\n XksProxyUriPath.
\n \n - \n
\n XKS_PROXY_INVALID_RESPONSE — KMS cannot interpret the response\n from the external key store proxy. If you see this connection error code repeatedly,\n notify your external key store proxy vendor.
\n \n - \n
\n XKS_PROXY_INVALID_TLS_CONFIGURATION — KMS cannot connect to the\n external key store proxy because the TLS configuration is invalid. Verify that the XKS\n proxy supports TLS 1.2 or 1.3. Also, verify that the TLS certificate is not expired, and\n that it matches the hostname in the XksProxyUriEndpoint value, and that it is\n signed by a certificate authority included in the Trusted Certificate Authorities\n list.
\n \n - \n
\n XKS_PROXY_NOT_REACHABLE — KMS can't communicate with your\n external key store proxy. Verify that the XksProxyUriEndpoint and\n XksProxyUriPath are correct. Use the tools for your external key store\n proxy to verify that the proxy is active and available on its network. Also, verify that\n your external key manager instances are operating properly. Connection attempts fail with\n this connection error code if the proxy reports that all external key manager instances\n are unavailable.
\n \n - \n
\n XKS_PROXY_TIMED_OUT — KMS can connect to the external key store\n proxy, but the proxy does not respond to KMS in the time allotted. If you see this\n connection error code repeatedly, notify your external key store proxy vendor.
\n \n - \n
\n XKS_VPC_ENDPOINT_SERVICE_INVALID_CONFIGURATION — The Amazon VPC\n endpoint service configuration doesn't conform to the requirements for an KMS external\n key store.
\n \n\t \n\t \n - \n
The VPC endpoint service must be an endpoint service for interface endpoints in the caller's Amazon Web Services account.
\n \n - \n
It must have a network load balancer (NLB) connected to at least two subnets, each in a different Availability Zone.
\n \n - \n
The Allow principals list must include \n\t the KMS service principal for the Region, cks.kms..amazonaws.com, \n\t such as cks.kms.us-east-1.amazonaws.com.
\n \n - \n
It must not require acceptance of connection requests.
\n \n - \n
It must have a private DNS name. The private DNS name for an external key store with VPC_ENDPOINT_SERVICE connectivity\n\t must be unique in its Amazon Web Services Region.
\n \n - \n
The domain of the private DNS name must have a verification status of\n\t verified.
\n \n - \n
The TLS certificate specifies the private DNS hostname at which the endpoint is reachable.
\n \n
\n \n - \n
\n XKS_VPC_ENDPOINT_SERVICE_NOT_FOUND — KMS can't find the VPC\n endpoint service that it uses to communicate with the external key store proxy. Verify\n that the XksProxyVpcEndpointServiceName is correct and the KMS service\n principal has service consumer permissions on the Amazon VPC endpoint service.
\n \n
"
+ "smithy.api#documentation": "Describes the connection error. This field appears in the response only when the\n ConnectionState is FAILED.
\n Many failures can be resolved by updating the properties of the custom key store. To\n update a custom key store, disconnect it (DisconnectCustomKeyStore), correct\n the errors (UpdateCustomKeyStore), and try to connect again (ConnectCustomKeyStore). For additional help resolving these errors, see How to Fix a\n Connection Failure in Key Management Service Developer Guide.
\n \n All custom key stores:\n
\n \n - \n
\n INTERNAL_ERROR — KMS could not complete the request due to an\n internal error. Retry the request. For ConnectCustomKeyStore requests,\n disconnect the custom key store before trying to connect again.
\n \n - \n
\n NETWORK_ERRORS — Network errors are preventing KMS from\n connecting the custom key store to its backing key store.
\n \n
\n \n CloudHSM key stores:\n
\n \n - \n
\n CLUSTER_NOT_FOUND — KMS cannot find the CloudHSM cluster with the\n specified cluster ID.
\n \n - \n
\n INSUFFICIENT_CLOUDHSM_HSMS — The associated CloudHSM cluster does not\n contain any active HSMs. To connect a custom key store to its CloudHSM cluster, the cluster\n must contain at least one active HSM.
\n \n - \n
\n INSUFFICIENT_FREE_ADDRESSES_IN_SUBNET — At least one private subnet\n associated with the CloudHSM cluster doesn't have any available IP addresses. A CloudHSM key\n store connection requires one free IP address in each of the associated private subnets,\n although two are preferable. For details, see How to Fix a Connection\n Failure in the Key Management Service Developer Guide.
\n \n - \n
\n INVALID_CREDENTIALS — The KeyStorePassword for the\n custom key store doesn't match the current password of the kmsuser crypto\n user in the CloudHSM cluster. Before you can connect your custom key store to its CloudHSM\n cluster, you must change the kmsuser account password and update the\n KeyStorePassword value for the custom key store.
\n \n - \n
\n SUBNET_NOT_FOUND — A subnet in the CloudHSM cluster configuration was\n deleted. If KMS cannot find all of the subnets in the cluster configuration, attempts to\n connect the custom key store to the CloudHSM cluster fail. To fix this error, create a\n cluster from a recent backup and associate it with your custom key store. (This process\n creates a new cluster configuration with a VPC and private subnets.) For details, see\n How\n to Fix a Connection Failure in the Key Management Service Developer Guide.
\n \n - \n
\n USER_LOCKED_OUT — The kmsuser CU account is locked\n out of the associated CloudHSM cluster due to too many failed password attempts. Before you\n can connect your custom key store to its CloudHSM cluster, you must change the\n kmsuser account password and update the key store password value for the\n custom key store.
\n \n - \n
\n USER_LOGGED_IN — The kmsuser CU account is logged\n into the associated CloudHSM cluster. This prevents KMS from rotating the\n kmsuser account password and logging into the cluster. Before you can\n connect your custom key store to its CloudHSM cluster, you must log the kmsuser\n CU out of the cluster. If you changed the kmsuser password to log into the\n cluster, you must also and update the key store password value for the custom key store.\n For help, see How to Log Out and\n Reconnect in the Key Management Service Developer Guide.
\n \n - \n
\n USER_NOT_FOUND — KMS cannot find a kmsuser CU\n account in the associated CloudHSM cluster. Before you can connect your custom key store to\n its CloudHSM cluster, you must create a kmsuser CU account in the cluster, and\n then update the key store password value for the custom key store.
\n \n
\n \n External key stores:\n
\n \n - \n
\n INVALID_CREDENTIALS — One or both of the\n XksProxyAuthenticationCredential values is not valid on the specified\n external key store proxy.
\n \n - \n
\n XKS_PROXY_ACCESS_DENIED — KMS requests are denied access to the\n external key store proxy. If the external key store proxy has authorization rules, verify\n that they permit KMS to communicate with the proxy on your behalf.
\n \n - \n
\n XKS_PROXY_INVALID_CONFIGURATION — A configuration error is\n preventing the external key store from connecting to its proxy. Verify the value of the\n XksProxyUriPath.
\n \n - \n
\n XKS_PROXY_INVALID_RESPONSE — KMS cannot interpret the response\n from the external key store proxy. If you see this connection error code repeatedly,\n notify your external key store proxy vendor.
\n \n - \n
\n XKS_PROXY_INVALID_TLS_CONFIGURATION — KMS cannot connect to the\n external key store proxy because the TLS configuration is invalid. Verify that the XKS\n proxy supports TLS 1.2 or 1.3. Also, verify that the TLS certificate is not expired, and\n that it matches the hostname in the XksProxyUriEndpoint value, and that it is\n signed by a certificate authority included in the Trusted Certificate Authorities\n list.
\n \n - \n
\n XKS_PROXY_NOT_REACHABLE — KMS can't communicate with your\n external key store proxy. Verify that the XksProxyUriEndpoint and\n XksProxyUriPath are correct. Use the tools for your external key store\n proxy to verify that the proxy is active and available on its network. Also, verify that\n your external key manager instances are operating properly. Connection attempts fail with\n this connection error code if the proxy reports that all external key manager instances\n are unavailable.
\n \n - \n
\n XKS_PROXY_TIMED_OUT — KMS can connect to the external key store\n proxy, but the proxy does not respond to KMS in the time allotted. If you see this\n connection error code repeatedly, notify your external key store proxy vendor.
\n \n - \n
\n XKS_VPC_ENDPOINT_SERVICE_INVALID_CONFIGURATION — The Amazon VPC\n endpoint service configuration doesn't conform to the requirements for an KMS external\n key store.
\n \n - \n
The VPC endpoint service must be an endpoint service for interface endpoints in the caller's Amazon Web Services account.
\n \n - \n
It must have a network load balancer (NLB) connected to at least two subnets, each in a different Availability Zone.
\n \n - \n
The Allow principals list must include \n\t the KMS service principal for the Region, cks.kms..amazonaws.com, \n\t such as cks.kms.us-east-1.amazonaws.com.
\n \n - \n
It must not require acceptance of connection requests.
\n \n - \n
It must have a private DNS name. The private DNS name for an external key store with VPC_ENDPOINT_SERVICE connectivity\n\t must be unique in its Amazon Web Services Region.
\n \n - \n
The domain of the private DNS name must have a verification status of\n\t verified.
\n \n - \n
The TLS certificate specifies the private DNS hostname at which the endpoint is reachable.
\n \n
\n \n - \n
\n XKS_VPC_ENDPOINT_SERVICE_NOT_FOUND — KMS can't find the VPC\n endpoint service that it uses to communicate with the external key store proxy. Verify\n that the XksProxyVpcEndpointServiceName is correct and the KMS service\n principal has service consumer permissions on the Amazon VPC endpoint service.
\n \n
"
}
},
"CreationDate": {
@@ -1302,7 +1335,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Decrypts ciphertext that was encrypted by a KMS key using any of the following\n operations:
\n \n You can use this operation to decrypt ciphertext that was encrypted under a symmetric\n encryption KMS key or an asymmetric encryption KMS key. When the KMS key is asymmetric, you\n must specify the KMS key and the encryption algorithm that was used to encrypt the ciphertext.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n The Decrypt operation also decrypts ciphertext that was encrypted outside of\n KMS by the public key in an KMS asymmetric KMS key. However, it cannot decrypt symmetric\n ciphertext produced by other libraries, such as the Amazon Web Services Encryption SDK or Amazon S3 client-side encryption.\n These libraries return a ciphertext format that is incompatible with KMS.
\n If the ciphertext was encrypted under a symmetric encryption KMS key, the\n KeyId parameter is optional. KMS can get this information from metadata that\n it adds to the symmetric ciphertext blob. This feature adds durability to your implementation\n by ensuring that authorized users can decrypt ciphertext decades after it was encrypted, even\n if they've lost track of the key ID. However, specifying the KMS key is always recommended as\n a best practice. When you use the KeyId parameter to specify a KMS key, KMS\n only uses the KMS key you specify. If the ciphertext was encrypted under a different KMS key,\n the Decrypt operation fails. This practice ensures that you use the KMS key that\n you intend.
\n Whenever possible, use key policies to give users permission to call the\n Decrypt operation on a particular KMS key, instead of using IAM policies.\n Otherwise, you might create an IAM user policy that gives the user Decrypt\n permission on all KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys\n in other accounts if the key policy for the cross-account KMS key permits it. If you must use\n an IAM policy for Decrypt permissions, limit the user to particular KMS keys or\n particular trusted accounts. For details, see Best practices for IAM\n policies in the Key Management Service Developer Guide.
\n Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:Decrypt (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Decrypts ciphertext that was encrypted by a KMS key using any of the following\n operations:
\n \n You can use this operation to decrypt ciphertext that was encrypted under a symmetric\n encryption KMS key or an asymmetric encryption KMS key. When the KMS key is asymmetric, you\n must specify the KMS key and the encryption algorithm that was used to encrypt the ciphertext.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n The Decrypt operation also decrypts ciphertext that was encrypted outside of\n KMS by the public key in an KMS asymmetric KMS key. However, it cannot decrypt symmetric\n ciphertext produced by other libraries, such as the Amazon Web Services Encryption SDK or Amazon S3 client-side encryption.\n These libraries return a ciphertext format that is incompatible with KMS.
\n If the ciphertext was encrypted under a symmetric encryption KMS key, the\n KeyId parameter is optional. KMS can get this information from metadata that\n it adds to the symmetric ciphertext blob. This feature adds durability to your implementation\n by ensuring that authorized users can decrypt ciphertext decades after it was encrypted, even\n if they've lost track of the key ID. However, specifying the KMS key is always recommended as\n a best practice. When you use the KeyId parameter to specify a KMS key, KMS\n only uses the KMS key you specify. If the ciphertext was encrypted under a different KMS key,\n the Decrypt operation fails. This practice ensures that you use the KMS key that\n you intend.
\n Whenever possible, use key policies to give users permission to call the\n Decrypt operation on a particular KMS key, instead of using &IAM; policies.\n Otherwise, you might create an &IAM; policy that gives the user Decrypt\n permission on all KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys\n in other accounts if the key policy for the cross-account KMS key permits it. If you must use\n an IAM policy for Decrypt permissions, limit the user to particular KMS keys or\n particular trusted accounts. For details, see Best practices for IAM\n policies in the Key Management Service Developer Guide.
\n Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. If you use the KeyId\n parameter to identify a KMS key in a different Amazon Web Services account, specify the key ARN or the alias\n ARN of the KMS key.
\n \n Required permissions: kms:Decrypt (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#DecryptRequest": {
@@ -1330,7 +1363,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Specifies the KMS key that KMS uses to decrypt the ciphertext.
\n\n Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a\n different KMS key, the Decrypt operation throws an\n IncorrectKeyException.
\n\n This parameter is required only when the ciphertext was encrypted under an asymmetric KMS\n key. If you used a symmetric encryption KMS key, KMS can get the KMS key from metadata that\n it adds to the symmetric ciphertext blob. However, it is always recommended as a best\n practice. This practice ensures that you use the KMS key that you intend.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
"
+ "smithy.api#documentation": "Specifies the KMS key that KMS uses to decrypt the ciphertext.
\n Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a\n different KMS key, the Decrypt operation throws an\n IncorrectKeyException.
\n This parameter is required only when the ciphertext was encrypted under an asymmetric KMS\n key. If you used a symmetric encryption KMS key, KMS can get the KMS key from metadata that\n it adds to the symmetric ciphertext blob. However, it is always recommended as a best\n practice. This practice ensures that you use the KMS key that you intend.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
"
}
},
"EncryptionAlgorithm": {
@@ -1339,6 +1372,9 @@
"smithy.api#documentation": "Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify\n the same algorithm that was used to encrypt the data. If you specify a different algorithm,\n the Decrypt operation fails.
\n This parameter is required only when the ciphertext was encrypted under an asymmetric KMS\n key. The default value, SYMMETRIC_DEFAULT, represents the only supported\n algorithm that is valid for symmetric encryption KMS keys.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#DecryptResponse": {
@@ -1362,6 +1398,9 @@
"smithy.api#documentation": "The encryption algorithm that was used to decrypt the ciphertext.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#DeleteAlias": {
@@ -1400,6 +1439,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#DeleteCustomKeyStore": {
@@ -1425,7 +1467,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes a custom key store. This operation does not affect any backing elements of the\n custom key store. It does not delete the CloudHSM cluster that is associated with an CloudHSM key\n store, or affect any users or keys in the cluster. For an external key store, it does not\n affect the external key store proxy, external key manager, or any external keys.
\n This operation is part of the custom key stores feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nkey store that you own and manage.
\n The custom key store that you delete cannot contain any KMS keys. Before deleting the key store,\n verify that you will never need to use any of the KMS keys in the key store for any\n cryptographic operations. Then, use ScheduleKeyDeletion to delete the KMS keys from the\n key store. After the required waiting period expires and all KMS keys are deleted from the\n custom key store, use DisconnectCustomKeyStore to disconnect the key store\n from KMS. Then, you can delete the custom key store.
\n For keys in an CloudHSM key store, the ScheduleKeyDeletion operation makes a\n best effort to delete the key material from the associated cluster. However, you might need to\n manually delete the orphaned key\n material from the cluster and its backups. KMS never creates, manages, or deletes\n cryptographic keys in the external key manager associated with an external key store. You must\n manage them using your external key manager tools.
\n Instead of deleting the custom key store, consider using the DisconnectCustomKeyStore operation to disconnect the custom key store from its\n backing key store. While the key store is disconnected, you cannot create or use the KMS keys\n in the key store. But, you do not need to delete KMS keys and you can reconnect a disconnected\n custom key store at any time.
\n If the operation succeeds, it returns a JSON object with no\nproperties.
\n \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n \n Required permissions: kms:DeleteCustomKeyStore (IAM policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Deletes a custom key store. This operation does not affect any backing elements of the\n custom key store. It does not delete the CloudHSM cluster that is associated with an CloudHSM key\n store, or affect any users or keys in the cluster. For an external key store, it does not\n affect the external key store proxy, external key manager, or any external keys.
\n This operation is part of the custom key stores feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nkey store that you own and manage.
\n The custom key store that you delete cannot contain any KMS keys. Before deleting the key store,\n verify that you will never need to use any of the KMS keys in the key store for any\n cryptographic operations. Then, use ScheduleKeyDeletion to delete the KMS keys from the\n key store. After the required waiting period expires and all KMS keys are deleted from the\n custom key store, use DisconnectCustomKeyStore to disconnect the key store\n from KMS. Then, you can delete the custom key store.
\n For keys in an CloudHSM key store, the ScheduleKeyDeletion operation makes a\n best effort to delete the key material from the associated cluster. However, you might need to\n manually delete the orphaned key\n material from the cluster and its backups. KMS never creates, manages, or deletes\n cryptographic keys in the external key manager associated with an external key store. You must\n manage them using your external key manager tools.
\n Instead of deleting the custom key store, consider using the DisconnectCustomKeyStore operation to disconnect the custom key store from its\n backing key store. While the key store is disconnected, you cannot create or use the KMS keys\n in the key store. But, you do not need to delete KMS keys and you can reconnect a disconnected\n custom key store at any time.
\n If the operation succeeds, it returns a JSON object with no\nproperties.
\n \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n \n Required permissions: kms:DeleteCustomKeyStore (IAM policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#DeleteCustomKeyStoreRequest": {
@@ -1438,11 +1480,17 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#DeleteCustomKeyStoreResponse": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.kms#DeleteImportedKeyMaterial": {
"type": "operation",
@@ -1473,7 +1521,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes key material that you previously imported. This operation makes the specified KMS\n key unusable. For more information about importing key material into KMS, see Importing Key Material\n in the Key Management Service Developer Guide.
\n When the specified KMS key is in the PendingDeletion state, this operation\n does not change the KMS key's state. Otherwise, it changes the KMS key's state to\n PendingImport.
\n After you delete key material, you can use ImportKeyMaterial to reimport\n the same key material into the KMS key.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:DeleteImportedKeyMaterial (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Deletes key material that you previously imported. This operation makes the specified KMS\n key unusable. For more information about importing key material into KMS, see Importing Key Material\n in the Key Management Service Developer Guide.
\n When the specified KMS key is in the PendingDeletion state, this operation\n does not change the KMS key's state. Otherwise, it changes the KMS key's state to\n PendingImport.
\n After you delete key material, you can use ImportKeyMaterial to reimport\n the same key material into the KMS key.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:DeleteImportedKeyMaterial (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#DeleteImportedKeyMaterialRequest": {
@@ -1482,10 +1530,13 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the KMS key from which you are deleting imported key material. The\n Origin of the KMS key must be EXTERNAL.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies the KMS key from which you are deleting imported key material. The\n Origin of the KMS key must be EXTERNAL.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#DependencyTimeoutException": {
@@ -1561,6 +1612,9 @@
"smithy.api#documentation": "Use this parameter in a subsequent request after you receive a response with\n truncated results. Set it to the value of NextMarker from the truncated response\n you just received.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#DescribeCustomKeyStoresResponse": {
@@ -1585,6 +1639,9 @@
"smithy.api#documentation": "A flag that indicates whether there are more items in the list. When this\n value is true, the list in this response is truncated. To get more items, pass the value of\n the NextMarker element in thisresponse to the Marker parameter in a\n subsequent request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#DescribeKey": {
@@ -1610,7 +1667,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Provides detailed information about a KMS key. You can run DescribeKey on a\n customer managed\n key or an Amazon Web Services managed key.
\n This detailed information includes the key ARN, creation date (and deletion date, if\n applicable), the key state, and the origin and expiration date (if any) of the key material.\n It includes fields, like KeySpec, that help you distinguish different types of\n KMS keys. It also displays the key usage (encryption, signing, or generating and verifying\n MACs) and the algorithms that the KMS key supports.
\n For multi-Region keys,\n DescribeKey displays the primary key and all related replica keys. For KMS keys\n in CloudHSM key stores, it includes\n information about the key store, such as the key store ID and the CloudHSM cluster ID. For KMS\n keys in external key stores, it\n includes the custom key store ID and the ID of the external key.
\n \n DescribeKey does not return the following information:
\n \n - \n
Aliases associated with the KMS key. To get this information, use ListAliases.
\n \n - \n
Whether automatic key rotation is enabled on the KMS key. To get this information, use\n GetKeyRotationStatus. Also, some key states prevent a KMS key from\n being automatically rotated. For details, see How Automatic Key Rotation\n Works in the Key Management Service Developer Guide.
\n \n - \n
Tags on the KMS key. To get this information, use ListResourceTags.
\n \n - \n
Key policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.
\n \n
\n In general, DescribeKey is a non-mutating operation. It returns data about\n KMS keys, but doesn't change them. However, Amazon Web Services services use DescribeKey to\n create Amazon Web Services\n managed keys from a predefined Amazon Web Services alias with no key\n ID.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:DescribeKey (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Provides detailed information about a KMS key. You can run DescribeKey on a\n customer managed\n key or an Amazon Web Services managed key.
\n This detailed information includes the key ARN, creation date (and deletion date, if\n applicable), the key state, and the origin and expiration date (if any) of the key material.\n It includes fields, like KeySpec, that help you distinguish different types of\n KMS keys. It also displays the key usage (encryption, signing, or generating and verifying\n MACs) and the algorithms that the KMS key supports.
\n For multi-Region keys,\n DescribeKey displays the primary key and all related replica keys. For KMS keys\n in CloudHSM key stores, it includes\n information about the key store, such as the key store ID and the CloudHSM cluster ID. For KMS\n keys in external key stores, it\n includes the custom key store ID and the ID of the external key.
\n \n DescribeKey does not return the following information:
\n \n - \n
Aliases associated with the KMS key. To get this information, use ListAliases.
\n \n - \n
Whether automatic key rotation is enabled on the KMS key. To get this information, use\n GetKeyRotationStatus. Also, some key states prevent a KMS key from\n being automatically rotated. For details, see How Automatic Key Rotation\n Works in the Key Management Service Developer Guide.
\n \n - \n
Tags on the KMS key. To get this information, use ListResourceTags.
\n \n - \n
Key policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.
\n \n
\n In general, DescribeKey is a non-mutating operation. It returns data about\n KMS keys, but doesn't change them. However, Amazon Web Services services use DescribeKey to\n create Amazon Web Services\n managed keys from a predefined Amazon Web Services alias with no key\n ID.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:DescribeKey (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#DescribeKeyRequest": {
@@ -1619,7 +1676,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Describes the specified KMS key.
\n If you specify a predefined Amazon Web Services alias (an Amazon Web Services alias with no key ID), KMS associates\n the alias with an Amazon Web Services managed key and returns its\n KeyId and Arn in the response.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "Describes the specified KMS key.
\n If you specify a predefined Amazon Web Services alias (an Amazon Web Services alias with no key ID), KMS associates\n the alias with an Amazon Web Services managed key and returns its\n KeyId and Arn in the response.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
@@ -1629,6 +1686,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#DescribeKeyResponse": {
@@ -1640,6 +1700,9 @@
"smithy.api#documentation": "Metadata associated with the key.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#DescriptionType": {
@@ -1677,7 +1740,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Sets the state of a KMS key to disabled. This change temporarily prevents use of the KMS\n key for cryptographic operations.
\n For more information about how key state affects the use of a KMS key, see\n Key states of KMS keys in the \n Key Management Service Developer Guide\n .
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:DisableKey (key policy)
\n \n Related operations: EnableKey\n
"
+ "smithy.api#documentation": "Sets the state of a KMS key to disabled. This change temporarily prevents use of the KMS\n key for cryptographic operations.
\n For more information about how key state affects the use of a KMS key, see\n Key states of KMS keys in the \n Key Management Service Developer Guide\n .
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:DisableKey (key policy)
\n \n Related operations: EnableKey\n
"
}
},
"com.amazonaws.kms#DisableKeyRequest": {
@@ -1686,10 +1749,13 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the KMS key to disable.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies the KMS key to disable.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#DisableKeyRotation": {
@@ -1724,7 +1790,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Disables automatic\n rotation of the key material of the specified symmetric encryption KMS key.
\n Automatic key rotation is supported only on symmetric encryption KMS keys.\n You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.
\n You can enable (EnableKeyRotation) and disable automatic rotation of the\n key material in customer managed KMS keys. Key material rotation of Amazon Web Services managed KMS keys is not\n configurable. KMS always rotates the key material for every year. Rotation of Amazon Web Services owned KMS\n keys varies.
\n \n In May 2022, KMS changed the rotation schedule for Amazon Web Services managed keys from every three\n years to every year. For details, see EnableKeyRotation.
\n \n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:DisableKeyRotation (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Disables automatic\n rotation of the key material of the specified symmetric encryption KMS key.
\n Automatic key rotation is supported only on symmetric encryption KMS keys.\n You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.
\n You can enable (EnableKeyRotation) and disable automatic rotation of the\n key material in customer managed KMS keys. Key material rotation of Amazon Web Services managed KMS keys is not\n configurable. KMS always rotates the key material for every year. Rotation of Amazon Web Services owned KMS\n keys varies.
\n \n In May 2022, KMS changed the rotation schedule for Amazon Web Services managed keys from every three\n years to every year. For details, see EnableKeyRotation.
\n \n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:DisableKeyRotation (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#DisableKeyRotationRequest": {
@@ -1733,10 +1799,13 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies a symmetric encryption KMS key. You cannot enable or disable automatic rotation\n of asymmetric KMS keys, HMAC\n KMS keys, KMS keys with imported key material, or KMS keys in a\n custom key store.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies a symmetric encryption KMS key. You cannot enable or disable automatic rotation\n of asymmetric KMS keys, HMAC\n KMS keys, KMS keys with imported key material, or KMS keys in a\n custom key store.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#DisabledException": {
@@ -1776,7 +1845,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Disconnects the custom key store from its backing key store. This operation disconnects an\n CloudHSM key store from its associated CloudHSM cluster or disconnects an external key store from\n the external key store proxy that communicates with your external key manager.
\n This operation is part of the custom key stores feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nkey store that you own and manage.
\n While a custom key store is disconnected, you can manage the custom key store and its KMS\n keys, but you cannot create or use its KMS keys. You can reconnect the custom key store at any\n time.
\n \n While a custom key store is disconnected, all attempts to create KMS keys in the custom key store or to use existing KMS keys in cryptographic operations will\n fail. This action can prevent users from storing and accessing sensitive data.
\n \n When you disconnect a custom key store, its ConnectionState changes to\n Disconnected. To find the connection state of a custom key store, use the DescribeCustomKeyStores operation. To reconnect a custom key store, use the\n ConnectCustomKeyStore operation.
\n If the operation succeeds, it returns a JSON object with no\nproperties.
\n \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n\n \n Required permissions: kms:DisconnectCustomKeyStore (IAM policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Disconnects the custom key store from its backing key store. This operation disconnects an\n CloudHSM key store from its associated CloudHSM cluster or disconnects an external key store from\n the external key store proxy that communicates with your external key manager.
\n This operation is part of the custom key stores feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nkey store that you own and manage.
\n While a custom key store is disconnected, you can manage the custom key store and its KMS\n keys, but you cannot create or use its KMS keys. You can reconnect the custom key store at any\n time.
\n \n While a custom key store is disconnected, all attempts to create KMS keys in the custom key store or to use existing KMS keys in cryptographic operations will\n fail. This action can prevent users from storing and accessing sensitive data.
\n \n When you disconnect a custom key store, its ConnectionState changes to\n Disconnected. To find the connection state of a custom key store, use the DescribeCustomKeyStores operation. To reconnect a custom key store, use the\n ConnectCustomKeyStore operation.
\n If the operation succeeds, it returns a JSON object with no\nproperties.
\n \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.
\n \n Required permissions: kms:DisconnectCustomKeyStore (IAM policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#DisconnectCustomKeyStoreRequest": {
@@ -1789,11 +1858,17 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#DisconnectCustomKeyStoreResponse": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.kms#EnableKey": {
"type": "operation",
@@ -1824,7 +1899,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Sets the key state of a KMS key to enabled. This allows you to use the KMS key for\n cryptographic operations.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:EnableKey (key policy)
\n \n Related operations: DisableKey\n
"
+ "smithy.api#documentation": "Sets the key state of a KMS key to enabled. This allows you to use the KMS key for\n cryptographic operations.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:EnableKey (key policy)
\n \n Related operations: DisableKey\n
"
}
},
"com.amazonaws.kms#EnableKeyRequest": {
@@ -1833,10 +1908,13 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the KMS key to enable.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies the KMS key to enable.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#EnableKeyRotation": {
@@ -1871,7 +1949,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Enables automatic rotation\n of the key material of the specified symmetric encryption KMS key.
\n When you enable automatic rotation of acustomer managed KMS key, KMS\n rotates the key material of the KMS key one year (approximately 365 days) from the enable date\n and every year thereafter. You can monitor rotation of the key material for your KMS keys in\n CloudTrail and Amazon CloudWatch. To disable rotation of the key material in a customer\n managed KMS key, use the DisableKeyRotation operation.
\n Automatic key rotation is supported only on symmetric encryption KMS keys.\n You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.
\n You cannot enable or disable automatic rotation Amazon Web Services managed KMS keys. KMS\n always rotates the key material of Amazon Web Services managed keys every year. Rotation of Amazon Web Services owned KMS\n keys varies.
\n \n In May 2022, KMS changed the rotation schedule for Amazon Web Services managed keys from every three\n years (approximately 1,095 days) to every year (approximately 365 days).
\n New Amazon Web Services managed keys are automatically rotated one year after they are created, and\n approximately every year thereafter.
\n Existing Amazon Web Services managed keys are automatically rotated one year after their most recent\n rotation, and every year thereafter.
\n \n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:EnableKeyRotation (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Enables automatic rotation\n of the key material of the specified symmetric encryption KMS key.
\n When you enable automatic rotation of acustomer managed KMS key, KMS\n rotates the key material of the KMS key one year (approximately 365 days) from the enable date\n and every year thereafter. You can monitor rotation of the key material for your KMS keys in\n CloudTrail and Amazon CloudWatch. To disable rotation of the key material in a customer\n managed KMS key, use the DisableKeyRotation operation.
\n Automatic key rotation is supported only on symmetric encryption KMS keys.\n You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.
\n You cannot enable or disable automatic rotation Amazon Web Services managed KMS keys. KMS\n always rotates the key material of Amazon Web Services managed keys every year. Rotation of Amazon Web Services owned KMS\n keys varies.
\n \n In May 2022, KMS changed the rotation schedule for Amazon Web Services managed keys from every three\n years (approximately 1,095 days) to every year (approximately 365 days).
\n New Amazon Web Services managed keys are automatically rotated one year after they are created, and\n approximately every year thereafter.
\n Existing Amazon Web Services managed keys are automatically rotated one year after their most recent\n rotation, and every year thereafter.
\n \n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:EnableKeyRotation (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#EnableKeyRotationRequest": {
@@ -1880,10 +1958,13 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies a symmetric encryption KMS key. You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies a symmetric encryption KMS key. You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#Encrypt": {
@@ -1921,7 +2002,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Encrypts plaintext of up to 4,096 bytes using a KMS key. You can use a symmetric or\n asymmetric KMS key with a KeyUsage of ENCRYPT_DECRYPT.
\n You can use this operation to encrypt small amounts of arbitrary data, such as a personal\n identifier or database password, or other sensitive information. You don't need to use the\n Encrypt operation to encrypt a data key. The GenerateDataKey\n and GenerateDataKeyPair operations return a plaintext data key and an\n encrypted copy of that data key.
\n If you use a symmetric encryption KMS key, you can use an encryption context to add\n additional security to your encryption operation. If you specify an\n EncryptionContext when encrypting data, you must specify the same encryption\n context (a case-sensitive exact match) when decrypting the data. Otherwise, the request to\n decrypt fails with an InvalidCiphertextException. For more information, see\n Encryption\n Context in the Key Management Service Developer Guide.
\n If you specify an asymmetric KMS key, you must also specify the encryption algorithm. The\n algorithm must be compatible with the KMS key spec.
\n \n When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.
\n You are not required to supply the key ID and encryption algorithm when you decrypt with symmetric encryption KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.
\n \n\n\n The maximum size of the data that you can encrypt varies with the type of KMS key and the\n encryption algorithm that you choose.
\n \n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes.\n To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:Encrypt (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Encrypts plaintext of up to 4,096 bytes using a KMS key. You can use a symmetric or\n asymmetric KMS key with a KeyUsage of ENCRYPT_DECRYPT.
\n You can use this operation to encrypt small amounts of arbitrary data, such as a personal\n identifier or database password, or other sensitive information. You don't need to use the\n Encrypt operation to encrypt a data key. The GenerateDataKey\n and GenerateDataKeyPair operations return a plaintext data key and an\n encrypted copy of that data key.
\n If you use a symmetric encryption KMS key, you can use an encryption context to add\n additional security to your encryption operation. If you specify an\n EncryptionContext when encrypting data, you must specify the same encryption\n context (a case-sensitive exact match) when decrypting the data. Otherwise, the request to\n decrypt fails with an InvalidCiphertextException. For more information, see\n Encryption\n Context in the Key Management Service Developer Guide.
\n If you specify an asymmetric KMS key, you must also specify the encryption algorithm. The\n algorithm must be compatible with the KMS key spec.
\n \n When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.
\n You are not required to supply the key ID and encryption algorithm when you decrypt with symmetric encryption KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.
\n \n The maximum size of the data that you can encrypt varies with the type of KMS key and the\n encryption algorithm that you choose.
\n \n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes.\n To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:Encrypt (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#EncryptRequest": {
@@ -1930,7 +2011,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the KMS key to use in the encryption operation. The KMS key must have a\n KeyUsage of ENCRYPT_DECRYPT. To find the KeyUsage of\n a KMS key, use the DescribeKey operation.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "Identifies the KMS key to use in the encryption operation. The KMS key must have a\n KeyUsage of ENCRYPT_DECRYPT. To find the KeyUsage of\n a KMS key, use the DescribeKey operation.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
@@ -1959,6 +2040,9 @@
"smithy.api#documentation": "Specifies the encryption algorithm that KMS will use to encrypt the plaintext message.\n The algorithm must be compatible with the KMS key that you specify.
\n This parameter is required only for asymmetric KMS keys. The default value,\n SYMMETRIC_DEFAULT, is the algorithm used for symmetric encryption KMS keys. If you are\n using an asymmetric KMS key, we recommend RSAES_OAEP_SHA_256.
\n The SM2PKE algorithm is only available in China Regions.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#EncryptResponse": {
@@ -1982,6 +2066,9 @@
"smithy.api#documentation": "The encryption algorithm that was used to encrypt the plaintext.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#EncryptionAlgorithmSpec": {
@@ -2106,7 +2193,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns a unique symmetric data key for use outside of KMS. This operation returns a\n plaintext copy of the data key and a copy that is encrypted under a symmetric encryption KMS\n key that you specify. The bytes in the plaintext key are random; they are not related \n to the caller or the KMS key. You can use the plaintext key to encrypt your data outside of KMS \n and store the encrypted data key with the encrypted data.
\n\n To generate a data key, specify the symmetric encryption KMS key that will be used to\n encrypt the data key. You cannot use an asymmetric KMS key to encrypt data keys. To get the\n type of your KMS key, use the DescribeKey operation.
\n \n You must also specify the length of the data key. Use either the KeySpec or \n NumberOfBytes parameters (but not both). For 128-bit and 256-bit data keys, use \n the KeySpec parameter.
\n \n To generate an SM4 data key (China Regions only), specify a KeySpec value of\n AES_128 or NumberOfBytes value of 128. The symmetric \n encryption key used in China Regions to encrypt your data key is an SM4 encryption key.
\n\n To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. To generate an asymmetric data key pair, use\n the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operation. To get a cryptographically secure\n random byte string, use GenerateRandom.
\n\n You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
\n Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n How to use your data key\n
\n We recommend that you use the following pattern to encrypt data locally in your\n application. You can write your own code or use a client-side encryption library, such as the\n Amazon Web Services Encryption SDK, the\n Amazon DynamoDB Encryption Client,\n or Amazon S3\n client-side encryption to do these tasks for you.
\n To encrypt data outside of KMS:
\n \n - \n
Use the GenerateDataKey operation to get a data key.
\n \n - \n
Use the plaintext data key (in the Plaintext field of the response) to\n encrypt your data outside of KMS. Then erase the plaintext data key from memory.
\n \n - \n
Store the encrypted data key (in the CiphertextBlob field of the\n response) with the encrypted data.
\n \n
\n To decrypt data outside of KMS:
\n \n - \n
Use the Decrypt operation to decrypt the encrypted data key. The\n operation returns a plaintext copy of the data key.
\n \n - \n
Use the plaintext data key to decrypt data outside of KMS, then erase the plaintext\n data key from memory.
\n \n
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:GenerateDataKey (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Returns a unique symmetric data key for use outside of KMS. This operation returns a\n plaintext copy of the data key and a copy that is encrypted under a symmetric encryption KMS\n key that you specify. The bytes in the plaintext key are random; they are not related \n to the caller or the KMS key. You can use the plaintext key to encrypt your data outside of KMS \n and store the encrypted data key with the encrypted data.
\n To generate a data key, specify the symmetric encryption KMS key that will be used to\n encrypt the data key. You cannot use an asymmetric KMS key to encrypt data keys. To get the\n type of your KMS key, use the DescribeKey operation.
\n You must also specify the length of the data key. Use either the KeySpec or \n NumberOfBytes parameters (but not both). For 128-bit and 256-bit data keys, use \n the KeySpec parameter.
\n To generate a 128-bit SM4 data key (China Regions only), specify a KeySpec value of\n AES_128 or a NumberOfBytes value of 16. The symmetric \n encryption key used in China Regions to encrypt your data key is an SM4 encryption key.
\n To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. To generate an asymmetric data key pair, use\n the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operation. To get a cryptographically secure\n random byte string, use GenerateRandom.
\n You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
\n Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n How to use your data key\n
\n We recommend that you use the following pattern to encrypt data locally in your\n application. You can write your own code or use a client-side encryption library, such as the\n Amazon Web Services Encryption SDK, the\n Amazon DynamoDB Encryption Client,\n or Amazon S3\n client-side encryption to do these tasks for you.
\n To encrypt data outside of KMS:
\n \n - \n
Use the GenerateDataKey operation to get a data key.
\n \n - \n
Use the plaintext data key (in the Plaintext field of the response) to\n encrypt your data outside of KMS. Then erase the plaintext data key from memory.
\n \n - \n
Store the encrypted data key (in the CiphertextBlob field of the\n response) with the encrypted data.
\n \n
\n To decrypt data outside of KMS:
\n \n - \n
Use the Decrypt operation to decrypt the encrypted data key. The\n operation returns a plaintext copy of the data key.
\n \n - \n
Use the plaintext data key to decrypt data outside of KMS, then erase the plaintext\n data key from memory.
\n \n
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:GenerateDataKey (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#GenerateDataKeyPair": {
@@ -2147,7 +2234,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns a unique asymmetric data key pair for use outside of KMS. This operation returns\n a plaintext public key, a plaintext private key, and a copy of the private key that is\n encrypted under the symmetric encryption KMS key you specify. You can use the data key pair to\n perform asymmetric cryptography and implement digital signatures outside of KMS. The bytes\n in the keys are random; they not related to the caller or to the KMS key that is used to\n encrypt the private key.
\n\n You can use the public key that GenerateDataKeyPair returns to encrypt data\n or verify a signature outside of KMS. Then, store the encrypted private key with the data.\n When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.
\n\n To generate a data key pair, you must specify a symmetric encryption KMS key to encrypt\n the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.
\n Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. In China Regions, you can also choose an SM2 data key pair. KMS recommends that you use\n ECC key pairs for signing, and use RSA and SM2 key pairs for either encryption or signing, but not both.\n However, KMS cannot enforce any restrictions on the use of data key pairs outside of KMS.
\n\n If you are using the data key pair to encrypt data, or for any operation where you don't\n immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext operation.\n GenerateDataKeyPairWithoutPlaintext returns a plaintext public key and an\n encrypted private key, but omits the plaintext private key that you need only to decrypt\n ciphertext or sign a message. Later, when you need to decrypt the data or sign a message, use\n the Decrypt operation to decrypt the encrypted private key in the data key\n pair.
\n\n \n GenerateDataKeyPair returns a unique data key pair for each request. The\n bytes in the keys are random; they are not related to the caller or the KMS key that is used\n to encrypt the private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as\n specified in RFC 5280. The private\n key is a DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC 5958.
\n\n You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:GenerateDataKeyPair (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Returns a unique asymmetric data key pair for use outside of KMS. This operation returns\n a plaintext public key, a plaintext private key, and a copy of the private key that is\n encrypted under the symmetric encryption KMS key you specify. You can use the data key pair to\n perform asymmetric cryptography and implement digital signatures outside of KMS. The bytes\n in the keys are random; they not related to the caller or to the KMS key that is used to\n encrypt the private key.
