From a71bedc4631d51d50f3839a59436643fb9136029 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Wed, 23 Aug 2023 13:37:05 -0400 Subject: [PATCH 01/17] Modify and Merge http cred provider logic to allow link-local urls --- aws/defaults/defaults.go | 56 +++++++++++++++++++++++++++++++---- aws/defaults/defaults_test.go | 3 +- 2 files changed, 53 insertions(+), 6 deletions(-) diff --git a/aws/defaults/defaults.go b/aws/defaults/defaults.go index 23bb639e018..0fb571aa91f 100644 --- a/aws/defaults/defaults.go +++ b/aws/defaults/defaults.go @@ -8,6 +8,7 @@ package defaults import ( + "encoding/json" "fmt" "net" "net/http" @@ -113,8 +114,11 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro } const ( + httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN" httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI" + ECSContainerHost = "169.254.170.2" + EKSContainerHost = "169.254.170.23" ) // RemoteCredProvider returns a credentials provider for the default remote @@ -154,6 +158,15 @@ func isLoopbackHost(host string) (bool, error) { return true, nil } +// isAllowedHost allows host to be loopback host,ECS container host 169.254.170.2 +// and EKS container host 169.254.170.23 +func isAllowedHost(host string) (bool, error) { + if host == ECSContainerHost || host == EKSContainerHost { + return true, nil + } + return isLoopbackHost(host) +} + func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { var errMsg string @@ -164,10 +177,12 @@ func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) host := aws.URLHostname(parsed) if len(host) == 0 { errMsg = "unable to parse host from local HTTP cred provider URL" - } else if isLoopback, loopbackErr := isLoopbackHost(host); loopbackErr != nil { - errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, loopbackErr) - } else if !isLoopback { - errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback hosts are allowed.", host) + } else if parsed.Scheme == "http" { + if isAllowedHost, allowHostErr := isAllowedHost(host); allowHostErr != nil { + errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, allowHostErr) + } else if !isAllowedHost { + errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback/ecs/eks hosts are allowed.", host) + } } } @@ -184,11 +199,42 @@ func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) return httpCredProvider(cfg, handlers, u) } +type authTokenFile struct { + Content string `json:"content"` +} + func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { + var authToken string + var errMsg string + var err error + + if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { + var tokenFile authTokenFile + var contents []byte + if contents, err = os.ReadFile(authFilePath); err != nil { + errMsg = fmt.Sprintf("failed to read authorization token from %v: %v", authFilePath, err) + } else if err = json.Unmarshal(contents, &tokenFile); err != nil { + errMsg = fmt.Sprintf("failed to unmashal the token file: %v", err) + } + authToken = tokenFile.Content + } else { + authToken = os.Getenv(httpProviderAuthorizationEnvVar) + } + + if errMsg != "" { + if cfg.Logger != nil { + cfg.Logger.Log("Ignoring, HTTP credential provider", errMsg, err) + } + return credentials.ErrorProvider{ + Err: awserr.New("CredentialsEndpointError", errMsg, err), + ProviderName: endpointcreds.ProviderName, + } + } + return endpointcreds.NewProviderClient(cfg, handlers, u, func(p *endpointcreds.Provider) { p.ExpiryWindow = 5 * time.Minute - p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar) + p.AuthorizationToken = authToken }, ) } diff --git a/aws/defaults/defaults_test.go b/aws/defaults/defaults_test.go index 2ab6ec24607..6947eb76e76 100644 --- a/aws/defaults/defaults_test.go +++ b/aws/defaults/defaults_test.go @@ -49,7 +49,8 @@ func TestHTTPCredProvider(t *testing.T) { {Host: "127.1.1.1", Fail: false}, {Host: "[::1]", Fail: false}, {Host: "www.example.com", Fail: true}, - {Host: "169.254.170.2", Fail: true}, + {Host: "169.254.170.2", Fail: false}, + {Host: "169.254.170.23", Fail: false}, {Host: "localhost", Fail: false, AuthToken: "Basic abc123"}, } From f08fc0b9abd73849a7a7fe02f3a9d116efb56295 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Wed, 23 Aug 2023 13:44:50 -0400 Subject: [PATCH 02/17] Add and Merge changelog for last commit --- CHANGELOG_PENDING.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md index 8a1927a39ca..a2d773d3ba5 100644 --- a/CHANGELOG_PENDING.md +++ b/CHANGELOG_PENDING.md @@ -3,3 +3,5 @@ ### SDK Enhancements ### SDK Bugs +* `aws/defaults`: Modify http credential provider resolving logic to allow EKS/ECS container host and auth token file. + * Fixes http cred provider only allows local hosts endpoint and auth token directly set in env var \ No newline at end of file From f4f3fc72b11d0aa79d112acaf06a45d313ba62c6 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Wed, 23 Aug 2023 14:42:03 -0400 Subject: [PATCH 03/17] Modify and Merge http cred provider resolving auth token file --- aws/defaults/defaults.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/aws/defaults/defaults.go b/aws/defaults/defaults.go index 0fb571aa91f..58ef3e8aad0 100644 --- a/aws/defaults/defaults.go +++ b/aws/defaults/defaults.go @@ -10,6 +10,7 @@ package defaults import ( "encoding/json" "fmt" + "io/ioutil" "net" "net/http" "net/url" @@ -211,7 +212,7 @@ func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) crede if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { var tokenFile authTokenFile var contents []byte - if contents, err = os.ReadFile(authFilePath); err != nil { + if contents, err = ioutil.ReadFile(authFilePath); err != nil { errMsg = fmt.Sprintf("failed to read authorization token from %v: %v", authFilePath, err) } else if err = json.Unmarshal(contents, &tokenFile); err != nil { errMsg = fmt.Sprintf("failed to unmashal the token file: %v", err) From b4fc961562e1219e8a5113b4e61c622b87c5c167 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Wed, 23 Aug 2023 15:52:18 -0400 Subject: [PATCH 04/17] Modify and Merge changelog --- CHANGELOG_PENDING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md index a2d773d3ba5..b24b0d10e85 100644 --- a/CHANGELOG_PENDING.md +++ b/CHANGELOG_PENDING.md @@ -4,4 +4,4 @@ ### SDK Bugs * `aws/defaults`: Modify http credential provider resolving logic to allow EKS/ECS container host and auth token file. - * Fixes http cred provider only allows local hosts endpoint and auth token directly set in env var \ No newline at end of file + * Fix http cred provider only allows local hosts endpoint and auth token directly set in env var \ No newline at end of file From d5735f714b3d4308dfce1fc33bb36eadf43cc2df Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Thu, 24 Aug 2023 00:08:07 -0400 Subject: [PATCH 05/17] Modify and Merge auth token file retrieve logic --- aws/defaults/defaults.go | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/aws/defaults/defaults.go b/aws/defaults/defaults.go index 58ef3e8aad0..83e40c34737 100644 --- a/aws/defaults/defaults.go +++ b/aws/defaults/defaults.go @@ -8,7 +8,6 @@ package defaults import ( - "encoding/json" "fmt" "io/ioutil" "net" @@ -200,24 +199,17 @@ func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) return httpCredProvider(cfg, handlers, u) } -type authTokenFile struct { - Content string `json:"content"` -} - func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { var authToken string var errMsg string var err error if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { - var tokenFile authTokenFile var contents []byte if contents, err = ioutil.ReadFile(authFilePath); err != nil { errMsg = fmt.Sprintf("failed to read authorization token from %v: %v", authFilePath, err) - } else if err = json.Unmarshal(contents, &tokenFile); err != nil { - errMsg = fmt.Sprintf("failed to unmashal the token file: %v", err) } - authToken = tokenFile.Content + authToken = string(contents) } else { authToken = os.Getenv(httpProviderAuthorizationEnvVar) } From 0be20aeb6089a11bb09803f313718b9a3baf6f47 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Thu, 24 Aug 2023 15:41:09 -0400 Subject: [PATCH 06/17] Modify and Merge http cred provider logic --- aws/credentials/endpointcreds/provider.go | 57 ++++++++++++++++------- aws/defaults/defaults.go | 51 ++++++-------------- 2 files changed, 55 insertions(+), 53 deletions(-) diff --git a/aws/credentials/endpointcreds/provider.go b/aws/credentials/endpointcreds/provider.go index 785f30d8e6c..ea1f50f8f53 100644 --- a/aws/credentials/endpointcreds/provider.go +++ b/aws/credentials/endpointcreds/provider.go @@ -7,30 +7,37 @@ // // Static credentials will never expire once they have been retrieved. The format // of the static credentials response: -// { -// "AccessKeyId" : "MUA...", -// "SecretAccessKey" : "/7PC5om....", -// } +// +// { +// "AccessKeyId" : "MUA...", +// "SecretAccessKey" : "/7PC5om....", +// } // // Refreshable credentials will expire within the "ExpiryWindow" of the Expiration // value in the response. The format of the refreshable credentials response: -// { -// "AccessKeyId" : "MUA...", -// "SecretAccessKey" : "/7PC5om....", -// "Token" : "AQoDY....=", -// "Expiration" : "2016-02-25T06:03:31Z" -// } +// +// { +// "AccessKeyId" : "MUA...", +// "SecretAccessKey" : "/7PC5om....", +// "Token" : "AQoDY....=", +// "Expiration" : "2016-02-25T06:03:31Z" +// } // // Errors should be returned in the following format and only returned with 400 // or 500 HTTP status codes. -// { -// "code": "ErrorCode", -// "message": "Helpful error message." -// } +// +// { +// "code": "ErrorCode", +// "message": "Helpful error message." +// } package endpointcreds import ( "encoding/json" + "fmt" + "io/ioutil" + "os" + "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -43,7 +50,10 @@ import ( ) // ProviderName is the name of the credentials provider. -const ProviderName = `CredentialsEndpointProvider` +const ( + ProviderName = `CredentialsEndpointProvider` + httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" +) // Provider satisfies the credentials.Provider interface, and is a client to // retrieve credentials from an arbitrary endpoint. @@ -164,7 +174,22 @@ func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error req := p.Client.NewRequest(op, nil, out) req.SetContext(ctx) req.HTTPRequest.Header.Set("Accept", "application/json") - if authToken := p.AuthorizationToken; len(authToken) != 0 { + + authToken := p.AuthorizationToken + var err error + + if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { + var contents []byte + if contents, err = ioutil.ReadFile(authFilePath); err != nil { + return &getCredentialsOutput{}, fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) + } + authToken = string(contents) + } + + if strings.ContainsAny(authToken, "\r\n") { + return &getCredentialsOutput{}, fmt.Errorf("authorization token contains invalid newline sequence") + } + if len(authToken) != 0 { req.HTTPRequest.Header.Set("Authorization", authToken) } diff --git a/aws/defaults/defaults.go b/aws/defaults/defaults.go index 83e40c34737..48795e0ebbc 100644 --- a/aws/defaults/defaults.go +++ b/aws/defaults/defaults.go @@ -9,7 +9,6 @@ package defaults import ( "fmt" - "io/ioutil" "net" "net/http" "net/url" @@ -114,7 +113,6 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro } const ( - httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN" httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI" ECSContainerHost = "169.254.170.2" @@ -138,10 +136,11 @@ func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.P var lookupHostFn = net.LookupHost -func isLoopbackHost(host string) (bool, error) { - ip := net.ParseIP(host) - if ip != nil { - return ip.IsLoopback(), nil +// isAllowedHost allows host to be loopback host,ECS container host 169.254.170.2 +// and EKS container host 169.254.170.23 +func isAllowedHost(host string) (bool, error) { + if isHostAllowed(host) { + return true, nil } // Host is not an ip, perform lookup @@ -150,7 +149,7 @@ func isLoopbackHost(host string) (bool, error) { return false, err } for _, addr := range addrs { - if !net.ParseIP(addr).IsLoopback() { + if !isHostAllowed(addr) { return false, nil } } @@ -158,13 +157,15 @@ func isLoopbackHost(host string) (bool, error) { return true, nil } -// isAllowedHost allows host to be loopback host,ECS container host 169.254.170.2 -// and EKS container host 169.254.170.23 -func isAllowedHost(host string) (bool, error) { +func isHostAllowed(host string) bool { if host == ECSContainerHost || host == EKSContainerHost { - return true, nil + return true } - return isLoopbackHost(host) + ip := net.ParseIP(host) + if ip != nil { + return ip.IsLoopback() + } + return false } func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { @@ -200,34 +201,10 @@ func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) } func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { - var authToken string - var errMsg string - var err error - - if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { - var contents []byte - if contents, err = ioutil.ReadFile(authFilePath); err != nil { - errMsg = fmt.Sprintf("failed to read authorization token from %v: %v", authFilePath, err) - } - authToken = string(contents) - } else { - authToken = os.Getenv(httpProviderAuthorizationEnvVar) - } - - if errMsg != "" { - if cfg.Logger != nil { - cfg.Logger.Log("Ignoring, HTTP credential provider", errMsg, err) - } - return credentials.ErrorProvider{ - Err: awserr.New("CredentialsEndpointError", errMsg, err), - ProviderName: endpointcreds.ProviderName, - } - } - return endpointcreds.NewProviderClient(cfg, handlers, u, func(p *endpointcreds.Provider) { p.ExpiryWindow = 5 * time.Minute - p.AuthorizationToken = authToken + p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar) }, ) } From 4755c8910298d479161eb6440afb8deb2a390a51 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Thu, 24 Aug 2023 16:09:58 -0400 Subject: [PATCH 07/17] Modify and Merge http cred provider syntax --- aws/credentials/endpointcreds/provider.go | 4 +--- aws/defaults/defaults.go | 6 +++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/aws/credentials/endpointcreds/provider.go b/aws/credentials/endpointcreds/provider.go index ea1f50f8f53..95cfcd4a45f 100644 --- a/aws/credentials/endpointcreds/provider.go +++ b/aws/credentials/endpointcreds/provider.go @@ -7,7 +7,6 @@ // // Static credentials will never expire once they have been retrieved. The format // of the static credentials response: -// // { // "AccessKeyId" : "MUA...", // "SecretAccessKey" : "/7PC5om....", @@ -15,7 +14,6 @@ // // Refreshable credentials will expire within the "ExpiryWindow" of the Expiration // value in the response. The format of the refreshable credentials response: -// // { // "AccessKeyId" : "MUA...", // "SecretAccessKey" : "/7PC5om....", @@ -25,7 +23,7 @@ // // Errors should be returned in the following format and only returned with 400 // or 500 HTTP status codes. -// + // { // "code": "ErrorCode", // "message": "Helpful error message." diff --git a/aws/defaults/defaults.go b/aws/defaults/defaults.go index 48795e0ebbc..0e2bc6b4fa1 100644 --- a/aws/defaults/defaults.go +++ b/aws/defaults/defaults.go @@ -115,8 +115,8 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro const ( httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN" httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI" - ECSContainerHost = "169.254.170.2" - EKSContainerHost = "169.254.170.23" + ecsContainerHost = "169.254.170.2" + eksContainerHost = "169.254.170.23" ) // RemoteCredProvider returns a credentials provider for the default remote @@ -158,7 +158,7 @@ func isAllowedHost(host string) (bool, error) { } func isHostAllowed(host string) bool { - if host == ECSContainerHost || host == EKSContainerHost { + if host == ecsContainerHost || host == eksContainerHost { return true } ip := net.ParseIP(host) From ecfb8f515e35dd1b12d03488cf04a12ce4071fe4 Mon Sep 17 00:00:00 2001 From: aws-sdk-go-automation <43143561+aws-sdk-go-automation@users.noreply.github.com> Date: Fri, 25 Aug 2023 14:23:23 -0400 Subject: [PATCH 08/17] Release v1.44.332 (2023-08-25) (#4965) Release v1.44.332 (2023-08-25) === ### Service Client Updates * `service/cloudtrail`: Updates service API and documentation * Add ThrottlingException with error code 429 to handle CloudTrail Delegated Admin request rate exceeded on organization resources. * `service/detective`: Updates service API * `service/monitoring`: Updates service documentation * Doc-only update to get doc bug fixes into the SDK docs --- CHANGELOG.md | 10 +++ aws/endpoints/defaults.go | 15 ++++ aws/version.go | 2 +- models/apis/cloudtrail/2013-11-01/api-2.json | 20 ++++- models/apis/cloudtrail/2013-11-01/docs-2.json | 5 ++ models/apis/detective/2018-10-26/api-2.json | 6 +- models/apis/monitoring/2010-08-01/docs-2.json | 6 +- models/endpoints/endpoints.json | 5 ++ service/cloudtrail/api.go | 88 +++++++++++++++++++ service/cloudtrail/errors.go | 7 ++ service/cloudwatch/api.go | 6 +- service/detective/api.go | 18 +++- 12 files changed, 173 insertions(+), 15 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d8f0f44a2b4..532f671131e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +Release v1.44.332 (2023-08-25) +=== + +### Service Client Updates +* `service/cloudtrail`: Updates service API and documentation + * Add ThrottlingException with error code 429 to handle CloudTrail Delegated Admin request rate exceeded on organization resources. +* `service/detective`: Updates service API +* `service/monitoring`: Updates service documentation + * Doc-only update to get doc bug fixes into the SDK docs + Release v1.44.331 (2023-08-24) === diff --git a/aws/endpoints/defaults.go b/aws/endpoints/defaults.go index 5b78f6d95d0..426f369db9e 100644 --- a/aws/endpoints/defaults.go +++ b/aws/endpoints/defaults.go @@ -11032,6 +11032,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -12606,6 +12609,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -13504,6 +13510,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -24671,6 +24680,9 @@ var awsPartition = partition{ Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -26117,6 +26129,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, diff --git a/aws/version.go b/aws/version.go index a4421da7a8a..9440ea6c375 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.331" +const SDKVersion = "1.44.332" diff --git a/models/apis/cloudtrail/2013-11-01/api-2.json b/models/apis/cloudtrail/2013-11-01/api-2.json index 5b04198a670..2ab80280308 100644 --- a/models/apis/cloudtrail/2013-11-01/api-2.json +++ b/models/apis/cloudtrail/2013-11-01/api-2.json @@ -154,7 +154,8 @@ {"shape":"OrganizationNotInAllFeaturesModeException"}, {"shape":"NoManagementAccountSLRExistsException"}, {"shape":"CloudTrailInvalidClientTokenIdException"}, - {"shape":"ConflictException"} + {"shape":"ConflictException"}, + {"shape":"ThrottlingException"} ], "idempotent":true }, @@ -227,6 +228,7 @@ {"shape":"InvalidTrailNameException"}, {"shape":"CloudTrailARNInvalidException"}, {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, {"shape":"InvalidHomeRegionException"}, {"shape":"UnsupportedOperationException"}, {"shape":"OperationNotPermittedException"}, @@ -377,7 +379,8 @@ {"shape":"UnsupportedOperationException"}, {"shape":"OperationNotPermittedException"}, {"shape":"InsightNotEnabledException"}, - {"shape":"NoManagementAccountSLRExistsException"} + {"shape":"NoManagementAccountSLRExistsException"}, + {"shape":"ThrottlingException"} ], "idempotent":true }, @@ -630,6 +633,7 @@ {"shape":"InvalidHomeRegionException"}, {"shape":"InvalidEventSelectorsException"}, {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, {"shape":"UnsupportedOperationException"}, {"shape":"OperationNotPermittedException"}, {"shape":"NotOrganizationMasterAccountException"}, @@ -659,7 +663,8 @@ {"shape":"UnsupportedOperationException"}, {"shape":"OperationNotPermittedException"}, {"shape":"NotOrganizationMasterAccountException"}, - {"shape":"NoManagementAccountSLRExistsException"} + {"shape":"NoManagementAccountSLRExistsException"}, + {"shape":"ThrottlingException"} ], "idempotent":true }, @@ -813,6 +818,7 @@ "errors":[ {"shape":"CloudTrailARNInvalidException"}, {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, {"shape":"TrailNotFoundException"}, {"shape":"InvalidTrailNameException"}, {"shape":"InvalidHomeRegionException"}, @@ -899,6 +905,7 @@ {"shape":"InvalidTrailNameException"}, {"shape":"CloudTrailARNInvalidException"}, {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, {"shape":"InvalidHomeRegionException"}, {"shape":"UnsupportedOperationException"}, {"shape":"OperationNotPermittedException"}, @@ -984,6 +991,7 @@ {"shape":"InvalidEventSelectorsException"}, {"shape":"CloudTrailARNInvalidException"}, {"shape":"ConflictException"}, + {"shape":"ThrottlingException"}, {"shape":"InvalidParameterCombinationException"}, {"shape":"InvalidHomeRegionException"}, {"shape":"KmsKeyNotFoundException"}, @@ -2855,6 +2863,12 @@ "max":200 }, "TerminationProtectionEnabled":{"type":"boolean"}, + "ThrottlingException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, "Trail":{ "type":"structure", "members":{ diff --git a/models/apis/cloudtrail/2013-11-01/docs-2.json b/models/apis/cloudtrail/2013-11-01/docs-2.json index 167256eeffa..420fb79ffe1 100644 --- a/models/apis/cloudtrail/2013-11-01/docs-2.json +++ b/models/apis/cloudtrail/2013-11-01/docs-2.json @@ -1774,6 +1774,11 @@ "UpdateEventDataStoreResponse$TerminationProtectionEnabled": "

Indicates whether termination protection is enabled for the event data store.

" } }, + "ThrottlingException": { + "base": "

This exception is thrown when the request rate exceeds the limit.

", + "refs": { + } + }, "Trail": { "base": "

The settings for a trail.

", "refs": { diff --git a/models/apis/detective/2018-10-26/api-2.json b/models/apis/detective/2018-10-26/api-2.json index d9f65e000b4..2149bf15135 100644 --- a/models/apis/detective/2018-10-26/api-2.json +++ b/models/apis/detective/2018-10-26/api-2.json @@ -613,12 +613,14 @@ "type":"string", "max":64, "min":1, - "pattern":"^.+@(?:(?:(?!-)[A-Za-z0-9-]{1,62})?[A-Za-z0-9]{1}\\.)+[A-Za-z]{2,63}$" + "pattern":"^.+@(?:(?:(?!-)[A-Za-z0-9-]{1,62})?[A-Za-z0-9]{1}\\.)+[A-Za-z]{2,63}$", + "sensitive":true }, "EmailMessage":{ "type":"string", "max":1000, - "min":1 + "min":1, + "sensitive":true }, "EnableOrganizationAdminAccountRequest":{ "type":"structure", diff --git a/models/apis/monitoring/2010-08-01/docs-2.json b/models/apis/monitoring/2010-08-01/docs-2.json index 94ce8f7c6e5..698c4cd812f 100644 --- a/models/apis/monitoring/2010-08-01/docs-2.json +++ b/models/apis/monitoring/2010-08-01/docs-2.json @@ -165,7 +165,7 @@ "GetMetricStreamOutput$FirehoseArn": "

The ARN of the Amazon Kinesis Data Firehose delivery stream that is used by this metric stream.

", "GetMetricStreamOutput$RoleArn": "

The ARN of the IAM role that is used by this metric stream.

", "ListManagedInsightRulesInput$ResourceARN": "

The ARN of an Amazon Web Services resource that has managed Contributor Insights rules.

", - "ListTagsForResourceInput$ResourceARN": "

The ARN of the CloudWatch resource that you want to view tags for.

The ARN format of an alarm is arn:aws:cloudwatch:Region:account-id:alarm:alarm-name

The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule:insight-rule-name

For more information about ARN format, see Resource Types Defined by Amazon CloudWatch in the Amazon Web Services General Reference.

", + "ListTagsForResourceInput$ResourceARN": "

The ARN of the CloudWatch resource that you want to view tags for.

The ARN format of an alarm is arn:aws:cloudwatch:Region:account-id:alarm:alarm-name

The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule/insight-rule-name

For more information about ARN format, see Resource Types Defined by Amazon CloudWatch in the Amazon Web Services General Reference.

", "ManagedRule$ResourceARN": "

The ARN of an Amazon Web Services resource that has managed Contributor Insights rules.

", "ManagedRuleDescription$ResourceARN": "

If a managed rule is enabled, this is the ARN for the related Amazon Web Services resource.

", "MetricStreamEntry$Arn": "

The ARN of the metric stream.

", @@ -173,8 +173,8 @@ "PutMetricStreamInput$FirehoseArn": "

The ARN of the Amazon Kinesis Data Firehose delivery stream to use for this metric stream. This Amazon Kinesis Data Firehose delivery stream must already exist and must be in the same account as the metric stream.

", "PutMetricStreamInput$RoleArn": "

The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Data Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the following permissions:

  • firehose:PutRecord

  • firehose:PutRecordBatch

", "PutMetricStreamOutput$Arn": "

The ARN of the metric stream.

", - "TagResourceInput$ResourceARN": "

The ARN of the CloudWatch resource that you're adding tags to.

The ARN format of an alarm is arn:aws:cloudwatch:Region:account-id:alarm:alarm-name

The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule:insight-rule-name

For more information about ARN format, see Resource Types Defined by Amazon CloudWatch in the Amazon Web Services General Reference.

", - "UntagResourceInput$ResourceARN": "

The ARN of the CloudWatch resource that you're removing tags from.

The ARN format of an alarm is arn:aws:cloudwatch:Region:account-id:alarm:alarm-name

The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule:insight-rule-name

For more information about ARN format, see Resource Types Defined by Amazon CloudWatch in the Amazon Web Services General Reference.

" + "TagResourceInput$ResourceARN": "

The ARN of the CloudWatch resource that you're adding tags to.

The ARN format of an alarm is arn:aws:cloudwatch:Region:account-id:alarm:alarm-name

The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule/insight-rule-name

For more information about ARN format, see Resource Types Defined by Amazon CloudWatch in the Amazon Web Services General Reference.

", + "UntagResourceInput$ResourceARN": "

The ARN of the CloudWatch resource that you're removing tags from.

The ARN format of an alarm is arn:aws:cloudwatch:Region:account-id:alarm:alarm-name

The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule/insight-rule-name

For more information about ARN format, see Resource Types Defined by Amazon CloudWatch in the Amazon Web Services General Reference.

" } }, "AnomalyDetector": { diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index eae2e98038e..0edeb02db0b 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -6220,6 +6220,7 @@ "deprecated" : true, "hostname" : "email-fips.us-west-2.amazonaws.com" }, + "il-central-1" : { }, "me-south-1" : { }, "sa-east-1" : { }, "us-east-1" : { @@ -7180,6 +7181,7 @@ "deprecated" : true, "hostname" : "fsx-fips.us-west-2.amazonaws.com" }, + "il-central-1" : { }, "me-central-1" : { }, "me-south-1" : { }, "prod-ca-central-1" : { @@ -7685,6 +7687,7 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "il-central-1" : { }, "me-central-1" : { }, "me-south-1" : { }, "sa-east-1" : { }, @@ -14139,6 +14142,7 @@ "fips-us-west-2" : { "deprecated" : true }, + "il-central-1" : { }, "me-south-1" : { }, "sa-east-1" : { }, "us-east-1" : { @@ -14941,6 +14945,7 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "il-central-1" : { }, "me-central-1" : { }, "me-south-1" : { }, "sa-east-1" : { }, diff --git a/service/cloudtrail/api.go b/service/cloudtrail/api.go index 817e10dd552..e9bd75cdab9 100644 --- a/service/cloudtrail/api.go +++ b/service/cloudtrail/api.go @@ -782,6 +782,9 @@ func (c *CloudTrail) CreateTrailRequest(input *CreateTrailInput) (req *request.R // operation is modifying the resource. If this exception occurs, wait a few // minutes, and then try the operation again. // +// - ThrottlingException +// This exception is thrown when the request rate exceeds the limit. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateTrail func (c *CloudTrail) CreateTrail(input *CreateTrailInput) (*CreateTrailOutput, error) { req, out := c.CreateTrailRequest(input) @@ -1221,6 +1224,9 @@ func (c *CloudTrail) DeleteTrailRequest(input *DeleteTrailInput) (req *request.R // operation is modifying the resource. If this exception occurs, wait a few // minutes, and then try the operation again. // +// - ThrottlingException +// This exception is thrown when the request rate exceeds the limit. +// // - InvalidHomeRegionException // This exception is thrown when an operation is called on a trail from a Region // other than the Region in which the trail was created. @@ -2121,6 +2127,9 @@ func (c *CloudTrail) GetInsightSelectorsRequest(input *GetInsightSelectorsInput) // This exception is thrown when the management account does not have a service-linked // role. // +// - ThrottlingException +// This exception is thrown when the request rate exceeds the limit. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectors func (c *CloudTrail) GetInsightSelectors(input *GetInsightSelectorsInput) (*GetInsightSelectorsOutput, error) { req, out := c.GetInsightSelectorsRequest(input) @@ -4258,6 +4267,9 @@ func (c *CloudTrail) PutEventSelectorsRequest(input *PutEventSelectorsInput) (re // operation is modifying the resource. If this exception occurs, wait a few // minutes, and then try the operation again. // +// - ThrottlingException +// This exception is thrown when the request rate exceeds the limit. +// // - UnsupportedOperationException // This exception is thrown when the requested operation is not supported. // @@ -4437,6 +4449,9 @@ func (c *CloudTrail) PutInsightSelectorsRequest(input *PutInsightSelectorsInput) // This exception is thrown when the management account does not have a service-linked // role. // +// - ThrottlingException +// This exception is thrown when the request rate exceeds the limit. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectors func (c *CloudTrail) PutInsightSelectors(input *PutInsightSelectorsInput) (*PutInsightSelectorsOutput, error) { req, out := c.PutInsightSelectorsRequest(input) @@ -5328,6 +5343,9 @@ func (c *CloudTrail) StartLoggingRequest(input *StartLoggingInput) (req *request // operation is modifying the resource. If this exception occurs, wait a few // minutes, and then try the operation again. // +// - ThrottlingException +// This exception is thrown when the request rate exceeds the limit. +// // - TrailNotFoundException // This exception is thrown when the trail with the given name is not found. // @@ -5836,6 +5854,9 @@ func (c *CloudTrail) StopLoggingRequest(input *StopLoggingInput) (req *request.R // operation is modifying the resource. If this exception occurs, wait a few // minutes, and then try the operation again. // +// - ThrottlingException +// This exception is thrown when the request rate exceeds the limit. +// // - InvalidHomeRegionException // This exception is thrown when an operation is called on a trail from a Region // other than the Region in which the trail was created. @@ -6333,6 +6354,9 @@ func (c *CloudTrail) UpdateTrailRequest(input *UpdateTrailInput) (req *request.R // operation is modifying the resource. If this exception occurs, wait a few // minutes, and then try the operation again. // +// - ThrottlingException +// This exception is thrown when the request rate exceeds the limit. +// // - InvalidParameterCombinationException // This exception is thrown when the combination of parameters provided is not // valid. @@ -18755,6 +18779,70 @@ func (s *TagsLimitExceededException) RequestID() string { return s.RespMetadata.RequestID } +// This exception is thrown when the request rate exceeds the limit. +type ThrottlingException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ThrottlingException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ThrottlingException) GoString() string { + return s.String() +} + +func newErrorThrottlingException(v protocol.ResponseMetadata) error { + return &ThrottlingException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ThrottlingException) Code() string { + return "ThrottlingException" +} + +// Message returns the exception's message. +func (s *ThrottlingException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ThrottlingException) OrigErr() error { + return nil +} + +func (s *ThrottlingException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ThrottlingException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ThrottlingException) RequestID() string { + return s.RespMetadata.RequestID +} + // The settings for a trail. type Trail struct { _ struct{} `type:"structure"` diff --git a/service/cloudtrail/errors.go b/service/cloudtrail/errors.go index 2deaa7f3e1a..73786a6570e 100644 --- a/service/cloudtrail/errors.go +++ b/service/cloudtrail/errors.go @@ -576,6 +576,12 @@ const ( // permitted amount. Currently, the limit is 50. ErrCodeTagsLimitExceededException = "TagsLimitExceededException" + // ErrCodeThrottlingException for service response error code + // "ThrottlingException". + // + // This exception is thrown when the request rate exceeds the limit. + ErrCodeThrottlingException = "ThrottlingException" + // ErrCodeTrailAlreadyExistsException for service response error code // "TrailAlreadyExistsException". // @@ -677,6 +683,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "ResourceTypeNotSupportedException": newErrorResourceTypeNotSupportedException, "S3BucketDoesNotExistException": newErrorS3BucketDoesNotExistException, "TagsLimitExceededException": newErrorTagsLimitExceededException, + "ThrottlingException": newErrorThrottlingException, "TrailAlreadyExistsException": newErrorTrailAlreadyExistsException, "TrailNotFoundException": newErrorTrailNotFoundException, "TrailNotProvidedException": newErrorTrailNotProvidedException, diff --git a/service/cloudwatch/api.go b/service/cloudwatch/api.go index 24f68910ba2..24b01b571a9 100644 --- a/service/cloudwatch/api.go +++ b/service/cloudwatch/api.go @@ -8533,7 +8533,7 @@ type ListTagsForResourceInput struct { // // The ARN format of an alarm is arn:aws:cloudwatch:Region:account-id:alarm:alarm-name // - // The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule:insight-rule-name + // The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule/insight-rule-name // // For more information about ARN format, see Resource Types Defined by Amazon // CloudWatch (https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazoncloudwatch.html#amazoncloudwatch-resources-for-iam-policies) @@ -12523,7 +12523,7 @@ type TagResourceInput struct { // // The ARN format of an alarm is arn:aws:cloudwatch:Region:account-id:alarm:alarm-name // - // The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule:insight-rule-name + // The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule/insight-rule-name // // For more information about ARN format, see Resource Types Defined by Amazon // CloudWatch (https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazoncloudwatch.html#amazoncloudwatch-resources-for-iam-policies) @@ -12626,7 +12626,7 @@ type UntagResourceInput struct { // // The ARN format of an alarm is arn:aws:cloudwatch:Region:account-id:alarm:alarm-name // - // The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule:insight-rule-name + // The ARN format of a Contributor Insights rule is arn:aws:cloudwatch:Region:account-id:insight-rule/insight-rule-name // // For more information about ARN format, see Resource Types Defined by Amazon // CloudWatch (https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazoncloudwatch.html#amazoncloudwatch-resources-for-iam-policies) diff --git a/service/detective/api.go b/service/detective/api.go index a16562bca18..92532300146 100644 --- a/service/detective/api.go +++ b/service/detective/api.go @@ -2817,8 +2817,12 @@ type Account struct { // The Amazon Web Services account root user email address for the Amazon Web // Services account. // + // EmailAddress is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by Account's + // String and GoString methods. + // // EmailAddress is a required field - EmailAddress *string `min:"1" type:"string" required:"true"` + EmailAddress *string `min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -3288,7 +3292,11 @@ type CreateMembersInput struct { // Customized message text to include in the invitation email message to the // invited member accounts. - Message *string `min:"1" type:"string"` + // + // Message is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateMembersInput's + // String and GoString methods. + Message *string `min:"1" type:"string" sensitive:"true"` } // String returns the string representation. @@ -4801,7 +4809,11 @@ type MemberDetail struct { DisabledReason *string `type:"string" enum:"MemberDisabledReason"` // The Amazon Web Services account root user email address for the member account. - EmailAddress *string `min:"1" type:"string"` + // + // EmailAddress is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by MemberDetail's + // String and GoString methods. + EmailAddress *string `min:"1" type:"string" sensitive:"true"` // The ARN of the behavior graph. GraphArn *string `type:"string"` From 8e3829b014718d0ba433710d2abc3a07e01cfac4 Mon Sep 17 00:00:00 2001 From: aws-sdk-go-automation <43143561+aws-sdk-go-automation@users.noreply.github.com> Date: Mon, 28 Aug 2023 14:31:21 -0400 Subject: [PATCH 09/17] Release v1.44.333 (2023-08-28) (#4966) Release v1.44.333 (2023-08-28) === ### Service Client Updates * `service/backup`: Updates service API and documentation * `service/compute-optimizer`: Updates service API and documentation * `service/organizations`: Updates service documentation * Documentation updates for permissions and links. * `service/securitylake`: Updates service API * `service/service-quotas`: Updates service API and documentation * `service/workspaces-web`: Updates service API and documentation --- CHANGELOG.md | 12 + aws/endpoints/defaults.go | 12 + aws/version.go | 2 +- models/apis/backup/2018-11-15/api-2.json | 7 +- models/apis/backup/2018-11-15/docs-2.json | 11 +- .../2018-11-15/endpoint-rule-set-1.json | 344 ++-- .../compute-optimizer/2019-11-01/api-2.json | 239 ++- .../compute-optimizer/2019-11-01/docs-2.json | 205 ++- .../2019-11-01/endpoint-rule-set-1.json | 344 ++-- .../apis/organizations/2016-11-28/docs-2.json | 86 +- .../2016-11-28/endpoint-rule-set-1.json | 1295 ++++----------- .../2016-11-28/endpoint-tests-1.json | 148 +- .../apis/securitylake/2018-05-10/api-2.json | 3 +- .../2018-05-10/endpoint-tests-1.json | 167 +- .../apis/service-quotas/2019-06-24/api-2.json | 53 +- .../service-quotas/2019-06-24/docs-2.json | 194 ++- .../2019-06-24/endpoint-rule-set-1.json | 339 ++++ .../2019-06-24/endpoint-tests-1.json | 613 +++++++ .../apis/workspaces-web/2020-07-08/api-2.json | 76 +- .../workspaces-web/2020-07-08/docs-2.json | 63 +- .../2020-07-08/endpoint-rule-set-1.json | 344 ++-- models/endpoints/endpoints.json | 7 + service/backup/api.go | 30 +- service/computeoptimizer/api.go | 1424 +++++++++++++++-- .../computeoptimizeriface/interface.go | 8 + service/organizations/api.go | 921 ++++++----- service/organizations/doc.go | 2 +- service/organizations/errors.go | 36 +- service/servicequotas/api.go | 567 +++++-- service/servicequotas/doc.go | 8 +- service/servicequotas/errors.go | 8 +- service/workspacesweb/api.go | 278 +++- 32 files changed, 5326 insertions(+), 2520 deletions(-) create mode 100644 models/apis/service-quotas/2019-06-24/endpoint-rule-set-1.json create mode 100644 models/apis/service-quotas/2019-06-24/endpoint-tests-1.json diff --git a/CHANGELOG.md b/CHANGELOG.md index 532f671131e..4e5a5f7066f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +Release v1.44.333 (2023-08-28) +=== + +### Service Client Updates +* `service/backup`: Updates service API and documentation +* `service/compute-optimizer`: Updates service API and documentation +* `service/organizations`: Updates service documentation + * Documentation updates for permissions and links. +* `service/securitylake`: Updates service API +* `service/service-quotas`: Updates service API and documentation +* `service/workspaces-web`: Updates service API and documentation + Release v1.44.332 (2023-08-25) === diff --git a/aws/endpoints/defaults.go b/aws/endpoints/defaults.go index 426f369db9e..59582df71e2 100644 --- a/aws/endpoints/defaults.go +++ b/aws/endpoints/defaults.go @@ -1058,6 +1058,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -2928,6 +2931,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "appmesh.eu-west-3.api.aws", }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.il-central-1.api.aws", + }, endpointKey{ Region: "me-south-1", }: endpoint{}, diff --git a/aws/version.go b/aws/version.go index 9440ea6c375..96b11c71c79 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.332" +const SDKVersion = "1.44.333" diff --git a/models/apis/backup/2018-11-15/api-2.json b/models/apis/backup/2018-11-15/api-2.json index 6e4e3faa740..3a24469319d 100644 --- a/models/apis/backup/2018-11-15/api-2.json +++ b/models/apis/backup/2018-11-15/api-2.json @@ -1331,7 +1331,8 @@ "RecoveryPointTags":{"shape":"Tags"}, "RuleId":{"shape":"string"}, "CopyActions":{"shape":"CopyActions"}, - "EnableContinuousBackup":{"shape":"Boolean"} + "EnableContinuousBackup":{"shape":"Boolean"}, + "ScheduleExpressionTimezone":{"shape":"Timezone"} } }, "BackupRuleInput":{ @@ -1349,7 +1350,8 @@ "Lifecycle":{"shape":"Lifecycle"}, "RecoveryPointTags":{"shape":"Tags"}, "CopyActions":{"shape":"CopyActions"}, - "EnableContinuousBackup":{"shape":"Boolean"} + "EnableContinuousBackup":{"shape":"Boolean"}, + "ScheduleExpressionTimezone":{"shape":"Timezone"} } }, "BackupRuleName":{ @@ -3704,6 +3706,7 @@ "value":{"shape":"TagValue"}, "sensitive":true }, + "Timezone":{"type":"string"}, "UntagResourceInput":{ "type":"structure", "required":[ diff --git a/models/apis/backup/2018-11-15/docs-2.json b/models/apis/backup/2018-11-15/docs-2.json index 641a0fb7ba5..41b3814247c 100644 --- a/models/apis/backup/2018-11-15/docs-2.json +++ b/models/apis/backup/2018-11-15/docs-2.json @@ -8,7 +8,7 @@ "CreateBackupVault": "

Creates a logical container where backups are stored. A CreateBackupVault request includes a name, optionally one or more resource tags, an encryption key, and a request ID.

Do not include sensitive data, such as passport numbers, in the name of a backup vault.

", "CreateFramework": "

Creates a framework with one or more controls. A framework is a collection of controls that you can use to evaluate your backup practices. By using pre-built customizable controls to define your policies, you can evaluate whether your backup practices comply with your policies and which resources are not yet in compliance.

", "CreateLegalHold": "

This action creates a legal hold on a recovery point (backup). A legal hold is a restraint on altering or deleting a backup until an authorized user cancels the legal hold. Any actions to delete or disassociate a recovery point will fail with an error if one or more active legal holds are on the recovery point.

", - "CreateLogicallyAirGappedBackupVault": "

This request creates a logical container where backups are stored.

This request includes a name, optionally one or more resource tags, an encryption key, and a request ID.

Do not include sensitive data, such as passport numbers, in the name of a backup vault.

", + "CreateLogicallyAirGappedBackupVault": "

This request creates a logical container to where backups may be copied.

This request includes a name, the Region, the maximum number of retention days, the minimum number of retention days, and optionally can include tags and a creator request ID.

Do not include sensitive data, such as passport numbers, in the name of a backup vault.

", "CreateReportPlan": "

Creates a report plan. A report plan is a document that contains information about the contents of the report and where Backup will deliver it.

If you call CreateReportPlan with a plan that already exists, you receive an AlreadyExistsException exception.

", "DeleteBackupPlan": "

Deletes a backup plan. A backup plan can only be deleted after all associated selections of resources have been deleted. Deleting a backup plan deletes the current version of a backup plan. Previous versions, if any, will still exist.

", "DeleteBackupSelection": "

Deletes the resource selection associated with a backup plan that is specified by the SelectionId.

", @@ -541,7 +541,7 @@ "ControlScope": { "base": "

A framework consists of one or more controls. Each control has its own control scope. The control scope can include one or more resource types, a combination of a tag key and value, or a combination of one resource type and one resource ID. If no scope is specified, evaluations for the rule are triggered when any resource in your recording group changes in configuration.

To set a control scope that includes all of a particular resource, leave the ControlScope empty or do not pass it when calling CreateFramework.

", "refs": { - "FrameworkControl$ControlScope": "

The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. For more information, see ControlScope.

" + "FrameworkControl$ControlScope": "

The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans.

" } }, "CopyAction": { @@ -1733,6 +1733,13 @@ "TagResourceInput$Tags": "

Key-value pairs that are used to help organize your resources. You can assign your own metadata to the resources you create. For clarity, this is the structure to assign tags: [{\"Key\":\"string\",\"Value\":\"string\"}].

" } }, + "Timezone": { + "base": null, + "refs": { + "BackupRule$ScheduleExpressionTimezone": "

This is the timezone in which the schedule expression is set. By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone.

", + "BackupRuleInput$ScheduleExpressionTimezone": "

This is the timezone in which the schedule expression is set. By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone.

" + } + }, "UntagResourceInput": { "base": null, "refs": { diff --git a/models/apis/backup/2018-11-15/endpoint-rule-set-1.json b/models/apis/backup/2018-11-15/endpoint-rule-set-1.json index 49fbf7acba9..dc2e1fc92d9 100644 --- a/models/apis/backup/2018-11-15/endpoint-rule-set-1.json +++ b/models/apis/backup/2018-11-15/endpoint-rule-set-1.json @@ -58,52 +58,56 @@ "type": "error" }, { - "conditions": [], - "type": "tree", - "rules": [ + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" + "ref": "UseDualStack" }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" + true + ] } - ] + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, { - "conditions": [], + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], "type": "tree", "rules": [ { "conditions": [ { - "fn": "isSet", + "fn": "aws.partition", "argv": [ { "ref": "Region" } - ] + ], + "assign": "PartitionResult" } ], "type": "tree", @@ -111,13 +115,22 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "booleanEquals", "argv": [ { - "ref": "Region" - } - ], - "assign": "PartitionResult" + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] } ], "type": "tree", @@ -127,224 +140,175 @@ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] }, { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://backup-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" + "endpoint": { + "url": "https://backup-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ { - "conditions": [], - "endpoint": { - "url": "https://backup-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsFIPS" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" + "endpoint": { + "url": "https://backup-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://backup.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } - ] - }, - { - "conditions": [], + ], "type": "tree", "rules": [ { "conditions": [], "endpoint": { - "url": "https://backup.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://backup.{Region}.{PartitionResult#dualStackDnsSuffix}", "properties": {}, "headers": {} }, "type": "endpoint" } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://backup.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } \ No newline at end of file diff --git a/models/apis/compute-optimizer/2019-11-01/api-2.json b/models/apis/compute-optimizer/2019-11-01/api-2.json index 80bda8bd649..05f10077bbe 100644 --- a/models/apis/compute-optimizer/2019-11-01/api-2.json +++ b/models/apis/compute-optimizer/2019-11-01/api-2.json @@ -146,6 +146,25 @@ {"shape":"LimitExceededException"} ] }, + "ExportLicenseRecommendations":{ + "name":"ExportLicenseRecommendations", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ExportLicenseRecommendationsRequest"}, + "output":{"shape":"ExportLicenseRecommendationsResponse"}, + "errors":[ + {"shape":"OptInRequiredException"}, + {"shape":"InternalServerException"}, + {"shape":"ServiceUnavailableException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InvalidParameterValueException"}, + {"shape":"MissingAuthenticationToken"}, + {"shape":"ThrottlingException"}, + {"shape":"LimitExceededException"} + ] + }, "GetAutoScalingGroupRecommendations":{ "name":"GetAutoScalingGroupRecommendations", "http":{ @@ -332,6 +351,25 @@ {"shape":"LimitExceededException"} ] }, + "GetLicenseRecommendations":{ + "name":"GetLicenseRecommendations", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetLicenseRecommendationsRequest"}, + "output":{"shape":"GetLicenseRecommendationsResponse"}, + "errors":[ + {"shape":"OptInRequiredException"}, + {"shape":"InternalServerException"}, + {"shape":"ServiceUnavailableException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InvalidParameterValueException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"MissingAuthenticationToken"}, + {"shape":"ThrottlingException"} + ] + }, "GetRecommendationPreferences":{ "name":"GetRecommendationPreferences", "http":{ @@ -923,6 +961,25 @@ "s3Destination":{"shape":"S3Destination"} } }, + "ExportLicenseRecommendationsRequest":{ + "type":"structure", + "required":["s3DestinationConfig"], + "members":{ + "accountIds":{"shape":"AccountIds"}, + "filters":{"shape":"LicenseRecommendationFilters"}, + "fieldsToExport":{"shape":"ExportableLicenseFields"}, + "s3DestinationConfig":{"shape":"S3DestinationConfig"}, + "fileFormat":{"shape":"FileFormat"}, + "includeMemberAccounts":{"shape":"IncludeMemberAccounts"} + } + }, + "ExportLicenseRecommendationsResponse":{ + "type":"structure", + "members":{ + "jobId":{"shape":"JobId"}, + "s3Destination":{"shape":"S3Destination"} + } + }, "ExportableAutoScalingGroupField":{ "type":"string", "enum":[ @@ -1121,6 +1178,36 @@ "type":"list", "member":{"shape":"ExportableLambdaFunctionField"} }, + "ExportableLicenseField":{ + "type":"string", + "enum":[ + "AccountId", + "ResourceArn", + "LookbackPeriodInDays", + "LastRefreshTimestamp", + "Finding", + "FindingReasonCodes", + "CurrentLicenseConfigurationNumberOfCores", + "CurrentLicenseConfigurationInstanceType", + "CurrentLicenseConfigurationOperatingSystem", + "CurrentLicenseConfigurationLicenseName", + "CurrentLicenseConfigurationLicenseEdition", + "CurrentLicenseConfigurationLicenseModel", + "CurrentLicenseConfigurationLicenseVersion", + "CurrentLicenseConfigurationMetricsSource", + "RecommendationOptionsOperatingSystem", + "RecommendationOptionsLicenseEdition", + "RecommendationOptionsLicenseModel", + "RecommendationOptionsSavingsOpportunityPercentage", + "RecommendationOptionsEstimatedMonthlySavingsCurrency", + "RecommendationOptionsEstimatedMonthlySavingsValue", + "Tags" + ] + }, + "ExportableLicenseFields":{ + "type":"list", + "member":{"shape":"ExportableLicenseField"} + }, "ExportableVolumeField":{ "type":"string", "enum":[ @@ -1432,6 +1519,24 @@ "lambdaFunctionRecommendations":{"shape":"LambdaFunctionRecommendations"} } }, + "GetLicenseRecommendationsRequest":{ + "type":"structure", + "members":{ + "resourceArns":{"shape":"ResourceArns"}, + "nextToken":{"shape":"NextToken"}, + "maxResults":{"shape":"MaxResults"}, + "filters":{"shape":"LicenseRecommendationFilters"}, + "accountIds":{"shape":"AccountIds"} + } + }, + "GetLicenseRecommendationsResponse":{ + "type":"structure", + "members":{ + "nextToken":{"shape":"NextToken"}, + "licenseRecommendations":{"shape":"LicenseRecommendations"}, + "errors":{"shape":"GetRecommendationErrors"} + } + }, "GetRecommendationError":{ "type":"structure", "members":{ @@ -1770,6 +1875,112 @@ }, "LastRefreshTimestamp":{"type":"timestamp"}, "LastUpdatedTimestamp":{"type":"timestamp"}, + "LicenseConfiguration":{ + "type":"structure", + "members":{ + "numberOfCores":{"shape":"NumberOfCores"}, + "instanceType":{"shape":"InstanceType"}, + "operatingSystem":{"shape":"OperatingSystem"}, + "licenseEdition":{"shape":"LicenseEdition"}, + "licenseName":{"shape":"LicenseName"}, + "licenseModel":{"shape":"LicenseModel"}, + "licenseVersion":{"shape":"LicenseVersion"}, + "metricsSource":{"shape":"MetricsSource"} + } + }, + "LicenseEdition":{ + "type":"string", + "enum":[ + "Enterprise", + "Standard", + "Free", + "NoLicenseEditionFound" + ] + }, + "LicenseFinding":{ + "type":"string", + "enum":[ + "InsufficientMetrics", + "Optimized", + "NotOptimized" + ] + }, + "LicenseFindingReasonCode":{ + "type":"string", + "enum":[ + "InvalidCloudWatchApplicationInsightsSetup", + "CloudWatchApplicationInsightsError", + "LicenseOverprovisioned", + "Optimized" + ] + }, + "LicenseFindingReasonCodes":{ + "type":"list", + "member":{"shape":"LicenseFindingReasonCode"} + }, + "LicenseModel":{ + "type":"string", + "enum":[ + "LicenseIncluded", + "BringYourOwnLicense" + ] + }, + "LicenseName":{ + "type":"string", + "enum":["SQLServer"] + }, + "LicenseRecommendation":{ + "type":"structure", + "members":{ + "resourceArn":{"shape":"ResourceArn"}, + "accountId":{"shape":"AccountId"}, + "currentLicenseConfiguration":{"shape":"LicenseConfiguration"}, + "lookbackPeriodInDays":{"shape":"LookBackPeriodInDays"}, + "lastRefreshTimestamp":{"shape":"LastRefreshTimestamp"}, + "finding":{"shape":"LicenseFinding"}, + "findingReasonCodes":{"shape":"LicenseFindingReasonCodes"}, + "licenseRecommendationOptions":{"shape":"LicenseRecommendationOptions"}, + "tags":{"shape":"Tags"} + } + }, + "LicenseRecommendationFilter":{ + "type":"structure", + "members":{ + "name":{"shape":"LicenseRecommendationFilterName"}, + "values":{"shape":"FilterValues"} + } + }, + "LicenseRecommendationFilterName":{ + "type":"string", + "enum":[ + "Finding", + "FindingReasonCode", + "LicenseName" + ] + }, + "LicenseRecommendationFilters":{ + "type":"list", + "member":{"shape":"LicenseRecommendationFilter"} + }, + "LicenseRecommendationOption":{ + "type":"structure", + "members":{ + "rank":{"shape":"Rank"}, + "operatingSystem":{"shape":"OperatingSystem"}, + "licenseEdition":{"shape":"LicenseEdition"}, + "licenseModel":{"shape":"LicenseModel"}, + "savingsOpportunity":{"shape":"SavingsOpportunity"} + } + }, + "LicenseRecommendationOptions":{ + "type":"list", + "member":{"shape":"LicenseRecommendationOption"} + }, + "LicenseRecommendations":{ + "type":"list", + "member":{"shape":"LicenseRecommendation"} + }, + "LicenseVersion":{"type":"string"}, "LimitExceededException":{ "type":"structure", "members":{ @@ -1819,6 +2030,18 @@ "NETWORK_PACKETS_OUT_PER_SECOND" ] }, + "MetricProviderArn":{"type":"string"}, + "MetricSource":{ + "type":"structure", + "members":{ + "provider":{"shape":"MetricSourceProvider"}, + "providerArn":{"shape":"MetricProviderArn"} + } + }, + "MetricSourceProvider":{ + "type":"string", + "enum":["CloudWatchApplicationInsights"] + }, "MetricStatistic":{ "type":"string", "enum":[ @@ -1831,6 +2054,10 @@ "type":"list", "member":{"shape":"MetricValue"} }, + "MetricsSource":{ + "type":"list", + "member":{"shape":"MetricSource"} + }, "MigrationEffort":{ "type":"string", "enum":[ @@ -1853,8 +2080,10 @@ "NullableCpu":{"type":"integer"}, "NullableMemory":{"type":"integer"}, "NullableMemoryReservation":{"type":"integer"}, + "NumberOfCores":{"type":"integer"}, "NumberOfInvocations":{"type":"long"}, "NumberOfMemberAccountsOptedIn":{"type":"integer"}, + "OperatingSystem":{"type":"string"}, "OptInRequiredException":{ "type":"structure", "members":{ @@ -1995,7 +2224,8 @@ "AutoScalingGroup", "EbsVolume", "LambdaFunction", - "EcsService" + "EcsService", + "License" ] }, "RecommendationSources":{ @@ -2031,6 +2261,10 @@ "member":{"shape":"RecommendedOptionProjectedMetric"} }, "ResourceArn":{"type":"string"}, + "ResourceArns":{ + "type":"list", + "member":{"shape":"ResourceArn"} + }, "ResourceNotFoundException":{ "type":"structure", "members":{ @@ -2047,7 +2281,8 @@ "EbsVolume", "LambdaFunction", "NotApplicable", - "EcsService" + "EcsService", + "License" ] }, "RootVolume":{"type":"boolean"}, diff --git a/models/apis/compute-optimizer/2019-11-01/docs-2.json b/models/apis/compute-optimizer/2019-11-01/docs-2.json index a6c47e697f4..0a2d651a7a2 100644 --- a/models/apis/compute-optimizer/2019-11-01/docs-2.json +++ b/models/apis/compute-optimizer/2019-11-01/docs-2.json @@ -9,6 +9,7 @@ "ExportEC2InstanceRecommendations": "

Exports optimization recommendations for Amazon EC2 instances.

Recommendations are exported in a comma-separated values (.csv) file, and its metadata in a JavaScript Object Notation (JSON) (.json) file, to an existing Amazon Simple Storage Service (Amazon S3) bucket that you specify. For more information, see Exporting Recommendations in the Compute Optimizer User Guide.

You can have only one Amazon EC2 instance export job in progress per Amazon Web Services Region.

", "ExportECSServiceRecommendations": "

Exports optimization recommendations for Amazon ECS services on Fargate.

Recommendations are exported in a CSV file, and its metadata in a JSON file, to an existing Amazon Simple Storage Service (Amazon S3) bucket that you specify. For more information, see Exporting Recommendations in the Compute Optimizer User Guide.

You can only have one Amazon ECS service export job in progress per Amazon Web Services Region.

", "ExportLambdaFunctionRecommendations": "

Exports optimization recommendations for Lambda functions.

Recommendations are exported in a comma-separated values (.csv) file, and its metadata in a JavaScript Object Notation (JSON) (.json) file, to an existing Amazon Simple Storage Service (Amazon S3) bucket that you specify. For more information, see Exporting Recommendations in the Compute Optimizer User Guide.

You can have only one Lambda function export job in progress per Amazon Web Services Region.

", + "ExportLicenseRecommendations": "

Export optimization recommendations for your licenses.

Recommendations are exported in a comma-separated values (CSV) file, and its metadata in a JavaScript Object Notation (JSON) file, to an existing Amazon Simple Storage Service (Amazon S3) bucket that you specify. For more information, see Exporting Recommendations in the Compute Optimizer User Guide.

You can have only one license export job in progress per Amazon Web Services Region.

", "GetAutoScalingGroupRecommendations": "

Returns Auto Scaling group recommendations.

Compute Optimizer generates recommendations for Amazon EC2 Auto Scaling groups that meet a specific set of requirements. For more information, see the Supported resources and requirements in the Compute Optimizer User Guide.

", "GetEBSVolumeRecommendations": "

Returns Amazon Elastic Block Store (Amazon EBS) volume recommendations.

Compute Optimizer generates recommendations for Amazon EBS volumes that meet a specific set of requirements. For more information, see the Supported resources and requirements in the Compute Optimizer User Guide.

", "GetEC2InstanceRecommendations": "

Returns Amazon EC2 instance recommendations.

Compute Optimizer generates recommendations for Amazon Elastic Compute Cloud (Amazon EC2) instances that meet a specific set of requirements. For more information, see the Supported resources and requirements in the Compute Optimizer User Guide.

", @@ -19,6 +20,7 @@ "GetEnrollmentStatus": "

Returns the enrollment (opt in) status of an account to the Compute Optimizer service.

If the account is the management account of an organization, this action also confirms the enrollment status of member accounts of the organization. Use the GetEnrollmentStatusesForOrganization action to get detailed information about the enrollment status of member accounts of an organization.

", "GetEnrollmentStatusesForOrganization": "

Returns the Compute Optimizer enrollment (opt-in) status of organization member accounts, if your account is an organization management account.

To get the enrollment status of standalone accounts, use the GetEnrollmentStatus action.

", "GetLambdaFunctionRecommendations": "

Returns Lambda function recommendations.

Compute Optimizer generates recommendations for functions that meet a specific set of requirements. For more information, see the Supported resources and requirements in the Compute Optimizer User Guide.

", + "GetLicenseRecommendations": "

Returns license recommendations for Amazon EC2 instances that run on a specific license.

Compute Optimizer generates recommendations for licenses that meet a specific set of requirements. For more information, see the Supported resources and requirements in the Compute Optimizer User Guide.

", "GetRecommendationPreferences": "

Returns existing recommendation preferences, such as enhanced infrastructure metrics.

Use the scope parameter to specify which preferences to return. You can specify to return preferences for an organization, a specific account ID, or a specific EC2 instance or Auto Scaling group Amazon Resource Name (ARN).

For more information, see Activating enhanced infrastructure metrics in the Compute Optimizer User Guide.

", "GetRecommendationSummaries": "

Returns the optimization findings for an account.

It returns the number of:

  • Amazon EC2 instances in an account that are Underprovisioned, Overprovisioned, or Optimized.

  • Auto Scaling groups in an account that are NotOptimized, or Optimized.

  • Amazon EBS volumes in an account that are NotOptimized, or Optimized.

  • Lambda functions in an account that are NotOptimized, or Optimized.

  • Amazon ECS services in an account that are Underprovisioned, Overprovisioned, or Optimized.

", "PutRecommendationPreferences": "

Creates a new recommendation preference or updates an existing recommendation preference, such as enhanced infrastructure metrics.

For more information, see Activating enhanced infrastructure metrics in the Compute Optimizer User Guide.

", @@ -51,6 +53,7 @@ "ECSServiceRecommendation$accountId": "

The Amazon Web Services account ID of the Amazon ECS service.

", "InstanceRecommendation$accountId": "

The Amazon Web Services account ID of the instance.

", "LambdaFunctionRecommendation$accountId": "

The Amazon Web Services account ID of the function.

", + "LicenseRecommendation$accountId": "

The Amazon Web Services account ID of the license.

", "RecommendationSummary$accountId": "

The Amazon Web Services account ID of the recommendation summary.

", "VolumeRecommendation$accountId": "

The Amazon Web Services account ID of the volume.

" } @@ -63,11 +66,13 @@ "ExportEC2InstanceRecommendationsRequest$accountIds": "

The IDs of the Amazon Web Services accounts for which to export instance recommendations.

If your account is the management account of an organization, use this parameter to specify the member account for which you want to export recommendations.

This parameter cannot be specified together with the include member accounts parameter. The parameters are mutually exclusive.

Recommendations for member accounts are not included in the export if this parameter, or the include member accounts parameter, is omitted.

You can specify multiple account IDs per request.

", "ExportECSServiceRecommendationsRequest$accountIds": "

The Amazon Web Services account IDs for the export Amazon ECS service recommendations.

If your account is the management account or the delegated administrator of an organization, use this parameter to specify the member account you want to export recommendations to.

This parameter can't be specified together with the include member accounts parameter. The parameters are mutually exclusive.

If this parameter or the include member accounts parameter is omitted, the recommendations for member accounts aren't included in the export.

You can specify multiple account IDs per request.

", "ExportLambdaFunctionRecommendationsRequest$accountIds": "

The IDs of the Amazon Web Services accounts for which to export Lambda function recommendations.

If your account is the management account of an organization, use this parameter to specify the member account for which you want to export recommendations.

This parameter cannot be specified together with the include member accounts parameter. The parameters are mutually exclusive.

Recommendations for member accounts are not included in the export if this parameter, or the include member accounts parameter, is omitted.

You can specify multiple account IDs per request.

", + "ExportLicenseRecommendationsRequest$accountIds": "

The IDs of the Amazon Web Services accounts for which to export license recommendations.

If your account is the management account of an organization, use this parameter to specify the member account for which you want to export recommendations.

This parameter can't be specified together with the include member accounts parameter. The parameters are mutually exclusive.

If this parameter is omitted, recommendations for member accounts aren't included in the export.

You can specify multiple account IDs per request.

", "GetAutoScalingGroupRecommendationsRequest$accountIds": "

The ID of the Amazon Web Services account for which to return Auto Scaling group recommendations.

If your account is the management account of an organization, use this parameter to specify the member account for which you want to return Auto Scaling group recommendations.

Only one account ID can be specified per request.

", "GetEBSVolumeRecommendationsRequest$accountIds": "

The ID of the Amazon Web Services account for which to return volume recommendations.

If your account is the management account of an organization, use this parameter to specify the member account for which you want to return volume recommendations.

Only one account ID can be specified per request.

", "GetEC2InstanceRecommendationsRequest$accountIds": "

The ID of the Amazon Web Services account for which to return instance recommendations.

If your account is the management account of an organization, use this parameter to specify the member account for which you want to return instance recommendations.

Only one account ID can be specified per request.

", "GetECSServiceRecommendationsRequest$accountIds": "

Return the Amazon ECS service recommendations to the specified Amazon Web Services account IDs.

If your account is the management account or the delegated administrator of an organization, use this parameter to return the Amazon ECS service recommendations to specific member accounts.

You can only specify one account ID per request.

", "GetLambdaFunctionRecommendationsRequest$accountIds": "

The ID of the Amazon Web Services account for which to return function recommendations.

If your account is the management account of an organization, use this parameter to specify the member account for which you want to return function recommendations.

Only one account ID can be specified per request.

", + "GetLicenseRecommendationsRequest$accountIds": "

The ID of the Amazon Web Services account for which to return license recommendations.

If your account is the management account of an organization, use this parameter to specify the member account for which you want to return license recommendations.

Only one account ID can be specified per request.

", "GetRecommendationSummariesRequest$accountIds": "

The ID of the Amazon Web Services account for which to return recommendation summaries.

If your account is the management account of an organization, use this parameter to specify the member account for which you want to return recommendation summaries.

Only one account ID can be specified per request.

" } }, @@ -546,6 +551,16 @@ "refs": { } }, + "ExportLicenseRecommendationsRequest": { + "base": null, + "refs": { + } + }, + "ExportLicenseRecommendationsResponse": { + "base": null, + "refs": { + } + }, "ExportableAutoScalingGroupField": { "base": null, "refs": { @@ -594,6 +609,18 @@ "ExportLambdaFunctionRecommendationsRequest$fieldsToExport": "

The recommendations data to include in the export file. For more information about the fields that can be exported, see Exported files in the Compute Optimizer User Guide.

" } }, + "ExportableLicenseField": { + "base": null, + "refs": { + "ExportableLicenseFields$member": null + } + }, + "ExportableLicenseFields": { + "base": null, + "refs": { + "ExportLicenseRecommendationsRequest$fieldsToExport": "

The recommendations data to include in the export file. For more information about the fields that can be exported, see Exported files in the Compute Optimizer User Guide.

" + } + }, "ExportableVolumeField": { "base": null, "refs": { @@ -652,7 +679,8 @@ "ExportEBSVolumeRecommendationsRequest$fileFormat": "

The format of the export file.

The only export file format currently supported is Csv.

", "ExportEC2InstanceRecommendationsRequest$fileFormat": "

The format of the export file.

The only export file format currently supported is Csv.

", "ExportECSServiceRecommendationsRequest$fileFormat": "

The format of the export file.

The CSV file is the only export file format currently supported.

", - "ExportLambdaFunctionRecommendationsRequest$fileFormat": "

The format of the export file.

The only export file format currently supported is Csv.

" + "ExportLambdaFunctionRecommendationsRequest$fileFormat": "

The format of the export file.

The only export file format currently supported is Csv.

", + "ExportLicenseRecommendationsRequest$fileFormat": "

The format of the export file.

A CSV file is the only export format currently supported.

" } }, "Filter": { @@ -681,7 +709,8 @@ "EnrollmentFilter$values": "

The value of the filter.

The valid values are Active, Inactive, Pending, and Failed.

", "Filter$values": "

The value of the filter.

The valid values for this parameter are as follows, depending on what you specify for the name parameter and the resource type that you wish to filter results for:

  • Specify Optimized or NotOptimized if you specify the name parameter as Finding and you want to filter results for Auto Scaling groups.

  • Specify Underprovisioned, Overprovisioned, or Optimized if you specify the name parameter as Finding and you want to filter results for EC2 instances.

  • Specify Ec2Instance or AutoScalingGroup if you specify the name parameter as RecommendationSourceType.

  • Specify one of the following options if you specify the name parameter as FindingReasonCodes:

    • CPUOverprovisioned — The instance’s CPU configuration can be sized down while still meeting the performance requirements of your workload.

    • CPUUnderprovisioned — The instance’s CPU configuration doesn't meet the performance requirements of your workload and there is an alternative instance type that provides better CPU performance.

    • MemoryOverprovisioned — The instance’s memory configuration can be sized down while still meeting the performance requirements of your workload.

    • MemoryUnderprovisioned — The instance’s memory configuration doesn't meet the performance requirements of your workload and there is an alternative instance type that provides better memory performance.

    • EBSThroughputOverprovisioned — The instance’s EBS throughput configuration can be sized down while still meeting the performance requirements of your workload.

    • EBSThroughputUnderprovisioned — The instance’s EBS throughput configuration doesn't meet the performance requirements of your workload and there is an alternative instance type that provides better EBS throughput performance.

    • EBSIOPSOverprovisioned — The instance’s EBS IOPS configuration can be sized down while still meeting the performance requirements of your workload.

    • EBSIOPSUnderprovisioned — The instance’s EBS IOPS configuration doesn't meet the performance requirements of your workload and there is an alternative instance type that provides better EBS IOPS performance.

    • NetworkBandwidthOverprovisioned — The instance’s network bandwidth configuration can be sized down while still meeting the performance requirements of your workload.

    • NetworkBandwidthUnderprovisioned — The instance’s network bandwidth configuration doesn't meet the performance requirements of your workload and there is an alternative instance type that provides better network bandwidth performance. This finding reason happens when the NetworkIn or NetworkOut performance of an instance is impacted.

    • NetworkPPSOverprovisioned — The instance’s network PPS (packets per second) configuration can be sized down while still meeting the performance requirements of your workload.

    • NetworkPPSUnderprovisioned — The instance’s network PPS (packets per second) configuration doesn't meet the performance requirements of your workload and there is an alternative instance type that provides better network PPS performance.

    • DiskIOPSOverprovisioned — The instance’s disk IOPS configuration can be sized down while still meeting the performance requirements of your workload.

    • DiskIOPSUnderprovisioned — The instance’s disk IOPS configuration doesn't meet the performance requirements of your workload and there is an alternative instance type that provides better disk IOPS performance.

    • DiskThroughputOverprovisioned — The instance’s disk throughput configuration can be sized down while still meeting the performance requirements of your workload.

    • DiskThroughputUnderprovisioned — The instance’s disk throughput configuration doesn't meet the performance requirements of your workload and there is an alternative instance type that provides better disk throughput performance.

", "JobFilter$values": "

The value of the filter.

The valid values for this parameter are as follows, depending on what you specify for the name parameter:

  • Specify Ec2Instance or AutoScalingGroup if you specify the name parameter as ResourceType. There is no filter for EBS volumes because volume recommendations cannot be exported at this time.

  • Specify Queued, InProgress, Complete, or Failed if you specify the name parameter as JobStatus.

", - "LambdaFunctionRecommendationFilter$values": "

The value of the filter.

The valid values for this parameter are as follows, depending on what you specify for the name parameter:

  • Specify Optimized, NotOptimized, or Unavailable if you specify the name parameter as Finding.

  • Specify MemoryOverprovisioned, MemoryUnderprovisioned, InsufficientData, or Inconclusive if you specify the name parameter as FindingReasonCode.

" + "LambdaFunctionRecommendationFilter$values": "

The value of the filter.

The valid values for this parameter are as follows, depending on what you specify for the name parameter:

  • Specify Optimized, NotOptimized, or Unavailable if you specify the name parameter as Finding.

  • Specify MemoryOverprovisioned, MemoryUnderprovisioned, InsufficientData, or Inconclusive if you specify the name parameter as FindingReasonCode.

", + "LicenseRecommendationFilter$values": "

The value of the filter.

The valid values for this parameter are as follows, depending on what you specify for the name parameter:

  • If you specify the name parameter as Finding, then specify Optimized, NotOptimized, or InsufficentMetrics.

  • If you specify the name parameter as FindingReasonCode, then specify Optimized, LicenseOverprovisioned, InvalidCloudwatchApplicationInsights, or CloudwatchApplicationInsightsError.

" } }, "Filters": { @@ -826,6 +855,16 @@ "refs": { } }, + "GetLicenseRecommendationsRequest": { + "base": null, + "refs": { + } + }, + "GetLicenseRecommendationsResponse": { + "base": null, + "refs": { + } + }, "GetRecommendationError": { "base": "

Describes an error experienced when getting recommendations.

For example, an error is returned if you request recommendations for an unsupported Auto Scaling group, or if you request recommendations for an instance of an unsupported instance family.

", "refs": { @@ -838,7 +877,8 @@ "GetAutoScalingGroupRecommendationsResponse$errors": "

An array of objects that describe errors of the request.

For example, an error is returned if you request recommendations for an unsupported Auto Scaling group.

", "GetEBSVolumeRecommendationsResponse$errors": "

An array of objects that describe errors of the request.

For example, an error is returned if you request recommendations for an unsupported volume.

", "GetEC2InstanceRecommendationsResponse$errors": "

An array of objects that describe errors of the request.

For example, an error is returned if you request recommendations for an instance of an unsupported instance family.

", - "GetECSServiceRecommendationsResponse$errors": "

An array of objects that describe errors of the request.

" + "GetECSServiceRecommendationsResponse$errors": "

An array of objects that describe errors of the request.

", + "GetLicenseRecommendationsResponse$errors": "

An array of objects that describe errors of the request.

" } }, "GetRecommendationPreferencesRequest": { @@ -881,6 +921,7 @@ "ExportEC2InstanceRecommendationsRequest$includeMemberAccounts": "

Indicates whether to include recommendations for resources in all member accounts of the organization if your account is the management account of an organization.

The member accounts must also be opted in to Compute Optimizer, and trusted access for Compute Optimizer must be enabled in the organization account. For more information, see Compute Optimizer and Amazon Web Services Organizations trusted access in the Compute Optimizer User Guide.

Recommendations for member accounts of the organization are not included in the export file if this parameter is omitted.

Recommendations for member accounts are not included in the export if this parameter, or the account IDs parameter, is omitted.

", "ExportECSServiceRecommendationsRequest$includeMemberAccounts": "

If your account is the management account or the delegated administrator of an organization, this parameter indicates whether to include recommendations for resources in all member accounts of the organization.

The member accounts must also be opted in to Compute Optimizer, and trusted access for Compute Optimizer must be enabled in the organization account. For more information, see Compute Optimizer and Amazon Web Services Organizations trusted access in the Compute Optimizer User Guide.

If this parameter is omitted, recommendations for member accounts of the organization aren't included in the export file.

If this parameter or the account ID parameter is omitted, recommendations for member accounts aren't included in the export.

", "ExportLambdaFunctionRecommendationsRequest$includeMemberAccounts": "

Indicates whether to include recommendations for resources in all member accounts of the organization if your account is the management account of an organization.

The member accounts must also be opted in to Compute Optimizer, and trusted access for Compute Optimizer must be enabled in the organization account. For more information, see Compute Optimizer and Amazon Web Services Organizations trusted access in the Compute Optimizer User Guide.

Recommendations for member accounts of the organization are not included in the export file if this parameter is omitted.

This parameter cannot be specified together with the account IDs parameter. The parameters are mutually exclusive.

Recommendations for member accounts are not included in the export if this parameter, or the account IDs parameter, is omitted.

", + "ExportLicenseRecommendationsRequest$includeMemberAccounts": "

Indicates whether to include recommendations for resources in all member accounts of the organization if your account is the management account of an organization.

The member accounts must also be opted in to Compute Optimizer, and trusted access for Compute Optimizer must be enabled in the organization account. For more information, see Compute Optimizer and Amazon Web Services Organizations trusted access in the Compute Optimizer User Guide.

If this parameter is omitted, recommendations for member accounts of the organization aren't included in the export file .

This parameter cannot be specified together with the account IDs parameter. The parameters are mutually exclusive.

", "UpdateEnrollmentStatusRequest$includeMemberAccounts": "

Indicates whether to enroll member accounts of the organization if the account is the management account of an organization.

" } }, @@ -978,7 +1019,8 @@ "base": null, "refs": { "AutoScalingGroupConfiguration$instanceType": "

The instance type for the Auto Scaling group.

", - "InstanceRecommendationOption$instanceType": "

The instance type of the instance recommendation.

" + "InstanceRecommendationOption$instanceType": "

The instance type of the instance recommendation.

", + "LicenseConfiguration$instanceType": "

The instance type used in the license.

" } }, "InternalServerException": { @@ -1017,6 +1059,7 @@ "ExportEC2InstanceRecommendationsResponse$jobId": "

The identification number of the export job.

Use the DescribeRecommendationExportJobs action, and specify the job ID to view the status of an export job.

", "ExportECSServiceRecommendationsResponse$jobId": "

The identification number of the export job.

To view the status of an export job, use the DescribeRecommendationExportJobs action and specify the job ID.

", "ExportLambdaFunctionRecommendationsResponse$jobId": "

The identification number of the export job.

Use the DescribeRecommendationExportJobs action, and specify the job ID to view the status of an export job.

", + "ExportLicenseRecommendationsResponse$jobId": "

The identification number of the export job.

To view the status of an export job, use the DescribeRecommendationExportJobs action and specify the job ID.

", "JobIds$member": null, "RecommendationExportJob$jobId": "

The identification number of the export job.

" } @@ -1149,6 +1192,7 @@ "ECSServiceRecommendation$lastRefreshTimestamp": "

The timestamp of when the Amazon ECS service recommendation was last generated.

", "InstanceRecommendation$lastRefreshTimestamp": "

The timestamp of when the instance recommendation was last generated.

", "LambdaFunctionRecommendation$lastRefreshTimestamp": "

The timestamp of when the function recommendation was last generated.

", + "LicenseRecommendation$lastRefreshTimestamp": "

The timestamp of when the license recommendation was last generated.

", "VolumeRecommendation$lastRefreshTimestamp": "

The timestamp of when the volume recommendation was last generated.

" } }, @@ -1160,6 +1204,99 @@ "RecommendationExportJob$lastUpdatedTimestamp": "

The timestamp of when the export job was last updated.

" } }, + "LicenseConfiguration": { + "base": "

Describes the configuration of a license for an Amazon EC2 instance.

", + "refs": { + "LicenseRecommendation$currentLicenseConfiguration": "

An object that describes the current configuration of an instance that runs on a license.

" + } + }, + "LicenseEdition": { + "base": null, + "refs": { + "LicenseConfiguration$licenseEdition": "

The edition of the license for the application that runs on the instance.

", + "LicenseRecommendationOption$licenseEdition": "

The recommended edition of the license for the application that runs on the instance.

" + } + }, + "LicenseFinding": { + "base": null, + "refs": { + "LicenseRecommendation$finding": "

The finding classification for an instance that runs on a license.

Findings include:

  • InsufficentMetrics — When Compute Optimizer detects that your CloudWatch Application Insights isn't enabled or is enabled with insufficient permissions.

  • NotOptimized — When Compute Optimizer detects that your EC2 infrastructure isn't using any of the SQL server license features you're paying for, a license is considered not optimized.

  • Optimized — When Compute Optimizer detects that all specifications of your license meet the performance requirements of your workload.

" + } + }, + "LicenseFindingReasonCode": { + "base": null, + "refs": { + "LicenseFindingReasonCodes$member": null + } + }, + "LicenseFindingReasonCodes": { + "base": null, + "refs": { + "LicenseRecommendation$findingReasonCodes": "

The reason for the finding classification for an instance that runs on a license.

Finding reason codes include:

  • Optimized — All specifications of your license meet the performance requirements of your workload.

  • LicenseOverprovisioned — A license is considered over-provisioned when your license can be downgraded while still meeting the performance requirements of your workload.

  • InvalidCloudwatchApplicationInsights — CloudWatch Application Insights isn't configured properly.

  • CloudwatchApplicationInsightsError — There is a CloudWatch Application Insights error.

" + } + }, + "LicenseModel": { + "base": null, + "refs": { + "LicenseConfiguration$licenseModel": "

The license type associated with the instance.

", + "LicenseRecommendationOption$licenseModel": "

The recommended license type associated with the instance.

" + } + }, + "LicenseName": { + "base": null, + "refs": { + "LicenseConfiguration$licenseName": "

The name of the license for the application that runs on the instance.

" + } + }, + "LicenseRecommendation": { + "base": "

Describes a license recommendation for an EC2 instance.

", + "refs": { + "LicenseRecommendations$member": null + } + }, + "LicenseRecommendationFilter": { + "base": "

Describes a filter that returns a more specific list of license recommendations. Use this filter with the GetLicenseRecommendation action.

", + "refs": { + "LicenseRecommendationFilters$member": null + } + }, + "LicenseRecommendationFilterName": { + "base": null, + "refs": { + "LicenseRecommendationFilter$name": "

The name of the filter.

Specify Finding to return recommendations with a specific finding classification.

Specify FindingReasonCode to return recommendations with a specific finding reason code.

You can filter your license recommendations by tag:key and tag-key tags.

A tag:key is a key and value combination of a tag assigned to your license recommendations. Use the tag key in the filter name and the tag value as the filter value. For example, to find all license recommendations that have a tag with the key of Owner and the value of TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

A tag-key is the key of a tag assigned to your license recommendations. Use this filter to find all of your license recommendations that have a tag with a specific key. This doesn’t consider the tag value. For example, you can find your license recommendations with a tag key value of Owner or without any tag keys assigned.

" + } + }, + "LicenseRecommendationFilters": { + "base": null, + "refs": { + "ExportLicenseRecommendationsRequest$filters": "

An array of objects to specify a filter that exports a more specific set of license recommendations.

", + "GetLicenseRecommendationsRequest$filters": "

An array of objects to specify a filter that returns a more specific list of license recommendations.

" + } + }, + "LicenseRecommendationOption": { + "base": "

Describes the recommendation options for licenses.

", + "refs": { + "LicenseRecommendationOptions$member": null + } + }, + "LicenseRecommendationOptions": { + "base": null, + "refs": { + "LicenseRecommendation$licenseRecommendationOptions": "

An array of objects that describe the license recommendation options.

" + } + }, + "LicenseRecommendations": { + "base": null, + "refs": { + "GetLicenseRecommendationsResponse$licenseRecommendations": "

An array of objects that describe license recommendations.

" + } + }, + "LicenseVersion": { + "base": null, + "refs": { + "LicenseConfiguration$licenseVersion": "

The version of the license for the application that runs on the instance.

" + } + }, "LimitExceededException": { "base": "

The request exceeds a limit of the service.

", "refs": { @@ -1172,6 +1309,7 @@ "ECSServiceRecommendation$lookbackPeriodInDays": "

The number of days the Amazon ECS service utilization metrics were analyzed.

", "InstanceRecommendation$lookBackPeriodInDays": "

The number of days for which utilization metrics were analyzed for the instance.

", "LambdaFunctionRecommendation$lookbackPeriodInDays": "

The number of days for which utilization metrics were analyzed for the function.

", + "LicenseRecommendation$lookbackPeriodInDays": "

The number of days for which utilization metrics were analyzed for an instance that runs on a license.

", "VolumeRecommendation$lookBackPeriodInDays": "

The number of days for which utilization metrics were analyzed for the volume.

" } }, @@ -1197,6 +1335,7 @@ "GetECSServiceRecommendationsRequest$maxResults": "

The maximum number of Amazon ECS service recommendations to return with a single request.

To retrieve the remaining results, make another request with the returned nextToken value.

", "GetEnrollmentStatusesForOrganizationRequest$maxResults": "

The maximum number of account enrollment statuses to return with a single request. You can specify up to 100 statuses to return with each request.

To retrieve the remaining results, make another request with the returned nextToken value.

", "GetLambdaFunctionRecommendationsRequest$maxResults": "

The maximum number of function recommendations to return with a single request.

To retrieve the remaining results, make another request with the returned nextToken value.

", + "GetLicenseRecommendationsRequest$maxResults": "

The maximum number of license recommendations to return with a single request.

To retrieve the remaining results, make another request with the returned nextToken value.

", "GetRecommendationPreferencesRequest$maxResults": "

The maximum number of recommendation preferences to return with a single request.

To retrieve the remaining results, make another request with the returned nextToken value.

", "GetRecommendationSummariesRequest$maxResults": "

The maximum number of recommendation summaries to return with a single request.

To retrieve the remaining results, make another request with the returned nextToken value.

" } @@ -1253,6 +1392,24 @@ "UtilizationMetric$name": "

The name of the utilization metric.

The following utilization metrics are available:

  • Cpu - The percentage of allocated EC2 compute units that are currently in use on the instance. This metric identifies the processing power required to run an application on the instance.

    Depending on the instance type, tools in your operating system can show a lower percentage than CloudWatch when the instance is not allocated a full processor core.

    Units: Percent

  • Memory - The percentage of memory that is currently in use on the instance. This metric identifies the amount of memory required to run an application on the instance.

    Units: Percent

    The Memory metric is returned only for resources that have the unified CloudWatch agent installed on them. For more information, see Enabling Memory Utilization with the CloudWatch Agent.

  • EBS_READ_OPS_PER_SECOND - The completed read operations from all EBS volumes attached to the instance in a specified period of time.

    Unit: Count

  • EBS_WRITE_OPS_PER_SECOND - The completed write operations to all EBS volumes attached to the instance in a specified period of time.

    Unit: Count

  • EBS_READ_BYTES_PER_SECOND - The bytes read from all EBS volumes attached to the instance in a specified period of time.

    Unit: Bytes

  • EBS_WRITE_BYTES_PER_SECOND - The bytes written to all EBS volumes attached to the instance in a specified period of time.

    Unit: Bytes

  • DISK_READ_OPS_PER_SECOND - The completed read operations from all instance store volumes available to the instance in a specified period of time.

    If there are no instance store volumes, either the value is 0 or the metric is not reported.

  • DISK_WRITE_OPS_PER_SECOND - The completed write operations from all instance store volumes available to the instance in a specified period of time.

    If there are no instance store volumes, either the value is 0 or the metric is not reported.

  • DISK_READ_BYTES_PER_SECOND - The bytes read from all instance store volumes available to the instance. This metric is used to determine the volume of the data the application reads from the disk of the instance. This can be used to determine the speed of the application.

    If there are no instance store volumes, either the value is 0 or the metric is not reported.

  • DISK_WRITE_BYTES_PER_SECOND - The bytes written to all instance store volumes available to the instance. This metric is used to determine the volume of the data the application writes onto the disk of the instance. This can be used to determine the speed of the application.

    If there are no instance store volumes, either the value is 0 or the metric is not reported.

  • NETWORK_IN_BYTES_PER_SECOND - The number of bytes received by the instance on all network interfaces. This metric identifies the volume of incoming network traffic to a single instance.

  • NETWORK_OUT_BYTES_PER_SECOND - The number of bytes sent out by the instance on all network interfaces. This metric identifies the volume of outgoing network traffic from a single instance.

  • NETWORK_PACKETS_IN_PER_SECOND - The number of packets received by the instance on all network interfaces. This metric identifies the volume of incoming traffic in terms of the number of packets on a single instance.

  • NETWORK_PACKETS_OUT_PER_SECOND - The number of packets sent out by the instance on all network interfaces. This metric identifies the volume of outgoing traffic in terms of the number of packets on a single instance.

" } }, + "MetricProviderArn": { + "base": null, + "refs": { + "MetricSource$providerArn": "

The ARN of the metric source provider.

" + } + }, + "MetricSource": { + "base": "

The list of metric sources required to generate recommendations for commercial software licenses.

", + "refs": { + "MetricsSource$member": null + } + }, + "MetricSourceProvider": { + "base": null, + "refs": { + "MetricSource$provider": "

The name of the metric source provider.

" + } + }, "MetricStatistic": { "base": null, "refs": { @@ -1281,6 +1438,12 @@ "ProjectedMetric$values": "

The values of the projected utilization metrics.

" } }, + "MetricsSource": { + "base": null, + "refs": { + "LicenseConfiguration$metricsSource": "

The list of metric sources required to generate recommendations for commercial software licenses.

" + } + }, "MigrationEffort": { "base": null, "refs": { @@ -1316,6 +1479,8 @@ "GetEnrollmentStatusesForOrganizationResponse$nextToken": "

The token to use to advance to the next page of account enrollment statuses.

This value is null when there are no more pages of account enrollment statuses to return.

", "GetLambdaFunctionRecommendationsRequest$nextToken": "

The token to advance to the next page of function recommendations.

", "GetLambdaFunctionRecommendationsResponse$nextToken": "

The token to use to advance to the next page of function recommendations.

This value is null when there are no more pages of function recommendations to return.

", + "GetLicenseRecommendationsRequest$nextToken": "

The token to advance to the next page of license recommendations.

", + "GetLicenseRecommendationsResponse$nextToken": "

The token to use to advance to the next page of license recommendations.

", "GetRecommendationPreferencesRequest$nextToken": "

The token to advance to the next page of recommendation preferences.

", "GetRecommendationPreferencesResponse$nextToken": "

The token to use to advance to the next page of recommendation preferences.

This value is null when there are no more pages of recommendation preferences to return.

", "GetRecommendationSummariesRequest$nextToken": "

The token to advance to the next page of recommendation summaries.

", @@ -1345,6 +1510,12 @@ "MemorySizeConfiguration$memoryReservation": "

The limit of memory reserve for the container.

" } }, + "NumberOfCores": { + "base": null, + "refs": { + "LicenseConfiguration$numberOfCores": "

The current number of cores associated with the instance.

" + } + }, "NumberOfInvocations": { "base": null, "refs": { @@ -1357,6 +1528,13 @@ "GetEnrollmentStatusResponse$numberOfMemberAccountsOptedIn": "

The count of organization member accounts that are opted in to the service, if your account is an organization management account.

" } }, + "OperatingSystem": { + "base": null, + "refs": { + "LicenseConfiguration$operatingSystem": "

The operating system of the instance.

", + "LicenseRecommendationOption$operatingSystem": "

The operating system of a license recommendation option.

" + } + }, "OptInRequiredException": { "base": "

The account is not opted in to Compute Optimizer.

", "refs": { @@ -1424,6 +1602,7 @@ "AutoScalingGroupRecommendationOption$rank": "

The rank of the Auto Scaling group recommendation option.

The top recommendation option is ranked as 1.

", "InstanceRecommendationOption$rank": "

The rank of the instance recommendation option.

The top recommendation option is ranked as 1.

", "LambdaFunctionMemoryRecommendationOption$rank": "

The rank of the function recommendation option.

The top recommendation option is ranked as 1.

", + "LicenseRecommendationOption$rank": "

The rank of the license recommendation option.

The top recommendation option is ranked as 1.

", "RecommendedOptionProjectedMetric$rank": "

The rank of the recommendation option projected metric.

The top recommendation option is ranked as 1.

The projected metric rank correlates to the recommendation option rank. For example, the projected metric ranked as 1 is related to the recommendation option that is also ranked as 1 in the same response.

", "VolumeRecommendationOption$rank": "

The rank of the volume recommendation option.

The top recommendation option is ranked as 1.

" } @@ -1550,7 +1729,15 @@ "ResourceArn": { "base": null, "refs": { - "GetEffectiveRecommendationPreferencesRequest$resourceArn": "

The Amazon Resource Name (ARN) of the resource for which to confirm effective recommendation preferences. Only EC2 instance and Auto Scaling group ARNs are currently supported.

" + "GetEffectiveRecommendationPreferencesRequest$resourceArn": "

The Amazon Resource Name (ARN) of the resource for which to confirm effective recommendation preferences. Only EC2 instance and Auto Scaling group ARNs are currently supported.

", + "LicenseRecommendation$resourceArn": "

The ARN that identifies the Amazon EC2 instance.

", + "ResourceArns$member": null + } + }, + "ResourceArns": { + "base": null, + "refs": { + "GetLicenseRecommendationsRequest$resourceArns": "

The ARN that identifies the Amazon EC2 instance.

The following is the format of the ARN:

arn:aws:ec2:region:aws_account_id:instance/instance-id

" } }, "ResourceNotFoundException": { @@ -1582,7 +1769,8 @@ "ExportEBSVolumeRecommendationsResponse$s3Destination": null, "ExportEC2InstanceRecommendationsResponse$s3Destination": "

An object that describes the destination Amazon S3 bucket of a recommendations export file.

", "ExportECSServiceRecommendationsResponse$s3Destination": null, - "ExportLambdaFunctionRecommendationsResponse$s3Destination": null + "ExportLambdaFunctionRecommendationsResponse$s3Destination": null, + "ExportLicenseRecommendationsResponse$s3Destination": null } }, "S3DestinationConfig": { @@ -1592,7 +1780,8 @@ "ExportEBSVolumeRecommendationsRequest$s3DestinationConfig": null, "ExportEC2InstanceRecommendationsRequest$s3DestinationConfig": "

An object to specify the destination Amazon Simple Storage Service (Amazon S3) bucket name and key prefix for the export job.

You must create the destination Amazon S3 bucket for your recommendations export before you create the export job. Compute Optimizer does not create the S3 bucket for you. After you create the S3 bucket, ensure that it has the required permissions policy to allow Compute Optimizer to write the export file to it. If you plan to specify an object prefix when you create the export job, you must include the object prefix in the policy that you add to the S3 bucket. For more information, see Amazon S3 Bucket Policy for Compute Optimizer in the Compute Optimizer User Guide.

", "ExportECSServiceRecommendationsRequest$s3DestinationConfig": null, - "ExportLambdaFunctionRecommendationsRequest$s3DestinationConfig": null + "ExportLambdaFunctionRecommendationsRequest$s3DestinationConfig": null, + "ExportLicenseRecommendationsRequest$s3DestinationConfig": null } }, "SavingsOpportunity": { @@ -1602,6 +1791,7 @@ "ECSServiceRecommendationOption$savingsOpportunity": null, "InstanceRecommendationOption$savingsOpportunity": "

An object that describes the savings opportunity for the instance recommendation option. Savings opportunity includes the estimated monthly savings amount and percentage.

", "LambdaFunctionMemoryRecommendationOption$savingsOpportunity": "

An object that describes the savings opportunity for the Lambda function recommendation option. Savings opportunity includes the estimated monthly savings amount and percentage.

", + "LicenseRecommendationOption$savingsOpportunity": null, "RecommendationSummary$savingsOpportunity": "

An object that describes the savings opportunity for a given resource type. Savings opportunity includes the estimated monthly savings amount and percentage.

", "VolumeRecommendationOption$savingsOpportunity": "

An object that describes the savings opportunity for the EBS volume recommendation option. Savings opportunity includes the estimated monthly savings amount and percentage.

" } @@ -1718,6 +1908,7 @@ "ECSServiceRecommendation$tags": "

A list of tags assigned to your Amazon ECS service recommendations.

", "InstanceRecommendation$tags": "

A list of tags assigned to your Amazon EC2 instance recommendations.

", "LambdaFunctionRecommendation$tags": "

A list of tags assigned to your Lambda function recommendations.

", + "LicenseRecommendation$tags": "

A list of tags assigned to an EC2 instance.

", "VolumeRecommendation$tags": "

A list of tags assigned to your Amazon EBS volume recommendations.

" } }, diff --git a/models/apis/compute-optimizer/2019-11-01/endpoint-rule-set-1.json b/models/apis/compute-optimizer/2019-11-01/endpoint-rule-set-1.json index 41a58051cf6..dfdfa862172 100644 --- a/models/apis/compute-optimizer/2019-11-01/endpoint-rule-set-1.json +++ b/models/apis/compute-optimizer/2019-11-01/endpoint-rule-set-1.json @@ -58,52 +58,56 @@ "type": "error" }, { - "conditions": [], - "type": "tree", - "rules": [ + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" + "ref": "UseDualStack" }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" + true + ] } - ] + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, { - "conditions": [], + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], "type": "tree", "rules": [ { "conditions": [ { - "fn": "isSet", + "fn": "aws.partition", "argv": [ { "ref": "Region" } - ] + ], + "assign": "PartitionResult" } ], "type": "tree", @@ -111,13 +115,22 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "booleanEquals", "argv": [ { - "ref": "Region" - } - ], - "assign": "PartitionResult" + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] } ], "type": "tree", @@ -127,224 +140,175 @@ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] }, { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://compute-optimizer-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" + "endpoint": { + "url": "https://compute-optimizer-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ { - "conditions": [], - "endpoint": { - "url": "https://compute-optimizer-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsFIPS" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" + "endpoint": { + "url": "https://compute-optimizer-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://compute-optimizer.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } - ] - }, - { - "conditions": [], + ], "type": "tree", "rules": [ { "conditions": [], "endpoint": { - "url": "https://compute-optimizer.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://compute-optimizer.{Region}.{PartitionResult#dualStackDnsSuffix}", "properties": {}, "headers": {} }, "type": "endpoint" } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://compute-optimizer.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } \ No newline at end of file diff --git a/models/apis/organizations/2016-11-28/docs-2.json b/models/apis/organizations/2016-11-28/docs-2.json index 17b81aeb87f..7cbba346ae7 100644 --- a/models/apis/organizations/2016-11-28/docs-2.json +++ b/models/apis/organizations/2016-11-28/docs-2.json @@ -1,39 +1,39 @@ { "version": "2.0", - "service": "

Organizations is a web service that enables you to consolidate your multiple Amazon Web Services accounts into an organization and centrally manage your accounts and their resources.

This guide provides descriptions of the Organizations operations. For more information about using this service, see the Organizations User Guide.

Support and feedback for Organizations

We welcome your feedback. Send your comments to feedback-awsorganizations@amazon.com or post your feedback and questions in the Organizations support forum. For more information about the Amazon Web Services support forums, see Forums Help.

Endpoint to call When using the CLI or the Amazon Web Services SDK

For the current release of Organizations, specify the us-east-1 region for all Amazon Web Services API and CLI calls made from the commercial Amazon Web Services Regions outside of China. If calling from one of the Amazon Web Services Regions in China, then specify cn-northwest-1. You can do this in the CLI by using these parameters and commands:

  • Use the following parameter with each command to specify both the endpoint and its region:

    --endpoint-url https://organizations.us-east-1.amazonaws.com (from commercial Amazon Web Services Regions outside of China)

    or

    --endpoint-url https://organizations.cn-northwest-1.amazonaws.com.cn (from Amazon Web Services Regions in China)

  • Use the default endpoint, but configure your default region with this command:

    aws configure set default.region us-east-1 (from commercial Amazon Web Services Regions outside of China)

    or

    aws configure set default.region cn-northwest-1 (from Amazon Web Services Regions in China)

  • Use the following parameter with each command to specify the endpoint:

    --region us-east-1 (from commercial Amazon Web Services Regions outside of China)

    or

    --region cn-northwest-1 (from Amazon Web Services Regions in China)

Recording API Requests

Organizations supports CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine which requests the Organizations service received, who made the request and when, and so on. For more about Organizations and its support for CloudTrail, see Logging Organizations Events with CloudTrail in the Organizations User Guide. To learn more about CloudTrail, including how to turn it on and find your log files, see the CloudTrail User Guide.

", + "service": "

Organizations is a web service that enables you to consolidate your multiple Amazon Web Services accounts into an organization and centrally manage your accounts and their resources.

This guide provides descriptions of the Organizations operations. For more information about using this service, see the Organizations User Guide.

Support and feedback for Organizations

We welcome your feedback. Send your comments to feedback-awsorganizations@amazon.com or post your feedback and questions in the Organizations support forum. For more information about the Amazon Web Services support forums, see Forums Help.

Endpoint to call When using the CLI or the Amazon Web Services SDK

For the current release of Organizations, specify the us-east-1 region for all Amazon Web Services API and CLI calls made from the commercial Amazon Web Services Regions outside of China. If calling from one of the Amazon Web Services Regions in China, then specify cn-northwest-1. You can do this in the CLI by using these parameters and commands:

  • Use the following parameter with each command to specify both the endpoint and its region:

    --endpoint-url https://organizations.us-east-1.amazonaws.com (from commercial Amazon Web Services Regions outside of China)

    or

    --endpoint-url https://organizations.cn-northwest-1.amazonaws.com.cn (from Amazon Web Services Regions in China)

  • Use the default endpoint, but configure your default region with this command:

    aws configure set default.region us-east-1 (from commercial Amazon Web Services Regions outside of China)

    or

    aws configure set default.region cn-northwest-1 (from Amazon Web Services Regions in China)

  • Use the following parameter with each command to specify the endpoint:

    --region us-east-1 (from commercial Amazon Web Services Regions outside of China)

    or

    --region cn-northwest-1 (from Amazon Web Services Regions in China)

Recording API Requests

Organizations supports CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine which requests the Organizations service received, who made the request and when, and so on. For more about Organizations and its support for CloudTrail, see Logging Organizations API calls with CloudTrail in the Organizations User Guide. To learn more about CloudTrail, including how to turn it on and find your log files, see the CloudTrail User Guide.

", "operations": { - "AcceptHandshake": "

Sends a response to the originator of a handshake agreeing to the action proposed by the handshake request.

You can only call this operation by the following principals when they also have the relevant IAM permissions:

  • Invitation to join or Approve all features request handshakes: only a principal from the member account.

    The user who calls the API for an invitation to join must have the organizations:AcceptHandshake permission. If you enabled all features in the organization, the user must also have the iam:CreateServiceLinkedRole permission so that Organizations can create the required service-linked role named AWSServiceRoleForOrganizations. For more information, see Organizations and Service-Linked Roles in the Organizations User Guide.

  • Enable all features final confirmation handshake: only a principal from the management account.

    For more information about invitations, see Inviting an Amazon Web Services account to join your organization in the Organizations User Guide. For more information about requests to enable all features in the organization, see Enabling all features in your organization in the Organizations User Guide.

After you accept a handshake, it continues to appear in the results of relevant APIs for only 30 days. After that, it's deleted.

", - "AttachPolicy": "

Attaches a policy to a root, an organizational unit (OU), or an individual account. How the policy affects accounts depends on the type of policy. Refer to the Organizations User Guide for information about each policy type:

This operation can be called only from the organization's management account.

", + "AcceptHandshake": "

Sends a response to the originator of a handshake agreeing to the action proposed by the handshake request.

You can only call this operation by the following principals when they also have the relevant IAM permissions:

  • Invitation to join or Approve all features request handshakes: only a principal from the member account.

    The user who calls the API for an invitation to join must have the organizations:AcceptHandshake permission. If you enabled all features in the organization, the user must also have the iam:CreateServiceLinkedRole permission so that Organizations can create the required service-linked role named AWSServiceRoleForOrganizations. For more information, see Organizations and service-linked roles in the Organizations User Guide.

  • Enable all features final confirmation handshake: only a principal from the management account.

    For more information about invitations, see Inviting an Amazon Web Services account to join your organization in the Organizations User Guide. For more information about requests to enable all features in the organization, see Enabling all features in your organization in the Organizations User Guide.

After you accept a handshake, it continues to appear in the results of relevant APIs for only 30 days. After that, it's deleted.

", + "AttachPolicy": "

Attaches a policy to a root, an organizational unit (OU), or an individual account. How the policy affects accounts depends on the type of policy. Refer to the Organizations User Guide for information about each policy type:

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", "CancelHandshake": "

Cancels a handshake. Canceling a handshake sets the handshake state to CANCELED.

This operation can be called only from the account that originated the handshake. The recipient of the handshake can't cancel it, but can use DeclineHandshake instead. After a handshake is canceled, the recipient can no longer respond to that handshake.

After you cancel a handshake, it continues to appear in the results of relevant APIs for only 30 days. After that, it's deleted.

", - "CloseAccount": "

Closes an Amazon Web Services member account within an organization. You can close an account when all features are enabled . You can't close the management account with this API. This is an asynchronous request that Amazon Web Services performs in the background. Because CloseAccount operates asynchronously, it can return a successful completion message even though account closure might still be in progress. You need to wait a few minutes before the account is fully closed. To check the status of the request, do one of the following:

  • Use the AccountId that you sent in the CloseAccount request to provide as a parameter to the DescribeAccount operation.

    While the close account request is in progress, Account status will indicate PENDING_CLOSURE. When the close account request completes, the status will change to SUSPENDED.

  • Check the CloudTrail log for the CloseAccountResult event that gets published after the account closes successfully. For information on using CloudTrail with Organizations, see Logging and monitoring in Organizations in the Organizations User Guide.

  • You can close only 10% of member accounts, between 10 and 200, within a rolling 30 day period. This quota is not bound by a calendar month, but starts when you close an account.

    After you reach this limit, you can close additional accounts in the Billing console. For more information, see Closing an account in the Amazon Web Services Billing and Cost Management User Guide.

  • To reinstate a closed account, contact Amazon Web Services Support within the 90-day grace period while the account is in SUSPENDED status.

  • If the Amazon Web Services account you attempt to close is linked to an Amazon Web Services GovCloud (US) account, the CloseAccount request will close both accounts. To learn important pre-closure details, see Closing an Amazon Web Services GovCloud (US) account in the Amazon Web Services GovCloud User Guide.

For more information about closing accounts, see Closing an Amazon Web Services account in the Organizations User Guide.

", - "CreateAccount": "

Creates an Amazon Web Services account that is automatically a member of the organization whose credentials made the request. This is an asynchronous request that Amazon Web Services performs in the background. Because CreateAccount operates asynchronously, it can return a successful completion message even though account initialization might still be in progress. You might need to wait a few minutes before you can successfully access the account. To check the status of the request, do one of the following:

  • Use the Id value of the CreateAccountStatus response element from this operation to provide as a parameter to the DescribeCreateAccountStatus operation.

  • Check the CloudTrail log for the CreateAccountResult event. For information on using CloudTrail with Organizations, see Logging and monitoring in Organizations in the Organizations User Guide.

The user who calls the API to create an account must have the organizations:CreateAccount permission. If you enabled all features in the organization, Organizations creates the required service-linked role named AWSServiceRoleForOrganizations. For more information, see Organizations and Service-Linked Roles in the Organizations User Guide.

If the request includes tags, then the requester must have the organizations:TagResource permission.

Organizations preconfigures the new member account with a role (named OrganizationAccountAccessRole by default) that grants users in the management account administrator permissions in the new member account. Principals in the management account can assume the role. Organizations clones the company name and address information for the new account from the organization's management account.

This operation can be called only from the organization's management account.

For more information about creating accounts, see Creating an Amazon Web Services account in Your Organization in the Organizations User Guide.

  • When you create an account in an organization using the Organizations console, API, or CLI commands, the information required for the account to operate as a standalone account, such as a payment method and signing the end user license agreement (EULA) is not automatically collected. If you must remove an account from your organization later, you can do so only after you provide the missing information. Follow the steps at To leave an organization as a member account in the Organizations User Guide.

  • If you get an exception that indicates that you exceeded your account limits for the organization, contact Amazon Web Services Support.

  • If you get an exception that indicates that the operation failed because your organization is still initializing, wait one hour and then try again. If the error persists, contact Amazon Web Services Support.

  • Using CreateAccount to create multiple temporary accounts isn't recommended. You can only close an account from the Billing and Cost Management console, and you must be signed in as the root user. For information on the requirements and process for closing an account, see Closing an Amazon Web Services account in the Organizations User Guide.

When you create a member account with this operation, you can choose whether to create the account with the IAM User and Role Access to Billing Information switch enabled. If you enable it, IAM users and roles that have appropriate permissions can view billing information for the account. If you disable it, only the account root user can access billing information. For information about how to disable this switch for an account, see Granting Access to Your Billing Information and Tools.

", - "CreateGovCloudAccount": "

This action is available if all of the following are true:

  • You're authorized to create accounts in the Amazon Web Services GovCloud (US) Region. For more information on the Amazon Web Services GovCloud (US) Region, see the Amazon Web Services GovCloud User Guide.

  • You already have an account in the Amazon Web Services GovCloud (US) Region that is paired with a management account of an organization in the commercial Region.

  • You call this action from the management account of your organization in the commercial Region.

  • You have the organizations:CreateGovCloudAccount permission.

Organizations automatically creates the required service-linked role named AWSServiceRoleForOrganizations. For more information, see Organizations and Service-Linked Roles in the Organizations User Guide.

Amazon Web Services automatically enables CloudTrail for Amazon Web Services GovCloud (US) accounts, but you should also do the following:

  • Verify that CloudTrail is enabled to store logs.

  • Create an Amazon S3 bucket for CloudTrail log storage.

    For more information, see Verifying CloudTrail Is Enabled in the Amazon Web Services GovCloud User Guide.

If the request includes tags, then the requester must have the organizations:TagResource permission. The tags are attached to the commercial account associated with the GovCloud account, rather than the GovCloud account itself. To add tags to the GovCloud account, call the TagResource operation in the GovCloud Region after the new GovCloud account exists.

You call this action from the management account of your organization in the commercial Region to create a standalone Amazon Web Services account in the Amazon Web Services GovCloud (US) Region. After the account is created, the management account of an organization in the Amazon Web Services GovCloud (US) Region can invite it to that organization. For more information on inviting standalone accounts in the Amazon Web Services GovCloud (US) to join an organization, see Organizations in the Amazon Web Services GovCloud User Guide.

Calling CreateGovCloudAccount is an asynchronous request that Amazon Web Services performs in the background. Because CreateGovCloudAccount operates asynchronously, it can return a successful completion message even though account initialization might still be in progress. You might need to wait a few minutes before you can successfully access the account. To check the status of the request, do one of the following:

When you call the CreateGovCloudAccount action, you create two accounts: a standalone account in the Amazon Web Services GovCloud (US) Region and an associated account in the commercial Region for billing and support purposes. The account in the commercial Region is automatically a member of the organization whose credentials made the request. Both accounts are associated with the same email address.

A role is created in the new account in the commercial Region that allows the management account in the organization in the commercial Region to assume it. An Amazon Web Services GovCloud (US) account is then created and associated with the commercial account that you just created. A role is also created in the new Amazon Web Services GovCloud (US) account that can be assumed by the Amazon Web Services GovCloud (US) account that is associated with the management account of the commercial organization. For more information and to view a diagram that explains how account access works, see Organizations in the Amazon Web Services GovCloud User Guide.

For more information about creating accounts, see Creating an Amazon Web Services account in Your Organization in the Organizations User Guide.

  • When you create an account in an organization using the Organizations console, API, or CLI commands, the information required for the account to operate as a standalone account is not automatically collected. This includes a payment method and signing the end user license agreement (EULA). If you must remove an account from your organization later, you can do so only after you provide the missing information. Follow the steps at To leave an organization as a member account in the Organizations User Guide.

  • If you get an exception that indicates that you exceeded your account limits for the organization, contact Amazon Web Services Support.

  • If you get an exception that indicates that the operation failed because your organization is still initializing, wait one hour and then try again. If the error persists, contact Amazon Web Services Support.

  • Using CreateGovCloudAccount to create multiple temporary accounts isn't recommended. You can only close an account from the Amazon Web Services Billing and Cost Management console, and you must be signed in as the root user. For information on the requirements and process for closing an account, see Closing an Amazon Web Services account in the Organizations User Guide.

When you create a member account with this operation, you can choose whether to create the account with the IAM User and Role Access to Billing Information switch enabled. If you enable it, IAM users and roles that have appropriate permissions can view billing information for the account. If you disable it, only the account root user can access billing information. For information about how to disable this switch for an account, see Granting Access to Your Billing Information and Tools.

", - "CreateOrganization": "

Creates an Amazon Web Services organization. The account whose user is calling the CreateOrganization operation automatically becomes the management account of the new organization.

This operation must be called using credentials from the account that is to become the new organization's management account. The principal must also have the relevant IAM permissions.

By default (or if you set the FeatureSet parameter to ALL), the new organization is created with all features enabled and service control policies automatically enabled in the root. If you instead choose to create the organization supporting only the consolidated billing features by setting the FeatureSet parameter to CONSOLIDATED_BILLING\", no policy types are enabled by default, and you can't use organization policies

", - "CreateOrganizationalUnit": "

Creates an organizational unit (OU) within a root or parent OU. An OU is a container for accounts that enables you to organize your accounts to apply policies according to your business requirements. The number of levels deep that you can nest OUs is dependent upon the policy types enabled for that root. For service control policies, the limit is five.

For more information about OUs, see Managing Organizational Units in the Organizations User Guide.

If the request includes tags, then the requester must have the organizations:TagResource permission.

This operation can be called only from the organization's management account.

", - "CreatePolicy": "

Creates a policy of a specified type that you can attach to a root, an organizational unit (OU), or an individual Amazon Web Services account.

For more information about policies and their use, see Managing Organization Policies.

If the request includes tags, then the requester must have the organizations:TagResource permission.

This operation can be called only from the organization's management account.

", + "CloseAccount": "

Closes an Amazon Web Services member account within an organization. You can close an account when all features are enabled . You can't close the management account with this API. This is an asynchronous request that Amazon Web Services performs in the background. Because CloseAccount operates asynchronously, it can return a successful completion message even though account closure might still be in progress. You need to wait a few minutes before the account is fully closed. To check the status of the request, do one of the following:

  • Use the AccountId that you sent in the CloseAccount request to provide as a parameter to the DescribeAccount operation.

    While the close account request is in progress, Account status will indicate PENDING_CLOSURE. When the close account request completes, the status will change to SUSPENDED.

  • Check the CloudTrail log for the CloseAccountResult event that gets published after the account closes successfully. For information on using CloudTrail with Organizations, see Logging and monitoring in Organizations in the Organizations User Guide.

  • You can close only 10% of member accounts, between 10 and 200, within a rolling 30 day period. This quota is not bound by a calendar month, but starts when you close an account. After you reach this limit, you can close additional accounts. For more information, see Closing a member account in your organization in the Organizations User Guide.

  • To reinstate a closed account, contact Amazon Web Services Support within the 90-day grace period while the account is in SUSPENDED status.

  • If the Amazon Web Services account you attempt to close is linked to an Amazon Web Services GovCloud (US) account, the CloseAccount request will close both accounts. To learn important pre-closure details, see Closing an Amazon Web Services GovCloud (US) account in the Amazon Web Services GovCloud User Guide.

", + "CreateAccount": "

Creates an Amazon Web Services account that is automatically a member of the organization whose credentials made the request. This is an asynchronous request that Amazon Web Services performs in the background. Because CreateAccount operates asynchronously, it can return a successful completion message even though account initialization might still be in progress. You might need to wait a few minutes before you can successfully access the account. To check the status of the request, do one of the following:

  • Use the Id value of the CreateAccountStatus response element from this operation to provide as a parameter to the DescribeCreateAccountStatus operation.

  • Check the CloudTrail log for the CreateAccountResult event. For information on using CloudTrail with Organizations, see Logging and monitoring in Organizations in the Organizations User Guide.

The user who calls the API to create an account must have the organizations:CreateAccount permission. If you enabled all features in the organization, Organizations creates the required service-linked role named AWSServiceRoleForOrganizations. For more information, see Organizations and service-linked roles in the Organizations User Guide.

If the request includes tags, then the requester must have the organizations:TagResource permission.

Organizations preconfigures the new member account with a role (named OrganizationAccountAccessRole by default) that grants users in the management account administrator permissions in the new member account. Principals in the management account can assume the role. Organizations clones the company name and address information for the new account from the organization's management account.

This operation can be called only from the organization's management account.

For more information about creating accounts, see Creating a member account in your organization in the Organizations User Guide.

  • When you create an account in an organization using the Organizations console, API, or CLI commands, the information required for the account to operate as a standalone account, such as a payment method and signing the end user license agreement (EULA) is not automatically collected. If you must remove an account from your organization later, you can do so only after you provide the missing information. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.

  • If you get an exception that indicates that you exceeded your account limits for the organization, contact Amazon Web Services Support.

  • If you get an exception that indicates that the operation failed because your organization is still initializing, wait one hour and then try again. If the error persists, contact Amazon Web Services Support.

  • Using CreateAccount to create multiple temporary accounts isn't recommended. You can only close an account from the Billing and Cost Management console, and you must be signed in as the root user. For information on the requirements and process for closing an account, see Closing a member account in your organization in the Organizations User Guide.

When you create a member account with this operation, you can choose whether to create the account with the IAM User and Role Access to Billing Information switch enabled. If you enable it, IAM users and roles that have appropriate permissions can view billing information for the account. If you disable it, only the account root user can access billing information. For information about how to disable this switch for an account, see Granting access to your billing information and tools.

", + "CreateGovCloudAccount": "

This action is available if all of the following are true:

  • You're authorized to create accounts in the Amazon Web Services GovCloud (US) Region. For more information on the Amazon Web Services GovCloud (US) Region, see the Amazon Web Services GovCloud User Guide.

  • You already have an account in the Amazon Web Services GovCloud (US) Region that is paired with a management account of an organization in the commercial Region.

  • You call this action from the management account of your organization in the commercial Region.

  • You have the organizations:CreateGovCloudAccount permission.

Organizations automatically creates the required service-linked role named AWSServiceRoleForOrganizations. For more information, see Organizations and service-linked roles in the Organizations User Guide.

Amazon Web Services automatically enables CloudTrail for Amazon Web Services GovCloud (US) accounts, but you should also do the following:

  • Verify that CloudTrail is enabled to store logs.

  • Create an Amazon S3 bucket for CloudTrail log storage.

    For more information, see Verifying CloudTrail Is Enabled in the Amazon Web Services GovCloud User Guide.

If the request includes tags, then the requester must have the organizations:TagResource permission. The tags are attached to the commercial account associated with the GovCloud account, rather than the GovCloud account itself. To add tags to the GovCloud account, call the TagResource operation in the GovCloud Region after the new GovCloud account exists.

You call this action from the management account of your organization in the commercial Region to create a standalone Amazon Web Services account in the Amazon Web Services GovCloud (US) Region. After the account is created, the management account of an organization in the Amazon Web Services GovCloud (US) Region can invite it to that organization. For more information on inviting standalone accounts in the Amazon Web Services GovCloud (US) to join an organization, see Organizations in the Amazon Web Services GovCloud User Guide.

Calling CreateGovCloudAccount is an asynchronous request that Amazon Web Services performs in the background. Because CreateGovCloudAccount operates asynchronously, it can return a successful completion message even though account initialization might still be in progress. You might need to wait a few minutes before you can successfully access the account. To check the status of the request, do one of the following:

When you call the CreateGovCloudAccount action, you create two accounts: a standalone account in the Amazon Web Services GovCloud (US) Region and an associated account in the commercial Region for billing and support purposes. The account in the commercial Region is automatically a member of the organization whose credentials made the request. Both accounts are associated with the same email address.

A role is created in the new account in the commercial Region that allows the management account in the organization in the commercial Region to assume it. An Amazon Web Services GovCloud (US) account is then created and associated with the commercial account that you just created. A role is also created in the new Amazon Web Services GovCloud (US) account that can be assumed by the Amazon Web Services GovCloud (US) account that is associated with the management account of the commercial organization. For more information and to view a diagram that explains how account access works, see Organizations in the Amazon Web Services GovCloud User Guide.

For more information about creating accounts, see Creating a member account in your organization in the Organizations User Guide.

  • When you create an account in an organization using the Organizations console, API, or CLI commands, the information required for the account to operate as a standalone account is not automatically collected. This includes a payment method and signing the end user license agreement (EULA). If you must remove an account from your organization later, you can do so only after you provide the missing information. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.

  • If you get an exception that indicates that you exceeded your account limits for the organization, contact Amazon Web Services Support.

  • If you get an exception that indicates that the operation failed because your organization is still initializing, wait one hour and then try again. If the error persists, contact Amazon Web Services Support.

  • Using CreateGovCloudAccount to create multiple temporary accounts isn't recommended. You can only close an account from the Amazon Web Services Billing and Cost Management console, and you must be signed in as the root user. For information on the requirements and process for closing an account, see Closing a member account in your organization in the Organizations User Guide.

When you create a member account with this operation, you can choose whether to create the account with the IAM User and Role Access to Billing Information switch enabled. If you enable it, IAM users and roles that have appropriate permissions can view billing information for the account. If you disable it, only the account root user can access billing information. For information about how to disable this switch for an account, see Granting access to your billing information and tools.

", + "CreateOrganization": "

Creates an Amazon Web Services organization. The account whose user is calling the CreateOrganization operation automatically becomes the management account of the new organization.

This operation must be called using credentials from the account that is to become the new organization's management account. The principal must also have the relevant IAM permissions.

By default (or if you set the FeatureSet parameter to ALL), the new organization is created with all features enabled and service control policies automatically enabled in the root. If you instead choose to create the organization supporting only the consolidated billing features by setting the FeatureSet parameter to CONSOLIDATED_BILLING, no policy types are enabled by default and you can't use organization policies.

", + "CreateOrganizationalUnit": "

Creates an organizational unit (OU) within a root or parent OU. An OU is a container for accounts that enables you to organize your accounts to apply policies according to your business requirements. The number of levels deep that you can nest OUs is dependent upon the policy types enabled for that root. For service control policies, the limit is five.

For more information about OUs, see Managing organizational units (OUs) in the Organizations User Guide.

If the request includes tags, then the requester must have the organizations:TagResource permission.

This operation can be called only from the organization's management account.

", + "CreatePolicy": "

Creates a policy of a specified type that you can attach to a root, an organizational unit (OU), or an individual Amazon Web Services account.

For more information about policies and their use, see Managing Organizations policies.

If the request includes tags, then the requester must have the organizations:TagResource permission.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", "DeclineHandshake": "

Declines a handshake request. This sets the handshake state to DECLINED and effectively deactivates the request.

This operation can be called only from the account that received the handshake. The originator of the handshake can use CancelHandshake instead. The originator can't reactivate a declined request, but can reinitiate the process with a new handshake request.

After you decline a handshake, it continues to appear in the results of relevant APIs for only 30 days. After that, it's deleted.