\n You can use the public key that GenerateDataKeyPair returns to encrypt data\n or verify a signature outside of KMS. Then, store the encrypted private key with the data.\n When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.
\n To generate a data key pair, you must specify a symmetric encryption KMS key to encrypt\n the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.
\n Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. In China Regions, you can also choose an SM2 data key pair. KMS recommends that you use\n ECC key pairs for signing, and use RSA and SM2 key pairs for either encryption or signing, but not both.\n However, KMS cannot enforce any restrictions on the use of data key pairs outside of KMS.
\n If you are using the data key pair to encrypt data, or for any operation where you don't\n immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext operation.\n GenerateDataKeyPairWithoutPlaintext returns a plaintext public key and an\n encrypted private key, but omits the plaintext private key that you need only to decrypt\n ciphertext or sign a message. Later, when you need to decrypt the data or sign a message, use\n the Decrypt operation to decrypt the encrypted private key in the data key\n pair.
\n \n GenerateDataKeyPair returns a unique data key pair for each request. The\n bytes in the keys are random; they are not related to the caller or the KMS key that is used\n to encrypt the private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as\n specified in RFC 5280. The private\n key is a DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC 5958.
\n You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:GenerateDataKeyPair (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#GenerateDataKeyPairRequest": {
@@ -2162,7 +2249,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Specifies the symmetric encryption KMS key that encrypts the private key in the data key\n pair. You cannot specify an asymmetric KMS key or a KMS key in a custom key store. To get the\n type and origin of your KMS key, use the DescribeKey operation.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "Specifies the symmetric encryption KMS key that encrypts the private key in the data key\n pair. You cannot specify an asymmetric KMS key or a KMS key in a custom key store. To get the\n type and origin of your KMS key, use the DescribeKey operation.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
@@ -2179,6 +2266,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GenerateDataKeyPairResponse": {
@@ -2214,6 +2304,9 @@
"smithy.api#documentation": "The type of data key pair that was generated.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GenerateDataKeyPairWithoutPlaintext": {
@@ -2254,7 +2347,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns a unique asymmetric data key pair for use outside of KMS. This operation returns\n a plaintext public key and a copy of the private key that is encrypted under the symmetric\n encryption KMS key you specify. Unlike GenerateDataKeyPair, this operation\n does not return a plaintext private key. The bytes in the keys are random; they are not\n related to the caller or to the KMS key that is used to encrypt the private key.
\n You can use the public key that GenerateDataKeyPairWithoutPlaintext returns\n to encrypt data or verify a signature outside of KMS. Then, store the encrypted private key\n with the data. When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.
\n To generate a data key pair, you must specify a symmetric encryption KMS key to encrypt\n the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.
\n Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. In China Regions, you can also choose an SM2 data key pair. KMS recommends that you \n use ECC key pairs for signing, and use RSA and SM2 key pairs for either encryption or signing, but not\n both. However, KMS cannot enforce any restrictions on the use of data key pairs outside of KMS.
\n \n GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each\n request. The bytes in the key are not related to the caller or KMS key that is used to encrypt\n the private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in\n RFC 5280.
\n\n You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key\n policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Returns a unique asymmetric data key pair for use outside of KMS. This operation returns\n a plaintext public key and a copy of the private key that is encrypted under the symmetric\n encryption KMS key you specify. Unlike GenerateDataKeyPair, this operation\n does not return a plaintext private key. The bytes in the keys are random; they are not\n related to the caller or to the KMS key that is used to encrypt the private key.
\n You can use the public key that GenerateDataKeyPairWithoutPlaintext returns\n to encrypt data or verify a signature outside of KMS. Then, store the encrypted private key\n with the data. When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.
\n To generate a data key pair, you must specify a symmetric encryption KMS key to encrypt\n the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.
\n Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. In China Regions, you can also choose an SM2 data key pair. KMS recommends that you \n use ECC key pairs for signing, and use RSA and SM2 key pairs for either encryption or signing, but not\n both. However, KMS cannot enforce any restrictions on the use of data key pairs outside of KMS.
\n \n GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each\n request. The bytes in the key are not related to the caller or KMS key that is used to encrypt\n the private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in\n RFC 5280.
\n You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key\n policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#GenerateDataKeyPairWithoutPlaintextRequest": {
@@ -2269,7 +2362,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Specifies the symmetric encryption KMS key that encrypts the private key in the data key\n pair. You cannot specify an asymmetric KMS key or a KMS key in a custom key store. To get the\n type and origin of your KMS key, use the DescribeKey operation.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "Specifies the symmetric encryption KMS key that encrypts the private key in the data key\n pair. You cannot specify an asymmetric KMS key or a KMS key in a custom key store. To get the\n type and origin of your KMS key, use the DescribeKey operation.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
@@ -2286,6 +2379,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GenerateDataKeyPairWithoutPlaintextResponse": {
@@ -2315,6 +2411,9 @@
"smithy.api#documentation": "The type of data key pair that was generated.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GenerateDataKeyRequest": {
@@ -2323,7 +2422,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify\n an asymmetric KMS key or a KMS key in a custom key store. To get the type and origin of your\n KMS key, use the DescribeKey operation.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify\n an asymmetric KMS key or a KMS key in a custom key store. To get the type and origin of your\n KMS key, use the DescribeKey operation.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
@@ -2351,6 +2450,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GenerateDataKeyResponse": {
@@ -2374,6 +2476,9 @@
"smithy.api#documentation": "The Amazon Resource Name (key ARN) of the KMS key that encrypted the data key.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GenerateDataKeyWithoutPlaintext": {
@@ -2411,7 +2516,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns a unique symmetric data key for use outside of KMS. This operation returns a\n data key that is encrypted under a symmetric encryption KMS key that you specify. The bytes in\n the key are random; they are not related to the caller or to the KMS key.
\n \n GenerateDataKeyWithoutPlaintext is identical to the GenerateDataKey operation except that it does not return a plaintext copy of the\n data key.
\n This operation is useful for systems that need to encrypt data at some point, but not\n immediately. When you need to encrypt the data, you call the Decrypt\n operation on the encrypted copy of the key.
\n It's also useful in distributed systems with different levels of trust. For example, you\n might store encrypted data in containers. One component of your system creates new containers\n and stores an encrypted data key with each container. Then, a different component puts the\n data into the containers. That component first decrypts the data key, uses the plaintext data\n key to encrypt data, puts the encrypted data into the container, and then destroys the\n plaintext data key. In this system, the component that creates the containers never sees the\n plaintext data key.
\n To request an asymmetric data key pair, use the GenerateDataKeyPair or\n GenerateDataKeyPairWithoutPlaintext operations.
\n\n To generate a data key, you must specify the symmetric encryption KMS key that is used to\n encrypt the data key. You cannot use an asymmetric KMS key or a key in a custom key store to generate a data key. To get the\n type of your KMS key, use the DescribeKey operation.
\n \n You must also specify the length of the data key. Use either the KeySpec or \n NumberOfBytes parameters (but not both). For 128-bit and 256-bit data keys, use \n the KeySpec parameter.
\n \n To generate an SM4 data key (China Regions only), specify a KeySpec value of\n AES_128 or NumberOfBytes value of 128. The symmetric \n encryption key used in China Regions to encrypt your data key is an SM4 encryption key.
\n\n If the operation succeeds, you will find the encrypted copy of the data key in the\n CiphertextBlob field.
\n\n You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:GenerateDataKeyWithoutPlaintext (key\n policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Returns a unique symmetric data key for use outside of KMS. This operation returns a\n data key that is encrypted under a symmetric encryption KMS key that you specify. The bytes in\n the key are random; they are not related to the caller or to the KMS key.
\n \n GenerateDataKeyWithoutPlaintext is identical to the GenerateDataKey operation except that it does not return a plaintext copy of the\n data key.
\n This operation is useful for systems that need to encrypt data at some point, but not\n immediately. When you need to encrypt the data, you call the Decrypt\n operation on the encrypted copy of the key.
\n It's also useful in distributed systems with different levels of trust. For example, you\n might store encrypted data in containers. One component of your system creates new containers\n and stores an encrypted data key with each container. Then, a different component puts the\n data into the containers. That component first decrypts the data key, uses the plaintext data\n key to encrypt data, puts the encrypted data into the container, and then destroys the\n plaintext data key. In this system, the component that creates the containers never sees the\n plaintext data key.
\n To request an asymmetric data key pair, use the GenerateDataKeyPair or\n GenerateDataKeyPairWithoutPlaintext operations.
\n To generate a data key, you must specify the symmetric encryption KMS key that is used to\n encrypt the data key. You cannot use an asymmetric KMS key or a key in a custom key store to generate a data key. To get the\n type of your KMS key, use the DescribeKey operation.
\n You must also specify the length of the data key. Use either the KeySpec or \n NumberOfBytes parameters (but not both). For 128-bit and 256-bit data keys, use \n the KeySpec parameter.
\n To generate an SM4 data key (China Regions only), specify a KeySpec value of\n AES_128 or NumberOfBytes value of 128. The symmetric \n encryption key used in China Regions to encrypt your data key is an SM4 encryption key.
\n If the operation succeeds, you will find the encrypted copy of the data key in the\n CiphertextBlob field.
\n You can use an optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:GenerateDataKeyWithoutPlaintext (key\n policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#GenerateDataKeyWithoutPlaintextRequest": {
@@ -2420,7 +2525,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify\n an asymmetric KMS key or a KMS key in a custom key store. To get the type and origin of your\n KMS key, use the DescribeKey operation.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "Specifies the symmetric encryption KMS key that encrypts the data key. You cannot specify\n an asymmetric KMS key or a KMS key in a custom key store. To get the type and origin of your\n KMS key, use the DescribeKey operation.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
@@ -2448,6 +2553,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GenerateDataKeyWithoutPlaintextResponse": {
@@ -2465,6 +2573,9 @@
"smithy.api#documentation": "The Amazon Resource Name (key ARN) of the KMS key that encrypted the data key.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GenerateMac": {
@@ -2532,6 +2643,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GenerateMacResponse": {
@@ -2540,7 +2654,7 @@
"Mac": {
"target": "com.amazonaws.kms#CiphertextType",
"traits": {
- "smithy.api#documentation": "The hash-based message authentication code (HMAC) that was generated for the\n specified message, HMAC KMS key, and MAC algorithm.
\n This is the standard, raw HMAC defined in RFC 2104.
"
+ "smithy.api#documentation": "The hash-based message authentication code (HMAC) that was generated for the\n specified message, HMAC KMS key, and MAC algorithm.
\n This is the standard, raw HMAC defined in RFC 2104.
"
}
},
"MacAlgorithm": {
@@ -2555,6 +2669,9 @@
"smithy.api#documentation": "The HMAC KMS key used in the operation.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GenerateRandom": {
@@ -2583,7 +2700,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns a random byte string that is cryptographically secure.
\n You must use the NumberOfBytes parameter to specify the length of the random\n byte string. There is no default value for string length.
\n By default, the random byte string is generated in KMS. To generate the byte string in\n the CloudHSM cluster associated with an CloudHSM key store, use the CustomKeyStoreId\n parameter.
\n Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\n For more information about entropy and random number generation, see\n Key Management Service Cryptographic Details.
\n\n \n Cross-account use: Not applicable.\n GenerateRandom does not use any account-specific resources, such as KMS\n keys.
\n \n Required permissions: kms:GenerateRandom (IAM policy)
"
+ "smithy.api#documentation": "Returns a random byte string that is cryptographically secure.
\n You must use the NumberOfBytes parameter to specify the length of the random\n byte string. There is no default value for string length.
\n By default, the random byte string is generated in KMS. To generate the byte string in\n the CloudHSM cluster associated with an CloudHSM key store, use the CustomKeyStoreId\n parameter.
\n Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.
\n For more information about entropy and random number generation, see\n Key Management Service Cryptographic Details.
\n \n Cross-account use: Not applicable.\n GenerateRandom does not use any account-specific resources, such as KMS\n keys.
\n \n Required permissions: kms:GenerateRandom (IAM policy)
"
}
},
"com.amazonaws.kms#GenerateRandomRequest": {
@@ -2601,6 +2718,9 @@
"smithy.api#documentation": "Generates the random byte string in the CloudHSM cluster that is associated with the\n specified CloudHSM key store. To find the ID of a custom key store, use the DescribeCustomKeyStores operation.
\n External key store IDs are not valid for this parameter. If you specify the ID of an\n external key store, GenerateRandom throws an\n UnsupportedOperationException.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GenerateRandomResponse": {
@@ -2612,6 +2732,9 @@
"smithy.api#documentation": "The random byte string. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GetKeyPolicy": {
@@ -2640,7 +2763,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Gets a key policy attached to the specified KMS key.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:GetKeyPolicy (key policy)
\n \n Related operations: PutKeyPolicy\n
"
+ "smithy.api#documentation": "Gets a key policy attached to the specified KMS key.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:GetKeyPolicy (key policy)
\n \n Related operations: PutKeyPolicy\n
"
}
},
"com.amazonaws.kms#GetKeyPolicyRequest": {
@@ -2649,7 +2772,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Gets the key policy for the specified KMS key.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Gets the key policy for the specified KMS key.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -2660,6 +2783,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GetKeyPolicyResponse": {
@@ -2671,6 +2797,9 @@
"smithy.api#documentation": "A key policy document in JSON format.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GetKeyRotationStatus": {
@@ -2702,7 +2831,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Gets a Boolean value that indicates whether automatic rotation of the key material is\n enabled for the specified KMS key.
\n When you enable automatic rotation for customer managed KMS keys, KMS\n rotates the key material of the KMS key one year (approximately 365 days) from the enable date\n and every year thereafter. You can monitor rotation of the key material for your KMS keys in\n CloudTrail and Amazon CloudWatch.
\n Automatic key rotation is supported only on symmetric encryption KMS keys.\n You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key..
\n You can enable (EnableKeyRotation) and disable automatic rotation (DisableKeyRotation) of the key material in customer managed KMS keys. Key\n material rotation of Amazon Web Services managed KMS keys is not\n configurable. KMS always rotates the key material in Amazon Web Services managed KMS keys every year. The\n key rotation status for Amazon Web Services managed KMS keys is always true.
\n \n In May 2022, KMS changed the rotation schedule for Amazon Web Services managed keys from every three\n years to every year. For details, see EnableKeyRotation.
\n \n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n - \n
Disabled: The key rotation status does not change when you disable a KMS key. However,\n while the KMS key is disabled, KMS does not rotate the key material. When you re-enable\n the KMS key, rotation resumes. If the key material in the re-enabled KMS key hasn't been\n rotated in one year, KMS rotates it immediately, and every year thereafter. If it's been\n less than a year since the key material in the re-enabled KMS key was rotated, the KMS key\n resumes its prior rotation schedule.
\n \n - \n
Pending deletion: While a KMS key is pending deletion, its key rotation status is\n false and KMS does not rotate the key material. If you cancel the\n deletion, the original key rotation status returns to true.
\n \n
\n \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:GetKeyRotationStatus (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Gets a Boolean value that indicates whether automatic rotation of the key material is\n enabled for the specified KMS key.
\n When you enable automatic rotation for customer managed KMS keys, KMS\n rotates the key material of the KMS key one year (approximately 365 days) from the enable date\n and every year thereafter. You can monitor rotation of the key material for your KMS keys in\n CloudTrail and Amazon CloudWatch.
\n Automatic key rotation is supported only on symmetric encryption KMS keys.\n You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key..
\n You can enable (EnableKeyRotation) and disable automatic rotation (DisableKeyRotation) of the key material in customer managed KMS keys. Key\n material rotation of Amazon Web Services managed KMS keys is not\n configurable. KMS always rotates the key material in Amazon Web Services managed KMS keys every year. The\n key rotation status for Amazon Web Services managed KMS keys is always true.
\n \n In May 2022, KMS changed the rotation schedule for Amazon Web Services managed keys from every three\n years to every year. For details, see EnableKeyRotation.
\n \n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n - \n
Disabled: The key rotation status does not change when you disable a KMS key. However,\n while the KMS key is disabled, KMS does not rotate the key material. When you re-enable\n the KMS key, rotation resumes. If the key material in the re-enabled KMS key hasn't been\n rotated in one year, KMS rotates it immediately, and every year thereafter. If it's been\n less than a year since the key material in the re-enabled KMS key was rotated, the KMS key\n resumes its prior rotation schedule.
\n \n - \n
Pending deletion: While a KMS key is pending deletion, its key rotation status is\n false and KMS does not rotate the key material. If you cancel the\n deletion, the original key rotation status returns to true.
\n \n
\n \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:GetKeyRotationStatus (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#GetKeyRotationStatusRequest": {
@@ -2711,10 +2840,13 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Gets the rotation status for the specified KMS key.
\n \n Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Gets the rotation status for the specified KMS key.
\n Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GetKeyRotationStatusResponse": {
@@ -2727,6 +2859,9 @@
"smithy.api#documentation": "A Boolean value that specifies whether key rotation is enabled.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GetParametersForImport": {
@@ -2758,7 +2893,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns the items you need to import key material into a symmetric encryption KMS key. For\n more information about importing key material into KMS, see Importing key material in the\n Key Management Service Developer Guide.
\n This operation returns a public key and an import token. Use the public key to encrypt the\n symmetric key material. Store the import token to send with a subsequent ImportKeyMaterial request.
\n You must specify the key ID of the symmetric encryption KMS key into which you will import\n key material. The KMS key Origin must be EXTERNAL. You must also\n specify the wrapping algorithm and type of wrapping key (public key) that you will use to\n encrypt the key material. You cannot perform this operation on an asymmetric KMS key, an HMAC KMS key, or on any KMS key in a different Amazon Web Services account.
\n To import key material, you must use the public key and import token from the same\n response. These items are valid for 24 hours. The expiration date and time appear in the\n GetParametersForImport response. You cannot use an expired token in an ImportKeyMaterial request. If your key and token expire, send another\n GetParametersForImport request.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:GetParametersForImport (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Returns the items you need to import key material into a symmetric encryption KMS key. For\n more information about importing key material into KMS, see Importing key material in the\n Key Management Service Developer Guide.
\n This operation returns a public key and an import token. Use the public key to encrypt the\n symmetric key material. Store the import token to send with a subsequent ImportKeyMaterial request.
\n You must specify the key ID of the symmetric encryption KMS key into which you will import\n key material. The KMS key Origin must be EXTERNAL. You must also\n specify the wrapping algorithm and type of wrapping key (public key) that you will use to\n encrypt the key material. You cannot perform this operation on an asymmetric KMS key, an HMAC KMS key, or on any KMS key in a different Amazon Web Services account.
\n To import key material, you must use the public key and import token from the same\n response. These items are valid for 24 hours. The expiration date and time appear in the\n GetParametersForImport response. You cannot use an expired token in an ImportKeyMaterial request. If your key and token expire, send another\n GetParametersForImport request.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:GetParametersForImport (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#GetParametersForImportRequest": {
@@ -2767,14 +2902,14 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "The identifier of the symmetric encryption KMS key into which you will import key\n material. The Origin of the KMS key must be EXTERNAL.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "The identifier of the symmetric encryption KMS key into which you will import key\n material. The Origin of the KMS key must be EXTERNAL.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
"WrappingAlgorithm": {
"target": "com.amazonaws.kms#AlgorithmSpec",
"traits": {
- "smithy.api#documentation": "The algorithm you will use to encrypt the key material before importing it with ImportKeyMaterial. For more information, see Encrypt the Key Material\n in the Key Management Service Developer Guide.
",
+ "smithy.api#documentation": "The algorithm you will use to encrypt the key material before using the ImportKeyMaterial operation to import it. For more information, see Encrypt the\n key material in the Key Management Service Developer Guide.
\n \n The RSAES_PKCS1_V1_5 wrapping algorithm is deprecated. We recommend that\n you begin using a different wrapping algorithm immediately. KMS will end support for\n RSAES_PKCS1_V1_5 by October 1, 2023 pursuant to cryptographic key management guidance from the National Institute of Standards\n and Technology (NIST).
\n ",
"smithy.api#required": {}
}
},
@@ -2785,6 +2920,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GetParametersForImportResponse": {
@@ -2814,6 +2952,9 @@
"smithy.api#documentation": "The time at which the import token and public key are no longer valid. After this time,\n you cannot use them to make an ImportKeyMaterial request and you must send\n another GetParametersForImport request to get new ones.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GetPublicKey": {
@@ -2857,7 +2998,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric\n KMS key, which never leaves KMS unencrypted, callers with kms:GetPublicKey\n permission can download the public key of an asymmetric KMS key. You can share the public key\n to allow others to encrypt messages and verify signatures outside of KMS.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n You do not need to download the public key. Instead, you can use the public key within\n KMS by calling the Encrypt, ReEncrypt, or Verify operations with the identifier of an asymmetric KMS key. When you use the\n public key within KMS, you benefit from the authentication, authorization, and logging that\n are part of every KMS operation. You also reduce of risk of encrypting data that cannot be\n decrypted. These features are not effective outside of KMS.
\n \n To help you use the public key safely outside of KMS, GetPublicKey returns\n important information about the public key in the response, including:
\n \n - \n
\n KeySpec: The type of key material in the public key, such as\n RSA_4096 or ECC_NIST_P521.
\n \n - \n
\n KeyUsage: Whether the key is used for encryption or signing.
\n \n - \n
\n EncryptionAlgorithms or SigningAlgorithms: A list of the encryption algorithms or the signing\n algorithms for the key.
\n \n
\n Although KMS cannot enforce these restrictions on external operations, it is crucial\n that you use this information to prevent the public key from being used improperly. For\n example, you can prevent a public signing key from being used encrypt data, or prevent a\n public key from being used with an encryption algorithm that is not supported by KMS. You\n can also avoid errors, such as using the wrong signing algorithm in a verification\n operation.
\n To verify a signature outside of KMS with an SM2 public key (China Regions only), you must \n specify the distinguishing ID. By default, KMS uses 1234567812345678 as the \n distinguishing ID. For more information, see Offline verification\n with SM2 key pairs.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use:\n Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:GetPublicKey (key policy)
\n \n Related operations: CreateKey\n
"
+ "smithy.api#documentation": "Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric\n KMS key, which never leaves KMS unencrypted, callers with kms:GetPublicKey\n permission can download the public key of an asymmetric KMS key. You can share the public key\n to allow others to encrypt messages and verify signatures outside of KMS.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n You do not need to download the public key. Instead, you can use the public key within\n KMS by calling the Encrypt, ReEncrypt, or Verify operations with the identifier of an asymmetric KMS key. When you use the\n public key within KMS, you benefit from the authentication, authorization, and logging that\n are part of every KMS operation. You also reduce of risk of encrypting data that cannot be\n decrypted. These features are not effective outside of KMS.
\n To help you use the public key safely outside of KMS, GetPublicKey returns\n important information about the public key in the response, including:
\n \n - \n
\n KeySpec: The type of key material in the public key, such as\n RSA_4096 or ECC_NIST_P521.
\n \n - \n
\n KeyUsage: Whether the key is used for encryption or signing.
\n \n - \n
\n EncryptionAlgorithms or SigningAlgorithms: A list of the encryption algorithms or the signing\n algorithms for the key.
\n \n
\n Although KMS cannot enforce these restrictions on external operations, it is crucial\n that you use this information to prevent the public key from being used improperly. For\n example, you can prevent a public signing key from being used encrypt data, or prevent a\n public key from being used with an encryption algorithm that is not supported by KMS. You\n can also avoid errors, such as using the wrong signing algorithm in a verification\n operation.
\n To verify a signature outside of KMS with an SM2 public key (China Regions only), you must \n specify the distinguishing ID. By default, KMS uses 1234567812345678 as the \n distinguishing ID. For more information, see Offline verification\n with SM2 key pairs.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use:\n Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:GetPublicKey (key policy)
\n \n Related operations: CreateKey\n
"
}
},
"com.amazonaws.kms#GetPublicKeyRequest": {
@@ -2866,7 +3007,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the asymmetric KMS key that includes the public key.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "Identifies the asymmetric KMS key that includes the public key.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
@@ -2876,6 +3017,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#GetPublicKeyResponse": {
@@ -2926,6 +3070,9 @@
"smithy.api#documentation": "The signing algorithms that KMS supports for this key.
\n This field appears in the response only when the KeyUsage of the public key\n is SIGN_VERIFY.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#GrantConstraints": {
@@ -3204,7 +3351,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Imports key material into an existing symmetric encryption KMS key that was created\n without key material. After you successfully import key material into a KMS key, you can\n reimport the same key material into that KMS key, but you cannot import different\n key material.
\n You cannot perform this operation on an asymmetric KMS key, an HMAC KMS key, or on any KMS key in a different Amazon Web Services account. For more information about creating KMS keys with no key material\n and then importing key material, see Importing Key Material in the\n Key Management Service Developer Guide.
\n Before using this operation, call GetParametersForImport. Its response\n includes a public key and an import token. Use the public key to encrypt the key material.\n Then, submit the import token from the same GetParametersForImport\n response.
\n When calling this operation, you must specify the following values:
\n \n - \n
The key ID or key ARN of a KMS key with no key material. Its Origin must\n be EXTERNAL.
\n To create a KMS key with no key material, call CreateKey and set the\n value of its Origin parameter to EXTERNAL. To get the\n Origin of a KMS key, call DescribeKey.)
\n \n - \n
The encrypted key material. To get the public key to encrypt the key material, call\n GetParametersForImport.
\n \n - \n
The import token that GetParametersForImport returned. You must use\n a public key and token from the same GetParametersForImport response.
\n \n - \n
Whether the key material expires (ExpirationModel) and, if so, when\n (ValidTo). If you set an expiration date, on the specified date, KMS\n deletes the key material from the KMS key, making the KMS key unusable. To use the KMS key\n in cryptographic operations again, you must reimport the same key material. The only way\n to change the expiration model or expiration date is by reimporting the same key material\n and specifying a new expiration date.
\n \n
\n When this operation is successful, the key state of the KMS key changes from\n PendingImport to Enabled, and you can use the KMS key.
\n If this operation fails, use the exception to help determine the problem. If the error is\n related to the key material, the import token, or wrapping key, use GetParametersForImport to get a new public key and import token for the KMS key\n and repeat the import procedure. For help, see How To Import Key\n Material in the Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:ImportKeyMaterial (key policy)
\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Imports key material into an existing symmetric encryption KMS key that was created\n without key material. After you successfully import key material into a KMS key, you can\n reimport the same key material into that KMS key, but you cannot import different\n key material.
\n You cannot perform this operation on an asymmetric KMS key, an HMAC KMS key, or on any KMS key in a different Amazon Web Services account. For more information about creating KMS keys with no key material\n and then importing key material, see Importing Key Material in the\n Key Management Service Developer Guide.
\n Before using this operation, call GetParametersForImport. Its response\n includes a public key and an import token. Use the public key to encrypt the key material.\n Then, submit the import token from the same GetParametersForImport\n response.
\n When calling this operation, you must specify the following values:
\n \n - \n
The key ID or key ARN of a KMS key with no key material. Its Origin must\n be EXTERNAL.
\n To create a KMS key with no key material, call CreateKey and set the\n value of its Origin parameter to EXTERNAL. To get the\n Origin of a KMS key, call DescribeKey.)
\n \n - \n
The encrypted key material. To get the public key to encrypt the key material, call\n GetParametersForImport.
\n \n - \n
The import token that GetParametersForImport returned. You must use\n a public key and token from the same GetParametersForImport response.
\n \n - \n
Whether the key material expires (ExpirationModel) and, if so, when\n (ValidTo). If you set an expiration date, on the specified date, KMS\n deletes the key material from the KMS key, making the KMS key unusable. To use the KMS key\n in cryptographic operations again, you must reimport the same key material. The only way\n to change the expiration model or expiration date is by reimporting the same key material\n and specifying a new expiration date.
\n \n
\n When this operation is successful, the key state of the KMS key changes from\n PendingImport to Enabled, and you can use the KMS key.
\n If this operation fails, use the exception to help determine the problem. If the error is\n related to the key material, the import token, or wrapping key, use GetParametersForImport to get a new public key and import token for the KMS key\n and repeat the import procedure. For help, see How To Import Key\n Material in the Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:ImportKeyMaterial (key policy)
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#ImportKeyMaterialRequest": {
@@ -3213,7 +3360,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "The identifier of the symmetric encryption KMS key that receives the imported key\n material. This must be the same KMS key specified in the KeyID parameter of the\n corresponding GetParametersForImport request. The Origin of the\n KMS key must be EXTERNAL. You cannot perform this operation on an asymmetric KMS\n key, an HMAC KMS key, a KMS key in a custom key store, or on a KMS key in a different\n Amazon Web Services account
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "The identifier of the symmetric encryption KMS key that receives the imported key\n material. This must be the same KMS key specified in the KeyID parameter of the\n corresponding GetParametersForImport request. The Origin of the\n KMS key must be EXTERNAL. You cannot perform this operation on an asymmetric KMS\n key, an HMAC KMS key, a KMS key in a custom key store, or on a KMS key in a different\n Amazon Web Services account
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -3243,11 +3390,17 @@
"smithy.api#documentation": "Specifies whether the key material expires. The default is\n KEY_MATERIAL_EXPIRES.
\n When the value of ExpirationModel is KEY_MATERIAL_EXPIRES, you\n must specify a value for the ValidTo parameter. When value is\n KEY_MATERIAL_DOES_NOT_EXPIRE, you must omit the ValidTo\n parameter.
\n You cannot change the ExpirationModel or ValidTo values for the\n current import after the request completes. To change either value, you must delete (DeleteImportedKeyMaterial) and reimport the key material.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ImportKeyMaterialResponse": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.kms#IncorrectKeyException": {
"type": "structure",
@@ -3951,7 +4104,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Gets a list of aliases in the caller's Amazon Web Services account and region. For more information\n about aliases, see CreateAlias.
\n By default, the ListAliases operation returns all aliases in the account and\n region. To get only the aliases associated with a particular KMS key, use the\n KeyId parameter.
\n The ListAliases response can include aliases that you created and associated\n with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services\n managed keys in your account. You can recognize Amazon Web Services aliases because their names have the\n format aws/, such as aws/dynamodb.
\n The response might also include aliases that have no TargetKeyId field. These\n are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key.\n Aliases that Amazon Web Services creates in your account, including predefined aliases, do not count against\n your KMS aliases\n quota.
\n \n Cross-account use: No. ListAliases does not\n return aliases in other Amazon Web Services accounts.
\n \n\n \n Required permissions: kms:ListAliases (IAM policy)
\n For details, see Controlling access to aliases in the\n Key Management Service Developer Guide.
\n \n Related operations:\n
\n ",
+ "smithy.api#documentation": "Gets a list of aliases in the caller's Amazon Web Services account and region. For more information\n about aliases, see CreateAlias.
\n By default, the ListAliases operation returns all aliases in the account and\n region. To get only the aliases associated with a particular KMS key, use the\n KeyId parameter.
\n The ListAliases response can include aliases that you created and associated\n with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services\n managed keys in your account. You can recognize Amazon Web Services aliases because their names have the\n format aws/, such as aws/dynamodb.
\n The response might also include aliases that have no TargetKeyId field. These\n are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key.\n Aliases that Amazon Web Services creates in your account, including predefined aliases, do not count against\n your KMS aliases\n quota.
\n \n Cross-account use: No. ListAliases does not\n return aliases in other Amazon Web Services accounts.
\n \n Required permissions: kms:ListAliases (IAM policy)
\n For details, see Controlling access to aliases in the\n Key Management Service Developer Guide.
\n \n Related operations:\n
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "NextMarker",
@@ -3966,7 +4119,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Lists only aliases that are associated with the specified KMS key. Enter a KMS key in your\n Amazon Web Services account.
\n This parameter is optional. If you omit it, ListAliases returns all aliases\n in the account and Region.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
"
+ "smithy.api#documentation": "Lists only aliases that are associated with the specified KMS key. Enter a KMS key in your\n Amazon Web Services account.
\n This parameter is optional. If you omit it, ListAliases returns all aliases\n in the account and Region.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
"
}
},
"Limit": {
@@ -3981,6 +4134,9 @@
"smithy.api#documentation": "Use this parameter in a subsequent request after you receive a response with\n truncated results. Set it to the value of NextMarker from the truncated response\n you just received.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ListAliasesResponse": {
@@ -4005,6 +4161,9 @@
"smithy.api#documentation": "A flag that indicates whether there are more items in the list. When this\n value is true, the list in this response is truncated. To get more items, pass the value of\n the NextMarker element in thisresponse to the Marker parameter in a\n subsequent request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#ListGrants": {
@@ -4039,7 +4198,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Gets a list of all grants for the specified KMS key.
\n You must specify the KMS key in all requests. You can filter the grant list by grant ID or\n grantee principal.
\n For detailed information about grants, including grant terminology, see Grants in KMS in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.
\n \n The GranteePrincipal field in the ListGrants response usually contains the\n user or role designated as the grantee principal in the grant. However, when the grantee\n principal in the grant is an Amazon Web Services service, the GranteePrincipal field contains\n the service\n principal, which might represent several different grantee principals.
\n \n \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:ListGrants (key policy)
\n \n Related operations:\n
\n ",
+ "smithy.api#documentation": "Gets a list of all grants for the specified KMS key.
\n You must specify the KMS key in all requests. You can filter the grant list by grant ID or\n grantee principal.
\n For detailed information about grants, including grant terminology, see Grants in KMS in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.
\n \n The GranteePrincipal field in the ListGrants response usually contains the\n user or role designated as the grantee principal in the grant. However, when the grantee\n principal in the grant is an Amazon Web Services service, the GranteePrincipal field contains\n the service\n principal, which might represent several different grantee principals.
\n \n \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:ListGrants (key policy)
\n \n Related operations:\n
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "NextMarker",
@@ -4066,7 +4225,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Returns only grants for the specified KMS key. This parameter is required.
\n \n Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Returns only grants for the specified KMS key. This parameter is required.
\n Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -4082,6 +4241,9 @@
"smithy.api#documentation": "Returns only grants where the specified principal is the grantee principal for the\n grant.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ListGrantsResponse": {
@@ -4134,7 +4296,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Gets the names of the key policies that are attached to a KMS key. This operation is\n designed to get policy names that you can use in a GetKeyPolicy operation.\n However, the only valid policy name is default.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:ListKeyPolicies (key policy)
\n \n Related operations:\n
\n ",
+ "smithy.api#documentation": "Gets the names of the key policies that are attached to a KMS key. This operation is\n designed to get policy names that you can use in a GetKeyPolicy operation.\n However, the only valid policy name is default.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:ListKeyPolicies (key policy)
\n \n Related operations:\n
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "NextMarker",
@@ -4149,7 +4311,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Gets the names of key policies for the specified KMS key.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Gets the names of key policies for the specified KMS key.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -4165,6 +4327,9 @@
"smithy.api#documentation": "Use this parameter in a subsequent request after you receive a response with\n truncated results. Set it to the value of NextMarker from the truncated response\n you just received.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ListKeyPoliciesResponse": {
@@ -4189,6 +4354,9 @@
"smithy.api#documentation": "A flag that indicates whether there are more items in the list. When this\n value is true, the list in this response is truncated. To get more items, pass the value of\n the NextMarker element in thisresponse to the Marker parameter in a\n subsequent request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#ListKeys": {
@@ -4211,7 +4379,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Gets a list of all KMS keys in the caller's Amazon Web Services account and Region.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:ListKeys (IAM policy)
\n \n Related operations:\n
\n ",
+ "smithy.api#documentation": "Gets a list of all KMS keys in the caller's Amazon Web Services account and Region.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:ListKeys (IAM policy)
\n \n Related operations:\n
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "NextMarker",
@@ -4235,6 +4403,9 @@
"smithy.api#documentation": "Use this parameter in a subsequent request after you receive a response with\n truncated results. Set it to the value of NextMarker from the truncated response\n you just received.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ListKeysResponse": {
@@ -4259,6 +4430,9 @@
"smithy.api#documentation": "A flag that indicates whether there are more items in the list. When this\n value is true, the list in this response is truncated. To get more items, pass the value of\n the NextMarker element in thisresponse to the Marker parameter in a\n subsequent request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#ListResourceTags": {
@@ -4284,7 +4458,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns all tags on the specified KMS key.
\n For general information about tags, including the format and syntax, see Tagging Amazon Web Services resources in\n the Amazon Web Services General Reference. For information about using\n tags in KMS, see Tagging\n keys.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:ListResourceTags (key policy)
\n \n Related operations:\n
\n ",
+ "smithy.api#documentation": "Returns all tags on the specified KMS key.
\n For general information about tags, including the format and syntax, see Tagging Amazon Web Services resources in\n the Amazon Web Services General Reference. For information about using\n tags in KMS, see Tagging\n keys.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:ListResourceTags (key policy)
\n \n Related operations:\n
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "NextMarker",
@@ -4299,7 +4473,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Gets tags on the specified KMS key.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Gets tags on the specified KMS key.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -4315,6 +4489,9 @@
"smithy.api#documentation": "Use this parameter in a subsequent request after you receive a response with\n truncated results. Set it to the value of NextMarker from the truncated response\n you just received.
\n Do not attempt to construct this value. Use only the value of NextMarker from\n the truncated response you just received.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ListResourceTagsResponse": {
@@ -4339,6 +4516,9 @@
"smithy.api#documentation": "A flag that indicates whether there are more items in the list. When this\n value is true, the list in this response is truncated. To get more items, pass the value of\n the NextMarker element in thisresponse to the Marker parameter in a\n subsequent request.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#ListRetirableGrants": {
@@ -4367,7 +4547,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns information about all grants in the Amazon Web Services account and Region that have the\n specified retiring principal.
\n You can specify any principal in your Amazon Web Services account. The grants that are returned include\n grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this\n operation to determine which grants you may retire. To retire a grant, use the RetireGrant operation.
\n For detailed information about grants, including grant terminology, see Grants in KMS in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.
\n \n Cross-account use: You must specify a principal in your\n Amazon Web Services account. However, this operation can return grants in any Amazon Web Services account. You do not need\n kms:ListRetirableGrants permission (or any other additional permission) in any\n Amazon Web Services account other than your own.
\n\n \n Required permissions: kms:ListRetirableGrants (IAM policy) in your\n Amazon Web Services account.
\n \n Related operations:\n
\n ",
+ "smithy.api#documentation": "Returns information about all grants in the Amazon Web Services account and Region that have the\n specified retiring principal.
\n You can specify any principal in your Amazon Web Services account. The grants that are returned include\n grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this\n operation to determine which grants you may retire. To retire a grant, use the RetireGrant operation.
\n For detailed information about grants, including grant terminology, see Grants in KMS in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.
\n \n Cross-account use: You must specify a principal in your\n Amazon Web Services account. However, this operation can return grants in any Amazon Web Services account. You do not need\n kms:ListRetirableGrants permission (or any other additional permission) in any\n Amazon Web Services account other than your own.
\n \n Required permissions: kms:ListRetirableGrants (IAM policy) in your\n Amazon Web Services account.
\n \n Related operations:\n
\n ",
"smithy.api#paginated": {
"inputToken": "Marker",
"outputToken": "NextMarker",
@@ -4394,10 +4574,13 @@
"RetiringPrincipal": {
"target": "com.amazonaws.kms#PrincipalIdType",
"traits": {
- "smithy.api#documentation": "The retiring principal for which to list grants. Enter a principal in your\n Amazon Web Services account.
\n To specify the retiring principal, use the Amazon Resource Name (ARN) of an\n Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, federated\n users, and assumed role users. For examples of the ARN syntax for specifying a principal, see\n Amazon Web Services Identity and Access Management (IAM) in the Example ARNs section of the\n Amazon Web Services General Reference.
",
+ "smithy.api#documentation": "The retiring principal for which to list grants. Enter a principal in your\n Amazon Web Services account.
\n To specify the retiring principal, use the Amazon Resource Name (ARN) of an\n Amazon Web Services principal. Valid principals include Amazon Web Services accounts, IAM users, IAM roles,\n federated users, and assumed role users. For help with the ARN syntax for a principal, see\n IAM ARNs in the \n Identity and Access Management User Guide\n .
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#MacAlgorithmSpec": {
@@ -4705,7 +4888,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Attaches a key policy to the specified KMS key.
\n For more information about key policies, see Key Policies in the Key Management Service Developer Guide.\n For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n . For examples of adding a key policy in multiple programming languages,\n see Setting a key policy in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:PutKeyPolicy (key policy)
\n \n Related operations: GetKeyPolicy\n
"
+ "smithy.api#documentation": "Attaches a key policy to the specified KMS key.
\n For more information about key policies, see Key Policies in the Key Management Service Developer Guide.\n For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n . For examples of adding a key policy in multiple programming languages,\n see Setting a key policy in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:PutKeyPolicy (key policy)
\n \n Related operations: GetKeyPolicy\n
"
}
},
"com.amazonaws.kms#PutKeyPolicyRequest": {
@@ -4714,7 +4897,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Sets the key policy on the specified KMS key.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Sets the key policy on the specified KMS key.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -4728,7 +4911,7 @@
"Policy": {
"target": "com.amazonaws.kms#PolicyType",
"traits": {
- "smithy.api#documentation": "The key policy to attach to the KMS key.
\n The key policy must meet the following criteria:
\n \n - \n
If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must allow the principal that is making the PutKeyPolicy request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk that\n the KMS key becomes unmanageable. For more information, refer to the scenario in the\n Default Key Policy section of the Key Management Service Developer Guide.
\n \n - \n
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.
\n \n
\n \n A key policy document can include only the following characters:
\n \n - \n
Printable ASCII characters from the space character (\\u0020) through the end of the ASCII character range.
\n \n - \n
Printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF).
\n \n - \n
The tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) special characters
\n \n
\n For information about key policies, see Key policies in KMS in the\n Key Management Service Developer Guide.For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
",
+ "smithy.api#documentation": "The key policy to attach to the KMS key.
\n The key policy must meet the following criteria:
\n \n - \n
The key policy must allow the calling principal to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk that\n the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit\n this condition, set BypassPolicyLockoutSafetyCheck to true.)
\n \n - \n
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal, you might need to enforce a delay before including the new principal in a key\n policy because the new principal might not be immediately visible to KMS. For more\n information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.
\n \n
\n A key policy document can include only the following characters:
\n \n - \n
Printable ASCII characters from the space character (\\u0020) through the end of the ASCII character range.
\n \n - \n
Printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF).
\n \n - \n
The tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) special characters
\n \n
\n For information about key policies, see Key policies in KMS in the\n Key Management Service Developer Guide.For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
",
"smithy.api#required": {}
}
},
@@ -4736,9 +4919,12 @@
"target": "com.amazonaws.kms#BooleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "A flag to indicate whether to bypass the key policy lockout safety check.
\n \n Setting this value to true increases the risk that the KMS key becomes unmanageable. Do\n not set this value to true indiscriminately.
\n For more information, refer to the scenario in the Default Key Policy section in the Key Management Service Developer Guide.
\n \n Use this parameter only when you intend to prevent the principal that is making the\n request from making a subsequent PutKeyPolicy request on the KMS key.
\n The default value is false.
"
+ "smithy.api#documentation": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.
\n \n Setting this value to true increases the risk that the KMS key becomes unmanageable. Do\n not set this value to true indiscriminately.
\n For more information, see Default key policy in the Key Management Service Developer Guide.
\n \n Use this parameter only when you intend to prevent the principal that is making the\n request from making a subsequent PutKeyPolicy request on the KMS key.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ReEncrypt": {
@@ -4782,7 +4968,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Decrypts ciphertext and then reencrypts it entirely within KMS. You can use this\n operation to change the KMS key under which data is encrypted, such as when you manually\n rotate a KMS key or change the KMS key that protects a ciphertext. You can also use\n it to reencrypt ciphertext under the same KMS key, such as to change the encryption\n context of a ciphertext.
\n The ReEncrypt operation can decrypt ciphertext that was encrypted by using a\n KMS key in an KMS operation, such as Encrypt or GenerateDataKey. It can also decrypt ciphertext that was encrypted by using the\n public key of an asymmetric KMS key\n outside of KMS. However, it cannot decrypt ciphertext produced by other libraries, such as\n the Amazon Web Services Encryption SDK or\n Amazon S3\n client-side encryption. These libraries return a ciphertext format that is\n incompatible with KMS.
\n When you use the ReEncrypt operation, you need to provide information for the\n decrypt operation and the subsequent encrypt operation.
\n \n - \n
If your ciphertext was encrypted under an asymmetric KMS key, you must use the\n SourceKeyId parameter to identify the KMS key that encrypted the\n ciphertext. You must also supply the encryption algorithm that was used. This information\n is required to decrypt the data.
\n \n - \n
If your ciphertext was encrypted under a symmetric encryption KMS key, the\n SourceKeyId parameter is optional. KMS can get this information from\n metadata that it adds to the symmetric ciphertext blob. This feature adds durability to\n your implementation by ensuring that authorized users can decrypt ciphertext decades after\n it was encrypted, even if they've lost track of the key ID. However, specifying the source\n KMS key is always recommended as a best practice. When you use the\n SourceKeyId parameter to specify a KMS key, KMS uses only the KMS key you\n specify. If the ciphertext was encrypted under a different KMS key, the\n ReEncrypt operation fails. This practice ensures that you use the KMS key\n that you intend.
\n \n - \n
To reencrypt the data, you must use the DestinationKeyId parameter to\n specify the KMS key that re-encrypts the data after it is decrypted. If the destination\n KMS key is an asymmetric KMS key, you must also provide the encryption algorithm. The\n algorithm that you choose must be compatible with the KMS key.
\n\n \n When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.
\n You are not required to supply the key ID and encryption algorithm when you decrypt with symmetric encryption KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.
\n \n \n
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. The source KMS key and\n destination KMS key can be in different Amazon Web Services accounts. Either or both KMS keys can be in a\n different account than the caller. To specify a KMS key in a different account, you must use\n its key ARN or alias ARN.
\n\n \n Required permissions:
\n \n To permit reencryption from or to a KMS key, include the \"kms:ReEncrypt*\"\n permission in your key policy. This permission is\n automatically included in the key policy when you use the console to create a KMS key. But you\n must include it manually when you create a KMS key programmatically or when you use the PutKeyPolicy operation to set a key policy.
\n\n \n Related operations:\n
\n "
+ "smithy.api#documentation": "Decrypts ciphertext and then reencrypts it entirely within KMS. You can use this\n operation to change the KMS key under which data is encrypted, such as when you manually\n rotate a KMS key or change the KMS key that protects a ciphertext. You can also use\n it to reencrypt ciphertext under the same KMS key, such as to change the encryption\n context of a ciphertext.
\n The ReEncrypt operation can decrypt ciphertext that was encrypted by using a\n KMS key in an KMS operation, such as Encrypt or GenerateDataKey. It can also decrypt ciphertext that was encrypted by using the\n public key of an asymmetric KMS key\n outside of KMS. However, it cannot decrypt ciphertext produced by other libraries, such as\n the Amazon Web Services Encryption SDK or\n Amazon S3\n client-side encryption. These libraries return a ciphertext format that is\n incompatible with KMS.
\n When you use the ReEncrypt operation, you need to provide information for the\n decrypt operation and the subsequent encrypt operation.
\n \n - \n
If your ciphertext was encrypted under an asymmetric KMS key, you must use the\n SourceKeyId parameter to identify the KMS key that encrypted the\n ciphertext. You must also supply the encryption algorithm that was used. This information\n is required to decrypt the data.
\n \n - \n
If your ciphertext was encrypted under a symmetric encryption KMS key, the\n SourceKeyId parameter is optional. KMS can get this information from\n metadata that it adds to the symmetric ciphertext blob. This feature adds durability to\n your implementation by ensuring that authorized users can decrypt ciphertext decades after\n it was encrypted, even if they've lost track of the key ID. However, specifying the source\n KMS key is always recommended as a best practice. When you use the\n SourceKeyId parameter to specify a KMS key, KMS uses only the KMS key you\n specify. If the ciphertext was encrypted under a different KMS key, the\n ReEncrypt operation fails. This practice ensures that you use the KMS key\n that you intend.
\n \n - \n
To reencrypt the data, you must use the DestinationKeyId parameter to\n specify the KMS key that re-encrypts the data after it is decrypted. If the destination\n KMS key is an asymmetric KMS key, you must also provide the encryption algorithm. The\n algorithm that you choose must be compatible with the KMS key.
\n \n When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.
\n You are not required to supply the key ID and encryption algorithm when you decrypt with symmetric encryption KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.
\n \n \n
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. The source KMS key and\n destination KMS key can be in different Amazon Web Services accounts. Either or both KMS keys can be in a\n different account than the caller. To specify a KMS key in a different account, you must use\n its key ARN or alias ARN.
\n \n Required permissions:
\n \n To permit reencryption from or to a KMS key, include the \"kms:ReEncrypt*\"\n permission in your key policy. This permission is\n automatically included in the key policy when you use the console to create a KMS key. But you\n must include it manually when you create a KMS key programmatically or when you use the PutKeyPolicy operation to set a key policy.
\n \n Related operations:\n
\n "
}
},
"com.amazonaws.kms#ReEncryptRequest": {
@@ -4804,13 +4990,13 @@
"SourceKeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Specifies the KMS key that KMS will use to decrypt the ciphertext before it is\n re-encrypted.
\n Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a\n different KMS key, the ReEncrypt operation throws an\n IncorrectKeyException.
\n This parameter is required only when the ciphertext was encrypted under an asymmetric KMS\n key. If you used a symmetric encryption KMS key, KMS can get the KMS key from metadata that\n it adds to the symmetric ciphertext blob. However, it is always recommended as a best\n practice. This practice ensures that you use the KMS key that you intend.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
"
+ "smithy.api#documentation": "Specifies the KMS key that KMS will use to decrypt the ciphertext before it is\n re-encrypted.
\n Enter a key ID of the KMS key that was used to encrypt the ciphertext. If you identify a\n different KMS key, the ReEncrypt operation throws an\n IncorrectKeyException.
\n This parameter is required only when the ciphertext was encrypted under an asymmetric KMS\n key. If you used a symmetric encryption KMS key, KMS can get the KMS key from metadata that\n it adds to the symmetric ciphertext blob. However, it is always recommended as a best\n practice. This practice ensures that you use the KMS key that you intend.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
"
}
},
"DestinationKeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "A unique identifier for the KMS key that is used to reencrypt the data. Specify a\n symmetric encryption KMS key or an asymmetric KMS key with a KeyUsage value of\n ENCRYPT_DECRYPT. To find the KeyUsage value of a KMS key, use the\n DescribeKey operation.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "A unique identifier for the KMS key that is used to reencrypt the data. Specify a\n symmetric encryption KMS key or an asymmetric KMS key with a KeyUsage value of\n ENCRYPT_DECRYPT. To find the KeyUsage value of a KMS key, use the\n DescribeKey operation.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
@@ -4838,6 +5024,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ReEncryptResponse": {
@@ -4873,6 +5062,9 @@
"smithy.api#documentation": "The encryption algorithm that was used to reencrypt the data.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#RegionType": {
@@ -4935,7 +5127,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the multi-Region primary key that is being replicated. To determine whether a\n KMS key is a multi-Region primary key, use the DescribeKey operation to\n check the value of the MultiRegionKeyType property.
\n \n Specify the key ID or key ARN of a multi-Region primary key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies the multi-Region primary key that is being replicated. To determine whether a\n KMS key is a multi-Region primary key, use the DescribeKey operation to\n check the value of the MultiRegionKeyType property.
\n Specify the key ID or key ARN of a multi-Region primary key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -4949,14 +5141,14 @@
"Policy": {
"target": "com.amazonaws.kms#PolicyType",
"traits": {
- "smithy.api#documentation": "The key policy to attach to the KMS key. This parameter is optional. If you do not provide\n a key policy, KMS attaches the default key policy to the\n KMS key.
\n The key policy is not a shared property of multi-Region keys. You can specify the same key\n policy or a different key policy for each key in a set of related multi-Region keys. KMS\n does not synchronize this property.
\n If you provide a key policy, it must meet the following criteria:
\n \n - \n
If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must give the caller kms:PutKeyPolicy permission on the replica key. This\n reduces the risk that the KMS key becomes unmanageable. For more information, refer to the\n scenario in the Default Key Policy section of the \n Key Management Service Developer Guide\n .
\n \n - \n
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the\n \n Identity and Access Management User Guide\n .
\n \n
\n \n A key policy document can include only the following characters:
\n \n - \n
Printable ASCII characters from the space character (\\u0020) through the end of the ASCII character range.
\n \n - \n
Printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF).
\n \n - \n
The tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) special characters
\n \n
\n For information about key policies, see Key policies in KMS in the Key Management Service Developer Guide.\n For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
"
+ "smithy.api#documentation": "The key policy to attach to the KMS key. This parameter is optional. If you do not provide\n a key policy, KMS attaches the default key policy to the\n KMS key.
\n The key policy is not a shared property of multi-Region keys. You can specify the same key\n policy or a different key policy for each key in a set of related multi-Region keys. KMS\n does not synchronize this property.
\n If you provide a key policy, it must meet the following criteria:
\n \n - \n
The key policy must allow the calling principal to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk that\n the KMS key becomes unmanageable. For more information, see Default key policy in the Key Management Service Developer Guide. (To omit\n this condition, set BypassPolicyLockoutSafetyCheck to true.)
\n \n - \n
Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal, you might need to enforce a delay before including the new principal in a key\n policy because the new principal might not be immediately visible to KMS. For more\n information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.
\n \n
\n A key policy document can include only the following characters:
\n \n - \n
Printable ASCII characters from the space character (\\u0020) through the end of the ASCII character range.
\n \n - \n
Printable characters in the Basic Latin and Latin-1 Supplement character set (through \\u00FF).
\n \n - \n
The tab (\\u0009), line feed (\\u000A), and carriage return (\\u000D) special characters
\n \n
\n For information about key policies, see Key policies in KMS in the Key Management Service Developer Guide.\n For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .
"
}
},
"BypassPolicyLockoutSafetyCheck": {
"target": "com.amazonaws.kms#BooleanType",
"traits": {
"smithy.api#default": false,
- "smithy.api#documentation": "A flag to indicate whether to bypass the key policy lockout safety check.
\n \n Setting this value to true increases the risk that the KMS key becomes unmanageable. Do\n not set this value to true indiscriminately.
\n For more information, refer to the scenario in the Default Key Policy section in the Key Management Service Developer Guide.
\n \n Use this parameter only when you intend to prevent the principal that is making the\n request from making a subsequent PutKeyPolicy request on the KMS key.
\n The default value is false.
"
+ "smithy.api#documentation": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.
\n \n Setting this value to true increases the risk that the KMS key becomes unmanageable. Do\n not set this value to true indiscriminately.
\n For more information, see Default key policy in the Key Management Service Developer Guide.
\n \n Use this parameter only when you intend to prevent the principal that is making the\n request from making a subsequent PutKeyPolicy request on the KMS key.
"
}
},
"Description": {
@@ -4971,6 +5163,9 @@
"smithy.api#documentation": "Assigns one or more tags to the replica key. Use this parameter to tag the KMS key when it\n is created. To tag an existing KMS key, use the TagResource\n operation.
\n \n Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see ABAC for KMS in the Key Management Service Developer Guide.
\n \n To use this parameter, you must have kms:TagResource permission in an IAM policy.
\n Tags are not a shared property of multi-Region keys. You can specify the same tags or\n different tags for each key in a set of related multi-Region keys. KMS does not synchronize\n this property.
\n Each tag consists of a tag key and a tag value. Both the tag key and the tag value are\n required, but the tag value can be an empty (null) string. You cannot have more than one tag\n on a KMS key with the same tag key. If you specify an existing tag key with a different tag\n value, KMS replaces the current tag value with the specified one.
\n When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation\n report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details,\n see Tagging Keys.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ReplicateKeyResponse": {
@@ -4994,6 +5189,9 @@
"smithy.api#documentation": "The tags on the new replica key. The value is a list of tag key and tag value\n pairs.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#RetireGrant": {
@@ -5052,6 +5250,9 @@
"smithy.api#documentation": "Identifies the grant to retire. To get the grant ID, use CreateGrant,\n ListGrants, or ListRetirableGrants.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#RevokeGrant": {
@@ -5092,7 +5293,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "A unique identifier for the KMS key associated with the grant. To get the key ID and key\n ARN for a KMS key, use ListKeys or DescribeKey.
\n \n Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "A unique identifier for the KMS key associated with the grant. To get the key ID and key\n ARN for a KMS key, use ListKeys or DescribeKey.
\n Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -5103,6 +5304,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ScheduleKeyDeletion": {
@@ -5131,7 +5335,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Schedules the deletion of a KMS key. By default, KMS applies a waiting period of 30\n days, but you can specify a waiting period of 7-30 days. When this operation is successful,\n the key state of the KMS key changes to PendingDeletion and the key can't be used\n in any cryptographic operations. It remains in this state for the duration of the waiting\n period. Before the waiting period ends, you can use CancelKeyDeletion to\n cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key,\n its key material, and all KMS data associated with it, including all aliases that refer to\n it.
\n \n Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key\n is deleted, all data that was encrypted under the KMS key is unrecoverable. (The only\n exception is a multi-Region replica key.) To prevent the use of a KMS key without deleting\n it, use DisableKey.
\n \n You can schedule the deletion of a multi-Region primary key and its replica keys at any\n time. However, KMS will not delete a multi-Region primary key with existing replica keys. If\n you schedule the deletion of a primary key with replicas, its key state changes to\n PendingReplicaDeletion and it cannot be replicated or used in cryptographic\n operations. This status can continue indefinitely. When the last of its replicas keys is\n deleted (not just scheduled), the key state of the primary key changes to\n PendingDeletion and its waiting period (PendingWindowInDays)\n begins. For details, see Deleting multi-Region keys in the\n Key Management Service Developer Guide.
\n When KMS deletes\n a KMS key from an CloudHSM key store, it makes a best effort to delete the associated\n key material from the associated CloudHSM cluster. However, you might need to manually delete\n the orphaned key material from the cluster and its backups. Deleting a KMS key from an\n external key store has no effect on the associated external key. However, for both\n types of custom key stores, deleting a KMS key is destructive and irreversible. You cannot\n decrypt ciphertext encrypted under the KMS key by using only its associated external key or\n CloudHSM key. Also, you cannot recreate a KMS key in an external key store by creating a new KMS\n key with the same key material.
\n For more information about scheduling a KMS key for deletion, see Deleting KMS keys in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n\n \n Required permissions: kms:ScheduleKeyDeletion (key\n policy)
\n \n Related operations\n
\n "
+ "smithy.api#documentation": "Schedules the deletion of a KMS key. By default, KMS applies a waiting period of 30\n days, but you can specify a waiting period of 7-30 days. When this operation is successful,\n the key state of the KMS key changes to PendingDeletion and the key can't be used\n in any cryptographic operations. It remains in this state for the duration of the waiting\n period. Before the waiting period ends, you can use CancelKeyDeletion to\n cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key,\n its key material, and all KMS data associated with it, including all aliases that refer to\n it.
\n \n Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key\n is deleted, all data that was encrypted under the KMS key is unrecoverable. (The only\n exception is a multi-Region replica key.) To prevent the use of a KMS key without deleting\n it, use DisableKey.
\n \n You can schedule the deletion of a multi-Region primary key and its replica keys at any\n time. However, KMS will not delete a multi-Region primary key with existing replica keys. If\n you schedule the deletion of a primary key with replicas, its key state changes to\n PendingReplicaDeletion and it cannot be replicated or used in cryptographic\n operations. This status can continue indefinitely. When the last of its replicas keys is\n deleted (not just scheduled), the key state of the primary key changes to\n PendingDeletion and its waiting period (PendingWindowInDays)\n begins. For details, see Deleting multi-Region keys in the\n Key Management Service Developer Guide.
\n When KMS deletes\n a KMS key from an CloudHSM key store, it makes a best effort to delete the associated\n key material from the associated CloudHSM cluster. However, you might need to manually delete\n the orphaned key material from the cluster and its backups. Deleting a KMS key from an\n external key store has no effect on the associated external key. However, for both\n types of custom key stores, deleting a KMS key is destructive and irreversible. You cannot\n decrypt ciphertext encrypted under the KMS key by using only its associated external key or\n CloudHSM key. Also, you cannot recreate a KMS key in an external key store by creating a new KMS\n key with the same key material.
\n For more information about scheduling a KMS key for deletion, see Deleting KMS keys in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:ScheduleKeyDeletion (key\n policy)
\n \n Related operations\n
\n "
}
},
"com.amazonaws.kms#ScheduleKeyDeletionRequest": {
@@ -5140,7 +5344,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "The unique identifier of the KMS key to delete.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "The unique identifier of the KMS key to delete.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -5150,6 +5354,9 @@
"smithy.api#documentation": "The waiting period, specified in number of days. After the waiting period ends, KMS\n deletes the KMS key.
\n If the KMS key is a multi-Region primary key with replica keys, the waiting period begins\n when the last of its replica keys is deleted. Otherwise, the waiting period begins\n immediately.
\n This value is optional. If you include a value, it must be between 7 and 30, inclusive. If\n you do not include a value, it defaults to 30.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#ScheduleKeyDeletionResponse": {
@@ -5179,6 +5386,9 @@
"smithy.api#documentation": "The waiting period before the KMS key is deleted.
\n If the KMS key is a multi-Region primary key with replicas, the waiting period begins when\n the last of its replica keys is deleted. Otherwise, the waiting period begins\n immediately.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#Sign": {
@@ -5216,7 +5426,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a digital\n signature for a message or message digest by using the private key in an asymmetric\n signing KMS key. To verify the signature, use the Verify operation, or use\n the public key in the same asymmetric KMS key outside of KMS. For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n Digital signatures are generated and verified by using asymmetric key pair, such as an RSA\n or ECC pair that is represented by an asymmetric KMS key. The key owner (or an authorized\n user) uses their private key to sign a message. Anyone with the public key can verify that the\n message was signed with that particular private key and that the message hasn't changed since\n it was signed.
\n To use the Sign operation, provide the following information:
\n \n - \n
Use the KeyId parameter to identify an asymmetric KMS key with a\n KeyUsage value of SIGN_VERIFY. To get the\n KeyUsage value of a KMS key, use the DescribeKey\n operation. The caller must have kms:Sign permission on the KMS key.
\n \n - \n
Use the Message parameter to specify the message or message digest to\n sign. You can submit messages of up to 4096 bytes. To sign a larger message, generate a\n hash digest of the message, and then provide the hash digest in the Message\n parameter. To indicate whether the message is a full message or a digest, use the\n MessageType parameter.
\n \n - \n
Choose a signing algorithm that is compatible with the KMS key.
\n \n
\n \n When signing a message, be sure to record the KMS key and the signing algorithm. This\n information is required to verify the signature.
\n \n \n Best practices recommend that you limit the time during which any signature is\n effective. This deters an attack where the actor uses a signed message to establish validity\n repeatedly or long after the message is superseded. Signatures do not include a timestamp,\n but you can include a timestamp in the signed message to help you detect when its time to\n refresh the signature.
\n \n To verify the signature that this operation generates, use the Verify\n operation. Or use the GetPublicKey operation to download the public key and\n then use the public key to verify the signature outside of KMS.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:Sign (key policy)
\n \n Related operations: Verify\n
"
+ "smithy.api#documentation": "Creates a digital\n signature for a message or message digest by using the private key in an asymmetric\n signing KMS key. To verify the signature, use the Verify operation, or use\n the public key in the same asymmetric KMS key outside of KMS. For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n Digital signatures are generated and verified by using asymmetric key pair, such as an RSA\n or ECC pair that is represented by an asymmetric KMS key. The key owner (or an authorized\n user) uses their private key to sign a message. Anyone with the public key can verify that the\n message was signed with that particular private key and that the message hasn't changed since\n it was signed.
\n To use the Sign operation, provide the following information:
\n \n - \n
Use the KeyId parameter to identify an asymmetric KMS key with a\n KeyUsage value of SIGN_VERIFY. To get the\n KeyUsage value of a KMS key, use the DescribeKey\n operation. The caller must have kms:Sign permission on the KMS key.
\n \n - \n
Use the Message parameter to specify the message or message digest to\n sign. You can submit messages of up to 4096 bytes. To sign a larger message, generate a\n hash digest of the message, and then provide the hash digest in the Message\n parameter. To indicate whether the message is a full message or a digest, use the\n MessageType parameter.
\n \n - \n
Choose a signing algorithm that is compatible with the KMS key.
\n \n
\n \n When signing a message, be sure to record the KMS key and the signing algorithm. This\n information is required to verify the signature.
\n \n \n Best practices recommend that you limit the time during which any signature is\n effective. This deters an attack where the actor uses a signed message to establish validity\n repeatedly or long after the message is superseded. Signatures do not include a timestamp,\n but you can include a timestamp in the signed message to help you detect when its time to\n refresh the signature.
\n \n To verify the signature that this operation generates, use the Verify\n operation. Or use the GetPublicKey operation to download the public key and\n then use the public key to verify the signature outside of KMS.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:Sign (key policy)
\n \n Related operations: Verify\n
"
}
},
"com.amazonaws.kms#SignRequest": {
@@ -5225,21 +5435,21 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies an asymmetric KMS key. KMS uses the private key in the asymmetric KMS key to\n sign the message. The KeyUsage type of the KMS key must be\n SIGN_VERIFY. To find the KeyUsage of a KMS key, use the DescribeKey operation.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "Identifies an asymmetric KMS key. KMS uses the private key in the asymmetric KMS key to\n sign the message. The KeyUsage type of the KMS key must be\n SIGN_VERIFY. To find the KeyUsage of a KMS key, use the DescribeKey operation.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
"Message": {
"target": "com.amazonaws.kms#PlaintextType",
"traits": {
- "smithy.api#documentation": "Specifies the message or message digest to sign. Messages can be 0-4096 bytes. To sign a\n larger message, provide the message digest.
\n If you provide a message, KMS generates a hash digest of the message and then signs\n it.
",
+ "smithy.api#documentation": "Specifies the message or message digest to sign. Messages can be 0-4096 bytes. To sign a\n larger message, provide a message digest.
\n If you provide a message digest, use the DIGEST value of MessageType to\n prevent the digest from being hashed again while signing.
",
"smithy.api#required": {}
}
},
"MessageType": {
"target": "com.amazonaws.kms#MessageType",
"traits": {
- "smithy.api#documentation": "Tells KMS whether the value of the Message parameter is a message or\n message digest. The default value, RAW, indicates a message. To indicate a message digest,\n enter DIGEST.
"
+ "smithy.api#documentation": "Tells KMS whether the value of the Message parameter should be hashed\n as part of the signing algorithm. Use RAW for unhashed messages; use DIGEST\n for message digests, which are already hashed.
\n When the value of MessageType is RAW, KMS uses the standard\n signing algorithm, which begins with a hash function. When the value is DIGEST, KMS skips\n the hashing step in the signing algorithm.
\n \n Use the DIGEST value only when the value of the Message\n parameter is a message digest. If you use the DIGEST value with an unhashed message,\n the security of the signing operation can be compromised.
\n \n When the value of MessageTypeis DIGEST, the length\n of the Message value must match the length of hashed messages for the specified signing algorithm.
\n You can submit a message digest and omit the MessageType or specify\n RAW so the digest is hashed again while signing. However, this can cause verification failures when \n verifying with a system that assumes a single hash.
\n The hashing algorithm in that Sign uses is based on the SigningAlgorithm value.
\n \n - \n
Signing algorithms that end in SHA_256 use the SHA_256 hashing algorithm.
\n \n - \n
Signing algorithms that end in SHA_384 use the SHA_384 hashing algorithm.
\n \n - \n
Signing algorithms that end in SHA_512 use the SHA_512 hashing algorithm.
\n \n - \n
SM2DSA uses the SM3 hashing algorithm. For details, see Offline verification with SM2 key pairs.
\n \n
"
}
},
"GrantTokens": {
@@ -5251,10 +5461,13 @@
"SigningAlgorithm": {
"target": "com.amazonaws.kms#SigningAlgorithmSpec",
"traits": {
- "smithy.api#documentation": "Specifies the signing algorithm to use when signing the message.
\n Choose an algorithm that is compatible with the type and size of the specified asymmetric\n KMS key.
",
+ "smithy.api#documentation": "Specifies the signing algorithm to use when signing the message.
\n Choose an algorithm that is compatible with the type and size of the specified asymmetric\n KMS key. When signing with RSA key pairs, RSASSA-PSS algorithms are preferred. We include\n RSASSA-PKCS1-v1_5 algorithms for compatibility with existing applications.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#SignResponse": {
@@ -5278,6 +5491,9 @@
"smithy.api#documentation": "The signing algorithm that was used to sign the message.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#SigningAlgorithmSpec": {
@@ -5440,7 +5656,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Adds or edits tags on a customer managed key.
\n \n Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see ABAC for KMS in the Key Management Service Developer Guide.
\n \n Each tag consists of a tag key and a tag value, both of which are case-sensitive strings.\n The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag\n value. To edit a tag, specify an existing tag key and a new tag value.
\n You can use this operation to tag a customer managed key, but you cannot\n tag an Amazon Web Services\n managed key, an Amazon Web Services owned key, a custom key\n store, or an alias.
\n You can also add tags to a KMS key while creating it (CreateKey) or\n replicating it (ReplicateKey).
\n For information about using tags in KMS, see Tagging keys. For general information about\n tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon\n Web Services General Reference.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:TagResource (key policy)
\n \n Related operations\n
\n "
+ "smithy.api#documentation": "Adds or edits tags on a customer managed key.
\n \n Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see ABAC for KMS in the Key Management Service Developer Guide.
\n \n Each tag consists of a tag key and a tag value, both of which are case-sensitive strings.\n The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag\n value. To edit a tag, specify an existing tag key and a new tag value.
\n You can use this operation to tag a customer managed key, but you cannot\n tag an Amazon Web Services\n managed key, an Amazon Web Services owned key, a custom key\n store, or an alias.
\n You can also add tags to a KMS key while creating it (CreateKey) or\n replicating it (ReplicateKey).
\n For information about using tags in KMS, see Tagging keys. For general information about\n tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon\n Web Services General Reference.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:TagResource (key policy)
\n \n Related operations\n
\n "
}
},
"com.amazonaws.kms#TagResourceRequest": {
@@ -5449,7 +5665,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies a customer managed key in the account and Region.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies a customer managed key in the account and Region.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -5460,6 +5676,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#TagValueType": {
@@ -5638,7 +5857,7 @@
"name": "kms"
},
"aws.protocols#awsJson1_1": {},
- "smithy.api#documentation": "Key Management Service\n Key Management Service (KMS) is an encryption and key management web service. This guide describes\n the KMS operations that you can call programmatically. For general information about KMS,\n see the \n Key Management Service Developer Guide\n .
\n \n KMS has replaced the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.
\n Amazon Web Services provides SDKs that consist of libraries and sample code for various programming\n languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs provide a\n convenient way to create programmatic access to KMS and other Amazon Web Services services. For example,\n the SDKs take care of tasks such as signing requests (see below), managing errors, and\n retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to\n download and install them, see Tools for Amazon Web\n Services.
\n \n We recommend that you use the Amazon Web Services SDKs to make programmatic API calls to KMS.
\n If you need to use FIPS 140-2 validated cryptographic modules when communicating with\n Amazon Web Services, use the FIPS endpoint in your preferred Amazon Web Services Region. For more information about the\n available FIPS endpoints, see Service endpoints in the Key Management Service topic of\n the Amazon Web Services General Reference.
\n All KMS API calls must be signed and be transmitted using Transport Layer Security\n (TLS). KMS recommends you always use the latest supported TLS version. Clients must also\n support cipher suites with Perfect Forward Secrecy (PFS) such as Ephemeral Diffie-Hellman\n (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems such as Java 7\n and later support these modes.
\n \n Signing Requests\n
\n Requests must be signed by using an access key ID and a secret access key. We strongly\n recommend that you do not use your Amazon Web Services account (root) access key ID and\n secret access key for everyday work with KMS. Instead, use the access key ID and secret\n access key for an IAM user. You can also use the Amazon Web Services Security Token Service to generate\n temporary security credentials that you can use to sign requests.
\n All KMS operations require Signature Version 4.
\n \n Logging API Requests\n
\n KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your\n Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the\n information collected by CloudTrail, you can determine what requests were made to KMS, who made\n the request, when it was made, and so on. To learn more about CloudTrail, including how to turn it\n on and find your log files, see the CloudTrail User Guide.
\n \n Additional Resources\n
\n For more information about credentials and request signing, see the following:
\n \n \n Commonly Used API Operations\n
\n Of the API operations discussed in this guide, the following will prove the most useful\n for most applications. You will likely perform operations other than these, such as creating\n keys and assigning policies, by using the console.
\n ",
+ "smithy.api#documentation": "Key Management Service\n Key Management Service (KMS) is an encryption and key management web service. This guide describes\n the KMS operations that you can call programmatically. For general information about KMS,\n see the \n Key Management Service Developer Guide\n .
\n \n KMS has replaced the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.
\n Amazon Web Services provides SDKs that consist of libraries and sample code for various programming\n languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs provide a\n convenient way to create programmatic access to KMS and other Amazon Web Services services. For example,\n the SDKs take care of tasks such as signing requests (see below), managing errors, and\n retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to\n download and install them, see Tools for Amazon Web\n Services.
\n \n We recommend that you use the Amazon Web Services SDKs to make programmatic API calls to KMS.
\n If you need to use FIPS 140-2 validated cryptographic modules when communicating with\n Amazon Web Services, use the FIPS endpoint in your preferred Amazon Web Services Region. For more information about the\n available FIPS endpoints, see Service endpoints in the Key Management Service topic of\n the Amazon Web Services General Reference.
\n All KMS API calls must be signed and be transmitted using Transport Layer Security\n (TLS). KMS recommends you always use the latest supported TLS version. Clients must also\n support cipher suites with Perfect Forward Secrecy (PFS) such as Ephemeral Diffie-Hellman\n (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems such as Java 7\n and later support these modes.
\n \n Signing Requests\n
\n Requests must be signed using an access key ID and a secret access key. We strongly\n recommend that you do not use your Amazon Web Services account root access key ID and secret access key for\n everyday work. You can use the access key ID and secret access key for an IAM user or you\n can use the Security Token Service (STS) to generate temporary security credentials and use those to sign\n requests.
\n All KMS requests must be signed with Signature Version 4.
\n \n Logging API Requests\n
\n KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your\n Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the\n information collected by CloudTrail, you can determine what requests were made to KMS, who made\n the request, when it was made, and so on. To learn more about CloudTrail, including how to turn it\n on and find your log files, see the CloudTrail User Guide.
\n \n Additional Resources\n
\n For more information about credentials and request signing, see the following:
\n \n \n Commonly Used API Operations\n
\n Of the API operations discussed in this guide, the following will prove the most useful\n for most applications. You will likely perform operations other than these, such as creating\n keys and assigning policies, by using the console.
\n ",
"smithy.api#title": "AWS Key Management Service",
"smithy.api#xmlNamespace": {
"uri": "https://trent.amazonaws.com/doc/2014-11-01/"
@@ -5648,7 +5867,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -5677,13 +5896,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -5691,14 +5909,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -5707,67 +5931,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -5776,154 +5975,215 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
},
- "supportsFIPS"
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://kms-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
},
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
{
- "conditions": [],
- "endpoint": {
- "url": "https://kms-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://kms-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
{
- "conditions": [],
- "endpoint": {
- "url": "https://kms-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
- {
- "fn": "getAttr",
- "argv": [
+ "conditions": [
{
- "ref": "PartitionResult"
- },
- "supportsDualStack"
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://kms.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
@@ -5931,7 +6191,7 @@
{
"conditions": [],
"endpoint": {
- "url": "https://kms.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://kms.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -5940,28 +6200,13 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://kms.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -5970,29 +6215,29 @@
"smithy.rules#endpointTests": {
"testCases": [
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.sa-east-1.amazonaws.com"
+ "url": "https://kms.af-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "sa-east-1"
+ "UseFIPS": false,
+ "Region": "af-south-1"
}
},
{
- "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.sa-east-1.amazonaws.com"
+ "url": "https://kms-fips.af-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "sa-east-1"
+ "UseFIPS": true,
+ "Region": "af-south-1"
}
},
{
@@ -6003,8 +6248,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "ap-east-1"
}
},
@@ -6016,529 +6261,529 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "ap-east-1"
}
},
{
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.eu-south-1.amazonaws.com"
+ "url": "https://kms.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "eu-south-1"
+ "UseFIPS": false,
+ "Region": "ap-northeast-1"
}
},
{
- "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.eu-south-1.amazonaws.com"
+ "url": "https://kms-fips.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "eu-south-1"
+ "UseFIPS": true,
+ "Region": "ap-northeast-1"
}
},
{
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.eu-central-1.amazonaws.com"
+ "url": "https://kms.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": false,
+ "Region": "ap-northeast-2"
}
},
{
- "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.eu-central-1.amazonaws.com"
+ "url": "https://kms-fips.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": true,
+ "Region": "ap-northeast-2"
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.ap-southeast-1.amazonaws.com"
+ "url": "https://kms.ap-northeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": false,
+ "Region": "ap-northeast-3"
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.ap-southeast-1.amazonaws.com"
+ "url": "https://kms-fips.ap-northeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": true,
+ "Region": "ap-northeast-3"
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.ap-southeast-2.amazonaws.com"
+ "url": "https://kms.ap-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false,
+ "Region": "ap-south-1"
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.ap-southeast-2.amazonaws.com"
+ "url": "https://kms-fips.ap-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": true,
+ "Region": "ap-south-1"
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.ap-southeast-3.amazonaws.com"
+ "url": "https://kms.ap-southeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-southeast-3"
+ "UseFIPS": false,
+ "Region": "ap-southeast-1"
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.ap-southeast-3.amazonaws.com"
+ "url": "https://kms-fips.ap-southeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "ap-southeast-3"
+ "UseFIPS": true,
+ "Region": "ap-southeast-1"
}
},
{
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.ca-central-1.amazonaws.com"
+ "url": "https://kms.ap-southeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": false,
+ "Region": "ap-southeast-2"
}
},
{
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.ca-central-1.amazonaws.com"
+ "url": "https://kms-fips.ap-southeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": true,
+ "Region": "ap-southeast-2"
}
},
{
- "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.us-west-1.amazonaws.com"
+ "url": "https://kms.ap-southeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": false,
+ "Region": "ap-southeast-3"
}
},
{
- "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.us-west-1.amazonaws.com"
+ "url": "https://kms-fips.ap-southeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-west-1"
+ "UseFIPS": true,
+ "Region": "ap-southeast-3"
}
},
{
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.us-west-2.amazonaws.com"
+ "url": "https://kms.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false,
+ "Region": "ca-central-1"
}
},
{
- "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.us-west-2.amazonaws.com"
+ "url": "https://kms-fips.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": true,
+ "Region": "ca-central-1"
}
},
{
- "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.af-south-1.amazonaws.com"
+ "url": "https://kms.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "af-south-1"
+ "UseFIPS": false,
+ "Region": "eu-central-1"
}
},
{
- "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.af-south-1.amazonaws.com"
+ "url": "https://kms-fips.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "af-south-1"
+ "UseFIPS": true,
+ "Region": "eu-central-1"
}
},
{
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.ap-south-1.amazonaws.com"
+ "url": "https://kms.eu-north-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-south-1"
+ "UseFIPS": false,
+ "Region": "eu-north-1"
}
},
{
- "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.ap-south-1.amazonaws.com"
+ "url": "https://kms-fips.eu-north-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "ap-south-1"
+ "UseFIPS": true,
+ "Region": "eu-north-1"
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.ap-northeast-1.amazonaws.com"
+ "url": "https://kms.eu-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": false,
+ "Region": "eu-south-1"
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.ap-northeast-1.amazonaws.com"
+ "url": "https://kms-fips.eu-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": true,
+ "Region": "eu-south-1"
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.ap-northeast-2.amazonaws.com"
+ "url": "https://kms.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": false,
+ "Region": "eu-west-1"
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.ap-northeast-2.amazonaws.com"
+ "url": "https://kms-fips.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": true,
+ "Region": "eu-west-1"
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.ap-northeast-3.amazonaws.com"
+ "url": "https://kms.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "ap-northeast-3"
+ "UseFIPS": false,
+ "Region": "eu-west-2"
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.ap-northeast-3.amazonaws.com"
+ "url": "https://kms-fips.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "ap-northeast-3"
+ "UseFIPS": true,
+ "Region": "eu-west-2"
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.us-east-1.amazonaws.com"
+ "url": "https://kms.eu-west-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": false,
+ "Region": "eu-west-3"
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.us-east-1.amazonaws.com"
+ "url": "https://kms-fips.eu-west-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": true,
+ "Region": "eu-west-3"
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.eu-west-1.amazonaws.com"
+ "url": "https://kms.me-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "eu-west-1"
+ "UseFIPS": false,
+ "Region": "me-south-1"
}
},
{
- "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.eu-west-1.amazonaws.com"
+ "url": "https://kms-fips.me-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "eu-west-1"
+ "UseFIPS": true,
+ "Region": "me-south-1"
}
},
{
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.eu-west-2.amazonaws.com"
+ "url": "https://kms.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "eu-west-2"
+ "UseFIPS": false,
+ "Region": "sa-east-1"
}
},
{
- "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.eu-west-2.amazonaws.com"
+ "url": "https://kms-fips.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "eu-west-2"
+ "UseFIPS": true,
+ "Region": "sa-east-1"
}
},
{
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.eu-west-3.amazonaws.com"
+ "url": "https://kms.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "eu-west-3"
+ "UseFIPS": false,
+ "Region": "us-east-1"
}
},
{
- "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.eu-west-3.amazonaws.com"
+ "url": "https://kms-fips.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "eu-west-3"
+ "UseFIPS": true,
+ "Region": "us-east-1"
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.me-south-1.amazonaws.com"
+ "url": "https://kms.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "me-south-1"
+ "UseFIPS": false,
+ "Region": "us-east-2"
}
},
{
- "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.me-south-1.amazonaws.com"
+ "url": "https://kms-fips.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "me-south-1"
+ "UseFIPS": true,
+ "Region": "us-east-2"
}
},
{
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.eu-north-1.amazonaws.com"
+ "url": "https://kms.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "eu-north-1"
+ "UseFIPS": false,
+ "Region": "us-west-1"
}
},
{
- "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.eu-north-1.amazonaws.com"
+ "url": "https://kms-fips.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "eu-north-1"
+ "UseFIPS": true,
+ "Region": "us-west-1"
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.us-east-2.amazonaws.com"
+ "url": "https://kms.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false,
+ "Region": "us-west-2"
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.us-east-2.amazonaws.com"
+ "url": "https://kms-fips.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": true,
+ "Region": "us-west-2"
}
},
{
@@ -6549,8 +6794,8 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": true,
+ "UseFIPS": true,
"Region": "us-east-1"
}
},
@@ -6562,178 +6807,178 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": true,
+ "UseFIPS": false,
"Region": "us-east-1"
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.us-gov-west-1.amazonaws.com"
+ "url": "https://kms.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.us-gov-west-1.amazonaws.com"
+ "url": "https://kms.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false,
+ "Region": "cn-northwest-1"
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://kms.us-gov-east-1.amazonaws.com"
+ "url": "https://kms-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseDualStack": true,
+ "UseFIPS": true,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.us-gov-east-1.amazonaws.com"
+ "url": "https://kms-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": true,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.us-gov-east-1.api.aws"
+ "url": "https://kms.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": false,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.us-gov-east-1.api.aws"
+ "url": "https://kms.us-gov-east-1.amazonaws.com"
}
},
"params": {
+ "UseDualStack": false,
"UseFIPS": false,
- "UseDualStack": true,
"Region": "us-gov-east-1"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://kms-fips.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": true,
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://kms.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false,
+ "Region": "us-gov-west-1"
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://kms-fips.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "cn-northwest-1"
+ "UseFIPS": true,
+ "Region": "us-gov-west-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://kms.cn-north-1.amazonaws.com.cn"
+ "url": "https://kms-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "cn-north-1"
+ "UseDualStack": true,
+ "UseFIPS": true,
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://kms.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": true,
- "Region": "cn-north-1"
+ "UseFIPS": false,
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://kms.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": false,
+ "Region": "us-iso-east-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://kms-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "UseDualStack": false,
+ "UseFIPS": true,
+ "Region": "us-iso-east-1"
}
},
{
@@ -6744,8 +6989,8 @@
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "us-iso-west-1"
}
},
@@ -6757,59 +7002,72 @@
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "us-iso-west-1"
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms.us-iso-east-1.c2s.ic.gov"
+ "url": "https://kms.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false,
+ "Region": "us-isob-east-1"
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://kms-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://kms-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": true,
+ "Region": "us-isob-east-1"
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
+ "UseFIPS": false,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
},
+ {
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
+ "UseDualStack": false,
+ "UseFIPS": false,
+ "Endpoint": "https://example.com"
+ }
+ },
{
"documentation": "For custom endpoint with fips enabled and dualstack disabled",
"expect": {
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
"UseDualStack": false,
+ "UseFIPS": true,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
@@ -6820,8 +7078,8 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
"UseDualStack": true,
+ "UseFIPS": false,
"Region": "us-east-1",
"Endpoint": "https://example.com"
}
@@ -6883,7 +7141,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Deletes tags from a customer managed key. To delete a tag,\n specify the tag key and the KMS key.