", "DeleteOrganization": "

Deletes the organization. You can delete an organization only by using credentials from the management account. The organization must be empty of member accounts.

", "DeleteOrganizationalUnit": "

Deletes an organizational unit (OU) from a root or another OU. You must first remove all accounts and child OUs from the OU that you want to delete.

This operation can be called only from the organization's management account.

", - "DeletePolicy": "

Deletes the specified policy from your organization. Before you perform this operation, you must first detach the policy from all organizational units (OUs), roots, and accounts.

This operation can be called only from the organization's management account.

", + "DeletePolicy": "

Deletes the specified policy from your organization. Before you perform this operation, you must first detach the policy from all organizational units (OUs), roots, and accounts.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", "DeleteResourcePolicy": "

Deletes the resource policy from your organization.

You can only call this operation from the organization's management account.

", "DeregisterDelegatedAdministrator": "

Removes the specified member Amazon Web Services account as a delegated administrator for the specified Amazon Web Services service.

Deregistering a delegated administrator can have unintended impacts on the functionality of the enabled Amazon Web Services service. See the documentation for the enabled service before you deregister a delegated administrator so that you understand any potential impacts.

You can run this action only for Amazon Web Services services that support this feature. For a current list of services that support it, see the column Supports Delegated Administrator in the table at Amazon Web Services Services that you can use with Organizations in the Organizations User Guide.

This operation can be called only from the organization's management account.

", "DescribeAccount": "

Retrieves Organizations-related information about the specified account.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", "DescribeCreateAccountStatus": "

Retrieves the current status of an asynchronous request to create an account.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", - "DescribeEffectivePolicy": "

Returns the contents of the effective policy for specified policy type and account. The effective policy is the aggregation of any policies of the specified type that the account inherits, plus any policy of that type that is directly attached to the account.

This operation applies only to policy types other than service control policies (SCPs).

For more information about policy inheritance, see How Policy Inheritance Works in the Organizations User Guide.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", + "DescribeEffectivePolicy": "

Returns the contents of the effective policy for specified policy type and account. The effective policy is the aggregation of any policies of the specified type that the account inherits, plus any policy of that type that is directly attached to the account.

This operation applies only to policy types other than service control policies (SCPs).

For more information about policy inheritance, see Understanding management policy inheritance in the Organizations User Guide.

This operation can be called from any account in the organization.

", "DescribeHandshake": "

Retrieves information about a previously requested handshake. The handshake ID comes from the response to the original InviteAccountToOrganization operation that generated the handshake.

You can access handshakes that are ACCEPTED, DECLINED, or CANCELED for only 30 days after they change to that state. They're then deleted and no longer accessible.

This operation can be called from any account in the organization.

", "DescribeOrganization": "

Retrieves information about the organization that the user's account belongs to.

This operation can be called from any account in the organization.

Even if a policy type is shown as available in the organization, you can disable it separately at the root level with DisablePolicyType. Use ListRoots to see the status of policy types for a specified root.

", "DescribeOrganizationalUnit": "

Retrieves information about an organizational unit (OU).

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", "DescribePolicy": "

Retrieves information about a policy.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", - "DescribeResourcePolicy": "

Retrieves information about a resource policy.

You can only call this operation from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", - "DetachPolicy": "

Detaches a policy from a target root, organizational unit (OU), or account.

If the policy being detached is a service control policy (SCP), the changes to permissions for Identity and Access Management (IAM) users and roles in affected accounts are immediate.

Every root, OU, and account must have at least one SCP attached. If you want to replace the default FullAWSAccess policy with an SCP that limits the permissions that can be delegated, you must attach the replacement SCP before you can remove the default SCP. This is the authorization strategy of an \"allow list\". If you instead attach a second SCP and leave the FullAWSAccess SCP still attached, and specify \"Effect\": \"Deny\" in the second SCP to override the \"Effect\": \"Allow\" in the FullAWSAccess policy (or any other attached SCP), you're using the authorization strategy of a \"deny list\".

This operation can be called only from the organization's management account.

", - "DisableAWSServiceAccess": "

Disables the integration of an Amazon Web Services service (the service that is specified by ServicePrincipal) with Organizations. When you disable integration, the specified service no longer can create a service-linked role in new accounts in your organization. This means the service can't perform operations on your behalf on any new accounts in your organization. The service can still perform operations in older accounts until the service completes its clean-up from Organizations.

We strongly recommend that you don't use this command to disable integration between Organizations and the specified Amazon Web Services service. Instead, use the console or commands that are provided by the specified service. This lets the trusted service perform any required initialization when enabling trusted access, such as creating any required resources and any required clean up of resources when disabling trusted access.

For information about how to disable trusted service access to your organization using the trusted service, see the Learn more link under the Supports Trusted Access column at Amazon Web Services services that you can use with Organizations. on this page.

If you disable access by using this command, it causes the following actions to occur:

  • The service can no longer create a service-linked role in the accounts in your organization. This means that the service can't perform operations on your behalf on any new accounts in your organization. The service can still perform operations in older accounts until the service completes its clean-up from Organizations.

  • The service can no longer perform tasks in the member accounts in the organization, unless those operations are explicitly permitted by the IAM policies that are attached to your roles. This includes any data aggregation from the member accounts to the management account, or to a delegated administrator account, where relevant.

  • Some services detect this and clean up any remaining data or resources related to the integration, while other services stop accessing the organization but leave any historical data and configuration in place to support a possible re-enabling of the integration.

Using the other service's console or commands to disable the integration ensures that the other service is aware that it can clean up any resources that are required only for the integration. How the service cleans up its resources in the organization's accounts depends on that service. For more information, see the documentation for the other Amazon Web Services service.

After you perform the DisableAWSServiceAccess operation, the specified service can no longer perform operations in your organization's accounts

For more information about integrating other services with Organizations, including the list of services that work with Organizations, see Integrating Organizations with Other Amazon Web Services Services in the Organizations User Guide.

This operation can be called only from the organization's management account.

", - "DisablePolicyType": "

Disables an organizational policy type in a root. A policy of a certain type can be attached to entities in a root only if that type is enabled in the root. After you perform this operation, you no longer can attach policies of the specified type to that root or to any organizational unit (OU) or account in that root. You can undo this by using the EnablePolicyType operation.

This is an asynchronous request that Amazon Web Services performs in the background. If you disable a policy type for a root, it still appears enabled for the organization if all features are enabled for the organization. Amazon Web Services recommends that you first use ListRoots to see the status of policy types for a specified root, and then use this operation.

This operation can be called only from the organization's management account.

To view the status of available policy types in the organization, use DescribeOrganization.

", - "EnableAWSServiceAccess": "

Enables the integration of an Amazon Web Services service (the service that is specified by ServicePrincipal) with Organizations. When you enable integration, you allow the specified service to create a service-linked role in all the accounts in your organization. This allows the service to perform operations on your behalf in your organization and its accounts.

We recommend that you enable integration between Organizations and the specified Amazon Web Services service by using the console or commands that are provided by the specified service. Doing so ensures that the service is aware that it can create the resources that are required for the integration. How the service creates those resources in the organization's accounts depends on that service. For more information, see the documentation for the other Amazon Web Services service.

For more information about enabling services to integrate with Organizations, see Integrating Organizations with Other Amazon Web Services Services in the Organizations User Guide.

You can only call this operation from the organization's management account and only if the organization has enabled all features.

", - "EnableAllFeatures": "

Enables all features in an organization. This enables the use of organization policies that can restrict the services and actions that can be called in each account. Until you enable all features, you have access only to consolidated billing, and you can't use any of the advanced account administration features that Organizations supports. For more information, see Enabling All Features in Your Organization in the Organizations User Guide.

This operation is required only for organizations that were created explicitly with only the consolidated billing features enabled. Calling this operation sends a handshake to every invited account in the organization. The feature set change can be finalized and the additional features enabled only after all administrators in the invited accounts approve the change by accepting the handshake.

After you enable all features, you can separately enable or disable individual policy types in a root using EnablePolicyType and DisablePolicyType. To see the status of policy types in a root, use ListRoots.

After all invited member accounts accept the handshake, you finalize the feature set change by accepting the handshake that contains \"Action\": \"ENABLE_ALL_FEATURES\". This completes the change.

After you enable all features in your organization, the management account in the organization can apply policies on all member accounts. These policies can restrict what users and even administrators in those accounts can do. The management account can apply policies that prevent accounts from leaving the organization. Ensure that your account administrators are aware of this.

This operation can be called only from the organization's management account.

", - "EnablePolicyType": "

Enables a policy type in a root. After you enable a policy type in a root, you can attach policies of that type to the root, any organizational unit (OU), or account in that root. You can undo this by using the DisablePolicyType operation.

This is an asynchronous request that Amazon Web Services performs in the background. Amazon Web Services recommends that you first use ListRoots to see the status of policy types for a specified root, and then use this operation.

This operation can be called only from the organization's management account.

You can enable a policy type in a root only if that policy type is available in the organization. To view the status of available policy types in the organization, use DescribeOrganization.

", - "InviteAccountToOrganization": "

Sends an invitation to another account to join your organization as a member account. Organizations sends email on your behalf to the email address that is associated with the other account's owner. The invitation is implemented as a Handshake whose details are in the response.

  • You can invite Amazon Web Services accounts only from the same seller as the management account. For example, if your organization's management account was created by Amazon Internet Services Pvt. Ltd (AISPL), an Amazon Web Services seller in India, you can invite only other AISPL accounts to your organization. You can't combine accounts from AISPL and Amazon Web Services or from any other Amazon Web Services seller. For more information, see Consolidated Billing in India.

  • If you receive an exception that indicates that you exceeded your account limits for the organization or that the operation failed because your organization is still initializing, wait one hour and then try again. If the error persists after an hour, contact Amazon Web Services Support.

If the request includes tags, then the requester must have the organizations:TagResource permission.

This operation can be called only from the organization's management account.

", - "LeaveOrganization": "

Removes a member account from its parent organization. This version of the operation is performed by the account that wants to leave. To remove a member account as a user in the management account, use RemoveAccountFromOrganization instead.

This operation can be called only from a member account in the organization.

  • The management account in an organization with all features enabled can set service control policies (SCPs) that can restrict what administrators of member accounts can do. This includes preventing them from successfully calling LeaveOrganization and leaving the organization.

  • You can leave an organization as a member account only if the account is configured with the information required to operate as a standalone account. When you create an account in an organization using the Organizations console, API, or CLI commands, the information required of standalone accounts is not automatically collected. For each account that you want to make standalone, you must perform the following steps. If any of the steps are already completed for this account, that step doesn't appear.

    • Choose a support plan

    • Provide and verify the required contact information

    • Provide a current payment method

    Amazon Web Services uses the payment method to charge for any billable (not free tier) Amazon Web Services activity that occurs while the account isn't attached to an organization. Follow the steps at To leave an organization when all required account information has not yet been provided in the Organizations User Guide.

  • The account that you want to leave must not be a delegated administrator account for any Amazon Web Services service enabled for your organization. If the account is a delegated administrator, you must first change the delegated administrator account to another account that is remaining in the organization.

  • You can leave an organization only after you enable IAM user access to billing in your account. For more information, see Activating Access to the Billing and Cost Management Console in the Amazon Web Services Billing and Cost Management User Guide.

  • After the account leaves the organization, all tags that were attached to the account object in the organization are deleted. Amazon Web Services accounts outside of an organization do not support tags.

  • A newly created account has a waiting period before it can be removed from its organization. If you get an error that indicates that a wait period is required, then try again in a few days.

", - "ListAWSServiceAccessForOrganization": "

Returns a list of the Amazon Web Services services that you enabled to integrate with your organization. After a service on this list creates the resources that it requires for the integration, it can perform operations on your organization and its accounts.

For more information about integrating other services with Organizations, including the list of services that currently work with Organizations, see Integrating Organizations with Other Amazon Web Services Services in the Organizations User Guide.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", + "DescribeResourcePolicy": "

Retrieves information about a resource policy.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", + "DetachPolicy": "

Detaches a policy from a target root, organizational unit (OU), or account.

If the policy being detached is a service control policy (SCP), the changes to permissions for Identity and Access Management (IAM) users and roles in affected accounts are immediate.

Every root, OU, and account must have at least one SCP attached. If you want to replace the default FullAWSAccess policy with an SCP that limits the permissions that can be delegated, you must attach the replacement SCP before you can remove the default SCP. This is the authorization strategy of an \"allow list\". If you instead attach a second SCP and leave the FullAWSAccess SCP still attached, and specify \"Effect\": \"Deny\" in the second SCP to override the \"Effect\": \"Allow\" in the FullAWSAccess policy (or any other attached SCP), you're using the authorization strategy of a \"deny list\".

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", + "DisableAWSServiceAccess": "

Disables the integration of an Amazon Web Services service (the service that is specified by ServicePrincipal) with Organizations. When you disable integration, the specified service no longer can create a service-linked role in new accounts in your organization. This means the service can't perform operations on your behalf on any new accounts in your organization. The service can still perform operations in older accounts until the service completes its clean-up from Organizations.

We strongly recommend that you don't use this command to disable integration between Organizations and the specified Amazon Web Services service. Instead, use the console or commands that are provided by the specified service. This lets the trusted service perform any required initialization when enabling trusted access, such as creating any required resources and any required clean up of resources when disabling trusted access.

For information about how to disable trusted service access to your organization using the trusted service, see the Learn more link under the Supports Trusted Access column at Amazon Web Services services that you can use with Organizations. on this page.

If you disable access by using this command, it causes the following actions to occur:

  • The service can no longer create a service-linked role in the accounts in your organization. This means that the service can't perform operations on your behalf on any new accounts in your organization. The service can still perform operations in older accounts until the service completes its clean-up from Organizations.

  • The service can no longer perform tasks in the member accounts in the organization, unless those operations are explicitly permitted by the IAM policies that are attached to your roles. This includes any data aggregation from the member accounts to the management account, or to a delegated administrator account, where relevant.

  • Some services detect this and clean up any remaining data or resources related to the integration, while other services stop accessing the organization but leave any historical data and configuration in place to support a possible re-enabling of the integration.

Using the other service's console or commands to disable the integration ensures that the other service is aware that it can clean up any resources that are required only for the integration. How the service cleans up its resources in the organization's accounts depends on that service. For more information, see the documentation for the other Amazon Web Services service.

After you perform the DisableAWSServiceAccess operation, the specified service can no longer perform operations in your organization's accounts

For more information about integrating other services with Organizations, including the list of services that work with Organizations, see Using Organizations with other Amazon Web Services services in the Organizations User Guide.

This operation can be called only from the organization's management account.

", + "DisablePolicyType": "

Disables an organizational policy type in a root. A policy of a certain type can be attached to entities in a root only if that type is enabled in the root. After you perform this operation, you no longer can attach policies of the specified type to that root or to any organizational unit (OU) or account in that root. You can undo this by using the EnablePolicyType operation.

This is an asynchronous request that Amazon Web Services performs in the background. If you disable a policy type for a root, it still appears enabled for the organization if all features are enabled for the organization. Amazon Web Services recommends that you first use ListRoots to see the status of policy types for a specified root, and then use this operation.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

To view the status of available policy types in the organization, use DescribeOrganization.

", + "EnableAWSServiceAccess": "

Enables the integration of an Amazon Web Services service (the service that is specified by ServicePrincipal) with Organizations. When you enable integration, you allow the specified service to create a service-linked role in all the accounts in your organization. This allows the service to perform operations on your behalf in your organization and its accounts.

We recommend that you enable integration between Organizations and the specified Amazon Web Services service by using the console or commands that are provided by the specified service. Doing so ensures that the service is aware that it can create the resources that are required for the integration. How the service creates those resources in the organization's accounts depends on that service. For more information, see the documentation for the other Amazon Web Services service.

For more information about enabling services to integrate with Organizations, see Using Organizations with other Amazon Web Services services in the Organizations User Guide.

You can only call this operation from the organization's management account and only if the organization has enabled all features.

", + "EnableAllFeatures": "

Enables all features in an organization. This enables the use of organization policies that can restrict the services and actions that can be called in each account. Until you enable all features, you have access only to consolidated billing, and you can't use any of the advanced account administration features that Organizations supports. For more information, see Enabling all features in your organization in the Organizations User Guide.

This operation is required only for organizations that were created explicitly with only the consolidated billing features enabled. Calling this operation sends a handshake to every invited account in the organization. The feature set change can be finalized and the additional features enabled only after all administrators in the invited accounts approve the change by accepting the handshake.

After you enable all features, you can separately enable or disable individual policy types in a root using EnablePolicyType and DisablePolicyType. To see the status of policy types in a root, use ListRoots.

After all invited member accounts accept the handshake, you finalize the feature set change by accepting the handshake that contains \"Action\": \"ENABLE_ALL_FEATURES\". This completes the change.

After you enable all features in your organization, the management account in the organization can apply policies on all member accounts. These policies can restrict what users and even administrators in those accounts can do. The management account can apply policies that prevent accounts from leaving the organization. Ensure that your account administrators are aware of this.

This operation can be called only from the organization's management account.

", + "EnablePolicyType": "

Enables a policy type in a root. After you enable a policy type in a root, you can attach policies of that type to the root, any organizational unit (OU), or account in that root. You can undo this by using the DisablePolicyType operation.

This is an asynchronous request that Amazon Web Services performs in the background. Amazon Web Services recommends that you first use ListRoots to see the status of policy types for a specified root, and then use this operation.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

You can enable a policy type in a root only if that policy type is available in the organization. To view the status of available policy types in the organization, use DescribeOrganization.

", + "InviteAccountToOrganization": "

Sends an invitation to another account to join your organization as a member account. Organizations sends email on your behalf to the email address that is associated with the other account's owner. The invitation is implemented as a Handshake whose details are in the response.

  • You can invite Amazon Web Services accounts only from the same seller as the management account. For example, if your organization's management account was created by Amazon Internet Services Pvt. Ltd (AISPL), an Amazon Web Services seller in India, you can invite only other AISPL accounts to your organization. You can't combine accounts from AISPL and Amazon Web Services or from any other Amazon Web Services seller. For more information, see Consolidated billing in India.

  • If you receive an exception that indicates that you exceeded your account limits for the organization or that the operation failed because your organization is still initializing, wait one hour and then try again. If the error persists after an hour, contact Amazon Web Services Support.

If the request includes tags, then the requester must have the organizations:TagResource permission.

This operation can be called only from the organization's management account.

", + "LeaveOrganization": "

Removes a member account from its parent organization. This version of the operation is performed by the account that wants to leave. To remove a member account as a user in the management account, use RemoveAccountFromOrganization instead.

This operation can be called only from a member account in the organization.

  • The management account in an organization with all features enabled can set service control policies (SCPs) that can restrict what administrators of member accounts can do. This includes preventing them from successfully calling LeaveOrganization and leaving the organization.

  • You can leave an organization as a member account only if the account is configured with the information required to operate as a standalone account. When you create an account in an organization using the Organizations console, API, or CLI commands, the information required of standalone accounts is not automatically collected. For each account that you want to make standalone, you must perform the following steps. If any of the steps are already completed for this account, that step doesn't appear.

    • Choose a support plan

    • Provide and verify the required contact information

    • Provide a current payment method

    Amazon Web Services uses the payment method to charge for any billable (not free tier) Amazon Web Services activity that occurs while the account isn't attached to an organization. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.

  • The account that you want to leave must not be a delegated administrator account for any Amazon Web Services service enabled for your organization. If the account is a delegated administrator, you must first change the delegated administrator account to another account that is remaining in the organization.

  • You can leave an organization only after you enable IAM user access to billing in your account. For more information, see About IAM access to the Billing and Cost Management console in the Amazon Web Services Billing and Cost Management User Guide.

  • After the account leaves the organization, all tags that were attached to the account object in the organization are deleted. Amazon Web Services accounts outside of an organization do not support tags.

  • A newly created account has a waiting period before it can be removed from its organization. If you get an error that indicates that a wait period is required, then try again in a few days.

  • If you are using an organization principal to call LeaveOrganization across multiple accounts, you can only do this up to 5 accounts per second in a single organization.

", + "ListAWSServiceAccessForOrganization": "

Returns a list of the Amazon Web Services services that you enabled to integrate with your organization. After a service on this list creates the resources that it requires for the integration, it can perform operations on your organization and its accounts.

For more information about integrating other services with Organizations, including the list of services that currently work with Organizations, see Using Organizations with other Amazon Web Services services in the Organizations User Guide.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", "ListAccounts": "

Lists all the accounts in the organization. To request only the accounts in a specified root or organizational unit (OU), use the ListAccountsForParent operation instead.

Always check the NextToken response parameter for a null value when calling a List* operation. These operations can occasionally return an empty set of results even when there are more results available. The NextToken response parameter value is null only when there are no more results to display.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", "ListAccountsForParent": "

Lists the accounts in an organization that are contained by the specified target root or organizational unit (OU). If you specify the root, you get a list of all the accounts that aren't in any OU. If you specify an OU, you get a list of all the accounts in only that OU and not in any child OUs. To get a list of all accounts in the organization, use the ListAccounts operation.

Always check the NextToken response parameter for a null value when calling a List* operation. These operations can occasionally return an empty set of results even when there are more results available. The NextToken response parameter value is null only when there are no more results to display.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", "ListChildren": "

Lists all of the organizational units (OUs) or accounts that are contained in the specified parent OU or root. This operation, along with ListParents enables you to traverse the tree structure that makes up this root.

Always check the NextToken response parameter for a null value when calling a List* operation. These operations can occasionally return an empty set of results even when there are more results available. The NextToken response parameter value is null only when there are no more results to display.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", @@ -52,11 +52,11 @@ "MoveAccount": "

Moves an account from its current source parent root or organizational unit (OU) to the specified destination parent root or OU.

This operation can be called only from the organization's management account.

", "PutResourcePolicy": "

Creates or updates a resource policy.

You can only call this operation from the organization's management account.

", "RegisterDelegatedAdministrator": "

Enables the specified member account to administer the Organizations features of the specified Amazon Web Services service. It grants read-only access to Organizations service data. The account still requires IAM permissions to access and administer the Amazon Web Services service.

You can run this action only for Amazon Web Services services that support this feature. For a current list of services that support it, see the column Supports Delegated Administrator in the table at Amazon Web Services Services that you can use with Organizations in the Organizations User Guide.

This operation can be called only from the organization's management account.

", - "RemoveAccountFromOrganization": "

Removes the specified account from the organization.

The removed account becomes a standalone account that isn't a member of any organization. It's no longer subject to any policies and is responsible for its own bill payments. The organization's management account is no longer charged for any expenses accrued by the member account after it's removed from the organization.

This operation can be called only from the organization's management account. Member accounts can remove themselves with LeaveOrganization instead.

  • You can remove an account from your organization only if the account is configured with the information required to operate as a standalone account. When you create an account in an organization using the Organizations console, API, or CLI commands, the information required of standalone accounts is not automatically collected. For an account that you want to make standalone, you must choose a support plan, provide and verify the required contact information, and provide a current payment method. Amazon Web Services uses the payment method to charge for any billable (not free tier) Amazon Web Services activity that occurs while the account isn't attached to an organization. To remove an account that doesn't yet have this information, you must sign in as the member account and follow the steps at To leave an organization when all required account information has not yet been provided in the Organizations User Guide.

  • The account that you want to leave must not be a delegated administrator account for any Amazon Web Services service enabled for your organization. If the account is a delegated administrator, you must first change the delegated administrator account to another account that is remaining in the organization.

  • After the account leaves the organization, all tags that were attached to the account object in the organization are deleted. Amazon Web Services accounts outside of an organization do not support tags.

", - "TagResource": "

Adds one or more tags to the specified resource.

Currently, you can attach tags to the following resources in Organizations.

  • Amazon Web Services account

  • Organization root

  • Organizational unit (OU)

  • Policy (any type)

This operation can be called only from the organization's management account.

", - "UntagResource": "

Removes any tags with the specified keys from the specified resource.

You can attach tags to the following resources in Organizations.

  • Amazon Web Services account

  • Organization root

  • Organizational unit (OU)

  • Policy (any type)

This operation can be called only from the organization's management account.

", + "RemoveAccountFromOrganization": "

Removes the specified account from the organization.

The removed account becomes a standalone account that isn't a member of any organization. It's no longer subject to any policies and is responsible for its own bill payments. The organization's management account is no longer charged for any expenses accrued by the member account after it's removed from the organization.

This operation can be called only from the organization's management account. Member accounts can remove themselves with LeaveOrganization instead.

  • You can remove an account from your organization only if the account is configured with the information required to operate as a standalone account. When you create an account in an organization using the Organizations console, API, or CLI commands, the information required of standalone accounts is not automatically collected. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.

  • The account that you want to leave must not be a delegated administrator account for any Amazon Web Services service enabled for your organization. If the account is a delegated administrator, you must first change the delegated administrator account to another account that is remaining in the organization.

  • After the account leaves the organization, all tags that were attached to the account object in the organization are deleted. Amazon Web Services accounts outside of an organization do not support tags.

", + "TagResource": "

Adds one or more tags to the specified resource.

Currently, you can attach tags to the following resources in Organizations.

  • Amazon Web Services account

  • Organization root

  • Organizational unit (OU)

  • Policy (any type)

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", + "UntagResource": "

Removes any tags with the specified keys from the specified resource.

You can attach tags to the following resources in Organizations.

  • Amazon Web Services account

  • Organization root

  • Organizational unit (OU)

  • Policy (any type)

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

", "UpdateOrganizationalUnit": "

Renames the specified organizational unit (OU). The ID and ARN don't change. The child OUs and accounts remain in place, and any attached policies of the OU remain attached.

This operation can be called only from the organization's management account.

", - "UpdatePolicy": "

Updates an existing policy with a new name, description, or content. If you don't supply any parameter, that value remains unchanged. You can't change a policy's type.

This operation can be called only from the organization's management account.

" + "UpdatePolicy": "

Updates an existing policy with a new name, description, or content. If you don't supply any parameter, that value remains unchanged. You can't change a policy's type.

This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.

" }, "shapes": { "AWSOrganizationsNotInUseException": { @@ -75,7 +75,7 @@ } }, "AccessDeniedException": { - "base": "

You don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access Management in the IAM User Guide.

", + "base": "

You don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access Management in the IAM User Guide.

", "refs": { } }, @@ -157,7 +157,7 @@ } }, "AccountOwnerNotVerifiedException": { - "base": "

You can't invite an existing account to your organization until you verify that you own the email address associated with the management account. For more information, see Email Address Verification in the Organizations User Guide.

", + "base": "

You can't invite an existing account to your organization until you verify that you own the email address associated with the management account. For more information, see Email address verification in the Organizations User Guide.

", "refs": { } }, @@ -255,7 +255,7 @@ } }, "ConstraintViolationException": { - "base": "

Performing this operation violates a minimum or maximum value limit. For example, attempting to remove the last service control policy (SCP) from an OU or root, inviting or creating too many accounts to the organization, or attaching too many policies to an account, OU, or root. This exception includes a reason that contains additional information about the violated limit:

Some of the reasons in the following list might not be applicable to this specific API or operation.

  • ACCOUNT_CANNOT_LEAVE_ORGANIZATION: You attempted to remove the management account from the organization. You can't remove the management account. Instead, after you remove all member accounts, delete the organization itself.

  • ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization that doesn't yet have enough information to exist as a standalone account. This account requires you to first complete phone verification. Follow the steps at Removing a member account from your organization in the Organizations User Guide.

  • ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create in one day.

  • ACCOUNT_CREATION_NOT_COMPLETE: Your account setup isn't complete or your account isn't fully active. You must complete the account setup before you create an organization.

  • ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an organization. If you need more accounts, contact Amazon Web Services Support to request an increase in your limit.

    Or the number of invitations that you tried to send would cause you to exceed the limit of accounts in your organization. Send fewer invitations or contact Amazon Web Services Support to request an increase in the number of accounts.

    Deleted and closed accounts still count toward your limit.

    If you get this exception when running a command immediately after creating the organization, wait one hour and try again. After an hour, if the command continues to fail with this error, contact Amazon Web Services Support.

  • CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to register the management account of the organization as a delegated administrator for an Amazon Web Services service integrated with Organizations. You can designate only a member account as a delegated administrator.

  • CANNOT_CLOSE_MANAGEMENT_ACCOUNT: You attempted to close the management account. To close the management account for the organization, you must first either remove or close all member accounts in the organization. Follow standard account closure process using root credentials.​

  • CANNOT_REMOVE_DELEGATED_ADMINISTRATOR_FROM_ORG: You attempted to remove an account that is registered as a delegated administrator for a service integrated with your organization. To complete this operation, you must first deregister this account as a delegated administrator.

  • CLOSE_ACCOUNT_QUOTA_EXCEEDED: You have exceeded close account quota for the past 30 days.

  • CLOSE_ACCOUNT_REQUESTS_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can close at a time. ​

  • CREATE_ORGANIZATION_IN_BILLING_MODE_UNSUPPORTED_REGION: To create an organization in the specified region, you must enable all features mode.

  • DELEGATED_ADMINISTRATOR_EXISTS_FOR_THIS_SERVICE: You attempted to register an Amazon Web Services account as a delegated administrator for an Amazon Web Services service that already has a delegated administrator. To complete this operation, you must first deregister any existing delegated administrators for this service.

  • EMAIL_VERIFICATION_CODE_EXPIRED: The email verification code is only valid for a limited period of time. You must resubmit the request and generate a new verfication code.

  • HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes that you can send in one day.

  • INVALID_PAYMENT_INSTRUMENT: You cannot remove an account because no supported payment method is associated with the account. Amazon Web Services does not support cards issued by financial institutions in Russia or Belarus. For more information, see Managing your Amazon Web Services payments.

  • MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first must migrate the organization's management account to the marketplace that corresponds to the management account's address. For example, accounts with India addresses must be associated with the AISPL marketplace. All accounts in an organization must be associated with the same marketplace.

  • MASTER_ACCOUNT_MISSING_BUSINESS_LICENSE: Applies only to the Amazon Web Services /> Regions in China. To create an organization, the master must have a valid business license. For more information, contact customer support.

  • MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you must first provide a valid contact address and phone number for the management account. Then try the operation again.

  • MASTER_ACCOUNT_NOT_GOVCLOUD_ENABLED: To complete this operation, the management account must have an associated account in the Amazon Web Services GovCloud (US-West) Region. For more information, see Organizations in the Amazon Web Services GovCloud User Guide.

  • MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this management account, you first must associate a valid payment instrument, such as a credit card, with the account. Follow the steps at To leave an organization when all required account information has not yet been provided in the Organizations User Guide.

  • MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted to register more delegated administrators than allowed for the service principal.

  • MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain type that can be attached to an entity at one time.

  • MAX_TAG_LIMIT_EXCEEDED: You have exceeded the number of tags allowed on this resource.

  • MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you first must associate a valid payment instrument, such as a credit card, with the account. Follow the steps at To leave an organization when all required account information has not yet been provided in the Organizations User Guide.

  • MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would cause the entity to have fewer than the minimum number of policies of a certain type required.

  • ORGANIZATION_NOT_IN_ALL_FEATURES_MODE: You attempted to perform an operation that requires the organization to be configured to support all features. An organization that supports only consolidated billing features can't perform this operation.

  • OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an OU tree that is too many levels deep.

  • OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of OUs that you can have in an organization.

  • POLICY_CONTENT_LIMIT_EXCEEDED: You attempted to create a policy that is larger than the maximum size.

  • POLICY_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of policies that you can have in an organization.

  • SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated administrator before you enabled service access. Call the EnableAWSServiceAccess API first.

  • TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags that are not compliant with the tag policy requirements for this account.

  • WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, there is a waiting period before you can remove it from the organization. If you get an error that indicates that a wait period is required, try again in a few days.

", + "base": "

Performing this operation violates a minimum or maximum value limit. For example, attempting to remove the last service control policy (SCP) from an OU or root, inviting or creating too many accounts to the organization, or attaching too many policies to an account, OU, or root. This exception includes a reason that contains additional information about the violated limit:

Some of the reasons in the following list might not be applicable to this specific API or operation.

  • ACCOUNT_CANNOT_LEAVE_ORGANIZATION: You attempted to remove the management account from the organization. You can't remove the management account. Instead, after you remove all member accounts, delete the organization itself.

  • ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization that doesn't yet have enough information to exist as a standalone account. This account requires you to first complete phone verification. Follow the steps at Removing a member account from your organization in the Organizations User Guide.

  • ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create in one day.

  • ACCOUNT_CREATION_NOT_COMPLETE: Your account setup isn't complete or your account isn't fully active. You must complete the account setup before you create an organization.

  • ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an organization. If you need more accounts, contact Amazon Web Services Support to request an increase in your limit.

    Or the number of invitations that you tried to send would cause you to exceed the limit of accounts in your organization. Send fewer invitations or contact Amazon Web Services Support to request an increase in the number of accounts.

    Deleted and closed accounts still count toward your limit.

    If you get this exception when running a command immediately after creating the organization, wait one hour and try again. After an hour, if the command continues to fail with this error, contact Amazon Web Services Support.

  • CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot register a suspended account as a delegated administrator.

  • CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to register the management account of the organization as a delegated administrator for an Amazon Web Services service integrated with Organizations. You can designate only a member account as a delegated administrator.

  • CANNOT_CLOSE_MANAGEMENT_ACCOUNT: You attempted to close the management account. To close the management account for the organization, you must first either remove or close all member accounts in the organization. Follow standard account closure process using root credentials.​

  • CANNOT_REMOVE_DELEGATED_ADMINISTRATOR_FROM_ORG: You attempted to remove an account that is registered as a delegated administrator for a service integrated with your organization. To complete this operation, you must first deregister this account as a delegated administrator.

  • CLOSE_ACCOUNT_QUOTA_EXCEEDED: You have exceeded close account quota for the past 30 days.

  • CLOSE_ACCOUNT_REQUESTS_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can close at a time. ​

  • CREATE_ORGANIZATION_IN_BILLING_MODE_UNSUPPORTED_REGION: To create an organization in the specified region, you must enable all features mode.

  • DELEGATED_ADMINISTRATOR_EXISTS_FOR_THIS_SERVICE: You attempted to register an Amazon Web Services account as a delegated administrator for an Amazon Web Services service that already has a delegated administrator. To complete this operation, you must first deregister any existing delegated administrators for this service.

  • EMAIL_VERIFICATION_CODE_EXPIRED: The email verification code is only valid for a limited period of time. You must resubmit the request and generate a new verfication code.

  • HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes that you can send in one day.

  • INVALID_PAYMENT_INSTRUMENT: You cannot remove an account because no supported payment method is associated with the account. Amazon Web Services does not support cards issued by financial institutions in Russia or Belarus. For more information, see Managing your Amazon Web Services payments.

  • MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first must migrate the organization's management account to the marketplace that corresponds to the management account's address. For example, accounts with India addresses must be associated with the AISPL marketplace. All accounts in an organization must be associated with the same marketplace.

  • MASTER_ACCOUNT_MISSING_BUSINESS_LICENSE: Applies only to the Amazon Web Services /> Regions in China. To create an organization, the master must have a valid business license. For more information, contact customer support.

  • MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you must first provide a valid contact address and phone number for the management account. Then try the operation again.

  • MASTER_ACCOUNT_NOT_GOVCLOUD_ENABLED: To complete this operation, the management account must have an associated account in the Amazon Web Services GovCloud (US-West) Region. For more information, see Organizations in the Amazon Web Services GovCloud User Guide.

  • MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this management account, you first must associate a valid payment instrument, such as a credit card, with the account. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.

  • MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted to register more delegated administrators than allowed for the service principal.

  • MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain type that can be attached to an entity at one time.

  • MAX_TAG_LIMIT_EXCEEDED: You have exceeded the number of tags allowed on this resource.

  • MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you first must associate a valid payment instrument, such as a credit card, with the account. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.

  • MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would cause the entity to have fewer than the minimum number of policies of a certain type required.

  • ORGANIZATION_NOT_IN_ALL_FEATURES_MODE: You attempted to perform an operation that requires the organization to be configured to support all features. An organization that supports only consolidated billing features can't perform this operation.

  • OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an OU tree that is too many levels deep.

  • OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of OUs that you can have in an organization.

  • POLICY_CONTENT_LIMIT_EXCEEDED: You attempted to create a policy that is larger than the maximum size.

  • POLICY_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of policies that you can have in an organization.

  • SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated administrator before you enabled service access. Call the EnableAWSServiceAccess API first.

  • TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags that are not compliant with the tag policy requirements for this account.

  • WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, there is a waiting period before you can remove it from the organization. If you get an error that indicates that a wait period is required, try again in a few days.

", "refs": { } }, @@ -312,7 +312,7 @@ "CreateAccountStatus": { "base": "

Contains the status about a CreateAccount or CreateGovCloudAccount request to create an Amazon Web Services account or an Amazon Web Services GovCloud (US) account in an organization.

", "refs": { - "CreateAccountResponse$CreateAccountStatus": "

A structure that contains details about the request to create an account. This response structure might not be fully populated when you first receive it because account creation is an asynchronous process. You can pass the returned CreateAccountStatus ID as a parameter to DescribeCreateAccountStatus to get status about the progress of the request at later times. You can also check the CloudTrail log for the CreateAccountResult event. For more information, see Monitoring the Activity in Your Organization in the Organizations User Guide.

", + "CreateAccountResponse$CreateAccountStatus": "

A structure that contains details about the request to create an account. This response structure might not be fully populated when you first receive it because account creation is an asynchronous process. You can pass the returned CreateAccountStatus ID as a parameter to DescribeCreateAccountStatus to get status about the progress of the request at later times. You can also check the CloudTrail log for the CreateAccountResult event. For more information, see Logging and monitoring in Organizations in the Organizations User Guide.

", "CreateAccountStatuses$member": null, "CreateGovCloudAccountResponse$CreateAccountStatus": null, "DescribeCreateAccountStatusResponse$CreateAccountStatus": "

A structure that contains the current status of an account creation request.

" @@ -696,7 +696,7 @@ } }, "HandshakeConstraintViolationException": { - "base": "

The requested operation would violate the constraint identified in the reason code.

Some of the reasons in the following list might not be applicable to this specific API or operation:

  • ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an organization. Note that deleted and closed accounts still count toward your limit.

    If you get this exception immediately after creating the organization, wait one hour and try again. If after an hour it continues to fail with this error, contact Amazon Web Services Support.

  • ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because the invited account is already a member of an organization.

  • HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes that you can send in one day.

  • INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You can't issue new invitations to join an organization while it's in the process of enabling all features. You can resume inviting accounts after you finalize the process when all accounts have agreed to the change.

  • ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid because the organization has already enabled all features.

  • ORGANIZATION_IS_ALREADY_PENDING_ALL_FEATURES_MIGRATION: The handshake request is invalid because the organization has already started the process to enable all features.

  • ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because the account is from a different marketplace than the accounts in the organization. For example, accounts with India addresses must be associated with the AISPL marketplace. All accounts in an organization must be from the same marketplace.

  • ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to change the membership of an account too quickly after its previous change.

  • PAYMENT_INSTRUMENT_REQUIRED: You can't complete the operation with an account that doesn't have a payment instrument, such as a credit card, associated with it.

", + "base": "

The requested operation would violate the constraint identified in the reason code.

Some of the reasons in the following list might not be applicable to this specific API or operation:

  • ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an organization. Note that deleted and closed accounts still count toward your limit.

    If you get this exception immediately after creating the organization, wait one hour and try again. If after an hour it continues to fail with this error, contact Amazon Web Services Support.

  • ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because the invited account is already a member of an organization.

  • HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes that you can send in one day.

  • INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You can't issue new invitations to join an organization while it's in the process of enabling all features. You can resume inviting accounts after you finalize the process when all accounts have agreed to the change.

  • ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid because the organization has already enabled all features.

  • ORGANIZATION_IS_ALREADY_PENDING_ALL_FEATURES_MIGRATION: The handshake request is invalid because the organization has already started the process to enable all features.

  • ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because the account is from a different marketplace than the accounts in the organization. For example, accounts with India addresses must be associated with the AISPL marketplace. All accounts in an organization must be from the same marketplace.

  • ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to change the membership of an account too quickly after its previous change.

  • PAYMENT_INSTRUMENT_REQUIRED: You can't complete the operation with an account that doesn't have a payment instrument, such as a credit card, associated with it.

", "refs": { } }, @@ -801,8 +801,8 @@ "IAMUserAccessToBilling": { "base": null, "refs": { - "CreateAccountRequest$IamUserAccessToBilling": "

If set to ALLOW, the new account enables IAM users to access account billing information if they have the required permissions. If set to DENY, only the root user of the new account can access account billing information. For more information, see Activating Access to the Billing and Cost Management Console in the Amazon Web Services Billing and Cost Management User Guide.

If you don't specify this parameter, the value defaults to ALLOW, and IAM users and roles with the required permissions can access billing information for the new account.

", - "CreateGovCloudAccountRequest$IamUserAccessToBilling": "

If set to ALLOW, the new linked account in the commercial Region enables IAM users to access account billing information if they have the required permissions. If set to DENY, only the root user of the new account can access account billing information. For more information, see Activating Access to the Billing and Cost Management Console in the Amazon Web Services Billing and Cost Management User Guide.

If you don't specify this parameter, the value defaults to ALLOW, and IAM users and roles with the required permissions can access billing information for the new account.

" + "CreateAccountRequest$IamUserAccessToBilling": "

If set to ALLOW, the new account enables IAM users to access account billing information if they have the required permissions. If set to DENY, only the root user of the new account can access account billing information. For more information, see About IAM access to the Billing and Cost Management console in the Amazon Web Services Billing and Cost Management User Guide.

If you don't specify this parameter, the value defaults to ALLOW, and IAM users and roles with the required permissions can access billing information for the new account.

", + "CreateGovCloudAccountRequest$IamUserAccessToBilling": "

If set to ALLOW, the new linked account in the commercial Region enables IAM users to access account billing information if they have the required permissions. If set to DENY, only the root user of the new account can access account billing information. For more information, see About IAM access to the Billing and Cost Management console in the Amazon Web Services Billing and Cost Management User Guide.

If you don't specify this parameter, the value defaults to ALLOW, and IAM users and roles with the required permissions can access billing information for the new account.

" } }, "InvalidHandshakeTransitionException": { @@ -992,7 +992,7 @@ } }, "MalformedPolicyDocumentException": { - "base": "

The provided policy document doesn't meet the requirements of the specified policy type. For example, the syntax might be incorrect. For details about service control policy syntax, see Service Control Policy Syntax in the Organizations User Guide.

", + "base": "

The provided policy document doesn't meet the requirements of the specified policy type. For example, the syntax might be incorrect. For details about service control policy syntax, see SCP syntax in the Organizations User Guide.

", "refs": { } }, @@ -1079,8 +1079,8 @@ "OrganizationFeatureSet": { "base": null, "refs": { - "CreateOrganizationRequest$FeatureSet": "

Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.

  • CONSOLIDATED_BILLING: All member accounts have their bills consolidated to and paid by the management account. For more information, see Consolidated billing in the Organizations User Guide.

    The consolidated billing feature subset isn't available for organizations in the Amazon Web Services GovCloud (US) Region.

  • ALL: In addition to all the features supported by the consolidated billing feature set, the management account can also apply any policy type to any member account in the organization. For more information, see All features in the Organizations User Guide.

", - "Organization$FeatureSet": "

Specifies the functionality that currently is available to the organization. If set to \"ALL\", then all features are enabled and policies can be applied to accounts in the organization. If set to \"CONSOLIDATED_BILLING\", then only consolidated billing functionality is available. For more information, see Enabling All Features in Your Organization in the Organizations User Guide.

" + "CreateOrganizationRequest$FeatureSet": "

Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.

  • CONSOLIDATED_BILLING: All member accounts have their bills consolidated to and paid by the management account. For more information, see Consolidated billing in the Organizations User Guide.

    The consolidated billing feature subset isn't available for organizations in the Amazon Web Services GovCloud (US) Region.

  • ALL: In addition to all the features supported by the consolidated billing feature set, the management account can also apply any policy type to any member account in the organization. For more information, see All features in the Organizations User Guide.

", + "Organization$FeatureSet": "

Specifies the functionality that currently is available to the organization. If set to \"ALL\", then all features are enabled and policies can be applied to accounts in the organization. If set to \"CONSOLIDATED_BILLING\", then only consolidated billing functionality is available. For more information, see Enabling all features in your organization in the Organizations User Guide.

" } }, "OrganizationId": { @@ -1090,7 +1090,7 @@ } }, "OrganizationNotEmptyException": { - "base": "

The organization isn't empty. To delete an organization, you must first remove all accounts except the management account, delete all OUs, and delete all policies.

", + "base": "

The organization isn't empty. To delete an organization, you must first remove all accounts except the management account.

", "refs": { } }, @@ -1209,7 +1209,7 @@ "CreatePolicyRequest$Content": "

The policy text content to add to the new policy. The text that you supply must adhere to the rules of the policy type you specify in the Type parameter.

", "EffectivePolicy$PolicyContent": "

The text content of the policy.

", "Policy$Content": "

The text content of the policy.

", - "UpdatePolicyRequest$Content": "

If provided, the new content for the policy. The text must be correctly formatted JSON that complies with the syntax for the policy's type. For more information, see Service Control Policy Syntax in the Organizations User Guide.

" + "UpdatePolicyRequest$Content": "

If provided, the new content for the policy. The text must be correctly formatted JSON that complies with the syntax for the policy's type. For more information, see SCP syntax in the Organizations User Guide.

" } }, "PolicyDescription": { @@ -1303,12 +1303,12 @@ } }, "PolicyTypeNotAvailableForOrganizationException": { - "base": "

You can't use the specified policy type with the feature set currently enabled for this organization. For example, you can enable SCPs only after you enable all features in the organization. For more information, see Managing Organizations Policiesin the Organizations User Guide.

", + "base": "

You can't use the specified policy type with the feature set currently enabled for this organization. For example, you can enable SCPs only after you enable all features in the organization. For more information, see Managing Organizations policiesin the Organizations User Guide.

", "refs": { } }, "PolicyTypeNotEnabledException": { - "base": "

The specified policy type isn't currently enabled in this root. You can't attach policies of the specified type to entities in a root until you enable that type in the root. For more information, see Enabling All Features in Your Organization in the Organizations User Guide.

", + "base": "

The specified policy type isn't currently enabled in this root. You can't attach policies of the specified type to entities in a root until you enable that type in the root. For more information, see Enabling all features in your organization in the Organizations User Guide.

", "refs": { } }, @@ -1367,7 +1367,7 @@ "ResourcePolicyContent": { "base": null, "refs": { - "PutResourcePolicyRequest$Content": "

If provided, the new content for the resource policy. The text must be correctly formatted JSON that complies with the syntax for the resource policy's type. For more information, see Service Control Policy Syntax in the Organizations User Guide.

", + "PutResourcePolicyRequest$Content": "

If provided, the new content for the resource policy. The text must be correctly formatted JSON that complies with the syntax for the resource policy's type. For more information, see SCP syntax in the Organizations User Guide.

", "ResourcePolicy$Content": "

The policy text of the resource policy.

" } }, @@ -1391,8 +1391,8 @@ "RoleName": { "base": null, "refs": { - "CreateAccountRequest$RoleName": "

The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.

If you don't specify this parameter, the role name defaults to OrganizationAccountAccessRole.

For more information about how to use this role to access the member account, see the following links:

The regex pattern that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-

", - "CreateGovCloudAccountRequest$RoleName": "

(Optional)

The name of an IAM role that Organizations automatically preconfigures in the new member accounts in both the Amazon Web Services GovCloud (US) Region and in the commercial Region. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.

If you don't specify this parameter, the role name defaults to OrganizationAccountAccessRole.

For more information about how to use this role to access the member account, see Accessing and Administering the Member Accounts in Your Organization in the Organizations User Guide and steps 2 and 3 in Tutorial: Delegate Access Across Amazon Web Services accounts Using IAM Roles in the IAM User Guide.

The regex pattern that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-

" + "CreateAccountRequest$RoleName": "

The name of an IAM role that Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.

If you don't specify this parameter, the role name defaults to OrganizationAccountAccessRole.

For more information about how to use this role to access the member account, see the following links:

The regex pattern that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-

", + "CreateGovCloudAccountRequest$RoleName": "

(Optional)

The name of an IAM role that Organizations automatically preconfigures in the new member accounts in both the Amazon Web Services GovCloud (US) Region and in the commercial Region. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.

If you don't specify this parameter, the role name defaults to OrganizationAccountAccessRole.

For more information about how to use this role to access the member account, see the following links:

The regex pattern that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-

" } }, "Root": { @@ -1540,7 +1540,7 @@ } }, "TooManyRequestsException": { - "base": "

You have sent too many requests in too short a period of time. The quota helps protect against denial-of-service attacks. Try again later.

For information about quotas that affect Organizations, see Quotas for Organizationsin the Organizations User Guide.

", + "base": "

You have sent too many requests in too short a period of time. The quota helps protect against denial-of-service attacks. Try again later.

For information about quotas that affect Organizations, see Quotas for Organizations in the Organizations User Guide.

", "refs": { } }, diff --git a/models/apis/organizations/2016-11-28/endpoint-rule-set-1.json b/models/apis/organizations/2016-11-28/endpoint-rule-set-1.json index b31c5354663..af8bfbf83c1 100644 --- a/models/apis/organizations/2016-11-28/endpoint-rule-set-1.json +++ b/models/apis/organizations/2016-11-28/endpoint-rule-set-1.json @@ -58,52 +58,56 @@ "type": "error" }, { - "conditions": [], - "type": "tree", - "rules": [ + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" + "ref": "UseDualStack" }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" + true + ] } - ] + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, { - "conditions": [], + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], "type": "tree", "rules": [ { "conditions": [ { - "fn": "isSet", + "fn": "aws.partition", "argv": [ { "ref": "Region" } - ] + ], + "assign": "PartitionResult" } ], "type": "tree", @@ -111,1048 +115,455 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "stringEquals", "argv": [ { - "ref": "Region" - } - ], - "assign": "PartitionResult" - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "stringEquals", + "fn": "getAttr", "argv": [ { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "name" - ] + "ref": "PartitionResult" }, - "aws" - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - }, - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations-fips.{Region}.api.aws", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } + "name" ] }, + "aws" + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations-fips.us-east-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "us-east-1" - } - ] - }, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ] + "ref": "UseFIPS" }, + false + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations.{Region}.api.aws", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" - } - ] + "ref": "UseDualStack" }, + false + ] + } + ], + "endpoint": { + "url": "https://organizations.us-east-1.amazonaws.com", + "properties": { + "authSchemes": [ { - "conditions": [], - "endpoint": { - "url": "https://organizations.us-east-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "us-east-1" - } - ] - }, - "headers": {} - }, - "type": "endpoint" + "name": "sigv4", + "signingName": "organizations", + "signingRegion": "us-east-1" } ] }, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [ { - "conditions": [ + "fn": "stringEquals", + "argv": [ { - "fn": "stringEquals", + "fn": "getAttr", "argv": [ { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "name" - ] + "ref": "PartitionResult" }, - "aws-cn" - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - }, - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations-fips.{Region}.api.amazonwebservices.com.cn", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } + "name" ] }, + "aws" + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations-fips.{Region}.amazonaws.com.cn", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ] + "ref": "UseFIPS" }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations.{Region}.api.amazonwebservices.com.cn", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" - } - ] + "ref": "UseDualStack" }, + false + ] + } + ], + "endpoint": { + "url": "https://organizations-fips.us-east-1.amazonaws.com", + "properties": { + "authSchemes": [ { - "conditions": [], - "endpoint": { - "url": "https://organizations.cn-northwest-1.amazonaws.com.cn", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "cn-northwest-1" - } - ] - }, - "headers": {} - }, - "type": "endpoint" + "name": "sigv4", + "signingName": "organizations", + "signingRegion": "us-east-1" } ] }, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [ { - "conditions": [ + "fn": "stringEquals", + "argv": [ { - "fn": "stringEquals", + "fn": "getAttr", "argv": [ { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "name" - ] - }, - "aws-us-gov" - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] + "ref": "PartitionResult" }, - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations-fips.{Region}.api.aws", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } + "name" ] }, + "aws-cn" + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations.us-gov-west-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "us-gov-west-1" - } - ] - }, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ] + "ref": "UseFIPS" }, + false + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations.{Region}.api.aws", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" - } - ] + "ref": "UseDualStack" }, + false + ] + } + ], + "endpoint": { + "url": "https://organizations.cn-northwest-1.amazonaws.com.cn", + "properties": { + "authSchemes": [ { - "conditions": [], - "endpoint": { - "url": "https://organizations.us-gov-west-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "us-gov-west-1" - } - ] - }, - "headers": {} - }, - "type": "endpoint" + "name": "sigv4", + "signingName": "organizations", + "signingRegion": "cn-northwest-1" } ] }, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [ { - "conditions": [ + "fn": "stringEquals", + "argv": [ { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ { - "ref": "UseFIPS" + "ref": "PartitionResult" }, - true + "name" ] }, + "aws-us-gov" + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ + "ref": "UseFIPS" + }, + false + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://organizations-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - } - ] + "ref": "UseDualStack" }, + false + ] + } + ], + "endpoint": { + "url": "https://organizations.us-gov-west-1.amazonaws.com", + "properties": { + "authSchemes": [ { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" + "name": "sigv4", + "signingName": "organizations", + "signingRegion": "us-gov-west-1" } ] }, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [ { - "conditions": [ + "fn": "stringEquals", + "argv": [ { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ { - "ref": "UseFIPS" + "ref": "PartitionResult" }, - true + "name" ] - } - ], - "type": "tree", - "rules": [ + }, + "aws-us-gov" + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "stringEquals", - "argv": [ - { - "ref": "Region" - }, - "aws-global" - ] - } - ], - "endpoint": { - "url": "https://organizations-fips.us-east-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "us-east-1" - } - ] - }, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [ - { - "fn": "stringEquals", - "argv": [ - { - "ref": "Region" - }, - "aws-us-gov-global" - ] - } - ], - "endpoint": { - "url": "https://organizations.us-gov-west-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "us-gov-west-1" - } - ] - }, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [], - "endpoint": { - "url": "https://organizations-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - } - ] + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" }, + false + ] + } + ], + "endpoint": { + "url": "https://organizations.us-gov-west-1.amazonaws.com", + "properties": { + "authSchemes": [ { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" + "name": "sigv4", + "signingName": "organizations", + "signingRegion": "us-gov-west-1" } ] }, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ { - "conditions": [], - "endpoint": { - "url": "https://organizations.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsFIPS" ] } ] }, { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" - } - ] - }, - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [ + "fn": "booleanEquals", + "argv": [ + true, { - "fn": "stringEquals", + "fn": "getAttr", "argv": [ { - "ref": "Region" + "ref": "PartitionResult" }, - "aws-global" + "supportsDualStack" ] } - ], + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], "endpoint": { - "url": "https://organizations.us-east-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "us-east-1" - } - ] - }, + "url": "https://organizations-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, "headers": {} }, "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ + true, { - "fn": "stringEquals", + "fn": "getAttr", "argv": [ { - "ref": "Region" + "ref": "PartitionResult" }, - "aws-cn-global" + "supportsFIPS" ] } - ], + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], "endpoint": { - "url": "https://organizations.cn-northwest-1.amazonaws.com.cn", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "cn-northwest-1" - } - ] - }, + "url": "https://organizations-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, "headers": {} }, "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ + true, { - "fn": "stringEquals", + "fn": "getAttr", "argv": [ { - "ref": "Region" + "ref": "PartitionResult" }, - "aws-us-gov-global" + "supportsDualStack" ] } - ], - "endpoint": { - "url": "https://organizations.us-gov-west-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "organizations", - "signingRegion": "us-gov-west-1" - } - ] - }, - "headers": {} - }, - "type": "endpoint" - }, + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [], "endpoint": { - "url": "https://organizations.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://organizations.{Region}.{PartitionResult#dualStackDnsSuffix}", "properties": {}, "headers": {} }, "type": "endpoint" } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://organizations.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } \ No newline at end of file diff --git a/models/apis/organizations/2016-11-28/endpoint-tests-1.json b/models/apis/organizations/2016-11-28/endpoint-tests-1.json index 9f0b8e8ae1d..d84bb7c7e76 100644 --- a/models/apis/organizations/2016-11-28/endpoint-tests-1.json +++ b/models/apis/organizations/2016-11-28/endpoint-tests-1.json @@ -17,9 +17,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "aws-global", "UseFIPS": false, - "Region": "aws-global" + "UseDualStack": false } }, { @@ -39,9 +39,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "aws-global", "UseFIPS": true, - "Region": "aws-global" + "UseDualStack": false } }, { @@ -52,9 +52,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "us-east-1", "UseFIPS": true, - "Region": "us-east-1" + "UseDualStack": true } }, { @@ -74,9 +74,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-east-1", "UseFIPS": true, - "Region": "us-east-1" + "UseDualStack": false } }, { @@ -87,9 +87,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "us-east-1", "UseFIPS": false, - "Region": "us-east-1" + "UseDualStack": true } }, { @@ -109,9 +109,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-east-1", "UseFIPS": false, - "Region": "us-east-1" + "UseDualStack": false } }, { @@ -131,9 +131,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "aws-cn-global", "UseFIPS": false, - "Region": "aws-cn-global" + "UseDualStack": false } }, { @@ -144,9 +144,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "cn-north-1", "UseFIPS": true, - "Region": "cn-north-1" + "UseDualStack": true } }, { @@ -157,9 +157,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "cn-north-1", "UseFIPS": true, - "Region": "cn-north-1" + "UseDualStack": false } }, { @@ -170,9 +170,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "cn-north-1", "UseFIPS": false, - "Region": "cn-north-1" + "UseDualStack": true } }, { @@ -192,9 +192,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "cn-north-1", "UseFIPS": false, - "Region": "cn-north-1" + "UseDualStack": false } }, { @@ -214,9 +214,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "aws-us-gov-global", "UseFIPS": false, - "Region": "aws-us-gov-global" + "UseDualStack": false } }, { @@ -236,9 +236,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "aws-us-gov-global", "UseFIPS": true, - "Region": "aws-us-gov-global" + "UseDualStack": false } }, { @@ -249,9 +249,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "us-gov-east-1", "UseFIPS": true, - "Region": "us-gov-east-1" + "UseDualStack": true } }, { @@ -271,9 +271,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-gov-east-1", "UseFIPS": true, - "Region": "us-gov-east-1" + "UseDualStack": false } }, { @@ -284,9 +284,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "us-gov-east-1", "UseFIPS": false, - "Region": "us-gov-east-1" + "UseDualStack": true } }, { @@ -306,9 +306,20 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-gov-east-1", "UseFIPS": false, - "Region": "us-gov-east-1" + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": true, + "UseDualStack": true } }, { @@ -319,9 +330,20 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-iso-east-1", "UseFIPS": true, - "Region": "us-iso-east-1" + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": false, + "UseDualStack": true } }, { @@ -332,9 +354,20 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-iso-east-1", "UseFIPS": false, - "Region": "us-iso-east-1" + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": true, + "UseDualStack": true } }, { @@ -345,9 +378,20 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-isob-east-1", "UseFIPS": true, - "Region": "us-isob-east-1" + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": false, + "UseDualStack": true } }, { @@ -358,9 +402,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-isob-east-1", "UseFIPS": false, - "Region": "us-isob-east-1" + "UseDualStack": false } }, { @@ -371,9 +415,9 @@ } }, "params": { - "UseDualStack": false, - "UseFIPS": false, "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -385,8 +429,8 @@ } }, "params": { - "UseDualStack": false, "UseFIPS": false, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -396,9 +440,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { - "UseDualStack": false, - "UseFIPS": true, "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -408,11 +452,17 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { - "UseDualStack": true, - "UseFIPS": false, "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": true, "Endpoint": "https://example.com" } + }, + { + "documentation": "Missing region", + "expect": { + "error": "Invalid Configuration: Missing Region" + } } ], "version": "1.0" diff --git a/models/apis/securitylake/2018-05-10/api-2.json b/models/apis/securitylake/2018-05-10/api-2.json index 2f9c834fb0d..87d59836c58 100644 --- a/models/apis/securitylake/2018-05-10/api-2.json +++ b/models/apis/securitylake/2018-05-10/api-2.json @@ -1389,7 +1389,8 @@ }, "NextToken":{ "type":"string", - "pattern":"^[\\\\\\w\\-_:/.@=+]*$" + "max":2048, + "min":0 }, "NotificationConfiguration":{ "type":"structure", diff --git a/models/apis/securitylake/2018-05-10/endpoint-tests-1.json b/models/apis/securitylake/2018-05-10/endpoint-tests-1.json index 44e4b725ce1..35e974c2b0f 100644 --- a/models/apis/securitylake/2018-05-10/endpoint-tests-1.json +++ b/models/apis/securitylake/2018-05-10/endpoint-tests-1.json @@ -1,55 +1,55 @@ { "testCases": [ { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://securitylake-fips.us-gov-east-1.api.aws" + "url": "https://securitylake-fips.us-east-1.api.aws" } }, "params": { - "UseDualStack": true, + "Region": "us-east-1", "UseFIPS": true, - "Region": "us-gov-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://securitylake-fips.us-gov-east-1.amazonaws.com" + "url": "https://securitylake-fips.us-east-1.amazonaws.com" } }, "params": { - "UseDualStack": false, + "Region": "us-east-1", "UseFIPS": true, - "Region": "us-gov-east-1" + "UseDualStack": false } }, { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://securitylake.us-gov-east-1.api.aws" + "url": "https://securitylake.us-east-1.api.aws" } }, "params": { - "UseDualStack": true, + "Region": "us-east-1", "UseFIPS": false, - "Region": "us-gov-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://securitylake.us-gov-east-1.amazonaws.com" + "url": "https://securitylake.us-east-1.amazonaws.com" } }, "params": { - "UseDualStack": false, + "Region": "us-east-1", "UseFIPS": false, - "Region": "us-gov-east-1" + "UseDualStack": false } }, { @@ -60,9 +60,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "cn-north-1", "UseFIPS": true, - "Region": "cn-north-1" + "UseDualStack": true } }, { @@ -73,9 +73,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "cn-north-1", "UseFIPS": true, - "Region": "cn-north-1" + "UseDualStack": false } }, { @@ -86,9 +86,9 @@ } }, "params": { - "UseDualStack": true, + "Region": "cn-north-1", "UseFIPS": false, - "Region": "cn-north-1" + "UseDualStack": true } }, { @@ -99,109 +99,109 @@ } }, "params": { - "UseDualStack": false, + "Region": "cn-north-1", "UseFIPS": false, - "Region": "cn-north-1" + "UseDualStack": false } }, { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + "endpoint": { + "url": "https://securitylake-fips.us-gov-east-1.api.aws" + } }, "params": { - "UseDualStack": true, + "Region": "us-gov-east-1", "UseFIPS": true, - "Region": "us-iso-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://securitylake-fips.us-iso-east-1.c2s.ic.gov" + "url": "https://securitylake-fips.us-gov-east-1.amazonaws.com" } }, "params": { - "UseDualStack": false, + "Region": "us-gov-east-1", "UseFIPS": true, - "Region": "us-iso-east-1" + "UseDualStack": false } }, { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" + "endpoint": { + "url": "https://securitylake.us-gov-east-1.api.aws" + } }, "params": { - "UseDualStack": true, + "Region": "us-gov-east-1", "UseFIPS": false, - "Region": "us-iso-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://securitylake.us-iso-east-1.c2s.ic.gov" + "url": "https://securitylake.us-gov-east-1.amazonaws.com" } }, "params": { - "UseDualStack": false, + "Region": "us-gov-east-1", "UseFIPS": false, - "Region": "us-iso-east-1" + "UseDualStack": false } }, { - "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", "expect": { - "endpoint": { - "url": "https://securitylake-fips.us-east-1.api.aws" - } + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "UseDualStack": true, + "Region": "us-iso-east-1", "UseFIPS": true, - "Region": "us-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://securitylake-fips.us-east-1.amazonaws.com" + "url": "https://securitylake-fips.us-iso-east-1.c2s.ic.gov" } }, "params": { - "UseDualStack": false, + "Region": "us-iso-east-1", "UseFIPS": true, - "Region": "us-east-1" + "UseDualStack": false } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", "expect": { - "endpoint": { - "url": "https://securitylake.us-east-1.api.aws" - } + "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "UseDualStack": true, + "Region": "us-iso-east-1", "UseFIPS": false, - "Region": "us-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://securitylake.us-east-1.amazonaws.com" + "url": "https://securitylake.us-iso-east-1.c2s.ic.gov" } }, "params": { - "UseDualStack": false, + "Region": "us-iso-east-1", "UseFIPS": false, - "Region": "us-east-1" + "UseDualStack": false } }, { @@ -210,9 +210,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { - "UseDualStack": true, + "Region": "us-isob-east-1", "UseFIPS": true, - "Region": "us-isob-east-1" + "UseDualStack": true } }, { @@ -223,9 +223,9 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-isob-east-1", "UseFIPS": true, - "Region": "us-isob-east-1" + "UseDualStack": false } }, { @@ -234,9 +234,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { - "UseDualStack": true, + "Region": "us-isob-east-1", "UseFIPS": false, - "Region": "us-isob-east-1" + "UseDualStack": true } }, { @@ -247,22 +247,35 @@ } }, "params": { - "UseDualStack": false, + "Region": "us-isob-east-1", "UseFIPS": false, - "Region": "us-isob-east-1" + "UseDualStack": false } }, { - "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", "expect": { "endpoint": { "url": "https://example.com" } }, "params": { + "Region": "us-east-1", + "UseFIPS": false, "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { "UseFIPS": false, - "Region": "us-east-1", + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -272,9 +285,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { - "UseDualStack": false, - "UseFIPS": true, "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -284,11 +297,17 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { - "UseDualStack": true, - "UseFIPS": false, "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": true, "Endpoint": "https://example.com" } + }, + { + "documentation": "Missing region", + "expect": { + "error": "Invalid Configuration: Missing Region" + } } ], "version": "1.0" diff --git a/models/apis/service-quotas/2019-06-24/api-2.json b/models/apis/service-quotas/2019-06-24/api-2.json index e9f2f85a142..3945713dc3a 100644 --- a/models/apis/service-quotas/2019-06-24/api-2.json +++ b/models/apis/service-quotas/2019-06-24/api-2.json @@ -373,6 +373,14 @@ "min":1, "pattern":"arn:aws(-[\\w]+)*:*:.+:[0-9]{12}:.+" }, + "AppliedLevelEnum":{ + "type":"string", + "enum":[ + "ACCOUNT", + "RESOURCE", + "ALL" + ] + }, "AssociateServiceQuotaTemplateRequest":{ "type":"structure", "members":{ @@ -512,7 +520,8 @@ ], "members":{ "ServiceCode":{"shape":"ServiceCode"}, - "QuotaCode":{"shape":"QuotaCode"} + "QuotaCode":{"shape":"QuotaCode"}, + "ContextId":{"shape":"QuotaContextId"} } }, "GetServiceQuotaResponse":{ @@ -579,7 +588,8 @@ "QuotaCode":{"shape":"QuotaCode"}, "Status":{"shape":"RequestStatus"}, "NextToken":{"shape":"NextToken"}, - "MaxResults":{"shape":"MaxResults"} + "MaxResults":{"shape":"MaxResults"}, + "QuotaRequestedAtLevel":{"shape":"AppliedLevelEnum"} } }, "ListRequestedServiceQuotaChangeHistoryByQuotaResponse":{ @@ -595,7 +605,8 @@ "ServiceCode":{"shape":"ServiceCode"}, "Status":{"shape":"RequestStatus"}, "NextToken":{"shape":"NextToken"}, - "MaxResults":{"shape":"MaxResults"} + "MaxResults":{"shape":"MaxResults"}, + "QuotaRequestedAtLevel":{"shape":"AppliedLevelEnum"} } }, "ListRequestedServiceQuotaChangeHistoryResponse":{ @@ -627,7 +638,9 @@ "members":{ "ServiceCode":{"shape":"ServiceCode"}, "NextToken":{"shape":"NextToken"}, - "MaxResults":{"shape":"MaxResults"} + "MaxResults":{"shape":"MaxResults"}, + "QuotaCode":{"shape":"QuotaCode"}, + "QuotaAppliedAtLevel":{"shape":"AppliedLevelEnum"} } }, "ListServiceQuotasResponse":{ @@ -759,6 +772,23 @@ "min":1, "pattern":"[a-zA-Z][a-zA-Z0-9-]{1,128}" }, + "QuotaContextId":{"type":"string"}, + "QuotaContextInfo":{ + "type":"structure", + "members":{ + "ContextScope":{"shape":"QuotaContextScope"}, + "ContextScopeType":{"shape":"QuotaContextScopeType"}, + "ContextId":{"shape":"QuotaContextId"} + } + }, + "QuotaContextScope":{ + "type":"string", + "enum":[ + "RESOURCE", + "ACCOUNT" + ] + }, + "QuotaContextScopeType":{"type":"string"}, "QuotaExceededException":{ "type":"structure", "members":{ @@ -798,7 +828,8 @@ "members":{ "ServiceCode":{"shape":"ServiceCode"}, "QuotaCode":{"shape":"QuotaCode"}, - "DesiredValue":{"shape":"QuotaValue"} + "DesiredValue":{"shape":"QuotaValue"}, + "ContextId":{"shape":"QuotaContextId"} } }, "RequestServiceQuotaIncreaseResponse":{ @@ -814,7 +845,9 @@ "CASE_OPENED", "APPROVED", "DENIED", - "CASE_CLOSED" + "CASE_CLOSED", + "NOT_APPROVED", + "INVALID_REQUEST" ] }, "RequestedServiceQuotaChange":{ @@ -833,7 +866,9 @@ "Requester":{"shape":"Requester"}, "QuotaArn":{"shape":"QuotaArn"}, "GlobalQuota":{"shape":"GlobalQuota"}, - "Unit":{"shape":"QuotaUnit"} + "Unit":{"shape":"QuotaUnit"}, + "QuotaRequestedAtLevel":{"shape":"AppliedLevelEnum"}, + "QuotaContext":{"shape":"QuotaContextInfo"} } }, "RequestedServiceQuotaChangeHistoryListDefinition":{ @@ -888,7 +923,9 @@ "GlobalQuota":{"shape":"GlobalQuota"}, "UsageMetric":{"shape":"MetricInfo"}, "Period":{"shape":"QuotaPeriod"}, - "ErrorReason":{"shape":"ErrorReason"} + "ErrorReason":{"shape":"ErrorReason"}, + "QuotaAppliedAtLevel":{"shape":"AppliedLevelEnum"}, + "QuotaContext":{"shape":"QuotaContextInfo"} } }, "ServiceQuotaIncreaseRequestInTemplate":{ diff --git a/models/apis/service-quotas/2019-06-24/docs-2.json b/models/apis/service-quotas/2019-06-24/docs-2.json index 3978240534e..7d6a82d4e2c 100644 --- a/models/apis/service-quotas/2019-06-24/docs-2.json +++ b/models/apis/service-quotas/2019-06-24/docs-2.json @@ -1,21 +1,21 @@ { "version": "2.0", - "service": "

With Service Quotas, you can view and manage your quotas easily as your AWS workloads grow. Quotas, also referred to as limits, are the maximum number of resources that you can create in your AWS account. For more information, see the Service Quotas User Guide.

", + "service": "

With Service Quotas, you can view and manage your quotas easily as your Amazon Web Services workloads grow. Quotas, also referred to as limits, are the maximum number of resources that you can create in your Amazon Web Services account. For more information, see the Service Quotas User Guide.

", "operations": { - "AssociateServiceQuotaTemplate": "

Associates your quota request template with your organization. When a new account is created in your organization, the quota increase requests in the template are automatically applied to the account. You can add a quota increase request for any adjustable quota to your template.

", + "AssociateServiceQuotaTemplate": "

Associates your quota request template with your organization. When a new Amazon Web Services account is created in your organization, the quota increase requests in the template are automatically applied to the account. You can add a quota increase request for any adjustable quota to your template.

", "DeleteServiceQuotaIncreaseRequestFromTemplate": "

Deletes the quota increase request for the specified quota from your quota request template.

", - "DisassociateServiceQuotaTemplate": "

Disables your quota request template. After a template is disabled, the quota increase requests in the template are not applied to new accounts in your organization. Disabling a quota request template does not apply its quota increase requests.

", + "DisassociateServiceQuotaTemplate": "

Disables your quota request template. After a template is disabled, the quota increase requests in the template are not applied to new Amazon Web Services accounts in your organization. Disabling a quota request template does not apply its quota increase requests.

", "GetAWSDefaultServiceQuota": "

Retrieves the default value for the specified quota. The default value does not reflect any quota increases.

", "GetAssociationForServiceQuotaTemplate": "

Retrieves the status of the association for the quota request template.

", "GetRequestedServiceQuotaChange": "

Retrieves information about the specified quota increase request.

", "GetServiceQuota": "

Retrieves the applied quota value for the specified quota. For some quotas, only the default values are available. If the applied quota value is not available for a quota, the quota is not retrieved.

", "GetServiceQuotaIncreaseRequestFromTemplate": "

Retrieves information about the specified quota increase request in your quota request template.

", - "ListAWSDefaultServiceQuotas": "

Lists the default values for the quotas for the specified AWS service. A default value does not reflect any quota increases.

", - "ListRequestedServiceQuotaChangeHistory": "

Retrieves the quota increase requests for the specified service.

", + "ListAWSDefaultServiceQuotas": "

Lists the default values for the quotas for the specified Amazon Web Service. A default value does not reflect any quota increases.

", + "ListRequestedServiceQuotaChangeHistory": "

Retrieves the quota increase requests for the specified Amazon Web Service.

", "ListRequestedServiceQuotaChangeHistoryByQuota": "

Retrieves the quota increase requests for the specified quota.

", "ListServiceQuotaIncreaseRequestsInTemplate": "

Lists the quota increase requests in the specified quota request template.

", - "ListServiceQuotas": "

Lists the applied quota values for the specified AWS service. For some quotas, only the default values are available. If the applied quota value is not available for a quota, the quota is not retrieved.

", - "ListServices": "

Lists the names and codes for the services integrated with Service Quotas.

", + "ListServiceQuotas": "

Lists the applied quota values for the specified Amazon Web Service. For some quotas, only the default values are available. If the applied quota value is not available for a quota, the quota is not retrieved.

", + "ListServices": "

Lists the names and codes for the Amazon Web Services integrated with Service Quotas.

", "ListTagsForResource": "

Returns a list of the tags assigned to the specified applied quota.

", "PutServiceQuotaIncreaseRequestIntoTemplate": "

Adds a quota increase request to your quota request template.

", "RequestServiceQuotaIncrease": "

Submits a quota increase request for the specified quota.

", @@ -36,9 +36,19 @@ "AmazonResourceName": { "base": null, "refs": { - "ListTagsForResourceRequest$ResourceARN": "

The Amazon Resource Name (ARN) for the applied quota for which you want to list tags. You can get this information by using the Service Quotas console, or by listing the quotas using the list-service-quotas AWS CLI command or the ListServiceQuotas AWS API operation.

", - "TagResourceRequest$ResourceARN": "

The Amazon Resource Name (ARN) for the applied quota. You can get this information by using the Service Quotas console, or by listing the quotas using the list-service-quotas AWS CLI command or the ListServiceQuotas AWS API operation.

", - "UntagResourceRequest$ResourceARN": "

The Amazon Resource Name (ARN) for the applied quota that you want to untag. You can get this information by using the Service Quotas console, or by listing the quotas using the list-service-quotas AWS CLI command or the ListServiceQuotas AWS API operation.

" + "ListTagsForResourceRequest$ResourceARN": "

The Amazon Resource Name (ARN) for the applied quota for which you want to list tags. You can get this information by using the Service Quotas console, or by listing the quotas using the list-service-quotas CLI command or the ListServiceQuotas Amazon Web Services API operation.

", + "TagResourceRequest$ResourceARN": "

The Amazon Resource Name (ARN) for the applied quota. You can get this information by using the Service Quotas console, or by listing the quotas using the list-service-quotas CLI command or the ListServiceQuotas Amazon Web Services API operation.

", + "UntagResourceRequest$ResourceARN": "

The Amazon Resource Name (ARN) for the applied quota that you want to untag. You can get this information by using the Service Quotas console, or by listing the quotas using the list-service-quotas CLI command or the ListServiceQuotas Amazon Web Services API operation.

" + } + }, + "AppliedLevelEnum": { + "base": null, + "refs": { + "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$QuotaRequestedAtLevel": "

Specifies at which level within the Amazon Web Services account the quota request applies to.

", + "ListRequestedServiceQuotaChangeHistoryRequest$QuotaRequestedAtLevel": "

Specifies at which level within the Amazon Web Services account the quota request applies to.

", + "ListServiceQuotasRequest$QuotaAppliedAtLevel": "

Specifies at which level of granularity that the quota value is applied.

", + "RequestedServiceQuotaChange$QuotaRequestedAtLevel": "

Specifies at which level within the Amazon Web Services account the quota request applies to.

", + "ServiceQuota$QuotaAppliedAtLevel": "

Specifies at which level of granularity that the quota value is applied.

" } }, "AssociateServiceQuotaTemplateRequest": { @@ -54,11 +64,11 @@ "AwsRegion": { "base": null, "refs": { - "DeleteServiceQuotaIncreaseRequestFromTemplateRequest$AwsRegion": "

The AWS Region.

", - "GetServiceQuotaIncreaseRequestFromTemplateRequest$AwsRegion": "

The AWS Region.

", - "ListServiceQuotaIncreaseRequestsInTemplateRequest$AwsRegion": "

The AWS Region.

", - "PutServiceQuotaIncreaseRequestIntoTemplateRequest$AwsRegion": "

The AWS Region.

", - "ServiceQuotaIncreaseRequestInTemplate$AwsRegion": "

The AWS Region.

" + "DeleteServiceQuotaIncreaseRequestFromTemplateRequest$AwsRegion": "

Specifies the Amazon Web Services Region for which the request was made.

", + "GetServiceQuotaIncreaseRequestFromTemplateRequest$AwsRegion": "

Specifies the Amazon Web Services Region for which you made the request.

", + "ListServiceQuotaIncreaseRequestsInTemplateRequest$AwsRegion": "

Specifies the Amazon Web Services Region for which you made the request.

", + "PutServiceQuotaIncreaseRequestIntoTemplateRequest$AwsRegion": "

Specifies the Amazon Web Services Region to which the template applies.

", + "ServiceQuotaIncreaseRequestInTemplate$AwsRegion": "

The Amazon Web Services Region.

" } }, "CustomerServiceEngagementId": { @@ -102,7 +112,7 @@ "ErrorCode": { "base": null, "refs": { - "ErrorReason$ErrorCode": "

Service Quotas returns the following error values:

  • DEPENDENCY_ACCESS_DENIED_ERROR - The caller does not have the required permissions to complete the action. To resolve the error, you must have permission to access the service or quota.

  • DEPENDENCY_THROTTLING_ERROR - The service is throttling Service Quotas.

  • DEPENDENCY_SERVICE_ERROR - The service is not available.

  • SERVICE_QUOTA_NOT_AVAILABLE_ERROR - There was an error in Service Quotas.

" + "ErrorReason$ErrorCode": "

Service Quotas returns the following error values:

  • DEPENDENCY_ACCESS_DENIED_ERROR - The caller does not have the required permissions to complete the action. To resolve the error, you must have permission to access the Amazon Web Service or quota.

  • DEPENDENCY_THROTTLING_ERROR - The Amazon Web Service is throttling Service Quotas.

  • DEPENDENCY_SERVICE_ERROR - The Amazon Web Service is not available.

  • SERVICE_QUOTA_NOT_AVAILABLE_ERROR - There was an error in Service Quotas.

" } }, "ErrorMessage": { @@ -297,12 +307,12 @@ "MaxResults": { "base": null, "refs": { - "ListAWSDefaultServiceQuotasRequest$MaxResults": "

The maximum number of results to return with a single call. To retrieve the remaining results, if any, make another call with the token returned from this call.

", - "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$MaxResults": "

The maximum number of results to return with a single call. To retrieve the remaining results, if any, make another call with the token returned from this call.

", - "ListRequestedServiceQuotaChangeHistoryRequest$MaxResults": "

The maximum number of results to return with a single call. To retrieve the remaining results, if any, make another call with the token returned from this call.

", - "ListServiceQuotaIncreaseRequestsInTemplateRequest$MaxResults": "

The maximum number of results to return with a single call. To retrieve the remaining results, if any, make another call with the token returned from this call.

", - "ListServiceQuotasRequest$MaxResults": "

The maximum number of results to return with a single call. To retrieve the remaining results, if any, make another call with the token returned from this call.

", - "ListServicesRequest$MaxResults": "

The maximum number of results to return with a single call. To retrieve the remaining results, if any, make another call with the token returned from this call.

" + "ListAWSDefaultServiceQuotasRequest$MaxResults": "

Specifies the maximum number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value appropriate to the operation. If additional items exist beyond those included in the current response, the NextToken response element is present and has a value (is not null). Include that value as the NextToken request parameter in the next call to the operation to get the next part of the results.

An API operation can return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

", + "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$MaxResults": "

Specifies the maximum number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value appropriate to the operation. If additional items exist beyond those included in the current response, the NextToken response element is present and has a value (is not null). Include that value as the NextToken request parameter in the next call to the operation to get the next part of the results.

An API operation can return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

", + "ListRequestedServiceQuotaChangeHistoryRequest$MaxResults": "

Specifies the maximum number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value appropriate to the operation. If additional items exist beyond those included in the current response, the NextToken response element is present and has a value (is not null). Include that value as the NextToken request parameter in the next call to the operation to get the next part of the results.

An API operation can return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

", + "ListServiceQuotaIncreaseRequestsInTemplateRequest$MaxResults": "

Specifies the maximum number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value appropriate to the operation. If additional items exist beyond those included in the current response, the NextToken response element is present and has a value (is not null). Include that value as the NextToken request parameter in the next call to the operation to get the next part of the results.

An API operation can return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

", + "ListServiceQuotasRequest$MaxResults": "

Specifies the maximum number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value appropriate to the operation. If additional items exist beyond those included in the current response, the NextToken response element is present and has a value (is not null). Include that value as the NextToken request parameter in the next call to the operation to get the next part of the results.

An API operation can return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

", + "ListServicesRequest$MaxResults": "

Specifies the maximum number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value appropriate to the operation. If additional items exist beyond those included in the current response, the NextToken response element is present and has a value (is not null). Include that value as the NextToken request parameter in the next call to the operation to get the next part of the results.

An API operation can return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

" } }, "MetricDimensionName": { @@ -332,22 +342,22 @@ "NextToken": { "base": null, "refs": { - "ListAWSDefaultServiceQuotasRequest$NextToken": "

The token for the next page of results.

", - "ListAWSDefaultServiceQuotasResponse$NextToken": "

The token to use to retrieve the next page of results. This value is null when there are no more results to return.

", - "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$NextToken": "

The token for the next page of results.

", - "ListRequestedServiceQuotaChangeHistoryByQuotaResponse$NextToken": "

The token to use to retrieve the next page of results. This value is null when there are no more results to return.

", - "ListRequestedServiceQuotaChangeHistoryRequest$NextToken": "

The token for the next page of results.

", - "ListRequestedServiceQuotaChangeHistoryResponse$NextToken": "

The token to use to retrieve the next page of results. This value is null when there are no more results to return.

", - "ListServiceQuotaIncreaseRequestsInTemplateRequest$NextToken": "

The token for the next page of results.

", - "ListServiceQuotaIncreaseRequestsInTemplateResponse$NextToken": "

The token to use to retrieve the next page of results. This value is null when there are no more results to return.

", - "ListServiceQuotasRequest$NextToken": "

The token for the next page of results.

", - "ListServiceQuotasResponse$NextToken": "

The token to use to retrieve the next page of results. This value is null when there are no more results to return.

", - "ListServicesRequest$NextToken": "

The token for the next page of results.

", - "ListServicesResponse$NextToken": "

The token to use to retrieve the next page of results. This value is null when there are no more results to return.

" + "ListAWSDefaultServiceQuotasRequest$NextToken": "

Specifies a value for receiving additional results after you receive a NextToken response in a previous request. A NextToken response indicates that more output is available. Set this parameter to the value of the previous call's NextToken response to indicate where the output should continue from.

", + "ListAWSDefaultServiceQuotasResponse$NextToken": "

If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null.

", + "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$NextToken": "

Specifies a value for receiving additional results after you receive a NextToken response in a previous request. A NextToken response indicates that more output is available. Set this parameter to the value of the previous call's NextToken response to indicate where the output should continue from.

", + "ListRequestedServiceQuotaChangeHistoryByQuotaResponse$NextToken": "

If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null.

", + "ListRequestedServiceQuotaChangeHistoryRequest$NextToken": "

Specifies a value for receiving additional results after you receive a NextToken response in a previous request. A NextToken response indicates that more output is available. Set this parameter to the value of the previous call's NextToken response to indicate where the output should continue from.

", + "ListRequestedServiceQuotaChangeHistoryResponse$NextToken": "

If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null.

", + "ListServiceQuotaIncreaseRequestsInTemplateRequest$NextToken": "

Specifies a value for receiving additional results after you receive a NextToken response in a previous request. A NextToken response indicates that more output is available. Set this parameter to the value of the previous call's NextToken response to indicate where the output should continue from.

", + "ListServiceQuotaIncreaseRequestsInTemplateResponse$NextToken": "

If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null.

", + "ListServiceQuotasRequest$NextToken": "

Specifies a value for receiving additional results after you receive a NextToken response in a previous request. A NextToken response indicates that more output is available. Set this parameter to the value of the previous call's NextToken response to indicate where the output should continue from.

", + "ListServiceQuotasResponse$NextToken": "

If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null.

", + "ListServicesRequest$NextToken": "

Specifies a value for receiving additional results after you receive a NextToken response in a previous request. A NextToken response indicates that more output is available. Set this parameter to the value of the previous call's NextToken response to indicate where the output should continue from.

", + "ListServicesResponse$NextToken": "

If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until the NextToken response element comes back as null.

" } }, "NoAvailableOrganizationException": { - "base": "

The account making this call is not a member of an organization.

", + "base": "

The Amazon Web Services account making this call is not a member of an organization.

", "refs": { } }, @@ -357,7 +367,7 @@ } }, "OrganizationNotInAllFeaturesModeException": { - "base": "

The organization that your account belongs to is not in All Features mode.

", + "base": "

The organization that your Amazon Web Services account belongs to is not in All Features mode.

", "refs": { } }, @@ -376,7 +386,7 @@ "PeriodValue": { "base": null, "refs": { - "QuotaPeriod$PeriodValue": "

The value.

" + "QuotaPeriod$PeriodValue": "

The value associated with the reported PeriodUnit.

" } }, "PutServiceQuotaIncreaseRequestIntoTemplateRequest": { @@ -405,16 +415,44 @@ "QuotaCode": { "base": null, "refs": { - "DeleteServiceQuotaIncreaseRequestFromTemplateRequest$QuotaCode": "

The quota identifier.

", - "GetAWSDefaultServiceQuotaRequest$QuotaCode": "

The quota identifier.

", - "GetServiceQuotaIncreaseRequestFromTemplateRequest$QuotaCode": "

The quota identifier.

", - "GetServiceQuotaRequest$QuotaCode": "

The quota identifier.

", - "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$QuotaCode": "

The quota identifier.

", - "PutServiceQuotaIncreaseRequestIntoTemplateRequest$QuotaCode": "

The quota identifier.

", - "RequestServiceQuotaIncreaseRequest$QuotaCode": "

The quota identifier.

", - "RequestedServiceQuotaChange$QuotaCode": "

The quota identifier.

", - "ServiceQuota$QuotaCode": "

The quota identifier.

", - "ServiceQuotaIncreaseRequestInTemplate$QuotaCode": "

The quota identifier.

" + "DeleteServiceQuotaIncreaseRequestFromTemplateRequest$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "GetAWSDefaultServiceQuotaRequest$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "GetServiceQuotaIncreaseRequestFromTemplateRequest$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "GetServiceQuotaRequest$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "ListServiceQuotasRequest$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "PutServiceQuotaIncreaseRequestIntoTemplateRequest$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "RequestServiceQuotaIncreaseRequest$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "RequestedServiceQuotaChange$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "ServiceQuota$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

", + "ServiceQuotaIncreaseRequestInTemplate$QuotaCode": "

Specifies the quota identifier. To find the quota code for a specific quota, use the ListServiceQuotas operation, and look for the QuotaCode response in the output for the quota you want.

" + } + }, + "QuotaContextId": { + "base": null, + "refs": { + "GetServiceQuotaRequest$ContextId": "

Specifies the Amazon Web Services account or resource to which the quota applies. The value in this field depends on the context scope associated with the specified service quota.

", + "QuotaContextInfo$ContextId": "

Specifies the Amazon Web Services account or resource to which the quota applies. The value in this field depends on the context scope associated with the specified service quota.

", + "RequestServiceQuotaIncreaseRequest$ContextId": "

Specifies the Amazon Web Services account or resource to which the quota applies. The value in this field depends on the context scope associated with the specified service quota.

" + } + }, + "QuotaContextInfo": { + "base": "

A structure that describes the context for a service quota. The context identifies what the quota applies to.

", + "refs": { + "RequestedServiceQuotaChange$QuotaContext": "

The context for this service quota.

", + "ServiceQuota$QuotaContext": "

The context for this service quota.

" + } + }, + "QuotaContextScope": { + "base": null, + "refs": { + "QuotaContextInfo$ContextScope": "

Specifies whether the quota applies to an Amazon Web Services account, or to a resource.

" + } + }, + "QuotaContextScopeType": { + "base": null, + "refs": { + "QuotaContextInfo$ContextScopeType": "

When the ContextScope is RESOURCE, then this specifies the resource type of the specified resource.

" } }, "QuotaExceededException": { @@ -437,9 +475,9 @@ "QuotaName": { "base": null, "refs": { - "RequestedServiceQuotaChange$QuotaName": "

The quota name.

", - "ServiceQuota$QuotaName": "

The quota name.

", - "ServiceQuotaIncreaseRequestInTemplate$QuotaName": "

The quota name.

" + "RequestedServiceQuotaChange$QuotaName": "

Specifies the quota name.

", + "ServiceQuota$QuotaName": "

Specifies the quota name.

", + "ServiceQuotaIncreaseRequestInTemplate$QuotaName": "

Specifies the quota name.

" } }, "QuotaPeriod": { @@ -459,8 +497,8 @@ "QuotaValue": { "base": null, "refs": { - "PutServiceQuotaIncreaseRequestIntoTemplateRequest$DesiredValue": "

The new, increased value for the quota.

", - "RequestServiceQuotaIncreaseRequest$DesiredValue": "

The new, increased value for the quota.

", + "PutServiceQuotaIncreaseRequestIntoTemplateRequest$DesiredValue": "

Specifies the new, increased value for the quota.

", + "RequestServiceQuotaIncreaseRequest$DesiredValue": "

Specifies the new, increased value for the quota.

", "RequestedServiceQuotaChange$DesiredValue": "

The new, increased value for the quota.

", "ServiceQuota$Value": "

The quota value.

", "ServiceQuotaIncreaseRequestInTemplate$DesiredValue": "

The new, increased value of the quota.

" @@ -469,7 +507,7 @@ "RequestId": { "base": null, "refs": { - "GetRequestedServiceQuotaChangeRequest$RequestId": "

The ID of the quota increase request.

", + "GetRequestedServiceQuotaChangeRequest$RequestId": "

Specifies the ID of the quota increase request.

", "RequestedServiceQuotaChange$Id": "

The unique identifier.

" } }, @@ -486,8 +524,8 @@ "RequestStatus": { "base": null, "refs": { - "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$Status": "

The status value of the quota increase request.

", - "ListRequestedServiceQuotaChangeHistoryRequest$Status": "

The status of the quota increase request.

", + "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$Status": "

Specifies that you want to filter the results to only the requests with the matching status.

", + "ListRequestedServiceQuotaChangeHistoryRequest$Status": "

Specifies that you want to filter the results to only the requests with the matching status.

", "RequestedServiceQuotaChange$Status": "

The state of the quota increase request.

" } }, @@ -520,21 +558,21 @@ "ServiceCode": { "base": null, "refs": { - "DeleteServiceQuotaIncreaseRequestFromTemplateRequest$ServiceCode": "

The service identifier.

", - "GetAWSDefaultServiceQuotaRequest$ServiceCode": "

The service identifier.

", - "GetServiceQuotaIncreaseRequestFromTemplateRequest$ServiceCode": "

The service identifier.

", - "GetServiceQuotaRequest$ServiceCode": "

The service identifier.

", - "ListAWSDefaultServiceQuotasRequest$ServiceCode": "

The service identifier.

", - "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$ServiceCode": "

The service identifier.

", - "ListRequestedServiceQuotaChangeHistoryRequest$ServiceCode": "

The service identifier.

", - "ListServiceQuotaIncreaseRequestsInTemplateRequest$ServiceCode": "

The service identifier.

", - "ListServiceQuotasRequest$ServiceCode": "

The service identifier.

", - "PutServiceQuotaIncreaseRequestIntoTemplateRequest$ServiceCode": "

The service identifier.

", - "RequestServiceQuotaIncreaseRequest$ServiceCode": "

The service identifier.

", - "RequestedServiceQuotaChange$ServiceCode": "

The service identifier.

", - "ServiceInfo$ServiceCode": "

The service identifier.

", - "ServiceQuota$ServiceCode": "

The service identifier.

", - "ServiceQuotaIncreaseRequestInTemplate$ServiceCode": "

The service identifier.

" + "DeleteServiceQuotaIncreaseRequestFromTemplateRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "GetAWSDefaultServiceQuotaRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "GetServiceQuotaIncreaseRequestFromTemplateRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "GetServiceQuotaRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "ListAWSDefaultServiceQuotasRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "ListRequestedServiceQuotaChangeHistoryByQuotaRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "ListRequestedServiceQuotaChangeHistoryRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "ListServiceQuotaIncreaseRequestsInTemplateRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "ListServiceQuotasRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "PutServiceQuotaIncreaseRequestIntoTemplateRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "RequestServiceQuotaIncreaseRequest$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "RequestedServiceQuotaChange$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "ServiceInfo$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "ServiceQuota$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

", + "ServiceQuotaIncreaseRequestInTemplate$ServiceCode": "

Specifies the service identifier. To find the service code value for an Amazon Web Services service, use the ListServices operation.

" } }, "ServiceException": { @@ -543,7 +581,7 @@ } }, "ServiceInfo": { - "base": "

Information about a service.

", + "base": "

Information about an Amazon Web Service.

", "refs": { "ServiceInfoListDefinition$member": null } @@ -551,16 +589,16 @@ "ServiceInfoListDefinition": { "base": null, "refs": { - "ListServicesResponse$Services": "

Information about the services.

" + "ListServicesResponse$Services": "

The list of the Amazon Web Service names and service codes.

" } }, "ServiceName": { "base": null, "refs": { - "RequestedServiceQuotaChange$ServiceName": "

The service name.

", - "ServiceInfo$ServiceName": "

The service name.

", - "ServiceQuota$ServiceName": "

The service name.

", - "ServiceQuotaIncreaseRequestInTemplate$ServiceName": "

The service name.

" + "RequestedServiceQuotaChange$ServiceName": "

Specifies the service name.

", + "ServiceInfo$ServiceName": "

Specifies the service name.

", + "ServiceQuota$ServiceName": "

Specifies the service name.

", + "ServiceQuotaIncreaseRequestInTemplate$ServiceName": "

Specifies the service name.

" } }, "ServiceQuota": { @@ -595,7 +633,7 @@ "ServiceQuotaTemplateAssociationStatus": { "base": null, "refs": { - "GetAssociationForServiceQuotaTemplateResponse$ServiceQuotaTemplateAssociationStatus": "

The association status. If the status is ASSOCIATED, the quota increase requests in the template are automatically applied to new accounts in your organization.

" + "GetAssociationForServiceQuotaTemplateResponse$ServiceQuotaTemplateAssociationStatus": "

The association status. If the status is ASSOCIATED, the quota increase requests in the template are automatically applied to new Amazon Web Services accounts in your organization.

" } }, "ServiceQuotaTemplateNotInUseException": { @@ -645,7 +683,7 @@ } }, "TemplatesNotAvailableInRegionException": { - "base": "

The Service Quotas template is not available in this AWS Region.

", + "base": "

The Service Quotas template is not available in this Amazon Web Services Region.

", "refs": { } }, diff --git a/models/apis/service-quotas/2019-06-24/endpoint-rule-set-1.json b/models/apis/service-quotas/2019-06-24/endpoint-rule-set-1.json new file mode 100644 index 00000000000..df63941e748 --- /dev/null +++ b/models/apis/service-quotas/2019-06-24/endpoint-rule-set-1.json @@ -0,0 +1,339 @@ +{ + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": false, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://servicequotas-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "stringEquals", + "argv": [ + "aws-us-gov", + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "name" + ] + } + ] + } + ], + "endpoint": { + "url": "https://servicequotas.{Region}.amazonaws.com", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [], + "endpoint": { + "url": "https://servicequotas-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://servicequotas.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://servicequotas.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" + } + ] +} \ No newline at end of file diff --git a/models/apis/service-quotas/2019-06-24/endpoint-tests-1.json b/models/apis/service-quotas/2019-06-24/endpoint-tests-1.json new file mode 100644 index 00000000000..c4b5fe6484a --- /dev/null +++ b/models/apis/service-quotas/2019-06-24/endpoint-tests-1.json @@ -0,0 +1,613 @@ +{ + "testCases": [ + { + "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.af-south-1.amazonaws.com" + } + }, + "params": { + "Region": "af-south-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.ap-east-1.amazonaws.com" + } + }, + "params": { + "Region": "ap-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "Region": "ap-northeast-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.ap-northeast-2.amazonaws.com" + } + }, + "params": { + "Region": "ap-northeast-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.ap-northeast-3.amazonaws.com" + } + }, + "params": { + "Region": "ap-northeast-3", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.ap-south-1.amazonaws.com" + } + }, + "params": { + "Region": "ap-south-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.ap-southeast-1.amazonaws.com" + } + }, + "params": { + "Region": "ap-southeast-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "Region": "ap-southeast-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.ap-southeast-3.amazonaws.com" + } + }, + "params": { + "Region": "ap-southeast-3", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.ca-central-1.amazonaws.com" + } + }, + "params": { + "Region": "ca-central-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.eu-central-1.amazonaws.com" + } + }, + "params": { + "Region": "eu-central-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.eu-north-1.amazonaws.com" + } + }, + "params": { + "Region": "eu-north-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.eu-south-1.amazonaws.com" + } + }, + "params": { + "Region": "eu-south-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.eu-west-1.amazonaws.com" + } + }, + "params": { + "Region": "eu-west-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.eu-west-2.amazonaws.com" + } + }, + "params": { + "Region": "eu-west-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.eu-west-3.amazonaws.com" + } + }, + "params": { + "Region": "eu-west-3", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.me-south-1.amazonaws.com" + } + }, + "params": { + "Region": "me-south-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.sa-east-1.amazonaws.com" + } + }, + "params": { + "Region": "sa-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-east-2.amazonaws.com" + } + }, + "params": { + "Region": "us-east-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-west-1.amazonaws.com" + } + }, + "params": { + "Region": "us-west-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-west-2.amazonaws.com" + } + }, + "params": { + "Region": "us-west-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://servicequotas-fips.us-east-1.api.aws" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-east-1.api.aws" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://servicequotas-fips.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas-fips.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-west-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-west-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://servicequotas-fips.us-gov-east-1.api.aws" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-gov-east-1.api.aws" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas-fips.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas-fips.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://servicequotas.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": true, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "Missing region", + "expect": { + "error": "Invalid Configuration: Missing Region" + } + } + ], + "version": "1.0" +} \ No newline at end of file diff --git a/models/apis/workspaces-web/2020-07-08/api-2.json b/models/apis/workspaces-web/2020-07-08/api-2.json index 1de18016b99..c93cf736eec 100644 --- a/models/apis/workspaces-web/2020-07-08/api-2.json +++ b/models/apis/workspaces-web/2020-07-08/api-2.json @@ -1263,6 +1263,7 @@ }, "BrowserSettingsSummary":{ "type":"structure", + "required":["browserSettingsArn"], "members":{ "browserSettingsArn":{"shape":"ARN"} } @@ -1335,6 +1336,47 @@ }, "exception":true }, + "CookieDomain":{ + "type":"string", + "max":253, + "min":0, + "pattern":"^(\\.?)(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\\.)*[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$" + }, + "CookieName":{ + "type":"string", + "max":4096, + "min":0 + }, + "CookiePath":{ + "type":"string", + "max":2000, + "min":0, + "pattern":"^/(\\S)*$" + }, + "CookieSpecification":{ + "type":"structure", + "required":["domain"], + "members":{ + "domain":{"shape":"CookieDomain"}, + "name":{"shape":"CookieName"}, + "path":{"shape":"CookiePath"} + } + }, + "CookieSpecifications":{ + "type":"list", + "member":{"shape":"CookieSpecification"}, + "max":10, + "min":0 + }, + "CookieSynchronizationConfiguration":{ + "type":"structure", + "required":["allowlist"], + "members":{ + "allowlist":{"shape":"CookieSpecifications"}, + "blocklist":{"shape":"CookieSpecifications"} + }, + "sensitive":true + }, "CreateBrowserSettingsRequest":{ "type":"structure", "required":["browserPolicy"], @@ -1379,7 +1421,7 @@ "type":"structure", "required":["identityProviderArn"], "members":{ - "identityProviderArn":{"shape":"ARN"} + "identityProviderArn":{"shape":"SubresourceARN"} } }, "CreateIpAccessSettingsRequest":{ @@ -1503,11 +1545,14 @@ "uploadAllowed" ], "members":{ + "additionalEncryptionContext":{"shape":"EncryptionContextMap"}, "clientToken":{ "shape":"ClientToken", "idempotencyToken":true }, + "cookieSynchronizationConfiguration":{"shape":"CookieSynchronizationConfiguration"}, "copyAllowed":{"shape":"EnabledType"}, + "customerManagedKey":{"shape":"keyArn"}, "disconnectTimeoutInMinutes":{"shape":"DisconnectTimeoutInMinutes"}, "downloadAllowed":{"shape":"EnabledType"}, "idleDisconnectTimeoutInMinutes":{"shape":"IdleDisconnectTimeoutInMinutes"}, @@ -1545,7 +1590,7 @@ "required":["identityProviderArn"], "members":{ "identityProviderArn":{ - "shape":"ARN", + "shape":"SubresourceARN", "location":"uri", "locationName":"identityProviderArn" } @@ -1804,7 +1849,7 @@ "required":["identityProviderArn"], "members":{ "identityProviderArn":{ - "shape":"ARN", + "shape":"SubresourceARN", "location":"uri", "locationName":"identityProviderArn" } @@ -1907,6 +1952,7 @@ }, "GetTrustStoreCertificateResponse":{ "type":"structure", + "required":["trustStoreArn"], "members":{ "certificate":{"shape":"Certificate"}, "trustStoreArn":{"shape":"ARN"} @@ -1967,7 +2013,7 @@ "type":"structure", "required":["identityProviderArn"], "members":{ - "identityProviderArn":{"shape":"ARN"}, + "identityProviderArn":{"shape":"SubresourceARN"}, "identityProviderDetails":{"shape":"IdentityProviderDetails"}, "identityProviderName":{"shape":"IdentityProviderName"}, "identityProviderType":{"shape":"IdentityProviderType"} @@ -1992,8 +2038,9 @@ }, "IdentityProviderSummary":{ "type":"structure", + "required":["identityProviderArn"], "members":{ - "identityProviderArn":{"shape":"ARN"}, + "identityProviderArn":{"shape":"SubresourceARN"}, "identityProviderName":{"shape":"IdentityProviderName"}, "identityProviderType":{"shape":"IdentityProviderType"} } @@ -2047,6 +2094,7 @@ }, "IpAccessSettingsSummary":{ "type":"structure", + "required":["ipAccessSettingsArn"], "members":{ "creationDate":{"shape":"Timestamp"}, "description":{"shape":"Description"}, @@ -2236,6 +2284,7 @@ }, "ListTrustStoreCertificatesResponse":{ "type":"structure", + "required":["trustStoreArn"], "members":{ "certificateList":{"shape":"CertificateSummaryList"}, "nextToken":{"shape":"PaginationToken"}, @@ -2330,6 +2379,7 @@ }, "NetworkSettingsSummary":{ "type":"structure", + "required":["networkSettingsArn"], "members":{ "networkSettingsArn":{"shape":"ARN"}, "vpcId":{"shape":"VpcId"} @@ -2343,6 +2393,7 @@ }, "Portal":{ "type":"structure", + "required":["portalArn"], "members":{ "authenticationType":{"shape":"AuthenticationType"}, "browserSettingsArn":{"shape":"ARN"}, @@ -2381,6 +2432,7 @@ }, "PortalSummary":{ "type":"structure", + "required":["portalArn"], "members":{ "authenticationType":{"shape":"AuthenticationType"}, "browserSettingsArn":{"shape":"ARN"}, @@ -2477,6 +2529,12 @@ "max":3, "min":2 }, + "SubresourceARN":{ + "type":"string", + "max":2048, + "min":20, + "pattern":"^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36}){2,}$" + }, "Tag":{ "type":"structure", "required":[ @@ -2573,6 +2631,7 @@ }, "TrustStore":{ "type":"structure", + "required":["trustStoreArn"], "members":{ "associatedPortalArns":{"shape":"ArnList"}, "trustStoreArn":{"shape":"ARN"} @@ -2644,7 +2703,7 @@ "idempotencyToken":true }, "identityProviderArn":{ - "shape":"ARN", + "shape":"SubresourceARN", "location":"uri", "locationName":"identityProviderArn" }, @@ -2784,6 +2843,7 @@ "shape":"ClientToken", "idempotencyToken":true }, + "cookieSynchronizationConfiguration":{"shape":"CookieSynchronizationConfiguration"}, "copyAllowed":{"shape":"EnabledType"}, "disconnectTimeoutInMinutes":{"shape":"DisconnectTimeoutInMinutes"}, "downloadAllowed":{"shape":"EnabledType"}, @@ -2820,6 +2880,7 @@ }, "UserAccessLoggingSettingsSummary":{ "type":"structure", + "required":["userAccessLoggingSettingsArn"], "members":{ "kinesisStreamArn":{"shape":"KinesisStreamArn"}, "userAccessLoggingSettingsArn":{"shape":"ARN"} @@ -2830,6 +2891,7 @@ "required":["userSettingsArn"], "members":{ "associatedPortalArns":{"shape":"ArnList"}, + "cookieSynchronizationConfiguration":{"shape":"CookieSynchronizationConfiguration"}, "copyAllowed":{"shape":"EnabledType"}, "disconnectTimeoutInMinutes":{"shape":"DisconnectTimeoutInMinutes"}, "downloadAllowed":{"shape":"EnabledType"}, @@ -2846,7 +2908,9 @@ }, "UserSettingsSummary":{ "type":"structure", + "required":["userSettingsArn"], "members":{ + "cookieSynchronizationConfiguration":{"shape":"CookieSynchronizationConfiguration"}, "copyAllowed":{"shape":"EnabledType"}, "disconnectTimeoutInMinutes":{"shape":"DisconnectTimeoutInMinutes"}, "downloadAllowed":{"shape":"EnabledType"}, diff --git a/models/apis/workspaces-web/2020-07-08/docs-2.json b/models/apis/workspaces-web/2020-07-08/docs-2.json index 18c3898e4f4..36ddfbc3eca 100644 --- a/models/apis/workspaces-web/2020-07-08/docs-2.json +++ b/models/apis/workspaces-web/2020-07-08/docs-2.json @@ -94,7 +94,6 @@ "BrowserSettingsSummary$browserSettingsArn": "

The ARN of the browser settings.

", "CreateBrowserSettingsResponse$browserSettingsArn": "

The ARN of the browser settings.

", "CreateIdentityProviderRequest$portalArn": "

The ARN of the web portal.

", - "CreateIdentityProviderResponse$identityProviderArn": "

The ARN of the identity provider.

", "CreateIpAccessSettingsResponse$ipAccessSettingsArn": "

The ARN of the IP access settings resource.

", "CreateNetworkSettingsResponse$networkSettingsArn": "

The ARN of the network settings.

", "CreatePortalResponse$portalArn": "

The ARN of the web portal.

", @@ -102,7 +101,6 @@ "CreateUserAccessLoggingSettingsResponse$userAccessLoggingSettingsArn": "

The ARN of the user access logging settings.

", "CreateUserSettingsResponse$userSettingsArn": "

The ARN of the user settings.

", "DeleteBrowserSettingsRequest$browserSettingsArn": "

The ARN of the browser settings.

", - "DeleteIdentityProviderRequest$identityProviderArn": "

The ARN of the identity provider.

", "DeleteIpAccessSettingsRequest$ipAccessSettingsArn": "

The ARN of the IP access settings.

", "DeleteNetworkSettingsRequest$networkSettingsArn": "

The ARN of the network settings.

", "DeletePortalRequest$portalArn": "

The ARN of the web portal.

", @@ -116,7 +114,6 @@ "DisassociateUserAccessLoggingSettingsRequest$portalArn": "

The ARN of the web portal.

", "DisassociateUserSettingsRequest$portalArn": "

The ARN of the web portal.

", "GetBrowserSettingsRequest$browserSettingsArn": "

The ARN of the browser settings.

", - "GetIdentityProviderRequest$identityProviderArn": "

The ARN of the identity provider.

", "GetIpAccessSettingsRequest$ipAccessSettingsArn": "

The ARN of the IP access settings.

", "GetNetworkSettingsRequest$networkSettingsArn": "

The ARN of the network settings.

", "GetPortalRequest$portalArn": "

The ARN of the web portal.

", @@ -127,8 +124,6 @@ "GetTrustStoreRequest$trustStoreArn": "

The ARN of the trust store.

", "GetUserAccessLoggingSettingsRequest$userAccessLoggingSettingsArn": "

The ARN of the user access logging settings.

", "GetUserSettingsRequest$userSettingsArn": "

The ARN of the user settings.

", - "IdentityProvider$identityProviderArn": "

The ARN of the identity provider.

", - "IdentityProviderSummary$identityProviderArn": "

The ARN of the identity provider.

", "IpAccessSettings$ipAccessSettingsArn": "

The ARN of the IP access settings resource.

", "IpAccessSettingsSummary$ipAccessSettingsArn": "

The ARN of IP access settings.

", "ListIdentityProvidersRequest$portalArn": "

The ARN of the web portal.

", @@ -157,7 +152,6 @@ "TrustStoreSummary$trustStoreArn": "

The ARN of the trust store.

", "UntagResourceRequest$resourceArn": "

The ARN of the resource.

", "UpdateBrowserSettingsRequest$browserSettingsArn": "

The ARN of the browser settings.

", - "UpdateIdentityProviderRequest$identityProviderArn": "

The ARN of the identity provider.

", "UpdateIpAccessSettingsRequest$ipAccessSettingsArn": "

The ARN of the IP access settings.

", "UpdateNetworkSettingsRequest$networkSettingsArn": "

The ARN of the network settings.

", "UpdatePortalRequest$portalArn": "

The ARN of the web portal.

", @@ -372,6 +366,46 @@ "refs": { } }, + "CookieDomain": { + "base": null, + "refs": { + "CookieSpecification$domain": "

The domain of the cookie.

" + } + }, + "CookieName": { + "base": null, + "refs": { + "CookieSpecification$name": "

The name of the cookie.

" + } + }, + "CookiePath": { + "base": null, + "refs": { + "CookieSpecification$path": "

The path of the cookie.

" + } + }, + "CookieSpecification": { + "base": "

Specifies a single cookie or set of cookies in an end user's browser.

", + "refs": { + "CookieSpecifications$member": null + } + }, + "CookieSpecifications": { + "base": null, + "refs": { + "CookieSynchronizationConfiguration$allowlist": "

The list of cookie specifications that are allowed to be synchronized to the remote browser.

", + "CookieSynchronizationConfiguration$blocklist": "

The list of cookie specifications that are blocked from being synchronized to the remote browser.

" + } + }, + "CookieSynchronizationConfiguration": { + "base": "

The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.

", + "refs": { + "CreateUserSettingsRequest$cookieSynchronizationConfiguration": "

The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.

", + "UpdateUserSettingsRequest$cookieSynchronizationConfiguration": "

The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.

If the allowlist and blocklist are empty, the configuration becomes null.

", + "UserSettings$cookieSynchronizationConfiguration": "

The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.

", + "UserSettingsSummary$cookieSynchronizationConfiguration": "

The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.

" + } + }, "CreateBrowserSettingsRequest": { "base": null, "refs": { @@ -654,7 +688,8 @@ "refs": { "CreateBrowserSettingsRequest$additionalEncryptionContext": "

Additional encryption context of the browser settings.

", "CreateIpAccessSettingsRequest$additionalEncryptionContext": "

Additional encryption context of the IP access settings.

", - "CreatePortalRequest$additionalEncryptionContext": "

The additional encryption context of the portal.

" + "CreatePortalRequest$additionalEncryptionContext": "

The additional encryption context of the portal.

", + "CreateUserSettingsRequest$additionalEncryptionContext": "

The additional encryption context of the user settings.

" } }, "ExceptionMessage": { @@ -1176,6 +1211,17 @@ "UpdateNetworkSettingsRequest$subnetIds": "

The subnets in which network interfaces are created to connect streaming instances to your VPC. At least two of these subnets must be in different availability zones.

" } }, + "SubresourceARN": { + "base": null, + "refs": { + "CreateIdentityProviderResponse$identityProviderArn": "

The ARN of the identity provider.

", + "DeleteIdentityProviderRequest$identityProviderArn": "

The ARN of the identity provider.

", + "GetIdentityProviderRequest$identityProviderArn": "

The ARN of the identity provider.

", + "IdentityProvider$identityProviderArn": "

The ARN of the identity provider.

", + "IdentityProviderSummary$identityProviderArn": "

The ARN of the identity provider.

", + "UpdateIdentityProviderRequest$identityProviderArn": "

The ARN of the identity provider.

" + } + }, "Tag": { "base": "

The tag.

", "refs": { @@ -1437,7 +1483,8 @@ "refs": { "CreateBrowserSettingsRequest$customerManagedKey": "

The custom managed key of the browser settings.

", "CreateIpAccessSettingsRequest$customerManagedKey": "

The custom managed key of the IP access settings.

", - "CreatePortalRequest$customerManagedKey": "

The customer managed key of the web portal.

" + "CreatePortalRequest$customerManagedKey": "

The customer managed key of the web portal.

", + "CreateUserSettingsRequest$customerManagedKey": "

The customer managed key used to encrypt sensitive information in the user settings.