\n \n Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see ABAC for KMS in the Key Management Service Developer Guide.
\n \n When it succeeds, the UntagResource operation doesn't return any output.\n Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or\n return a response. To confirm that the operation worked, use the ListResourceTags operation.
\n\n For information about using tags in KMS, see Tagging keys. For general information about\n tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon\n Web Services General Reference.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:UntagResource (key policy)
\n \n Related operations\n
\n "
+ "smithy.api#documentation": "Deletes tags from a customer managed key. To delete a tag,\n specify the tag key and the KMS key.
\n \n Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see ABAC for KMS in the Key Management Service Developer Guide.
\n \n When it succeeds, the UntagResource operation doesn't return any output.\n Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or\n return a response. To confirm that the operation worked, use the ListResourceTags operation.
\n For information about using tags in KMS, see Tagging keys. For general information about\n tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon\n Web Services General Reference.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:UntagResource (key policy)
\n \n Related operations\n
\n "
}
},
"com.amazonaws.kms#UntagResourceRequest": {
@@ -6892,7 +7150,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the KMS key from which you are removing tags.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies the KMS key from which you are removing tags.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -6903,6 +7161,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#UpdateAlias": {
@@ -6947,10 +7208,13 @@
"TargetKeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the customer managed key to associate with the alias. You don't have permission to\n associate an alias with an Amazon Web Services managed key.
\n The KMS key must be in the same Amazon Web Services account and Region as the alias. Also, the new\n target KMS key must be the same type as the current target KMS key (both symmetric or both\n asymmetric or both HMAC) and they must have the same key usage.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
\n\n To verify that the alias is mapped to the correct KMS key, use ListAliases.
",
+ "smithy.api#documentation": "Identifies the customer managed key to associate with the alias. You don't have permission to\n associate an alias with an Amazon Web Services managed key.
\n The KMS key must be in the same Amazon Web Services account and Region as the alias. Also, the new\n target KMS key must be the same type as the current target KMS key (both symmetric or both\n asymmetric or both HMAC) and they must have the same key usage.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
\n To verify that the alias is mapped to the correct KMS key, use ListAliases.
",
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#UpdateCustomKeyStore": {
@@ -7076,11 +7340,17 @@
"smithy.api#documentation": "Changes the connectivity setting for the external key store. To indicate that the external\n key store proxy uses a Amazon VPC endpoint service to communicate with KMS, specify\n VPC_ENDPOINT_SERVICE. Otherwise, specify PUBLIC_ENDPOINT.
\n If you change the XksProxyConnectivity to VPC_ENDPOINT_SERVICE,\n you must also change the XksProxyUriEndpoint and add an\n XksProxyVpcEndpointServiceName value.
\n If you change the XksProxyConnectivity to PUBLIC_ENDPOINT, you\n must also change the XksProxyUriEndpoint and specify a null or empty string for\n the XksProxyVpcEndpointServiceName value.
\n To change this value, the external key store must be disconnected.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#UpdateCustomKeyStoreResponse": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.kms#UpdateKeyDescription": {
"type": "operation",
@@ -7108,7 +7378,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Updates the description of a KMS key. To see the description of a KMS key, use DescribeKey.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n\n \n Required permissions: kms:UpdateKeyDescription (key policy)
\n \n Related operations\n
\n "
+ "smithy.api#documentation": "Updates the description of a KMS key. To see the description of a KMS key, use DescribeKey.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
\n \n Required permissions: kms:UpdateKeyDescription (key policy)
\n \n Related operations\n
\n "
}
},
"com.amazonaws.kms#UpdateKeyDescriptionRequest": {
@@ -7117,7 +7387,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Updates the description of the specified KMS key.
\n \n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Updates the description of the specified KMS key.
\n Specify the key ID or key ARN of the KMS key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -7128,6 +7398,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#UpdatePrimaryRegion": {
@@ -7168,7 +7441,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the current primary key. When the operation completes, this KMS key will be a\n replica key.
\n \n Specify the key ID or key ARN of a multi-Region primary key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
+ "smithy.api#documentation": "Identifies the current primary key. When the operation completes, this KMS key will be a\n replica key.
\n Specify the key ID or key ARN of a multi-Region primary key.
\n For example:
\n \n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
",
"smithy.api#required": {}
}
},
@@ -7179,6 +7452,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#Verify": {
@@ -7219,7 +7495,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Verifies a digital signature that was generated by the Sign operation.
\n \n Verification confirms that an authorized user signed the message with the specified KMS\n key and signing algorithm, and the message hasn't changed since it was signed. If the\n signature is verified, the value of the SignatureValid field in the response is\n True. If the signature verification fails, the Verify operation\n fails with an KMSInvalidSignatureException exception.
\n A digital signature is generated by using the private key in an asymmetric KMS key. The\n signature is verified by using the public key in the same asymmetric KMS key.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n To verify a digital signature, you can use the Verify operation. Specify the\n same asymmetric KMS key, message, and signing algorithm that were used to produce the\n signature.
\n You can also verify the digital signature by using the public key of the KMS key outside\n of KMS. Use the GetPublicKey operation to download the public key in the\n asymmetric KMS key and then use the public key to verify the signature outside of KMS. The\n advantage of using the Verify operation is that it is performed within KMS. As\n a result, it's easy to call, the operation is performed within the FIPS boundary, it is logged\n in CloudTrail, and you can use key policy and IAM policy to determine who is authorized to use\n the KMS key to verify signatures.
\n To verify a signature outside of KMS with an SM2 public key (China Regions only), you must \n specify the distinguishing ID. By default, KMS uses 1234567812345678 as the \n distinguishing ID. For more information, see Offline verification\n with SM2 key pairs.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:Verify (key policy)
\n \n Related operations: Sign\n
"
+ "smithy.api#documentation": "Verifies a digital signature that was generated by the Sign operation.
\n \n Verification confirms that an authorized user signed the message with the specified KMS\n key and signing algorithm, and the message hasn't changed since it was signed. If the\n signature is verified, the value of the SignatureValid field in the response is\n True. If the signature verification fails, the Verify operation\n fails with an KMSInvalidSignatureException exception.
\n A digital signature is generated by using the private key in an asymmetric KMS key. The\n signature is verified by using the public key in the same asymmetric KMS key.\n For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer Guide.
\n To use the Verify operation, specify the\n same asymmetric KMS key, message, and signing algorithm that were used to produce the\n signature. The message type does not need to be the same as the one used for signing, but it must \n indicate whether the value of the Message parameter should be\n hashed as part of the verification process.
\n You can also verify the digital signature by using the public key of the KMS key outside\n of KMS. Use the GetPublicKey operation to download the public key in the\n asymmetric KMS key and then use the public key to verify the signature outside of KMS. The\n advantage of using the Verify operation is that it is performed within KMS. As\n a result, it's easy to call, the operation is performed within the FIPS boundary, it is logged\n in CloudTrail, and you can use key policy and IAM policy to determine who is authorized to use\n the KMS key to verify signatures.
\n To verify a signature outside of KMS with an SM2 public key (China Regions only), you must \n specify the distinguishing ID. By default, KMS uses 1234567812345678 as the \n distinguishing ID. For more information, see Offline verification\n with SM2 key pairs.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:Verify (key policy)
\n \n Related operations: Sign\n
"
}
},
"com.amazonaws.kms#VerifyMac": {
@@ -7257,7 +7533,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Verifies the hash-based message authentication code (HMAC) for a specified message, HMAC\n KMS key, and MAC algorithm. To verify the HMAC, VerifyMac computes an HMAC using\n the message, HMAC KMS key, and MAC algorithm that you specify, and compares the computed HMAC\n to the HMAC that you specify. If the HMACs are identical, the verification succeeds;\n otherwise, it fails. Verification indicates that the message hasn't changed since the HMAC was\n calculated, and the specified key was used to generate and verify the HMAC.
\n HMAC KMS keys and the HMAC algorithms that KMS uses conform to industry standards\n defined in RFC 2104.
\n This operation is part of KMS support for HMAC KMS keys. For details, see\n HMAC keys in KMS in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n\n \n Required permissions: kms:VerifyMac (key policy)
\n \n Related operations: GenerateMac\n
"
+ "smithy.api#documentation": "Verifies the hash-based message authentication code (HMAC) for a specified message, HMAC\n KMS key, and MAC algorithm. To verify the HMAC, VerifyMac computes an HMAC using\n the message, HMAC KMS key, and MAC algorithm that you specify, and compares the computed HMAC\n to the HMAC that you specify. If the HMACs are identical, the verification succeeds;\n otherwise, it fails. Verification indicates that the message hasn't changed since the HMAC was\n calculated, and the specified key was used to generate and verify the HMAC.
\n HMAC KMS keys and the HMAC algorithms that KMS uses conform to industry standards\n defined in RFC 2104.
\n This operation is part of KMS support for HMAC KMS keys. For details, see\n HMAC keys in KMS in the\n Key Management Service Developer Guide.
\n The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key states of KMS keys in the Key Management Service Developer Guide.
\n \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.
\n \n Required permissions: kms:VerifyMac (key policy)
\n \n Related operations: GenerateMac\n
"
}
},
"com.amazonaws.kms#VerifyMacRequest": {
@@ -7273,7 +7549,7 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "The KMS key that will be used in the verification.
\n\n Enter a key ID of the KMS key that was used to generate the HMAC. If you identify a\n different KMS key, the VerifyMac operation fails.
",
+ "smithy.api#documentation": "The KMS key that will be used in the verification.
\n Enter a key ID of the KMS key that was used to generate the HMAC. If you identify a\n different KMS key, the VerifyMac operation fails.
",
"smithy.api#required": {}
}
},
@@ -7297,6 +7573,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#VerifyMacResponse": {
@@ -7321,6 +7600,9 @@
"smithy.api#documentation": "The MAC algorithm used in the verification.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#VerifyRequest": {
@@ -7329,21 +7611,21 @@
"KeyId": {
"target": "com.amazonaws.kms#KeyIdType",
"traits": {
- "smithy.api#documentation": "Identifies the asymmetric KMS key that will be used to verify the signature. This must be\n the same KMS key that was used to generate the signature. If you specify a different KMS key,\n the signature verification fails.
\n \n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
+ "smithy.api#documentation": "Identifies the asymmetric KMS key that will be used to verify the signature. This must be\n the same KMS key that was used to generate the signature. If you specify a different KMS key,\n the signature verification fails.
\n To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.
\n For example:
\n \n - \n
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n
\n \n - \n
Alias name: alias/ExampleAlias\n
\n \n - \n
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n
\n \n
\n To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
",
"smithy.api#required": {}
}
},
"Message": {
"target": "com.amazonaws.kms#PlaintextType",
"traits": {
- "smithy.api#documentation": "Specifies the message that was signed. You can submit a raw message of up to 4096 bytes,\n or a hash digest of the message. If you submit a digest, use the MessageType\n parameter with a value of DIGEST.
\n If the message specified here is different from the message that was signed, the signature\n verification fails. A message and its hash digest are considered to be the same\n message.
",
+ "smithy.api#documentation": "Specifies the message that was signed. You can submit a raw message of up to 4096 bytes,\n or a hash digest of the message. If you submit a digest, use the MessageType parameter\n with a value of DIGEST.
\n If the message specified here is different from the message that was signed, the signature\n verification fails. A message and its hash digest are considered to be the same\n message.
",
"smithy.api#required": {}
}
},
"MessageType": {
"target": "com.amazonaws.kms#MessageType",
"traits": {
- "smithy.api#documentation": "Tells KMS whether the value of the Message parameter is a message or\n message digest. The default value, RAW, indicates a message. To indicate a message digest,\n enter DIGEST.
\n \n Use the DIGEST value only when the value of the Message\n parameter is a message digest. If you use the DIGEST value with a raw message,\n the security of the verification operation can be compromised.
\n "
+ "smithy.api#documentation": "Tells KMS whether the value of the Message parameter should be hashed\n as part of the signing algorithm. Use RAW for unhashed messages; use DIGEST\n for message digests, which are already hashed.
\n When the value of MessageType is RAW, KMS uses the standard\n signing algorithm, which begins with a hash function. When the value is DIGEST, KMS \n skips the hashing step in the signing algorithm.
\n \n Use the DIGEST value only when the value of the Message\n parameter is a message digest. If you use the DIGEST value with an unhashed message,\n the security of the verification operation can be compromised.
\n \n When the value of MessageTypeis DIGEST, the length\n of the Message value must match the length of hashed messages for the specified signing algorithm.
\n You can submit a message digest and omit the MessageType or specify\n RAW so the digest is hashed again while signing. However, if the signed message is hashed once\n while signing, but twice while verifying, verification fails, even when the message hasn't changed.
\n The hashing algorithm in that Verify uses is based on the SigningAlgorithm value.
\n \n - \n
Signing algorithms that end in SHA_256 use the SHA_256 hashing algorithm.
\n \n - \n
Signing algorithms that end in SHA_384 use the SHA_384 hashing algorithm.
\n \n - \n
Signing algorithms that end in SHA_512 use the SHA_512 hashing algorithm.
\n \n - \n
SM2DSA uses the SM3 hashing algorithm. For details, see Offline verification with SM2 key pairs.
\n \n
"
}
},
"Signature": {
@@ -7366,6 +7648,9 @@
"smithy.api#documentation": "A list of grant tokens.
\n Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the\n Key Management Service Developer Guide.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.kms#VerifyResponse": {
@@ -7390,6 +7675,9 @@
"smithy.api#documentation": "The signing algorithm that was used to verify the signature.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.kms#WrappingKeySpec": {
diff --git a/aws/sdk/aws-models/lambda.json b/aws/sdk/aws-models/lambda.json
index bc75d111c7..18759e228b 100644
--- a/aws/sdk/aws-models/lambda.json
+++ b/aws/sdk/aws-models/lambda.json
@@ -248,7 +248,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -277,13 +277,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -291,14 +290,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -307,67 +312,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -376,90 +356,215 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
},
- "supportsFIPS"
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://lambda-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
},
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://lambda-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://lambda-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsFIPS"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://lambda.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
@@ -467,7 +572,7 @@
{
"conditions": [],
"endpoint": {
- "url": "https://lambda-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "url": "https://lambda.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -476,1036 +581,108 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "supportsDualStack"
- ]
- }
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://lambda.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
- "conditions": [],
- "endpoint": {
- "url": "https://lambda.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- }
- ]
- },
- "smithy.rules#endpointTests": {
- "testCases": [
- {
- "documentation": "For region ap-south-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ap-south-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-south-2"
- }
- },
- {
- "documentation": "For region ap-south-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ap-south-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-south-2"
- }
- },
- {
- "documentation": "For region ap-south-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.ap-south-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "ap-south-2"
- }
- },
- {
- "documentation": "For region ap-south-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.ap-south-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "ap-south-2"
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ap-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-south-1"
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ap-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-south-1"
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.ap-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "ap-south-1"
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.ap-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "ap-south-1"
- }
- },
- {
- "documentation": "For region eu-south-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-south-1"
- }
- },
- {
- "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-south-1"
- }
- },
- {
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-south-1"
- }
- },
- {
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-south-1"
- }
- },
- {
- "documentation": "For region eu-south-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-south-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-south-2"
- }
- },
- {
- "documentation": "For region eu-south-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-south-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-south-2"
- }
- },
- {
- "documentation": "For region eu-south-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-south-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-south-2"
- }
- },
- {
- "documentation": "For region eu-south-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-south-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-south-2"
- }
- },
- {
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.us-gov-east-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-gov-east-1"
- }
- },
- {
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.us-gov-east-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-gov-east-1"
- }
- },
- {
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.us-gov-east-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-gov-east-1"
- }
- },
- {
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.us-gov-east-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-gov-east-1"
- }
- },
- {
- "documentation": "For region me-central-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.me-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "me-central-1"
- }
- },
- {
- "documentation": "For region me-central-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.me-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "me-central-1"
- }
- },
- {
- "documentation": "For region me-central-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.me-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "me-central-1"
- }
- },
- {
- "documentation": "For region me-central-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.me-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "me-central-1"
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ca-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ca-central-1"
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ca-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "ca-central-1"
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.ca-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "ca-central-1"
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.ca-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "ca-central-1"
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-central-1"
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-central-1"
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-central-1"
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-central-1"
- }
- },
- {
- "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-iso-west-1"
- }
- },
- {
- "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.us-iso-west-1.c2s.ic.gov"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-iso-west-1"
- }
- },
- {
- "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "error": "DualStack is enabled but this partition does not support DualStack"
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-iso-west-1"
- }
- },
- {
- "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.us-iso-west-1.c2s.ic.gov"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-iso-west-1"
- }
- },
- {
- "documentation": "For region eu-central-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-central-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-central-2"
- }
- },
- {
- "documentation": "For region eu-central-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-central-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-central-2"
- }
- },
- {
- "documentation": "For region eu-central-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-central-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-central-2"
- }
- },
- {
- "documentation": "For region eu-central-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-central-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-central-2"
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.us-west-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-west-1"
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.us-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-west-1"
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.us-west-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-west-1"
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.us-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-west-1"
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.us-west-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-west-2"
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.us-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-west-2"
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.us-west-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-west-2"
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.us-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-west-2"
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.af-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "af-south-1"
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.af-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "af-south-1"
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.af-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "af-south-1"
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.af-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "af-south-1"
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-north-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-north-1"
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-north-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-north-1"
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-north-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-north-1"
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-north-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-north-1"
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-west-3.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-west-3"
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-west-3.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-west-3"
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-west-3.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-west-3"
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-west-3.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-west-3"
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-west-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-west-2"
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-west-2"
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda.eu-west-2.api.aws"
+ "conditions": [],
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-west-2"
- }
- },
+ ]
+ }
+ ]
+ },
+ "smithy.rules#endpointTests": {
+ "testCases": [
{
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.eu-west-2.amazonaws.com"
+ "url": "https://lambda.af-south-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "eu-west-2"
- }
- },
- {
- "documentation": "For region eu-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-west-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-west-1"
- }
- },
- {
- "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.eu-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-west-1"
+ "Region": "af-south-1"
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.eu-west-1.api.aws"
+ "url": "https://lambda.af-south-1.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "eu-west-1"
+ "Region": "af-south-1"
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.eu-west-1.amazonaws.com"
+ "url": "https://lambda.ap-east-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "eu-west-1"
- }
- },
- {
- "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ap-northeast-3.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-northeast-3"
- }
- },
- {
- "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ap-northeast-3.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-northeast-3"
+ "Region": "ap-east-1"
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack enabled",
+ "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-northeast-3.api.aws"
+ "url": "https://lambda.ap-east-1.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "ap-northeast-3"
+ "Region": "ap-east-1"
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-northeast-3.amazonaws.com"
+ "url": "https://lambda.ap-northeast-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "ap-northeast-3"
+ "Region": "ap-northeast-1"
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack enabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-northeast-2.api.aws"
+ "url": "https://lambda.ap-northeast-1.api.aws"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-northeast-2"
+ "UseFIPS": false,
+ "Region": "ap-northeast-1"
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-northeast-2.amazonaws.com"
+ "url": "https://lambda.ap-northeast-2.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": true,
+ "UseFIPS": false,
"Region": "ap-northeast-2"
}
},
@@ -1523,792 +700,775 @@
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-northeast-2.amazonaws.com"
+ "url": "https://lambda.ap-northeast-3.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "ap-northeast-2"
- }
- },
- {
- "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ap-northeast-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-northeast-1"
- }
- },
- {
- "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://lambda-fips.ap-northeast-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-northeast-1"
+ "Region": "ap-northeast-3"
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-northeast-1.api.aws"
+ "url": "https://lambda.ap-northeast-3.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "ap-northeast-1"
+ "Region": "ap-northeast-3"
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-northeast-1.amazonaws.com"
+ "url": "https://lambda.ap-south-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "ap-northeast-1"
+ "Region": "ap-south-1"
}
},
{
- "documentation": "For region me-south-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.me-south-1.api.aws"
+ "url": "https://lambda.ap-south-1.api.aws"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "me-south-1"
+ "UseFIPS": false,
+ "Region": "ap-south-1"
}
},
{
- "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.me-south-1.amazonaws.com"
+ "url": "https://lambda.ap-southeast-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "me-south-1"
+ "UseFIPS": false,
+ "Region": "ap-southeast-1"
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.me-south-1.api.aws"
+ "url": "https://lambda.ap-southeast-1.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "me-south-1"
+ "Region": "ap-southeast-1"
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.me-south-1.amazonaws.com"
+ "url": "https://lambda.ap-southeast-2.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "me-south-1"
+ "Region": "ap-southeast-2"
}
},
{
- "documentation": "For region sa-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.sa-east-1.api.aws"
+ "url": "https://lambda.ap-southeast-2.api.aws"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "sa-east-1"
+ "UseFIPS": false,
+ "Region": "ap-southeast-2"
}
},
{
- "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.sa-east-1.amazonaws.com"
+ "url": "https://lambda.ap-southeast-3.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "sa-east-1"
+ "UseFIPS": false,
+ "Region": "ap-southeast-3"
}
},
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.sa-east-1.api.aws"
+ "url": "https://lambda.ap-southeast-3.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "sa-east-1"
+ "Region": "ap-southeast-3"
}
},
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.sa-east-1.amazonaws.com"
+ "url": "https://lambda.ca-central-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "sa-east-1"
+ "Region": "ca-central-1"
}
},
{
- "documentation": "For region ap-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-east-1.api.aws"
+ "url": "https://lambda.ca-central-1.api.aws"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-east-1"
+ "UseFIPS": false,
+ "Region": "ca-central-1"
}
},
{
- "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-east-1.amazonaws.com"
+ "url": "https://lambda.eu-central-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-east-1"
+ "UseFIPS": false,
+ "Region": "eu-central-1"
}
},
{
- "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-east-1.api.aws"
+ "url": "https://lambda.eu-central-1.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "ap-east-1"
+ "Region": "eu-central-1"
}
},
{
- "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-east-1.amazonaws.com"
+ "url": "https://lambda.eu-north-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "ap-east-1"
+ "Region": "eu-north-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://lambda.eu-north-1.api.aws"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "cn-north-1"
+ "UseFIPS": false,
+ "Region": "eu-north-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://lambda.eu-south-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "cn-north-1"
+ "UseFIPS": false,
+ "Region": "eu-south-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://lambda.eu-south-1.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "cn-north-1"
+ "Region": "eu-south-1"
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.cn-north-1.amazonaws.com.cn"
+ "url": "https://lambda.eu-west-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "cn-north-1"
+ "Region": "eu-west-1"
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.us-gov-west-1.api.aws"
+ "url": "https://lambda.eu-west-1.api.aws"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-gov-west-1"
+ "UseFIPS": false,
+ "Region": "eu-west-1"
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.us-gov-west-1.amazonaws.com"
+ "url": "https://lambda.eu-west-2.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-gov-west-1"
+ "UseFIPS": false,
+ "Region": "eu-west-2"
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.us-gov-west-1.api.aws"
+ "url": "https://lambda.eu-west-2.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "us-gov-west-1"
+ "Region": "eu-west-2"
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.us-gov-west-1.amazonaws.com"
+ "url": "https://lambda.eu-west-3.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "us-gov-west-1"
+ "Region": "eu-west-3"
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-southeast-1.api.aws"
+ "url": "https://lambda.eu-west-3.api.aws"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-southeast-1"
+ "UseFIPS": false,
+ "Region": "eu-west-3"
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-southeast-1.amazonaws.com"
+ "url": "https://lambda.me-south-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-southeast-1"
+ "UseFIPS": false,
+ "Region": "me-south-1"
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-southeast-1.api.aws"
+ "url": "https://lambda.me-south-1.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "ap-southeast-1"
+ "Region": "me-south-1"
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-southeast-1.amazonaws.com"
+ "url": "https://lambda.sa-east-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "ap-southeast-1"
+ "Region": "sa-east-1"
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-southeast-2.api.aws"
+ "url": "https://lambda.sa-east-1.api.aws"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-southeast-2"
+ "UseFIPS": false,
+ "Region": "sa-east-1"
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-southeast-2.amazonaws.com"
+ "url": "https://lambda.us-east-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-southeast-2"
+ "UseFIPS": false,
+ "Region": "us-east-1"
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-southeast-2.api.aws"
+ "url": "https://lambda-fips.us-east-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "ap-southeast-2"
+ "UseDualStack": false,
+ "UseFIPS": true,
+ "Region": "us-east-1"
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-southeast-2.amazonaws.com"
+ "url": "https://lambda.us-east-1.api.aws"
}
},
"params": {
- "UseDualStack": false,
+ "UseDualStack": true,
"UseFIPS": false,
- "Region": "ap-southeast-2"
+ "Region": "us-east-1"
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
+ "endpoint": {
+ "url": "https://lambda.us-east-2.amazonaws.com"
+ }
},
"params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-iso-east-1"
+ "UseDualStack": false,
+ "UseFIPS": false,
+ "Region": "us-east-2"
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://lambda-fips.us-east-2.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": true,
- "Region": "us-iso-east-1"
+ "Region": "us-east-2"
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled",
"expect": {
- "error": "DualStack is enabled but this partition does not support DualStack"
+ "endpoint": {
+ "url": "https://lambda.us-east-2.api.aws"
+ }
},
"params": {
"UseDualStack": true,
"UseFIPS": false,
- "Region": "us-iso-east-1"
+ "Region": "us-east-2"
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.us-iso-east-1.c2s.ic.gov"
+ "url": "https://lambda.us-west-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "us-iso-east-1"
+ "Region": "us-west-1"
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-southeast-3.api.aws"
+ "url": "https://lambda-fips.us-west-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
+ "UseDualStack": false,
"UseFIPS": true,
- "Region": "ap-southeast-3"
+ "Region": "us-west-1"
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-southeast-3.amazonaws.com"
+ "url": "https://lambda.us-west-1.api.aws"
}
},
"params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-southeast-3"
+ "UseDualStack": true,
+ "UseFIPS": false,
+ "Region": "us-west-1"
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-southeast-3.api.aws"
+ "url": "https://lambda.us-west-2.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
+ "UseDualStack": false,
"UseFIPS": false,
- "Region": "ap-southeast-3"
+ "Region": "us-west-2"
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-southeast-3.amazonaws.com"
+ "url": "https://lambda-fips.us-west-2.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "ap-southeast-3"
+ "UseFIPS": true,
+ "Region": "us-west-2"
}
},
{
- "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-southeast-4.api.aws"
+ "url": "https://lambda.us-west-2.api.aws"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-southeast-4"
+ "UseFIPS": false,
+ "Region": "us-west-2"
}
},
{
- "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.ap-southeast-4.amazonaws.com"
+ "url": "https://lambda-fips.us-east-1.api.aws"
}
},
"params": {
- "UseDualStack": false,
+ "UseDualStack": true,
"UseFIPS": true,
- "Region": "ap-southeast-4"
+ "Region": "us-east-1"
}
},
{
- "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-southeast-4.api.aws"
+ "url": "https://lambda.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseDualStack": true,
+ "UseDualStack": false,
"UseFIPS": false,
- "Region": "ap-southeast-4"
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.ap-southeast-4.amazonaws.com"
+ "url": "https://lambda.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseDualStack": false,
+ "UseDualStack": true,
"UseFIPS": false,
- "Region": "ap-southeast-4"
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.us-east-1.api.aws"
+ "url": "https://lambda.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-east-1"
+ "UseDualStack": false,
+ "UseFIPS": false,
+ "Region": "cn-northwest-1"
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.us-east-1.amazonaws.com"
+ "url": "https://lambda.cn-northwest-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-east-1"
+ "UseDualStack": true,
+ "UseFIPS": false,
+ "Region": "cn-northwest-1"
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda.us-east-1.api.aws"
+ "url": "https://lambda-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
"UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-east-1"
+ "UseFIPS": true,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.us-east-1.amazonaws.com"
+ "url": "https://lambda-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-east-1"
+ "UseFIPS": true,
+ "Region": "cn-north-1"
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.us-east-2.api.aws"
+ "url": "https://lambda.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-east-2"
+ "UseDualStack": false,
+ "UseFIPS": false,
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.us-east-2.amazonaws.com"
+ "url": "https://lambda-fips.us-gov-east-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": true,
- "Region": "us-east-2"
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.us-east-2.api.aws"
+ "url": "https://lambda.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
+ "UseDualStack": false,
"UseFIPS": false,
- "Region": "us-east-2"
+ "Region": "us-gov-west-1"
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.us-east-2.amazonaws.com"
+ "url": "https://lambda-fips.us-gov-west-1.amazonaws.com"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-east-2"
+ "UseFIPS": true,
+ "Region": "us-gov-west-1"
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.cn-northwest-1.api.amazonwebservices.com.cn"
+ "url": "https://lambda-fips.us-gov-east-1.api.aws"
}
},
"params": {
"UseDualStack": true,
"UseFIPS": true,
- "Region": "cn-northwest-1"
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://lambda.us-gov-east-1.api.aws"
}
},
"params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "cn-northwest-1"
+ "UseDualStack": true,
+ "UseFIPS": false,
+ "Region": "us-gov-east-1"
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.cn-northwest-1.api.amazonwebservices.com.cn"
+ "url": "https://lambda.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseDualStack": true,
+ "UseDualStack": false,
"UseFIPS": false,
- "Region": "cn-northwest-1"
+ "Region": "us-iso-east-1"
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://lambda.us-iso-west-1.c2s.ic.gov"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "cn-northwest-1"
+ "Region": "us-iso-west-1"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
+ "endpoint": {
+ "url": "https://lambda-fips.us-iso-east-1.c2s.ic.gov"
+ }
},
"params": {
- "UseDualStack": true,
+ "UseDualStack": false,
"UseFIPS": true,
- "Region": "us-isob-east-1"
+ "Region": "us-iso-east-1"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://lambda.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
"UseDualStack": false,
- "UseFIPS": true,
+ "UseFIPS": false,
"Region": "us-isob-east-1"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
- "error": "DualStack is enabled but this partition does not support DualStack"
+ "endpoint": {
+ "url": "https://lambda-fips.us-isob-east-1.sc2s.sgov.gov"
+ }
},
"params": {
- "UseDualStack": true,
- "UseFIPS": false,
+ "UseDualStack": false,
+ "UseFIPS": true,
"Region": "us-isob-east-1"
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
- "url": "https://lambda.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://example.com"
}
},
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "us-isob-east-1"
+ "Region": "us-east-1",
+ "Endpoint": "https://example.com"
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
@@ -2317,7 +1477,6 @@
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "us-east-1",
"Endpoint": "https://example.com"
}
},
@@ -2514,6 +1673,9 @@
"smithy.api#httpQuery": "RevisionId"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#AddLayerVersionPermissionResponse": {
@@ -2531,6 +1693,9 @@
"smithy.api#documentation": "A unique identifier for the current revision of the policy.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#AddPermission": {
@@ -2645,9 +1810,12 @@
"FunctionUrlAuthType": {
"target": "com.amazonaws.lambda#FunctionUrlAuthType",
"traits": {
- "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n IAM users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
"
+ "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#AddPermissionResponse": {
@@ -2659,6 +1827,9 @@
"smithy.api#documentation": "The permission statement that's added to the function policy.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#AdditionalVersion": {
@@ -3028,6 +2199,16 @@
"smithy.api#httpError": 400
}
},
+ "com.amazonaws.lambda#CollectionName": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 57
+ },
+ "smithy.api#pattern": "^(^(?!(system\\x2e)))(^[_a-zA-Z0-9])([^$]*)$"
+ }
+ },
"com.amazonaws.lambda#CompatibleArchitectures": {
"type": "list",
"member": {
@@ -3178,6 +2359,9 @@
"smithy.api#documentation": "The routing\n configuration of the alias.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#CreateCodeSigningConfig": {
@@ -3227,6 +2411,9 @@
"smithy.api#documentation": "The code signing policies define the actions to take if the validation checks fail.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#CreateCodeSigningConfigResponse": {
@@ -3239,6 +2426,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#CreateEventSourceMapping": {
@@ -3410,7 +2600,16 @@
"traits": {
"smithy.api#documentation": "(Amazon SQS only) The scaling configuration for the event source. For more information, see Configuring maximum concurrency for Amazon SQS event sources.
"
}
+ },
+ "DocumentDBEventSourceConfig": {
+ "target": "com.amazonaws.lambda#DocumentDBEventSourceConfig",
+ "traits": {
+ "smithy.api#documentation": "Specific configuration settings for a DocumentDB event source.
"
+ }
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#CreateFunction": {
@@ -3472,7 +2671,7 @@
"Runtime": {
"target": "com.amazonaws.lambda#Runtime",
"traits": {
- "smithy.api#documentation": "The identifier of the function's runtime. Runtime is required if the deployment package is a .zip file archive.\n
"
+ "smithy.api#documentation": "The identifier of the function's runtime. Runtime is required if the deployment package is a .zip file archive.
\n The following list includes deprecated runtimes. For more information, see Runtime deprecation policy.
"
}
},
"Role": {
@@ -3547,7 +2746,7 @@
"KMSKeyArn": {
"target": "com.amazonaws.lambda#KMSKeyArn",
"traits": {
- "smithy.api#documentation": "The ARN of the Key Management Service (KMS) key that's used to encrypt your function's environment\n variables. If it's not provided, Lambda uses a default service key.
"
+ "smithy.api#documentation": "The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's environment variables. When Lambda SnapStart is activated, this key is also used to encrypt your function's snapshot. If you don't provide a customer managed key, Lambda uses a default service key.
"
}
},
"TracingConfig": {
@@ -3604,6 +2803,9 @@
"smithy.api#documentation": "The function's SnapStart setting.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#CreateFunctionUrlConfig": {
@@ -3661,7 +2863,7 @@
"AuthType": {
"target": "com.amazonaws.lambda#FunctionUrlAuthType",
"traits": {
- "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n IAM users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
+ "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
"smithy.api#required": {}
}
},
@@ -3671,6 +2873,9 @@
"smithy.api#documentation": "The cross-origin resource sharing (CORS) settings\n for your function URL.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#CreateFunctionUrlConfigResponse": {
@@ -3693,7 +2898,7 @@
"AuthType": {
"target": "com.amazonaws.lambda#FunctionUrlAuthType",
"traits": {
- "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n IAM users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
+ "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
"smithy.api#required": {}
}
},
@@ -3710,6 +2915,19 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
+ }
+ },
+ "com.amazonaws.lambda#DatabaseName": {
+ "type": "string",
+ "traits": {
+ "smithy.api#length": {
+ "min": 1,
+ "max": 63
+ },
+ "smithy.api#pattern": "^[^ /\\.$\\x22]*$"
}
},
"com.amazonaws.lambda#Date": {
@@ -3779,6 +2997,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#DeleteCodeSigningConfig": {
@@ -3823,11 +3044,17 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#DeleteCodeSigningConfigResponse": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.lambda#DeleteEventSourceMapping": {
"type": "operation",
@@ -3874,6 +3101,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#DeleteFunction": {
@@ -3958,6 +3188,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#DeleteFunctionConcurrency": {
@@ -4005,6 +3238,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#DeleteFunctionEventInvokeConfig": {
@@ -4059,6 +3295,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#DeleteFunctionRequest": {
@@ -4079,6 +3318,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#DeleteFunctionUrlConfig": {
@@ -4130,6 +3372,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#DeleteLayerVersion": {
@@ -4177,6 +3422,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#DeleteProvisionedConcurrencyConfig": {
@@ -4232,6 +3480,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#Description": {
@@ -4273,6 +3524,32 @@
"smithy.api#documentation": "A configuration object that specifies the destination of an event after Lambda processes it.
"
}
},
+ "com.amazonaws.lambda#DocumentDBEventSourceConfig": {
+ "type": "structure",
+ "members": {
+ "DatabaseName": {
+ "target": "com.amazonaws.lambda#DatabaseName",
+ "traits": {
+ "smithy.api#documentation": "\n The name of the database to consume within the DocumentDB cluster.\n
"
+ }
+ },
+ "CollectionName": {
+ "target": "com.amazonaws.lambda#CollectionName",
+ "traits": {
+ "smithy.api#documentation": "\n The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.\n
"
+ }
+ },
+ "FullDocument": {
+ "target": "com.amazonaws.lambda#FullDocument",
+ "traits": {
+ "smithy.api#documentation": "\n Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.\n
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "\n Specific configuration settings for a DocumentDB event source.\n
"
+ }
+ },
"com.amazonaws.lambda#EC2AccessDeniedException": {
"type": "structure",
"members": {
@@ -4716,6 +3993,12 @@
"traits": {
"smithy.api#documentation": "(Amazon SQS only) The scaling configuration for the event source. For more information, see Configuring maximum concurrency for Amazon SQS event sources.
"
}
+ },
+ "DocumentDBEventSourceConfig": {
+ "target": "com.amazonaws.lambda#DocumentDBEventSourceConfig",
+ "traits": {
+ "smithy.api#documentation": "Specific configuration settings for a DocumentDB event source.
"
+ }
}
},
"traits": {
@@ -4839,6 +4122,23 @@
"target": "com.amazonaws.lambda#Filter"
}
},
+ "com.amazonaws.lambda#FullDocument": {
+ "type": "enum",
+ "members": {
+ "UpdateLookup": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "UpdateLookup"
+ }
+ },
+ "Default": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Default"
+ }
+ }
+ }
+ },
"com.amazonaws.lambda#FunctionArn": {
"type": "string",
"traits": {
@@ -5018,7 +4318,7 @@
"KMSKeyArn": {
"target": "com.amazonaws.lambda#KMSKeyArn",
"traits": {
- "smithy.api#documentation": "The KMS key that's used to encrypt the function's environment variables. This key is\n returned only if you've configured a customer managed key.
"
+ "smithy.api#documentation": "The KMS key that's used to encrypt the function's environment variables. When Lambda SnapStart is activated, this key is also used to encrypt the function's snapshot. This key is\n returned only if you've configured a customer managed key.
"
}
},
"TracingConfig": {
@@ -5286,7 +4586,7 @@
"AuthType": {
"target": "com.amazonaws.lambda#FunctionUrlAuthType",
"traits": {
- "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n IAM users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
+ "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
"smithy.api#required": {}
}
}
@@ -5349,7 +4649,10 @@
},
"com.amazonaws.lambda#GetAccountSettingsRequest": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#input": {}
+ }
},
"com.amazonaws.lambda#GetAccountSettingsResponse": {
"type": "structure",
@@ -5366,6 +4669,9 @@
"smithy.api#documentation": "The number of functions and amount of storage in use.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#GetAlias": {
@@ -5418,6 +4724,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetCodeSigningConfig": {
@@ -5459,6 +4768,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetCodeSigningConfigResponse": {
@@ -5471,6 +4783,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#GetEventSourceMapping": {
@@ -5515,6 +4830,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetFunction": {
@@ -5681,6 +4999,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetFunctionCodeSigningConfigResponse": {
@@ -5700,6 +5021,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#GetFunctionConcurrency": {
@@ -5744,6 +5068,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetFunctionConcurrencyResponse": {
@@ -5755,6 +5082,9 @@
"smithy.api#documentation": "The number of simultaneous executions that are reserved for the function.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#GetFunctionConfiguration": {
@@ -5916,6 +5246,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetFunctionEventInvokeConfig": {
@@ -5967,6 +5300,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetFunctionRequest": {
@@ -5987,6 +5323,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetFunctionResponse": {
@@ -6016,6 +5355,9 @@
"smithy.api#documentation": "The function's reserved\n concurrency.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#GetFunctionUrlConfig": {
@@ -6067,6 +5409,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetFunctionUrlConfigResponse": {
@@ -6089,7 +5434,7 @@
"AuthType": {
"target": "com.amazonaws.lambda#FunctionUrlAuthType",
"traits": {
- "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n IAM users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
+ "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
"smithy.api#required": {}
}
},
@@ -6113,6 +5458,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#GetLayerVersion": {
@@ -6188,6 +5536,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetLayerVersionPolicy": {
@@ -6241,6 +5592,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetLayerVersionPolicyResponse": {
@@ -6258,6 +5612,9 @@
"smithy.api#documentation": "A unique identifier for the current revision of the policy.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#GetLayerVersionRequest": {
@@ -6280,6 +5637,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetLayerVersionResponse": {
@@ -6391,6 +5751,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetPolicyResponse": {
@@ -6408,6 +5771,9 @@
"smithy.api#documentation": "A unique identifier for the current revision of the policy.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#GetProvisionedConcurrencyConfig": {
@@ -6463,6 +5829,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetProvisionedConcurrencyConfigResponse": {
@@ -6504,6 +5873,9 @@
"smithy.api#documentation": "The date and time that a user last updated the configuration, in ISO 8601 format.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#GetRuntimeManagementConfig": {
@@ -6541,7 +5913,7 @@
"type": "structure",
"members": {
"FunctionName": {
- "target": "com.amazonaws.lambda#FunctionName",
+ "target": "com.amazonaws.lambda#NamespacedFunctionName",
"traits": {
"smithy.api#documentation": "The name of the Lambda function.
\n \n Name formats\n
\n \n - \n
\n Function name – my-function.
\n \n - \n
\n Function ARN – arn:aws:lambda:us-west-2:123456789012:function:my-function.
\n \n - \n
\n Partial ARN – 123456789012:function:my-function.
\n \n
\n The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64\n characters in length.
",
"smithy.api#httpLabel": {},
@@ -6555,6 +5927,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#GetRuntimeManagementConfigResponse": {
@@ -6569,9 +5944,18 @@
"RuntimeVersionArn": {
"target": "com.amazonaws.lambda#RuntimeVersionArn",
"traits": {
- "smithy.api#documentation": "The ARN of the runtime the function is configured to use. If the runtime update mode is Manual, the ARN is returned, otherwise null \n is returned.
"
+ "smithy.api#documentation": "The ARN of the runtime the function is configured to use. If the runtime update mode is Manual, the ARN is returned, otherwise null \n is returned.
"
+ }
+ },
+ "FunctionArn": {
+ "target": "com.amazonaws.lambda#NameSpacedFunctionArn",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of your function.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#Handler": {
@@ -6854,6 +6238,9 @@
"smithy.api#httpQuery": "Qualifier"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#InvocationResponse": {
@@ -6895,6 +6282,9 @@
"smithy.api#httpHeader": "X-Amz-Executed-Version"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#InvocationType": {
@@ -7082,7 +6472,8 @@
}
},
"traits": {
- "smithy.api#deprecated": {}
+ "smithy.api#deprecated": {},
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#InvokeAsyncResponse": {
@@ -7099,7 +6490,8 @@
},
"traits": {
"smithy.api#deprecated": {},
- "smithy.api#documentation": "A success response (202 Accepted) indicates that the request is queued for invocation.
"
+ "smithy.api#documentation": "A success response (202 Accepted) indicates that the request is queued for invocation.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#KMSAccessDeniedException": {
@@ -7664,6 +7056,9 @@
"smithy.api#httpQuery": "MaxItems"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListAliasesResponse": {
@@ -7681,6 +7076,9 @@
"smithy.api#documentation": "A list of aliases.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListCodeSigningConfigs": {
@@ -7731,6 +7129,9 @@
"smithy.api#httpQuery": "MaxItems"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListCodeSigningConfigsResponse": {
@@ -7748,6 +7149,9 @@
"smithy.api#documentation": "The code signing configurations
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListEventSourceMappings": {
@@ -7818,6 +7222,9 @@
"smithy.api#httpQuery": "MaxItems"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListEventSourceMappingsResponse": {
@@ -7835,6 +7242,9 @@
"smithy.api#documentation": "A list of event source mappings.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListFunctionEventInvokeConfigs": {
@@ -7899,6 +7309,9 @@
"smithy.api#httpQuery": "MaxItems"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListFunctionEventInvokeConfigsResponse": {
@@ -7916,6 +7329,9 @@
"smithy.api#documentation": "The pagination token that's included if more results are available.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListFunctionUrlConfigs": {
@@ -7980,6 +7396,9 @@
"smithy.api#httpQuery": "MaxItems"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListFunctionUrlConfigsResponse": {
@@ -7998,6 +7417,9 @@
"smithy.api#documentation": "The pagination token that's included if more results are available.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListFunctions": {
@@ -8093,6 +7515,9 @@
"smithy.api#httpQuery": "MaxItems"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListFunctionsByCodeSigningConfigResponse": {
@@ -8110,6 +7535,9 @@
"smithy.api#documentation": "The function ARNs.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListFunctionsRequest": {
@@ -8143,6 +7571,9 @@
"smithy.api#httpQuery": "MaxItems"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListFunctionsResponse": {
@@ -8162,7 +7593,8 @@
}
},
"traits": {
- "smithy.api#documentation": "A list of Lambda functions.
"
+ "smithy.api#documentation": "A list of Lambda functions.
",
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListLayerVersions": {
@@ -8241,6 +7673,9 @@
"smithy.api#httpQuery": "CompatibleArchitecture"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListLayerVersionsResponse": {
@@ -8258,6 +7693,9 @@
"smithy.api#documentation": "A list of versions.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListLayers": {
@@ -8325,6 +7763,9 @@
"smithy.api#httpQuery": "CompatibleArchitecture"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListLayersResponse": {
@@ -8342,6 +7783,9 @@
"smithy.api#documentation": "A list of function layers.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListProvisionedConcurrencyConfigs": {
@@ -8406,6 +7850,9 @@
"smithy.api#httpQuery": "MaxItems"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListProvisionedConcurrencyConfigsResponse": {
@@ -8423,6 +7870,9 @@
"smithy.api#documentation": "The pagination token that's included if more results are available.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListTags": {
@@ -8467,6 +7917,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListTagsResponse": {
@@ -8478,6 +7931,9 @@
"smithy.api#documentation": "The function's tags.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#ListVersionsByFunction": {
@@ -8542,6 +7998,9 @@
"smithy.api#httpQuery": "MaxItems"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#ListVersionsByFunctionResponse": {
@@ -8559,6 +8018,9 @@
"smithy.api#documentation": "A list of Lambda function versions.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#LocalMountPath": {
@@ -9078,6 +8540,9 @@
"smithy.api#documentation": "A list of compatible \ninstruction set architectures.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#PublishLayerVersionResponse": {
@@ -9138,6 +8603,9 @@
"smithy.api#documentation": "A list of compatible \ninstruction set architectures.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#PublishVersion": {
@@ -9209,6 +8677,9 @@
"smithy.api#documentation": "Only update the function if the revision ID matches the ID that's specified. Use this option to avoid\n publishing a version if the function configuration has changed since you last updated it.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#PutFunctionCodeSigningConfig": {
@@ -9266,6 +8737,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#PutFunctionCodeSigningConfigResponse": {
@@ -9285,6 +8759,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#PutFunctionConcurrency": {
@@ -9339,6 +8816,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#PutFunctionEventInvokeConfig": {
@@ -9411,6 +8891,9 @@
"smithy.api#documentation": "A destination for events after they have been sent to a function for processing.
\n \n Destinations\n
\n \n - \n
\n Function - The Amazon Resource Name (ARN) of a Lambda function.
\n \n - \n
\n Queue - The ARN of an SQS queue.
\n \n - \n
\n Topic - The ARN of an SNS topic.
\n \n - \n
\n Event Bus - The ARN of an Amazon EventBridge event bus.
\n \n
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#PutProvisionedConcurrencyConfig": {
@@ -9473,6 +8956,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#PutProvisionedConcurrencyConfigResponse": {
@@ -9514,6 +9000,9 @@
"smithy.api#documentation": "The date and time that a user last updated the configuration, in ISO 8601 format.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#PutRuntimeManagementConfig": {
@@ -9581,6 +9070,9 @@
"smithy.api#documentation": "The ARN of the runtime version you want the function to use.
\n \n This is only required if you're using the Manual runtime update mode.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#PutRuntimeManagementConfigResponse": {
@@ -9606,6 +9098,9 @@
"smithy.api#documentation": "The ARN of the runtime the function is configured to use. If the runtime update mode is manual, the ARN is returned, otherwise null \n is returned.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#Qualifier": {
@@ -9709,6 +9204,9 @@
"smithy.api#httpQuery": "RevisionId"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#RemovePermission": {
@@ -9778,6 +9276,9 @@
"smithy.api#httpQuery": "RevisionId"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#RequestTooLargeException": {
@@ -10743,6 +10244,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#TagValue": {
@@ -10998,6 +10502,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#UpdateAlias": {
@@ -11080,6 +10587,9 @@
"smithy.api#documentation": "Only update the alias if the revision ID matches the ID that's specified. Use this option to avoid modifying\n an alias that has changed since you last read it.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#UpdateCodeSigningConfig": {
@@ -11139,6 +10649,9 @@
"smithy.api#documentation": "The code signing policy.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#UpdateCodeSigningConfigResponse": {
@@ -11151,6 +10664,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#UpdateEventSourceMapping": {
@@ -11284,7 +10800,16 @@
"traits": {
"smithy.api#documentation": "(Amazon SQS only) The scaling configuration for the event source. For more information, see Configuring maximum concurrency for Amazon SQS event sources.
"
}
+ },
+ "DocumentDBEventSourceConfig": {
+ "target": "com.amazonaws.lambda#DocumentDBEventSourceConfig",
+ "traits": {
+ "smithy.api#documentation": "Specific configuration settings for a DocumentDB event source.
"
+ }
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#UpdateFunctionCode": {
@@ -11403,6 +10928,9 @@
"smithy.api#documentation": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64).\n The default value is x86_64.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#UpdateFunctionConfiguration": {
@@ -11507,7 +11035,7 @@
"Runtime": {
"target": "com.amazonaws.lambda#Runtime",
"traits": {
- "smithy.api#documentation": "The identifier of the function's runtime. Runtime is required if the deployment package is a .zip file archive.\n
"
+ "smithy.api#documentation": "The identifier of the function's runtime. Runtime is required if the deployment package is a .zip file archive.
\n The following list includes deprecated runtimes. For more information, see Runtime deprecation policy.
"
}
},
"DeadLetterConfig": {
@@ -11519,7 +11047,7 @@
"KMSKeyArn": {
"target": "com.amazonaws.lambda#KMSKeyArn",
"traits": {
- "smithy.api#documentation": "The ARN of the Key Management Service (KMS) key that's used to encrypt your function's environment\n variables. If it's not provided, Lambda uses a default service key.
"
+ "smithy.api#documentation": "The ARN of the Key Management Service (KMS) customer managed key that's used to encrypt your function's environment variables. When Lambda SnapStart is activated, this key is also used to encrypt your function's snapshot. If you don't provide a customer managed key, Lambda uses a default service key.
"
}
},
"TracingConfig": {
@@ -11564,6 +11092,9 @@
"smithy.api#documentation": "The function's SnapStart setting.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#UpdateFunctionEventInvokeConfig": {
@@ -11636,6 +11167,9 @@
"smithy.api#documentation": "A destination for events after they have been sent to a function for processing.
\n \n Destinations\n
\n \n - \n
\n Function - The Amazon Resource Name (ARN) of a Lambda function.
\n \n - \n
\n Queue - The ARN of an SQS queue.
\n \n - \n
\n Topic - The ARN of an SNS topic.
\n \n - \n
\n Event Bus - The ARN of an Amazon EventBridge event bus.
\n \n
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#UpdateFunctionUrlConfig": {
@@ -11693,7 +11227,7 @@
"AuthType": {
"target": "com.amazonaws.lambda#FunctionUrlAuthType",
"traits": {
- "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n IAM users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
"
+ "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
"
}
},
"Cors": {
@@ -11702,6 +11236,9 @@
"smithy.api#documentation": "The cross-origin resource sharing (CORS) settings\n for your function URL.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.lambda#UpdateFunctionUrlConfigResponse": {
@@ -11724,7 +11261,7 @@
"AuthType": {
"target": "com.amazonaws.lambda#FunctionUrlAuthType",
"traits": {
- "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n IAM users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
+ "smithy.api#documentation": "The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated\n users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information,\n see Security and auth model for Lambda function URLs.
",
"smithy.api#required": {}
}
},
@@ -11748,6 +11285,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.lambda#UpdateRuntimeOn": {
diff --git a/aws/sdk/aws-models/polly.json b/aws/sdk/aws-models/polly.json
index 6b1eb41b83..70db8b9661 100644
--- a/aws/sdk/aws-models/polly.json
+++ b/aws/sdk/aws-models/polly.json
@@ -80,11 +80,17 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.polly#DeleteLexiconOutput": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.polly#DescribeVoices": {
"type": "operation",
@@ -143,6 +149,9 @@
"smithy.api#httpQuery": "NextToken"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.polly#DescribeVoicesOutput": {
@@ -160,6 +169,9 @@
"smithy.api#documentation": "The pagination token to use in the next request to continue the\n listing of voices. NextToken is returned only if the response\n is truncated.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.polly#Engine": {
@@ -254,6 +266,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.polly#GetLexiconOutput": {
@@ -271,6 +286,9 @@
"smithy.api#documentation": "Metadata of the lexicon, including phonetic alphabetic used,\n language code, lexicon ARN, number of lexemes defined in the lexicon, and\n size of lexicon in bytes.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.polly#GetSpeechSynthesisTask": {
@@ -312,6 +330,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.polly#GetSpeechSynthesisTaskOutput": {
@@ -323,6 +344,9 @@
"smithy.api#documentation": "SynthesisTask object that provides information from the requested\n task, including output format, creation time, task status, and so\n on.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.polly#IncludeAdditionalLanguageCodes": {
@@ -867,6 +891,9 @@
"smithy.api#httpQuery": "NextToken"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.polly#ListLexiconsOutput": {
@@ -884,6 +911,9 @@
"smithy.api#documentation": "The pagination token to use in the next request to continue the\n listing of lexicons. NextToken is returned only if the\n response is truncated.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.polly#ListSpeechSynthesisTasks": {
@@ -940,6 +970,9 @@
"smithy.api#httpQuery": "Status"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.polly#ListSpeechSynthesisTasksOutput": {
@@ -957,6 +990,9 @@
"smithy.api#documentation": "List of SynthesisTask objects that provides information from the\n specified task in the list request, including output format, creation\n time, task status, and so on.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.polly#MarksNotSupportedForFormatException": {
@@ -1114,7 +1150,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -1143,13 +1179,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -1157,14 +1192,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -1173,67 +1214,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -1242,738 +1258,282 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
},
- "supportsDualStack"
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://polly-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://polly-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://polly-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://polly-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://polly.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://polly.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://polly.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- }
- ]
- },
- "smithy.rules#endpointTests": {
- "testCases": [
- {
- "documentation": "For region ap-south-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.ap-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-south-1"
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.ap-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-south-1"
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.ap-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "ap-south-1"
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.ap-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "ap-south-1"
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.ca-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ca-central-1"
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.ca-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "ca-central-1"
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.ca-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "ca-central-1"
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.ca-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "ca-central-1"
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-central-1"
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-central-1"
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.eu-central-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-central-1"
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.eu-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-central-1"
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.us-west-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-west-1"
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.us-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-west-1"
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.us-west-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-west-1"
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.us-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-west-1"
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.us-west-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-west-2"
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.us-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-west-2"
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.us-west-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-west-2"
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.us-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-west-2"
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.af-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "af-south-1"
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.af-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "af-south-1"
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.af-south-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "af-south-1"
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.af-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "af-south-1"
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-north-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-north-1"
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-north-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-north-1"
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.eu-north-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-north-1"
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.eu-north-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-north-1"
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-west-3.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-west-3"
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-west-3.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-west-3"
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.eu-west-3.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-west-3"
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.eu-west-3.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-west-3"
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-west-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-west-2"
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-west-2"
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.eu-west-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-west-2"
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.eu-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-west-2"
- }
- },
- {
- "documentation": "For region eu-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-west-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "eu-west-1"
- }
- },
- {
- "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.eu-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "eu-west-1"
- }
- },
- {
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.eu-west-1.api.aws"
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://polly.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "eu-west-1"
- }
- },
+ ]
+ }
+ ]
+ },
+ "smithy.rules#endpointTests": {
+ "testCases": [
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.eu-west-1.amazonaws.com"
+ "url": "https://polly.af-south-1.amazonaws.com"
}
},
"params": {
+ "Region": "af-south-1",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "eu-west-1"
- }
- },
- {
- "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.ap-northeast-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-northeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.ap-northeast-2.amazonaws.com"
+ "url": "https://polly.ap-east-1.amazonaws.com"
}
},
"params": {
+ "Region": "ap-east-1",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-northeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack enabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.ap-northeast-2.api.aws"
+ "url": "https://polly.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "ap-northeast-2"
+ "Region": "ap-northeast-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
@@ -1984,152 +1544,139 @@
}
},
"params": {
+ "Region": "ap-northeast-2",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "ap-northeast-2"
- }
- },
- {
- "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.ap-northeast-1.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-northeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.ap-northeast-1.amazonaws.com"
+ "url": "https://polly.ap-south-1.amazonaws.com"
}
},
"params": {
+ "Region": "ap-south-1",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-northeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.ap-northeast-1.api.aws"
+ "url": "https://polly.ap-southeast-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "ap-northeast-1"
+ "Region": "ap-southeast-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.ap-northeast-1.amazonaws.com"
+ "url": "https://polly.ap-southeast-2.amazonaws.com"
}
},
"params": {
+ "Region": "ap-southeast-2",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region me-south-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.me-south-1.api.aws"
+ "url": "https://polly.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "me-south-1"
+ "Region": "ca-central-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.me-south-1.amazonaws.com"
+ "url": "https://polly.eu-central-1.amazonaws.com"
}
},
"params": {
+ "Region": "eu-central-1",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "me-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.me-south-1.api.aws"
+ "url": "https://polly.eu-north-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "me-south-1"
+ "Region": "eu-north-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.me-south-1.amazonaws.com"
+ "url": "https://polly.eu-west-1.amazonaws.com"
}
},
"params": {
+ "Region": "eu-west-1",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "me-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region sa-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.sa-east-1.api.aws"
+ "url": "https://polly.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "sa-east-1"
+ "Region": "eu-west-2",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.sa-east-1.amazonaws.com"
+ "url": "https://polly.eu-west-3.amazonaws.com"
}
},
"params": {
+ "Region": "eu-west-3",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "sa-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.sa-east-1.api.aws"
+ "url": "https://polly.me-south-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "sa-east-1"
+ "Region": "me-south-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
@@ -2140,377 +1687,352 @@
}
},
"params": {
+ "Region": "sa-east-1",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "sa-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.ap-east-1.api.aws"
+ "url": "https://polly.us-east-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-east-1"
+ "Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.ap-east-1.amazonaws.com"
+ "url": "https://polly-fips.us-east-1.amazonaws.com"
}
},
"params": {
+ "Region": "us-east-1",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.ap-east-1.api.aws"
+ "url": "https://polly.us-east-2.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "ap-east-1"
+ "Region": "us-east-2",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.ap-east-1.amazonaws.com"
+ "url": "https://polly-fips.us-east-2.amazonaws.com"
}
},
"params": {
+ "Region": "us-east-2",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "ap-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.us-gov-west-1.api.aws"
+ "url": "https://polly.us-west-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-gov-west-1"
+ "Region": "us-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.us-gov-west-1.amazonaws.com"
+ "url": "https://polly-fips.us-west-1.amazonaws.com"
}
},
"params": {
+ "Region": "us-west-1",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-gov-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.us-gov-west-1.api.aws"
+ "url": "https://polly.us-west-2.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-gov-west-1"
+ "Region": "us-west-2",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.us-gov-west-1.amazonaws.com"
+ "url": "https://polly-fips.us-west-2.amazonaws.com"
}
},
"params": {
+ "Region": "us-west-2",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.ap-southeast-1.api.aws"
+ "url": "https://polly-fips.us-east-1.api.aws"
}
},
"params": {
+ "Region": "us-east-1",
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-southeast-1"
- }
- },
- {
- "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://polly-fips.ap-southeast-1.amazonaws.com"
- }
- },
- "params": {
- "UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-southeast-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://polly.ap-southeast-1.api.aws"
+ "url": "https://polly.us-east-1.api.aws"
}
},
"params": {
+ "Region": "us-east-1",
"UseDualStack": true,
- "UseFIPS": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.ap-southeast-1.amazonaws.com"
+ "url": "https://polly.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
+ "Region": "cn-northwest-1",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.ap-southeast-2.api.aws"
+ "url": "https://polly-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
+ "Region": "cn-north-1",
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "ap-southeast-2"
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.ap-southeast-2.amazonaws.com"
+ "url": "https://polly-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
+ "Region": "cn-north-1",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "ap-southeast-2"
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://polly.ap-southeast-2.api.aws"
+ "url": "https://polly.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
+ "Region": "cn-north-1",
"UseDualStack": true,
- "UseFIPS": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.ap-southeast-2.amazonaws.com"
+ "url": "https://polly.cn-north-1.amazonaws.com.cn"
}
},
"params": {
+ "Region": "cn-north-1",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.us-east-1.api.aws"
+ "url": "https://polly.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-east-1"
+ "Region": "us-gov-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.us-east-1.amazonaws.com"
+ "url": "https://polly-fips.us-gov-west-1.amazonaws.com"
}
},
"params": {
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://polly.us-east-1.api.aws"
+ "url": "https://polly-fips.us-gov-east-1.api.aws"
}
},
"params": {
+ "Region": "us-gov-east-1",
"UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.us-east-1.amazonaws.com"
+ "url": "https://polly-fips.us-gov-east-1.amazonaws.com"
}
},
"params": {
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.us-east-2.api.aws"
+ "url": "https://polly.us-gov-east-1.api.aws"
}
},
"params": {
+ "Region": "us-gov-east-1",
"UseDualStack": true,
- "UseFIPS": true,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.us-east-2.amazonaws.com"
+ "url": "https://polly.us-gov-east-1.amazonaws.com"
}
},
"params": {
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "us-east-2"
- }
- },
- {
- "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://polly.us-east-2.api.aws"
- }
- },
- "params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.us-east-2.amazonaws.com"
+ "url": "https://polly-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "us-east-2"
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.cn-northwest-1.api.amazonwebservices.com.cn"
+ "url": "https://polly.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": true,
- "Region": "cn-northwest-1"
+ "Region": "us-iso-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly-fips.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://polly-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "UseFIPS": true,
- "Region": "cn-northwest-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.cn-northwest-1.api.amazonwebservices.com.cn"
+ "url": "https://polly.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseDualStack": true,
- "UseFIPS": false,
- "Region": "cn-northwest-1"
+ "Region": "us-isob-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
- "url": "https://polly.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://example.com"
}
},
"params": {
+ "Region": "us-east-1",
"UseDualStack": false,
"UseFIPS": false,
- "Region": "cn-northwest-1"
+ "Endpoint": "https://example.com"
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
@@ -2519,7 +2041,6 @@
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "us-east-1",
"Endpoint": "https://example.com"
}
},
@@ -2529,9 +2050,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
+ "Region": "us-east-1",
"UseDualStack": false,
"UseFIPS": true,
- "Region": "us-east-1",
"Endpoint": "https://example.com"
}
},
@@ -2541,9 +2062,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
+ "Region": "us-east-1",
"UseDualStack": true,
"UseFIPS": false,
- "Region": "us-east-1",
"Endpoint": "https://example.com"
}
}
@@ -2610,11 +2131,17 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.polly#PutLexiconOutput": {
"type": "structure",
- "members": {}
+ "members": {},
+ "traits": {
+ "smithy.api#output": {}
+ }
},
"com.amazonaws.polly#RequestCharacters": {
"type": "integer",
@@ -2838,6 +2365,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.polly#StartSpeechSynthesisTaskOutput": {
@@ -2849,6 +2379,9 @@
"smithy.api#documentation": "SynthesisTask object that provides information and attributes about a\n newly submitted speech synthesis task.
"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.polly#SynthesisTask": {
@@ -3075,6 +2608,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.polly#SynthesizeSpeechOutput": {
@@ -3103,6 +2639,9 @@
"smithy.api#httpHeader": "x-amzn-RequestCharacters"
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.polly#TaskId": {
@@ -3758,6 +3297,30 @@
"traits": {
"smithy.api#enumValue": "Thiago"
}
+ },
+ "Ruth": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Ruth"
+ }
+ },
+ "Stephen": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Stephen"
+ }
+ },
+ "Kazuha": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Kazuha"
+ }
+ },
+ "Tomoko": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Tomoko"
+ }
}
}
},
diff --git a/aws/sdk/aws-models/qldb-session.json b/aws/sdk/aws-models/qldb-session.json
index 9b50e436f4..37782b8b96 100644
--- a/aws/sdk/aws-models/qldb-session.json
+++ b/aws/sdk/aws-models/qldb-session.json
@@ -416,7 +416,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -445,13 +445,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -459,14 +458,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -475,67 +480,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -544,154 +524,215 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://session.qldb-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://session.qldb-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://session.qldb-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://session.qldb-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://session.qldb.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
+ }
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
@@ -699,7 +740,7 @@
{
"conditions": [],
"endpoint": {
- "url": "https://session.qldb.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://session.qldb.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -708,28 +749,13 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://session.qldb.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -738,185 +764,185 @@
"smithy.rules#endpointTests": {
"testCases": [
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.ap-southeast-2.amazonaws.com"
+ "url": "https://session.qldb.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-1",
"UseDualStack": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.us-east-2.amazonaws.com"
+ "url": "https://session.qldb.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-2",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb-fips.us-east-2.amazonaws.com"
+ "url": "https://session.qldb.ap-southeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "ap-southeast-1",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.ca-central-1.amazonaws.com"
+ "url": "https://session.qldb.ap-southeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-2",
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.us-west-2.amazonaws.com"
+ "url": "https://session.qldb.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb-fips.us-west-2.amazonaws.com"
+ "url": "https://session.qldb.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "eu-central-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.ap-northeast-1.amazonaws.com"
+ "url": "https://session.qldb.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-1",
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.ap-northeast-2.amazonaws.com"
+ "url": "https://session.qldb.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-2",
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.eu-central-1.amazonaws.com"
+ "url": "https://session.qldb.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.us-east-1.amazonaws.com"
+ "url": "https://session.qldb-fips.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb-fips.us-east-1.amazonaws.com"
+ "url": "https://session.qldb.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.eu-west-1.amazonaws.com"
+ "url": "https://session.qldb-fips.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "eu-west-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.eu-west-2.amazonaws.com"
+ "url": "https://session.qldb.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "eu-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.ap-southeast-1.amazonaws.com"
+ "url": "https://session.qldb-fips.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": true
}
},
{
@@ -927,9 +953,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
@@ -940,178 +966,191 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb-fips.us-gov-east-1.api.aws"
+ "url": "https://session.qldb-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb-fips.us-gov-east-1.amazonaws.com"
+ "url": "https://session.qldb-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.us-gov-east-1.api.aws"
+ "url": "https://session.qldb.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.us-gov-east-1.amazonaws.com"
+ "url": "https://session.qldb.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://session.qldb-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
- "Region": "us-isob-east-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://session.qldb-fips.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://session.qldb.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-east-1",
"UseDualStack": true,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://session.qldb.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://session.qldb-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "us-iso-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.cn-north-1.amazonaws.com.cn"
+ "url": "https://session.qldb.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://session.qldb-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://session.qldb.us-iso-east-1.c2s.ic.gov"
+ "url": "https://session.qldb.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
+ "Region": "us-east-1",
+ "UseDualStack": false,
"UseFIPS": false,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
"UseDualStack": false,
- "Region": "us-east-1",
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -1121,9 +1160,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
"Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true,
"Endpoint": "https://example.com"
}
},
@@ -1133,9 +1172,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
"Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
}
diff --git a/aws/sdk/aws-models/route53.json b/aws/sdk/aws-models/route53.json
index 38b7bca903..8c5011b2f3 100644
--- a/aws/sdk/aws-models/route53.json
+++ b/aws/sdk/aws-models/route53.json
@@ -279,7 +279,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -308,13 +308,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -322,14 +321,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -338,64 +343,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "stringEquals",
+ "fn": "isSet",
"argv": [
{
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "name"
- ]
- },
- "aws"
+ "ref": "Region"
+ }
]
}
],
@@ -404,22 +387,13 @@
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
- ]
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
}
],
"type": "tree",
@@ -427,48 +401,221 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsFIPS"
+ "name"
+ ]
+ },
+ "aws"
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53-fips.{Region}.api.aws",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
},
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53-fips.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53.{Region}.api.aws",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
+ }
+ ]
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://route-53-fips.{Region}.api.aws",
+ "url": "https://route53.amazonaws.com",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "us-east-1"
}
]
},
@@ -478,57 +625,216 @@
}
]
},
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsFIPS"
+ "name"
]
- }
+ },
+ "aws-cn"
]
}
],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53-fips.{Region}.api.amazonwebservices.com.cn",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
+ }
+ ]
+ },
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53-fips.{Region}.amazonaws.com.cn",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
+ }
+ ]
+ },
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53.{Region}.api.amazonwebservices.com.cn",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
+ }
+ ]
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://route53-fips.amazonaws.com",
+ "url": "https://route53.amazonaws.com.cn",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "cn-northwest-1"
}
]
},
@@ -538,180 +844,224 @@
}
]
},
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsDualStack"
+ "name"
]
- }
+ },
+ "aws-us-gov"
]
}
],
"type": "tree",
"rules": [
{
- "conditions": [],
- "endpoint": {
- "url": "https://route-53.{Region}.api.aws",
- "properties": {
- "authSchemes": [
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
{
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "route53"
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53-fips.{Region}.api.aws",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://route53.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "name"
- ]
- },
- "aws-cn"
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
+ }
+ ]
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53.us-gov.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-gov-west-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
},
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53.{Region}.api.aws",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://route-53-fips.{Region}.api.amazonwebservices.com.cn",
+ "url": "https://route53.us-gov.amazonaws.com",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "cn-northwest-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "us-gov-west-1"
}
]
},
@@ -721,57 +1071,88 @@
}
]
},
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsFIPS"
+ "name"
]
- }
+ },
+ "aws-iso"
]
}
],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53-fips.{Region}.c2s.ic.gov",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
+ }
+ ]
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://route-53-fips.{Region}.amazonaws.com.cn",
+ "url": "https://route53.c2s.ic.gov",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "cn-northwest-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "us-iso-east-1"
}
]
},
@@ -781,57 +1162,88 @@
}
]
},
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
- true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "supportsDualStack"
+ "name"
]
- }
+ },
+ "aws-iso-b"
]
}
],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53-fips.{Region}.sc2s.sgov.gov",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
+ }
+ ]
+ },
{
"conditions": [],
"endpoint": {
- "url": "https://route-53.{Region}.api.amazonwebservices.com.cn",
+ "url": "https://route53.sc2s.sgov.gov",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "cn-northwest-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "us-isob-east-1"
}
]
},
@@ -842,586 +1254,369 @@
]
},
{
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://route53.amazonaws.com.cn",
- "properties": {
- "authSchemes": [
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
- "name": "sigv4",
- "signingRegion": "cn-northwest-1",
- "signingName": "route53"
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "name"
- ]
- },
- "aws-us-gov"
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
{
"conditions": [
{
"fn": "booleanEquals",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
+ true,
{
- "ref": "PartitionResult"
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "aws-global"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://route53-fips.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "aws-us-gov-global"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://route53.us-gov.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-gov-west-1"
+ }
+ ]
+ },
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "supportsFIPS"
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
}
]
},
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
+ }
+ ]
+ },
+ {
+ "conditions": [
{
"fn": "booleanEquals",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "UseDualStack"
+ },
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
+ true,
{
- "ref": "PartitionResult"
- },
- "supportsDualStack"
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://route53.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
}
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
- ],
+ ]
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
- "conditions": [],
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "aws-global"
+ ]
+ }
+ ],
"endpoint": {
- "url": "https://route-53-fips.{Region}.api.aws",
+ "url": "https://route53.amazonaws.com",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "us-east-1"
}
]
},
"headers": {}
},
"type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "stringEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "Region"
},
- "supportsFIPS"
+ "aws-cn-global"
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"endpoint": {
- "url": "https://route53.us-gov.amazonaws.com",
+ "url": "https://route53.amazonaws.com.cn",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "cn-northwest-1"
}
]
},
"headers": {}
},
"type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "stringEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "Region"
},
- "supportsDualStack"
+ "aws-us-gov-global"
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"endpoint": {
- "url": "https://route-53.{Region}.api.aws",
+ "url": "https://route53.us-gov.amazonaws.com",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "us-gov-west-1"
}
]
},
"headers": {}
},
"type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://route53.us-gov.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "name"
- ]
- },
- "aws-iso"
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "stringEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "Region"
},
- "supportsFIPS"
+ "aws-iso-global"
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"endpoint": {
- "url": "https://route-53-fips.{Region}.c2s.ic.gov",
+ "url": "https://route53.c2s.ic.gov",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-iso-east-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "us-iso-east-1"
}
]
},
"headers": {}
},
"type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://route53.c2s.ic.gov",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-iso-east-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "name"
- ]
- },
- "aws-iso-b"
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "supportsFIPS"
- ]
- }
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://route-53-fips.{Region}.sc2s.sgov.gov",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-isob-east-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://route53.sc2s.sgov.gov",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-isob-east-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "supportsFIPS"
- ]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "supportsDualStack"
- ]
- }
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://route53-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "supportsFIPS"
- ]
- }
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "type": "tree",
- "rules": [
{
"conditions": [
{
@@ -1430,45 +1625,18 @@
{
"ref": "Region"
},
- "aws-global"
+ "aws-iso-b-global"
]
}
],
"endpoint": {
- "url": "https://route53-fips.amazonaws.com",
+ "url": "https://route53.sc2s.sgov.gov",
"properties": {
"authSchemes": [
{
"name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-us-gov-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://route53.us-gov.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "route53"
+ "signingName": "route53",
+ "signingRegion": "us-isob-east-1"
}
]
},
@@ -1479,7 +1647,7 @@
{
"conditions": [],
"endpoint": {
- "url": "https://route53-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "url": "https://route53.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -1488,222 +1656,134 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "supportsDualStack"
- ]
- }
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://route53.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://route53.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-cn-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://route53.amazonaws.com.cn",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "cn-northwest-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-us-gov-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://route53.us-gov.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-gov-west-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-iso-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://route53.c2s.ic.gov",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-iso-east-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-iso-b-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://route53.sc2s.sgov.gov",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-isob-east-1",
- "signingName": "route53"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://route53.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
+ }
+ ]
+ }
+ ]
+ },
+ "smithy.rules#endpointTests": {
+ "testCases": [
+ {
+ "documentation": "For region aws-global with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "url": "https://route53.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "aws-global",
+ "UseDualStack": false,
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "For region aws-global with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "url": "https://route53-fips.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "aws-global",
+ "UseDualStack": false,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://route53-fips.us-east-1.api.aws"
}
- ]
- }
- ]
- },
- "smithy.rules#endpointTests": {
- "testCases": [
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "url": "https://route53-fips.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://route53.us-east-1.api.aws"
+ }
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "url": "https://route53.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
+ }
+ },
{
"documentation": "For region aws-cn-global with FIPS disabled and DualStack disabled",
"expect": {
@@ -1721,13 +1801,52 @@
}
},
"params": {
+ "Region": "aws-cn-global",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "aws-cn-global"
+ "UseFIPS": false
}
},
{
- "documentation": "For region aws-global with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://route53-fips.cn-north-1.api.amazonwebservices.com.cn"
+ }
+ },
+ "params": {
+ "Region": "cn-north-1",
+ "UseDualStack": true,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://route53-fips.cn-north-1.amazonaws.com.cn"
+ }
+ },
+ "params": {
+ "Region": "cn-north-1",
+ "UseDualStack": false,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://route53.cn-north-1.api.amazonwebservices.com.cn"
+ }
+ },
+ "params": {
+ "Region": "cn-north-1",
+ "UseDualStack": true,
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
"properties": {
@@ -1735,17 +1854,131 @@
{
"name": "sigv4",
"signingName": "route53",
- "signingRegion": "us-east-1"
+ "signingRegion": "cn-northwest-1"
}
]
},
- "url": "https://route53.amazonaws.com"
+ "url": "https://route53.amazonaws.com.cn"
}
},
"params": {
+ "Region": "cn-north-1",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "aws-global"
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "For region aws-us-gov-global with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-gov-west-1"
+ }
+ ]
+ },
+ "url": "https://route53.us-gov.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "aws-us-gov-global",
+ "UseDualStack": false,
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "For region aws-us-gov-global with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-gov-west-1"
+ }
+ ]
+ },
+ "url": "https://route53.us-gov.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "aws-us-gov-global",
+ "UseDualStack": false,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://route53-fips.us-gov-east-1.api.aws"
+ }
+ },
+ "params": {
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-gov-west-1"
+ }
+ ]
+ },
+ "url": "https://route53.us-gov.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "us-gov-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://route53.us-gov-east-1.api.aws"
+ }
+ },
+ "params": {
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-gov-west-1"
+ }
+ ]
+ },
+ "url": "https://route53.us-gov.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "us-gov-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
@@ -1765,9 +1998,44 @@
}
},
"params": {
+ "Region": "aws-iso-global",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "aws-iso-global"
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://route53-fips.us-iso-east-1.c2s.ic.gov"
+ }
+ },
+ "params": {
+ "Region": "us-iso-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "route53",
+ "signingRegion": "us-iso-east-1"
+ }
+ ]
+ },
+ "url": "https://route53.c2s.ic.gov"
+ }
+ },
+ "params": {
+ "Region": "us-iso-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
@@ -1787,13 +2055,26 @@
}
},
"params": {
+ "Region": "aws-iso-b-global",
"UseDualStack": false,
- "UseFIPS": false,
- "Region": "aws-iso-b-global"
+ "UseFIPS": false
}
},
{
- "documentation": "For region aws-us-gov-global with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://route53-fips.us-isob-east-1.sc2s.sgov.gov"
+ }
+ },
+ "params": {
+ "Region": "us-isob-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
"properties": {
@@ -1801,21 +2082,35 @@
{
"name": "sigv4",
"signingName": "route53",
- "signingRegion": "us-gov-west-1"
+ "signingRegion": "us-isob-east-1"
}
]
},
- "url": "https://route53.us-gov.amazonaws.com"
+ "url": "https://route53.sc2s.sgov.gov"
+ }
+ },
+ "params": {
+ "Region": "us-isob-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
+ }
+ },
+ {
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
}
},
"params": {
+ "Region": "us-east-1",
"UseDualStack": false,
"UseFIPS": false,
- "Region": "aws-us-gov-global"
+ "Endpoint": "https://example.com"
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
@@ -1824,7 +2119,6 @@
"params": {
"UseDualStack": false,
"UseFIPS": false,
- "Region": "us-east-1",
"Endpoint": "https://example.com"
}
},
@@ -1834,9 +2128,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
+ "Region": "us-east-1",
"UseDualStack": false,
"UseFIPS": true,
- "Region": "us-east-1",
"Endpoint": "https://example.com"
}
},
@@ -1846,9 +2140,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
+ "Region": "us-east-1",
"UseDualStack": true,
"UseFIPS": false,
- "Region": "us-east-1",
"Endpoint": "https://example.com"
}
}
diff --git a/aws/sdk/aws-models/s3.json b/aws/sdk/aws-models/s3.json
index 0dba936004..57c5645bde 100644
--- a/aws/sdk/aws-models/s3.json
+++ b/aws/sdk/aws-models/s3.json
@@ -816,10 +816,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -836,10 +836,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -921,10 +921,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -941,10 +941,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -1184,10 +1184,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -1243,10 +1243,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -1320,10 +1320,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -1395,10 +1395,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -1458,10 +1458,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -1521,10 +1521,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -1602,10 +1602,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -1681,10 +1681,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -1740,10 +1740,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -1799,10 +1799,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -1876,10 +1876,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -1951,10 +1951,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -2010,10 +2010,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -2069,10 +2069,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -2146,10 +2146,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -2221,10 +2221,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -2284,10 +2284,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -2347,10 +2347,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -2438,10 +2438,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -2456,10 +2456,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -2535,10 +2535,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -2594,10 +2594,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -2653,10 +2653,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -2740,10 +2740,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -2758,10 +2758,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -2833,10 +2833,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -3154,10 +3154,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -3222,10 +3222,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -3308,10 +3308,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -3392,10 +3392,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -3460,10 +3460,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -3528,10 +3528,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -3614,10 +3614,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -3698,10 +3698,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -3766,10 +3766,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -3834,10 +3834,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -3920,10 +3920,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -4004,10 +4004,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -4072,10 +4072,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -4140,10 +4140,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -4226,10 +4226,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -4310,10 +4310,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -4397,10 +4397,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -4484,10 +4484,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -4571,10 +4571,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -4658,10 +4658,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -4773,10 +4773,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -4791,10 +4791,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -4908,10 +4908,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -4926,10 +4926,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -5029,10 +5029,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -5130,10 +5130,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -5198,10 +5198,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -5266,10 +5266,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -5362,10 +5362,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -5380,10 +5380,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -5464,10 +5464,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -5532,10 +5532,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -5600,10 +5600,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -5696,10 +5696,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -5714,10 +5714,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -5798,10 +5798,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -5953,10 +5953,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -6493,10 +6493,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3-object-lambda",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -6521,10 +6521,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3-object-lambda",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -6539,10 +6539,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3-object-lambda",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -7133,10 +7133,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -7170,10 +7170,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -7207,10 +7207,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -7261,10 +7261,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -7298,10 +7298,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -7555,12 +7555,12 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4a",
+ "signingName": "s3",
"signingRegionSet": [
"*"
- ],
- "signingName": "s3",
- "disableDoubleEncoding": true
+ ]
}
]
},
@@ -8002,10 +8002,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -8020,10 +8020,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{bucketArn#region}",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true
+ "signingRegion": "{bucketArn#region}"
}
]
},
@@ -8319,10 +8319,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -8378,10 +8378,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -8455,10 +8455,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -8530,10 +8530,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -8593,10 +8593,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -8656,10 +8656,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -8737,10 +8737,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -8816,10 +8816,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -8875,10 +8875,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -8934,10 +8934,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -9011,10 +9011,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -9086,10 +9086,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -9145,10 +9145,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -9204,10 +9204,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -9281,10 +9281,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -9356,10 +9356,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -9419,10 +9419,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -9482,10 +9482,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -9573,10 +9573,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -9591,10 +9591,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -9670,10 +9670,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -9729,10 +9729,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -9788,10 +9788,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -9875,10 +9875,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -9893,10 +9893,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -9968,10 +9968,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -10160,10 +10160,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3-object-lambda",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -10188,10 +10188,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3-object-lambda",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -10206,10 +10206,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3-object-lambda",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -10383,10 +10383,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -10446,10 +10446,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -10527,10 +10527,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -10606,10 +10606,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -10665,10 +10665,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -10724,10 +10724,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -10801,10 +10801,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -10876,10 +10876,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -10939,10 +10939,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -11002,10 +11002,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -11083,10 +11083,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -11162,10 +11162,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -11221,10 +11221,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -11280,10 +11280,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -11357,10 +11357,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -11432,10 +11432,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -11495,10 +11495,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -11558,10 +11558,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -11639,10 +11639,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -11718,10 +11718,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -11777,10 +11777,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -11836,10 +11836,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -11913,10 +11913,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -11988,10 +11988,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -12051,10 +12051,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -12114,10 +12114,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -12205,10 +12205,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -12223,10 +12223,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -12302,10 +12302,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -12361,10 +12361,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -12420,10 +12420,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "us-east-1",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "us-east-1"
}
]
},
@@ -12507,10 +12507,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -12525,10 +12525,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
@@ -12600,10 +12600,10 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
- "signingRegion": "{Region}",
"signingName": "s3",
- "disableDoubleEncoding": true
+ "signingRegion": "{Region}"
}
]
},
diff --git a/aws/sdk/aws-models/s3control.json b/aws/sdk/aws-models/s3control.json
index 005646332f..c47218c753 100644
--- a/aws/sdk/aws-models/s3control.json
+++ b/aws/sdk/aws-models/s3control.json
@@ -69,6 +69,9 @@
{
"target": "com.amazonaws.s3control#DeleteBucketPolicy"
},
+ {
+ "target": "com.amazonaws.s3control#DeleteBucketReplication"
+ },
{
"target": "com.amazonaws.s3control#DeleteBucketTagging"
},
@@ -123,6 +126,9 @@
{
"target": "com.amazonaws.s3control#GetBucketPolicy"
},
+ {
+ "target": "com.amazonaws.s3control#GetBucketReplication"
+ },
{
"target": "com.amazonaws.s3control#GetBucketTagging"
},
@@ -186,6 +192,9 @@
{
"target": "com.amazonaws.s3control#PutBucketPolicy"
},
+ {
+ "target": "com.amazonaws.s3control#PutBucketReplication"
+ },
{
"target": "com.amazonaws.s3control#PutBucketTagging"
},
@@ -546,9 +555,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -574,9 +583,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -592,9 +601,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -1063,9 +1072,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true,
"signingRegion": "{accessPointArn#region}"
}
]
@@ -1106,9 +1115,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true,
"signingRegion": "{accessPointArn#region}"
}
]
@@ -1131,9 +1140,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true,
"signingRegion": "{accessPointArn#region}"
}
]
@@ -1695,9 +1704,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true,
"signingRegion": "{bucketArn#region}"
}
]
@@ -1738,9 +1747,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true,
"signingRegion": "{bucketArn#region}"
}
]
@@ -1763,9 +1772,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3-outposts",
- "disableDoubleEncoding": true,
"signingRegion": "{bucketArn#region}"
}
]
@@ -2117,9 +2126,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -2135,9 +2144,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -2205,9 +2214,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -2242,9 +2251,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -2304,9 +2313,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -2341,9 +2350,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -2403,9 +2412,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -2440,9 +2449,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -2502,9 +2511,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -2539,9 +2548,9 @@
"properties": {
"authSchemes": [
{
+ "disableDoubleEncoding": true,
"name": "sigv4",
"signingName": "s3",
- "disableDoubleEncoding": true,
"signingRegion": "{Region}"
}
]
@@ -6072,6 +6081,21 @@
"smithy.api#documentation": "The container for abort incomplete multipart upload
"
}
},
+ "com.amazonaws.s3control#AccessControlTranslation": {
+ "type": "structure",
+ "members": {
+ "Owner": {
+ "target": "com.amazonaws.s3control#OwnerOverride",
+ "traits": {
+ "smithy.api#documentation": "Specifies the replica ownership.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A container for information about access control for replicas.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
"com.amazonaws.s3control#AccessPoint": {
"type": "structure",
"members": {
@@ -6139,7 +6163,7 @@
"traits": {
"smithy.api#length": {
"min": 3,
- "max": 63
+ "max": 255
}
}
},
@@ -6204,7 +6228,7 @@
}
},
"traits": {
- "smithy.api#documentation": "The container element for Amazon S3 Storage Lens activity metrics. Activity metrics show details about \n how your storage is requested, such as requests (for example, All requests, Get requests, \n Put requests), bytes uploaded or downloaded, and errors.