" } } } diff --git a/models/apis/workspaces-web/2020-07-08/endpoint-rule-set-1.json b/models/apis/workspaces-web/2020-07-08/endpoint-rule-set-1.json index 1552c84bcb8..7124ded3a94 100644 --- a/models/apis/workspaces-web/2020-07-08/endpoint-rule-set-1.json +++ b/models/apis/workspaces-web/2020-07-08/endpoint-rule-set-1.json @@ -58,52 +58,56 @@ "type": "error" }, { - "conditions": [], - "type": "tree", - "rules": [ + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" + "ref": "UseDualStack" }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" + true + ] } - ] + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, { - "conditions": [], + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], "type": "tree", "rules": [ { "conditions": [ { - "fn": "isSet", + "fn": "aws.partition", "argv": [ { "ref": "Region" } - ] + ], + "assign": "PartitionResult" } ], "type": "tree", @@ -111,13 +115,22 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "booleanEquals", "argv": [ { - "ref": "Region" - } - ], - "assign": "PartitionResult" + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] } ], "type": "tree", @@ -127,224 +140,175 @@ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] }, { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://workspaces-web-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" + "endpoint": { + "url": "https://workspaces-web-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ { - "conditions": [], - "endpoint": { - "url": "https://workspaces-web-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsFIPS" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" + "endpoint": { + "url": "https://workspaces-web-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://workspaces-web.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } - ] - }, - { - "conditions": [], + ], "type": "tree", "rules": [ { "conditions": [], "endpoint": { - "url": "https://workspaces-web.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://workspaces-web.{Region}.{PartitionResult#dualStackDnsSuffix}", "properties": {}, "headers": {} }, "type": "endpoint" } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://workspaces-web.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } \ No newline at end of file diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 0edeb02db0b..c29cd48dfc2 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -522,6 +522,7 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "il-central-1" : { }, "me-south-1" : { }, "sa-east-1" : { }, "us-east-1" : { @@ -1612,6 +1613,12 @@ "tags" : [ "dualstack" ] } ] }, + "il-central-1" : { + "variants" : [ { + "hostname" : "appmesh.il-central-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, "me-south-1" : { "variants" : [ { "hostname" : "appmesh.me-south-1.api.aws", diff --git a/service/backup/api.go b/service/backup/api.go index 9d09c5be379..ae352641495 100644 --- a/service/backup/api.go +++ b/service/backup/api.go @@ -632,10 +632,11 @@ func (c *Backup) CreateLogicallyAirGappedBackupVaultRequest(input *CreateLogical // CreateLogicallyAirGappedBackupVault API operation for AWS Backup. // -// This request creates a logical container where backups are stored. +// This request creates a logical container to where backups may be copied. // -// This request includes a name, optionally one or more resource tags, an encryption -// key, and a request ID. +// This request includes a name, the Region, the maximum number of retention +// days, the minimum number of retention days, and optionally can include tags +// and a creator request ID. // // Do not include sensitive data, such as passport numbers, in the name of a // backup vault. @@ -12995,8 +12996,7 @@ type FrameworkControl struct { // The scope of a control. The control scope defines what the control will evaluate. // Three examples of control scopes are: a specific backup plan, all backup - // plans with a specific tag, or all backup plans. For more information, see - // ControlScope. (aws-backup/latest/devguide/API_ControlScope.html) + // plans with a specific tag, or all backup plans. ControlScope *ControlScope `type:"structure"` } @@ -19313,6 +19313,10 @@ type Rule struct { // For a table of examples, click the preceding link and scroll down the page. ScheduleExpression *string `type:"string"` + // This is the timezone in which the schedule expression is set. By default, + // ScheduleExpressions are in UTC. You can modify this to a specified timezone. + ScheduleExpressionTimezone *string `type:"string"` + // A value in minutes after a backup is scheduled before a job will be canceled // if it doesn't start successfully. This value is optional. If this value is // included, it must be at least 60 minutes to avoid errors. @@ -19401,6 +19405,12 @@ func (s *Rule) SetScheduleExpression(v string) *Rule { return s } +// SetScheduleExpressionTimezone sets the ScheduleExpressionTimezone field's value. +func (s *Rule) SetScheduleExpressionTimezone(v string) *Rule { + s.ScheduleExpressionTimezone = &v + return s +} + // SetStartWindowMinutes sets the StartWindowMinutes field's value. func (s *Rule) SetStartWindowMinutes(v int64) *Rule { s.StartWindowMinutes = &v @@ -19464,6 +19474,10 @@ type RuleInput struct { // A CRON expression in UTC specifying when Backup initiates a backup job. ScheduleExpression *string `type:"string"` + // This is the timezone in which the schedule expression is set. By default, + // ScheduleExpressions are in UTC. You can modify this to a specified timezone. + ScheduleExpressionTimezone *string `type:"string"` + // A value in minutes after a backup is scheduled before a job will be canceled // if it doesn't start successfully. This value is optional. If this value is // included, it must be at least 60 minutes to avoid errors. @@ -19574,6 +19588,12 @@ func (s *RuleInput) SetScheduleExpression(v string) *RuleInput { return s } +// SetScheduleExpressionTimezone sets the ScheduleExpressionTimezone field's value. +func (s *RuleInput) SetScheduleExpressionTimezone(v string) *RuleInput { + s.ScheduleExpressionTimezone = &v + return s +} + // SetStartWindowMinutes sets the StartWindowMinutes field's value. func (s *RuleInput) SetStartWindowMinutes(v int64) *RuleInput { s.StartWindowMinutes = &v diff --git a/service/computeoptimizer/api.go b/service/computeoptimizer/api.go index 98499b11c8e..8277d2007da 100644 --- a/service/computeoptimizer/api.go +++ b/service/computeoptimizer/api.go @@ -829,6 +829,116 @@ func (c *ComputeOptimizer) ExportLambdaFunctionRecommendationsWithContext(ctx aw return out, req.Send() } +const opExportLicenseRecommendations = "ExportLicenseRecommendations" + +// ExportLicenseRecommendationsRequest generates a "aws/request.Request" representing the +// client's request for the ExportLicenseRecommendations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ExportLicenseRecommendations for more information on using the ExportLicenseRecommendations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ExportLicenseRecommendationsRequest method. +// req, resp := client.ExportLicenseRecommendationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/compute-optimizer-2019-11-01/ExportLicenseRecommendations +func (c *ComputeOptimizer) ExportLicenseRecommendationsRequest(input *ExportLicenseRecommendationsInput) (req *request.Request, output *ExportLicenseRecommendationsOutput) { + op := &request.Operation{ + Name: opExportLicenseRecommendations, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ExportLicenseRecommendationsInput{} + } + + output = &ExportLicenseRecommendationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ExportLicenseRecommendations API operation for AWS Compute Optimizer. +// +// Export optimization recommendations for your licenses. +// +// Recommendations are exported in a comma-separated values (CSV) file, and +// its metadata in a JavaScript Object Notation (JSON) file, to an existing +// Amazon Simple Storage Service (Amazon S3) bucket that you specify. For more +// information, see Exporting Recommendations (https://docs.aws.amazon.com/compute-optimizer/latest/ug/exporting-recommendations.html) +// in the Compute Optimizer User Guide. +// +// You can have only one license export job in progress per Amazon Web Services +// Region. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Compute Optimizer's +// API operation ExportLicenseRecommendations for usage and error information. +// +// Returned Error Types: +// +// - OptInRequiredException +// The account is not opted in to Compute Optimizer. +// +// - InternalServerException +// An internal error has occurred. Try your call again. +// +// - ServiceUnavailableException +// The request has failed due to a temporary failure of the server. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// - InvalidParameterValueException +// The value supplied for the input parameter is out of range or not valid. +// +// - MissingAuthenticationToken +// The request must contain either a valid (registered) Amazon Web Services +// access key ID or X.509 certificate. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// - LimitExceededException +// The request exceeds a limit of the service. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/compute-optimizer-2019-11-01/ExportLicenseRecommendations +func (c *ComputeOptimizer) ExportLicenseRecommendations(input *ExportLicenseRecommendationsInput) (*ExportLicenseRecommendationsOutput, error) { + req, out := c.ExportLicenseRecommendationsRequest(input) + return out, req.Send() +} + +// ExportLicenseRecommendationsWithContext is the same as ExportLicenseRecommendations with the addition of +// the ability to pass a context and additional request options. +// +// See ExportLicenseRecommendations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ComputeOptimizer) ExportLicenseRecommendationsWithContext(ctx aws.Context, input *ExportLicenseRecommendationsInput, opts ...request.Option) (*ExportLicenseRecommendationsOutput, error) { + req, out := c.ExportLicenseRecommendationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetAutoScalingGroupRecommendations = "GetAutoScalingGroupRecommendations" // GetAutoScalingGroupRecommendationsRequest generates a "aws/request.Request" representing the @@ -1988,6 +2098,113 @@ func (c *ComputeOptimizer) GetLambdaFunctionRecommendationsPagesWithContext(ctx return p.Err() } +const opGetLicenseRecommendations = "GetLicenseRecommendations" + +// GetLicenseRecommendationsRequest generates a "aws/request.Request" representing the +// client's request for the GetLicenseRecommendations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetLicenseRecommendations for more information on using the GetLicenseRecommendations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetLicenseRecommendationsRequest method. +// req, resp := client.GetLicenseRecommendationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/compute-optimizer-2019-11-01/GetLicenseRecommendations +func (c *ComputeOptimizer) GetLicenseRecommendationsRequest(input *GetLicenseRecommendationsInput) (req *request.Request, output *GetLicenseRecommendationsOutput) { + op := &request.Operation{ + Name: opGetLicenseRecommendations, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetLicenseRecommendationsInput{} + } + + output = &GetLicenseRecommendationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetLicenseRecommendations API operation for AWS Compute Optimizer. +// +// Returns license recommendations for Amazon EC2 instances that run on a specific +// license. +// +// Compute Optimizer generates recommendations for licenses that meet a specific +// set of requirements. For more information, see the Supported resources and +// requirements (https://docs.aws.amazon.com/compute-optimizer/latest/ug/requirements.html) +// in the Compute Optimizer User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Compute Optimizer's +// API operation GetLicenseRecommendations for usage and error information. +// +// Returned Error Types: +// +// - OptInRequiredException +// The account is not opted in to Compute Optimizer. +// +// - InternalServerException +// An internal error has occurred. Try your call again. +// +// - ServiceUnavailableException +// The request has failed due to a temporary failure of the server. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// - InvalidParameterValueException +// The value supplied for the input parameter is out of range or not valid. +// +// - ResourceNotFoundException +// A resource that is required for the action doesn't exist. +// +// - MissingAuthenticationToken +// The request must contain either a valid (registered) Amazon Web Services +// access key ID or X.509 certificate. +// +// - ThrottlingException +// The request was denied due to request throttling. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/compute-optimizer-2019-11-01/GetLicenseRecommendations +func (c *ComputeOptimizer) GetLicenseRecommendations(input *GetLicenseRecommendationsInput) (*GetLicenseRecommendationsOutput, error) { + req, out := c.GetLicenseRecommendationsRequest(input) + return out, req.Send() +} + +// GetLicenseRecommendationsWithContext is the same as GetLicenseRecommendations with the addition of +// the ability to pass a context and additional request options. +// +// See GetLicenseRecommendations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ComputeOptimizer) GetLicenseRecommendationsWithContext(ctx aws.Context, input *GetLicenseRecommendationsInput, opts ...request.Option) (*GetLicenseRecommendationsOutput, error) { + req, out := c.GetLicenseRecommendationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetRecommendationPreferences = "GetRecommendationPreferences" // GetRecommendationPreferencesRequest generates a "aws/request.Request" representing the @@ -5282,18 +5499,69 @@ func (s *ExportLambdaFunctionRecommendationsOutput) SetS3Destination(v *S3Destin return s } -// Describes Compute Optimizer's integration status with your chosen external -// metric provider. For example, Datadog. -type ExternalMetricStatus struct { +type ExportLicenseRecommendationsInput struct { _ struct{} `type:"structure"` - // The status code for Compute Optimizer's integration with an external metrics - // provider. - StatusCode *string `locationName:"statusCode" type:"string" enum:"ExternalMetricStatusCode"` + // The IDs of the Amazon Web Services accounts for which to export license recommendations. + // + // If your account is the management account of an organization, use this parameter + // to specify the member account for which you want to export recommendations. + // + // This parameter can't be specified together with the include member accounts + // parameter. The parameters are mutually exclusive. + // + // If this parameter is omitted, recommendations for member accounts aren't + // included in the export. + // + // You can specify multiple account IDs per request. + AccountIds []*string `locationName:"accountIds" type:"list"` - // The reason for Compute Optimizer's integration status with your external - // metric provider. - StatusReason *string `locationName:"statusReason" type:"string"` + // The recommendations data to include in the export file. For more information + // about the fields that can be exported, see Exported files (https://docs.aws.amazon.com/compute-optimizer/latest/ug/exporting-recommendations.html#exported-files) + // in the Compute Optimizer User Guide. + FieldsToExport []*string `locationName:"fieldsToExport" type:"list" enum:"ExportableLicenseField"` + + // The format of the export file. + // + // A CSV file is the only export format currently supported. + FileFormat *string `locationName:"fileFormat" type:"string" enum:"FileFormat"` + + // An array of objects to specify a filter that exports a more specific set + // of license recommendations. + Filters []*LicenseRecommendationFilter `locationName:"filters" type:"list"` + + // Indicates whether to include recommendations for resources in all member + // accounts of the organization if your account is the management account of + // an organization. + // + // The member accounts must also be opted in to Compute Optimizer, and trusted + // access for Compute Optimizer must be enabled in the organization account. + // For more information, see Compute Optimizer and Amazon Web Services Organizations + // trusted access (https://docs.aws.amazon.com/compute-optimizer/latest/ug/security-iam.html#trusted-service-access) + // in the Compute Optimizer User Guide. + // + // If this parameter is omitted, recommendations for member accounts of the + // organization aren't included in the export file . + // + // This parameter cannot be specified together with the account IDs parameter. + // The parameters are mutually exclusive. + IncludeMemberAccounts *bool `locationName:"includeMemberAccounts" type:"boolean"` + + // Describes the destination Amazon Simple Storage Service (Amazon S3) bucket + // name and key prefix for a recommendations export job. + // + // You must create the destination Amazon S3 bucket for your recommendations + // export before you create the export job. Compute Optimizer does not create + // the S3 bucket for you. After you create the S3 bucket, ensure that it has + // the required permission policy to allow Compute Optimizer to write the export + // file to it. If you plan to specify an object prefix when you create the export + // job, you must include the object prefix in the policy that you add to the + // S3 bucket. For more information, see Amazon S3 Bucket Policy for Compute + // Optimizer (https://docs.aws.amazon.com/compute-optimizer/latest/ug/create-s3-bucket-policy-for-compute-optimizer.html) + // in the Compute Optimizer User Guide. + // + // S3DestinationConfig is a required field + S3DestinationConfig *S3DestinationConfig `locationName:"s3DestinationConfig" type:"structure" required:"true"` } // String returns the string representation. @@ -5301,7 +5569,7 @@ type ExternalMetricStatus struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExternalMetricStatus) String() string { +func (s ExportLicenseRecommendationsInput) String() string { return awsutil.Prettify(s) } @@ -5310,25 +5578,151 @@ func (s ExternalMetricStatus) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExternalMetricStatus) GoString() string { +func (s ExportLicenseRecommendationsInput) GoString() string { return s.String() } -// SetStatusCode sets the StatusCode field's value. -func (s *ExternalMetricStatus) SetStatusCode(v string) *ExternalMetricStatus { - s.StatusCode = &v - return s +// Validate inspects the fields of the type to determine if they are valid. +func (s *ExportLicenseRecommendationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ExportLicenseRecommendationsInput"} + if s.S3DestinationConfig == nil { + invalidParams.Add(request.NewErrParamRequired("S3DestinationConfig")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetStatusReason sets the StatusReason field's value. -func (s *ExternalMetricStatus) SetStatusReason(v string) *ExternalMetricStatus { - s.StatusReason = &v +// SetAccountIds sets the AccountIds field's value. +func (s *ExportLicenseRecommendationsInput) SetAccountIds(v []*string) *ExportLicenseRecommendationsInput { + s.AccountIds = v return s } -// Describes the external metrics preferences for EC2 rightsizing recommendations. -type ExternalMetricsPreference struct { - _ struct{} `type:"structure"` +// SetFieldsToExport sets the FieldsToExport field's value. +func (s *ExportLicenseRecommendationsInput) SetFieldsToExport(v []*string) *ExportLicenseRecommendationsInput { + s.FieldsToExport = v + return s +} + +// SetFileFormat sets the FileFormat field's value. +func (s *ExportLicenseRecommendationsInput) SetFileFormat(v string) *ExportLicenseRecommendationsInput { + s.FileFormat = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *ExportLicenseRecommendationsInput) SetFilters(v []*LicenseRecommendationFilter) *ExportLicenseRecommendationsInput { + s.Filters = v + return s +} + +// SetIncludeMemberAccounts sets the IncludeMemberAccounts field's value. +func (s *ExportLicenseRecommendationsInput) SetIncludeMemberAccounts(v bool) *ExportLicenseRecommendationsInput { + s.IncludeMemberAccounts = &v + return s +} + +// SetS3DestinationConfig sets the S3DestinationConfig field's value. +func (s *ExportLicenseRecommendationsInput) SetS3DestinationConfig(v *S3DestinationConfig) *ExportLicenseRecommendationsInput { + s.S3DestinationConfig = v + return s +} + +type ExportLicenseRecommendationsOutput struct { + _ struct{} `type:"structure"` + + // The identification number of the export job. + // + // To view the status of an export job, use the DescribeRecommendationExportJobs + // action and specify the job ID. + JobId *string `locationName:"jobId" type:"string"` + + // Describes the destination Amazon Simple Storage Service (Amazon S3) bucket + // name and object keys of a recommendations export file, and its associated + // metadata file. + S3Destination *S3Destination `locationName:"s3Destination" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportLicenseRecommendationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportLicenseRecommendationsOutput) GoString() string { + return s.String() +} + +// SetJobId sets the JobId field's value. +func (s *ExportLicenseRecommendationsOutput) SetJobId(v string) *ExportLicenseRecommendationsOutput { + s.JobId = &v + return s +} + +// SetS3Destination sets the S3Destination field's value. +func (s *ExportLicenseRecommendationsOutput) SetS3Destination(v *S3Destination) *ExportLicenseRecommendationsOutput { + s.S3Destination = v + return s +} + +// Describes Compute Optimizer's integration status with your chosen external +// metric provider. For example, Datadog. +type ExternalMetricStatus struct { + _ struct{} `type:"structure"` + + // The status code for Compute Optimizer's integration with an external metrics + // provider. + StatusCode *string `locationName:"statusCode" type:"string" enum:"ExternalMetricStatusCode"` + + // The reason for Compute Optimizer's integration status with your external + // metric provider. + StatusReason *string `locationName:"statusReason" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExternalMetricStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExternalMetricStatus) GoString() string { + return s.String() +} + +// SetStatusCode sets the StatusCode field's value. +func (s *ExternalMetricStatus) SetStatusCode(v string) *ExternalMetricStatus { + s.StatusCode = &v + return s +} + +// SetStatusReason sets the StatusReason field's value. +func (s *ExternalMetricStatus) SetStatusReason(v string) *ExternalMetricStatus { + s.StatusReason = &v + return s +} + +// Describes the external metrics preferences for EC2 rightsizing recommendations. +type ExternalMetricsPreference struct { + _ struct{} `type:"structure"` // Contains the source options for external metrics preferences. Source *string `locationName:"source" type:"string" enum:"ExternalMetricsSource"` @@ -6753,6 +7147,135 @@ func (s *GetLambdaFunctionRecommendationsOutput) SetNextToken(v string) *GetLamb return s } +type GetLicenseRecommendationsInput struct { + _ struct{} `type:"structure"` + + // The ID of the Amazon Web Services account for which to return license recommendations. + // + // If your account is the management account of an organization, use this parameter + // to specify the member account for which you want to return license recommendations. + // + // Only one account ID can be specified per request. + AccountIds []*string `locationName:"accountIds" type:"list"` + + // An array of objects to specify a filter that returns a more specific list + // of license recommendations. + Filters []*LicenseRecommendationFilter `locationName:"filters" type:"list"` + + // The maximum number of license recommendations to return with a single request. + // + // To retrieve the remaining results, make another request with the returned + // nextToken value. + MaxResults *int64 `locationName:"maxResults" type:"integer"` + + // The token to advance to the next page of license recommendations. + NextToken *string `locationName:"nextToken" type:"string"` + + // The ARN that identifies the Amazon EC2 instance. + // + // The following is the format of the ARN: + // + // arn:aws:ec2:region:aws_account_id:instance/instance-id + ResourceArns []*string `locationName:"resourceArns" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetLicenseRecommendationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetLicenseRecommendationsInput) GoString() string { + return s.String() +} + +// SetAccountIds sets the AccountIds field's value. +func (s *GetLicenseRecommendationsInput) SetAccountIds(v []*string) *GetLicenseRecommendationsInput { + s.AccountIds = v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetLicenseRecommendationsInput) SetFilters(v []*LicenseRecommendationFilter) *GetLicenseRecommendationsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetLicenseRecommendationsInput) SetMaxResults(v int64) *GetLicenseRecommendationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetLicenseRecommendationsInput) SetNextToken(v string) *GetLicenseRecommendationsInput { + s.NextToken = &v + return s +} + +// SetResourceArns sets the ResourceArns field's value. +func (s *GetLicenseRecommendationsInput) SetResourceArns(v []*string) *GetLicenseRecommendationsInput { + s.ResourceArns = v + return s +} + +type GetLicenseRecommendationsOutput struct { + _ struct{} `type:"structure"` + + // An array of objects that describe errors of the request. + Errors []*GetRecommendationError `locationName:"errors" type:"list"` + + // An array of objects that describe license recommendations. + LicenseRecommendations []*LicenseRecommendation `locationName:"licenseRecommendations" type:"list"` + + // The token to use to advance to the next page of license recommendations. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetLicenseRecommendationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetLicenseRecommendationsOutput) GoString() string { + return s.String() +} + +// SetErrors sets the Errors field's value. +func (s *GetLicenseRecommendationsOutput) SetErrors(v []*GetRecommendationError) *GetLicenseRecommendationsOutput { + s.Errors = v + return s +} + +// SetLicenseRecommendations sets the LicenseRecommendations field's value. +func (s *GetLicenseRecommendationsOutput) SetLicenseRecommendations(v []*LicenseRecommendation) *GetLicenseRecommendationsOutput { + s.LicenseRecommendations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetLicenseRecommendationsOutput) SetNextToken(v string) *GetLicenseRecommendationsOutput { + s.NextToken = &v + return s +} + // Describes an error experienced when getting recommendations. // // For example, an error is returned if you request recommendations for an unsupported @@ -8067,115 +8590,485 @@ func (s *LambdaFunctionRecommendation) SetCurrentMemorySize(v int64) *LambdaFunc return s } -// SetCurrentPerformanceRisk sets the CurrentPerformanceRisk field's value. -func (s *LambdaFunctionRecommendation) SetCurrentPerformanceRisk(v string) *LambdaFunctionRecommendation { - s.CurrentPerformanceRisk = &v +// SetCurrentPerformanceRisk sets the CurrentPerformanceRisk field's value. +func (s *LambdaFunctionRecommendation) SetCurrentPerformanceRisk(v string) *LambdaFunctionRecommendation { + s.CurrentPerformanceRisk = &v + return s +} + +// SetFinding sets the Finding field's value. +func (s *LambdaFunctionRecommendation) SetFinding(v string) *LambdaFunctionRecommendation { + s.Finding = &v + return s +} + +// SetFindingReasonCodes sets the FindingReasonCodes field's value. +func (s *LambdaFunctionRecommendation) SetFindingReasonCodes(v []*string) *LambdaFunctionRecommendation { + s.FindingReasonCodes = v + return s +} + +// SetFunctionArn sets the FunctionArn field's value. +func (s *LambdaFunctionRecommendation) SetFunctionArn(v string) *LambdaFunctionRecommendation { + s.FunctionArn = &v + return s +} + +// SetFunctionVersion sets the FunctionVersion field's value. +func (s *LambdaFunctionRecommendation) SetFunctionVersion(v string) *LambdaFunctionRecommendation { + s.FunctionVersion = &v + return s +} + +// SetLastRefreshTimestamp sets the LastRefreshTimestamp field's value. +func (s *LambdaFunctionRecommendation) SetLastRefreshTimestamp(v time.Time) *LambdaFunctionRecommendation { + s.LastRefreshTimestamp = &v + return s +} + +// SetLookbackPeriodInDays sets the LookbackPeriodInDays field's value. +func (s *LambdaFunctionRecommendation) SetLookbackPeriodInDays(v float64) *LambdaFunctionRecommendation { + s.LookbackPeriodInDays = &v + return s +} + +// SetMemorySizeRecommendationOptions sets the MemorySizeRecommendationOptions field's value. +func (s *LambdaFunctionRecommendation) SetMemorySizeRecommendationOptions(v []*LambdaFunctionMemoryRecommendationOption) *LambdaFunctionRecommendation { + s.MemorySizeRecommendationOptions = v + return s +} + +// SetNumberOfInvocations sets the NumberOfInvocations field's value. +func (s *LambdaFunctionRecommendation) SetNumberOfInvocations(v int64) *LambdaFunctionRecommendation { + s.NumberOfInvocations = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *LambdaFunctionRecommendation) SetTags(v []*Tag) *LambdaFunctionRecommendation { + s.Tags = v + return s +} + +// SetUtilizationMetrics sets the UtilizationMetrics field's value. +func (s *LambdaFunctionRecommendation) SetUtilizationMetrics(v []*LambdaFunctionUtilizationMetric) *LambdaFunctionRecommendation { + s.UtilizationMetrics = v + return s +} + +// Describes a filter that returns a more specific list of Lambda function recommendations. +// Use this filter with the GetLambdaFunctionRecommendations action. +// +// You can use EBSFilter with the GetEBSVolumeRecommendations action, JobFilter +// with the DescribeRecommendationExportJobs action, and Filter with the GetAutoScalingGroupRecommendations +// and GetEC2InstanceRecommendations actions. +type LambdaFunctionRecommendationFilter struct { + _ struct{} `type:"structure"` + + // The name of the filter. + // + // Specify Finding to return recommendations with a specific finding classification + // (for example, NotOptimized). + // + // Specify FindingReasonCode to return recommendations with a specific finding + // reason code (for example, MemoryUnderprovisioned). + // + // You can filter your Lambda function recommendations by tag:key and tag-key + // tags. + // + // A tag:key is a key and value combination of a tag assigned to your Lambda + // function recommendations. Use the tag key in the filter name and the tag + // value as the filter value. For example, to find all Lambda function recommendations + // that have a tag with the key of Owner and the value of TeamA, specify tag:Owner + // for the filter name and TeamA for the filter value. + // + // A tag-key is the key of a tag assigned to your Lambda function recommendations. + // Use this filter to find all of your Lambda function recommendations that + // have a tag with a specific key. This doesn’t consider the tag value. For + // example, you can find your Lambda function recommendations with a tag key + // value of Owner or without any tag keys assigned. + Name *string `locationName:"name" type:"string" enum:"LambdaFunctionRecommendationFilterName"` + + // The value of the filter. + // + // The valid values for this parameter are as follows, depending on what you + // specify for the name parameter: + // + // * Specify Optimized, NotOptimized, or Unavailable if you specify the name + // parameter as Finding. + // + // * Specify MemoryOverprovisioned, MemoryUnderprovisioned, InsufficientData, + // or Inconclusive if you specify the name parameter as FindingReasonCode. + Values []*string `locationName:"values" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LambdaFunctionRecommendationFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LambdaFunctionRecommendationFilter) GoString() string { + return s.String() +} + +// SetName sets the Name field's value. +func (s *LambdaFunctionRecommendationFilter) SetName(v string) *LambdaFunctionRecommendationFilter { + s.Name = &v + return s +} + +// SetValues sets the Values field's value. +func (s *LambdaFunctionRecommendationFilter) SetValues(v []*string) *LambdaFunctionRecommendationFilter { + s.Values = v + return s +} + +// Describes a utilization metric of an Lambda function. +type LambdaFunctionUtilizationMetric struct { + _ struct{} `type:"structure"` + + // The name of the utilization metric. + // + // The following utilization metrics are available: + // + // * Duration - The amount of time that your function code spends processing + // an event. + // + // * Memory - The amount of memory used per invocation. + Name *string `locationName:"name" type:"string" enum:"LambdaFunctionMetricName"` + + // The statistic of the utilization metric. + // + // The Compute Optimizer API, Command Line Interface (CLI), and SDKs return + // utilization metrics using only the Maximum statistic, which is the highest + // value observed during the specified period. + // + // The Compute Optimizer console displays graphs for some utilization metrics + // using the Average statistic, which is the value of Sum / SampleCount during + // the specified period. For more information, see Viewing resource recommendations + // (https://docs.aws.amazon.com/compute-optimizer/latest/ug/viewing-recommendations.html) + // in the Compute Optimizer User Guide. You can also get averaged utilization + // metric data for your resources using Amazon CloudWatch. For more information, + // see the Amazon CloudWatch User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html). + Statistic *string `locationName:"statistic" type:"string" enum:"LambdaFunctionMetricStatistic"` + + // The value of the utilization metric. + Value *float64 `locationName:"value" type:"double"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LambdaFunctionUtilizationMetric) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LambdaFunctionUtilizationMetric) GoString() string { + return s.String() +} + +// SetName sets the Name field's value. +func (s *LambdaFunctionUtilizationMetric) SetName(v string) *LambdaFunctionUtilizationMetric { + s.Name = &v + return s +} + +// SetStatistic sets the Statistic field's value. +func (s *LambdaFunctionUtilizationMetric) SetStatistic(v string) *LambdaFunctionUtilizationMetric { + s.Statistic = &v + return s +} + +// SetValue sets the Value field's value. +func (s *LambdaFunctionUtilizationMetric) SetValue(v float64) *LambdaFunctionUtilizationMetric { + s.Value = &v + return s +} + +// Describes the configuration of a license for an Amazon EC2 instance. +type LicenseConfiguration struct { + _ struct{} `type:"structure"` + + // The instance type used in the license. + InstanceType *string `locationName:"instanceType" type:"string"` + + // The edition of the license for the application that runs on the instance. + LicenseEdition *string `locationName:"licenseEdition" type:"string" enum:"LicenseEdition"` + + // The license type associated with the instance. + LicenseModel *string `locationName:"licenseModel" type:"string" enum:"LicenseModel"` + + // The name of the license for the application that runs on the instance. + LicenseName *string `locationName:"licenseName" type:"string" enum:"LicenseName"` + + // The version of the license for the application that runs on the instance. + LicenseVersion *string `locationName:"licenseVersion" type:"string"` + + // The list of metric sources required to generate recommendations for commercial + // software licenses. + MetricsSource []*MetricSource `locationName:"metricsSource" type:"list"` + + // The current number of cores associated with the instance. + NumberOfCores *int64 `locationName:"numberOfCores" type:"integer"` + + // The operating system of the instance. + OperatingSystem *string `locationName:"operatingSystem" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LicenseConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LicenseConfiguration) GoString() string { + return s.String() +} + +// SetInstanceType sets the InstanceType field's value. +func (s *LicenseConfiguration) SetInstanceType(v string) *LicenseConfiguration { + s.InstanceType = &v + return s +} + +// SetLicenseEdition sets the LicenseEdition field's value. +func (s *LicenseConfiguration) SetLicenseEdition(v string) *LicenseConfiguration { + s.LicenseEdition = &v + return s +} + +// SetLicenseModel sets the LicenseModel field's value. +func (s *LicenseConfiguration) SetLicenseModel(v string) *LicenseConfiguration { + s.LicenseModel = &v + return s +} + +// SetLicenseName sets the LicenseName field's value. +func (s *LicenseConfiguration) SetLicenseName(v string) *LicenseConfiguration { + s.LicenseName = &v + return s +} + +// SetLicenseVersion sets the LicenseVersion field's value. +func (s *LicenseConfiguration) SetLicenseVersion(v string) *LicenseConfiguration { + s.LicenseVersion = &v + return s +} + +// SetMetricsSource sets the MetricsSource field's value. +func (s *LicenseConfiguration) SetMetricsSource(v []*MetricSource) *LicenseConfiguration { + s.MetricsSource = v + return s +} + +// SetNumberOfCores sets the NumberOfCores field's value. +func (s *LicenseConfiguration) SetNumberOfCores(v int64) *LicenseConfiguration { + s.NumberOfCores = &v + return s +} + +// SetOperatingSystem sets the OperatingSystem field's value. +func (s *LicenseConfiguration) SetOperatingSystem(v string) *LicenseConfiguration { + s.OperatingSystem = &v + return s +} + +// Describes a license recommendation for an EC2 instance. +type LicenseRecommendation struct { + _ struct{} `type:"structure"` + + // The Amazon Web Services account ID of the license. + AccountId *string `locationName:"accountId" type:"string"` + + // An object that describes the current configuration of an instance that runs + // on a license. + CurrentLicenseConfiguration *LicenseConfiguration `locationName:"currentLicenseConfiguration" type:"structure"` + + // The finding classification for an instance that runs on a license. + // + // Findings include: + // + // * InsufficentMetrics — When Compute Optimizer detects that your CloudWatch + // Application Insights isn't enabled or is enabled with insufficient permissions. + // + // * NotOptimized — When Compute Optimizer detects that your EC2 infrastructure + // isn't using any of the SQL server license features you're paying for, + // a license is considered not optimized. + // + // * Optimized — When Compute Optimizer detects that all specifications + // of your license meet the performance requirements of your workload. + Finding *string `locationName:"finding" type:"string" enum:"LicenseFinding"` + + // The reason for the finding classification for an instance that runs on a + // license. + // + // Finding reason codes include: + // + // * Optimized — All specifications of your license meet the performance + // requirements of your workload. + // + // * LicenseOverprovisioned — A license is considered over-provisioned + // when your license can be downgraded while still meeting the performance + // requirements of your workload. + // + // * InvalidCloudwatchApplicationInsights — CloudWatch Application Insights + // isn't configured properly. + // + // * CloudwatchApplicationInsightsError — There is a CloudWatch Application + // Insights error. + FindingReasonCodes []*string `locationName:"findingReasonCodes" type:"list" enum:"LicenseFindingReasonCode"` + + // The timestamp of when the license recommendation was last generated. + LastRefreshTimestamp *time.Time `locationName:"lastRefreshTimestamp" type:"timestamp"` + + // An array of objects that describe the license recommendation options. + LicenseRecommendationOptions []*LicenseRecommendationOption `locationName:"licenseRecommendationOptions" type:"list"` + + // The number of days for which utilization metrics were analyzed for an instance + // that runs on a license. + LookbackPeriodInDays *float64 `locationName:"lookbackPeriodInDays" type:"double"` + + // The ARN that identifies the Amazon EC2 instance. + ResourceArn *string `locationName:"resourceArn" type:"string"` + + // A list of tags assigned to an EC2 instance. + Tags []*Tag `locationName:"tags" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LicenseRecommendation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LicenseRecommendation) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *LicenseRecommendation) SetAccountId(v string) *LicenseRecommendation { + s.AccountId = &v + return s +} + +// SetCurrentLicenseConfiguration sets the CurrentLicenseConfiguration field's value. +func (s *LicenseRecommendation) SetCurrentLicenseConfiguration(v *LicenseConfiguration) *LicenseRecommendation { + s.CurrentLicenseConfiguration = v return s } // SetFinding sets the Finding field's value. -func (s *LambdaFunctionRecommendation) SetFinding(v string) *LambdaFunctionRecommendation { +func (s *LicenseRecommendation) SetFinding(v string) *LicenseRecommendation { s.Finding = &v return s } // SetFindingReasonCodes sets the FindingReasonCodes field's value. -func (s *LambdaFunctionRecommendation) SetFindingReasonCodes(v []*string) *LambdaFunctionRecommendation { +func (s *LicenseRecommendation) SetFindingReasonCodes(v []*string) *LicenseRecommendation { s.FindingReasonCodes = v return s } -// SetFunctionArn sets the FunctionArn field's value. -func (s *LambdaFunctionRecommendation) SetFunctionArn(v string) *LambdaFunctionRecommendation { - s.FunctionArn = &v - return s -} - -// SetFunctionVersion sets the FunctionVersion field's value. -func (s *LambdaFunctionRecommendation) SetFunctionVersion(v string) *LambdaFunctionRecommendation { - s.FunctionVersion = &v - return s -} - // SetLastRefreshTimestamp sets the LastRefreshTimestamp field's value. -func (s *LambdaFunctionRecommendation) SetLastRefreshTimestamp(v time.Time) *LambdaFunctionRecommendation { +func (s *LicenseRecommendation) SetLastRefreshTimestamp(v time.Time) *LicenseRecommendation { s.LastRefreshTimestamp = &v return s } -// SetLookbackPeriodInDays sets the LookbackPeriodInDays field's value. -func (s *LambdaFunctionRecommendation) SetLookbackPeriodInDays(v float64) *LambdaFunctionRecommendation { - s.LookbackPeriodInDays = &v +// SetLicenseRecommendationOptions sets the LicenseRecommendationOptions field's value. +func (s *LicenseRecommendation) SetLicenseRecommendationOptions(v []*LicenseRecommendationOption) *LicenseRecommendation { + s.LicenseRecommendationOptions = v return s } -// SetMemorySizeRecommendationOptions sets the MemorySizeRecommendationOptions field's value. -func (s *LambdaFunctionRecommendation) SetMemorySizeRecommendationOptions(v []*LambdaFunctionMemoryRecommendationOption) *LambdaFunctionRecommendation { - s.MemorySizeRecommendationOptions = v +// SetLookbackPeriodInDays sets the LookbackPeriodInDays field's value. +func (s *LicenseRecommendation) SetLookbackPeriodInDays(v float64) *LicenseRecommendation { + s.LookbackPeriodInDays = &v return s } -// SetNumberOfInvocations sets the NumberOfInvocations field's value. -func (s *LambdaFunctionRecommendation) SetNumberOfInvocations(v int64) *LambdaFunctionRecommendation { - s.NumberOfInvocations = &v +// SetResourceArn sets the ResourceArn field's value. +func (s *LicenseRecommendation) SetResourceArn(v string) *LicenseRecommendation { + s.ResourceArn = &v return s } // SetTags sets the Tags field's value. -func (s *LambdaFunctionRecommendation) SetTags(v []*Tag) *LambdaFunctionRecommendation { +func (s *LicenseRecommendation) SetTags(v []*Tag) *LicenseRecommendation { s.Tags = v return s } -// SetUtilizationMetrics sets the UtilizationMetrics field's value. -func (s *LambdaFunctionRecommendation) SetUtilizationMetrics(v []*LambdaFunctionUtilizationMetric) *LambdaFunctionRecommendation { - s.UtilizationMetrics = v - return s -} - -// Describes a filter that returns a more specific list of Lambda function recommendations. -// Use this filter with the GetLambdaFunctionRecommendations action. -// -// You can use EBSFilter with the GetEBSVolumeRecommendations action, JobFilter -// with the DescribeRecommendationExportJobs action, and Filter with the GetAutoScalingGroupRecommendations -// and GetEC2InstanceRecommendations actions. -type LambdaFunctionRecommendationFilter struct { +// Describes a filter that returns a more specific list of license recommendations. +// Use this filter with the GetLicenseRecommendation action. +type LicenseRecommendationFilter struct { _ struct{} `type:"structure"` // The name of the filter. // - // Specify Finding to return recommendations with a specific finding classification - // (for example, NotOptimized). + // Specify Finding to return recommendations with a specific finding classification. // // Specify FindingReasonCode to return recommendations with a specific finding - // reason code (for example, MemoryUnderprovisioned). + // reason code. // - // You can filter your Lambda function recommendations by tag:key and tag-key - // tags. + // You can filter your license recommendations by tag:key and tag-key tags. // - // A tag:key is a key and value combination of a tag assigned to your Lambda - // function recommendations. Use the tag key in the filter name and the tag - // value as the filter value. For example, to find all Lambda function recommendations - // that have a tag with the key of Owner and the value of TeamA, specify tag:Owner - // for the filter name and TeamA for the filter value. + // A tag:key is a key and value combination of a tag assigned to your license + // recommendations. Use the tag key in the filter name and the tag value as + // the filter value. For example, to find all license recommendations that have + // a tag with the key of Owner and the value of TeamA, specify tag:Owner for + // the filter name and TeamA for the filter value. // - // A tag-key is the key of a tag assigned to your Lambda function recommendations. - // Use this filter to find all of your Lambda function recommendations that - // have a tag with a specific key. This doesn’t consider the tag value. For - // example, you can find your Lambda function recommendations with a tag key - // value of Owner or without any tag keys assigned. - Name *string `locationName:"name" type:"string" enum:"LambdaFunctionRecommendationFilterName"` + // A tag-key is the key of a tag assigned to your license recommendations. Use + // this filter to find all of your license recommendations that have a tag with + // a specific key. This doesn’t consider the tag value. For example, you can + // find your license recommendations with a tag key value of Owner or without + // any tag keys assigned. + Name *string `locationName:"name" type:"string" enum:"LicenseRecommendationFilterName"` // The value of the filter. // // The valid values for this parameter are as follows, depending on what you // specify for the name parameter: // - // * Specify Optimized, NotOptimized, or Unavailable if you specify the name - // parameter as Finding. + // * If you specify the name parameter as Finding, then specify Optimized, + // NotOptimized, or InsufficentMetrics. // - // * Specify MemoryOverprovisioned, MemoryUnderprovisioned, InsufficientData, - // or Inconclusive if you specify the name parameter as FindingReasonCode. + // * If you specify the name parameter as FindingReasonCode, then specify + // Optimized, LicenseOverprovisioned, InvalidCloudwatchApplicationInsights, + // or CloudwatchApplicationInsightsError. Values []*string `locationName:"values" type:"list"` } @@ -8184,7 +9077,7 @@ type LambdaFunctionRecommendationFilter struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LambdaFunctionRecommendationFilter) String() string { +func (s LicenseRecommendationFilter) String() string { return awsutil.Prettify(s) } @@ -8193,53 +9086,58 @@ func (s LambdaFunctionRecommendationFilter) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LambdaFunctionRecommendationFilter) GoString() string { +func (s LicenseRecommendationFilter) GoString() string { return s.String() } // SetName sets the Name field's value. -func (s *LambdaFunctionRecommendationFilter) SetName(v string) *LambdaFunctionRecommendationFilter { +func (s *LicenseRecommendationFilter) SetName(v string) *LicenseRecommendationFilter { s.Name = &v return s } // SetValues sets the Values field's value. -func (s *LambdaFunctionRecommendationFilter) SetValues(v []*string) *LambdaFunctionRecommendationFilter { +func (s *LicenseRecommendationFilter) SetValues(v []*string) *LicenseRecommendationFilter { s.Values = v return s } -// Describes a utilization metric of an Lambda function. -type LambdaFunctionUtilizationMetric struct { +// Describes the recommendation options for licenses. +type LicenseRecommendationOption struct { _ struct{} `type:"structure"` - // The name of the utilization metric. - // - // The following utilization metrics are available: - // - // * Duration - The amount of time that your function code spends processing - // an event. + // The recommended edition of the license for the application that runs on the + // instance. + LicenseEdition *string `locationName:"licenseEdition" type:"string" enum:"LicenseEdition"` + + // The recommended license type associated with the instance. + LicenseModel *string `locationName:"licenseModel" type:"string" enum:"LicenseModel"` + + // The operating system of a license recommendation option. + OperatingSystem *string `locationName:"operatingSystem" type:"string"` + + // The rank of the license recommendation option. // - // * Memory - The amount of memory used per invocation. - Name *string `locationName:"name" type:"string" enum:"LambdaFunctionMetricName"` + // The top recommendation option is ranked as 1. + Rank *int64 `locationName:"rank" type:"integer"` - // The statistic of the utilization metric. + // Describes the savings opportunity for recommendations of a given resource + // type or for the recommendation option of an individual resource. // - // The Compute Optimizer API, Command Line Interface (CLI), and SDKs return - // utilization metrics using only the Maximum statistic, which is the highest - // value observed during the specified period. + // Savings opportunity represents the estimated monthly savings you can achieve + // by implementing a given Compute Optimizer recommendation. // - // The Compute Optimizer console displays graphs for some utilization metrics - // using the Average statistic, which is the value of Sum / SampleCount during - // the specified period. For more information, see Viewing resource recommendations - // (https://docs.aws.amazon.com/compute-optimizer/latest/ug/viewing-recommendations.html) - // in the Compute Optimizer User Guide. You can also get averaged utilization - // metric data for your resources using Amazon CloudWatch. For more information, - // see the Amazon CloudWatch User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html). - Statistic *string `locationName:"statistic" type:"string" enum:"LambdaFunctionMetricStatistic"` - - // The value of the utilization metric. - Value *float64 `locationName:"value" type:"double"` + // Savings opportunity data requires that you opt in to Cost Explorer, as well + // as activate Receive Amazon EC2 resource recommendations in the Cost Explorer + // preferences page. That creates a connection between Cost Explorer and Compute + // Optimizer. With this connection, Cost Explorer generates savings estimates + // considering the price of existing resources, the price of recommended resources, + // and historical usage data. Estimated monthly savings reflects the projected + // dollar savings associated with each of the recommendations generated. For + // more information, see Enabling Cost Explorer (https://docs.aws.amazon.com/cost-management/latest/userguide/ce-enable.html) + // and Optimizing your cost with Rightsizing Recommendations (https://docs.aws.amazon.com/cost-management/latest/userguide/ce-rightsizing.html) + // in the Cost Management User Guide. + SavingsOpportunity *SavingsOpportunity `locationName:"savingsOpportunity" type:"structure"` } // String returns the string representation. @@ -8247,7 +9145,7 @@ type LambdaFunctionUtilizationMetric struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LambdaFunctionUtilizationMetric) String() string { +func (s LicenseRecommendationOption) String() string { return awsutil.Prettify(s) } @@ -8256,25 +9154,37 @@ func (s LambdaFunctionUtilizationMetric) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LambdaFunctionUtilizationMetric) GoString() string { +func (s LicenseRecommendationOption) GoString() string { return s.String() } -// SetName sets the Name field's value. -func (s *LambdaFunctionUtilizationMetric) SetName(v string) *LambdaFunctionUtilizationMetric { - s.Name = &v +// SetLicenseEdition sets the LicenseEdition field's value. +func (s *LicenseRecommendationOption) SetLicenseEdition(v string) *LicenseRecommendationOption { + s.LicenseEdition = &v return s } -// SetStatistic sets the Statistic field's value. -func (s *LambdaFunctionUtilizationMetric) SetStatistic(v string) *LambdaFunctionUtilizationMetric { - s.Statistic = &v +// SetLicenseModel sets the LicenseModel field's value. +func (s *LicenseRecommendationOption) SetLicenseModel(v string) *LicenseRecommendationOption { + s.LicenseModel = &v return s } -// SetValue sets the Value field's value. -func (s *LambdaFunctionUtilizationMetric) SetValue(v float64) *LambdaFunctionUtilizationMetric { - s.Value = &v +// SetOperatingSystem sets the OperatingSystem field's value. +func (s *LicenseRecommendationOption) SetOperatingSystem(v string) *LicenseRecommendationOption { + s.OperatingSystem = &v + return s +} + +// SetRank sets the Rank field's value. +func (s *LicenseRecommendationOption) SetRank(v int64) *LicenseRecommendationOption { + s.Rank = &v + return s +} + +// SetSavingsOpportunity sets the SavingsOpportunity field's value. +func (s *LicenseRecommendationOption) SetSavingsOpportunity(v *SavingsOpportunity) *LicenseRecommendationOption { + s.SavingsOpportunity = v return s } @@ -8383,6 +9293,48 @@ func (s *MemorySizeConfiguration) SetMemoryReservation(v int64) *MemorySizeConfi return s } +// The list of metric sources required to generate recommendations for commercial +// software licenses. +type MetricSource struct { + _ struct{} `type:"structure"` + + // The name of the metric source provider. + Provider *string `locationName:"provider" type:"string" enum:"MetricSourceProvider"` + + // The ARN of the metric source provider. + ProviderArn *string `locationName:"providerArn" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MetricSource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MetricSource) GoString() string { + return s.String() +} + +// SetProvider sets the Provider field's value. +func (s *MetricSource) SetProvider(v string) *MetricSource { + s.Provider = &v + return s +} + +// SetProviderArn sets the ProviderArn field's value. +func (s *MetricSource) SetProviderArn(v string) *MetricSource { + s.ProviderArn = &v + return s +} + // The request must contain either a valid (registered) Amazon Web Services // access key ID or X.509 certificate. type MissingAuthenticationToken struct { @@ -11302,6 +12254,98 @@ func ExportableLambdaFunctionField_Values() []string { } } +const ( + // ExportableLicenseFieldAccountId is a ExportableLicenseField enum value + ExportableLicenseFieldAccountId = "AccountId" + + // ExportableLicenseFieldResourceArn is a ExportableLicenseField enum value + ExportableLicenseFieldResourceArn = "ResourceArn" + + // ExportableLicenseFieldLookbackPeriodInDays is a ExportableLicenseField enum value + ExportableLicenseFieldLookbackPeriodInDays = "LookbackPeriodInDays" + + // ExportableLicenseFieldLastRefreshTimestamp is a ExportableLicenseField enum value + ExportableLicenseFieldLastRefreshTimestamp = "LastRefreshTimestamp" + + // ExportableLicenseFieldFinding is a ExportableLicenseField enum value + ExportableLicenseFieldFinding = "Finding" + + // ExportableLicenseFieldFindingReasonCodes is a ExportableLicenseField enum value + ExportableLicenseFieldFindingReasonCodes = "FindingReasonCodes" + + // ExportableLicenseFieldCurrentLicenseConfigurationNumberOfCores is a ExportableLicenseField enum value + ExportableLicenseFieldCurrentLicenseConfigurationNumberOfCores = "CurrentLicenseConfigurationNumberOfCores" + + // ExportableLicenseFieldCurrentLicenseConfigurationInstanceType is a ExportableLicenseField enum value + ExportableLicenseFieldCurrentLicenseConfigurationInstanceType = "CurrentLicenseConfigurationInstanceType" + + // ExportableLicenseFieldCurrentLicenseConfigurationOperatingSystem is a ExportableLicenseField enum value + ExportableLicenseFieldCurrentLicenseConfigurationOperatingSystem = "CurrentLicenseConfigurationOperatingSystem" + + // ExportableLicenseFieldCurrentLicenseConfigurationLicenseName is a ExportableLicenseField enum value + ExportableLicenseFieldCurrentLicenseConfigurationLicenseName = "CurrentLicenseConfigurationLicenseName" + + // ExportableLicenseFieldCurrentLicenseConfigurationLicenseEdition is a ExportableLicenseField enum value + ExportableLicenseFieldCurrentLicenseConfigurationLicenseEdition = "CurrentLicenseConfigurationLicenseEdition" + + // ExportableLicenseFieldCurrentLicenseConfigurationLicenseModel is a ExportableLicenseField enum value + ExportableLicenseFieldCurrentLicenseConfigurationLicenseModel = "CurrentLicenseConfigurationLicenseModel" + + // ExportableLicenseFieldCurrentLicenseConfigurationLicenseVersion is a ExportableLicenseField enum value + ExportableLicenseFieldCurrentLicenseConfigurationLicenseVersion = "CurrentLicenseConfigurationLicenseVersion" + + // ExportableLicenseFieldCurrentLicenseConfigurationMetricsSource is a ExportableLicenseField enum value + ExportableLicenseFieldCurrentLicenseConfigurationMetricsSource = "CurrentLicenseConfigurationMetricsSource" + + // ExportableLicenseFieldRecommendationOptionsOperatingSystem is a ExportableLicenseField enum value + ExportableLicenseFieldRecommendationOptionsOperatingSystem = "RecommendationOptionsOperatingSystem" + + // ExportableLicenseFieldRecommendationOptionsLicenseEdition is a ExportableLicenseField enum value + ExportableLicenseFieldRecommendationOptionsLicenseEdition = "RecommendationOptionsLicenseEdition" + + // ExportableLicenseFieldRecommendationOptionsLicenseModel is a ExportableLicenseField enum value + ExportableLicenseFieldRecommendationOptionsLicenseModel = "RecommendationOptionsLicenseModel" + + // ExportableLicenseFieldRecommendationOptionsSavingsOpportunityPercentage is a ExportableLicenseField enum value + ExportableLicenseFieldRecommendationOptionsSavingsOpportunityPercentage = "RecommendationOptionsSavingsOpportunityPercentage" + + // ExportableLicenseFieldRecommendationOptionsEstimatedMonthlySavingsCurrency is a ExportableLicenseField enum value + ExportableLicenseFieldRecommendationOptionsEstimatedMonthlySavingsCurrency = "RecommendationOptionsEstimatedMonthlySavingsCurrency" + + // ExportableLicenseFieldRecommendationOptionsEstimatedMonthlySavingsValue is a ExportableLicenseField enum value + ExportableLicenseFieldRecommendationOptionsEstimatedMonthlySavingsValue = "RecommendationOptionsEstimatedMonthlySavingsValue" + + // ExportableLicenseFieldTags is a ExportableLicenseField enum value + ExportableLicenseFieldTags = "Tags" +) + +// ExportableLicenseField_Values returns all elements of the ExportableLicenseField enum +func ExportableLicenseField_Values() []string { + return []string{ + ExportableLicenseFieldAccountId, + ExportableLicenseFieldResourceArn, + ExportableLicenseFieldLookbackPeriodInDays, + ExportableLicenseFieldLastRefreshTimestamp, + ExportableLicenseFieldFinding, + ExportableLicenseFieldFindingReasonCodes, + ExportableLicenseFieldCurrentLicenseConfigurationNumberOfCores, + ExportableLicenseFieldCurrentLicenseConfigurationInstanceType, + ExportableLicenseFieldCurrentLicenseConfigurationOperatingSystem, + ExportableLicenseFieldCurrentLicenseConfigurationLicenseName, + ExportableLicenseFieldCurrentLicenseConfigurationLicenseEdition, + ExportableLicenseFieldCurrentLicenseConfigurationLicenseModel, + ExportableLicenseFieldCurrentLicenseConfigurationLicenseVersion, + ExportableLicenseFieldCurrentLicenseConfigurationMetricsSource, + ExportableLicenseFieldRecommendationOptionsOperatingSystem, + ExportableLicenseFieldRecommendationOptionsLicenseEdition, + ExportableLicenseFieldRecommendationOptionsLicenseModel, + ExportableLicenseFieldRecommendationOptionsSavingsOpportunityPercentage, + ExportableLicenseFieldRecommendationOptionsEstimatedMonthlySavingsCurrency, + ExportableLicenseFieldRecommendationOptionsEstimatedMonthlySavingsValue, + ExportableLicenseFieldTags, + } +} + const ( // ExportableVolumeFieldAccountId is a ExportableVolumeField enum value ExportableVolumeFieldAccountId = "AccountId" @@ -11906,6 +12950,122 @@ func LambdaFunctionRecommendationFindingReasonCode_Values() []string { } } +const ( + // LicenseEditionEnterprise is a LicenseEdition enum value + LicenseEditionEnterprise = "Enterprise" + + // LicenseEditionStandard is a LicenseEdition enum value + LicenseEditionStandard = "Standard" + + // LicenseEditionFree is a LicenseEdition enum value + LicenseEditionFree = "Free" + + // LicenseEditionNoLicenseEditionFound is a LicenseEdition enum value + LicenseEditionNoLicenseEditionFound = "NoLicenseEditionFound" +) + +// LicenseEdition_Values returns all elements of the LicenseEdition enum +func LicenseEdition_Values() []string { + return []string{ + LicenseEditionEnterprise, + LicenseEditionStandard, + LicenseEditionFree, + LicenseEditionNoLicenseEditionFound, + } +} + +const ( + // LicenseFindingInsufficientMetrics is a LicenseFinding enum value + LicenseFindingInsufficientMetrics = "InsufficientMetrics" + + // LicenseFindingOptimized is a LicenseFinding enum value + LicenseFindingOptimized = "Optimized" + + // LicenseFindingNotOptimized is a LicenseFinding enum value + LicenseFindingNotOptimized = "NotOptimized" +) + +// LicenseFinding_Values returns all elements of the LicenseFinding enum +func LicenseFinding_Values() []string { + return []string{ + LicenseFindingInsufficientMetrics, + LicenseFindingOptimized, + LicenseFindingNotOptimized, + } +} + +const ( + // LicenseFindingReasonCodeInvalidCloudWatchApplicationInsightsSetup is a LicenseFindingReasonCode enum value + LicenseFindingReasonCodeInvalidCloudWatchApplicationInsightsSetup = "InvalidCloudWatchApplicationInsightsSetup" + + // LicenseFindingReasonCodeCloudWatchApplicationInsightsError is a LicenseFindingReasonCode enum value + LicenseFindingReasonCodeCloudWatchApplicationInsightsError = "CloudWatchApplicationInsightsError" + + // LicenseFindingReasonCodeLicenseOverprovisioned is a LicenseFindingReasonCode enum value + LicenseFindingReasonCodeLicenseOverprovisioned = "LicenseOverprovisioned" + + // LicenseFindingReasonCodeOptimized is a LicenseFindingReasonCode enum value + LicenseFindingReasonCodeOptimized = "Optimized" +) + +// LicenseFindingReasonCode_Values returns all elements of the LicenseFindingReasonCode enum +func LicenseFindingReasonCode_Values() []string { + return []string{ + LicenseFindingReasonCodeInvalidCloudWatchApplicationInsightsSetup, + LicenseFindingReasonCodeCloudWatchApplicationInsightsError, + LicenseFindingReasonCodeLicenseOverprovisioned, + LicenseFindingReasonCodeOptimized, + } +} + +const ( + // LicenseModelLicenseIncluded is a LicenseModel enum value + LicenseModelLicenseIncluded = "LicenseIncluded" + + // LicenseModelBringYourOwnLicense is a LicenseModel enum value + LicenseModelBringYourOwnLicense = "BringYourOwnLicense" +) + +// LicenseModel_Values returns all elements of the LicenseModel enum +func LicenseModel_Values() []string { + return []string{ + LicenseModelLicenseIncluded, + LicenseModelBringYourOwnLicense, + } +} + +const ( + // LicenseNameSqlserver is a LicenseName enum value + LicenseNameSqlserver = "SQLServer" +) + +// LicenseName_Values returns all elements of the LicenseName enum +func LicenseName_Values() []string { + return []string{ + LicenseNameSqlserver, + } +} + +const ( + // LicenseRecommendationFilterNameFinding is a LicenseRecommendationFilterName enum value + LicenseRecommendationFilterNameFinding = "Finding" + + // LicenseRecommendationFilterNameFindingReasonCode is a LicenseRecommendationFilterName enum value + LicenseRecommendationFilterNameFindingReasonCode = "FindingReasonCode" + + // LicenseRecommendationFilterNameLicenseName is a LicenseRecommendationFilterName enum value + LicenseRecommendationFilterNameLicenseName = "LicenseName" +) + +// LicenseRecommendationFilterName_Values returns all elements of the LicenseRecommendationFilterName enum +func LicenseRecommendationFilterName_Values() []string { + return []string{ + LicenseRecommendationFilterNameFinding, + LicenseRecommendationFilterNameFindingReasonCode, + LicenseRecommendationFilterNameLicenseName, + } +} + const ( // MetricNameCpu is a MetricName enum value MetricNameCpu = "Cpu" @@ -11970,6 +13130,18 @@ func MetricName_Values() []string { } } +const ( + // MetricSourceProviderCloudWatchApplicationInsights is a MetricSourceProvider enum value + MetricSourceProviderCloudWatchApplicationInsights = "CloudWatchApplicationInsights" +) + +// MetricSourceProvider_Values returns all elements of the MetricSourceProvider enum +func MetricSourceProvider_Values() []string { + return []string{ + MetricSourceProviderCloudWatchApplicationInsights, + } +} + const ( // MetricStatisticMaximum is a MetricStatistic enum value MetricStatisticMaximum = "Maximum" @@ -12077,6 +13249,9 @@ const ( // RecommendationSourceTypeEcsService is a RecommendationSourceType enum value RecommendationSourceTypeEcsService = "EcsService" + + // RecommendationSourceTypeLicense is a RecommendationSourceType enum value + RecommendationSourceTypeLicense = "License" ) // RecommendationSourceType_Values returns all elements of the RecommendationSourceType enum @@ -12087,6 +13262,7 @@ func RecommendationSourceType_Values() []string { RecommendationSourceTypeEbsVolume, RecommendationSourceTypeLambdaFunction, RecommendationSourceTypeEcsService, + RecommendationSourceTypeLicense, } } @@ -12108,6 +13284,9 @@ const ( // ResourceTypeEcsService is a ResourceType enum value ResourceTypeEcsService = "EcsService" + + // ResourceTypeLicense is a ResourceType enum value + ResourceTypeLicense = "License" ) // ResourceType_Values returns all elements of the ResourceType enum @@ -12119,6 +13298,7 @@ func ResourceType_Values() []string { ResourceTypeLambdaFunction, ResourceTypeNotApplicable, ResourceTypeEcsService, + ResourceTypeLicense, } } diff --git a/service/computeoptimizer/computeoptimizeriface/interface.go b/service/computeoptimizer/computeoptimizeriface/interface.go index ed7cb787eb6..45f0e9042c9 100644 --- a/service/computeoptimizer/computeoptimizeriface/interface.go +++ b/service/computeoptimizer/computeoptimizeriface/interface.go @@ -91,6 +91,10 @@ type ComputeOptimizerAPI interface { ExportLambdaFunctionRecommendationsWithContext(aws.Context, *computeoptimizer.ExportLambdaFunctionRecommendationsInput, ...request.Option) (*computeoptimizer.ExportLambdaFunctionRecommendationsOutput, error) ExportLambdaFunctionRecommendationsRequest(*computeoptimizer.ExportLambdaFunctionRecommendationsInput) (*request.Request, *computeoptimizer.ExportLambdaFunctionRecommendationsOutput) + ExportLicenseRecommendations(*computeoptimizer.ExportLicenseRecommendationsInput) (*computeoptimizer.ExportLicenseRecommendationsOutput, error) + ExportLicenseRecommendationsWithContext(aws.Context, *computeoptimizer.ExportLicenseRecommendationsInput, ...request.Option) (*computeoptimizer.ExportLicenseRecommendationsOutput, error) + ExportLicenseRecommendationsRequest(*computeoptimizer.ExportLicenseRecommendationsInput) (*request.Request, *computeoptimizer.ExportLicenseRecommendationsOutput) + GetAutoScalingGroupRecommendations(*computeoptimizer.GetAutoScalingGroupRecommendationsInput) (*computeoptimizer.GetAutoScalingGroupRecommendationsOutput, error) GetAutoScalingGroupRecommendationsWithContext(aws.Context, *computeoptimizer.GetAutoScalingGroupRecommendationsInput, ...request.Option) (*computeoptimizer.GetAutoScalingGroupRecommendationsOutput, error) GetAutoScalingGroupRecommendationsRequest(*computeoptimizer.GetAutoScalingGroupRecommendationsInput) (*request.Request, *computeoptimizer.GetAutoScalingGroupRecommendationsOutput) @@ -137,6 +141,10 @@ type ComputeOptimizerAPI interface { GetLambdaFunctionRecommendationsPages(*computeoptimizer.GetLambdaFunctionRecommendationsInput, func(*computeoptimizer.GetLambdaFunctionRecommendationsOutput, bool) bool) error GetLambdaFunctionRecommendationsPagesWithContext(aws.Context, *computeoptimizer.GetLambdaFunctionRecommendationsInput, func(*computeoptimizer.GetLambdaFunctionRecommendationsOutput, bool) bool, ...request.Option) error + GetLicenseRecommendations(*computeoptimizer.GetLicenseRecommendationsInput) (*computeoptimizer.GetLicenseRecommendationsOutput, error) + GetLicenseRecommendationsWithContext(aws.Context, *computeoptimizer.GetLicenseRecommendationsInput, ...request.Option) (*computeoptimizer.GetLicenseRecommendationsOutput, error) + GetLicenseRecommendationsRequest(*computeoptimizer.GetLicenseRecommendationsInput) (*request.Request, *computeoptimizer.GetLicenseRecommendationsOutput) + GetRecommendationPreferences(*computeoptimizer.GetRecommendationPreferencesInput) (*computeoptimizer.GetRecommendationPreferencesOutput, error) GetRecommendationPreferencesWithContext(aws.Context, *computeoptimizer.GetRecommendationPreferencesInput, ...request.Option) (*computeoptimizer.GetRecommendationPreferencesOutput, error) GetRecommendationPreferencesRequest(*computeoptimizer.GetRecommendationPreferencesInput) (*request.Request, *computeoptimizer.GetRecommendationPreferencesOutput) diff --git a/service/organizations/api.go b/service/organizations/api.go index 1409058de5d..76db80d8825 100644 --- a/service/organizations/api.go +++ b/service/organizations/api.go @@ -68,7 +68,7 @@ func (c *Organizations) AcceptHandshakeRequest(input *AcceptHandshakeInput) (req // If you enabled all features in the organization, the user must also have // the iam:CreateServiceLinkedRole permission so that Organizations can create // the required service-linked role named AWSServiceRoleForOrganizations. -// For more information, see Organizations and Service-Linked Roles (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integration_services.html#orgs_integration_service-linked-roles) +// For more information, see Organizations and service-linked roles (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integration_services.html#orgs_integrate_services-using_slrs) // in the Organizations User Guide. // // - Enable all features final confirmation handshake: only a principal from @@ -114,7 +114,7 @@ func (c *Organizations) AcceptHandshakeRequest(input *AcceptHandshakeInput) (req // accounts still count toward your limit. If you get this exception immediately // after creating the organization, wait one hour and try again. If after // an hour it continues to fail with this error, contact Amazon Web Services -// Support (https://docs.aws.amazon.com/support/home#/). +// Support (https://console.aws.amazon.com/support/home#/). // // - ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because // the invited account is already a member of an organization. @@ -250,8 +250,8 @@ func (c *Organizations) AcceptHandshakeRequest(input *AcceptHandshakeInput) (req // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - AccessDeniedForDependencyException // The operation that you attempted requires you to have the iam:CreateServiceLinkedRole @@ -336,7 +336,9 @@ func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *requ // // - TAG_POLICY (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html) // -// This operation can be called only from the organization's management account. +// This operation can be called only from the organization's management account +// or by a member account that is a delegated administrator for an Amazon Web +// Services service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -394,7 +396,7 @@ func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *requ // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -402,7 +404,10 @@ func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *requ // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -469,9 +474,8 @@ func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *requ // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -487,9 +491,8 @@ func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *requ // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -613,8 +616,8 @@ func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *requ // - PolicyTypeNotEnabledException // The specified policy type isn't currently enabled in this root. You can't // attach policies of the specified type to entities in a root until you enable -// that type in the root. For more information, see Enabling All Features in -// Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) +// that type in the root. For more information, see Enabling all features in +// your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) // in the Organizations User Guide. // // - ServiceException @@ -629,8 +632,8 @@ func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *requ // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -833,8 +836,8 @@ func (c *Organizations) CancelHandshakeRequest(input *CancelHandshakeInput) (req // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CancelHandshake func (c *Organizations) CancelHandshake(input *CancelHandshakeInput) (*CancelHandshakeOutput, error) { @@ -925,9 +928,9 @@ func (c *Organizations) CloseAccountRequest(input *CloseAccountInput) (req *requ // - You can close only 10% of member accounts, between 10 and 200, within // a rolling 30 day period. This quota is not bound by a calendar month, // but starts when you close an account. After you reach this limit, you -// can close additional accounts in the Billing console. For more information, -// see Closing an account (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/close-account.html) -// in the Amazon Web Services Billing and Cost Management User Guide. +// can close additional accounts. For more information, see Closing a member +// account in your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_close.html) +// in the Organizations User Guide. // // - To reinstate a closed account, contact Amazon Web Services Support within // the 90-day grace period while the account is in SUSPENDED status. @@ -938,10 +941,6 @@ func (c *Organizations) CloseAccountRequest(input *CloseAccountInput) (req *requ // Closing an Amazon Web Services GovCloud (US) account (https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/Closing-govcloud-account.html) // in the Amazon Web Services GovCloud User Guide. // -// For more information about closing accounts, see Closing an Amazon Web Services -// account (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_close.html) -// in the Organizations User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1010,7 +1009,7 @@ func (c *Organizations) CloseAccountRequest(input *CloseAccountInput) (req *requ // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -1018,7 +1017,10 @@ func (c *Organizations) CloseAccountRequest(input *CloseAccountInput) (req *requ // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -1085,9 +1087,8 @@ func (c *Organizations) CloseAccountRequest(input *CloseAccountInput) (req *requ // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -1103,9 +1104,8 @@ func (c *Organizations) CloseAccountRequest(input *CloseAccountInput) (req *requ // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -1229,8 +1229,8 @@ func (c *Organizations) CloseAccountRequest(input *CloseAccountInput) (req *requ // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -1320,7 +1320,7 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // The user who calls the API to create an account must have the organizations:CreateAccount // permission. If you enabled all features in the organization, Organizations // creates the required service-linked role named AWSServiceRoleForOrganizations. -// For more information, see Organizations and Service-Linked Roles (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html#orgs_integrate_services-using_slrs) +// For more information, see Organizations and service-linked roles (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html#orgs_integrate_services-using_slrs) // in the Organizations User Guide. // // If the request includes tags, then the requester must have the organizations:TagResource @@ -1334,8 +1334,8 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // // This operation can be called only from the organization's management account. // -// For more information about creating accounts, see Creating an Amazon Web -// Services account in Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_create.html) +// For more information about creating accounts, see Creating a member account +// in your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_create.html) // in the Organizations User Guide. // // - When you create an account in an organization using the Organizations @@ -1343,8 +1343,8 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // to operate as a standalone account, such as a payment method and signing // the end user license agreement (EULA) is not automatically collected. // If you must remove an account from your organization later, you can do -// so only after you provide the missing information. Follow the steps at -// To leave an organization as a member account (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// so only after you provide the missing information. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - If you get an exception that indicates that you exceeded your account @@ -1357,8 +1357,8 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // - Using CreateAccount to create multiple temporary accounts isn't recommended. // You can only close an account from the Billing and Cost Management console, // and you must be signed in as the root user. For information on the requirements -// and process for closing an account, see Closing an Amazon Web Services -// account (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_close.html) +// and process for closing an account, see Closing a member account in your +// organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_close.html) // in the Organizations User Guide. // // When you create a member account with this operation, you can choose whether @@ -1366,8 +1366,8 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // switch enabled. If you enable it, IAM users and roles that have appropriate // permissions can view billing information for the account. If you disable // it, only the account root user can access billing information. For information -// about how to disable this switch for an account, see Granting Access to Your -// Billing Information and Tools (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html). +// about how to disable this switch for an account, see Granting access to your +// billing information and tools (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/control-access-billing.html#grantaccess). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1425,7 +1425,7 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -1433,7 +1433,10 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -1500,9 +1503,8 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -1518,9 +1520,8 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -1650,8 +1651,8 @@ func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *re // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -1738,7 +1739,7 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // // Organizations automatically creates the required service-linked role named // AWSServiceRoleForOrganizations. For more information, see Organizations and -// Service-Linked Roles (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html#orgs_integrate_services-using_slrs) +// service-linked roles (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html#orgs_integrate_services-using_slrs) // in the Organizations User Guide. // // Amazon Web Services automatically enables CloudTrail for Amazon Web Services @@ -1776,8 +1777,8 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // as a parameter to the DescribeCreateAccountStatus operation. // // - Check the CloudTrail log for the CreateAccountResult event. For information -// on using CloudTrail with Organizations, see Monitoring the Activity in -// Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_monitoring.html) +// on using CloudTrail with Organizations, see Logging and monitoring in +// Organizations (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_security_incident-response.html) // in the Organizations User Guide. // // When you call the CreateGovCloudAccount action, you create two accounts: @@ -1798,8 +1799,8 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // (https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/govcloud-organizations.html) // in the Amazon Web Services GovCloud User Guide. // -// For more information about creating accounts, see Creating an Amazon Web -// Services account in Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_create.html) +// For more information about creating accounts, see Creating a member account +// in your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_create.html) // in the Organizations User Guide. // // - When you create an account in an organization using the Organizations @@ -1807,8 +1808,8 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // to operate as a standalone account is not automatically collected. This // includes a payment method and signing the end user license agreement (EULA). // If you must remove an account from your organization later, you can do -// so only after you provide the missing information. Follow the steps at -// To leave an organization as a member account (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// so only after you provide the missing information. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - If you get an exception that indicates that you exceeded your account @@ -1822,7 +1823,7 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // recommended. You can only close an account from the Amazon Web Services // Billing and Cost Management console, and you must be signed in as the // root user. For information on the requirements and process for closing -// an account, see Closing an Amazon Web Services account (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_close.html) +// an account, see Closing a member account in your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_close.html) // in the Organizations User Guide. // // When you create a member account with this operation, you can choose whether @@ -1830,8 +1831,8 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // switch enabled. If you enable it, IAM users and roles that have appropriate // permissions can view billing information for the account. If you disable // it, only the account root user can access billing information. For information -// about how to disable this switch for an account, see Granting Access to Your -// Billing Information and Tools (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html). +// about how to disable this switch for an account, see Granting access to your +// billing information and tools (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1889,7 +1890,7 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -1897,7 +1898,10 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -1964,9 +1968,8 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -1982,9 +1985,8 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -2114,8 +2116,8 @@ func (c *Organizations) CreateGovCloudAccountRequest(input *CreateGovCloudAccoun // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -2198,8 +2200,8 @@ func (c *Organizations) CreateOrganizationRequest(input *CreateOrganizationInput // is created with all features enabled and service control policies automatically // enabled in the root. If you instead choose to create the organization supporting // only the consolidated billing features by setting the FeatureSet parameter -// to CONSOLIDATED_BILLING", no policy types are enabled by default, and you -// can't use organization policies +// to CONSOLIDATED_BILLING, no policy types are enabled by default and you can't +// use organization policies. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2257,7 +2259,7 @@ func (c *Organizations) CreateOrganizationRequest(input *CreateOrganizationInput // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -2265,7 +2267,10 @@ func (c *Organizations) CreateOrganizationRequest(input *CreateOrganizationInput // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -2332,9 +2337,8 @@ func (c *Organizations) CreateOrganizationRequest(input *CreateOrganizationInput // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -2350,9 +2354,8 @@ func (c *Organizations) CreateOrganizationRequest(input *CreateOrganizationInput // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -2476,8 +2479,8 @@ func (c *Organizations) CreateOrganizationRequest(input *CreateOrganizationInput // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - AccessDeniedForDependencyException // The operation that you attempted requires you to have the iam:CreateServiceLinkedRole @@ -2555,7 +2558,7 @@ func (c *Organizations) CreateOrganizationalUnitRequest(input *CreateOrganizatio // that you can nest OUs is dependent upon the policy types enabled for that // root. For service control policies, the limit is five. // -// For more information about OUs, see Managing Organizational Units (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_ous.html) +// For more information about OUs, see Managing organizational units (OUs) (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_ous.html) // in the Organizations User Guide. // // If the request includes tags, then the requester must have the organizations:TagResource @@ -2619,7 +2622,7 @@ func (c *Organizations) CreateOrganizationalUnitRequest(input *CreateOrganizatio // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -2627,7 +2630,10 @@ func (c *Organizations) CreateOrganizationalUnitRequest(input *CreateOrganizatio // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -2694,9 +2700,8 @@ func (c *Organizations) CreateOrganizationalUnitRequest(input *CreateOrganizatio // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -2712,9 +2717,8 @@ func (c *Organizations) CreateOrganizationalUnitRequest(input *CreateOrganizatio // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -2844,8 +2848,8 @@ func (c *Organizations) CreateOrganizationalUnitRequest(input *CreateOrganizatio // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnit func (c *Organizations) CreateOrganizationalUnit(input *CreateOrganizationalUnitInput) (*CreateOrganizationalUnitOutput, error) { @@ -2915,13 +2919,15 @@ func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *requ // Creates a policy of a specified type that you can attach to a root, an organizational // unit (OU), or an individual Amazon Web Services account. // -// For more information about policies and their use, see Managing Organization -// Policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html). +// For more information about policies and their use, see Managing Organizations +// policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html). // // If the request includes tags, then the requester must have the organizations:TagResource // permission. // -// This operation can be called only from the organization's management account. +// This operation can be called only from the organization's management account +// or by a member account that is a delegated administrator for an Amazon Web +// Services service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2979,7 +2985,7 @@ func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *requ // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -2987,7 +2993,10 @@ func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *requ // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -3054,9 +3063,8 @@ func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *requ // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -3072,9 +3080,8 @@ func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *requ // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -3195,14 +3202,14 @@ func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *requ // - MalformedPolicyDocumentException // The provided policy document doesn't meet the requirements of the specified // policy type. For example, the syntax might be incorrect. For details about -// service control policy syntax, see Service Control Policy Syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) +// service control policy syntax, see SCP syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_syntax.html) // in the Organizations User Guide. // // - PolicyTypeNotAvailableForOrganizationException // You can't use the specified policy type with the feature set currently enabled // for this organization. For example, you can enable SCPs only after you enable // all features in the organization. For more information, see Managing Organizations -// Policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)in +// policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)in // the Organizations User Guide. // // - ServiceException @@ -3214,8 +3221,8 @@ func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *requ // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -3415,8 +3422,8 @@ func (c *Organizations) DeclineHandshakeRequest(input *DeclineHandshakeInput) (r // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeclineHandshake func (c *Organizations) DeclineHandshake(input *DeclineHandshakeInput) (*DeclineHandshakeOutput, error) { @@ -3591,8 +3598,7 @@ func (c *Organizations) DeleteOrganizationRequest(input *DeleteOrganizationInput // // - OrganizationNotEmptyException // The organization isn't empty. To delete an organization, you must first remove -// all accounts except the management account, delete all OUs, and delete all -// policies. +// all accounts except the management account. // // - ServiceException // Organizations can't complete your request because of an internal service @@ -3603,8 +3609,8 @@ func (c *Organizations) DeleteOrganizationRequest(input *DeleteOrganizationInput // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganization func (c *Organizations) DeleteOrganization(input *DeleteOrganizationInput) (*DeleteOrganizationOutput, error) { @@ -3795,8 +3801,8 @@ func (c *Organizations) DeleteOrganizationalUnitRequest(input *DeleteOrganizatio // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationalUnit func (c *Organizations) DeleteOrganizationalUnit(input *DeleteOrganizationalUnitInput) (*DeleteOrganizationalUnitOutput, error) { @@ -3868,7 +3874,9 @@ func (c *Organizations) DeletePolicyRequest(input *DeletePolicyInput) (req *requ // operation, you must first detach the policy from all organizational units // (OUs), roots, and accounts. // -// This operation can be called only from the organization's management account. +// This operation can be called only from the organization's management account +// or by a member account that is a delegated administrator for an Amazon Web +// Services service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3988,8 +3996,8 @@ func (c *Organizations) DeletePolicyRequest(input *DeletePolicyInput) (req *requ // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -4092,8 +4100,8 @@ func (c *Organizations) DeleteResourcePolicyRequest(input *DeleteResourcePolicyI // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - ConcurrentModificationException // The target of the operation is currently being modified by a different request. @@ -4131,7 +4139,7 @@ func (c *Organizations) DeleteResourcePolicyRequest(input *DeleteResourcePolicyI // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -4139,7 +4147,10 @@ func (c *Organizations) DeleteResourcePolicyRequest(input *DeleteResourcePolicyI // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -4206,9 +4217,8 @@ func (c *Organizations) DeleteResourcePolicyRequest(input *DeleteResourcePolicyI // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -4224,9 +4234,8 @@ func (c *Organizations) DeleteResourcePolicyRequest(input *DeleteResourcePolicyI // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -4417,7 +4426,7 @@ func (c *Organizations) DeregisterDelegatedAdministratorRequest(input *Deregiste // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -4425,7 +4434,10 @@ func (c *Organizations) DeregisterDelegatedAdministratorRequest(input *Deregiste // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -4492,9 +4504,8 @@ func (c *Organizations) DeregisterDelegatedAdministratorRequest(input *Deregiste // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -4510,9 +4521,8 @@ func (c *Organizations) DeregisterDelegatedAdministratorRequest(input *Deregiste // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -4632,8 +4642,8 @@ func (c *Organizations) DeregisterDelegatedAdministratorRequest(input *Deregiste // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - ServiceException // Organizations can't complete your request because of an internal service @@ -4825,8 +4835,8 @@ func (c *Organizations) DescribeAccountRequest(input *DescribeAccountInput) (req // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeAccount func (c *Organizations) DescribeAccount(input *DescribeAccountInput) (*DescribeAccountOutput, error) { @@ -5010,8 +5020,8 @@ func (c *Organizations) DescribeCreateAccountStatusRequest(input *DescribeCreate // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -5089,13 +5099,11 @@ func (c *Organizations) DescribeEffectivePolicyRequest(input *DescribeEffectiveP // This operation applies only to policy types other than service control policies // (SCPs). // -// For more information about policy inheritance, see How Policy Inheritance -// Works (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies-inheritance.html) +// For more information about policy inheritance, see Understanding management +// policy inheritance (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_inheritance_mgmt.html) // in the Organizations User Guide. // -// This operation can be called only from the organization's management account -// or by a member account that is a delegated administrator for an Amazon Web -// Services service. +// This operation can be called from any account in the organization. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5149,7 +5157,7 @@ func (c *Organizations) DescribeEffectivePolicyRequest(input *DescribeEffectiveP // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -5157,7 +5165,10 @@ func (c *Organizations) DescribeEffectivePolicyRequest(input *DescribeEffectiveP // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -5224,9 +5235,8 @@ func (c *Organizations) DescribeEffectivePolicyRequest(input *DescribeEffectiveP // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -5242,9 +5252,8 @@ func (c *Organizations) DescribeEffectivePolicyRequest(input *DescribeEffectiveP // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -5290,8 +5299,8 @@ func (c *Organizations) DescribeEffectivePolicyRequest(input *DescribeEffectiveP // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - TargetNotFoundException // We can't find a root, OU, account, or policy with the TargetId that you specified. @@ -5568,8 +5577,8 @@ func (c *Organizations) DescribeHandshakeRequest(input *DescribeHandshakeInput) // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeHandshake func (c *Organizations) DescribeHandshake(input *DescribeHandshakeInput) (*DescribeHandshakeOutput, error) { @@ -5678,8 +5687,8 @@ func (c *Organizations) DescribeOrganizationRequest(input *DescribeOrganizationI // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganization func (c *Organizations) DescribeOrganization(input *DescribeOrganizationInput) (*DescribeOrganizationOutput, error) { @@ -5862,8 +5871,8 @@ func (c *Organizations) DescribeOrganizationalUnitRequest(input *DescribeOrganiz // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationalUnit func (c *Organizations) DescribeOrganizationalUnit(input *DescribeOrganizationalUnitInput) (*DescribeOrganizationalUnitOutput, error) { @@ -6046,8 +6055,8 @@ func (c *Organizations) DescribePolicyRequest(input *DescribePolicyInput) (req * // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -6119,7 +6128,7 @@ func (c *Organizations) DescribeResourcePolicyRequest(input *DescribeResourcePol // // Retrieves information about a resource policy. // -// You can only call this operation from the organization's management account +// This operation can be called only from the organization's management account // or by a member account that is a delegated administrator for an Amazon Web // Services service. // @@ -6151,8 +6160,8 @@ func (c *Organizations) DescribeResourcePolicyRequest(input *DescribeResourcePol // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - AWSOrganizationsNotInUseException // Your account isn't a member of an organization. To make this request, you @@ -6193,7 +6202,7 @@ func (c *Organizations) DescribeResourcePolicyRequest(input *DescribeResourcePol // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -6201,7 +6210,10 @@ func (c *Organizations) DescribeResourcePolicyRequest(input *DescribeResourcePol // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -6268,9 +6280,8 @@ func (c *Organizations) DescribeResourcePolicyRequest(input *DescribeResourcePol // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -6286,9 +6297,8 @@ func (c *Organizations) DescribeResourcePolicyRequest(input *DescribeResourcePol // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -6407,7 +6417,9 @@ func (c *Organizations) DetachPolicyRequest(input *DetachPolicyInput) (req *requ // "Effect": "Allow" in the FullAWSAccess policy (or any other attached SCP), // you're using the authorization strategy of a "deny list (https://docs.aws.amazon.com/organizations/latest/userguide/SCP_strategies.html#orgs_policies_denylist)". // -// This operation can be called only from the organization's management account. +// This operation can be called only from the organization's management account +// or by a member account that is a delegated administrator for an Amazon Web +// Services service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6465,7 +6477,7 @@ func (c *Organizations) DetachPolicyRequest(input *DetachPolicyInput) (req *requ // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -6473,7 +6485,10 @@ func (c *Organizations) DetachPolicyRequest(input *DetachPolicyInput) (req *requ // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -6540,9 +6555,8 @@ func (c *Organizations) DetachPolicyRequest(input *DetachPolicyInput) (req *requ // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -6558,9 +6572,8 @@ func (c *Organizations) DetachPolicyRequest(input *DetachPolicyInput) (req *requ // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -6693,8 +6706,8 @@ func (c *Organizations) DetachPolicyRequest(input *DetachPolicyInput) (req *requ // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -6820,8 +6833,8 @@ func (c *Organizations) DisableAWSServiceAccessRequest(input *DisableAWSServiceA // can no longer perform operations in your organization's accounts // // For more information about integrating other services with Organizations, -// including the list of services that work with Organizations, see Integrating -// Organizations with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html) +// including the list of services that work with Organizations, see Using Organizations +// with other Amazon Web Services services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html) // in the Organizations User Guide. // // This operation can be called only from the organization's management account. @@ -6882,7 +6895,7 @@ func (c *Organizations) DisableAWSServiceAccessRequest(input *DisableAWSServiceA // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -6890,7 +6903,10 @@ func (c *Organizations) DisableAWSServiceAccessRequest(input *DisableAWSServiceA // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -6957,9 +6973,8 @@ func (c *Organizations) DisableAWSServiceAccessRequest(input *DisableAWSServiceA // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -6975,9 +6990,8 @@ func (c *Organizations) DisableAWSServiceAccessRequest(input *DisableAWSServiceA // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -7101,8 +7115,8 @@ func (c *Organizations) DisableAWSServiceAccessRequest(input *DisableAWSServiceA // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -7185,7 +7199,9 @@ func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) // first use ListRoots to see the status of policy types for a specified root, // and then use this operation. // -// This operation can be called only from the organization's management account. +// This operation can be called only from the organization's management account +// or by a member account that is a delegated administrator for an Amazon Web +// Services service. // // To view the status of available policy types in the organization, use DescribeOrganization. // @@ -7245,7 +7261,7 @@ func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -7253,7 +7269,10 @@ func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -7320,9 +7339,8 @@ func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -7338,9 +7356,8 @@ func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -7458,8 +7475,8 @@ func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) // - PolicyTypeNotEnabledException // The specified policy type isn't currently enabled in this root. You can't // attach policies of the specified type to entities in a root until you enable -// that type in the root. For more information, see Enabling All Features in -// Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) +// that type in the root. For more information, see Enabling all features in +// your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) // in the Organizations User Guide. // // - RootNotFoundException @@ -7474,8 +7491,8 @@ func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -7565,7 +7582,7 @@ func (c *Organizations) EnableAWSServiceAccessRequest(input *EnableAWSServiceAcc // Web Services service. // // For more information about enabling services to integrate with Organizations, -// see Integrating Organizations with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html) +// see Using Organizations with other Amazon Web Services services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html) // in the Organizations User Guide. // // You can only call this operation from the organization's management account @@ -7627,7 +7644,7 @@ func (c *Organizations) EnableAWSServiceAccessRequest(input *EnableAWSServiceAcc // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -7635,7 +7652,10 @@ func (c *Organizations) EnableAWSServiceAccessRequest(input *EnableAWSServiceAcc // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -7702,9 +7722,8 @@ func (c *Organizations) EnableAWSServiceAccessRequest(input *EnableAWSServiceAcc // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -7720,9 +7739,8 @@ func (c *Organizations) EnableAWSServiceAccessRequest(input *EnableAWSServiceAcc // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -7846,8 +7864,8 @@ func (c *Organizations) EnableAWSServiceAccessRequest(input *EnableAWSServiceAcc // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -7921,8 +7939,8 @@ func (c *Organizations) EnableAllFeaturesRequest(input *EnableAllFeaturesInput) // policies that can restrict the services and actions that can be called in // each account. Until you enable all features, you have access only to consolidated // billing, and you can't use any of the advanced account administration features -// that Organizations supports. For more information, see Enabling All Features -// in Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) +// that Organizations supports. For more information, see Enabling all features +// in your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) // in the Organizations User Guide. // // This operation is required only for organizations that were created explicitly @@ -7984,7 +8002,7 @@ func (c *Organizations) EnableAllFeaturesRequest(input *EnableAllFeaturesInput) // accounts still count toward your limit. If you get this exception immediately // after creating the organization, wait one hour and try again. If after // an hour it continues to fail with this error, contact Amazon Web Services -// Support (https://docs.aws.amazon.com/support/home#/). +// Support (https://console.aws.amazon.com/support/home#/). // // - ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because // the invited account is already a member of an organization. @@ -8104,8 +8122,8 @@ func (c *Organizations) EnableAllFeaturesRequest(input *EnableAllFeaturesInput) // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeatures func (c *Organizations) EnableAllFeatures(input *EnableAllFeaturesInput) (*EnableAllFeaturesOutput, error) { @@ -8181,7 +8199,9 @@ func (c *Organizations) EnablePolicyTypeRequest(input *EnablePolicyTypeInput) (r // background. Amazon Web Services recommends that you first use ListRoots to // see the status of policy types for a specified root, and then use this operation. // -// This operation can be called only from the organization's management account. +// This operation can be called only from the organization's management account +// or by a member account that is a delegated administrator for an Amazon Web +// Services service. // // You can enable a policy type in a root only if that policy type is available // in the organization. To view the status of available policy types in the @@ -8243,7 +8263,7 @@ func (c *Organizations) EnablePolicyTypeRequest(input *EnablePolicyTypeInput) (r // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -8251,7 +8271,10 @@ func (c *Organizations) EnablePolicyTypeRequest(input *EnablePolicyTypeInput) (r // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -8318,9 +8341,8 @@ func (c *Organizations) EnablePolicyTypeRequest(input *EnablePolicyTypeInput) (r // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -8336,9 +8358,8 @@ func (c *Organizations) EnablePolicyTypeRequest(input *EnablePolicyTypeInput) (r // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -8468,14 +8489,14 @@ func (c *Organizations) EnablePolicyTypeRequest(input *EnablePolicyTypeInput) (r // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - PolicyTypeNotAvailableForOrganizationException // You can't use the specified policy type with the feature set currently enabled // for this organization. For example, you can enable SCPs only after you enable // all features in the organization. For more information, see Managing Organizations -// Policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)in +// policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)in // the Organizations User Guide. // // - UnsupportedAPIEndpointException @@ -8561,7 +8582,7 @@ func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountT // Web Services seller in India, you can invite only other AISPL accounts // to your organization. You can't combine accounts from AISPL and Amazon // Web Services or from any other Amazon Web Services seller. For more information, -// see Consolidated Billing in India (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/useconsolidatedbilliing-India.html). +// see Consolidated billing in India (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/useconsolidatedbilling-India.html). // // - If you receive an exception that indicates that you exceeded your account // limits for the organization or that the operation failed because your @@ -8597,7 +8618,7 @@ func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountT // - AccountOwnerNotVerifiedException // You can't invite an existing account to your organization until you verify // that you own the email address associated with the management account. For -// more information, see Email Address Verification (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_create.html#about-email-verification) +// more information, see Email address verification (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_create.html#about-email-verification) // in the Organizations User Guide. // // - ConcurrentModificationException @@ -8616,7 +8637,7 @@ func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountT // accounts still count toward your limit. If you get this exception immediately // after creating the organization, wait one hour and try again. If after // an hour it continues to fail with this error, contact Amazon Web Services -// Support (https://docs.aws.amazon.com/support/home#/). +// Support (https://console.aws.amazon.com/support/home#/). // // - ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because // the invited account is already a member of an organization. @@ -8688,7 +8709,7 @@ func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountT // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -8696,7 +8717,10 @@ func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountT // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -8763,9 +8787,8 @@ func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountT // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -8781,9 +8804,8 @@ func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountT // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -8913,8 +8935,8 @@ func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountT // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganization func (c *Organizations) InviteAccountToOrganization(input *InviteAccountToOrganizationInput) (*InviteAccountToOrganizationOutput, error) { @@ -9005,8 +9027,8 @@ func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) // Provide a current payment method Amazon Web Services uses the payment // method to charge for any billable (not free tier) Amazon Web Services // activity that occurs while the account isn't attached to an organization. -// Follow the steps at To leave an organization when all required account -// information has not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// For more information, see Considerations before removing an account from +// an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - The account that you want to leave must not be a delegated administrator @@ -9016,8 +9038,8 @@ func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) // the organization. // // - You can leave an organization only after you enable IAM user access -// to billing in your account. For more information, see Activating Access -// to the Billing and Cost Management Console (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) +// to billing in your account. For more information, see About IAM access +// to the Billing and Cost Management console (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) // in the Amazon Web Services Billing and Cost Management User Guide. // // - After the account leaves the organization, all tags that were attached @@ -9028,6 +9050,10 @@ func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) // from its organization. If you get an error that indicates that a wait // period is required, then try again in a few days. // +// - If you are using an organization principal to call LeaveOrganization +// across multiple accounts, you can only do this up to 5 accounts per second +// in a single organization. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -9089,7 +9115,7 @@ func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -9097,7 +9123,10 @@ func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -9164,9 +9193,8 @@ func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -9182,9 +9210,8 @@ func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -9313,8 +9340,8 @@ func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/LeaveOrganization func (c *Organizations) LeaveOrganization(input *LeaveOrganizationInput) (*LeaveOrganizationOutput, error) { @@ -9394,7 +9421,7 @@ func (c *Organizations) ListAWSServiceAccessForOrganizationRequest(input *ListAW // // For more information about integrating other services with Organizations, // including the list of services that currently work with Organizations, see -// Integrating Organizations with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html) +// Using Organizations with other Amazon Web Services services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html) // in the Organizations User Guide. // // This operation can be called only from the organization's management account @@ -9453,7 +9480,7 @@ func (c *Organizations) ListAWSServiceAccessForOrganizationRequest(input *ListAW // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -9461,7 +9488,10 @@ func (c *Organizations) ListAWSServiceAccessForOrganizationRequest(input *ListAW // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -9528,9 +9558,8 @@ func (c *Organizations) ListAWSServiceAccessForOrganizationRequest(input *ListAW // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -9546,9 +9575,8 @@ func (c *Organizations) ListAWSServiceAccessForOrganizationRequest(input *ListAW // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -9672,8 +9700,8 @@ func (c *Organizations) ListAWSServiceAccessForOrganizationRequest(input *ListAW // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -9920,8 +9948,8 @@ func (c *Organizations) ListAccountsRequest(input *ListAccountsInput) (req *requ // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccounts func (c *Organizations) ListAccounts(input *ListAccountsInput) (*ListAccountsOutput, error) { @@ -10170,8 +10198,8 @@ func (c *Organizations) ListAccountsForParentRequest(input *ListAccountsForParen // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsForParent func (c *Organizations) ListAccountsForParent(input *ListAccountsForParentInput) (*ListAccountsForParentOutput, error) { @@ -10418,8 +10446,8 @@ func (c *Organizations) ListChildrenRequest(input *ListChildrenInput) (req *requ // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListChildren func (c *Organizations) ListChildren(input *ListChildrenInput) (*ListChildrenOutput, error) { @@ -10662,8 +10690,8 @@ func (c *Organizations) ListCreateAccountStatusRequest(input *ListCreateAccountS // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -10849,7 +10877,7 @@ func (c *Organizations) ListDelegatedAdministratorsRequest(input *ListDelegatedA // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -10857,7 +10885,10 @@ func (c *Organizations) ListDelegatedAdministratorsRequest(input *ListDelegatedA // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -10924,9 +10955,8 @@ func (c *Organizations) ListDelegatedAdministratorsRequest(input *ListDelegatedA // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -10942,9 +10972,8 @@ func (c *Organizations) ListDelegatedAdministratorsRequest(input *ListDelegatedA // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -11064,8 +11093,8 @@ func (c *Organizations) ListDelegatedAdministratorsRequest(input *ListDelegatedA // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - ServiceException // Organizations can't complete your request because of an internal service @@ -11264,7 +11293,7 @@ func (c *Organizations) ListDelegatedServicesForAccountRequest(input *ListDelega // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -11272,7 +11301,10 @@ func (c *Organizations) ListDelegatedServicesForAccountRequest(input *ListDelega // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -11339,9 +11371,8 @@ func (c *Organizations) ListDelegatedServicesForAccountRequest(input *ListDelega // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -11357,9 +11388,8 @@ func (c *Organizations) ListDelegatedServicesForAccountRequest(input *ListDelega // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -11479,8 +11509,8 @@ func (c *Organizations) ListDelegatedServicesForAccountRequest(input *ListDelega // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - ServiceException // Organizations can't complete your request because of an internal service @@ -11732,8 +11762,8 @@ func (c *Organizations) ListHandshakesForAccountRequest(input *ListHandshakesFor // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForAccount func (c *Organizations) ListHandshakesForAccount(input *ListHandshakesForAccountInput) (*ListHandshakesForAccountOutput, error) { @@ -11986,8 +12016,8 @@ func (c *Organizations) ListHandshakesForOrganizationRequest(input *ListHandshak // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForOrganization func (c *Organizations) ListHandshakesForOrganization(input *ListHandshakesForOrganizationInput) (*ListHandshakesForOrganizationOutput, error) { @@ -12232,8 +12262,8 @@ func (c *Organizations) ListOrganizationalUnitsForParentRequest(input *ListOrgan // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListOrganizationalUnitsForParent func (c *Organizations) ListOrganizationalUnitsForParent(input *ListOrganizationalUnitsForParentInput) (*ListOrganizationalUnitsForParentOutput, error) { @@ -12483,8 +12513,8 @@ func (c *Organizations) ListParentsRequest(input *ListParentsInput) (req *reques // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListParents func (c *Organizations) ListParents(input *ListParentsInput) (*ListParentsOutput, error) { @@ -12726,8 +12756,8 @@ func (c *Organizations) ListPoliciesRequest(input *ListPoliciesInput) (req *requ // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -12977,8 +13007,8 @@ func (c *Organizations) ListPoliciesForTargetRequest(input *ListPoliciesForTarge // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -13229,8 +13259,8 @@ func (c *Organizations) ListRootsRequest(input *ListRootsInput) (req *request.Re // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListRoots func (c *Organizations) ListRoots(input *ListRootsInput) (*ListRootsOutput, error) { @@ -13480,8 +13510,8 @@ func (c *Organizations) ListTagsForResourceRequest(input *ListTagsForResourceInp // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListTagsForResource func (c *Organizations) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { @@ -13727,8 +13757,8 @@ func (c *Organizations) ListTargetsForPolicyRequest(input *ListTargetsForPolicyI // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -13969,8 +13999,8 @@ func (c *Organizations) MoveAccountRequest(input *MoveAccountInput) (req *reques // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - ConcurrentModificationException // The target of the operation is currently being modified by a different request. @@ -14081,8 +14111,8 @@ func (c *Organizations) PutResourcePolicyRequest(input *PutResourcePolicyInput) // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - ConcurrentModificationException // The target of the operation is currently being modified by a different request. @@ -14198,7 +14228,7 @@ func (c *Organizations) PutResourcePolicyRequest(input *PutResourcePolicyInput) // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -14206,7 +14236,10 @@ func (c *Organizations) PutResourcePolicyRequest(input *PutResourcePolicyInput) // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -14273,9 +14306,8 @@ func (c *Organizations) PutResourcePolicyRequest(input *PutResourcePolicyInput) // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -14291,9 +14323,8 @@ func (c *Organizations) PutResourcePolicyRequest(input *PutResourcePolicyInput) // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -14478,7 +14509,7 @@ func (c *Organizations) RegisterDelegatedAdministratorRequest(input *RegisterDel // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -14486,7 +14517,10 @@ func (c *Organizations) RegisterDelegatedAdministratorRequest(input *RegisterDel // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -14553,9 +14587,8 @@ func (c *Organizations) RegisterDelegatedAdministratorRequest(input *RegisterDel // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -14571,9 +14604,8 @@ func (c *Organizations) RegisterDelegatedAdministratorRequest(input *RegisterDel // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -14693,8 +14725,8 @@ func (c *Organizations) RegisterDelegatedAdministratorRequest(input *RegisterDel // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - ServiceException // Organizations can't complete your request because of an internal service @@ -14784,15 +14816,8 @@ func (c *Organizations) RemoveAccountFromOrganizationRequest(input *RemoveAccoun // is configured with the information required to operate as a standalone // account. When you create an account in an organization using the Organizations // console, API, or CLI commands, the information required of standalone -// accounts is not automatically collected. For an account that you want -// to make standalone, you must choose a support plan, provide and verify -// the required contact information, and provide a current payment method. -// Amazon Web Services uses the payment method to charge for any billable -// (not free tier) Amazon Web Services activity that occurs while the account -// isn't attached to an organization. To remove an account that doesn't yet -// have this information, you must sign in as the member account and follow -// the steps at To leave an organization when all required account information -// has not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// accounts is not automatically collected. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - The account that you want to leave must not be a delegated administrator @@ -14866,7 +14891,7 @@ func (c *Organizations) RemoveAccountFromOrganizationRequest(input *RemoveAccoun // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -14874,7 +14899,10 @@ func (c *Organizations) RemoveAccountFromOrganizationRequest(input *RemoveAccoun // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -14941,9 +14969,8 @@ func (c *Organizations) RemoveAccountFromOrganizationRequest(input *RemoveAccoun // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -14959,9 +14986,8 @@ func (c *Organizations) RemoveAccountFromOrganizationRequest(input *RemoveAccoun // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -15090,8 +15116,8 @@ func (c *Organizations) RemoveAccountFromOrganizationRequest(input *RemoveAccoun // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/RemoveAccountFromOrganization func (c *Organizations) RemoveAccountFromOrganization(input *RemoveAccountFromOrganizationInput) (*RemoveAccountFromOrganizationOutput, error) { @@ -15171,7 +15197,9 @@ func (c *Organizations) TagResourceRequest(input *TagResourceInput) (req *reques // // - Policy (any type) // -// This operation can be called only from the organization's management account. +// This operation can be called only from the organization's management account +// or by a member account that is a delegated administrator for an Amazon Web +// Services service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15232,7 +15260,7 @@ func (c *Organizations) TagResourceRequest(input *TagResourceInput) (req *reques // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -15240,7 +15268,10 @@ func (c *Organizations) TagResourceRequest(input *TagResourceInput) (req *reques // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -15307,9 +15338,8 @@ func (c *Organizations) TagResourceRequest(input *TagResourceInput) (req *reques // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -15325,9 +15355,8 @@ func (c *Organizations) TagResourceRequest(input *TagResourceInput) (req *reques // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -15451,8 +15480,8 @@ func (c *Organizations) TagResourceRequest(input *TagResourceInput) (req *reques // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/TagResource func (c *Organizations) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { @@ -15532,7 +15561,9 @@ func (c *Organizations) UntagResourceRequest(input *UntagResourceInput) (req *re // // - Policy (any type) // -// This operation can be called only from the organization's management account. +// This operation can be called only from the organization's management account +// or by a member account that is a delegated administrator for an Amazon Web +// Services service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15593,7 +15624,7 @@ func (c *Organizations) UntagResourceRequest(input *UntagResourceInput) (req *re // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -15601,7 +15632,10 @@ func (c *Organizations) UntagResourceRequest(input *UntagResourceInput) (req *re // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -15668,9 +15702,8 @@ func (c *Organizations) UntagResourceRequest(input *UntagResourceInput) (req *re // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -15686,9 +15719,8 @@ func (c *Organizations) UntagResourceRequest(input *UntagResourceInput) (req *re // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -15812,8 +15844,8 @@ func (c *Organizations) UntagResourceRequest(input *UntagResourceInput) (req *re // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UntagResource func (c *Organizations) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { @@ -16003,8 +16035,8 @@ func (c *Organizations) UpdateOrganizationalUnitRequest(input *UpdateOrganizatio // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdateOrganizationalUnit func (c *Organizations) UpdateOrganizationalUnit(input *UpdateOrganizationalUnitInput) (*UpdateOrganizationalUnitOutput, error) { @@ -16075,7 +16107,9 @@ func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *requ // don't supply any parameter, that value remains unchanged. You can't change // a policy's type. // -// This operation can be called only from the organization's management account. +// This operation can be called only from the organization's management account +// or by a member account that is a delegated administrator for an Amazon Web +// Services service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16133,7 +16167,7 @@ func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *requ // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -16141,7 +16175,10 @@ func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *requ // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -16208,9 +16245,8 @@ func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *requ // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -16226,9 +16262,8 @@ func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *requ // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -16349,7 +16384,7 @@ func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *requ // - MalformedPolicyDocumentException // The provided policy document doesn't meet the requirements of the specified // policy type. For example, the syntax might be incorrect. For details about -// service control policy syntax, see Service Control Policy Syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) +// service control policy syntax, see SCP syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_syntax.html) // in the Organizations User Guide. // // - PolicyNotFoundException @@ -16364,8 +16399,8 @@ func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *requ // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. // // - UnsupportedAPIEndpointException // This action isn't available in the current Amazon Web Services Region. @@ -17048,7 +17083,7 @@ func (s *AccountNotRegisteredException) RequestID() string { // You can't invite an existing account to your organization until you verify // that you own the email address associated with the management account. For -// more information, see Email Address Verification (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_create.html#about-email-verification) +// more information, see Email address verification (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_create.html#about-email-verification) // in the Organizations User Guide. type AccountOwnerNotVerifiedException struct { _ struct{} `type:"structure"` @@ -17707,7 +17742,7 @@ func (s *ConflictException) RequestID() string { // // - ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -17715,7 +17750,10 @@ func (s *ConflictException) RequestID() string { // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, -// contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). +// contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). +// +// - CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot +// register a suspended account as a delegated administrator. // // - CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -17782,9 +17820,8 @@ func (s *ConflictException) RequestID() string { // // - MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment -// instrument, such as a credit card, with the account. Follow the steps -// at To leave an organization when all required account information has -// not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// instrument, such as a credit card, with the account. For more information, +// see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -17800,9 +17837,8 @@ func (s *ConflictException) RequestID() string { // // - MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, -// such as a credit card, with the account. Follow the steps at To leave -// an organization when all required account information has not yet been -// provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) +// such as a credit card, with the account. For more information, see Considerations +// before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // - MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -17953,8 +17989,8 @@ type CreateAccountInput struct { // If set to ALLOW, the new account enables IAM users to access account billing // information if they have the required permissions. If set to DENY, only the // root user of the new account can access account billing information. For - // more information, see Activating Access to the Billing and Cost Management - // Console (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) + // more information, see About IAM access to the Billing and Cost Management + // console (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) // in the Amazon Web Services Billing and Cost Management User Guide. // // If you don't specify this parameter, the value defaults to ALLOW, and IAM @@ -17973,12 +18009,12 @@ type CreateAccountInput struct { // For more information about how to use this role to access the member account, // see the following links: // - // * Accessing and Administering the Member Accounts in Your Organization + // * Creating the OrganizationAccountAccessRole in an invited member account // (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) // in the Organizations User Guide // - // * Steps 2 and 3 in Tutorial: Delegate Access Across Amazon Web Services - // accounts Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) + // * Steps 2 and 3 in IAM Tutorial: Delegate access across Amazon Web Services + // accounts using IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) // in the IAM User Guide // // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate @@ -18087,7 +18123,7 @@ type CreateAccountOutput struct { // returned CreateAccountStatus ID as a parameter to DescribeCreateAccountStatus // to get status about the progress of the request at later times. You can also // check the CloudTrail log for the CreateAccountResult event. For more information, - // see Monitoring the Activity in Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_monitoring.html) + // see Logging and monitoring in Organizations (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_security_incident-response.html) // in the Organizations User Guide. CreateAccountStatus *CreateAccountStatus `type:"structure"` } @@ -18398,8 +18434,8 @@ type CreateGovCloudAccountInput struct { // If set to ALLOW, the new linked account in the commercial Region enables // IAM users to access account billing information if they have the required // permissions. If set to DENY, only the root user of the new account can access - // account billing information. For more information, see Activating Access - // to the Billing and Cost Management Console (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) + // account billing information. For more information, see About IAM access to + // the Billing and Cost Management console (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) // in the Amazon Web Services Billing and Cost Management User Guide. // // If you don't specify this parameter, the value defaults to ALLOW, and IAM @@ -18419,11 +18455,15 @@ type CreateGovCloudAccountInput struct { // If you don't specify this parameter, the role name defaults to OrganizationAccountAccessRole. // // For more information about how to use this role to access the member account, - // see Accessing and Administering the Member Accounts in Your Organization - // (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) - // in the Organizations User Guide and steps 2 and 3 in Tutorial: Delegate Access - // Across Amazon Web Services accounts Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) - // in the IAM User Guide. + // see the following links: + // + // * Creating the OrganizationAccountAccessRole in an invited member account + // (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) + // in the Organizations User Guide + // + // * Steps 2 and 3 in IAM Tutorial: Delegate access across Amazon Web Services + // accounts using IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) + // in the IAM User Guide // // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate // this parameter. The pattern can include uppercase letters, lowercase letters, @@ -21471,7 +21511,7 @@ func (s *HandshakeAlreadyInStateException) RequestID() string { // accounts still count toward your limit. If you get this exception immediately // after creating the organization, wait one hour and try again. If after // an hour it continues to fail with this error, contact Amazon Web Services -// Support (https://docs.aws.amazon.com/support/home#/). +// Support (https://console.aws.amazon.com/support/home#/). // // - ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because // the invited account is already a member of an organization. @@ -24219,7 +24259,7 @@ func (s *ListTargetsForPolicyOutput) SetTargets(v []*PolicyTargetSummary) *ListT // The provided policy document doesn't meet the requirements of the specified // policy type. For example, the syntax might be incorrect. For details about -// service control policy syntax, see Service Control Policy Syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) +// service control policy syntax, see SCP syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_syntax.html) // in the Organizations User Guide. type MalformedPolicyDocumentException struct { _ struct{} `type:"structure"` @@ -24499,7 +24539,7 @@ type Organization struct { // If set to "ALL", then all features are enabled and policies can be applied // to accounts in the organization. If set to "CONSOLIDATED_BILLING", then only // consolidated billing functionality is available. For more information, see - // Enabling All Features in Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) + // Enabling all features in your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) // in the Organizations User Guide. FeatureSet *string `type:"string" enum:"OrganizationFeatureSet"` @@ -24593,8 +24633,7 @@ func (s *Organization) SetMasterAccountId(v string) *Organization { } // The organization isn't empty. To delete an organization, you must first remove -// all accounts except the management account, delete all OUs, and delete all -// policies. +// all accounts except the management account. type OrganizationNotEmptyException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -25511,7 +25550,7 @@ func (s *PolicyTypeAlreadyEnabledException) RequestID() string { // You can't use the specified policy type with the feature set currently enabled // for this organization. For example, you can enable SCPs only after you enable // all features in the organization. For more information, see Managing Organizations -// Policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)in +// policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)in // the Organizations User Guide. type PolicyTypeNotAvailableForOrganizationException struct { _ struct{} `type:"structure"` @@ -25578,8 +25617,8 @@ func (s *PolicyTypeNotAvailableForOrganizationException) RequestID() string { // The specified policy type isn't currently enabled in this root. You can't // attach policies of the specified type to entities in a root until you enable -// that type in the root. For more information, see Enabling All Features in -// Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) +// that type in the root. For more information, see Enabling all features in +// your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) // in the Organizations User Guide. type PolicyTypeNotEnabledException struct { _ struct{} `type:"structure"` @@ -25693,7 +25732,7 @@ type PutResourcePolicyInput struct { // If provided, the new content for the resource policy. The text must be correctly // formatted JSON that complies with the syntax for the resource policy's type. - // For more information, see Service Control Policy Syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) + // For more information, see SCP syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_syntax.html) // in the Organizations User Guide. // // Content is a required field @@ -26630,8 +26669,8 @@ func (s *TargetNotFoundException) RequestID() string { // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations -// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in -// the Organizations User Guide. +// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) +// in the Organizations User Guide. type TooManyRequestsException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -26961,7 +27000,7 @@ type UpdatePolicyInput struct { // If provided, the new content for the policy. The text must be correctly formatted // JSON that complies with the syntax for the policy's type. For more information, - // see Service Control Policy Syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) + // see SCP syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_syntax.html) // in the Organizations User Guide. Content *string `min:"1" type:"string"` diff --git a/service/organizations/doc.go b/service/organizations/doc.go index ef00291ac36..37b53bed9a7 100644 --- a/service/organizations/doc.go +++ b/service/organizations/doc.go @@ -49,7 +49,7 @@ // an Amazon S3 bucket. By using information collected by CloudTrail, you can // determine which requests the Organizations service received, who made the // request and when, and so on. For more about Organizations and its support -// for CloudTrail, see Logging Organizations Events with CloudTrail (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_incident-response.html#orgs_cloudtrail-integration) +// for CloudTrail, see Logging Organizations API calls with CloudTrail (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_incident-response.html#orgs_cloudtrail-integration) // in the Organizations User Guide. To learn more about CloudTrail, including // how to turn it on and find your log files, see the CloudTrail User Guide // (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html). diff --git a/service/organizations/errors.go b/service/organizations/errors.go index 70a0d294cb9..01a0e1ec3f6 100644 --- a/service/organizations/errors.go +++ b/service/organizations/errors.go @@ -66,7 +66,7 @@ const ( // // You can't invite an existing account to your organization until you verify // that you own the email address associated with the management account. For - // more information, see Email Address Verification (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_create.html#about-email-verification) + // more information, see Email address verification (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_create.html#about-email-verification) // in the Organizations User Guide. ErrCodeAccountOwnerNotVerifiedException = "AccountOwnerNotVerifiedException" @@ -132,7 +132,7 @@ const ( // // * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on // the number of accounts in an organization. If you need more accounts, - // contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/) + // contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/) // to request an increase in your limit. Or the number of invitations that // you tried to send would cause you to exceed the limit of accounts in your // organization. Send fewer invitations or contact Amazon Web Services Support @@ -140,7 +140,10 @@ const ( // still count toward your limit. If you get this exception when running // a command immediately after creating the organization, wait one hour and // try again. After an hour, if the command continues to fail with this error, - // contact Amazon Web Services Support (https://docs.aws.amazon.com/support/home#/). + // contact Amazon Web Services Support (https://console.aws.amazon.com/support/home#/). + // + // * CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot + // register a suspended account as a delegated administrator. // // * CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to // register the management account of the organization as a delegated administrator @@ -207,9 +210,8 @@ const ( // // * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization // with this management account, you first must associate a valid payment - // instrument, such as a credit card, with the account. Follow the steps - // at To leave an organization when all required account information has - // not yet been provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) + // instrument, such as a credit card, with the account. For more information, + // see Considerations before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // * MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted @@ -225,9 +227,8 @@ const ( // // * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation // with this member account, you first must associate a valid payment instrument, - // such as a credit card, with the account. Follow the steps at To leave - // an organization when all required account information has not yet been - // provided (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) + // such as a credit card, with the account. For more information, see Considerations + // before removing an account from an organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_account-before-remove.html) // in the Organizations User Guide. // // * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a @@ -352,7 +353,7 @@ const ( // accounts still count toward your limit. If you get this exception immediately // after creating the organization, wait one hour and try again. If after // an hour it continues to fail with this error, contact Amazon Web Services - // Support (https://docs.aws.amazon.com/support/home#/). + // Support (https://console.aws.amazon.com/support/home#/). // // * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because // the invited account is already a member of an organization. @@ -486,7 +487,7 @@ const ( // // The provided policy document doesn't meet the requirements of the specified // policy type. For example, the syntax might be incorrect. For details about - // service control policy syntax, see Service Control Policy Syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) + // service control policy syntax, see SCP syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_syntax.html) // in the Organizations User Guide. ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocumentException" @@ -502,8 +503,7 @@ const ( // "OrganizationNotEmptyException". // // The organization isn't empty. To delete an organization, you must first remove - // all accounts except the management account, delete all OUs, and delete all - // policies. + // all accounts except the management account. ErrCodeOrganizationNotEmptyException = "OrganizationNotEmptyException" // ErrCodeOrganizationalUnitNotEmptyException for service response error code @@ -563,7 +563,7 @@ const ( // You can't use the specified policy type with the feature set currently enabled // for this organization. For example, you can enable SCPs only after you enable // all features in the organization. For more information, see Managing Organizations - // Policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)in + // policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)in // the Organizations User Guide. ErrCodePolicyTypeNotAvailableForOrganizationException = "PolicyTypeNotAvailableForOrganizationException" @@ -572,8 +572,8 @@ const ( // // The specified policy type isn't currently enabled in this root. You can't // attach policies of the specified type to entities in a root until you enable - // that type in the root. For more information, see Enabling All Features in - // Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) + // that type in the root. For more information, see Enabling all features in + // your organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) // in the Organizations User Guide. ErrCodePolicyTypeNotEnabledException = "PolicyTypeNotEnabledException" @@ -615,8 +615,8 @@ const ( // helps protect against denial-of-service attacks. Try again later. // // For information about quotas that affect Organizations, see Quotas for Organizations - // (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in - // the Organizations User Guide. + // (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) + // in the Organizations User Guide. ErrCodeTooManyRequestsException = "TooManyRequestsException" // ErrCodeUnsupportedAPIEndpointException for service response error code diff --git a/service/servicequotas/api.go b/service/servicequotas/api.go index 042c98ebf31..fd8685e2cc9 100644 --- a/service/servicequotas/api.go +++ b/service/servicequotas/api.go @@ -58,9 +58,9 @@ func (c *ServiceQuotas) AssociateServiceQuotaTemplateRequest(input *AssociateSer // AssociateServiceQuotaTemplate API operation for Service Quotas. // // Associates your quota request template with your organization. When a new -// account is created in your organization, the quota increase requests in the -// template are automatically applied to the account. You can add a quota increase -// request for any adjustable quota to your template. +// Amazon Web Services account is created in your organization, the quota increase +// requests in the template are automatically applied to the account. You can +// add a quota increase request for any adjustable quota to your template. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -89,13 +89,15 @@ func (c *ServiceQuotas) AssociateServiceQuotaTemplateRequest(input *AssociateSer // Quotas is enabled in your organization. // // - OrganizationNotInAllFeaturesModeException -// The organization that your account belongs to is not in All Features mode. +// The organization that your Amazon Web Services account belongs to is not +// in All Features mode. // // - TemplatesNotAvailableInRegionException -// The Service Quotas template is not available in this AWS Region. +// The Service Quotas template is not available in this Amazon Web Services +// Region. // // - NoAvailableOrganizationException -// The account making this call is not a member of an organization. +// The Amazon Web Services account making this call is not a member of an organization. // // See also, https://docs.aws.amazon.com/goto/WebAPI/service-quotas-2019-06-24/AssociateServiceQuotaTemplate func (c *ServiceQuotas) AssociateServiceQuotaTemplate(input *AssociateServiceQuotaTemplateInput) (*AssociateServiceQuotaTemplateOutput, error) { @@ -199,10 +201,11 @@ func (c *ServiceQuotas) DeleteServiceQuotaIncreaseRequestFromTemplateRequest(inp // Quotas is enabled in your organization. // // - TemplatesNotAvailableInRegionException -// The Service Quotas template is not available in this AWS Region. +// The Service Quotas template is not available in this Amazon Web Services +// Region. // // - NoAvailableOrganizationException -// The account making this call is not a member of an organization. +// The Amazon Web Services account making this call is not a member of an organization. // // See also, https://docs.aws.amazon.com/goto/WebAPI/service-quotas-2019-06-24/DeleteServiceQuotaIncreaseRequestFromTemplate func (c *ServiceQuotas) DeleteServiceQuotaIncreaseRequestFromTemplate(input *DeleteServiceQuotaIncreaseRequestFromTemplateInput) (*DeleteServiceQuotaIncreaseRequestFromTemplateOutput, error) { @@ -271,9 +274,9 @@ func (c *ServiceQuotas) DisassociateServiceQuotaTemplateRequest(input *Disassoci // DisassociateServiceQuotaTemplate API operation for Service Quotas. // // Disables your quota request template. After a template is disabled, the quota -// increase requests in the template are not applied to new accounts in your -// organization. Disabling a quota request template does not apply its quota -// increase requests. +// increase requests in the template are not applied to new Amazon Web Services +// accounts in your organization. Disabling a quota request template does not +// apply its quota increase requests. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -305,10 +308,11 @@ func (c *ServiceQuotas) DisassociateServiceQuotaTemplateRequest(input *Disassoci // Quotas is enabled in your organization. // // - TemplatesNotAvailableInRegionException -// The Service Quotas template is not available in this AWS Region. +// The Service Quotas template is not available in this Amazon Web Services +// Region. // // - NoAvailableOrganizationException -// The account making this call is not a member of an organization. +// The Amazon Web Services account making this call is not a member of an organization. // // See also, https://docs.aws.amazon.com/goto/WebAPI/service-quotas-2019-06-24/DisassociateServiceQuotaTemplate func (c *ServiceQuotas) DisassociateServiceQuotaTemplate(input *DisassociateServiceQuotaTemplateInput) (*DisassociateServiceQuotaTemplateOutput, error) { @@ -500,10 +504,11 @@ func (c *ServiceQuotas) GetAssociationForServiceQuotaTemplateRequest(input *GetA // Quotas is enabled in your organization. // // - TemplatesNotAvailableInRegionException -// The Service Quotas template is not available in this AWS Region. +// The Service Quotas template is not available in this Amazon Web Services +// Region. // // - NoAvailableOrganizationException -// The account making this call is not a member of an organization. +// The Amazon Web Services account making this call is not a member of an organization. // // See also, https://docs.aws.amazon.com/goto/WebAPI/service-quotas-2019-06-24/GetAssociationForServiceQuotaTemplate func (c *ServiceQuotas) GetAssociationForServiceQuotaTemplate(input *GetAssociationForServiceQuotaTemplateInput) (*GetAssociationForServiceQuotaTemplateOutput, error) { @@ -792,10 +797,11 @@ func (c *ServiceQuotas) GetServiceQuotaIncreaseRequestFromTemplateRequest(input // Quotas is enabled in your organization. // // - TemplatesNotAvailableInRegionException -// The Service Quotas template is not available in this AWS Region. +// The Service Quotas template is not available in this Amazon Web Services +// Region. // // - NoAvailableOrganizationException -// The account making this call is not a member of an organization. +// The Amazon Web Services account making this call is not a member of an organization. // // See also, https://docs.aws.amazon.com/goto/WebAPI/service-quotas-2019-06-24/GetServiceQuotaIncreaseRequestFromTemplate func (c *ServiceQuotas) GetServiceQuotaIncreaseRequestFromTemplate(input *GetServiceQuotaIncreaseRequestFromTemplateInput) (*GetServiceQuotaIncreaseRequestFromTemplateOutput, error) { @@ -868,8 +874,8 @@ func (c *ServiceQuotas) ListAWSDefaultServiceQuotasRequest(input *ListAWSDefault // ListAWSDefaultServiceQuotas API operation for Service Quotas. // -// Lists the default values for the quotas for the specified AWS service. A -// default value does not reflect any quota increases. +// Lists the default values for the quotas for the specified Amazon Web Service. +// A default value does not reflect any quota increases. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1021,7 +1027,7 @@ func (c *ServiceQuotas) ListRequestedServiceQuotaChangeHistoryRequest(input *Lis // ListRequestedServiceQuotaChangeHistory API operation for Service Quotas. // -// Retrieves the quota increase requests for the specified service. +// Retrieves the quota increase requests for the specified Amazon Web Service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1357,10 +1363,11 @@ func (c *ServiceQuotas) ListServiceQuotaIncreaseRequestsInTemplateRequest(input // Quotas is enabled in your organization. // // - TemplatesNotAvailableInRegionException -// The Service Quotas template is not available in this AWS Region. +// The Service Quotas template is not available in this Amazon Web Services +// Region. // // - NoAvailableOrganizationException -// The account making this call is not a member of an organization. +// The Amazon Web Services account making this call is not a member of an organization. // // See also, https://docs.aws.amazon.com/goto/WebAPI/service-quotas-2019-06-24/ListServiceQuotaIncreaseRequestsInTemplate func (c *ServiceQuotas) ListServiceQuotaIncreaseRequestsInTemplate(input *ListServiceQuotaIncreaseRequestsInTemplateInput) (*ListServiceQuotaIncreaseRequestsInTemplateOutput, error) { @@ -1484,9 +1491,9 @@ func (c *ServiceQuotas) ListServiceQuotasRequest(input *ListServiceQuotasInput) // ListServiceQuotas API operation for Service Quotas. // -// Lists the applied quota values for the specified AWS service. For some quotas, -// only the default values are available. If the applied quota value is not -// available for a quota, the quota is not retrieved. +// Lists the applied quota values for the specified Amazon Web Service. For +// some quotas, only the default values are available. If the applied quota +// value is not available for a quota, the quota is not retrieved. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1638,7 +1645,8 @@ func (c *ServiceQuotas) ListServicesRequest(input *ListServicesInput) (req *requ // ListServices API operation for Service Quotas. // -// Lists the names and codes for the services integrated with Service Quotas. +// Lists the names and codes for the Amazon Web Services integrated with Service +// Quotas. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1913,10 +1921,11 @@ func (c *ServiceQuotas) PutServiceQuotaIncreaseRequestIntoTemplateRequest(input // Quotas is enabled in your organization. // // - TemplatesNotAvailableInRegionException -// The Service Quotas template is not available in this AWS Region. +// The Service Quotas template is not available in this Amazon Web Services +// Region. // // - NoAvailableOrganizationException -// The account making this call is not a member of an organization. +// The Amazon Web Services account making this call is not a member of an organization. // // See also, https://docs.aws.amazon.com/goto/WebAPI/service-quotas-2019-06-24/PutServiceQuotaIncreaseRequestIntoTemplate func (c *ServiceQuotas) PutServiceQuotaIncreaseRequestIntoTemplate(input *PutServiceQuotaIncreaseRequestIntoTemplateInput) (*PutServiceQuotaIncreaseRequestIntoTemplateOutput, error) { @@ -2418,17 +2427,20 @@ func (s AssociateServiceQuotaTemplateOutput) GoString() string { type DeleteServiceQuotaIncreaseRequestFromTemplateInput struct { _ struct{} `type:"structure"` - // The AWS Region. + // Specifies the Amazon Web Services Region for which the request was made. // // AwsRegion is a required field AwsRegion *string `min:"1" type:"string" required:"true"` - // The quota identifier. + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. // // QuotaCode is a required field QuotaCode *string `min:"1" type:"string" required:"true"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. // // ServiceCode is a required field ServiceCode *string `min:"1" type:"string" required:"true"` @@ -2636,11 +2648,12 @@ type ErrorReason struct { // // * DEPENDENCY_ACCESS_DENIED_ERROR - The caller does not have the required // permissions to complete the action. To resolve the error, you must have - // permission to access the service or quota. + // permission to access the Amazon Web Service or quota. // - // * DEPENDENCY_THROTTLING_ERROR - The service is throttling Service Quotas. + // * DEPENDENCY_THROTTLING_ERROR - The Amazon Web Service is throttling Service + // Quotas. // - // * DEPENDENCY_SERVICE_ERROR - The service is not available. + // * DEPENDENCY_SERVICE_ERROR - The Amazon Web Service is not available. // // * SERVICE_QUOTA_NOT_AVAILABLE_ERROR - There was an error in Service Quotas. ErrorCode *string `type:"string" enum:"ErrorCode"` @@ -2682,12 +2695,15 @@ func (s *ErrorReason) SetErrorMessage(v string) *ErrorReason { type GetAWSDefaultServiceQuotaInput struct { _ struct{} `type:"structure"` - // The quota identifier. + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. // // QuotaCode is a required field QuotaCode *string `min:"1" type:"string" required:"true"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. // // ServiceCode is a required field ServiceCode *string `min:"1" type:"string" required:"true"` @@ -2802,7 +2818,8 @@ type GetAssociationForServiceQuotaTemplateOutput struct { _ struct{} `type:"structure"` // The association status. If the status is ASSOCIATED, the quota increase requests - // in the template are automatically applied to new accounts in your organization. + // in the template are automatically applied to new Amazon Web Services accounts + // in your organization. ServiceQuotaTemplateAssociationStatus *string `type:"string" enum:"ServiceQuotaTemplateAssociationStatus"` } @@ -2833,7 +2850,7 @@ func (s *GetAssociationForServiceQuotaTemplateOutput) SetServiceQuotaTemplateAss type GetRequestedServiceQuotaChangeInput struct { _ struct{} `type:"structure"` - // The ID of the quota increase request. + // Specifies the ID of the quota increase request. // // RequestId is a required field RequestId *string `min:"1" type:"string" required:"true"` @@ -2913,17 +2930,20 @@ func (s *GetRequestedServiceQuotaChangeOutput) SetRequestedQuota(v *RequestedSer type GetServiceQuotaIncreaseRequestFromTemplateInput struct { _ struct{} `type:"structure"` - // The AWS Region. + // Specifies the Amazon Web Services Region for which you made the request. // // AwsRegion is a required field AwsRegion *string `min:"1" type:"string" required:"true"` - // The quota identifier. + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. // // QuotaCode is a required field QuotaCode *string `min:"1" type:"string" required:"true"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. // // ServiceCode is a required field ServiceCode *string `min:"1" type:"string" required:"true"` @@ -3027,12 +3047,20 @@ func (s *GetServiceQuotaIncreaseRequestFromTemplateOutput) SetServiceQuotaIncrea type GetServiceQuotaInput struct { _ struct{} `type:"structure"` - // The quota identifier. + // Specifies the Amazon Web Services account or resource to which the quota + // applies. The value in this field depends on the context scope associated + // with the specified service quota. + ContextId *string `type:"string"` + + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. // // QuotaCode is a required field QuotaCode *string `min:"1" type:"string" required:"true"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. // // ServiceCode is a required field ServiceCode *string `min:"1" type:"string" required:"true"` @@ -3078,6 +3106,12 @@ func (s *GetServiceQuotaInput) Validate() error { return nil } +// SetContextId sets the ContextId field's value. +func (s *GetServiceQuotaInput) SetContextId(v string) *GetServiceQuotaInput { + s.ContextId = &v + return s +} + // SetQuotaCode sets the QuotaCode field's value. func (s *GetServiceQuotaInput) SetQuotaCode(v string) *GetServiceQuotaInput { s.QuotaCode = &v @@ -3316,15 +3350,26 @@ func (s *InvalidResourceStateException) RequestID() string { type ListAWSDefaultServiceQuotasInput struct { _ struct{} `type:"structure"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, if any, make another call with the token returned from - // this call. + // Specifies the maximum number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // appropriate to the operation. If additional items exist beyond those included + // in the current response, the NextToken response element is present and has + // a value (is not null). Include that value as the NextToken request parameter + // in the next call to the operation to get the next part of the results. + // + // An API operation can return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // Specifies a value for receiving additional results after you receive a NextToken + // response in a previous request. A NextToken response indicates that more + // output is available. Set this parameter to the value of the previous call's + // NextToken response to indicate where the output should continue from. NextToken *string `type:"string"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. // // ServiceCode is a required field ServiceCode *string `min:"1" type:"string" required:"true"` @@ -3388,8 +3433,10 @@ func (s *ListAWSDefaultServiceQuotasInput) SetServiceCode(v string) *ListAWSDefa type ListAWSDefaultServiceQuotasOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // If present, indicates that more output is available than is included in the + // current response. Use this value in the NextToken request parameter in a + // subsequent call to the operation to get the next part of the output. You + // should repeat this until the NextToken response element comes back as null. NextToken *string `type:"string"` // Information about the quotas. @@ -3429,25 +3476,43 @@ func (s *ListAWSDefaultServiceQuotasOutput) SetQuotas(v []*ServiceQuota) *ListAW type ListRequestedServiceQuotaChangeHistoryByQuotaInput struct { _ struct{} `type:"structure"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, if any, make another call with the token returned from - // this call. + // Specifies the maximum number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // appropriate to the operation. If additional items exist beyond those included + // in the current response, the NextToken response element is present and has + // a value (is not null). Include that value as the NextToken request parameter + // in the next call to the operation to get the next part of the results. + // + // An API operation can return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // Specifies a value for receiving additional results after you receive a NextToken + // response in a previous request. A NextToken response indicates that more + // output is available. Set this parameter to the value of the previous call's + // NextToken response to indicate where the output should continue from. NextToken *string `type:"string"` - // The quota identifier. + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. // // QuotaCode is a required field QuotaCode *string `min:"1" type:"string" required:"true"` - // The service identifier. + // Specifies at which level within the Amazon Web Services account the quota + // request applies to. + QuotaRequestedAtLevel *string `type:"string" enum:"AppliedLevelEnum"` + + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. // // ServiceCode is a required field ServiceCode *string `min:"1" type:"string" required:"true"` - // The status value of the quota increase request. + // Specifies that you want to filter the results to only the requests with the + // matching status. Status *string `type:"string" enum:"RequestStatus"` } @@ -3512,6 +3577,12 @@ func (s *ListRequestedServiceQuotaChangeHistoryByQuotaInput) SetQuotaCode(v stri return s } +// SetQuotaRequestedAtLevel sets the QuotaRequestedAtLevel field's value. +func (s *ListRequestedServiceQuotaChangeHistoryByQuotaInput) SetQuotaRequestedAtLevel(v string) *ListRequestedServiceQuotaChangeHistoryByQuotaInput { + s.QuotaRequestedAtLevel = &v + return s +} + // SetServiceCode sets the ServiceCode field's value. func (s *ListRequestedServiceQuotaChangeHistoryByQuotaInput) SetServiceCode(v string) *ListRequestedServiceQuotaChangeHistoryByQuotaInput { s.ServiceCode = &v @@ -3527,8 +3598,10 @@ func (s *ListRequestedServiceQuotaChangeHistoryByQuotaInput) SetStatus(v string) type ListRequestedServiceQuotaChangeHistoryByQuotaOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // If present, indicates that more output is available than is included in the + // current response. Use this value in the NextToken request parameter in a + // subsequent call to the operation to get the next part of the output. You + // should repeat this until the NextToken response element comes back as null. NextToken *string `type:"string"` // Information about the quota increase requests. @@ -3568,18 +3641,34 @@ func (s *ListRequestedServiceQuotaChangeHistoryByQuotaOutput) SetRequestedQuotas type ListRequestedServiceQuotaChangeHistoryInput struct { _ struct{} `type:"structure"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, if any, make another call with the token returned from - // this call. + // Specifies the maximum number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // appropriate to the operation. If additional items exist beyond those included + // in the current response, the NextToken response element is present and has + // a value (is not null). Include that value as the NextToken request parameter + // in the next call to the operation to get the next part of the results. + // + // An API operation can return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // Specifies a value for receiving additional results after you receive a NextToken + // response in a previous request. A NextToken response indicates that more + // output is available. Set this parameter to the value of the previous call's + // NextToken response to indicate where the output should continue from. NextToken *string `type:"string"` - // The service identifier. + // Specifies at which level within the Amazon Web Services account the quota + // request applies to. + QuotaRequestedAtLevel *string `type:"string" enum:"AppliedLevelEnum"` + + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. ServiceCode *string `min:"1" type:"string"` - // The status of the quota increase request. + // Specifies that you want to filter the results to only the requests with the + // matching status. Status *string `type:"string" enum:"RequestStatus"` } @@ -3629,6 +3718,12 @@ func (s *ListRequestedServiceQuotaChangeHistoryInput) SetNextToken(v string) *Li return s } +// SetQuotaRequestedAtLevel sets the QuotaRequestedAtLevel field's value. +func (s *ListRequestedServiceQuotaChangeHistoryInput) SetQuotaRequestedAtLevel(v string) *ListRequestedServiceQuotaChangeHistoryInput { + s.QuotaRequestedAtLevel = &v + return s +} + // SetServiceCode sets the ServiceCode field's value. func (s *ListRequestedServiceQuotaChangeHistoryInput) SetServiceCode(v string) *ListRequestedServiceQuotaChangeHistoryInput { s.ServiceCode = &v @@ -3644,8 +3739,10 @@ func (s *ListRequestedServiceQuotaChangeHistoryInput) SetStatus(v string) *ListR type ListRequestedServiceQuotaChangeHistoryOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // If present, indicates that more output is available than is included in the + // current response. Use this value in the NextToken request parameter in a + // subsequent call to the operation to get the next part of the output. You + // should repeat this until the NextToken response element comes back as null. NextToken *string `type:"string"` // Information about the quota increase requests. @@ -3685,18 +3782,29 @@ func (s *ListRequestedServiceQuotaChangeHistoryOutput) SetRequestedQuotas(v []*R type ListServiceQuotaIncreaseRequestsInTemplateInput struct { _ struct{} `type:"structure"` - // The AWS Region. + // Specifies the Amazon Web Services Region for which you made the request. AwsRegion *string `min:"1" type:"string"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, if any, make another call with the token returned from - // this call. + // Specifies the maximum number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // appropriate to the operation. If additional items exist beyond those included + // in the current response, the NextToken response element is present and has + // a value (is not null). Include that value as the NextToken request parameter + // in the next call to the operation to get the next part of the results. + // + // An API operation can return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // Specifies a value for receiving additional results after you receive a NextToken + // response in a previous request. A NextToken response indicates that more + // output is available. Set this parameter to the value of the previous call's + // NextToken response to indicate where the output should continue from. NextToken *string `type:"string"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. ServiceCode *string `min:"1" type:"string"` } @@ -3764,8 +3872,10 @@ func (s *ListServiceQuotaIncreaseRequestsInTemplateInput) SetServiceCode(v strin type ListServiceQuotaIncreaseRequestsInTemplateOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // If present, indicates that more output is available than is included in the + // current response. Use this value in the NextToken request parameter in a + // subsequent call to the operation to get the next part of the output. You + // should repeat this until the NextToken response element comes back as null. NextToken *string `type:"string"` // Information about the quota increase requests. @@ -3805,15 +3915,34 @@ func (s *ListServiceQuotaIncreaseRequestsInTemplateOutput) SetServiceQuotaIncrea type ListServiceQuotasInput struct { _ struct{} `type:"structure"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, if any, make another call with the token returned from - // this call. + // Specifies the maximum number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // appropriate to the operation. If additional items exist beyond those included + // in the current response, the NextToken response element is present and has + // a value (is not null). Include that value as the NextToken request parameter + // in the next call to the operation to get the next part of the results. + // + // An API operation can return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // Specifies a value for receiving additional results after you receive a NextToken + // response in a previous request. A NextToken response indicates that more + // output is available. Set this parameter to the value of the previous call's + // NextToken response to indicate where the output should continue from. NextToken *string `type:"string"` - // The service identifier. + // Specifies at which level of granularity that the quota value is applied. + QuotaAppliedAtLevel *string `type:"string" enum:"AppliedLevelEnum"` + + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. + QuotaCode *string `min:"1" type:"string"` + + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. // // ServiceCode is a required field ServiceCode *string `min:"1" type:"string" required:"true"` @@ -3843,6 +3972,9 @@ func (s *ListServiceQuotasInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } + if s.QuotaCode != nil && len(*s.QuotaCode) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QuotaCode", 1)) + } if s.ServiceCode == nil { invalidParams.Add(request.NewErrParamRequired("ServiceCode")) } @@ -3868,6 +4000,18 @@ func (s *ListServiceQuotasInput) SetNextToken(v string) *ListServiceQuotasInput return s } +// SetQuotaAppliedAtLevel sets the QuotaAppliedAtLevel field's value. +func (s *ListServiceQuotasInput) SetQuotaAppliedAtLevel(v string) *ListServiceQuotasInput { + s.QuotaAppliedAtLevel = &v + return s +} + +// SetQuotaCode sets the QuotaCode field's value. +func (s *ListServiceQuotasInput) SetQuotaCode(v string) *ListServiceQuotasInput { + s.QuotaCode = &v + return s +} + // SetServiceCode sets the ServiceCode field's value. func (s *ListServiceQuotasInput) SetServiceCode(v string) *ListServiceQuotasInput { s.ServiceCode = &v @@ -3877,8 +4021,10 @@ func (s *ListServiceQuotasInput) SetServiceCode(v string) *ListServiceQuotasInpu type ListServiceQuotasOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // If present, indicates that more output is available than is included in the + // current response. Use this value in the NextToken request parameter in a + // subsequent call to the operation to get the next part of the output. You + // should repeat this until the NextToken response element comes back as null. NextToken *string `type:"string"` // Information about the quotas. @@ -3918,12 +4064,22 @@ func (s *ListServiceQuotasOutput) SetQuotas(v []*ServiceQuota) *ListServiceQuota type ListServicesInput struct { _ struct{} `type:"structure"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, if any, make another call with the token returned from - // this call. + // Specifies the maximum number of results that you want included on each page + // of the response. If you do not include this parameter, it defaults to a value + // appropriate to the operation. If additional items exist beyond those included + // in the current response, the NextToken response element is present and has + // a value (is not null). Include that value as the NextToken request parameter + // in the next call to the operation to get the next part of the results. + // + // An API operation can return fewer results than the maximum even when there + // are more results available. You should check NextToken after every operation + // to ensure that you receive all of the results. MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // Specifies a value for receiving additional results after you receive a NextToken + // response in a previous request. A NextToken response indicates that more + // output is available. Set this parameter to the value of the previous call's + // NextToken response to indicate where the output should continue from. NextToken *string `type:"string"` } @@ -3973,11 +4129,13 @@ func (s *ListServicesInput) SetNextToken(v string) *ListServicesInput { type ListServicesOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // If present, indicates that more output is available than is included in the + // current response. Use this value in the NextToken request parameter in a + // subsequent call to the operation to get the next part of the output. You + // should repeat this until the NextToken response element comes back as null. NextToken *string `type:"string"` - // Information about the services. + // The list of the Amazon Web Service names and service codes. Services []*ServiceInfo `type:"list"` } @@ -4017,8 +4175,8 @@ type ListTagsForResourceInput struct { // The Amazon Resource Name (ARN) for the applied quota for which you want to // list tags. You can get this information by using the Service Quotas console, // or by listing the quotas using the list-service-quotas (https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html) - // AWS CLI command or the ListServiceQuotas (https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotas.html) - // AWS API operation. + // CLI command or the ListServiceQuotas (https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotas.html) + // Amazon Web Services API operation. // // ResourceARN is a required field ResourceARN *string `min:"1" type:"string" required:"true"` @@ -4155,7 +4313,7 @@ func (s *MetricInfo) SetMetricStatisticRecommendation(v string) *MetricInfo { return s } -// The account making this call is not a member of an organization. +// The Amazon Web Services account making this call is not a member of an organization. type NoAvailableOrganizationException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -4283,7 +4441,8 @@ func (s *NoSuchResourceException) RequestID() string { return s.RespMetadata.RequestID } -// The organization that your account belongs to is not in All Features mode. +// The organization that your Amazon Web Services account belongs to is not +// in All Features mode. type OrganizationNotInAllFeaturesModeException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -4350,22 +4509,25 @@ func (s *OrganizationNotInAllFeaturesModeException) RequestID() string { type PutServiceQuotaIncreaseRequestIntoTemplateInput struct { _ struct{} `type:"structure"` - // The AWS Region. + // Specifies the Amazon Web Services Region to which the template applies. // // AwsRegion is a required field AwsRegion *string `min:"1" type:"string" required:"true"` - // The new, increased value for the quota. + // Specifies the new, increased value for the quota. // // DesiredValue is a required field DesiredValue *float64 `type:"double" required:"true"` - // The quota identifier. + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. // // QuotaCode is a required field QuotaCode *string `min:"1" type:"string" required:"true"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. // // ServiceCode is a required field ServiceCode *string `min:"1" type:"string" required:"true"` @@ -4475,6 +4637,61 @@ func (s *PutServiceQuotaIncreaseRequestIntoTemplateOutput) SetServiceQuotaIncrea return s } +// A structure that describes the context for a service quota. The context identifies +// what the quota applies to. +type QuotaContextInfo struct { + _ struct{} `type:"structure"` + + // Specifies the Amazon Web Services account or resource to which the quota + // applies. The value in this field depends on the context scope associated + // with the specified service quota. + ContextId *string `type:"string"` + + // Specifies whether the quota applies to an Amazon Web Services account, or + // to a resource. + ContextScope *string `type:"string" enum:"QuotaContextScope"` + + // When the ContextScope is RESOURCE, then this specifies the resource type + // of the specified resource. + ContextScopeType *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s QuotaContextInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s QuotaContextInfo) GoString() string { + return s.String() +} + +// SetContextId sets the ContextId field's value. +func (s *QuotaContextInfo) SetContextId(v string) *QuotaContextInfo { + s.ContextId = &v + return s +} + +// SetContextScope sets the ContextScope field's value. +func (s *QuotaContextInfo) SetContextScope(v string) *QuotaContextInfo { + s.ContextScope = &v + return s +} + +// SetContextScopeType sets the ContextScopeType field's value. +func (s *QuotaContextInfo) SetContextScopeType(v string) *QuotaContextInfo { + s.ContextScopeType = &v + return s +} + // You have exceeded your service quota. To perform the requested action, remove // some of the relevant resources, or use Service Quotas to request a service // quota increase. @@ -4548,7 +4765,7 @@ type QuotaPeriod struct { // The time unit. PeriodUnit *string `type:"string" enum:"PeriodUnit"` - // The value. + // The value associated with the reported PeriodUnit. PeriodValue *int64 `type:"integer"` } @@ -4585,17 +4802,25 @@ func (s *QuotaPeriod) SetPeriodValue(v int64) *QuotaPeriod { type RequestServiceQuotaIncreaseInput struct { _ struct{} `type:"structure"` - // The new, increased value for the quota. + // Specifies the Amazon Web Services account or resource to which the quota + // applies. The value in this field depends on the context scope associated + // with the specified service quota. + ContextId *string `type:"string"` + + // Specifies the new, increased value for the quota. // // DesiredValue is a required field DesiredValue *float64 `type:"double" required:"true"` - // The quota identifier. + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. // // QuotaCode is a required field QuotaCode *string `min:"1" type:"string" required:"true"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. // // ServiceCode is a required field ServiceCode *string `min:"1" type:"string" required:"true"` @@ -4644,6 +4869,12 @@ func (s *RequestServiceQuotaIncreaseInput) Validate() error { return nil } +// SetContextId sets the ContextId field's value. +func (s *RequestServiceQuotaIncreaseInput) SetContextId(v string) *RequestServiceQuotaIncreaseInput { + s.ContextId = &v + return s +} + // SetDesiredValue sets the DesiredValue field's value. func (s *RequestServiceQuotaIncreaseInput) SetDesiredValue(v float64) *RequestServiceQuotaIncreaseInput { s.DesiredValue = &v @@ -4719,19 +4950,29 @@ type RequestedServiceQuotaChange struct { // The Amazon Resource Name (ARN) of the quota. QuotaArn *string `type:"string"` - // The quota identifier. + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. QuotaCode *string `min:"1" type:"string"` - // The quota name. + // The context for this service quota. + QuotaContext *QuotaContextInfo `type:"structure"` + + // Specifies the quota name. QuotaName *string `type:"string"` + // Specifies at which level within the Amazon Web Services account the quota + // request applies to. + QuotaRequestedAtLevel *string `type:"string" enum:"AppliedLevelEnum"` + // The IAM identity of the requester. Requester *string `type:"string"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. ServiceCode *string `min:"1" type:"string"` - // The service name. + // Specifies the service name. ServiceName *string `type:"string"` // The state of the quota increase request. @@ -4807,12 +5048,24 @@ func (s *RequestedServiceQuotaChange) SetQuotaCode(v string) *RequestedServiceQu return s } +// SetQuotaContext sets the QuotaContext field's value. +func (s *RequestedServiceQuotaChange) SetQuotaContext(v *QuotaContextInfo) *RequestedServiceQuotaChange { + s.QuotaContext = v + return s +} + // SetQuotaName sets the QuotaName field's value. func (s *RequestedServiceQuotaChange) SetQuotaName(v string) *RequestedServiceQuotaChange { s.QuotaName = &v return s } +// SetQuotaRequestedAtLevel sets the QuotaRequestedAtLevel field's value. +func (s *RequestedServiceQuotaChange) SetQuotaRequestedAtLevel(v string) *RequestedServiceQuotaChange { + s.QuotaRequestedAtLevel = &v + return s +} + // SetRequester sets the Requester field's value. func (s *RequestedServiceQuotaChange) SetRequester(v string) *RequestedServiceQuotaChange { s.Requester = &v @@ -4971,14 +5224,15 @@ func (s *ServiceException) RequestID() string { return s.RespMetadata.RequestID } -// Information about a service. +// Information about an Amazon Web Service. type ServiceInfo struct { _ struct{} `type:"structure"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. ServiceCode *string `min:"1" type:"string"` - // The service name. + // Specifies the service name. ServiceName *string `type:"string"` } @@ -5028,19 +5282,28 @@ type ServiceQuota struct { // The period of time. Period *QuotaPeriod `type:"structure"` + // Specifies at which level of granularity that the quota value is applied. + QuotaAppliedAtLevel *string `type:"string" enum:"AppliedLevelEnum"` + // The Amazon Resource Name (ARN) of the quota. QuotaArn *string `type:"string"` - // The quota identifier. + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. QuotaCode *string `min:"1" type:"string"` - // The quota name. + // The context for this service quota. + QuotaContext *QuotaContextInfo `type:"structure"` + + // Specifies the quota name. QuotaName *string `type:"string"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. ServiceCode *string `min:"1" type:"string"` - // The service name. + // Specifies the service name. ServiceName *string `type:"string"` // The unit of measurement. @@ -5095,6 +5358,12 @@ func (s *ServiceQuota) SetPeriod(v *QuotaPeriod) *ServiceQuota { return s } +// SetQuotaAppliedAtLevel sets the QuotaAppliedAtLevel field's value. +func (s *ServiceQuota) SetQuotaAppliedAtLevel(v string) *ServiceQuota { + s.QuotaAppliedAtLevel = &v + return s +} + // SetQuotaArn sets the QuotaArn field's value. func (s *ServiceQuota) SetQuotaArn(v string) *ServiceQuota { s.QuotaArn = &v @@ -5107,6 +5376,12 @@ func (s *ServiceQuota) SetQuotaCode(v string) *ServiceQuota { return s } +// SetQuotaContext sets the QuotaContext field's value. +func (s *ServiceQuota) SetQuotaContext(v *QuotaContextInfo) *ServiceQuota { + s.QuotaContext = v + return s +} + // SetQuotaName sets the QuotaName field's value. func (s *ServiceQuota) SetQuotaName(v string) *ServiceQuota { s.QuotaName = &v @@ -5147,7 +5422,7 @@ func (s *ServiceQuota) SetValue(v float64) *ServiceQuota { type ServiceQuotaIncreaseRequestInTemplate struct { _ struct{} `type:"structure"` - // The AWS Region. + // The Amazon Web Services Region. AwsRegion *string `min:"1" type:"string"` // The new, increased value of the quota. @@ -5156,16 +5431,19 @@ type ServiceQuotaIncreaseRequestInTemplate struct { // Indicates whether the quota is global. GlobalQuota *bool `type:"boolean"` - // The quota identifier. + // Specifies the quota identifier. To find the quota code for a specific quota, + // use the ListServiceQuotas operation, and look for the QuotaCode response + // in the output for the quota you want. QuotaCode *string `min:"1" type:"string"` - // The quota name. + // Specifies the quota name. QuotaName *string `type:"string"` - // The service identifier. + // Specifies the service identifier. To find the service code value for an Amazon + // Web Services service, use the ListServices operation. ServiceCode *string `min:"1" type:"string"` - // The service name. + // Specifies the service name. ServiceName *string `type:"string"` // The unit of measurement. @@ -5440,8 +5718,8 @@ type TagResourceInput struct { // The Amazon Resource Name (ARN) for the applied quota. You can get this information // by using the Service Quotas console, or by listing the quotas using the list-service-quotas // (https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html) - // AWS CLI command or the ListServiceQuotas (https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotas.html) - // AWS API operation. + // CLI command or the ListServiceQuotas (https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotas.html) + // Amazon Web Services API operation. // // ResourceARN is a required field ResourceARN *string `min:"1" type:"string" required:"true"` @@ -5536,7 +5814,8 @@ func (s TagResourceOutput) GoString() string { return s.String() } -// The Service Quotas template is not available in this AWS Region. +// The Service Quotas template is not available in this Amazon Web Services +// Region. type TemplatesNotAvailableInRegionException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -5737,8 +6016,8 @@ type UntagResourceInput struct { // The Amazon Resource Name (ARN) for the applied quota that you want to untag. // You can get this information by using the Service Quotas console, or by listing // the quotas using the list-service-quotas (https://docs.aws.amazon.com/cli/latest/reference/service-quotas/list-service-quotas.html) - // AWS CLI command or the ListServiceQuotas (https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotas.html) - // AWS API operation. + // CLI command or the ListServiceQuotas (https://docs.aws.amazon.com/servicequotas/2019-06-24/apireference/API_ListServiceQuotas.html) + // Amazon Web Services API operation. // // ResourceARN is a required field ResourceARN *string `min:"1" type:"string" required:"true"` @@ -5820,6 +6099,26 @@ func (s UntagResourceOutput) GoString() string { return s.String() } +const ( + // AppliedLevelEnumAccount is a AppliedLevelEnum enum value + AppliedLevelEnumAccount = "ACCOUNT" + + // AppliedLevelEnumResource is a AppliedLevelEnum enum value + AppliedLevelEnumResource = "RESOURCE" + + // AppliedLevelEnumAll is a AppliedLevelEnum enum value + AppliedLevelEnumAll = "ALL" +) + +// AppliedLevelEnum_Values returns all elements of the AppliedLevelEnum enum +func AppliedLevelEnum_Values() []string { + return []string{ + AppliedLevelEnumAccount, + AppliedLevelEnumResource, + AppliedLevelEnumAll, + } +} + const ( // ErrorCodeDependencyAccessDeniedError is a ErrorCode enum value ErrorCodeDependencyAccessDeniedError = "DEPENDENCY_ACCESS_DENIED_ERROR" @@ -5880,6 +6179,22 @@ func PeriodUnit_Values() []string { } } +const ( + // QuotaContextScopeResource is a QuotaContextScope enum value + QuotaContextScopeResource = "RESOURCE" + + // QuotaContextScopeAccount is a QuotaContextScope enum value + QuotaContextScopeAccount = "ACCOUNT" +) + +// QuotaContextScope_Values returns all elements of the QuotaContextScope enum +func QuotaContextScope_Values() []string { + return []string{ + QuotaContextScopeResource, + QuotaContextScopeAccount, + } +} + const ( // RequestStatusPending is a RequestStatus enum value RequestStatusPending = "PENDING" @@ -5895,6 +6210,12 @@ const ( // RequestStatusCaseClosed is a RequestStatus enum value RequestStatusCaseClosed = "CASE_CLOSED" + + // RequestStatusNotApproved is a RequestStatus enum value + RequestStatusNotApproved = "NOT_APPROVED" + + // RequestStatusInvalidRequest is a RequestStatus enum value + RequestStatusInvalidRequest = "INVALID_REQUEST" ) // RequestStatus_Values returns all elements of the RequestStatus enum @@ -5905,6 +6226,8 @@ func RequestStatus_Values() []string { RequestStatusApproved, RequestStatusDenied, RequestStatusCaseClosed, + RequestStatusNotApproved, + RequestStatusInvalidRequest, } } diff --git a/service/servicequotas/doc.go b/service/servicequotas/doc.go index 48382140b9f..beecdaac8cd 100644 --- a/service/servicequotas/doc.go +++ b/service/servicequotas/doc.go @@ -3,10 +3,10 @@ // Package servicequotas provides the client and types for making API // requests to Service Quotas. // -// With Service Quotas, you can view and manage your quotas easily as your AWS -// workloads grow. Quotas, also referred to as limits, are the maximum number -// of resources that you can create in your AWS account. For more information, -// see the Service Quotas User Guide (https://docs.aws.amazon.com/servicequotas/latest/userguide/). +// With Service Quotas, you can view and manage your quotas easily as your Amazon +// Web Services workloads grow. Quotas, also referred to as limits, are the +// maximum number of resources that you can create in your Amazon Web Services +// account. For more information, see the Service Quotas User Guide (https://docs.aws.amazon.com/servicequotas/latest/userguide/). // // See https://docs.aws.amazon.com/goto/WebAPI/service-quotas-2019-06-24 for more information on this service. // diff --git a/service/servicequotas/errors.go b/service/servicequotas/errors.go index 2b5be212050..1f32b90fb46 100644 --- a/service/servicequotas/errors.go +++ b/service/servicequotas/errors.go @@ -48,7 +48,7 @@ const ( // ErrCodeNoAvailableOrganizationException for service response error code // "NoAvailableOrganizationException". // - // The account making this call is not a member of an organization. + // The Amazon Web Services account making this call is not a member of an organization. ErrCodeNoAvailableOrganizationException = "NoAvailableOrganizationException" // ErrCodeNoSuchResourceException for service response error code @@ -60,7 +60,8 @@ const ( // ErrCodeOrganizationNotInAllFeaturesModeException for service response error code // "OrganizationNotInAllFeaturesModeException". // - // The organization that your account belongs to is not in All Features mode. + // The organization that your Amazon Web Services account belongs to is not + // in All Features mode. ErrCodeOrganizationNotInAllFeaturesModeException = "OrganizationNotInAllFeaturesModeException" // ErrCodeQuotaExceededException for service response error code @@ -98,7 +99,8 @@ const ( // ErrCodeTemplatesNotAvailableInRegionException for service response error code // "TemplatesNotAvailableInRegionException". // - // The Service Quotas template is not available in this AWS Region. + // The Service Quotas template is not available in this Amazon Web Services + // Region. ErrCodeTemplatesNotAvailableInRegionException = "TemplatesNotAvailableInRegionException" // ErrCodeTooManyRequestsException for service response error code diff --git a/service/workspacesweb/api.go b/service/workspacesweb/api.go index 0e23331750d..ef230aa5486 100644 --- a/service/workspacesweb/api.go +++ b/service/workspacesweb/api.go @@ -6655,7 +6655,9 @@ type BrowserSettingsSummary struct { _ struct{} `type:"structure"` // The ARN of the browser settings. - BrowserSettingsArn *string `locationName:"browserSettingsArn" min:"20" type:"string"` + // + // BrowserSettingsArn is a required field + BrowserSettingsArn *string `locationName:"browserSettingsArn" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -6898,6 +6900,150 @@ func (s *ConflictException) RequestID() string { return s.RespMetadata.RequestID } +// Specifies a single cookie or set of cookies in an end user's browser. +type CookieSpecification struct { + _ struct{} `type:"structure"` + + // The domain of the cookie. + // + // Domain is a required field + Domain *string `locationName:"domain" type:"string" required:"true"` + + // The name of the cookie. + Name *string `locationName:"name" type:"string"` + + // The path of the cookie. + Path *string `locationName:"path" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CookieSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CookieSpecification) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CookieSpecification) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CookieSpecification"} + if s.Domain == nil { + invalidParams.Add(request.NewErrParamRequired("Domain")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDomain sets the Domain field's value. +func (s *CookieSpecification) SetDomain(v string) *CookieSpecification { + s.Domain = &v + return s +} + +// SetName sets the Name field's value. +func (s *CookieSpecification) SetName(v string) *CookieSpecification { + s.Name = &v + return s +} + +// SetPath sets the Path field's value. +func (s *CookieSpecification) SetPath(v string) *CookieSpecification { + s.Path = &v + return s +} + +// The configuration that specifies which cookies should be synchronized from +// the end user's local browser to the remote browser. +type CookieSynchronizationConfiguration struct { + _ struct{} `type:"structure" sensitive:"true"` + + // The list of cookie specifications that are allowed to be synchronized to + // the remote browser. + // + // Allowlist is a required field + Allowlist []*CookieSpecification `locationName:"allowlist" type:"list" required:"true"` + + // The list of cookie specifications that are blocked from being synchronized + // to the remote browser. + Blocklist []*CookieSpecification `locationName:"blocklist" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CookieSynchronizationConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CookieSynchronizationConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CookieSynchronizationConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CookieSynchronizationConfiguration"} + if s.Allowlist == nil { + invalidParams.Add(request.NewErrParamRequired("Allowlist")) + } + if s.Allowlist != nil { + for i, v := range s.Allowlist { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Allowlist", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Blocklist != nil { + for i, v := range s.Blocklist { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Blocklist", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAllowlist sets the Allowlist field's value. +func (s *CookieSynchronizationConfiguration) SetAllowlist(v []*CookieSpecification) *CookieSynchronizationConfiguration { + s.Allowlist = v + return s +} + +// SetBlocklist sets the Blocklist field's value. +func (s *CookieSynchronizationConfiguration) SetBlocklist(v []*CookieSpecification) *CookieSynchronizationConfiguration { + s.Blocklist = v + return s +} + type CreateBrowserSettingsInput struct { _ struct{} `type:"structure"` @@ -7973,6 +8119,9 @@ func (s *CreateUserAccessLoggingSettingsOutput) SetUserAccessLoggingSettingsArn( type CreateUserSettingsInput struct { _ struct{} `type:"structure"` + // The additional encryption context of the user settings. + AdditionalEncryptionContext map[string]*string `locationName:"additionalEncryptionContext" type:"map"` + // A unique, case-sensitive identifier that you provide to ensure the idempotency // of the request. Idempotency ensures that an API request completes only once. // With an idempotent request, if the original request completes successfully, @@ -7983,12 +8132,24 @@ type CreateUserSettingsInput struct { // AWS SDK. ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` + // The configuration that specifies which cookies should be synchronized from + // the end user's local browser to the remote browser. + // + // CookieSynchronizationConfiguration is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateUserSettingsInput's + // String and GoString methods. + CookieSynchronizationConfiguration *CookieSynchronizationConfiguration `locationName:"cookieSynchronizationConfiguration" type:"structure" sensitive:"true"` + // Specifies whether the user can copy text from the streaming session to the // local device. // // CopyAllowed is a required field CopyAllowed *string `locationName:"copyAllowed" type:"string" required:"true" enum:"EnabledType"` + // The customer managed key used to encrypt sensitive information in the user + // settings. + CustomerManagedKey *string `locationName:"customerManagedKey" min:"20" type:"string"` + // The amount of time that a streaming session remains active after users disconnect. DisconnectTimeoutInMinutes *int64 `locationName:"disconnectTimeoutInMinutes" min:"1" type:"integer"` @@ -8050,6 +8211,9 @@ func (s *CreateUserSettingsInput) Validate() error { if s.CopyAllowed == nil { invalidParams.Add(request.NewErrParamRequired("CopyAllowed")) } + if s.CustomerManagedKey != nil && len(*s.CustomerManagedKey) < 20 { + invalidParams.Add(request.NewErrParamMinLen("CustomerManagedKey", 20)) + } if s.DisconnectTimeoutInMinutes != nil && *s.DisconnectTimeoutInMinutes < 1 { invalidParams.Add(request.NewErrParamMinValue("DisconnectTimeoutInMinutes", 1)) } @@ -8065,6 +8229,11 @@ func (s *CreateUserSettingsInput) Validate() error { if s.UploadAllowed == nil { invalidParams.Add(request.NewErrParamRequired("UploadAllowed")) } + if s.CookieSynchronizationConfiguration != nil { + if err := s.CookieSynchronizationConfiguration.Validate(); err != nil { + invalidParams.AddNested("CookieSynchronizationConfiguration", err.(request.ErrInvalidParams)) + } + } if s.Tags != nil { for i, v := range s.Tags { if v == nil { @@ -8082,18 +8251,36 @@ func (s *CreateUserSettingsInput) Validate() error { return nil } +// SetAdditionalEncryptionContext sets the AdditionalEncryptionContext field's value. +func (s *CreateUserSettingsInput) SetAdditionalEncryptionContext(v map[string]*string) *CreateUserSettingsInput { + s.AdditionalEncryptionContext = v + return s +} + // SetClientToken sets the ClientToken field's value. func (s *CreateUserSettingsInput) SetClientToken(v string) *CreateUserSettingsInput { s.ClientToken = &v return s } +// SetCookieSynchronizationConfiguration sets the CookieSynchronizationConfiguration field's value. +func (s *CreateUserSettingsInput) SetCookieSynchronizationConfiguration(v *CookieSynchronizationConfiguration) *CreateUserSettingsInput { + s.CookieSynchronizationConfiguration = v + return s +} + // SetCopyAllowed sets the CopyAllowed field's value. func (s *CreateUserSettingsInput) SetCopyAllowed(v string) *CreateUserSettingsInput { s.CopyAllowed = &v return s } +// SetCustomerManagedKey sets the CustomerManagedKey field's value. +func (s *CreateUserSettingsInput) SetCustomerManagedKey(v string) *CreateUserSettingsInput { + s.CustomerManagedKey = &v + return s +} + // SetDisconnectTimeoutInMinutes sets the DisconnectTimeoutInMinutes field's value. func (s *CreateUserSettingsInput) SetDisconnectTimeoutInMinutes(v int64) *CreateUserSettingsInput { s.DisconnectTimeoutInMinutes = &v @@ -9727,7 +9914,9 @@ type GetTrustStoreCertificateOutput struct { Certificate *Certificate `locationName:"certificate" type:"structure"` // The ARN of the trust store certificate. - TrustStoreArn *string `locationName:"trustStoreArn" min:"20" type:"string"` + // + // TrustStoreArn is a required field + TrustStoreArn *string `locationName:"trustStoreArn" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -10090,7 +10279,9 @@ type IdentityProviderSummary struct { _ struct{} `type:"structure"` // The ARN of the identity provider. - IdentityProviderArn *string `locationName:"identityProviderArn" min:"20" type:"string"` + // + // IdentityProviderArn is a required field + IdentityProviderArn *string `locationName:"identityProviderArn" min:"20" type:"string" required:"true"` // The identity provider name. // @@ -10320,7 +10511,9 @@ type IpAccessSettingsSummary struct { DisplayName *string `locationName:"displayName" min:"1" type:"string" sensitive:"true"` // The ARN of IP access settings. - IpAccessSettingsArn *string `locationName:"ipAccessSettingsArn" min:"20" type:"string"` + // + // IpAccessSettingsArn is a required field + IpAccessSettingsArn *string `locationName:"ipAccessSettingsArn" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -11092,7 +11285,9 @@ type ListTrustStoreCertificatesOutput struct { NextToken *string `locationName:"nextToken" min:"1" type:"string"` // The ARN of the trust store. - TrustStoreArn *string `locationName:"trustStoreArn" min:"20" type:"string"` + // + // TrustStoreArn is a required field + TrustStoreArn *string `locationName:"trustStoreArn" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -11499,7 +11694,9 @@ type NetworkSettingsSummary struct { _ struct{} `type:"structure"` // The ARN of the network settings. - NetworkSettingsArn *string `locationName:"networkSettingsArn" min:"20" type:"string"` + // + // NetworkSettingsArn is a required field + NetworkSettingsArn *string `locationName:"networkSettingsArn" min:"20" type:"string" required:"true"` // The VPC ID of the network settings. VpcId *string `locationName:"vpcId" min:"1" type:"string"` @@ -11577,7 +11774,9 @@ type Portal struct { NetworkSettingsArn *string `locationName:"networkSettingsArn" min:"20" type:"string"` // The ARN of the web portal. - PortalArn *string `locationName:"portalArn" min:"20" type:"string"` + // + // PortalArn is a required field + PortalArn *string `locationName:"portalArn" min:"20" type:"string" required:"true"` // The endpoint URL of the web portal that users access in order to start streaming // sessions. @@ -11753,7 +11952,9 @@ type PortalSummary struct { NetworkSettingsArn *string `locationName:"networkSettingsArn" min:"20" type:"string"` // The ARN of the web portal. - PortalArn *string `locationName:"portalArn" min:"20" type:"string"` + // + // PortalArn is a required field + PortalArn *string `locationName:"portalArn" min:"20" type:"string" required:"true"` // The endpoint URL of the web portal that users access in order to start streaming // sessions. @@ -12363,7 +12564,9 @@ type TrustStore struct { AssociatedPortalArns []*string `locationName:"associatedPortalArns" type:"list"` // The ARN of the trust store. - TrustStoreArn *string `locationName:"trustStoreArn" min:"20" type:"string"` + // + // TrustStoreArn is a required field + TrustStoreArn *string `locationName:"trustStoreArn" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -13449,6 +13652,16 @@ type UpdateUserSettingsInput struct { // AWS SDK. ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` + // The configuration that specifies which cookies should be synchronized from + // the end user's local browser to the remote browser. + // + // If the allowlist and blocklist are empty, the configuration becomes null. + // + // CookieSynchronizationConfiguration is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UpdateUserSettingsInput's + // String and GoString methods. + CookieSynchronizationConfiguration *CookieSynchronizationConfiguration `locationName:"cookieSynchronizationConfiguration" type:"structure" sensitive:"true"` + // Specifies whether the user can copy text from the streaming session to the // local device. CopyAllowed *string `locationName:"copyAllowed" type:"string" enum:"EnabledType"` @@ -13514,6 +13727,11 @@ func (s *UpdateUserSettingsInput) Validate() error { if s.UserSettingsArn != nil && len(*s.UserSettingsArn) < 20 { invalidParams.Add(request.NewErrParamMinLen("UserSettingsArn", 20)) } + if s.CookieSynchronizationConfiguration != nil { + if err := s.CookieSynchronizationConfiguration.Validate(); err != nil { + invalidParams.AddNested("CookieSynchronizationConfiguration", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -13527,6 +13745,12 @@ func (s *UpdateUserSettingsInput) SetClientToken(v string) *UpdateUserSettingsIn return s } +// SetCookieSynchronizationConfiguration sets the CookieSynchronizationConfiguration field's value. +func (s *UpdateUserSettingsInput) SetCookieSynchronizationConfiguration(v *CookieSynchronizationConfiguration) *UpdateUserSettingsInput { + s.CookieSynchronizationConfiguration = v + return s +} + // SetCopyAllowed sets the CopyAllowed field's value. func (s *UpdateUserSettingsInput) SetCopyAllowed(v string) *UpdateUserSettingsInput { s.CopyAllowed = &v @@ -13670,7 +13894,9 @@ type UserAccessLoggingSettingsSummary struct { KinesisStreamArn *string `locationName:"kinesisStreamArn" min:"20" type:"string"` // The ARN of the user access logging settings. - UserAccessLoggingSettingsArn *string `locationName:"userAccessLoggingSettingsArn" min:"20" type:"string"` + // + // UserAccessLoggingSettingsArn is a required field + UserAccessLoggingSettingsArn *string `locationName:"userAccessLoggingSettingsArn" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -13712,6 +13938,14 @@ type UserSettings struct { // A list of web portal ARNs that this user settings is associated with. AssociatedPortalArns []*string `locationName:"associatedPortalArns" type:"list"` + // The configuration that specifies which cookies should be synchronized from + // the end user's local browser to the remote browser. + // + // CookieSynchronizationConfiguration is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UserSettings's + // String and GoString methods. + CookieSynchronizationConfiguration *CookieSynchronizationConfiguration `locationName:"cookieSynchronizationConfiguration" type:"structure" sensitive:"true"` + // Specifies whether the user can copy text from the streaming session to the // local device. CopyAllowed *string `locationName:"copyAllowed" type:"string" enum:"EnabledType"` @@ -13768,6 +14002,12 @@ func (s *UserSettings) SetAssociatedPortalArns(v []*string) *UserSettings { return s } +// SetCookieSynchronizationConfiguration sets the CookieSynchronizationConfiguration field's value. +func (s *UserSettings) SetCookieSynchronizationConfiguration(v *CookieSynchronizationConfiguration) *UserSettings { + s.CookieSynchronizationConfiguration = v + return s +} + // SetCopyAllowed sets the CopyAllowed field's value. func (s *UserSettings) SetCopyAllowed(v string) *UserSettings { s.CopyAllowed = &v @@ -13820,6 +14060,14 @@ func (s *UserSettings) SetUserSettingsArn(v string) *UserSettings { type UserSettingsSummary struct { _ struct{} `type:"structure"` + // The configuration that specifies which cookies should be synchronized from + // the end user's local browser to the remote browser. + // + // CookieSynchronizationConfiguration is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UserSettingsSummary's + // String and GoString methods. + CookieSynchronizationConfiguration *CookieSynchronizationConfiguration `locationName:"cookieSynchronizationConfiguration" type:"structure" sensitive:"true"` + // Specifies whether the user can copy text from the streaming session to the // local device. CopyAllowed *string `locationName:"copyAllowed" type:"string" enum:"EnabledType"` @@ -13847,7 +14095,9 @@ type UserSettingsSummary struct { UploadAllowed *string `locationName:"uploadAllowed" type:"string" enum:"EnabledType"` // The ARN of the user settings. - UserSettingsArn *string `locationName:"userSettingsArn" min:"20" type:"string"` + // + // UserSettingsArn is a required field + UserSettingsArn *string `locationName:"userSettingsArn" min:"20" type:"string" required:"true"` } // String returns the string representation. @@ -13868,6 +14118,12 @@ func (s UserSettingsSummary) GoString() string { return s.String() } +// SetCookieSynchronizationConfiguration sets the CookieSynchronizationConfiguration field's value. +func (s *UserSettingsSummary) SetCookieSynchronizationConfiguration(v *CookieSynchronizationConfiguration) *UserSettingsSummary { + s.CookieSynchronizationConfiguration = v + return s +} + // SetCopyAllowed sets the CopyAllowed field's value. func (s *UserSettingsSummary) SetCopyAllowed(v string) *UserSettingsSummary { s.CopyAllowed = &v From 807c9ee43a24f30857609d1e3e9cd294ec0fef83 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Tue, 29 Aug 2023 14:08:12 -0400 Subject: [PATCH 10/17] Modify and Merge auth token file resolving logic --- aws/credentials/endpointcreds/provider.go | 47 ++++-- .../endpointcreds/provider_test.go | 146 ++++++++++++------ aws/defaults/defaults.go | 11 ++ aws/defaults/defaults_test.go | 21 +++ 4 files changed, 162 insertions(+), 63 deletions(-) diff --git a/aws/credentials/endpointcreds/provider.go b/aws/credentials/endpointcreds/provider.go index 95cfcd4a45f..4007d77b388 100644 --- a/aws/credentials/endpointcreds/provider.go +++ b/aws/credentials/endpointcreds/provider.go @@ -33,8 +33,6 @@ package endpointcreds import ( "encoding/json" "fmt" - "io/ioutil" - "os" "strings" "time" @@ -48,10 +46,7 @@ import ( ) // ProviderName is the name of the credentials provider. -const ( - ProviderName = `CredentialsEndpointProvider` - httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" -) +const ProviderName = `CredentialsEndpointProvider` // Provider satisfies the credentials.Provider interface, and is a client to // retrieve credentials from an arbitrary endpoint. @@ -77,7 +72,37 @@ type Provider struct { // Optional authorization token value if set will be used as the value of // the Authorization header of the endpoint credential request. + // + // When constructed from environment, the provider will use the value of + // AWS_CONTAINER_AUTHORIZATION_TOKEN environment variable as the token + // + // Will be overridden if AuthorizationTokenProvider is configured AuthorizationToken string + + // Optional auth provider func to dynamically load the auth token from a file + // everytime a credential is retrieved + // + // When constructed from environment, the provider will read and use the content + // of the file pointed to by AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE environment variable + // as the auth token everytime credentials are retrieved + // + // Will override AuthorizationToken if configured + AuthorizationTokenProvider AuthTokenProvider +} + +// AuthTokenProvider defines an interface to dynamically load a value to be passed +// for the Authorization header of a credentials request. +type AuthTokenProvider interface { + GetToken() (string, error) +} + +// TokenProvider is a func type implementing AuthTokenProvider interface +// and enables customizing token provider behavior +type TokenProvider func() (string, error) + +// GetToken func retrieves auth token according to TokenProvider implementation +func (p TokenProvider) GetToken() (string, error) { + return p() } // NewProviderClient returns a credentials Provider for retrieving AWS credentials @@ -175,13 +200,11 @@ func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error authToken := p.AuthorizationToken var err error - - if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { - var contents []byte - if contents, err = ioutil.ReadFile(authFilePath); err != nil { - return &getCredentialsOutput{}, fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) + if p.AuthorizationTokenProvider != nil { + authToken, err = p.AuthorizationTokenProvider.GetToken() + if err != nil { + return &getCredentialsOutput{}, err } - authToken = string(contents) } if strings.ContainsAny(authToken, "\r\n") { diff --git a/aws/credentials/endpointcreds/provider_test.go b/aws/credentials/endpointcreds/provider_test.go index fceb077792b..cb9b5f73215 100644 --- a/aws/credentials/endpointcreds/provider_test.go +++ b/aws/credentials/endpointcreds/provider_test.go @@ -159,64 +159,108 @@ func TestFailedRetrieveCredentials(t *testing.T) { } func TestAuthorizationToken(t *testing.T) { - const expectAuthToken = "Basic abc123" + cases := map[string]struct { + ExpectPath string + ServerPath string + AuthToken string + AuthTokenProvider endpointcreds.AuthTokenProvider + ExpectAuthToken string + ExpectError bool + }{ + "AuthToken": { + ExpectPath: "/path/to/endpoint", + ServerPath: "/path/to/endpoint?something=else", + AuthToken: "Basic abc123", + ExpectAuthToken: "Basic abc123", + }, + "AuthFileToken": { + ExpectPath: "/path/to/endpoint", + ServerPath: "/path/to/endpoint?something=else", + AuthToken: "Basic abc123", + AuthTokenProvider: endpointcreds.TokenProvider(func() (string, error) { + return "Hello %20world", nil + }), + ExpectAuthToken: "Hello %20world", + }, + "RetrieveFileTokenError": { + ExpectPath: "/path/to/endpoint", + ServerPath: "/path/to/endpoint?something=else", + AuthToken: "Basic abc123", + AuthTokenProvider: endpointcreds.TokenProvider(func() (string, error) { + return "", fmt.Errorf("test error") + }), + ExpectAuthToken: "Hello %20world", + ExpectError: true, + }, + } - server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if e, a := "/path/to/endpoint", r.URL.Path; e != a { - t.Errorf("expect %v, got %v", e, a) - } - if e, a := "application/json", r.Header.Get("Accept"); e != a { - t.Errorf("expect %v, got %v", e, a) - } - if e, a := expectAuthToken, r.Header.Get("Authorization"); e != a { - t.Fatalf("expect %v, got %v", e, a) - } + for name, c := range cases { + t.Run(name, func(t *testing.T) { + server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if e, a := c.ExpectPath, r.URL.Path; e != a { + t.Errorf("expect %v, got %v", e, a) + } + if e, a := "application/json", r.Header.Get("Accept"); e != a { + t.Errorf("expect %v, got %v", e, a) + } + if e, a := c.ExpectAuthToken, r.Header.Get("Authorization"); e != a { + t.Fatalf("expect %v, got %v", e, a) + } - encoder := json.NewEncoder(w) - err := encoder.Encode(map[string]interface{}{ - "AccessKeyID": "AKID", - "SecretAccessKey": "SECRET", - "Token": "TOKEN", - "Expiration": time.Now().Add(1 * time.Hour), - }) + encoder := json.NewEncoder(w) + err := encoder.Encode(map[string]interface{}{ + "AccessKeyID": "AKID", + "SecretAccessKey": "SECRET", + "Token": "TOKEN", + "Expiration": time.Now().Add(1 * time.Hour), + }) - if err != nil { - fmt.Println("failed to write out creds", err) - } - })) - defer server.Close() + if err != nil { + fmt.Println("failed to write out creds", err) + } + })) + defer server.Close() - client := endpointcreds.NewProviderClient(*unit.Session.Config, - unit.Session.Handlers, - server.URL+"/path/to/endpoint?something=else", - func(p *endpointcreds.Provider) { - p.AuthorizationToken = expectAuthToken - }, - ) - creds, err := client.Retrieve() + client := endpointcreds.NewProviderClient(*unit.Session.Config, + unit.Session.Handlers, + server.URL+c.ServerPath, + func(p *endpointcreds.Provider) { + p.AuthorizationToken = c.AuthToken + p.AuthorizationTokenProvider = c.AuthTokenProvider + }, + ) + creds, err := client.Retrieve() - if err != nil { - t.Errorf("expect no error, got %v", err) - } + if err != nil && !c.ExpectError { + t.Errorf("expect no error, got %v", err) + } else if err == nil && c.ExpectError { + t.Errorf("expect error, got nil") + } - if e, a := "AKID", creds.AccessKeyID; e != a { - t.Errorf("expect %v, got %v", e, a) - } - if e, a := "SECRET", creds.SecretAccessKey; e != a { - t.Errorf("expect %v, got %v", e, a) - } - if e, a := "TOKEN", creds.SessionToken; e != a { - t.Errorf("expect %v, got %v", e, a) - } - if client.IsExpired() { - t.Errorf("expect not expired, was") - } + if c.ExpectError { + return + } - client.(*endpointcreds.Provider).CurrentTime = func() time.Time { - return time.Now().Add(2 * time.Hour) - } + if e, a := "AKID", creds.AccessKeyID; e != a { + t.Errorf("expect %v, got %v", e, a) + } + if e, a := "SECRET", creds.SecretAccessKey; e != a { + t.Errorf("expect %v, got %v", e, a) + } + if e, a := "TOKEN", creds.SessionToken; e != a { + t.Errorf("expect %v, got %v", e, a) + } + if client.IsExpired() { + t.Errorf("expect not expired, was") + } - if !client.IsExpired() { - t.Errorf("expect expired, wasn't") + client.(*endpointcreds.Provider).CurrentTime = func() time.Time { + return time.Now().Add(2 * time.Hour) + } + + if !client.IsExpired() { + t.Errorf("expect expired, wasn't") + } + }) } } diff --git a/aws/defaults/defaults.go b/aws/defaults/defaults.go index 0e2bc6b4fa1..94ffc12f488 100644 --- a/aws/defaults/defaults.go +++ b/aws/defaults/defaults.go @@ -9,6 +9,7 @@ package defaults import ( "fmt" + "io/ioutil" "net" "net/http" "net/url" @@ -114,6 +115,7 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro const ( httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN" + httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI" ecsContainerHost = "169.254.170.2" eksContainerHost = "169.254.170.23" @@ -205,6 +207,15 @@ func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) crede func(p *endpointcreds.Provider) { p.ExpiryWindow = 5 * time.Minute p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar) + if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { + p.AuthorizationTokenProvider = endpointcreds.TokenProvider(func() (string, error) { + if contents, err := ioutil.ReadFile(authFilePath); err != nil { + return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) + } else { + return string(contents), nil + } + }) + } }, ) } diff --git a/aws/defaults/defaults_test.go b/aws/defaults/defaults_test.go index 6947eb76e76..c8bdf0eeb48 100644 --- a/aws/defaults/defaults_test.go +++ b/aws/defaults/defaults_test.go @@ -92,6 +92,27 @@ func TestHTTPCredProvider(t *testing.T) { } } +func TestHTTPAuthTokenFile(t *testing.T) { + restoreEnvFn := sdktesting.StashEnv() + defer restoreEnvFn() + os.Setenv(httpProviderAuthFileEnvVar, "path/to/file") + os.Setenv(httpProviderEnvVar, "http://169.254.170.23/abc/123") + + provider := RemoteCredProvider(aws.Config{}, request.Handlers{}) + if provider == nil { + t.Fatalf("expect provider not to be nil, but was") + } + + httpProvider := provider.(*endpointcreds.Provider) + if httpProvider == nil { + t.Fatalf("expect provider not to be nil, but was") + } + + if httpProvider.AuthorizationTokenProvider == nil { + t.Fatalf("expect auth token provider no to be nil, but was") + } +} + func TestECSCredProvider(t *testing.T) { restoreEnvFn := sdktesting.StashEnv() defer restoreEnvFn() From c8ccaaf6436a07a539ff37e82c963ab00b556550 Mon Sep 17 00:00:00 2001 From: aws-sdk-go-automation <43143561+aws-sdk-go-automation@users.noreply.github.com> Date: Tue, 29 Aug 2023 11:19:49 -0700 Subject: [PATCH 11/17] Release v1.44.334 (2023-08-29) (#4968) Release v1.44.334 (2023-08-29) === ### Service Client Updates * `service/cognito-idp`: Updates service API, documentation, and examples * `service/fsx`: Updates service documentation * `service/omics`: Updates service API and documentation * `service/sesv2`: Updates service API, documentation, paginators, and examples --- CHANGELOG.md | 9 + aws/version.go | 2 +- models/apis/cognito-idp/2016-04-18/api-2.json | 56 +- .../apis/cognito-idp/2016-04-18/docs-2.json | 6 +- .../2016-04-18/endpoint-rule-set-1.json | 344 +-- .../cognito-idp/2016-04-18/examples-1.json | 849 ++++++ models/apis/fsx/2018-03-01/docs-2.json | 50 +- models/apis/omics/2022-11-28/api-2.json | 15 + models/apis/omics/2022-11-28/docs-2.json | 13 +- models/apis/sesv2/2019-09-27/api-2.json | 406 ++- models/apis/sesv2/2019-09-27/docs-2.json | 355 ++- .../sesv2/2019-09-27/endpoint-rule-set-1.json | 344 +-- models/apis/sesv2/2019-09-27/examples-1.json | 244 ++ .../apis/sesv2/2019-09-27/paginators-1.json | 5 + service/cognitoidentityprovider/api.go | 147 +- .../cognitoidentityprovider/examples_test.go | 520 ++++ service/fsx/api.go | 144 +- service/omics/api.go | 49 +- service/sesv2/api.go | 2656 +++++++++++++++-- service/sesv2/examples_test.go | 242 ++ service/sesv2/sesv2iface/interface.go | 23 + 21 files changed, 5694 insertions(+), 785 deletions(-) create mode 100644 service/cognitoidentityprovider/examples_test.go diff --git a/CHANGELOG.md b/CHANGELOG.md index 4e5a5f7066f..3b6dca2d02f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +Release v1.44.334 (2023-08-29) +=== + +### Service Client Updates +* `service/cognito-idp`: Updates service API, documentation, and examples +* `service/fsx`: Updates service documentation +* `service/omics`: Updates service API and documentation +* `service/sesv2`: Updates service API, documentation, paginators, and examples + Release v1.44.333 (2023-08-28) === diff --git a/aws/version.go b/aws/version.go index 96b11c71c79..da19250d573 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.333" +const SDKVersion = "1.44.334" diff --git a/models/apis/cognito-idp/2016-04-18/api-2.json b/models/apis/cognito-idp/2016-04-18/api-2.json index 1b519d9f278..c96db61a592 100644 --- a/models/apis/cognito-idp/2016-04-18/api-2.json +++ b/models/apis/cognito-idp/2016-04-18/api-2.json @@ -543,7 +543,8 @@ {"shape":"InternalErrorException"}, {"shape":"SoftwareTokenMFANotFoundException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "ChangePassword":{ "name":"ChangePassword", @@ -590,7 +591,8 @@ {"shape":"UserNotConfirmedException"}, {"shape":"InternalErrorException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "ConfirmForgotPassword":{ "name":"ConfirmForgotPassword", @@ -1039,7 +1041,8 @@ {"shape":"UserNotConfirmedException"}, {"shape":"InternalErrorException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "ForgotPassword":{ "name":"ForgotPassword", @@ -1103,7 +1106,8 @@ {"shape":"UserNotConfirmedException"}, {"shape":"InternalErrorException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "GetGroup":{ "name":"GetGroup", @@ -1266,7 +1270,8 @@ {"shape":"UserNotConfirmedException"}, {"shape":"InternalErrorException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "InitiateAuth":{ "name":"InitiateAuth", @@ -1314,7 +1319,8 @@ {"shape":"UserNotConfirmedException"}, {"shape":"InternalErrorException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "ListGroups":{ "name":"ListGroups", @@ -1535,7 +1541,8 @@ {"shape":"UnsupportedOperationException"}, {"shape":"UnsupportedTokenTypeException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "SetLogDeliveryConfiguration":{ "name":"SetLogDeliveryConfiguration", @@ -1605,7 +1612,8 @@ {"shape":"UserNotConfirmedException"}, {"shape":"InternalErrorException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "SetUserPoolMfaConfig":{ "name":"SetUserPoolMfaConfig", @@ -1754,7 +1762,8 @@ {"shape":"UserNotFoundException"}, {"shape":"UserPoolAddOnNotEnabledException"}, {"shape":"InternalErrorException"} - ] + ], + "authtype":"none" }, "UpdateDeviceStatus":{ "name":"UpdateDeviceStatus", @@ -1775,7 +1784,8 @@ {"shape":"UserNotConfirmedException"}, {"shape":"InternalErrorException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "UpdateGroup":{ "name":"UpdateGroup", @@ -1938,7 +1948,8 @@ {"shape":"SoftwareTokenMFANotFoundException"}, {"shape":"CodeMismatchException"}, {"shape":"ForbiddenException"} - ] + ], + "authtype":"none" }, "VerifyUserAttribute":{ "name":"VerifyUserAttribute", @@ -2759,7 +2770,8 @@ "ChallengeResponsesType":{ "type":"map", "key":{"shape":"StringType"}, - "value":{"shape":"StringType"} + "value":{"shape":"StringType"}, + "sensitive":true }, "ChangePasswordRequest":{ "type":"structure", @@ -2998,7 +3010,7 @@ ], "members":{ "UserPoolId":{"shape":"UserPoolIdType"}, - "ProviderName":{"shape":"ProviderNameTypeV1"}, + "ProviderName":{"shape":"ProviderNameTypeV2"}, "ProviderType":{"shape":"IdentityProviderTypeType"}, "ProviderDetails":{"shape":"ProviderDetailsType"}, "AttributeMapping":{"shape":"AttributeMappingType"}, @@ -4401,6 +4413,7 @@ }, "PaginationKey":{ "type":"string", + "max":131072, "min":1, "pattern":"[\\S]+" }, @@ -4489,13 +4502,13 @@ "type":"string", "max":32, "min":1, - "pattern":"[\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}]+" + "pattern":"[\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}\\p{Z}]+" }, - "ProviderNameTypeV1":{ + "ProviderNameTypeV2":{ "type":"string", "max":32, - "min":3, - "pattern":"[^_][\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}][^_]+" + "min":1, + "pattern":"[^_\\p{Z}][\\p{L}\\p{M}\\p{S}\\p{N}\\p{P}][^_\\p{Z}]+" }, "ProviderUserIdentifierType":{ "type":"structure", @@ -4807,7 +4820,8 @@ "SessionType":{ "type":"string", "max":2048, - "min":20 + "min":20, + "sensitive":true }, "SetLogDeliveryConfigurationRequest":{ "type":"structure", @@ -4978,7 +4992,8 @@ "type":"string", "max":6, "min":6, - "pattern":"[0-9]+" + "pattern":"[0-9]+", + "sensitive":true }, "SoftwareTokenMfaConfigType":{ "type":"structure", @@ -5403,7 +5418,8 @@ "members":{ "IpAddress":{"shape":"StringType"}, "EncodedData":{"shape":"StringType"} - } + }, + "sensitive":true }, "UserFilterType":{ "type":"string", diff --git a/models/apis/cognito-idp/2016-04-18/docs-2.json b/models/apis/cognito-idp/2016-04-18/docs-2.json index 29927ff2f36..1c75e970833 100644 --- a/models/apis/cognito-idp/2016-04-18/docs-2.json +++ b/models/apis/cognito-idp/2016-04-18/docs-2.json @@ -27,7 +27,7 @@ "AdminSetUserSettings": "