\n For more information about S3 Storage Lens, see Assessing your storage activity and usage with S3 Storage Lens in the Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.
"
+ "smithy.api#documentation": "The container element for Amazon S3 Storage Lens activity metrics. Activity metrics show details\n about how your storage is requested, such as requests (for example, All requests, Get\n requests, Put requests), bytes uploaded or downloaded, and errors.
\n For more information about S3 Storage Lens, see Assessing your storage activity and usage with S3 Storage Lens in the Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.
"
}
},
"com.amazonaws.s3control#AdvancedCostOptimizationMetrics": {
@@ -6505,6 +6529,9 @@
}
}
},
+ "com.amazonaws.s3control#BucketIdentifierString": {
+ "type": "string"
+ },
"com.amazonaws.s3control#BucketLevel": {
"type": "structure",
"members": {
@@ -6770,6 +6797,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#CreateAccessPointForObjectLambdaResult": {
@@ -6809,7 +6839,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "The name of the bucket that you want to associate this access point with.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "The name of the bucket that you want to associate this access point with.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#required": {},
"smithy.rules#contextParam": {
"name": "Bucket"
@@ -6834,6 +6864,9 @@
"smithy.api#documentation": "The Amazon Web Services account ID associated with the S3 bucket associated with this access point.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#CreateAccessPointResult": {
@@ -6975,6 +7008,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#CreateBucketResult": {
@@ -6990,7 +7026,7 @@
"BucketArn": {
"target": "com.amazonaws.s3control#S3RegionalBucketArn",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
"
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
"
}
}
}
@@ -7117,6 +7153,9 @@
"smithy.api#documentation": "The attribute container for the ManifestGenerator details. Jobs must be created with\n either a manifest file or a ManifestGenerator, but not both.
"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#CreateJobResult": {
@@ -7211,6 +7250,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#CreateMultiRegionAccessPointResult": {
@@ -7318,6 +7360,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteAccessPointPolicy": {
@@ -7393,6 +7438,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteAccessPointPolicyRequest": {
@@ -7413,7 +7461,7 @@
"Name": {
"target": "com.amazonaws.s3control#AccessPointName",
"traits": {
- "smithy.api#documentation": "The name of the access point whose policy you want to delete.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
+ "smithy.api#documentation": "The name of the access point whose policy you want to delete.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -7421,6 +7469,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteAccessPointRequest": {
@@ -7441,7 +7492,7 @@
"Name": {
"target": "com.amazonaws.s3control#AccessPointName",
"traits": {
- "smithy.api#documentation": "The name of the access point you want to delete.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
+ "smithy.api#documentation": "The name of the access point you want to delete.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -7449,6 +7500,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteBucket": {
@@ -7519,7 +7573,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -7527,6 +7581,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteBucketPolicy": {
@@ -7572,7 +7629,63 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#httpLabel": {},
+ "smithy.api#required": {},
+ "smithy.rules#contextParam": {
+ "name": "Bucket"
+ }
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.s3control#DeleteBucketReplication": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.s3control#DeleteBucketReplicationRequest"
+ },
+ "output": {
+ "target": "smithy.api#Unit"
+ },
+ "traits": {
+ "smithy.api#documentation": "\n This operation deletes an Amazon S3 on Outposts bucket's replication configuration. To\n delete an S3 bucket's replication configuration, see DeleteBucketReplication in the Amazon S3 API Reference.
\n \n Deletes the replication configuration from the specified S3 on Outposts bucket.
\n To use this operation, you must have permissions to perform the\n s3-outposts:PutReplicationConfiguration action. The Outposts bucket owner\n has this permission by default and can grant it to others. For more information about\n permissions, see Setting up IAM with\n S3 on Outposts and Managing access to\n S3 on Outposts buckets in the Amazon S3 User Guide.
\n \n It can take a while to propagate PUT or DELETE requests for\n a replication configuration to all S3 on Outposts systems. Therefore, the replication\n configuration that's returned by a GET request soon after a\n PUT or DELETE request might return a more recent result\n than what's on the Outpost. If an Outpost is offline, the delay in updating the\n replication configuration on that Outpost can be significant.
\n \n All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.
\n For information about S3 replication on Outposts configuration, see Replicating objects for Amazon Web Services Outposts in the\n Amazon S3 User Guide.
\n The following operations are related to DeleteBucketReplication:
\n ",
+ "smithy.api#endpoint": {
+ "hostPrefix": "{AccountId}."
+ },
+ "smithy.api#http": {
+ "method": "DELETE",
+ "uri": "/v20180820/bucket/{Bucket}/replication",
+ "code": 200
+ },
+ "smithy.rules#staticContextParams": {
+ "RequiresAccountId": {
+ "value": true
+ }
+ }
+ }
+ },
+ "com.amazonaws.s3control#DeleteBucketReplicationRequest": {
+ "type": "structure",
+ "members": {
+ "AccountId": {
+ "target": "com.amazonaws.s3control#AccountId",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Web Services account ID of the Outposts bucket to delete the replication configuration\n for.
",
+ "smithy.api#hostLabel": {},
+ "smithy.api#httpHeader": "x-amz-account-id",
+ "smithy.api#required": {},
+ "smithy.rules#contextParam": {
+ "name": "AccountId"
+ }
+ }
+ },
+ "Bucket": {
+ "target": "com.amazonaws.s3control#BucketName",
+ "traits": {
+ "smithy.api#documentation": "Specifies the S3 on Outposts bucket to delete the replication configuration for.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -7580,6 +7693,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteBucketRequest": {
@@ -7600,7 +7716,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "Specifies the bucket being deleted.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "Specifies the bucket being deleted.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -7608,6 +7724,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteBucketTagging": {
@@ -7653,7 +7772,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "The bucket ARN that has the tag set to be removed.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "The bucket ARN that has the tag set to be removed.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -7661,6 +7780,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteJobTagging": {
@@ -7683,7 +7805,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Removes the entire tag set from the specified S3 Batch Operations job. To use this operation,\n you must have permission to perform the s3:DeleteJobTagging action. For more\n information, see Controlling\n access and labeling jobs using tags in the\n Amazon S3 User Guide.
\n \n Related actions include:
\n ",
+ "smithy.api#documentation": "Removes the entire tag set from the specified S3 Batch Operations job. To use\n the\n DeleteJobTagging operation, you must have permission to\n perform the s3:DeleteJobTagging action. For more information, see Controlling\n access and labeling jobs using tags in the\n Amazon S3 User Guide.
\n \n Related actions include:
\n ",
"smithy.api#endpoint": {
"hostPrefix": "{AccountId}."
},
@@ -7722,12 +7844,47 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteJobTaggingResult": {
"type": "structure",
"members": {}
},
+ "com.amazonaws.s3control#DeleteMarkerReplication": {
+ "type": "structure",
+ "members": {
+ "Status": {
+ "target": "com.amazonaws.s3control#DeleteMarkerReplicationStatus",
+ "traits": {
+ "smithy.api#documentation": "Indicates whether to replicate delete markers.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Specifies whether S3 on Outposts replicates delete markers. If you specify a\n Filter element in your replication configuration, you must also include a\n DeleteMarkerReplication element. If your Filter includes a\n Tag element, the DeleteMarkerReplication element's\n Status child element must be set to Disabled, because\n S3 on Outposts does not support replicating delete markers for tag-based rules.
\n For more information about delete marker replication, see How delete operations affect replication in the Amazon S3 User Guide.
"
+ }
+ },
+ "com.amazonaws.s3control#DeleteMarkerReplicationStatus": {
+ "type": "enum",
+ "members": {
+ "Enabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Enabled"
+ }
+ },
+ "Disabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Disabled"
+ }
+ }
+ }
+ },
"com.amazonaws.s3control#DeleteMultiRegionAccessPoint": {
"type": "operation",
"input": {
@@ -7799,6 +7956,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteMultiRegionAccessPointResult": {
@@ -7852,6 +8012,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteStorageLensConfiguration": {
@@ -7902,6 +8065,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteStorageLensConfigurationTagging": {
@@ -7952,6 +8118,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DeleteStorageLensConfigurationTaggingResult": {
@@ -8020,6 +8189,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DescribeJobResult": {
@@ -8082,6 +8254,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#DescribeMultiRegionAccessPointOperationResult": {
@@ -8095,6 +8270,57 @@
}
}
},
+ "com.amazonaws.s3control#Destination": {
+ "type": "structure",
+ "members": {
+ "Account": {
+ "target": "com.amazonaws.s3control#AccountId",
+ "traits": {
+ "smithy.api#documentation": "The destination bucket owner's account ID.
"
+ }
+ },
+ "Bucket": {
+ "target": "com.amazonaws.s3control#BucketIdentifierString",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the access point for the destination bucket where you want\n S3 on Outposts to store the replication results.
",
+ "smithy.api#required": {}
+ }
+ },
+ "ReplicationTime": {
+ "target": "com.amazonaws.s3control#ReplicationTime",
+ "traits": {
+ "smithy.api#documentation": "A container that specifies S3 Replication Time Control (S3 RTC) settings, including whether S3 RTC is enabled\n and the time when all objects and operations on objects must be replicated. Must be\n specified together with a Metrics block.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
+ "AccessControlTranslation": {
+ "target": "com.amazonaws.s3control#AccessControlTranslation",
+ "traits": {
+ "smithy.api#documentation": "Specify this property only in a cross-account scenario (where the source and destination\n bucket owners are not the same), and you want to change replica ownership to the\n Amazon Web Services account that owns the destination bucket. If this property is not specified in the\n replication configuration, the replicas are owned by same Amazon Web Services account that owns the\n source object.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
+ "EncryptionConfiguration": {
+ "target": "com.amazonaws.s3control#EncryptionConfiguration",
+ "traits": {
+ "smithy.api#documentation": "A container that provides information about encryption. If\n SourceSelectionCriteria is specified, you must specify this element.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
+ "Metrics": {
+ "target": "com.amazonaws.s3control#Metrics",
+ "traits": {
+ "smithy.api#documentation": " A container that specifies replication metrics-related settings.
"
+ }
+ },
+ "StorageClass": {
+ "target": "com.amazonaws.s3control#ReplicationStorageClass",
+ "traits": {
+ "smithy.api#documentation": " The storage class to use when replicating objects. All objects stored on S3 on Outposts\n are stored in the OUTPOSTS storage class. S3 on Outposts uses the\n OUTPOSTS storage class to create the object replicas.
\n \n Values other than OUTPOSTS are not supported by Amazon S3 on Outposts.
\n "
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Specifies information about the replication destination bucket and its settings for an\n S3 on Outposts replication configuration.
"
+ }
+ },
"com.amazonaws.s3control#DetailedStatusCodesMetrics": {
"type": "structure",
"members": {
@@ -8110,6 +8336,20 @@
"smithy.api#documentation": "The container element for Amazon S3 Storage Lens detailed status code metrics. Detailed status\n code metrics generate metrics for HTTP status codes, such as 200 OK, 403\n Forbidden, 503 Service Unavailable and others.
\n For more information about S3 Storage Lens, see Assessing your storage activity and usage with S3 Storage Lens in the Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.
"
}
},
+ "com.amazonaws.s3control#EncryptionConfiguration": {
+ "type": "structure",
+ "members": {
+ "ReplicaKmsKeyID": {
+ "target": "com.amazonaws.s3control#ReplicaKmsKeyID",
+ "traits": {
+ "smithy.api#documentation": "Specifies the ID of the customer managed KMS key that's stored in Key Management Service (KMS)\n for the destination bucket. This ID is either the Amazon Resource Name (ARN) for the\n KMS key or the alias ARN for the KMS key. Amazon S3 uses this KMS key to encrypt\n replica objects. Amazon S3 supports only symmetric encryption KMS keys. For more information,\n see Symmetric encryption\n KMS keys in the Amazon Web Services Key Management Service Developer\n Guide.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Specifies encryption-related information for an Amazon S3 bucket that is a destination for\n replicated objects.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
"com.amazonaws.s3control#Endpoints": {
"type": "map",
"key": {
@@ -8162,6 +8402,38 @@
"smithy.api#documentation": "A container for what Amazon S3 Storage Lens will exclude.
"
}
},
+ "com.amazonaws.s3control#ExistingObjectReplication": {
+ "type": "structure",
+ "members": {
+ "Status": {
+ "target": "com.amazonaws.s3control#ExistingObjectReplicationStatus",
+ "traits": {
+ "smithy.api#documentation": "Specifies whether Amazon S3 replicates existing source bucket objects.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "An optional configuration to replicate existing source bucket objects.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
+ "com.amazonaws.s3control#ExistingObjectReplicationStatus": {
+ "type": "enum",
+ "members": {
+ "Enabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Enabled"
+ }
+ },
+ "Disabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Disabled"
+ }
+ }
+ }
+ },
"com.amazonaws.s3control#ExpirationStatus": {
"type": "enum",
"members": {
@@ -8318,6 +8590,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetAccessPointConfigurationForObjectLambdaResult": {
@@ -8379,6 +8654,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetAccessPointForObjectLambdaResult": {
@@ -8477,6 +8755,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetAccessPointPolicyForObjectLambdaResult": {
@@ -8508,7 +8789,7 @@
"Name": {
"target": "com.amazonaws.s3control#AccessPointName",
"traits": {
- "smithy.api#documentation": "The name of the access point whose policy you want to retrieve.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
+ "smithy.api#documentation": "The name of the access point whose policy you want to retrieve.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -8516,6 +8797,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetAccessPointPolicyResult": {
@@ -8602,6 +8886,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetAccessPointPolicyStatusForObjectLambdaResult": {
@@ -8638,6 +8925,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetAccessPointPolicyStatusResult": {
@@ -8669,7 +8959,7 @@
"Name": {
"target": "com.amazonaws.s3control#AccessPointName",
"traits": {
- "smithy.api#documentation": "The name of the access point whose configuration information you want to retrieve.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
+ "smithy.api#documentation": "The name of the access point whose configuration information you want to retrieve.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -8677,6 +8967,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetAccessPointResult": {
@@ -8809,7 +9102,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -8817,7 +9110,10 @@
}
}
}
- }
+ },
+ "traits": {
+ "smithy.api#input": {}
+ }
},
"com.amazonaws.s3control#GetBucketLifecycleConfigurationResult": {
"type": "structure",
@@ -8873,7 +9169,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -8881,6 +9177,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetBucketPolicyResult": {
@@ -8894,6 +9193,73 @@
}
}
},
+ "com.amazonaws.s3control#GetBucketReplication": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.s3control#GetBucketReplicationRequest"
+ },
+ "output": {
+ "target": "com.amazonaws.s3control#GetBucketReplicationResult"
+ },
+ "traits": {
+ "smithy.api#documentation": "\n This operation gets an Amazon S3 on Outposts bucket's replication configuration. To get an\n S3 bucket's replication configuration, see GetBucketReplication\n in the Amazon S3 API Reference.
\n \n Returns the replication configuration of an S3 on Outposts bucket. For more information\n about S3 on Outposts, see Using Amazon S3 on Outposts in the\n Amazon S3 User Guide. For information about S3 replication on Outposts\n configuration, see Replicating objects for Amazon Web Services\n Outposts in the Amazon S3 User Guide.
\n \n It can take a while to propagate PUT or DELETE requests for\n a replication configuration to all S3 on Outposts systems. Therefore, the replication\n configuration that's returned by a GET request soon after a\n PUT or DELETE request might return a more recent result\n than what's on the Outpost. If an Outpost is offline, the delay in updating the\n replication configuration on that Outpost can be significant.
\n \n This action requires permissions for the\n s3-outposts:GetReplicationConfiguration action. The Outposts bucket owner\n has this permission by default and can grant it to others. For more information about\n permissions, see Setting up IAM with\n S3 on Outposts and Managing access to\n S3 on Outposts bucket in the Amazon S3 User Guide.
\n All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.
\n If you include the Filter element in a replication configuration, you must\n also include the DeleteMarkerReplication, Status, and\n Priority elements. The response also returns those elements.
\n For information about S3 on Outposts replication failure reasons, see Replication failure reasons in the Amazon S3 User Guide.
\n The following operations are related to GetBucketReplication:
\n ",
+ "smithy.api#endpoint": {
+ "hostPrefix": "{AccountId}."
+ },
+ "smithy.api#http": {
+ "method": "GET",
+ "uri": "/v20180820/bucket/{Bucket}/replication",
+ "code": 200
+ },
+ "smithy.rules#staticContextParams": {
+ "RequiresAccountId": {
+ "value": true
+ }
+ }
+ }
+ },
+ "com.amazonaws.s3control#GetBucketReplicationRequest": {
+ "type": "structure",
+ "members": {
+ "AccountId": {
+ "target": "com.amazonaws.s3control#AccountId",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Web Services account ID of the Outposts bucket.
",
+ "smithy.api#hostLabel": {},
+ "smithy.api#httpHeader": "x-amz-account-id",
+ "smithy.api#required": {},
+ "smithy.rules#contextParam": {
+ "name": "AccountId"
+ }
+ }
+ },
+ "Bucket": {
+ "target": "com.amazonaws.s3control#BucketName",
+ "traits": {
+ "smithy.api#documentation": "Specifies the bucket to get the replication information for.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#httpLabel": {},
+ "smithy.api#required": {},
+ "smithy.rules#contextParam": {
+ "name": "Bucket"
+ }
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.s3control#GetBucketReplicationResult": {
+ "type": "structure",
+ "members": {
+ "ReplicationConfiguration": {
+ "target": "com.amazonaws.s3control#ReplicationConfiguration",
+ "traits": {
+ "smithy.api#documentation": "A container for one or more replication rules. A replication configuration must have at least one rule and you can add up to 100 rules. The maximum size of a\n replication configuration is 128 KB.
"
+ }
+ }
+ }
+ },
"com.amazonaws.s3control#GetBucketRequest": {
"type": "structure",
"members": {
@@ -8912,7 +9278,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -8920,6 +9286,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetBucketResult": {
@@ -8989,7 +9358,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -8997,6 +9366,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetBucketTaggingResult": {
@@ -9020,7 +9392,7 @@
"target": "com.amazonaws.s3control#GetBucketVersioningResult"
},
"traits": {
- "smithy.api#documentation": "\n This operation returns the versioning state only for S3 on Outposts buckets. To return\n the versioning state for an S3 bucket, see GetBucketVersioning in\n the Amazon S3 API Reference.
\n \n Returns the versioning state for an S3 on Outposts bucket. With versioning, you can save\n multiple distinct copies of your data and recover from unintended user actions and\n application failures.
\n If you've never set versioning on your bucket, it has no versioning state. In that case,\n the GetBucketVersioning request does not return a versioning state\n value.
\n For more information about versioning, see Versioning in the Amazon S3\n User Guide.
\n All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.
\n The following operations are related to GetBucketVersioning for\n S3 on Outposts.
\n ",
+ "smithy.api#documentation": "\n This operation returns the versioning state\n for\n S3 on Outposts\n buckets\n only. To return the versioning state for an S3 bucket, see GetBucketVersioning in the Amazon S3 API Reference.
\n \n Returns the versioning state for an S3 on Outposts bucket. With\n S3\n Versioning,\n you can save multiple distinct copies of your\n objects\n and recover from unintended user actions and application failures.
\n If you've never set versioning on your bucket, it has no versioning state. In that case,\n the GetBucketVersioning request does not return a versioning state\n value.
\n For more information about versioning, see Versioning in the Amazon S3\n User Guide.
\n All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.
\n The following operations are related to GetBucketVersioning for\n S3 on Outposts.
\n ",
"smithy.api#endpoint": {
"hostPrefix": "{AccountId}."
},
@@ -9062,6 +9434,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetBucketVersioningResult": {
@@ -9102,7 +9477,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Returns the tags on an S3 Batch Operations job. To use this operation, you must have\n permission to perform the s3:GetJobTagging action. For more information, see\n Controlling\n access and labeling jobs using tags in the\n Amazon S3 User Guide.
\n \n Related actions include:
\n ",
+ "smithy.api#documentation": "Returns the tags on an S3 Batch Operations job. To use\n the\n GetJobTagging operation, you must have permission to\n perform the s3:GetJobTagging action. For more information, see Controlling\n access and labeling jobs using tags in the\n Amazon S3 User Guide.
\n \n Related actions include:
\n ",
"smithy.api#endpoint": {
"hostPrefix": "{AccountId}."
},
@@ -9141,6 +9516,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetJobTaggingResult": {
@@ -9229,6 +9607,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetMultiRegionAccessPointPolicyResult": {
@@ -9291,6 +9672,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetMultiRegionAccessPointPolicyStatusResult": {
@@ -9324,6 +9708,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetMultiRegionAccessPointResult": {
@@ -9386,6 +9773,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetMultiRegionAccessPointRoutesResult": {
@@ -9445,6 +9835,9 @@
"smithy.api#httpPayload": {}
}
}
+ },
+ "traits": {
+ "smithy.api#output": {}
}
},
"com.amazonaws.s3control#GetPublicAccessBlockRequest": {
@@ -9462,6 +9855,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetStorageLensConfiguration": {
@@ -9473,7 +9869,7 @@
"target": "com.amazonaws.s3control#GetStorageLensConfigurationResult"
},
"traits": {
- "smithy.api#documentation": "Gets the Amazon S3 Storage Lens configuration. For more information, see Assessing your storage\n activity and usage with Amazon S3 Storage Lens in the\n Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.
\n \n To use this action, you must have permission to perform the\n s3:GetStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the\n Amazon S3 User Guide.
\n ",
+ "smithy.api#documentation": "Gets the Amazon S3 Storage Lens configuration. For more information, see Assessing your storage\n activity and usage with Amazon S3 Storage Lens in the\n Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.
\n \n To use this action, you must have permission to perform the\n s3:GetStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the\n Amazon S3 User Guide.
\n ",
"smithy.api#endpoint": {
"hostPrefix": "{AccountId}."
},
@@ -9512,6 +9908,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetStorageLensConfigurationResult": {
@@ -9574,6 +9973,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#GetStorageLensConfigurationTaggingResult": {
@@ -10076,7 +10478,7 @@
"ObjectArn": {
"target": "com.amazonaws.s3control#S3KeyArnString",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) for a manifest object.
\n \n Replacement must be made for object keys containing special characters (such as carriage returns) when using \n XML requests. For more information, see \n XML related object key constraints.
\n ",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) for a manifest object.
\n \n When you're using XML requests, you must \nreplace special characters (such as carriage returns) in object keys with their equivalent XML entity codes. \nFor more information, see \n XML-related object key constraints in the Amazon S3 User Guide.
\n ",
"smithy.api#required": {}
}
},
@@ -10614,7 +11016,7 @@
"Prefix": {
"target": "com.amazonaws.s3control#Prefix",
"traits": {
- "smithy.api#documentation": "Prefix identifying one or more objects to which the rule applies.
\n \n Replacement must be made for object keys containing special characters (such as carriage returns) when using \n XML requests. For more information, see \n XML related object key constraints.
\n "
+ "smithy.api#documentation": "Prefix identifying one or more objects to which the rule applies.
\n \n When you're using XML requests, you must \nreplace special characters (such as carriage returns) in object keys with their equivalent XML entity codes. \nFor more information, see \n XML-related object key constraints in the Amazon S3 User Guide.
\n "
}
},
"Tag": {
@@ -10663,7 +11065,7 @@
"target": "com.amazonaws.s3control#ListAccessPointsResult"
},
"traits": {
- "smithy.api#documentation": "Returns a list of the access points owned by the current account associated with the specified bucket. You can\n retrieve up to 1000 access points per call. If the specified bucket has more than 1,000 access points (or\n the number specified in maxResults, whichever is less), the response will\n include a continuation token that you can use to list the additional access points.
\n \n All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.
\n The following actions are related to ListAccessPoints:
\n ",
+ "smithy.api#documentation": "Returns a list of the access points\n that are\n owned by the current account\n that's\n associated with the specified bucket. You can retrieve up to 1000 access points\n per call. If the specified bucket has more than 1,000 access points (or the number specified in\n maxResults, whichever is less), the response will include a continuation\n token that you can use to list the additional access points.
\n \n All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.
\n The following actions are related to ListAccessPoints:
\n ",
"smithy.api#endpoint": {
"hostPrefix": "{AccountId}."
},
@@ -10745,6 +11147,9 @@
"smithy.api#httpQuery": "maxResults"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#ListAccessPointsForObjectLambdaResult": {
@@ -10782,7 +11187,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "The name of the bucket whose associated access points you want to list.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "The name of the bucket whose associated access points you want to list.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpQuery": "bucket",
"smithy.rules#contextParam": {
"name": "Bucket"
@@ -10804,6 +11209,9 @@
"smithy.api#httpQuery": "maxResults"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#ListAccessPointsResult": {
@@ -10901,6 +11309,9 @@
"smithy.api#httpQuery": "maxResults"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#ListJobsResult": {
@@ -10981,6 +11392,9 @@
"smithy.api#httpQuery": "maxResults"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#ListMultiRegionAccessPointsResult": {
@@ -11070,6 +11484,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#ListRegionalBucketsResult": {
@@ -11176,6 +11593,9 @@
"smithy.api#httpQuery": "nextToken"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#ListStorageLensConfigurationsResult": {
@@ -11264,6 +11684,44 @@
}
}
},
+ "com.amazonaws.s3control#Metrics": {
+ "type": "structure",
+ "members": {
+ "Status": {
+ "target": "com.amazonaws.s3control#MetricsStatus",
+ "traits": {
+ "smithy.api#documentation": "Specifies whether replication metrics are enabled.
",
+ "smithy.api#required": {}
+ }
+ },
+ "EventThreshold": {
+ "target": "com.amazonaws.s3control#ReplicationTimeValue",
+ "traits": {
+ "smithy.api#documentation": "A container that specifies the time threshold for emitting the\n s3:Replication:OperationMissedThreshold event.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A container that specifies replication metrics-related settings.
"
+ }
+ },
+ "com.amazonaws.s3control#MetricsStatus": {
+ "type": "enum",
+ "members": {
+ "Enabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Enabled"
+ }
+ },
+ "Disabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Disabled"
+ }
+ }
+ }
+ },
"com.amazonaws.s3control#MinStorageBytesPercentage": {
"type": "double",
"traits": {
@@ -11274,6 +11732,12 @@
}
}
},
+ "com.amazonaws.s3control#Minutes": {
+ "type": "integer",
+ "traits": {
+ "smithy.api#default": 0
+ }
+ },
"com.amazonaws.s3control#MultiRegionAccessPointAlias": {
"type": "string",
"traits": {
@@ -11431,7 +11895,7 @@
"TrafficDialPercentage": {
"target": "com.amazonaws.s3control#TrafficDialPercentage",
"traits": {
- "smithy.api#documentation": "The traffic state for the specified bucket or Amazon Web Services Region.
\n A value of 0 indicates a passive state, which means that no new traffic\n will be routed to the\n Region.
\n A value of 100 indicates an active state, which means that traffic will be\n routed to the specified Region.
\n When\n the routing configuration for a Region is changed from active to passive, any in-progress\n operations (uploads, copies, deletes, and so on) to the formerly active Region will\n continue to run to until a final success or failure status is reached.
\n If all Regions in the routing configuration are designated as passive, you'll receive an\n InvalidRequest error.
",
+ "smithy.api#documentation": "The traffic state for the specified bucket or Amazon Web Services Region.
\n A value of 0 indicates a passive state, which means that no new traffic\n will be routed to the Region.
\n A value of 100 indicates an active state, which means that traffic will be\n routed to the specified Region.
\n When the routing configuration for a Region is changed from active to passive, any\n in-progress operations (uploads, copies, deletes, and so on) to the formerly active Region\n will continue to run to until a final success or failure status is reached.
\n If all Regions in the routing configuration are designated as passive, you'll receive an\n InvalidRequest error.
",
"smithy.api#required": {}
}
}
@@ -11584,7 +12048,7 @@
"target": "com.amazonaws.s3control#NoncurrentVersionCount",
"traits": {
"smithy.api#default": null,
- "smithy.api#documentation": "Specifies how many noncurrent versions S3 on Outposts will retain. If there are this many more\n recent noncurrent versions, S3 on Outposts will take the associated action. For more information\n about noncurrent versions, see Lifecycle configuration\n elements in the Amazon S3 User Guide.
"
+ "smithy.api#documentation": "Specifies how many noncurrent versions S3 on Outposts will retain. If there are this many\n more recent noncurrent versions, S3 on Outposts will take the associated action. For more\n information about noncurrent versions, see Lifecycle configuration\n elements in the Amazon S3 User Guide.
"
}
}
},
@@ -11944,6 +12408,17 @@
}
}
},
+ "com.amazonaws.s3control#OwnerOverride": {
+ "type": "enum",
+ "members": {
+ "Destination": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Destination"
+ }
+ }
+ }
+ },
"com.amazonaws.s3control#Policy": {
"type": "string"
},
@@ -11999,6 +12474,12 @@
"smithy.api#documentation": "A container for the prefix-level storage metrics for S3 Storage Lens.
"
}
},
+ "com.amazonaws.s3control#Priority": {
+ "type": "integer",
+ "traits": {
+ "smithy.api#default": 0
+ }
+ },
"com.amazonaws.s3control#ProposedMultiRegionAccessPointPolicy": {
"type": "structure",
"members": {
@@ -12114,6 +12595,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutAccessPointPolicy": {
@@ -12196,6 +12680,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutAccessPointPolicyRequest": {
@@ -12216,7 +12703,7 @@
"Name": {
"target": "com.amazonaws.s3control#AccessPointName",
"traits": {
- "smithy.api#documentation": "The name of the access point that you want to associate with the specified policy.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
+ "smithy.api#documentation": "The name of the access point that you want to associate with the specified policy.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -12231,6 +12718,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutBucketLifecycleConfiguration": {
@@ -12293,6 +12783,9 @@
"smithy.api#xmlName": "LifecycleConfiguration"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutBucketPolicy": {
@@ -12339,7 +12832,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "Specifies the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -12362,6 +12855,75 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
+ }
+ },
+ "com.amazonaws.s3control#PutBucketReplication": {
+ "type": "operation",
+ "input": {
+ "target": "com.amazonaws.s3control#PutBucketReplicationRequest"
+ },
+ "output": {
+ "target": "smithy.api#Unit"
+ },
+ "traits": {
+ "smithy.api#documentation": "\n This action creates an Amazon S3 on Outposts bucket's replication configuration. To create\n an S3 bucket's replication configuration, see PutBucketReplication\n in the Amazon S3 API Reference.
\n \n Creates a replication configuration or replaces an existing one. For information about\n S3 replication on Outposts configuration, see Replicating objects for Amazon Web Services Outposts in the\n Amazon S3 User Guide.
\n \n It can take a while to propagate PUT or DELETE requests for\n a replication configuration to all S3 on Outposts systems. Therefore, the replication\n configuration that's returned by a GET request soon after a\n PUT or DELETE request might return a more recent result\n than what's on the Outpost. If an Outpost is offline, the delay in updating the\n replication configuration on that Outpost can be significant.
\n \n Specify the replication configuration in the request body. In the replication\n configuration, you provide the following information:
\n \n - \n
The name of the destination bucket or buckets where you want S3 on Outposts to\n replicate objects
\n \n - \n
The Identity and Access Management (IAM) role that S3 on Outposts can assume to replicate objects on\n your behalf
\n \n - \n
Other relevant information, such as replication rules
\n \n
\n A replication configuration must include at least one rule and can contain a maximum of\n 100. Each rule identifies a subset of objects to replicate by filtering the objects in\n the source Outposts bucket. To choose additional subsets of objects to replicate, add a\n rule for each subset.
\n To specify a subset of the objects in the source Outposts bucket to apply a replication\n rule to, add the Filter element as a child of the Rule element.\n You can filter objects based on an object key prefix, one or more object tags, or both.\n When you add the Filter element in the configuration, you must also add the\n following elements: DeleteMarkerReplication, Status, and\n Priority.
\n Using PutBucketReplication on Outposts requires that both the source and\n destination buckets must have versioning enabled. For information about enabling versioning\n on a bucket, see Managing S3 Versioning\n for your S3 on Outposts bucket.
\n For information about S3 on Outposts replication failure reasons, see Replication failure reasons in the Amazon S3 User Guide.
\n \n Handling Replication of Encrypted Objects\n
\n Outposts buckets are encrypted at all times. All the objects in the source Outposts\n bucket are encrypted and can be replicated. Also, all the replicas in the destination\n Outposts bucket are encrypted with the same encryption key as the objects in the source\n Outposts bucket.
\n \n Permissions\n
\n To create a PutBucketReplication request, you must have\n s3-outposts:PutReplicationConfiguration permissions for the bucket. The\n Outposts bucket owner has this permission by default and can grant it to others. For more\n information about permissions, see Setting up IAM with\n S3 on Outposts and Managing access to\n S3 on Outposts buckets.
\n \n To perform this operation, the user or role must also have the iam:PassRole permission.
\n \n All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.
\n The following operations are related to PutBucketReplication:
\n ",
+ "smithy.api#endpoint": {
+ "hostPrefix": "{AccountId}."
+ },
+ "smithy.api#http": {
+ "method": "PUT",
+ "uri": "/v20180820/bucket/{Bucket}/replication",
+ "code": 200
+ },
+ "smithy.api#httpChecksumRequired": {},
+ "smithy.rules#staticContextParams": {
+ "RequiresAccountId": {
+ "value": true
+ }
+ }
+ }
+ },
+ "com.amazonaws.s3control#PutBucketReplicationRequest": {
+ "type": "structure",
+ "members": {
+ "AccountId": {
+ "target": "com.amazonaws.s3control#AccountId",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Web Services account ID of the Outposts bucket.
",
+ "smithy.api#hostLabel": {},
+ "smithy.api#httpHeader": "x-amz-account-id",
+ "smithy.api#required": {},
+ "smithy.rules#contextParam": {
+ "name": "AccountId"
+ }
+ }
+ },
+ "Bucket": {
+ "target": "com.amazonaws.s3control#BucketName",
+ "traits": {
+ "smithy.api#documentation": "Specifies the S3 on Outposts bucket to set the configuration for.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#httpLabel": {},
+ "smithy.api#required": {},
+ "smithy.rules#contextParam": {
+ "name": "Bucket"
+ }
+ }
+ },
+ "ReplicationConfiguration": {
+ "target": "com.amazonaws.s3control#ReplicationConfiguration",
+ "traits": {
+ "smithy.api#documentation": "",
+ "smithy.api#httpPayload": {},
+ "smithy.api#required": {},
+ "smithy.api#xmlName": "ReplicationConfiguration"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutBucketTagging": {
@@ -12408,7 +12970,7 @@
"Bucket": {
"target": "com.amazonaws.s3control#BucketName",
"traits": {
- "smithy.api#documentation": "The Amazon Resource Name (ARN) of the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the bucket.
\n For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
\n For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
",
"smithy.api#httpLabel": {},
"smithy.api#required": {},
"smithy.rules#contextParam": {
@@ -12425,6 +12987,9 @@
"smithy.api#xmlName": "Tagging"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutBucketVersioning": {
@@ -12436,7 +13001,7 @@
"target": "smithy.api#Unit"
},
"traits": {
- "smithy.api#documentation": "\n This operation sets the versioning state only for S3 on Outposts buckets. To set the\n versioning state for an S3 bucket, see PutBucketVersioning in\n the Amazon S3 API Reference.
\n \n Sets the versioning state for an S3 on Outposts bucket. With versioning, you can save\n multiple distinct copies of your data and recover from unintended user actions and\n application failures.
\n You can set the versioning state to one of the following:
\n \n - \n
\n Enabled - Enables versioning for the objects in\n the bucket. All objects added to the bucket receive a unique version ID.
\n \n - \n
\n Suspended - Suspends versioning for the objects\n in the bucket. All objects added to the bucket receive the version ID\n null.
\n \n
\n If you've never set versioning on your bucket, it has no versioning state. In that case,\n a \n GetBucketVersioning request does not return a versioning state value.
\n When you enable S3 Versioning, for each object in your bucket, you have a current\n version and zero or more noncurrent versions. You can configure your bucket S3 Lifecycle\n rules to expire noncurrent versions after a specified time period. For more information,\n see Creating and managing\n a lifecycle configuration for your S3 on Outposts bucket in the Amazon S3\n User Guide.
\n If you have an object expiration lifecycle policy in your non-versioned bucket and you\n want to maintain the same permanent delete behavior when you enable versioning, you must\n add a noncurrent expiration policy. The noncurrent expiration lifecycle policy will manage\n the deletes of the noncurrent object versions in the version-enabled bucket. For more\n information, see Versioning in the Amazon S3\n User Guide.
\n All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.
\n The following operations are related to PutBucketVersioning for\n S3 on Outposts.
\n ",
+ "smithy.api#documentation": "\n This operation sets the versioning state\n for\n S3 on Outposts\n buckets\n only. To set the versioning state for an S3 bucket, see PutBucketVersioning in the Amazon S3 API Reference.
\n \n Sets the versioning state for an S3 on Outposts bucket. With\n S3\n Versioning,\n you can save multiple distinct copies of your\n objects\n and recover from unintended user actions and application failures.
\n You can set the versioning state to one of the following:
\n \n - \n
\n Enabled - Enables versioning for the objects in\n the bucket. All objects added to the bucket receive a unique version ID.
\n \n - \n
\n Suspended - Suspends versioning for the objects\n in the bucket. All objects added to the bucket receive the version ID\n null.
\n \n
\n If you've never set versioning on your bucket, it has no versioning state. In that case,\n a \n GetBucketVersioning request does not return a versioning state value.
\n When you enable S3 Versioning, for each object in your bucket, you have a current\n version and zero or more noncurrent versions. You can configure your bucket S3 Lifecycle\n rules to expire noncurrent versions after a specified time period. For more information,\n see Creating and managing\n a lifecycle configuration for your S3 on Outposts bucket in the Amazon S3\n User Guide.
\n If you have an object expiration lifecycle policy in your non-versioned bucket and you\n want to maintain the same permanent delete behavior when you enable versioning, you must\n add a noncurrent expiration policy. The noncurrent expiration lifecycle policy will manage\n the\n deletions\n of the noncurrent object versions in the version-enabled bucket. For more information, see\n Versioning in the Amazon S3 User Guide.
\n All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.
\n The following operations are related to PutBucketVersioning for\n S3 on Outposts.
\n ",
"smithy.api#endpoint": {
"hostPrefix": "{AccountId}."
},
@@ -12495,6 +13060,9 @@
"smithy.api#xmlName": "VersioningConfiguration"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutJobTagging": {
@@ -12520,7 +13088,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Sets the supplied tag-set on an S3 Batch Operations job.
\n A tag is a key-value pair. You can associate S3 Batch Operations tags with any job by sending\n a PUT request against the tagging subresource that is associated with the job. To modify\n the existing tag set, you can either replace the existing tag set entirely, or make changes\n within the existing tag set by retrieving the existing tag set using GetJobTagging, modify that tag set, and use this action to replace the tag set\n with the one you modified. For more information, see Controlling\n access and labeling jobs using tags in the Amazon S3 User Guide.
\n \n \n \n - \n
If you send this request with an empty tag set, Amazon S3 deletes the existing\n tag set on the Batch Operations job. If you use this method, you are charged for a Tier\n 1 Request (PUT). For more information, see Amazon S3 pricing.
\n \n - \n
For deleting existing tags for your Batch Operations job, a DeleteJobTagging request is preferred because it achieves the same\n result without incurring charges.
\n \n - \n
A few things to consider about using tags:
\n \n - \n
Amazon S3 limits the maximum number of tags to 50 tags per job.
\n \n - \n
You can associate up to 50 tags with a job as long as they have unique\n tag keys.
\n \n - \n
A tag key can be up to 128 Unicode characters in length, and tag values\n can be up to 256 Unicode characters in length.
\n \n - \n
The key and values are case sensitive.
\n \n - \n
For tagging-related restrictions related to characters and encodings, see\n User-Defined Tag Restrictions in the Billing and Cost Management User Guide.
\n \n
\n \n
\n \n \n To use this action, you must have permission to perform the\n s3:PutJobTagging action.
\n Related actions include:
\n ",
+ "smithy.api#documentation": "Sets the supplied tag-set on an S3 Batch Operations job.
\n A tag is a key-value pair. You can associate S3 Batch Operations tags with any job by sending\n a PUT request against the tagging subresource that is associated with the job. To modify\n the existing tag set, you can either replace the existing tag set entirely, or make changes\n within the existing tag set by retrieving the existing tag set using GetJobTagging, modify that tag set, and use this action to replace the tag set\n with the one you modified. For more information, see Controlling\n access and labeling jobs using tags in the Amazon S3 User Guide.
\n \n \n \n - \n
If you send this request with an empty tag set, Amazon S3 deletes the existing\n tag set on the Batch Operations job. If you use this method, you are charged for a Tier\n 1 Request (PUT). For more information, see Amazon S3 pricing.
\n \n - \n
For deleting existing tags for your Batch Operations job, a DeleteJobTagging request is preferred because it achieves the same\n result without incurring charges.
\n \n - \n
A few things to consider about using tags:
\n \n - \n
Amazon S3 limits the maximum number of tags to 50 tags per job.
\n \n - \n
You can associate up to 50 tags with a job as long as they have unique\n tag keys.
\n \n - \n
A tag key can be up to 128 Unicode characters in length, and tag values\n can be up to 256 Unicode characters in length.
\n \n - \n
The key and values are case sensitive.
\n \n - \n
For tagging-related restrictions related to characters and encodings, see\n User-Defined Tag Restrictions in the Billing and Cost Management User Guide.
\n \n
\n \n
\n \n \n To use the\n PutJobTagging\n operation,\n you must have permission to perform the s3:PutJobTagging action.
\n Related actions include:
\n ",
"smithy.api#endpoint": {
"hostPrefix": "{AccountId}."
},
@@ -12566,6 +13134,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutJobTaggingResult": {
@@ -12650,6 +13221,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutMultiRegionAccessPointPolicyResult": {
@@ -12712,6 +13286,9 @@
}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutStorageLensConfiguration": {
@@ -12723,7 +13300,7 @@
"target": "smithy.api#Unit"
},
"traits": {
- "smithy.api#documentation": "Puts an Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Working with\n Amazon S3 Storage Lens in the Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.
\n \n To use this action, you must have permission to perform the\n s3:PutStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the\n Amazon S3 User Guide.
\n ",
+ "smithy.api#documentation": "Puts an Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Working with\n Amazon S3 Storage Lens in the Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.
\n \n To use this action, you must have permission to perform the\n s3:PutStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the\n Amazon S3 User Guide.
\n ",
"smithy.api#endpoint": {
"hostPrefix": "{AccountId}."
},
@@ -12775,6 +13352,9 @@
"smithy.api#documentation": "The tag set of the S3 Storage Lens configuration.
\n \n You can set up to a maximum of 50 tags.
\n "
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutStorageLensConfigurationTagging": {
@@ -12832,6 +13412,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#PutStorageLensConfigurationTaggingResult": {
@@ -12847,6 +13430,12 @@
"smithy.api#documentation": "The name of the associated bucket for the Region.
",
"smithy.api#required": {}
}
+ },
+ "BucketAccountId": {
+ "target": "com.amazonaws.s3control#AccountId",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Web Services account ID that owns the Amazon S3 bucket that's associated with this\n Multi-Region Access Point.
"
+ }
}
},
"traits": {
@@ -12885,6 +13474,12 @@
"traits": {
"smithy.api#documentation": "The name of the Region.
"
}
+ },
+ "BucketAccountId": {
+ "target": "com.amazonaws.s3control#AccountId",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Web Services account ID that owns the Amazon S3 bucket that's associated with this\n Multi-Region Access Point.
"
+ }
}
},
"traits": {
@@ -12960,19 +13555,220 @@
}
}
},
- "com.amazonaws.s3control#ReplicationStatus": {
+ "com.amazonaws.s3control#ReplicaKmsKeyID": {
+ "type": "string"
+ },
+ "com.amazonaws.s3control#ReplicaModifications": {
+ "type": "structure",
+ "members": {
+ "Status": {
+ "target": "com.amazonaws.s3control#ReplicaModificationsStatus",
+ "traits": {
+ "smithy.api#documentation": "Specifies whether S3 on Outposts replicates modifications to object metadata on\n replicas.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A filter that you can use to specify whether replica modification sync is enabled.\n S3 on Outposts replica modification sync can help you keep object metadata synchronized\n between replicas and source objects. By default, S3 on Outposts replicates metadata from the\n source objects to the replicas only. When replica modification sync is enabled,\n S3 on Outposts replicates metadata changes made to the replica copies back to the source\n object, making the replication bidirectional.
\n To replicate object metadata modifications on replicas, you can specify this element and\n set the Status of this element to Enabled.
\n \n You must enable replica modification sync on the source and destination buckets to\n replicate replica metadata changes between the source and the replicas.
\n "
+ }
+ },
+ "com.amazonaws.s3control#ReplicaModificationsStatus": {
"type": "enum",
"members": {
- "COMPLETED": {
+ "Enabled": {
"target": "smithy.api#Unit",
"traits": {
- "smithy.api#enumValue": "COMPLETED"
+ "smithy.api#enumValue": "Enabled"
}
},
- "FAILED": {
+ "Disabled": {
"target": "smithy.api#Unit",
"traits": {
- "smithy.api#enumValue": "FAILED"
+ "smithy.api#enumValue": "Disabled"
+ }
+ }
+ }
+ },
+ "com.amazonaws.s3control#ReplicationConfiguration": {
+ "type": "structure",
+ "members": {
+ "Role": {
+ "target": "com.amazonaws.s3control#Role",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that S3 on Outposts assumes\n when replicating objects. For information about S3 replication on Outposts configuration,\n see Setting up\n replication in the Amazon S3 User Guide.
",
+ "smithy.api#required": {}
+ }
+ },
+ "Rules": {
+ "target": "com.amazonaws.s3control#ReplicationRules",
+ "traits": {
+ "smithy.api#documentation": "A container for one or more replication rules. A replication configuration must have at\n least one rule and can contain an array of 100 rules at the most.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A container for one or more replication rules. A replication configuration must have at least one rule and you can add up to 100 rules. The maximum size of a\n replication configuration is 128 KB.
"
+ }
+ },
+ "com.amazonaws.s3control#ReplicationRule": {
+ "type": "structure",
+ "members": {
+ "ID": {
+ "target": "com.amazonaws.s3control#ID",
+ "traits": {
+ "smithy.api#documentation": "A unique identifier for the rule. The maximum value is 255 characters.
"
+ }
+ },
+ "Priority": {
+ "target": "com.amazonaws.s3control#Priority",
+ "traits": {
+ "smithy.api#default": null,
+ "smithy.api#documentation": "The priority indicates which rule has precedence whenever two or more replication rules\n conflict. S3 on Outposts attempts to replicate objects according to all replication rules.\n However, if there are two or more rules with the same destination Outposts bucket, then objects will\n be replicated according to the rule with the highest priority. The higher the number, the\n higher the priority.
\n For more information, see Creating replication rules between Outposts in the\n Amazon S3 User Guide.
"
+ }
+ },
+ "Prefix": {
+ "target": "com.amazonaws.s3control#Prefix",
+ "traits": {
+ "smithy.api#deprecated": {
+ "message": "Prefix has been deprecated"
+ },
+ "smithy.api#documentation": "An object key name prefix that identifies the object or objects to which the rule\n applies. The maximum prefix length is 1,024 characters. To include all objects in an\n Outposts bucket, specify an empty string.
\n \n When you're using XML requests, you must \nreplace special characters (such as carriage returns) in object keys with their equivalent XML entity codes. \nFor more information, see \n XML-related object key constraints in the Amazon S3 User Guide.
\n "
+ }
+ },
+ "Filter": {
+ "target": "com.amazonaws.s3control#ReplicationRuleFilter",
+ "traits": {
+ "smithy.api#documentation": "A filter that identifies the subset of objects to which the replication rule applies. A\n Filter element must specify exactly one Prefix,\n Tag, or And child element.
"
+ }
+ },
+ "Status": {
+ "target": "com.amazonaws.s3control#ReplicationRuleStatus",
+ "traits": {
+ "smithy.api#documentation": "Specifies whether the rule is enabled.
",
+ "smithy.api#required": {}
+ }
+ },
+ "SourceSelectionCriteria": {
+ "target": "com.amazonaws.s3control#SourceSelectionCriteria",
+ "traits": {
+ "smithy.api#documentation": "A container that describes additional filters for identifying the source Outposts objects that\n you want to replicate. You can choose to enable or disable the replication of these\n objects.
"
+ }
+ },
+ "ExistingObjectReplication": {
+ "target": "com.amazonaws.s3control#ExistingObjectReplication",
+ "traits": {
+ "smithy.api#documentation": "An optional configuration to replicate existing source bucket objects.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
+ "Destination": {
+ "target": "com.amazonaws.s3control#Destination",
+ "traits": {
+ "smithy.api#documentation": "A container for information about the replication destination and its configurations.
",
+ "smithy.api#required": {}
+ }
+ },
+ "DeleteMarkerReplication": {
+ "target": "com.amazonaws.s3control#DeleteMarkerReplication",
+ "traits": {
+ "smithy.api#documentation": "Specifies whether S3 on Outposts replicates delete markers. If you specify a\n Filter element in your replication configuration, you must also include a\n DeleteMarkerReplication element. If your Filter includes a\n Tag element, the DeleteMarkerReplication element's\n Status child element must be set to Disabled, because\n S3 on Outposts doesn't support replicating delete markers for tag-based rules.
\n For more information about delete marker replication, see How delete operations affect replication in the Amazon S3 User Guide.
"
+ }
+ },
+ "Bucket": {
+ "target": "com.amazonaws.s3control#BucketIdentifierString",
+ "traits": {
+ "smithy.api#documentation": "The Amazon Resource Name (ARN) of the access point for the source Outposts bucket that you want\n S3 on Outposts to replicate the objects from.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Specifies which S3 on Outposts objects to replicate and where to store the replicas.
"
+ }
+ },
+ "com.amazonaws.s3control#ReplicationRuleAndOperator": {
+ "type": "structure",
+ "members": {
+ "Prefix": {
+ "target": "com.amazonaws.s3control#Prefix",
+ "traits": {
+ "smithy.api#documentation": "An object key name prefix that identifies the subset of objects that the rule applies\n to.
"
+ }
+ },
+ "Tags": {
+ "target": "com.amazonaws.s3control#S3TagSet",
+ "traits": {
+ "smithy.api#documentation": "An array of tags that contain key and value pairs.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A container for specifying rule filters. The filters determine the subset of objects to\n which the rule applies. This element is required only if you specify more than one filter.
\n For example:
\n \n - \n
If you specify both a Prefix and a Tag filter, wrap\n these filters in an And element.
\n \n - \n
If you specify a filter based on multiple tags, wrap the Tag elements\n in an And element.
\n \n
"
+ }
+ },
+ "com.amazonaws.s3control#ReplicationRuleFilter": {
+ "type": "structure",
+ "members": {
+ "Prefix": {
+ "target": "com.amazonaws.s3control#Prefix",
+ "traits": {
+ "smithy.api#documentation": "An object key name prefix that identifies the subset of objects that the rule applies\n to.
\n \n When you're using XML requests, you must \nreplace special characters (such as carriage returns) in object keys with their equivalent XML entity codes. \nFor more information, see \n XML-related object key constraints in the Amazon S3 User Guide.
\n "
+ }
+ },
+ "Tag": {
+ "target": "com.amazonaws.s3control#S3Tag"
+ },
+ "And": {
+ "target": "com.amazonaws.s3control#ReplicationRuleAndOperator",
+ "traits": {
+ "smithy.api#documentation": "A container for specifying rule filters. The filters determine the subset of objects\n that the rule applies to. This element is required only if you specify more than one\n filter. For example:
\n \n - \n
If you specify both a Prefix and a Tag filter, wrap\n these filters in an And element.
\n \n - \n
If you specify a filter based on multiple tags, wrap the Tag elements\n in an And element.
\n \n
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A filter that identifies the subset of objects to which the replication rule applies. A\n Filter element must specify exactly one Prefix,\n Tag, or And child element.
"
+ }
+ },
+ "com.amazonaws.s3control#ReplicationRuleStatus": {
+ "type": "enum",
+ "members": {
+ "Enabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Enabled"
+ }
+ },
+ "Disabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Disabled"
+ }
+ }
+ }
+ },
+ "com.amazonaws.s3control#ReplicationRules": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.s3control#ReplicationRule",
+ "traits": {
+ "smithy.api#xmlName": "Rule"
+ }
+ }
+ },
+ "com.amazonaws.s3control#ReplicationStatus": {
+ "type": "enum",
+ "members": {
+ "COMPLETED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "COMPLETED"
+ }
+ },
+ "FAILED": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "FAILED"
}
},
"REPLICA": {
@@ -12995,6 +13791,119 @@
"target": "com.amazonaws.s3control#ReplicationStatus"
}
},
+ "com.amazonaws.s3control#ReplicationStorageClass": {
+ "type": "enum",
+ "members": {
+ "STANDARD": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STANDARD"
+ }
+ },
+ "REDUCED_REDUNDANCY": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "REDUCED_REDUNDANCY"
+ }
+ },
+ "STANDARD_IA": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "STANDARD_IA"
+ }
+ },
+ "ONEZONE_IA": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ONEZONE_IA"
+ }
+ },
+ "INTELLIGENT_TIERING": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "INTELLIGENT_TIERING"
+ }
+ },
+ "GLACIER": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "GLACIER"
+ }
+ },
+ "DEEP_ARCHIVE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "DEEP_ARCHIVE"
+ }
+ },
+ "OUTPOSTS": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "OUTPOSTS"
+ }
+ },
+ "GLACIER_IR": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "GLACIER_IR"
+ }
+ }
+ }
+ },
+ "com.amazonaws.s3control#ReplicationTime": {
+ "type": "structure",
+ "members": {
+ "Status": {
+ "target": "com.amazonaws.s3control#ReplicationTimeStatus",
+ "traits": {
+ "smithy.api#documentation": "Specifies whether S3 Replication Time Control (S3 RTC) is enabled.
",
+ "smithy.api#required": {}
+ }
+ },
+ "Time": {
+ "target": "com.amazonaws.s3control#ReplicationTimeValue",
+ "traits": {
+ "smithy.api#documentation": "A container that specifies the time by which replication should be complete for all\n objects and operations on objects.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A container that specifies S3 Replication Time Control (S3 RTC) related information, including whether S3 RTC\n is enabled and the time when all objects and operations on objects must be\n replicated.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
+ "com.amazonaws.s3control#ReplicationTimeStatus": {
+ "type": "enum",
+ "members": {
+ "Enabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Enabled"
+ }
+ },
+ "Disabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Disabled"
+ }
+ }
+ }
+ },
+ "com.amazonaws.s3control#ReplicationTimeValue": {
+ "type": "structure",
+ "members": {
+ "Minutes": {
+ "target": "com.amazonaws.s3control#Minutes",
+ "traits": {
+ "smithy.api#default": null,
+ "smithy.api#documentation": "Contains an integer that specifies the time period in minutes.
\n Valid value: 15
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A container that specifies the time value for S3 Replication Time Control (S3 RTC). This value is also used for\n the replication metrics EventThreshold element.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
"com.amazonaws.s3control#ReportPrefixString": {
"type": "string",
"traits": {
@@ -13021,6 +13930,9 @@
}
}
},
+ "com.amazonaws.s3control#Role": {
+ "type": "string"
+ },
"com.amazonaws.s3control#RouteList": {
"type": "list",
"member": {
@@ -13239,7 +14151,7 @@
"TargetResource": {
"target": "com.amazonaws.s3control#S3BucketArnString",
"traits": {
- "smithy.api#documentation": "Specifies the destination bucket ARN for the batch copy operation. For example, to copy\n objects to a bucket named destinationBucket, set the\n TargetResource property to\n arn:aws:s3:::destinationBucket.
"
+ "smithy.api#documentation": "Specifies the destination bucket\n Amazon Resource Name\n (ARN)\n for the batch copy operation. For example, to copy objects to a bucket named\n destinationBucket, set the TargetResource property to\n arn:aws:s3:::destinationBucket.
"
}
},
"CannedAccessControlList": {
@@ -13312,7 +14224,7 @@
"TargetKeyPrefix": {
"target": "com.amazonaws.s3control#NonEmptyMaxLength1024String",
"traits": {
- "smithy.api#documentation": "Specifies the folder prefix into which you would like the objects to be copied. For\n example, to copy objects into a folder named Folder1 in the destination\n bucket, set the TargetKeyPrefix to Folder1.
"
+ "smithy.api#documentation": "Specifies the folder prefix\n that\n you\n want\n the objects to be\n copied\n into. For example, to copy objects into a folder named\n Folder1 in the destination bucket, set the\n TargetKeyPrefix\n property\n to Folder1.
"
}
},
"ObjectLockLegalHoldStatus": {
@@ -13343,19 +14255,19 @@
"ChecksumAlgorithm": {
"target": "com.amazonaws.s3control#S3ChecksumAlgorithm",
"traits": {
- "smithy.api#documentation": "Indicates the algorithm you want Amazon S3 to use to create the checksum. For more\n information see Checking object\n integrity in the Amazon S3 User Guide.
"
+ "smithy.api#documentation": "Indicates the algorithm\n that\n you want Amazon S3 to use to create the checksum. For more\n information,\n see Checking object integrity in the Amazon S3 User Guide.
"
}
}
},
"traits": {
- "smithy.api#documentation": "Contains the configuration parameters for a PUT Copy object operation. S3 Batch Operations\n passes every object to the underlying PUT Copy object API. For more information about the\n parameters for this operation, see PUT Object - Copy.
"
+ "smithy.api#documentation": "Contains\n the configuration parameters for a PUT Copy object operation. S3 Batch Operations passes every\n object to the underlying\n CopyObject\n API\n operation. For more information about the parameters for this operation,\n see CopyObject.
"
}
},
"com.amazonaws.s3control#S3DeleteObjectTaggingOperation": {
"type": "structure",
"members": {},
"traits": {
- "smithy.api#documentation": "Contains no configuration parameters because the DELETE Object tagging API only accepts\n the bucket name and key name as parameters, which are defined in the job's manifest.
"
+ "smithy.api#documentation": "Contains no configuration parameters because the DELETE Object tagging\n (DeleteObjectTagging)\n API\n operation\n accepts\n only\n the bucket name and key name as parameters, which are defined in the\n job's manifest.
"
}
},
"com.amazonaws.s3control#S3ExpirationInDays": {
@@ -13494,7 +14406,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the configuration parameters for an S3 Initiate Restore Object job.\n S3 Batch Operations passes every object to the underlying POST Object restore API. For more\n information about the parameters for this operation, see RestoreObject.
"
+ "smithy.api#documentation": "Contains the configuration parameters for\n a\n POST Object restore job. S3 Batch Operations passes every object to the\n underlying\n RestoreObject\n API\n operation. For more information about the parameters for this operation,\n see RestoreObject.
"
}
},
"com.amazonaws.s3control#S3JobManifestGenerator": {
@@ -13875,7 +14787,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the configuration parameters for a Set Object ACL operation. S3 Batch Operations\n passes every object to the underlying PutObjectAcl API. For more information\n about the parameters for this operation, see \n PutObjectAcl\n .
"
+ "smithy.api#documentation": "Contains the configuration parameters for a\n PUT\n Object ACL operation. S3 Batch Operations passes every object to the underlying\n PutObjectAcl\n API\n operation. For more information about the parameters for this operation,\n see PutObjectAcl.
"
}
},
"com.amazonaws.s3control#S3SetObjectLegalHoldOperation": {
@@ -13890,7 +14802,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the configuration for an S3 Object Lock legal hold operation that an\n S3 Batch Operations job passes every object to the underlying PutObjectLegalHold\n API. For more information, see Using S3 Object Lock legal hold\n with S3 Batch Operations in the Amazon S3 User Guide.
"
+ "smithy.api#documentation": "Contains the configuration for an S3 Object Lock legal hold operation that an\n S3 Batch Operations job passes\n to\n every object to the underlying\n PutObjectLegalHold\n API\n operation. For more information, see Using S3 Object Lock legal hold\n with S3 Batch Operations in the Amazon S3 User Guide.
"
}
},
"com.amazonaws.s3control#S3SetObjectRetentionOperation": {
@@ -13912,7 +14824,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the configuration parameters for the Object Lock retention action for an\n S3 Batch Operations job. Batch Operations passes every object to the underlying\n PutObjectRetention API. For more information, see Using\n S3 Object Lock retention with S3 Batch Operations in the\n Amazon S3 User Guide.
"
+ "smithy.api#documentation": "Contains the configuration parameters for the Object Lock retention action for an\n S3 Batch Operations job. Batch Operations passes every object to the underlying\n PutObjectRetention\n API\n operation. For more information, see Using S3 Object Lock retention\n with S3 Batch Operations in the Amazon S3 User Guide.
"
}
},
"com.amazonaws.s3control#S3SetObjectTaggingOperation": {
@@ -13926,7 +14838,7 @@
}
},
"traits": {
- "smithy.api#documentation": "Contains the configuration parameters for a Set Object Tagging operation. S3 Batch Operations\n passes every object to the underlying PUT Object tagging API. For more information about\n the parameters for this operation, see PUT Object tagging.
"
+ "smithy.api#documentation": "Contains the configuration parameters for a\n PUT\n Object Tagging operation. S3 Batch Operations passes every object to the underlying\n PutObjectTagging\n API\n operation. For more information about the parameters for this operation,\n see PutObjectTagging.
"
}
},
"com.amazonaws.s3control#S3StorageClass": {
@@ -14104,6 +15016,58 @@
"smithy.api#default": false
}
},
+ "com.amazonaws.s3control#SourceSelectionCriteria": {
+ "type": "structure",
+ "members": {
+ "SseKmsEncryptedObjects": {
+ "target": "com.amazonaws.s3control#SseKmsEncryptedObjects",
+ "traits": {
+ "smithy.api#documentation": "A filter that you can use to select Amazon S3 objects that are encrypted with server-side\n encryption by using Key Management Service (KMS) keys. If you include\n SourceSelectionCriteria in the replication configuration, this element is\n required.
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
+ "ReplicaModifications": {
+ "target": "com.amazonaws.s3control#ReplicaModifications",
+ "traits": {
+ "smithy.api#documentation": "A filter that you can use to specify whether replica modification sync is enabled.\n S3 on Outposts replica modification sync can help you keep object metadata synchronized\n between replicas and source objects. By default, S3 on Outposts replicates metadata from the\n source objects to the replicas only. When replica modification sync is enabled,\n S3 on Outposts replicates metadata changes made to the replica copies back to the source\n object, making the replication bidirectional.
\n To replicate object metadata modifications on replicas, you can specify this element and\n set the Status of this element to Enabled.
\n \n You must enable replica modification sync on the source and destination buckets to\n replicate replica metadata changes between the source and the replicas.
\n "
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A container that describes additional filters for identifying the source objects that\n you want to replicate. You can choose to enable or disable the replication of these\n objects.
"
+ }
+ },
+ "com.amazonaws.s3control#SseKmsEncryptedObjects": {
+ "type": "structure",
+ "members": {
+ "Status": {
+ "target": "com.amazonaws.s3control#SseKmsEncryptedObjectsStatus",
+ "traits": {
+ "smithy.api#documentation": "Specifies whether Amazon S3 replicates objects that are created with server-side encryption\n by using an KMS key stored in Key Management Service.
",
+ "smithy.api#required": {}
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "A container for filter information that you can use to select S3 objects that are\n encrypted with Key Management Service (KMS).
\n \n This is not supported by Amazon S3 on Outposts buckets.
\n "
+ }
+ },
+ "com.amazonaws.s3control#SseKmsEncryptedObjectsStatus": {
+ "type": "enum",
+ "members": {
+ "Enabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Enabled"
+ }
+ },
+ "Disabled": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "Disabled"
+ }
+ }
+ }
+ },
"com.amazonaws.s3control#StorageLensArn": {
"type": "string",
"traits": {
@@ -14356,6 +15320,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#SubmitMultiRegionAccessPointRoutesResult": {
@@ -14587,6 +15554,9 @@
"smithy.api#required": {}
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#UpdateJobPriorityResult": {
@@ -14689,6 +15659,9 @@
"smithy.api#httpQuery": "statusUpdateReason"
}
}
+ },
+ "traits": {
+ "smithy.api#input": {}
}
},
"com.amazonaws.s3control#UpdateJobStatusResult": {
diff --git a/aws/sdk/aws-models/sso.json b/aws/sdk/aws-models/sso.json
index 336be4b83e..474fc29342 100644
--- a/aws/sdk/aws-models/sso.json
+++ b/aws/sdk/aws-models/sso.json
@@ -520,7 +520,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -549,13 +549,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -563,14 +562,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -579,67 +584,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -648,591 +628,637 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://portal.sso-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://portal.sso-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://portal.sso-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://portal.sso-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://portal.sso.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
"rules": [
{
- "conditions": [],
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "ap-east-1"
+ ]
+ }
+ ],
"endpoint": {
- "url": "https://portal.sso.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://portal.sso.ap-east-1.amazonaws.com",
"properties": {},
"headers": {}
},
"type": "endpoint"
- }
- ]
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
},
- "ap-east-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.ap-east-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "ap-northeast-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.ap-northeast-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "ap-northeast-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.ap-northeast-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
- },
- "ap-northeast-2"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.ap-northeast-2.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "ap-northeast-2"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.ap-northeast-2.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "ap-northeast-3"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.ap-northeast-3.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "ap-northeast-3"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.ap-northeast-3.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "ap-south-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.ap-south-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "ap-south-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.ap-south-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "ap-southeast-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.ap-southeast-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "ap-southeast-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.ap-southeast-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "ap-southeast-2"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.ap-southeast-2.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "ap-southeast-2"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.ap-southeast-2.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "ca-central-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.ca-central-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "ca-central-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.ca-central-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "eu-central-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.eu-central-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "eu-central-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.eu-central-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "eu-north-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.eu-north-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "eu-north-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.eu-north-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "eu-south-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.eu-south-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "eu-south-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.eu-south-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "eu-west-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.eu-west-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "eu-west-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.eu-west-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "eu-west-2"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.eu-west-2.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "eu-west-2"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.eu-west-2.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "eu-west-3"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.eu-west-3.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "eu-west-3"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.eu-west-3.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "me-south-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.me-south-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "me-south-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.me-south-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "sa-east-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.sa-east-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "sa-east-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.sa-east-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "us-east-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.us-east-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "us-east-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.us-east-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "us-east-2"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.us-east-2.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "us-east-2"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.us-east-2.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "us-west-2"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.us-west-2.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "us-west-2"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.us-west-2.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "us-gov-east-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.us-gov-east-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "us-gov-east-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://portal.sso.us-gov-east-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
{
- "ref": "Region"
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "us-gov-west-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://portal.sso.us-gov-west-1.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
},
- "us-gov-west-1"
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://portal.sso.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
]
}
- ],
- "endpoint": {
- "url": "https://portal.sso.us-gov-west-1.amazonaws.com",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://portal.sso.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ ]
}
]
+ },
+ {
+ "conditions": [],
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -1241,250 +1267,250 @@
"smithy.rules#endpointTests": {
"testCases": [
{
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.us-west-2.amazonaws.com"
+ "url": "https://portal.sso.ap-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-east-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.me-south-1.amazonaws.com"
+ "url": "https://portal.sso.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-1",
"UseDualStack": false,
- "Region": "me-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.eu-south-1.amazonaws.com"
+ "url": "https://portal.sso.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-2",
"UseDualStack": false,
- "Region": "eu-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.sa-east-1.amazonaws.com"
+ "url": "https://portal.sso.ap-northeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-3",
"UseDualStack": false,
- "Region": "sa-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.ap-east-1.amazonaws.com"
+ "url": "https://portal.sso.ap-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-south-1",
"UseDualStack": false,
- "Region": "ap-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.ca-central-1.amazonaws.com"
+ "url": "https://portal.sso.ap-southeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-1",
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.ap-southeast-1.amazonaws.com"
+ "url": "https://portal.sso.ap-southeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-2",
"UseDualStack": false,
- "Region": "ap-southeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.ap-south-1.amazonaws.com"
+ "url": "https://portal.sso.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "ap-south-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.eu-north-1.amazonaws.com"
+ "url": "https://portal.sso.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-central-1",
"UseDualStack": false,
- "Region": "eu-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.ap-southeast-2.amazonaws.com"
+ "url": "https://portal.sso.eu-north-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-north-1",
"UseDualStack": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.us-east-1.amazonaws.com"
+ "url": "https://portal.sso.eu-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-south-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.us-east-2.amazonaws.com"
+ "url": "https://portal.sso.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-1",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.eu-west-1.amazonaws.com"
+ "url": "https://portal.sso.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-2",
"UseDualStack": false,
- "Region": "eu-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.eu-west-2.amazonaws.com"
+ "url": "https://portal.sso.eu-west-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-3",
"UseDualStack": false,
- "Region": "eu-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.eu-west-3.amazonaws.com"
+ "url": "https://portal.sso.me-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "me-south-1",
"UseDualStack": false,
- "Region": "eu-west-3"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.ap-northeast-2.amazonaws.com"
+ "url": "https://portal.sso.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "sa-east-1",
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.ap-northeast-3.amazonaws.com"
+ "url": "https://portal.sso.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "ap-northeast-3"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.ap-northeast-1.amazonaws.com"
+ "url": "https://portal.sso.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.eu-central-1.amazonaws.com"
+ "url": "https://portal.sso.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": false
}
},
{
@@ -1495,9 +1521,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
@@ -1508,9 +1534,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
@@ -1521,191 +1547,204 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.us-gov-west-1.amazonaws.com"
+ "url": "https://portal.sso-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "us-gov-west-1"
+ "Region": "cn-north-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.us-gov-east-1.amazonaws.com"
+ "url": "https://portal.sso-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso-fips.us-gov-east-1.api.aws"
+ "url": "https://portal.sso.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso-fips.us-gov-east-1.amazonaws.com"
+ "url": "https://portal.sso.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.us-gov-east-1.api.aws"
+ "url": "https://portal.sso.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "us-gov-east-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://portal.sso.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://portal.sso-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
+ }
+ },
+ {
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://portal.sso-fips.us-gov-east-1.amazonaws.com"
+ }
+ },
+ "params": {
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://portal.sso.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-east-1",
"UseDualStack": true,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://portal.sso-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://portal.sso.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "us-iso-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.cn-north-1.amazonaws.com.cn"
+ "url": "https://portal.sso-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://portal.sso.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
- "url": "https://portal.sso.us-iso-east-1.c2s.ic.gov"
+ "url": "https://example.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false,
+ "Endpoint": "https://example.com"
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
- "UseFIPS": false,
"UseDualStack": false,
- "Region": "us-east-1",
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -1715,9 +1754,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
"Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true,
"Endpoint": "https://example.com"
}
},
@@ -1727,9 +1766,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
"Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
}
diff --git a/aws/sdk/aws-models/sts.json b/aws/sdk/aws-models/sts.json
index 7780eaf981..915bf2d076 100644
--- a/aws/sdk/aws-models/sts.json
+++ b/aws/sdk/aws-models/sts.json
@@ -115,6 +115,36 @@
"rules": [
{
"conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseGlobalEndpoint"
+ },
+ true
+ ]
+ },
+ {
+ "fn": "not",
+ "argv": [
+ {
+ "fn": "isSet",
+ "argv": [
+ {
+ "ref": "Endpoint"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "isSet",
+ "argv": [
+ {
+ "ref": "Region"
+ }
+ ]
+ },
{
"fn": "aws.partition",
"argv": [
@@ -123,6 +153,24 @@
}
],
"assign": "PartitionResult"
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ false
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseDualStack"
+ },
+ false
+ ]
}
],
"type": "tree",
@@ -130,517 +178,529 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
{
- "ref": "UseGlobalEndpoint"
+ "ref": "Region"
},
- true
+ "ap-northeast-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "Region"
},
- false
+ "ap-south-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "fn": "booleanEquals",
+ "fn": "stringEquals",
"argv": [
{
- "ref": "UseDualStack"
+ "ref": "Region"
},
- false
+ "ap-southeast-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "fn": "not",
+ "fn": "stringEquals",
"argv": [
{
- "fn": "isSet",
- "argv": [
- {
- "ref": "Endpoint"
- }
- ]
- }
+ "ref": "Region"
+ },
+ "ap-southeast-2"
]
}
],
- "type": "tree",
- "rules": [
- {
- "conditions": [
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "ap-northeast-1"
- ]
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
}
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "ap-south-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "aws-global"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "ap-southeast-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "ca-central-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "ap-southeast-2"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "eu-central-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "eu-north-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "ca-central-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "eu-west-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "eu-central-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "eu-west-2"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "eu-north-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "eu-west-3"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "eu-west-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "sa-east-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "eu-west-2"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "us-east-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "eu-west-3"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "us-east-2"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "sa-east-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "us-west-1"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [
{
- "conditions": [
+ "fn": "stringEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "us-east-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "Region"
},
- "headers": {}
- },
- "type": "endpoint"
+ "us-west-2"
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
},
- {
- "conditions": [
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://sts.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {
+ "authSchemes": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "us-east-2"
- ]
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "{Region}"
}
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
+ ]
},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ },
+ {
+ "conditions": [
+ {
+ "fn": "isSet",
+ "argv": [
{
- "conditions": [
+ "ref": "Endpoint"
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
{
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "us-west-1"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
+ "ref": "UseFIPS"
},
- "headers": {}
- },
- "type": "endpoint"
- },
+ true
+ ]
+ }
+ ],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "stringEquals",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Region"
+ "ref": "UseDualStack"
},
- "us-west-2"
+ true
]
}
],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
+ "type": "error"
},
{
"conditions": [],
"endpoint": {
- "url": "https://sts.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "{Region}",
- "signingName": "sts"
- }
- ]
+ "url": {
+ "ref": "Endpoint"
},
+ "properties": {},
"headers": {}
},
"type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
"fn": "isSet",
"argv": [
{
- "ref": "Endpoint"
+ "ref": "Region"
}
]
- },
- {
- "fn": "parseURL",
- "argv": [
- {
- "ref": "Endpoint"
- }
- ],
- "assign": "url"
}
],
"type": "tree",
@@ -648,24 +708,28 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
{
- "ref": "UseFIPS"
- },
- true
- ]
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
- "type": "error"
- },
- {
- "conditions": [],
"type": "tree",
"rules": [
{
"conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ {
+ "ref": "UseFIPS"
+ },
+ true
+ ]
+ },
{
"fn": "booleanEquals",
"argv": [
@@ -676,159 +740,235 @@
]
}
],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
- },
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ "type": "tree",
+ "rules": [
{
- "fn": "getAttr",
- "argv": [
+ "conditions": [
{
- "ref": "PartitionResult"
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
},
- "supportsFIPS"
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://sts-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
},
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsDualStack"
+ true
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ "aws-us-gov",
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "name"
+ ]
+ }
+ ]
+ }
+ ],
+ "endpoint": {
+ "url": "https://sts.{Region}.amazonaws.com",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ },
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://sts-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
]
+ },
+ {
+ "conditions": [],
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://sts-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
{
"conditions": [
{
- "fn": "stringEquals",
+ "fn": "booleanEquals",
"argv": [
- "aws-us-gov",
+ true,
{
"fn": "getAttr",
"argv": [
{
"ref": "PartitionResult"
},
- "name"
+ "supportsDualStack"
]
}
]
}
],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://sts.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "stringEquals",
+ "argv": [
+ {
+ "ref": "Region"
+ },
+ "aws-global"
+ ]
+ }
+ ],
"endpoint": {
- "url": "https://sts.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
+ "url": "https://sts.amazonaws.com",
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
"headers": {}
},
"type": "endpoint"
@@ -836,7 +976,7 @@
{
"conditions": [],
"endpoint": {
- "url": "https://sts-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "url": "https://sts.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -845,1313 +985,31 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- true,
- {
- "fn": "getAttr",
- "argv": [
- {
- "ref": "PartitionResult"
- },
- "supportsDualStack"
- ]
- }
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://sts.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
- ]
- },
- {
- "conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "stringEquals",
- "argv": [
- {
- "ref": "Region"
- },
- "aws-global"
- ]
- }
- ],
- "endpoint": {
- "url": "https://sts.amazonaws.com",
- "properties": {
- "authSchemes": [
- {
- "name": "sigv4",
- "signingRegion": "us-east-1",
- "signingName": "sts"
- }
- ]
- },
- "headers": {}
- },
- "type": "endpoint"
- },
- {
- "conditions": [],
- "endpoint": {
- "url": "https://sts.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
- }
- ]
- }
- ]
- },
- "smithy.rules#endpointTests": {
- "testCases": [
- {
- "documentation": "For region ap-south-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-south-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-south-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-south-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-south-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-south-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-south-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-south-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-south-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-south-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-south-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-south-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-south-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-south-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-south-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-south-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-south-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-south-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-south-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-south-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-south-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-south-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-south-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-south-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-south-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-south-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-south-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-south-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-south-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-south-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-south-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-south-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-south-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-south-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-south-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-south-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-south-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.us-gov-east-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-gov-east-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-gov-east-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-gov-east-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-gov-east-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "us-gov-east-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-gov-east-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "us-gov-east-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region me-central-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.me-central-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "me-central-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region me-central-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.me-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "me-central-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region me-central-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.me-central-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "me-central-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region me-central-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.me-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "me-central-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ca-central-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ca-central-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ca-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ca-central-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ca-central-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ca-central-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ca-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ca-central-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-central-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-central-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-central-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-central-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-central-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-central-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-central-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-iso-west-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.us-iso-west-1.c2s.ic.gov"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-iso-west-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "error": "DualStack is enabled but this partition does not support DualStack"
- },
- "params": {
- "UseFIPS": false,
- "Region": "us-iso-west-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-iso-west-1.c2s.ic.gov"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "us-iso-west-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-central-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-central-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-central-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-central-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-central-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-central-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-central-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-central-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-central-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-central-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-central-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-central-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.us-west-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-west-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.us-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-west-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-west-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "us-west-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "us-west-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.us-west-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-west-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.us-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-west-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-west-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "us-west-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "us-west-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region aws-global with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "properties": {
- "authSchemes": [
- {
- "signingRegion": "us-east-1",
- "signingName": "sts",
- "name": "sigv4"
- }
- ]
- },
- "url": "https://sts.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "aws-global",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.af-south-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "af-south-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.af-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "af-south-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.af-south-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "af-south-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.af-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "af-south-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-north-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-north-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-north-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-north-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-north-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-north-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-north-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-north-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-west-3.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-west-3",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-west-3.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-west-3",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-west-3.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-west-3",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-west-3.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-west-3",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-west-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-west-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-west-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-west-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-west-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-west-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-west-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-west-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-west-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.eu-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "eu-west-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-west-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-west-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.eu-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "eu-west-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-northeast-3.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-northeast-3",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-northeast-3.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-northeast-3",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-northeast-3.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-northeast-3",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-northeast-3.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-northeast-3",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-northeast-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-northeast-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-northeast-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-northeast-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-northeast-2.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-northeast-2",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-northeast-2.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-northeast-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-northeast-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-northeast-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-northeast-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-northeast-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-northeast-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-northeast-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ap-northeast-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ap-northeast-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region me-south-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.me-south-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "me-south-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.me-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "me-south-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.me-south-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "me-south-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.me-south-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "me-south-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region sa-east-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.sa-east-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "sa-east-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.sa-east-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "sa-east-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.sa-east-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "sa-east-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.sa-east-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "sa-east-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ap-east-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-east-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-east-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ap-east-1.amazonaws.com"
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
- },
- "params": {
- "UseFIPS": true,
- "Region": "ap-east-1",
- "UseDualStack": false
- }
- },
+ ]
+ }
+ ]
+ },
+ "smithy.rules#endpointTests": {
+ "testCases": [
{
- "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-east-1.api.aws"
+ "url": "https://sts.af-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-east-1",
- "UseDualStack": true
+ "Region": "af-south-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
@@ -2162,204 +1020,61 @@
}
},
"params": {
- "UseFIPS": false,
"Region": "ap-east-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.cn-north-1.api.amazonwebservices.com.cn"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "cn-north-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.cn-north-1.amazonaws.com.cn"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "cn-north-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.cn-north-1.api.amazonwebservices.com.cn"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "cn-north-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.cn-north-1.amazonaws.com.cn"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "cn-north-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ca-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ca-west-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ca-west-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ca-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.ca-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "ca-west-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region ca-west-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ca-west-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ca-west-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region ca-west-1 with FIPS disabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.ca-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "ca-west-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts-fips.us-gov-west-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-gov-west-1",
- "UseDualStack": true
- }
- },
- {
- "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-gov-west-1.amazonaws.com"
- }
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-gov-west-1",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled",
- "expect": {
- "endpoint": {
- "url": "https://sts.us-gov-west-1.api.aws"
- }
- },
- "params": {
- "UseFIPS": false,
- "Region": "us-gov-west-1",
- "UseDualStack": true
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.us-gov-west-1.amazonaws.com"
+ "url": "https://sts.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "us-gov-west-1",
- "UseDualStack": false
+ "Region": "ap-northeast-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-1.api.aws"
+ "url": "https://sts.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-1",
- "UseDualStack": true
+ "Region": "ap-northeast-2",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-1.amazonaws.com"
+ "url": "https://sts.ap-northeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-1",
- "UseDualStack": false
+ "Region": "ap-northeast-3",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-1.api.aws"
+ "url": "https://sts.ap-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-1",
- "UseDualStack": true
+ "Region": "ap-south-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
@@ -2370,291 +1085,291 @@
}
},
"params": {
- "UseFIPS": false,
"Region": "ap-southeast-1",
- "UseDualStack": false
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-2.api.aws"
+ "url": "https://sts.ap-southeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
"Region": "ap-southeast-2",
- "UseDualStack": true
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-2.amazonaws.com"
+ "url": "https://sts.ap-southeast-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-2",
- "UseDualStack": false
+ "Region": "ap-southeast-3",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled",
+ "documentation": "For region aws-global with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-2.api.aws"
+ "properties": {
+ "authSchemes": [
+ {
+ "name": "sigv4",
+ "signingName": "sts",
+ "signingRegion": "us-east-1"
+ }
+ ]
+ },
+ "url": "https://sts.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-2",
- "UseDualStack": true
+ "Region": "aws-global",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-2.amazonaws.com"
+ "url": "https://sts.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-2",
- "UseDualStack": false
- }
- },
- {
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled",
- "expect": {
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
- },
- "params": {
- "UseFIPS": true,
- "Region": "us-iso-east-1",
- "UseDualStack": true
+ "Region": "ca-central-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://sts.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "us-iso-east-1",
- "UseDualStack": false
+ "Region": "eu-central-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled",
"expect": {
- "error": "DualStack is enabled but this partition does not support DualStack"
+ "endpoint": {
+ "url": "https://sts.eu-north-1.amazonaws.com"
+ }
},
"params": {
- "UseFIPS": false,
- "Region": "us-iso-east-1",
- "UseDualStack": true
+ "Region": "eu-north-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.us-iso-east-1.c2s.ic.gov"
+ "url": "https://sts.eu-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "us-iso-east-1",
- "UseDualStack": false
+ "Region": "eu-south-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack enabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-3.api.aws"
+ "url": "https://sts.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-3",
- "UseDualStack": true
+ "Region": "eu-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-3.amazonaws.com"
+ "url": "https://sts.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-3",
- "UseDualStack": false
+ "Region": "eu-west-2",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack enabled",
+ "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-3.api.aws"
+ "url": "https://sts.eu-west-3.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-3",
- "UseDualStack": true
+ "Region": "eu-west-3",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled",
+ "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-3.amazonaws.com"
+ "url": "https://sts.me-south-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-3",
- "UseDualStack": false
+ "Region": "me-south-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack enabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-4.api.aws"
+ "url": "https://sts.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-4",
- "UseDualStack": true
+ "Region": "sa-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-4.amazonaws.com"
+ "url": "https://sts.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-4",
- "UseDualStack": false
+ "Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-4.api.aws"
+ "url": "https://sts-fips.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-4",
- "UseDualStack": true
+ "Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-4.amazonaws.com"
+ "url": "https://sts.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-4",
- "UseDualStack": false
+ "Region": "us-east-2",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-5 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-5.api.aws"
+ "url": "https://sts-fips.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-5",
- "UseDualStack": true
+ "Region": "us-east-2",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-5 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-5.amazonaws.com"
+ "url": "https://sts.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-5",
- "UseDualStack": false
+ "Region": "us-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-5 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-5.api.aws"
+ "url": "https://sts-fips.us-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-5",
- "UseDualStack": true
+ "Region": "us-west-1",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-5 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-5.amazonaws.com"
+ "url": "https://sts.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-5",
- "UseDualStack": false
+ "Region": "us-west-2",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.us-east-1.api.aws"
+ "url": "https://sts-fips.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "us-east-1",
- "UseDualStack": true
+ "Region": "us-west-2",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.us-east-1.amazonaws.com"
+ "url": "https://sts-fips.us-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
"Region": "us-east-1",
- "UseDualStack": false
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
@@ -2665,239 +1380,243 @@
}
},
"params": {
- "UseFIPS": false,
"Region": "us-east-1",
- "UseDualStack": true
+ "UseDualStack": true,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.us-east-1.amazonaws.com"
+ "url": "https://sts.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
- "Region": "us-east-1",
- "UseDualStack": false
+ "Region": "cn-north-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-6 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-6.api.aws"
+ "url": "https://sts.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-6",
- "UseDualStack": true
+ "Region": "cn-northwest-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-southeast-6 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.ap-southeast-6.amazonaws.com"
+ "url": "https://sts-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
- "Region": "ap-southeast-6",
- "UseDualStack": false
+ "Region": "cn-north-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-6 with FIPS disabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-6.api.aws"
+ "url": "https://sts-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-6",
- "UseDualStack": true
+ "Region": "cn-north-1",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region ap-southeast-6 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://sts.ap-southeast-6.amazonaws.com"
+ "url": "https://sts.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
- "Region": "ap-southeast-6",
- "UseDualStack": false
+ "Region": "cn-north-1",
+ "UseDualStack": true,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.us-east-2.api.aws"
+ "url": "https://sts.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "us-east-2",
- "UseDualStack": true
+ "Region": "us-gov-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.us-east-2.amazonaws.com"
+ "url": "https://sts.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
- "Region": "us-east-2",
- "UseDualStack": false
+ "Region": "us-gov-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.us-east-2.api.aws"
+ "url": "https://sts.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "us-east-2",
- "UseDualStack": true
+ "Region": "us-gov-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.us-east-2.amazonaws.com"
+ "url": "https://sts.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "us-east-2",
- "UseDualStack": false
+ "Region": "us-gov-west-1",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.cn-northwest-1.api.amazonwebservices.com.cn"
+ "url": "https://sts-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
- "Region": "cn-northwest-1",
- "UseDualStack": true
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://sts.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
- "Region": "cn-northwest-1",
- "UseDualStack": false
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.cn-northwest-1.api.amazonwebservices.com.cn"
+ "url": "https://sts.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
- "Region": "cn-northwest-1",
- "UseDualStack": true
+ "Region": "us-iso-east-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://sts.us-iso-west-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
- "Region": "cn-northwest-1",
- "UseDualStack": false
+ "Region": "us-iso-west-1",
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both"
+ "endpoint": {
+ "url": "https://sts-fips.us-iso-east-1.c2s.ic.gov"
+ }
},
"params": {
- "UseFIPS": true,
- "Region": "us-isob-east-1",
- "UseDualStack": true
+ "Region": "us-iso-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://sts-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://sts.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
"Region": "us-isob-east-1",
- "UseDualStack": false
+ "UseDualStack": false,
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
- "error": "DualStack is enabled but this partition does not support DualStack"
+ "endpoint": {
+ "url": "https://sts-fips.us-isob-east-1.sc2s.sgov.gov"
+ }
},
"params": {
- "UseFIPS": false,
"Region": "us-isob-east-1",
- "UseDualStack": true
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
- "url": "https://sts.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://example.com"
}
},
"params": {
+ "Region": "us-east-1",
+ "UseDualStack": false,
"UseFIPS": false,
- "Region": "us-isob-east-1",
- "UseDualStack": false
+ "Endpoint": "https://example.com"
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
- "UseFIPS": false,
- "Region": "us-east-1",
"UseDualStack": false,
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -2907,9 +1626,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
"Region": "us-east-1",
"UseDualStack": false,
+ "UseFIPS": true,
"Endpoint": "https://example.com"
}
},
@@ -2919,9 +1638,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
"Region": "us-east-1",
"UseDualStack": true,
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -2932,9 +1651,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -2951,10 +1670,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "ap-northeast-1",
"UseFIPS": false,
- "Region": "ap-northeast-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -2964,9 +1683,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -2983,10 +1702,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "ap-south-1",
"UseFIPS": false,
- "Region": "ap-south-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -2996,9 +1715,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3015,10 +1734,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "ap-southeast-1",
"UseFIPS": false,
- "Region": "ap-southeast-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3028,9 +1747,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3047,10 +1766,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "ap-southeast-2",
"UseFIPS": false,
- "Region": "ap-southeast-2"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3060,9 +1779,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3079,10 +1798,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "aws-global",
"UseFIPS": false,
- "Region": "aws-global"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3092,9 +1811,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3111,10 +1830,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "ca-central-1",
"UseFIPS": false,
- "Region": "ca-central-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3124,9 +1843,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3143,10 +1862,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "eu-central-1",
"UseFIPS": false,
- "Region": "eu-central-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3156,9 +1875,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3175,10 +1894,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "eu-north-1",
"UseFIPS": false,
- "Region": "eu-north-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3188,9 +1907,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3207,10 +1926,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "eu-west-1",
"UseFIPS": false,
- "Region": "eu-west-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3220,9 +1939,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3239,10 +1958,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "eu-west-2",
"UseFIPS": false,
- "Region": "eu-west-2"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3252,9 +1971,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3271,10 +1990,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "eu-west-3",
"UseFIPS": false,
- "Region": "eu-west-3"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3284,9 +2003,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3303,10 +2022,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "sa-east-1",
"UseFIPS": false,
- "Region": "sa-east-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3316,9 +2035,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3335,10 +2054,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "us-east-1",
"UseFIPS": false,
- "Region": "us-east-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3348,9 +2067,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3367,10 +2086,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "us-east-2",
"UseFIPS": false,
- "Region": "us-east-2"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3380,9 +2099,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3399,10 +2118,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "us-west-1",
"UseFIPS": false,
- "Region": "us-west-1"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3412,9 +2131,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-1",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-1"
}
]
},
@@ -3431,10 +2150,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "us-west-2",
"UseFIPS": false,
- "Region": "us-west-2"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3444,9 +2163,9 @@
"properties": {
"authSchemes": [
{
- "signingRegion": "us-east-3",
+ "name": "sigv4",
"signingName": "sts",
- "name": "sigv4"
+ "signingRegion": "us-east-3"
}
]
},
@@ -3463,10 +2182,10 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
- "UseDualStack": false,
+ "Region": "us-east-3",
"UseFIPS": false,
- "Region": "us-east-3"
+ "UseDualStack": false,
+ "UseGlobalEndpoint": true
}
},
{
@@ -3487,10 +2206,24 @@
}
],
"params": {
- "UseGlobalEndpoint": true,
+ "Region": "us-west-1",
+ "UseFIPS": false,
"UseDualStack": false,
+ "UseGlobalEndpoint": true,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "UseGlobalEndpoint with unset region and custom endpoint",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
"UseFIPS": false,
- "Region": "us-west-1",
+ "UseDualStack": false,
+ "UseGlobalEndpoint": false,
"Endpoint": "https://example.com"
}
}
diff --git a/aws/sdk/aws-models/transcribe-streaming.json b/aws/sdk/aws-models/transcribe-streaming.json
index 9580962c51..93e63cde42 100644
--- a/aws/sdk/aws-models/transcribe-streaming.json
+++ b/aws/sdk/aws-models/transcribe-streaming.json
@@ -2298,7 +2298,7 @@
"parameters": {
"Region": {
"builtIn": "AWS::Region",
- "required": true,
+ "required": false,
"documentation": "The AWS region used to dispatch the request.",
"type": "String"
},
@@ -2327,13 +2327,12 @@
{
"conditions": [
{
- "fn": "aws.partition",
+ "fn": "isSet",
"argv": [
{
- "ref": "Region"
+ "ref": "Endpoint"
}
- ],
- "assign": "PartitionResult"
+ ]
}
],
"type": "tree",
@@ -2341,14 +2340,20 @@
{
"conditions": [
{
- "fn": "isSet",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "Endpoint"
- }
+ "ref": "UseFIPS"
+ },
+ true
]
}
],
+ "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "type": "error"
+ },
+ {
+ "conditions": [],
"type": "tree",
"rules": [
{
@@ -2357,67 +2362,42 @@
"fn": "booleanEquals",
"argv": [
{
- "ref": "UseFIPS"
+ "ref": "UseDualStack"
},
true
]
}
],
- "error": "Invalid Configuration: FIPS and custom endpoint are not supported",
+ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
"type": "error"
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
- },
- true
- ]
- }
- ],
- "error": "Invalid Configuration: Dualstack and custom endpoint are not supported",
- "type": "error"
+ "endpoint": {
+ "url": {
+ "ref": "Endpoint"
},
- {
- "conditions": [],
- "endpoint": {
- "url": {
- "ref": "Endpoint"
- },
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
}
]
- },
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
{
"conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
- },
- true
- ]
- },
- {
- "fn": "booleanEquals",
+ "fn": "isSet",
"argv": [
{
- "ref": "UseDualStack"
- },
- true
+ "ref": "Region"
+ }
]
}
],
@@ -2426,154 +2406,215 @@
{
"conditions": [
{
- "fn": "booleanEquals",
+ "fn": "aws.partition",
"argv": [
- true,
{
- "fn": "getAttr",
+ "ref": "Region"
+ }
+ ],
+ "assign": "PartitionResult"
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
- }
- ]
- },
- {
- "fn": "booleanEquals",
- "argv": [
- true,
+ },
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ },
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://transcribestreaming-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://transcribestreaming-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS and DualStack are enabled, but this partition does not support one or both",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseFIPS"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseFIPS"
},
- "supportsFIPS"
+ true
]
}
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
+ ],
"type": "tree",
"rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsFIPS"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://transcribestreaming-fips.{Region}.{PartitionResult#dnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
{
"conditions": [],
- "endpoint": {
- "url": "https://transcribestreaming-fips.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
+ "error": "FIPS is enabled but this partition does not support FIPS",
+ "type": "error"
}
]
- }
- ]
- },
- {
- "conditions": [],
- "error": "FIPS is enabled but this partition does not support FIPS",
- "type": "error"
- }
- ]
- },
- {
- "conditions": [
- {
- "fn": "booleanEquals",
- "argv": [
- {
- "ref": "UseDualStack"
},
- true
- ]
- }
- ],
- "type": "tree",
- "rules": [
- {
- "conditions": [
{
- "fn": "booleanEquals",
- "argv": [
- true,
+ "conditions": [
{
- "fn": "getAttr",
+ "fn": "booleanEquals",
"argv": [
{
- "ref": "PartitionResult"
+ "ref": "UseDualStack"
},
- "supportsDualStack"
+ true
]
}
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [
+ {
+ "fn": "booleanEquals",
+ "argv": [
+ true,
+ {
+ "fn": "getAttr",
+ "argv": [
+ {
+ "ref": "PartitionResult"
+ },
+ "supportsDualStack"
+ ]
+ }
+ ]
+ }
+ ],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "type": "tree",
+ "rules": [
+ {
+ "conditions": [],
+ "endpoint": {
+ "url": "https://transcribestreaming.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "properties": {},
+ "headers": {}
+ },
+ "type": "endpoint"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "conditions": [],
+ "error": "DualStack is enabled but this partition does not support DualStack",
+ "type": "error"
+ }
]
- }
- ],
- "type": "tree",
- "rules": [
+ },
{
"conditions": [],
"type": "tree",
@@ -2581,7 +2622,7 @@
{
"conditions": [],
"endpoint": {
- "url": "https://transcribestreaming.{Region}.{PartitionResult#dualStackDnsSuffix}",
+ "url": "https://transcribestreaming.{Region}.{PartitionResult#dnsSuffix}",
"properties": {},
"headers": {}
},
@@ -2590,28 +2631,13 @@
]
}
]
- },
- {
- "conditions": [],
- "error": "DualStack is enabled but this partition does not support DualStack",
- "type": "error"
}
]
},
{
"conditions": [],
- "type": "tree",
- "rules": [
- {
- "conditions": [],
- "endpoint": {
- "url": "https://transcribestreaming.{Region}.{PartitionResult#dnsSuffix}",
- "properties": {},
- "headers": {}
- },
- "type": "endpoint"
- }
- ]
+ "error": "Invalid Configuration: Missing Region",
+ "type": "error"
}
]
}
@@ -2620,146 +2646,146 @@
"smithy.rules#endpointTests": {
"testCases": [
{
- "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.ap-southeast-2.amazonaws.com"
+ "url": "https://transcribestreaming.ap-northeast-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-1",
"UseDualStack": false,
- "Region": "ap-southeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.ca-central-1.amazonaws.com"
+ "url": "https://transcribestreaming.ap-northeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-northeast-2",
"UseDualStack": false,
- "Region": "ca-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.sa-east-1.amazonaws.com"
+ "url": "https://transcribestreaming.ap-southeast-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ap-southeast-2",
"UseDualStack": false,
- "Region": "sa-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.us-west-2.amazonaws.com"
+ "url": "https://transcribestreaming.ca-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "ca-central-1",
"UseDualStack": false,
- "Region": "us-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.ap-northeast-1.amazonaws.com"
+ "url": "https://transcribestreaming.eu-central-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-central-1",
"UseDualStack": false,
- "Region": "ap-northeast-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.ap-northeast-2.amazonaws.com"
+ "url": "https://transcribestreaming.eu-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-1",
"UseDualStack": false,
- "Region": "ap-northeast-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.eu-central-1.amazonaws.com"
+ "url": "https://transcribestreaming.eu-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "eu-west-2",
"UseDualStack": false,
- "Region": "eu-central-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.us-east-1.amazonaws.com"
+ "url": "https://transcribestreaming.sa-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "sa-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.eu-west-1.amazonaws.com"
+ "url": "https://transcribestreaming.us-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "eu-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.eu-west-2.amazonaws.com"
+ "url": "https://transcribestreaming.us-east-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-2",
"UseDualStack": false,
- "Region": "eu-west-2"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.us-east-2.amazonaws.com"
+ "url": "https://transcribestreaming.us-west-2.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-west-2",
"UseDualStack": false,
- "Region": "us-east-2"
+ "UseFIPS": false
}
},
{
@@ -2770,9 +2796,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
@@ -2783,9 +2809,9 @@
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-east-1",
"UseDualStack": false,
- "Region": "us-east-1"
+ "UseFIPS": true
}
},
{
@@ -2796,204 +2822,217 @@
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-east-1",
"UseDualStack": true,
- "Region": "us-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.us-gov-west-1.amazonaws.com"
+ "url": "https://transcribestreaming.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-west-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.us-gov-east-1.amazonaws.com"
+ "url": "https://transcribestreaming.cn-northwest-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-northwest-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming-fips.us-gov-east-1.api.aws"
+ "url": "https://transcribestreaming-fips.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming-fips.us-gov-east-1.amazonaws.com"
+ "url": "https://transcribestreaming-fips.cn-north-1.amazonaws.com.cn"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "cn-north-1",
"UseDualStack": false,
- "Region": "us-gov-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.us-gov-east-1.api.aws"
+ "url": "https://transcribestreaming.cn-north-1.api.amazonwebservices.com.cn"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "cn-north-1",
"UseDualStack": true,
- "Region": "us-gov-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming-fips.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://transcribestreaming.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.us-isob-east-1.sc2s.sgov.gov"
+ "url": "https://transcribestreaming.us-gov-west-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-west-1",
"UseDualStack": false,
- "Region": "us-isob-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.cn-northwest-1.amazonaws.com.cn"
+ "url": "https://transcribestreaming-fips.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": false,
- "Region": "cn-northwest-1"
+ "Region": "us-gov-east-1",
+ "UseDualStack": true,
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.cn-north-1.amazonaws.com.cn"
+ "url": "https://transcribestreaming-fips.us-gov-east-1.amazonaws.com"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-gov-east-1",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled",
+ "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming-fips.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://transcribestreaming.us-gov-east-1.api.aws"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-gov-east-1",
"UseDualStack": true,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming-fips.cn-north-1.amazonaws.com.cn"
+ "url": "https://transcribestreaming.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-iso-east-1",
"UseDualStack": false,
- "Region": "cn-north-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled",
+ "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.cn-north-1.api.amazonwebservices.com.cn"
+ "url": "https://transcribestreaming-fips.us-iso-east-1.c2s.ic.gov"
}
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
- "Region": "cn-north-1"
+ "Region": "us-iso-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming.us-iso-east-1.c2s.ic.gov"
+ "url": "https://transcribestreaming-fips.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": false,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": true
}
},
{
- "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled",
+ "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled",
"expect": {
"endpoint": {
- "url": "https://transcribestreaming-fips.us-iso-east-1.c2s.ic.gov"
+ "url": "https://transcribestreaming.us-isob-east-1.sc2s.sgov.gov"
}
},
"params": {
- "UseFIPS": true,
+ "Region": "us-isob-east-1",
"UseDualStack": false,
- "Region": "us-iso-east-1"
+ "UseFIPS": false
}
},
{
- "documentation": "For custom endpoint with fips disabled and dualstack disabled",
+ "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled",
"expect": {
"endpoint": {
"url": "https://example.com"
}
},
"params": {
+ "Region": "us-east-1",
+ "UseDualStack": false,
"UseFIPS": false,
+ "Endpoint": "https://example.com"
+ }
+ },
+ {
+ "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled",
+ "expect": {
+ "endpoint": {
+ "url": "https://example.com"
+ }
+ },
+ "params": {
"UseDualStack": false,
- "Region": "us-east-1",
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
},
@@ -3003,9 +3042,9 @@
"error": "Invalid Configuration: FIPS and custom endpoint are not supported"
},
"params": {
- "UseFIPS": true,
- "UseDualStack": false,
"Region": "us-east-1",
+ "UseDualStack": false,
+ "UseFIPS": true,
"Endpoint": "https://example.com"
}
},
@@ -3015,9 +3054,9 @@
"error": "Invalid Configuration: Dualstack and custom endpoint are not supported"
},
"params": {
- "UseFIPS": false,
- "UseDualStack": true,
"Region": "us-east-1",
+ "UseDualStack": true,
+ "UseFIPS": false,
"Endpoint": "https://example.com"
}
}
diff --git a/aws/sdk/build.gradle.kts b/aws/sdk/build.gradle.kts
index e2b3d0b72b..3596d793dd 100644
--- a/aws/sdk/build.gradle.kts
+++ b/aws/sdk/build.gradle.kts
@@ -52,7 +52,9 @@ dependencies {
// Class and functions for service and protocol membership for SDK generation
-val awsServices: AwsServices by lazy { discoverServices(properties.get("aws.sdk.models.path"), loadServiceMembership()) }
+val awsServices: AwsServices by lazy {
+ discoverServices(properties.get("aws.sdk.models.path"), loadServiceMembership())
+}
val eventStreamAllowList: Set by lazy { eventStreamAllowList() }
val crateVersioner by lazy { aws.sdk.CrateVersioner.defaultFor(rootProject, properties) }
@@ -97,7 +99,9 @@ fun generateSmithyBuild(services: AwsServices): String {
"codegen": {
"includeFluentClient": false,
"renameErrors": false,
- "eventStreamAllowList": [$eventStreamAllowListMembers]
+ "eventStreamAllowList": [$eventStreamAllowListMembers],
+ "enableNewCrateOrganizationScheme": true,
+ "enableNewSmithyRuntime": false
},
"service": "${service.service}",
"module": "$moduleName",
@@ -229,6 +233,7 @@ tasks.register("fixExampleManifests") {
binaryName = "sdk-versioner"
arguments = listOf(
"use-path-and-version-dependencies",
+ "--isolate-crates",
"--sdk-path", "../../sdk",
"--versions-toml", outputDir.resolve("versions.toml").absolutePath,
outputDir.resolve("examples").absolutePath,
diff --git a/aws/sdk/integration-tests/Cargo.toml b/aws/sdk/integration-tests/Cargo.toml
index 406b718a94..286d73a6fb 100644
--- a/aws/sdk/integration-tests/Cargo.toml
+++ b/aws/sdk/integration-tests/Cargo.toml
@@ -2,6 +2,7 @@
# `./gradlew -Paws.fullsdk=true :aws:sdk:assemble` these tests are copied into their respective Service crates.
[workspace]
members = [
+ "aws-smithy-runtime-test",
"dynamodb",
"ec2",
"glacier",
@@ -15,4 +16,5 @@ members = [
"s3control",
"sts",
"transcribestreaming",
+ "using-native-tls-instead-of-rustls",
]
diff --git a/aws/sdk/integration-tests/aws-smithy-runtime-test/Cargo.toml b/aws/sdk/integration-tests/aws-smithy-runtime-test/Cargo.toml
new file mode 100644
index 0000000000..b038527c92
--- /dev/null
+++ b/aws/sdk/integration-tests/aws-smithy-runtime-test/Cargo.toml
@@ -0,0 +1,25 @@
+[package]
+name = "aws-smithy-runtime-test"
+version = "0.1.0"
+edition = "2021"
+publish = false
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+aws-credential-types = { path = "../../build/aws-sdk/sdk/aws-credential-types", features = ["test-util"] }
+aws-config = { path = "../../build/aws-sdk/sdk/aws-config" }
+aws-http = { path = "../../build/aws-sdk/sdk/aws-http" }
+aws-sigv4 = { path = "../../build/aws-sdk/sdk/aws-sigv4" }
+aws-sdk-s3 = { path = "../../build/aws-sdk/sdk/s3" }
+aws-smithy-async = { path = "../../build/aws-sdk/sdk/aws-smithy-async", features = ["rt-tokio"] }
+aws-smithy-client = { path = "../../build/aws-sdk/sdk/aws-smithy-client" }
+aws-smithy-types = { path = "../../build/aws-sdk/sdk/aws-smithy-types" }
+aws-smithy-http = { path = "../../build/aws-sdk/sdk/aws-smithy-http" }
+aws-smithy-runtime = { path = "../../build/aws-sdk/sdk/aws-smithy-runtime" }
+aws-smithy-runtime-api = { path = "../../build/aws-sdk/sdk/aws-smithy-runtime-api" }
+aws-types = { path = "../../build/aws-sdk/sdk/aws-types" }
+tokio = { version = "1.23.1", features = ["macros", "test-util", "rt-multi-thread"] }
+tracing = "0.1.37"
+tracing-subscriber = { version = "0.3.15", features = ["env-filter", "json"] }
+http = "0.2.3"
+http-body = "0.4.5"
diff --git a/aws/sdk/integration-tests/aws-smithy-runtime-test/src/auth.rs b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/auth.rs
new file mode 100644
index 0000000000..632f7957a3
--- /dev/null
+++ b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/auth.rs
@@ -0,0 +1,24 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+use aws_smithy_runtime_api::client::orchestrator::BoxError;
+use aws_smithy_runtime_api::client::runtime_plugin::RuntimePlugin;
+use aws_smithy_runtime_api::config_bag::ConfigBag;
+
+#[derive(Debug)]
+pub struct GetObjectAuthOrc {}
+
+impl GetObjectAuthOrc {
+ pub fn new() -> Self {
+ Self {}
+ }
+}
+
+impl RuntimePlugin for GetObjectAuthOrc {
+ fn configure(&self, _cfg: &mut ConfigBag) -> Result<(), BoxError> {
+ // TODO(orchestrator) put an auth orchestrator in the bag
+ Ok(())
+ }
+}
diff --git a/aws/sdk/integration-tests/aws-smithy-runtime-test/src/conn.rs b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/conn.rs
new file mode 100644
index 0000000000..84350fd7c3
--- /dev/null
+++ b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/conn.rs
@@ -0,0 +1,44 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+use aws_smithy_client::conns::Https;
+use aws_smithy_client::hyper_ext::Adapter;
+use aws_smithy_http::body::SdkBody;
+use aws_smithy_runtime_api::client::orchestrator::{
+ BoxError, BoxFallibleFut, Connection, HttpRequest,
+};
+use aws_smithy_runtime_api::client::runtime_plugin::RuntimePlugin;
+use aws_smithy_runtime_api::config_bag::ConfigBag;
+
+#[derive(Debug)]
+pub struct HyperConnection {
+ _adapter: Adapter,
+}
+
+impl RuntimePlugin for HyperConnection {
+ fn configure(&self, _cfg: &mut ConfigBag) -> Result<(), BoxError> {
+ // TODO(orchestrator) put a connection in the bag
+ Ok(())
+ }
+}
+
+impl HyperConnection {
+ pub fn new() -> Self {
+ Self {
+ _adapter: Adapter::builder().build(aws_smithy_client::conns::https()),
+ }
+ }
+}
+
+impl Connection for HyperConnection {
+ fn call(
+ &self,
+ _req: &mut HttpRequest,
+ _cfg: &ConfigBag,
+ ) -> BoxFallibleFut> {
+ todo!("hyper's connector wants to take ownership of req");
+ // self.adapter.call(req)
+ }
+}
diff --git a/aws/sdk/integration-tests/aws-smithy-runtime-test/src/de.rs b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/de.rs
new file mode 100644
index 0000000000..522889f2e2
--- /dev/null
+++ b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/de.rs
@@ -0,0 +1,35 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+use aws_smithy_runtime_api::client::interceptors::context::OutputOrError;
+use aws_smithy_runtime_api::client::orchestrator::{BoxError, HttpResponse, ResponseDeserializer};
+use aws_smithy_runtime_api::client::runtime_plugin::RuntimePlugin;
+use aws_smithy_runtime_api::config_bag::ConfigBag;
+
+#[derive(Debug)]
+pub struct GetObjectResponseDeserializer {}
+
+impl GetObjectResponseDeserializer {
+ pub fn new() -> Self {
+ Self {}
+ }
+}
+
+impl RuntimePlugin for GetObjectResponseDeserializer {
+ fn configure(&self, _cfg: &mut ConfigBag) -> Result<(), BoxError> {
+ // TODO(orchestrator) put a deserializer in the bag
+ Ok(())
+ }
+}
+
+impl ResponseDeserializer for GetObjectResponseDeserializer {
+ fn deserialize_streaming(&self, _response: &mut HttpResponse) -> Option {
+ todo!()
+ }
+
+ fn deserialize_nonstreaming(&self, _response: &HttpResponse) -> OutputOrError {
+ todo!()
+ }
+}
diff --git a/aws/sdk/integration-tests/aws-smithy-runtime-test/src/endpoints.rs b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/endpoints.rs
new file mode 100644
index 0000000000..0eb3ac40a9
--- /dev/null
+++ b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/endpoints.rs
@@ -0,0 +1,24 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+use aws_smithy_http::event_stream::BoxError;
+use aws_smithy_runtime_api::client::runtime_plugin::RuntimePlugin;
+use aws_smithy_runtime_api::config_bag::ConfigBag;
+
+#[derive(Debug)]
+pub struct GetObjectEndpointOrc {}
+
+impl GetObjectEndpointOrc {
+ pub fn new() -> Self {
+ Self {}
+ }
+}
+
+impl RuntimePlugin for GetObjectEndpointOrc {
+ fn configure(&self, _cfg: &mut ConfigBag) -> Result<(), BoxError> {
+ // TODO(orchestrator) put an endpoint orchestrator in the bag
+ Ok(())
+ }
+}
diff --git a/aws/sdk/integration-tests/aws-smithy-runtime-test/src/interceptors.rs b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/interceptors.rs
new file mode 100644
index 0000000000..fd4c8649c0
--- /dev/null
+++ b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/interceptors.rs
@@ -0,0 +1,103 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+// type TxReq = http::Request;
+// type TxRes = http::Response;
+//
+// pub struct SigV4SigningConfigInterceptor {
+// pub signing_service: &'static str,
+// pub signing_region: Option,
+// }
+
+// // Mount the interceptors
+// let mut interceptors = Interceptors::new();
+// let sig_v4_signing_config_interceptor = SigV4SigningConfigInterceptor {
+// signing_region: service_config.region.clone(),
+// signing_service: service_config.signing_service(),
+// };
+// let credentials_cache_interceptor = CredentialsCacheInterceptor {
+// shared_credentials_cache: service_config.credentials_cache.clone(),
+// };
+// let checksum_interceptor = ChecksumInterceptor {
+// checksum_mode: input.checksum_mode().cloned(),
+// };
+// interceptors
+// .with_interceptor(sig_v4_signing_config_interceptor)
+// .with_interceptor(credentials_cache_interceptor)
+// .with_interceptor(checksum_interceptor);
+
+// let token_bucket = Box::new(standard::TokenBucket::builder().max_tokens(500).build());
+//
+// impl Interceptor for SigV4SigningConfigInterceptor {
+// fn modify_before_signing(
+// &mut self,
+// context: &mut InterceptorContext,
+// ) -> Result<(), InterceptorError> {
+// let mut props = context.properties_mut();
+//
+// let mut signing_config = OperationSigningConfig::default_config();
+// signing_config.signing_options.content_sha256_header = true;
+// signing_config.signing_options.double_uri_encode = false;
+// signing_config.signing_options.normalize_uri_path = false;
+// props.insert(signing_config);
+// props.insert(aws_types::SigningService::from_static(self.signing_service));
+//
+// if let Some(signing_region) = self.signing_region.as_ref() {
+// props.insert(aws_types::region::SigningRegion::from(
+// signing_region.clone(),
+// ));
+// }
+//
+// Ok(())
+// }
+// }
+//
+// pub struct CredentialsCacheInterceptor {
+// pub shared_credentials_cache: SharedCredentialsCache,
+// }
+//
+// impl Interceptor for CredentialsCacheInterceptor {
+// fn modify_before_signing(
+// &mut self,
+// context: &mut InterceptorContext,
+// ) -> Result<(), InterceptorError> {
+// match self
+// .shared_credentials_cache
+// .as_ref()
+// .provide_cached_credentials()
+// .now_or_never()
+// {
+// Some(Ok(creds)) => {
+// context.properties_mut().insert(creds);
+// }
+// // ignore the case where there is no credentials cache wired up
+// Some(Err(CredentialsError::CredentialsNotLoaded { .. })) => {
+// tracing::info!("credentials cache returned CredentialsNotLoaded, ignoring")
+// }
+// // if we get another error class, there is probably something actually wrong that the user will
+// // want to know about
+// Some(Err(other)) => return Err(InterceptorError::ModifyBeforeSigning(other.into())),
+// None => unreachable!("fingers crossed that creds are always available"),
+// }
+//
+// Ok(())
+// }
+// }
+//
+// pub struct ChecksumInterceptor {
+// pub checksum_mode: Option,
+// }
+//
+// impl Interceptor for ChecksumInterceptor {
+// fn modify_before_serialization(
+// &mut self,
+// context: &mut InterceptorContext,
+// ) -> Result<(), InterceptorError> {
+// let mut props = context.properties_mut();
+// props.insert(self.checksum_mode.clone());
+//
+// Ok(())
+// }
+// }
diff --git a/aws/sdk/integration-tests/aws-smithy-runtime-test/src/main.rs b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/main.rs
new file mode 100644
index 0000000000..7309a4caae
--- /dev/null
+++ b/aws/sdk/integration-tests/aws-smithy-runtime-test/src/main.rs
@@ -0,0 +1,70 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+mod auth;
+mod conn;
+mod de;
+mod endpoints;
+mod interceptors;
+mod retry;
+mod ser;
+
+use aws_sdk_s3::operation::get_object::{GetObjectError, GetObjectInput, GetObjectOutput};
+use aws_sdk_s3::types::ChecksumMode;
+use aws_smithy_runtime::client::orchestrator::invoke;
+use aws_smithy_runtime_api::client::interceptors::Interceptors;
+use aws_smithy_runtime_api::client::orchestrator::{BoxError, HttpRequest, HttpResponse};
+use aws_smithy_runtime_api::client::runtime_plugin::RuntimePlugins;
+use aws_smithy_runtime_api::config_bag::ConfigBag;
+use aws_smithy_runtime_api::type_erasure::TypedBox;
+
+#[tokio::main]
+async fn main() -> Result<(), BoxError> {
+ tracing_subscriber::fmt::init();
+
+ // Create the config we'll need to send the request + the request itself
+ let sdk_config = aws_config::load_from_env().await;
+ let _service_config = aws_sdk_s3::Config::from(&sdk_config);
+
+ let input = TypedBox::new(
+ GetObjectInput::builder()
+ .bucket("zhessler-test-bucket")
+ .key("1000-lines.txt")
+ .checksum_mode(ChecksumMode::Enabled)
+ .build()?,
+ )
+ .erase();
+
+ let mut runtime_plugins = RuntimePlugins::new();
+
+ // TODO(smithy-orchestrator-codegen) Make it so these are added by default for S3
+ runtime_plugins
+ .with_client_plugin(auth::GetObjectAuthOrc::new())
+ .with_client_plugin(conn::HyperConnection::new())
+ // TODO(smithy-orchestrator-codegen) Make it so these are added by default for this S3 operation
+ .with_operation_plugin(endpoints::GetObjectEndpointOrc::new())
+ .with_operation_plugin(retry::GetObjectRetryStrategy::new())
+ .with_operation_plugin(de::GetObjectResponseDeserializer::new())
+ .with_operation_plugin(ser::GetObjectInputSerializer::new());
+
+ let mut cfg = ConfigBag::base();
+ let mut interceptors: Interceptors