This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. To configure either type of MFA, use AdminSetUserMFAPreference instead.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

", "AdminUpdateAuthEventFeedback": "

Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool as part of Amazon Cognito advanced security.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

", "AdminUpdateDeviceStatus": "

Updates the device status as an administrator.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

", - "AdminUpdateUserAttributes": "

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user.

For custom attributes, you must prepend the custom: prefix to the attribute name.

In addition to updating user attributes, this API can also be used to mark phone and email as verified.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

", + "AdminUpdateUserAttributes": "

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user. To delete an attribute from your user, submit the attribute in your API request with a blank value.

For custom attributes, you must prepend the custom: prefix to the attribute name.

In addition to updating user attributes, this API can also be used to mark phone and email as verified.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

", "AdminUserGlobalSignOut": "

Signs out a user from all devices. AdminUserGlobalSignOut invalidates all identity, access and refresh tokens that Amazon Cognito has issued to a user. A user can still use a hosted UI cookie to retrieve new tokens for the duration of the 1-hour cookie validity period.

Your app isn't aware that a user's access token is revoked unless it attempts to authorize a user pools API request with an access token that contains the scope aws.cognito.signin.user.admin. Your app might otherwise accept access tokens until they expire.

Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

", "AssociateSoftwareToken": "

Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response. You can authorize an AssociateSoftwareToken request with either the user's access token, or a session string from a challenge response that you received from Amazon Cognito.

Amazon Cognito disassociates an existing software token when you verify the new token in a VerifySoftwareToken API request. If you don't verify the software token and your user pool doesn't require MFA, the user can then authenticate with user name and password credentials alone. If your user pool requires TOTP MFA, Amazon Cognito generates an MFA_SETUP or SOFTWARE_TOKEN_SETUP challenge each time your user signs. Complete setup with AssociateSoftwareToken and VerifySoftwareToken.

After you set up software token MFA for your user, Amazon Cognito generates a SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to this challenge with your user's TOTP.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs.

", "ChangePassword": "

Changes the password for a specified user in a user pool.

Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you can't use IAM credentials to authorize requests, and you can't grant IAM permissions in policies. For more information about authorization models in Amazon Cognito, see Using the Amazon Cognito native and OIDC APIs.

", @@ -477,7 +477,7 @@ "refs": { "AnalyticsConfigurationType$ApplicationArn": "

The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use the Amazon Pinpoint project to integrate with the chosen user pool Client. Amazon Cognito publishes events to the Amazon Pinpoint project that the app ARN declares.

", "AnalyticsConfigurationType$RoleArn": "

The ARN of an Identity and Access Management role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics.

", - "CloudWatchLogsConfigurationType$LogGroupArn": "

The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with Key Management Service and must be in the same Amazon Web Services account as your user pool.

", + "CloudWatchLogsConfigurationType$LogGroupArn": "

The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with Key Management Service and must be in the same Amazon Web Services account as your user pool.

To send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with /aws/vendedlogs. For more information, see Enabling logging from certain Amazon Web Services services.

", "CreateGroupRequest$RoleArn": "

The role Amazon Resource Name (ARN) for the group.

", "CreateUserImportJobRequest$CloudWatchLogsRoleArn": "

The role ARN for the Amazon CloudWatch Logs Logging role for the user import job.

", "CustomDomainConfigType$CertificateArn": "

The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.

", @@ -2210,7 +2210,7 @@ "UpdateIdentityProviderRequest$ProviderName": "

The IdP name.

" } }, - "ProviderNameTypeV1": { + "ProviderNameTypeV2": { "base": null, "refs": { "CreateIdentityProviderRequest$ProviderName": "

The IdP name.

" diff --git a/models/apis/cognito-idp/2016-04-18/endpoint-rule-set-1.json b/models/apis/cognito-idp/2016-04-18/endpoint-rule-set-1.json index e6566d99ff9..0f514686ef3 100644 --- a/models/apis/cognito-idp/2016-04-18/endpoint-rule-set-1.json +++ b/models/apis/cognito-idp/2016-04-18/endpoint-rule-set-1.json @@ -58,52 +58,56 @@ "type": "error" }, { - "conditions": [], - "type": "tree", - "rules": [ + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" + "ref": "UseDualStack" }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" + true + ] } - ] + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, { - "conditions": [], + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], "type": "tree", "rules": [ { "conditions": [ { - "fn": "isSet", + "fn": "aws.partition", "argv": [ { "ref": "Region" } - ] + ], + "assign": "PartitionResult" } ], "type": "tree", @@ -111,13 +115,22 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "booleanEquals", "argv": [ { - "ref": "Region" - } - ], - "assign": "PartitionResult" + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] } ], "type": "tree", @@ -127,224 +140,175 @@ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] }, { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://cognito-idp-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" + "endpoint": { + "url": "https://cognito-idp-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ { - "conditions": [], - "endpoint": { - "url": "https://cognito-idp-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsFIPS" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" + "endpoint": { + "url": "https://cognito-idp-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://cognito-idp.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } - ] - }, - { - "conditions": [], + ], "type": "tree", "rules": [ { "conditions": [], "endpoint": { - "url": "https://cognito-idp.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://cognito-idp.{Region}.{PartitionResult#dualStackDnsSuffix}", "properties": {}, "headers": {} }, "type": "endpoint" } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://cognito-idp.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } \ No newline at end of file diff --git a/models/apis/cognito-idp/2016-04-18/examples-1.json b/models/apis/cognito-idp/2016-04-18/examples-1.json index 0ea7e3b0bbe..b97bf83357e 100644 --- a/models/apis/cognito-idp/2016-04-18/examples-1.json +++ b/models/apis/cognito-idp/2016-04-18/examples-1.json @@ -1,5 +1,854 @@ { "version": "1.0", "examples": { + "AdminCreateUser": [ + { + "input": { + "DesiredDeliveryMediums": [ + "SMS" + ], + "MessageAction": "SUPPRESS", + "TemporaryPassword": "This-is-my-test-99!", + "UserAttributes": [ + { + "Name": "name", + "Value": "John" + }, + { + "Name": "phone_number", + "Value": "+12065551212" + }, + { + "Name": "email", + "Value": "testuser@example.com" + } + ], + "UserPoolId": "us-east-1_EXAMPLE", + "Username": "testuser" + }, + "output": { + "User": { + "Attributes": [ + { + "Name": "sub", + "Value": "d16b4aa8-8633-4abd-93b3-5062a8e1b5f8" + }, + { + "Name": "name", + "Value": "John" + }, + { + "Name": "phone_number", + "Value": "+12065551212" + }, + { + "Name": "email", + "Value": "testuser@example.com" + } + ], + "Enabled": true, + "UserCreateDate": 1689980857.949, + "UserLastModifiedDate": 1689980857.949, + "UserStatus": "FORCE_CHANGE_PASSWORD", + "Username": "testuser" + } + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "This request submits a value for all possible parameters for AdminCreateUser.", + "id": "an-admincreateuser-request-for-for-a-test-user-named-john-1689980900481", + "title": "An AdminCreateUser request for for a test user named John." + } + ], + "CreateUserPool": [ + { + "input": { + "AccountRecoverySetting": { + "RecoveryMechanisms": [ + { + "Name": "verified_email", + "Priority": 1 + } + ] + }, + "AdminCreateUserConfig": { + "AllowAdminCreateUserOnly": false, + "InviteMessageTemplate": { + "EmailMessage": "Your username is {username} and temporary password is {####}.", + "EmailSubject": "Your sign-in information", + "SMSMessage": "Your username is {username} and temporary password is {####}." + } + }, + "AliasAttributes": [ + "email" + ], + "AutoVerifiedAttributes": [ + "email" + ], + "DeletionProtection": "ACTIVE", + "DeviceConfiguration": { + "ChallengeRequiredOnNewDevice": true, + "DeviceOnlyRememberedOnUserPrompt": true + }, + "EmailConfiguration": { + "ConfigurationSet": "my-test-ses-configuration-set", + "EmailSendingAccount": "DEVELOPER", + "From": "support@example.com", + "ReplyToEmailAddress": "support@example.com", + "SourceArn": "arn:aws:ses:us-east-1:123456789012:identity/support@example.com" + }, + "EmailVerificationMessage": "Your verification code is {####}.", + "EmailVerificationSubject": "Verify your email address", + "LambdaConfig": { + "CustomEmailSender": { + "LambdaArn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "LambdaVersion": "V1_0" + }, + "CustomMessage": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "CustomSMSSender": { + "LambdaArn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "LambdaVersion": "V1_0" + }, + "DefineAuthChallenge": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "KMSKeyID": "arn:aws:kms:us-east-1:123456789012:key/a6c4f8e2-0c45-47db-925f-87854bc9e357", + "PostAuthentication": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "PostConfirmation": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "PreAuthentication": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "PreSignUp": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "PreTokenGeneration": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "UserMigration": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "VerifyAuthChallengeResponse": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction" + }, + "MfaConfiguration": "OPTIONAL", + "Policies": { + "PasswordPolicy": { + "MinimumLength": 6, + "RequireLowercase": true, + "RequireNumbers": true, + "RequireSymbols": true, + "RequireUppercase": true, + "TemporaryPasswordValidityDays": 7 + } + }, + "PoolName": "my-test-user-pool", + "Schema": [ + { + "AttributeDataType": "Number", + "DeveloperOnlyAttribute": true, + "Mutable": true, + "Name": "mydev", + "NumberAttributeConstraints": { + "MaxValue": "99", + "MinValue": "1" + }, + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "99", + "MinLength": "1" + } + } + ], + "SmsAuthenticationMessage": "Your verification code is {####}.", + "SmsConfiguration": { + "ExternalId": "my-role-external-id", + "SnsCallerArn": "arn:aws:iam::123456789012:role/service-role/test-cognito-SMS-Role" + }, + "SmsVerificationMessage": "Your verification code is {####}.", + "UserAttributeUpdateSettings": { + "AttributesRequireVerificationBeforeUpdate": [ + "email" + ] + }, + "UserPoolAddOns": { + "AdvancedSecurityMode": "OFF" + }, + "UserPoolTags": { + "my-test-tag-key": "my-test-tag-key" + }, + "UsernameConfiguration": { + "CaseSensitive": true + }, + "VerificationMessageTemplate": { + "DefaultEmailOption": "CONFIRM_WITH_CODE", + "EmailMessage": "Your confirmation code is {####}", + "EmailMessageByLink": "Choose this link to {##verify your email##}", + "EmailSubject": "Here is your confirmation code", + "EmailSubjectByLink": "Here is your confirmation link", + "SmsMessage": "Your confirmation code is {####}" + } + }, + "output": { + "UserPool": { + "AccountRecoverySetting": { + "RecoveryMechanisms": [ + { + "Name": "verified_email", + "Priority": 1 + } + ] + }, + "AdminCreateUserConfig": { + "AllowAdminCreateUserOnly": false, + "InviteMessageTemplate": { + "EmailMessage": "Your username is {username} and temporary password is {####}.", + "EmailSubject": "Your sign-in information", + "SMSMessage": "Your username is {username} and temporary password is {####}." + }, + "UnusedAccountValidityDays": 7 + }, + "AliasAttributes": [ + "email" + ], + "Arn": "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_EXAMPLE", + "AutoVerifiedAttributes": [ + "email" + ], + "CreationDate": 1689721665.239, + "DeletionProtection": "ACTIVE", + "DeviceConfiguration": { + "ChallengeRequiredOnNewDevice": true, + "DeviceOnlyRememberedOnUserPrompt": true + }, + "EmailConfiguration": { + "ConfigurationSet": "my-test-ses-configuration-set", + "EmailSendingAccount": "DEVELOPER", + "From": "support@example.com", + "ReplyToEmailAddress": "support@example.com", + "SourceArn": "arn:aws:ses:us-east-1:123456789012:identity/support@example.com" + }, + "EmailVerificationMessage": "Your verification code is {####}.", + "EmailVerificationSubject": "Verify your email address", + "EstimatedNumberOfUsers": 0, + "Id": "us-east-1_EXAMPLE", + "LambdaConfig": { + "CustomEmailSender": { + "LambdaArn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "LambdaVersion": "V1_0" + }, + "CustomMessage": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "CustomSMSSender": { + "LambdaArn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "LambdaVersion": "V1_0" + }, + "DefineAuthChallenge": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "KMSKeyID": "arn:aws:kms:us-east-1:767671399759:key/4d43904c-8edf-4bb4-9fca-fb1a80e41cbe", + "PostAuthentication": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "PostConfirmation": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "PreAuthentication": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "PreSignUp": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "PreTokenGeneration": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "UserMigration": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction", + "VerifyAuthChallengeResponse": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction" + }, + "LastModifiedDate": 1689721665.239, + "MfaConfiguration": "OPTIONAL", + "Name": "my-test-user-pool", + "Policies": { + "PasswordPolicy": { + "MinimumLength": 6, + "RequireLowercase": true, + "RequireNumbers": true, + "RequireSymbols": true, + "RequireUppercase": true, + "TemporaryPasswordValidityDays": 7 + } + }, + "SchemaAttributes": [ + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": false, + "Name": "sub", + "Required": true, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "1" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "name", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "given_name", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "family_name", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "middle_name", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "nickname", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "preferred_username", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "profile", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "picture", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "website", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "email", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "Boolean", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "email_verified", + "Required": false + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "gender", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "birthdate", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "10", + "MinLength": "10" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "zoneinfo", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "locale", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "phone_number", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "Boolean", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "phone_number_verifie", + "Required": false + }, + { + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "address", + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048", + "MinLength": "0" + } + }, + { + "AttributeDataType": "Number", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Name": "updated_at", + "NumberAttributeConstraints": { + "MinValue": "0" + }, + "Required": false + }, + { + "AttributeDataType": "Number", + "DeveloperOnlyAttribute": true, + "Mutable": true, + "Name": "dev:custom:mydev", + "NumberAttributeConstraints": { + "MaxValue": "99", + "MinValue": "1" + }, + "Required": false + } + ], + "SmsAuthenticationMessage": "Your verification code is {####}.", + "SmsConfiguration": { + "ExternalId": "my-role-external-id", + "SnsCallerArn": "arn:aws:iam::123456789012:role/service-role/test-cognito-SMS-Role", + "SnsRegion": "us-east-1" + }, + "SmsVerificationMessage": "Your verification code is {####}.", + "UserAttributeUpdateSettings": { + "AttributesRequireVerificationBeforeUpdate": [ + "email" + ] + }, + "UserPoolAddOns": { + "AdvancedSecurityMode": "OFF" + }, + "UserPoolTags": { + "my-test-tag-key": "my-test-tag-value" + }, + "UsernameConfiguration": { + "CaseSensitive": true + }, + "VerificationMessageTemplate": { + "DefaultEmailOption": "CONFIRM_WITH_CODE", + "EmailMessage": "Your confirmation code is {####}", + "EmailMessageByLink": "Choose this link to {##verify your email##}", + "EmailSubject": "Here is your confirmation code", + "EmailSubjectByLink": "Here is your confirmation link", + "SmsMessage": "Your confirmation code is {####}" + } + } + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "The following example creates a user pool with all configurable properties set to an example value. The resulting user pool allows sign-in with username or email address, has optional MFA, and has a Lambda function assigned to each possible trigger.", + "id": "example-user-pool-with-email-and-username-sign-in-1689722835145", + "title": "Example user pool with email and username sign-in" + } + ], + "CreateUserPoolClient": [ + { + "input": { + "AccessTokenValidity": 6, + "AllowedOAuthFlows": [ + "code" + ], + "AllowedOAuthFlowsUserPoolClient": true, + "AllowedOAuthScopes": [ + "aws.cognito.signin.user.admin", + "openid" + ], + "AnalyticsConfiguration": { + "ApplicationId": "d70b2ba36a8c4dc5a04a0451a31a1e12", + "ExternalId": "my-external-id", + "RoleArn": "arn:aws:iam::123456789012:role/test-cognitouserpool-role", + "UserDataShared": true + }, + "CallbackURLs": [ + "https://example.com", + "http://localhost", + "myapp://example" + ], + "ClientName": "my-test-app-client", + "DefaultRedirectURI": "https://example.com", + "ExplicitAuthFlows": [ + "ALLOW_ADMIN_USER_PASSWORD_AUTH", + "ALLOW_USER_PASSWORD_AUTH", + "ALLOW_REFRESH_TOKEN_AUTH" + ], + "GenerateSecret": true, + "IdTokenValidity": 6, + "LogoutURLs": [ + "https://example.com/logout" + ], + "PreventUserExistenceErrors": "ENABLED", + "ReadAttributes": [ + "email", + "address", + "preferred_username" + ], + "RefreshTokenValidity": 6, + "SupportedIdentityProviders": [ + "SignInWithApple", + "MySSO" + ], + "TokenValidityUnits": { + "AccessToken": "hours", + "IdToken": "minutes", + "RefreshToken": "days" + }, + "UserPoolId": "us-east-1_EXAMPLE", + "WriteAttributes": [ + "family_name", + "email" + ] + }, + "output": { + "UserPoolClient": { + "AccessTokenValidity": 6, + "AllowedOAuthFlows": [ + "code" + ], + "AllowedOAuthFlowsUserPoolClient": true, + "AllowedOAuthScopes": [ + "aws.cognito.signin.user.admin", + "openid" + ], + "AnalyticsConfiguration": { + "ApplicationId": "d70b2ba36a8c4dc5a04a0451a31a1e12", + "ExternalId": "my-external-id", + "RoleArn": "arn:aws:iam::123456789012:role/test-cognitouserpool-role", + "UserDataShared": true + }, + "AuthSessionValidity": 3, + "CallbackURLs": [ + "https://example.com", + "http://localhost", + "myapp://example" + ], + "ClientId": "26cb2c60kq7nbmas7rbme9b6pp", + "ClientName": "my-test-app-client", + "ClientSecret": "13ka4h7u28d9oo44tqpq9djqsfvhvu8rk4d2ighvpu0k8fj1c2r9", + "CreationDate": 1689885426.107, + "DefaultRedirectURI": "https://example.com", + "EnablePropagateAdditionalUserContextData": false, + "EnableTokenRevocation": true, + "ExplicitAuthFlows": [ + "ALLOW_USER_PASSWORD_AUTH", + "ALLOW_ADMIN_USER_PASSWORD_AUTH", + "ALLOW_REFRESH_TOKEN_AUTH" + ], + "IdTokenValidity": 6, + "LastModifiedDate": 1689885426.107, + "LogoutURLs": [ + "https://example.com/logout" + ], + "PreventUserExistenceErrors": "ENABLED", + "ReadAttributes": [ + "address", + "preferred_username", + "email" + ], + "RefreshTokenValidity": 6, + "SupportedIdentityProviders": [ + "SignInWithApple", + "MySSO" + ], + "TokenValidityUnits": { + "AccessToken": "hours", + "IdToken": "minutes", + "RefreshToken": "days" + }, + "UserPoolId": "us-east-1_EXAMPLE", + "WriteAttributes": [ + "family_name", + "email" + ] + } + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "The following example creates an app client with all configurable properties set to an example value. The resulting user pool client connects to an analytics client, allows sign-in with username and password, and has two external identity providers associated with it.", + "id": "example-user-pool-app-client-with-email-and-username-sign-in-1689885750745", + "title": "Example user pool app client with email and username sign-in" + } + ], + "InitiateAuth": [ + { + "input": { + "AnalyticsMetadata": { + "AnalyticsEndpointId": "d70b2ba36a8c4dc5a04a0451a31a1e12" + }, + "AuthFlow": "USER_PASSWORD_AUTH", + "AuthParameters": { + "PASSWORD": "This-is-my-test-99!", + "SECRET_HASH": "oT5ZkS8ctnrhYeeGsGTvOzPhoc/Jd1cO5fueBWFVmp8=", + "USERNAME": "mytestuser" + }, + "ClientId": "1example23456789", + "ClientMetadata": { + "MyTestKey": "MyTestValue" + }, + "UserContextData": { + "EncodedData": "AmazonCognitoAdvancedSecurityData_object", + "IpAddress": "192.0.2.1" + } + }, + "output": { + "ChallengeName": "SOFTWARE_TOKEN_MFA", + "ChallengeParameters": { + "FRIENDLY_DEVICE_NAME": "mytestauthenticator", + "USER_ID_FOR_SRP": "mytestuser" + }, + "Session": "AYABeC1-y8qooiuysEv0uM4wAqQAHQABAAdTZXJ2aWNlABBDb2duaXRvVXNlclBvb2xzAAEAB2F3cy1rbXMAS2Fybjphd3M6a21zOnVzLXdlc3QtMjowMTU3MzY3MjcxOTg6a2V5LzI5OTFhNGE5LTM5YTAtNDQ0Mi04MWU4LWRkYjY4NTllMTg2MQC4AQIBAHhjxv5lVLhE2_WNrC1zuomqn08qDUUp3z9v4EGAjazZ-wGP3HuBF5Izvxf-9WkCT5uyAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMeQoT5e6Dpfh52caqAgEQgDvuL8uLMhPt0WmQpZnkNED1gob6xbqt5LaQo_H4L5CuT4Kj499dGCoZ1q1trmlZSRgRm0wwGGG8lFU37QIAAAAADAAAEAAAAAAAAAAAAAAAAADuLe9_UJ4oZAMsQYr0ntiT_____wAAAAEAAAAAAAAAAAAAAAEAAADnLDGmKBQtsCafNokRmPLgl2itBKuKR2dfZBQb5ucCYkzThM5HOfQUSEL-A3dZzfYDC0IODsrcMkrbeeVyMJk-FCzsxS9Og8BEBVnvi9WjZkPJ4mF0YS6FUXnoPSBV5oUqGzRaT-tJ169SUFZAUfFM1fGeJ8T57-QdCxjyISRCWV1VG5_7TiCioyRGfWwzNVWh7exJortF3ccfOyiEyxeqJ2VJvJq3m_w8NP24_PMDpktpRMKftObIMlD5ewRTNCdrUXQ1BW5KIxhJLGjYfRzJDZuKzmEgS-VHsKz0z76w-AlAgdfvdAjflLnsgduU5kUX4YP6jqnetg" + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "The following example signs in the user mytestuser with analytics data, client metadata, and user context data for advanced security.", + "id": "example-username-and-password-sign-in-for-a-user-who-has-totp-mfa-1689887395219", + "title": "Example username and password sign-in for a user who has TOTP MFA" + } + ], + "ListUsers": [ + { + "input": { + "AttributesToGet": [ + "email", + "sub" + ], + "Filter": "\"email\"^=\"testuser\"", + "Limit": 3, + "PaginationToken": "abcd1234EXAMPLE", + "UserPoolId": "us-east-1_EXAMPLE" + }, + "output": { + "PaginationToken": "efgh5678EXAMPLE", + "Users": [ + { + "Attributes": [ + { + "Name": "sub", + "Value": "eaad0219-2117-439f-8d46-4db20e59268f" + }, + { + "Name": "email", + "Value": "testuser@example.com" + } + ], + "Enabled": true, + "UserCreateDate": 1682955829.578, + "UserLastModifiedDate": 1689030181.63, + "UserStatus": "CONFIRMED", + "Username": "testuser" + }, + { + "Attributes": [ + { + "Name": "sub", + "Value": "3b994cfd-0b07-4581-be46-3c82f9a70c90" + }, + { + "Name": "email", + "Value": "testuser2@example.com" + } + ], + "Enabled": true, + "UserCreateDate": 1684427979.201, + "UserLastModifiedDate": 1684427979.201, + "UserStatus": "UNCONFIRMED", + "Username": "testuser2" + }, + { + "Attributes": [ + { + "Name": "sub", + "Value": "5929e0d1-4c34-42d1-9b79-a5ecacfe66f7" + }, + { + "Name": "email", + "Value": "testuser3@example.com" + } + ], + "Enabled": true, + "UserCreateDate": 1684427823.641, + "UserLastModifiedDate": 1684427823.641, + "UserStatus": "UNCONFIRMED", + "Username": "testuser3@example.com" + } + ] + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "This request submits a value for all possible parameters for ListUsers. By iterating the PaginationToken, you can page through and collect all users in a user pool.", + "id": "a-listusers-request-for-the-next-3-users-whose-email-address-starts-with-testuser-1689977648246", + "title": "A ListUsers request for the next 3 users whose email address starts with \"testuser.\"" + }, + { + "input": { + "AttributesToGet": [ + "email", + "sub" + ], + "Filter": "\"email\"^=\"testuser\"", + "Limit": 3, + "PaginationToken": "abcd1234EXAMPLE", + "UserPoolId": "us-east-1_EXAMPLE" + }, + "output": { + "PaginationToken": "efgh5678EXAMPLE", + "Users": [ + { + "Attributes": [ + { + "Name": "sub", + "Value": "eaad0219-2117-439f-8d46-4db20e59268f" + }, + { + "Name": "email", + "Value": "testuser@example.com" + } + ], + "Enabled": true, + "UserCreateDate": 1682955829.578, + "UserLastModifiedDate": 1689030181.63, + "UserStatus": "CONFIRMED", + "Username": "testuser" + }, + { + "Attributes": [ + { + "Name": "sub", + "Value": "3b994cfd-0b07-4581-be46-3c82f9a70c90" + }, + { + "Name": "email", + "Value": "testuser2@example.com" + } + ], + "Enabled": true, + "UserCreateDate": 1684427979.201, + "UserLastModifiedDate": 1684427979.201, + "UserStatus": "UNCONFIRMED", + "Username": "testuser2" + }, + { + "Attributes": [ + { + "Name": "sub", + "Value": "5929e0d1-4c34-42d1-9b79-a5ecacfe66f7" + }, + { + "Name": "email", + "Value": "testuser3@example.com" + } + ], + "Enabled": true, + "UserCreateDate": 1684427823.641, + "UserLastModifiedDate": 1684427823.641, + "UserStatus": "UNCONFIRMED", + "Username": "testuser3@example.com" + } + ] + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "This request submits a value for all possible parameters for ListUsers. By iterating the PaginationToken, you can page through and collect all users in a user pool.", + "id": "a-listusers-request-for-the-next-3-users-whose-email-address-starts-with-testuser-1689977648246", + "title": "A ListUsers request for the next 3 users whose email address starts with \"testuser.\"" + } + ] } } diff --git a/models/apis/fsx/2018-03-01/docs-2.json b/models/apis/fsx/2018-03-01/docs-2.json index 449476c9acc..1aab08deecc 100644 --- a/models/apis/fsx/2018-03-01/docs-2.json +++ b/models/apis/fsx/2018-03-01/docs-2.json @@ -6,8 +6,8 @@ "CancelDataRepositoryTask": "

Cancels an existing Amazon FSx for Lustre data repository task if that task is in either the PENDING or EXECUTING state. When you cancel am export task, Amazon FSx does the following.

  • Any files that FSx has already exported are not reverted.

  • FSx continues to export any files that are in-flight when the cancel operation is received.

  • FSx does not export any files that have not yet been exported.

For a release task, Amazon FSx will stop releasing files upon cancellation. Any files that have already been released will remain in the released state.

", "CopyBackup": "

Copies an existing backup within the same Amazon Web Services account to another Amazon Web Services Region (cross-Region copy) or within the same Amazon Web Services Region (in-Region copy). You can have up to five backup copy requests in progress to a single destination Region per account.

You can use cross-Region backup copies for cross-Region disaster recovery. You can periodically take backups and copy them to another Region so that in the event of a disaster in the primary Region, you can restore from backup and recover availability quickly in the other Region. You can make cross-Region copies only within your Amazon Web Services partition. A partition is a grouping of Regions. Amazon Web Services currently has three partitions: aws (Standard Regions), aws-cn (China Regions), and aws-us-gov (Amazon Web Services GovCloud [US] Regions).

You can also use backup copies to clone your file dataset to another Region or within the same Region.

You can use the SourceRegion parameter to specify the Amazon Web Services Region from which the backup will be copied. For example, if you make the call from the us-west-1 Region and want to copy a backup from the us-east-2 Region, you specify us-east-2 in the SourceRegion parameter to make a cross-Region copy. If you don't specify a Region, the backup copy is created in the same Region where the request is sent from (in-Region copy).

For more information about creating backup copies, see Copying backups in the Amazon FSx for Windows User Guide, Copying backups in the Amazon FSx for Lustre User Guide, and Copying backups in the Amazon FSx for OpenZFS User Guide.

", "CreateBackup": "

Creates a backup of an existing Amazon FSx for Windows File Server file system, Amazon FSx for Lustre file system, Amazon FSx for NetApp ONTAP volume, or Amazon FSx for OpenZFS file system. We recommend creating regular backups so that you can restore a file system or volume from a backup if an issue arises with the original file system or volume.

For Amazon FSx for Lustre file systems, you can create a backup only for file systems that have the following configuration:

  • A Persistent deployment type

  • Are not linked to a data repository

For more information about backups, see the following:

If a backup with the specified client request token exists and the parameters match, this operation returns the description of the existing backup. If a backup with the specified client request token exists and the parameters don't match, this operation returns IncompatibleParameterError. If a backup with the specified client request token doesn't exist, CreateBackup does the following:

  • Creates a new Amazon FSx backup with an assigned ID, and an initial lifecycle state of CREATING.

  • Returns the description of the backup.

By using the idempotent operation, you can retry a CreateBackup operation without the risk of creating an extra backup. This approach can be useful when an initial call fails in a way that makes it unclear whether a backup was created. If you use the same client request token and the initial call created a backup, the operation returns a successful result because all the parameters are the same.

The CreateBackup operation returns while the backup's lifecycle state is still CREATING. You can check the backup creation status by calling the DescribeBackups operation, which returns the backup state along with other information.

", - "CreateDataRepositoryAssociation": "

Creates an Amazon FSx for Lustre data repository association (DRA). A data repository association is a link between a directory on the file system and an Amazon S3 bucket or prefix. You can have a maximum of 8 data repository associations on a file system. Data repository associations are supported on all FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment type.

Each data repository association must have a unique Amazon FSx file system directory and a unique S3 bucket or prefix associated with it. You can configure a data repository association for automatic import only, for automatic export only, or for both. To learn more about linking a data repository to your file system, see Linking your file system to an S3 bucket.

CreateDataRepositoryAssociation isn't supported on Amazon File Cache resources. To create a DRA on Amazon File Cache, use the CreateFileCache operation.

", - "CreateDataRepositoryTask": "

Creates an Amazon FSx for Lustre data repository task. A CreateDataRepositoryTask operation will fail if a data repository is not linked to the FSx file system.

You use import and export data repository tasks to perform bulk operations between your FSx for Lustre file system and its linked data repositories. An example of a data repository task is exporting any data and metadata changes, including POSIX metadata, to files, directories, and symbolic links (symlinks) from your FSx file system to a linked data repository.

You use release data repository tasks to release data from your file system for files that are archived to S3. The metadata of released files remains on the file system so users or applications can still access released files by reading the files again, which will restore data from Amazon S3 to the FSx for Lustre file system.

To learn more about data repository tasks, see Data Repository Tasks. To learn more about linking a data repository to your file system, see Linking your file system to an S3 bucket.

", + "CreateDataRepositoryAssociation": "

Creates an Amazon FSx for Lustre data repository association (DRA). A data repository association is a link between a directory on the file system and an Amazon S3 bucket or prefix. You can have a maximum of 8 data repository associations on a file system. Data repository associations are supported on all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment type.

Each data repository association must have a unique Amazon FSx file system directory and a unique S3 bucket or prefix associated with it. You can configure a data repository association for automatic import only, for automatic export only, or for both. To learn more about linking a data repository to your file system, see Linking your file system to an S3 bucket.

CreateDataRepositoryAssociation isn't supported on Amazon File Cache resources. To create a DRA on Amazon File Cache, use the CreateFileCache operation.

", + "CreateDataRepositoryTask": "

Creates an Amazon FSx for Lustre data repository task. A CreateDataRepositoryTask operation will fail if a data repository is not linked to the FSx file system.

You use import and export data repository tasks to perform bulk operations between your FSx for Lustre file system and its linked data repositories. An example of a data repository task is exporting any data and metadata changes, including POSIX metadata, to files, directories, and symbolic links (symlinks) from your FSx file system to a linked data repository.

You use release data repository tasks to release data from your file system for files that are exported to S3. The metadata of released files remains on the file system so users or applications can still access released files by reading the files again, which will restore data from Amazon S3 to the FSx for Lustre file system.

To learn more about data repository tasks, see Data Repository Tasks. To learn more about linking a data repository to your file system, see Linking your file system to an S3 bucket.

", "CreateFileCache": "

Creates a new Amazon File Cache resource.

You can use this operation with a client request token in the request that Amazon File Cache uses to ensure idempotent creation. If a cache with the specified client request token exists and the parameters match, CreateFileCache returns the description of the existing cache. If a cache with the specified client request token exists and the parameters don't match, this call returns IncompatibleParameterError. If a file cache with the specified client request token doesn't exist, CreateFileCache does the following:

  • Creates a new, empty Amazon File Cache resourcewith an assigned ID, and an initial lifecycle state of CREATING.

  • Returns the description of the cache in JSON format.

The CreateFileCache call returns while the cache's lifecycle state is still CREATING. You can check the cache creation status by calling the DescribeFileCaches operation, which returns the cache state along with other information.

", "CreateFileSystem": "

Creates a new, empty Amazon FSx file system. You can create the following supported Amazon FSx file systems using the CreateFileSystem API operation:

  • Amazon FSx for Lustre

  • Amazon FSx for NetApp ONTAP

  • Amazon FSx for OpenZFS

  • Amazon FSx for Windows File Server

This operation requires a client request token in the request that Amazon FSx uses to ensure idempotent creation. This means that calling the operation multiple times with the same client request token has no effect. By using the idempotent operation, you can retry a CreateFileSystem operation without the risk of creating an extra file system. This approach can be useful when an initial call fails in a way that makes it unclear whether a file system was created. Examples are if a transport level timeout occurred, or your connection was reset. If you use the same client request token and the initial call created a file system, the client receives success as long as the parameters are the same.

If a file system with the specified client request token exists and the parameters match, CreateFileSystem returns the description of the existing file system. If a file system with the specified client request token exists and the parameters don't match, this call returns IncompatibleParameterError. If a file system with the specified client request token doesn't exist, CreateFileSystem does the following:

  • Creates a new, empty Amazon FSx file system with an assigned ID, and an initial lifecycle state of CREATING.

  • Returns the description of the file system in JSON format.

The CreateFileSystem call returns while the file system's lifecycle state is still CREATING. You can check the file-system creation status by calling the DescribeFileSystems operation, which returns the file system state along with other information.

", "CreateFileSystemFromBackup": "

Creates a new Amazon FSx for Lustre, Amazon FSx for Windows File Server, or Amazon FSx for OpenZFS file system from an existing Amazon FSx backup.

If a file system with the specified client request token exists and the parameters match, this operation returns the description of the file system. If a file system with the specified client request token exists but the parameters don't match, this call returns IncompatibleParameterError. If a file system with the specified client request token doesn't exist, this operation does the following:

  • Creates a new Amazon FSx file system from backup with an assigned ID, and an initial lifecycle state of CREATING.

  • Returns the description of the file system.

Parameters like the Active Directory, default share name, automatic backup, and backup settings default to the parameters of the file system that was backed up, unless overridden. You can explicitly supply other settings.

By using the idempotent operation, you can retry a CreateFileSystemFromBackup call without the risk of creating an extra file system. This approach can be useful when an initial call fails in a way that makes it unclear whether a file system was created. Examples are if a transport level timeout occurred, or your connection was reset. If you use the same client request token and the initial call created a file system, the client receives a success message as long as the parameters are the same.

The CreateFileSystemFromBackup call returns while the file system's lifecycle state is still CREATING. You can check the file-system creation status by calling the DescribeFileSystems operation, which returns the file system state along with other information.

", @@ -16,14 +16,14 @@ "CreateVolume": "

Creates an FSx for ONTAP or Amazon FSx for OpenZFS storage volume.

", "CreateVolumeFromBackup": "

Creates a new Amazon FSx for NetApp ONTAP volume from an existing Amazon FSx volume backup.

", "DeleteBackup": "

Deletes an Amazon FSx backup. After deletion, the backup no longer exists, and its data is gone.

The DeleteBackup call returns instantly. The backup won't show up in later DescribeBackups calls.

The data in a deleted backup is also deleted and can't be recovered by any means.

", - "DeleteDataRepositoryAssociation": "

Deletes a data repository association on an Amazon FSx for Lustre file system. Deleting the data repository association unlinks the file system from the Amazon S3 bucket. When deleting a data repository association, you have the option of deleting the data in the file system that corresponds to the data repository association. Data repository associations are supported on all FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment type.

", + "DeleteDataRepositoryAssociation": "

Deletes a data repository association on an Amazon FSx for Lustre file system. Deleting the data repository association unlinks the file system from the Amazon S3 bucket. When deleting a data repository association, you have the option of deleting the data in the file system that corresponds to the data repository association. Data repository associations are supported on all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment type.

", "DeleteFileCache": "

Deletes an Amazon File Cache resource. After deletion, the cache no longer exists, and its data is gone.

The DeleteFileCache operation returns while the cache has the DELETING status. You can check the cache deletion status by calling the DescribeFileCaches operation, which returns a list of caches in your account. If you pass the cache ID for a deleted cache, the DescribeFileCaches operation returns a FileCacheNotFound error.

The data in a deleted cache is also deleted and can't be recovered by any means.

", - "DeleteFileSystem": "

Deletes a file system. After deletion, the file system no longer exists, and its data is gone. Any existing automatic backups and snapshots are also deleted.

To delete an Amazon FSx for NetApp ONTAP file system, first delete all the volumes and storage virtual machines (SVMs) on the file system. Then provide a FileSystemId value to the DeleFileSystem operation.

By default, when you delete an Amazon FSx for Windows File Server file system, a final backup is created upon deletion. This final backup isn't subject to the file system's retention policy, and must be manually deleted.

The DeleteFileSystem operation returns while the file system has the DELETING status. You can check the file system deletion status by calling the DescribeFileSystems operation, which returns a list of file systems in your account. If you pass the file system ID for a deleted file system, the DescribeFileSystems operation returns a FileSystemNotFound error.

If a data repository task is in a PENDING or EXECUTING state, deleting an Amazon FSx for Lustre file system will fail with an HTTP status code 400 (Bad Request).

The data in a deleted file system is also deleted and can't be recovered by any means.

", + "DeleteFileSystem": "

Deletes a file system. After deletion, the file system no longer exists, and its data is gone. Any existing automatic backups and snapshots are also deleted.

To delete an Amazon FSx for NetApp ONTAP file system, first delete all the volumes and storage virtual machines (SVMs) on the file system. Then provide a FileSystemId value to the DeleFileSystem operation.

By default, when you delete an Amazon FSx for Windows File Server file system, a final backup is created upon deletion. This final backup isn't subject to the file system's retention policy, and must be manually deleted.

To delete an Amazon FSx for Lustre file system, first unmount it from every connected Amazon EC2 instance, then provide a FileSystemId value to the DeleFileSystem operation. By default, Amazon FSx will not take a final backup when the DeleteFileSystem operation is invoked. On file systems not linked to an Amazon S3 bucket, set SkipFinalBackup to false to take a final backup of the file system you are deleting. Backups cannot be enabled on S3-linked file systems. To ensure all of your data is written back to S3 before deleting your file system, you can either monitor for the AgeOfOldestQueuedMessage metric to be zero (if using automatic export) or you can run an export data repository task. If you have automatic export enabled and want to use an export data repository task, you have to disable automatic export before executing the export data repository task.

The DeleteFileSystem operation returns while the file system has the DELETING status. You can check the file system deletion status by calling the DescribeFileSystems operation, which returns a list of file systems in your account. If you pass the file system ID for a deleted file system, the DescribeFileSystems operation returns a FileSystemNotFound error.

If a data repository task is in a PENDING or EXECUTING state, deleting an Amazon FSx for Lustre file system will fail with an HTTP status code 400 (Bad Request).

The data in a deleted file system is also deleted and can't be recovered by any means.

", "DeleteSnapshot": "

Deletes an Amazon FSx for OpenZFS snapshot. After deletion, the snapshot no longer exists, and its data is gone. Deleting a snapshot doesn't affect snapshots stored in a file system backup.

The DeleteSnapshot operation returns instantly. The snapshot appears with the lifecycle status of DELETING until the deletion is complete.

", "DeleteStorageVirtualMachine": "

Deletes an existing Amazon FSx for ONTAP storage virtual machine (SVM). Prior to deleting an SVM, you must delete all non-root volumes in the SVM, otherwise the operation will fail.

", "DeleteVolume": "

Deletes an Amazon FSx for NetApp ONTAP or Amazon FSx for OpenZFS volume.

", "DescribeBackups": "

Returns the description of a specific Amazon FSx backup, if a BackupIds value is provided for that backup. Otherwise, it returns all backups owned by your Amazon Web Services account in the Amazon Web Services Region of the endpoint that you're calling.

When retrieving all backups, you can optionally specify the MaxResults parameter to limit the number of backups in a response. If more backups remain, Amazon FSx returns a NextToken value in the response. In this case, send a later request with the NextToken request parameter set to the value of the NextToken value from the last response.

This operation is used in an iterative process to retrieve a list of your backups. DescribeBackups is called first without a NextToken value. Then the operation continues to be called with the NextToken parameter set to the value of the last NextToken value until a response has no NextToken value.

When using this operation, keep the following in mind:

  • The operation might return fewer than the MaxResults value of backup descriptions while still including a NextToken value.

  • The order of the backups returned in the response of one DescribeBackups call and the order of the backups returned across the responses of a multi-call iteration is unspecified.

", - "DescribeDataRepositoryAssociations": "

Returns the description of specific Amazon FSx for Lustre or Amazon File Cache data repository associations, if one or more AssociationIds values are provided in the request, or if filters are used in the request. Data repository associations are supported on Amazon File Cache resources and all FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment type.

You can use filters to narrow the response to include just data repository associations for specific file systems (use the file-system-id filter with the ID of the file system) or caches (use the file-cache-id filter with the ID of the cache), or data repository associations for a specific repository type (use the data-repository-type filter with a value of S3 or NFS). If you don't use filters, the response returns all data repository associations owned by your Amazon Web Services account in the Amazon Web Services Region of the endpoint that you're calling.

When retrieving all data repository associations, you can paginate the response by using the optional MaxResults parameter to limit the number of data repository associations returned in a response. If more data repository associations remain, a NextToken value is returned in the response. In this case, send a later request with the NextToken request parameter set to the value of NextToken from the last response.

", + "DescribeDataRepositoryAssociations": "

Returns the description of specific Amazon FSx for Lustre or Amazon File Cache data repository associations, if one or more AssociationIds values are provided in the request, or if filters are used in the request. Data repository associations are supported on Amazon File Cache resources and all FSx for Lustre 2.12 and 2,15 file systems, excluding scratch_1 deployment type.

You can use filters to narrow the response to include just data repository associations for specific file systems (use the file-system-id filter with the ID of the file system) or caches (use the file-cache-id filter with the ID of the cache), or data repository associations for a specific repository type (use the data-repository-type filter with a value of S3 or NFS). If you don't use filters, the response returns all data repository associations owned by your Amazon Web Services account in the Amazon Web Services Region of the endpoint that you're calling.

When retrieving all data repository associations, you can paginate the response by using the optional MaxResults parameter to limit the number of data repository associations returned in a response. If more data repository associations remain, a NextToken value is returned in the response. In this case, send a later request with the NextToken request parameter set to the value of NextToken from the last response.

", "DescribeDataRepositoryTasks": "

Returns the description of specific Amazon FSx for Lustre or Amazon File Cache data repository tasks, if one or more TaskIds values are provided in the request, or if filters are used in the request. You can use filters to narrow the response to include just tasks for specific file systems or caches, or tasks in a specific lifecycle state. Otherwise, it returns all data repository tasks owned by your Amazon Web Services account in the Amazon Web Services Region of the endpoint that you're calling.

When retrieving all tasks, you can paginate the response by using the optional MaxResults parameter to limit the number of tasks returned in a response. If more tasks remain, a NextToken value is returned in the response. In this case, send a later request with the NextToken request parameter set to the value of NextToken from the last response.

", "DescribeFileCaches": "

Returns the description of a specific Amazon File Cache resource, if a FileCacheIds value is provided for that cache. Otherwise, it returns descriptions of all caches owned by your Amazon Web Services account in the Amazon Web Services Region of the endpoint that you're calling.

When retrieving all cache descriptions, you can optionally specify the MaxResults parameter to limit the number of descriptions in a response. If more cache descriptions remain, the operation returns a NextToken value in the response. In this case, send a later request with the NextToken request parameter set to the value of NextToken from the last response.

This operation is used in an iterative process to retrieve a list of your cache descriptions. DescribeFileCaches is called first without a NextTokenvalue. Then the operation continues to be called with the NextToken parameter set to the value of the last NextToken value until a response has no NextToken.

When using this operation, keep the following in mind:

  • The implementation might return fewer than MaxResults cache descriptions while still including a NextToken value.

  • The order of caches returned in the response of one DescribeFileCaches call and the order of caches returned across the responses of a multicall iteration is unspecified.

", "DescribeFileSystemAliases": "

Returns the DNS aliases that are associated with the specified Amazon FSx for Windows File Server file system. A history of all DNS aliases that have been associated with and disassociated from the file system is available in the list of AdministrativeAction provided in the DescribeFileSystems operation response.

", @@ -37,9 +37,9 @@ "RestoreVolumeFromSnapshot": "

Returns an Amazon FSx for OpenZFS volume to the state saved by the specified snapshot.

", "TagResource": "

Tags an Amazon FSx resource.

", "UntagResource": "

This action removes a tag from an Amazon FSx resource.

", - "UpdateDataRepositoryAssociation": "

Updates the configuration of an existing data repository association on an Amazon FSx for Lustre file system. Data repository associations are supported on all FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment type.

", + "UpdateDataRepositoryAssociation": "

Updates the configuration of an existing data repository association on an Amazon FSx for Lustre file system. Data repository associations are supported on all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment type.

", "UpdateFileCache": "

Updates the configuration of an existing Amazon File Cache resource. You can update multiple properties in a single request.

", - "UpdateFileSystem": "

Use this operation to update the configuration of an existing Amazon FSx file system. You can update multiple properties in a single request.

For FSx for Windows File Server file systems, you can update the following properties:

  • AuditLogConfiguration

  • AutomaticBackupRetentionDays

  • DailyAutomaticBackupStartTime

  • SelfManagedActiveDirectoryConfiguration

  • StorageCapacity

  • StorageType

  • ThroughputCapacity

  • DiskIopsConfiguration

  • WeeklyMaintenanceStartTime

For FSx for Lustre file systems, you can update the following properties:

  • AutoImportPolicy

  • AutomaticBackupRetentionDays

  • DailyAutomaticBackupStartTime

  • DataCompressionType

  • LogConfiguration

  • LustreRootSquashConfiguration

  • StorageCapacity

  • WeeklyMaintenanceStartTime

For FSx for ONTAP file systems, you can update the following properties:

  • AddRouteTableIds

  • AutomaticBackupRetentionDays

  • DailyAutomaticBackupStartTime

  • DiskIopsConfiguration

  • FsxAdminPassword

  • RemoveRouteTableIds

  • StorageCapacity

  • ThroughputCapacity

  • WeeklyMaintenanceStartTime

For FSx for OpenZFS file systems, you can update the following properties:

  • AutomaticBackupRetentionDays

  • CopyTagsToBackups

  • CopyTagsToVolumes

  • DailyAutomaticBackupStartTime

  • DiskIopsConfiguration

  • StorageCapacity

  • ThroughputCapacity

  • WeeklyMaintenanceStartTime

", + "UpdateFileSystem": "

Use this operation to update the configuration of an existing Amazon FSx file system. You can update multiple properties in a single request.

For FSx for Windows File Server file systems, you can update the following properties:

  • AuditLogConfiguration

  • AutomaticBackupRetentionDays

  • DailyAutomaticBackupStartTime

  • SelfManagedActiveDirectoryConfiguration

  • StorageCapacity

  • StorageType

  • ThroughputCapacity

  • DiskIopsConfiguration

  • WeeklyMaintenanceStartTime

For FSx for Lustre file systems, you can update the following properties:

  • AutoImportPolicy

  • AutomaticBackupRetentionDays

  • DailyAutomaticBackupStartTime

  • DataCompressionType

  • LogConfiguration

  • LustreRootSquashConfiguration

  • StorageCapacity

  • WeeklyMaintenanceStartTime

For FSx for ONTAP file systems, you can update the following properties:

  • AddRouteTableIds

  • AutomaticBackupRetentionDays

  • DailyAutomaticBackupStartTime

  • DiskIopsConfiguration

  • FsxAdminPassword

  • RemoveRouteTableIds

  • StorageCapacity

  • ThroughputCapacity

  • WeeklyMaintenanceStartTime

For FSx for OpenZFS file systems, you can update the following properties:

  • AddRouteTableIds

  • AutomaticBackupRetentionDays

  • CopyTagsToBackups

  • CopyTagsToVolumes

  • DailyAutomaticBackupStartTime

  • DiskIopsConfiguration

  • RemoveRouteTableIds

  • StorageCapacity

  • ThroughputCapacity

  • WeeklyMaintenanceStartTime

", "UpdateSnapshot": "

Updates the name of an Amazon FSx for OpenZFS snapshot.

", "UpdateStorageVirtualMachine": "

Updates an FSx for ONTAP storage virtual machine (SVM).

", "UpdateVolume": "

Updates the configuration of an Amazon FSx for NetApp ONTAP or Amazon FSx for OpenZFS volume.

" @@ -625,7 +625,7 @@ } }, "DataRepositoryAssociation": { - "base": "

The configuration of a data repository association that links an Amazon FSx for Lustre file system to an Amazon S3 bucket or an Amazon File Cache resource to an Amazon S3 bucket or an NFS file system. The data repository association configuration object is returned in the response of the following operations:

  • CreateDataRepositoryAssociation

  • UpdateDataRepositoryAssociation

  • DescribeDataRepositoryAssociations

Data repository associations are supported on Amazon File Cache resources and all FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment type.

", + "base": "

The configuration of a data repository association that links an Amazon FSx for Lustre file system to an Amazon S3 bucket or an Amazon File Cache resource to an Amazon S3 bucket or an NFS file system. The data repository association configuration object is returned in the response of the following operations:

  • CreateDataRepositoryAssociation

  • UpdateDataRepositoryAssociation

  • DescribeDataRepositoryAssociations

Data repository associations are supported on Amazon File Cache resources and all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment type.

", "refs": { "CreateDataRepositoryAssociationResponse$Association": "

The response object returned after the data repository association is created.

", "DataRepositoryAssociations$member": null, @@ -683,7 +683,7 @@ } }, "DataRepositoryTask": { - "base": "

A description of the data repository task.

  • You use import and export data repository tasks to perform bulk transfer operations between an Amazon FSx for Lustre file system and a linked data repository.

  • You use release data repository tasks to release archived files from your Amazon FSx for Lustre file system.

  • An Amazon File Cache resource uses a task to automatically release files from the cache.

To learn more about data repository tasks, see Data Repository Tasks.

", + "base": "

A description of the data repository task.

  • You use import and export data repository tasks to perform bulk transfer operations between an Amazon FSx for Lustre file system and a linked data repository.

  • You use release data repository tasks to release have been exported to a linked S3 bucketed files from your Amazon FSx for Lustre file system.

  • An Amazon File Cache resource uses a task to automatically release files from the cache.

To learn more about data repository tasks, see Data Repository Tasks.

", "refs": { "CreateDataRepositoryTaskResponse$DataRepositoryTask": "

The description of the data repository task that you just created.

", "DataRepositoryTasks$member": null @@ -756,7 +756,7 @@ "DataRepositoryTaskPaths": { "base": null, "refs": { - "CreateDataRepositoryTaskRequest$Paths": "

A list of paths for the data repository task to use when the task is processed. If a path that you provide isn't valid, the task fails. If you don't provide paths, the default behavior is to export all files to S3 (for export tasks), import all files from S3 (for import tasks), or release all archived files that meet the last accessed time criteria (for release tasks).

  • For export tasks, the list contains paths on the FSx for Lustre file system from which the files are exported to the Amazon S3 bucket. The default path is the file system root directory. The paths you provide need to be relative to the mount point of the file system. If the mount point is /mnt/fsx and /mnt/fsx/path1 is a directory or file on the file system you want to export, then the path to provide is path1.

  • For import tasks, the list contains paths in the Amazon S3 bucket from which POSIX metadata changes are imported to the FSx for Lustre file system. The path can be an S3 bucket or prefix in the format s3://myBucket/myPrefix (where myPrefix is optional).

  • For release tasks, the list contains directory or file paths on the FSx for Lustre file system from which to release archived files. If a directory is specified, files within the directory are released. If a file path is specified, only that file is released. To release all archived files in the file system, specify a forward slash (/) as the path.

    A file must also meet the last accessed time criteria specified in for the file to be released.
", + "CreateDataRepositoryTaskRequest$Paths": "

A list of paths for the data repository task to use when the task is processed. If a path that you provide isn't valid, the task fails. If you don't provide paths, the default behavior is to export all files to S3 (for export tasks), import all files from S3 (for import tasks), or release all exported files that meet the last accessed time criteria (for release tasks).

  • For export tasks, the list contains paths on the FSx for Lustre file system from which the files are exported to the Amazon S3 bucket. The default path is the file system root directory. The paths you provide need to be relative to the mount point of the file system. If the mount point is /mnt/fsx and /mnt/fsx/path1 is a directory or file on the file system you want to export, then the path to provide is path1.

  • For import tasks, the list contains paths in the Amazon S3 bucket from which POSIX metadata changes are imported to the FSx for Lustre file system. The path can be an S3 bucket or prefix in the format s3://myBucket/myPrefix (where myPrefix is optional).

  • For release tasks, the list contains directory or file paths on the FSx for Lustre file system from which to release exported files. If a directory is specified, files within the directory are released. If a file path is specified, only that file is released. To release all exported files in the file system, specify a forward slash (/) as the path.

    A file must also meet the last accessed time criteria specified in for the file to be released.
", "DataRepositoryTask$Paths": "

An array of paths that specify the data for the data repository task to process. For example, in an EXPORT_TO_REPOSITORY task, the paths specify which data to export to the linked data repository.

(Default) If Paths is not specified, Amazon FSx uses the file system root directory.

" } }, @@ -769,8 +769,8 @@ "DataRepositoryTaskType": { "base": null, "refs": { - "CreateDataRepositoryTaskRequest$Type": "

Specifies the type of data repository task to create.

  • EXPORT_TO_REPOSITORY tasks export from your Amazon FSx for Lustre file system to a linked data repository.

  • IMPORT_METADATA_FROM_REPOSITORY tasks import metadata changes from a linked S3 bucket to your Amazon FSx for Lustre file system.

  • RELEASE_DATA_FROM_FILESYSTEM tasks release files in your Amazon FSx for Lustre file system that are archived and that meet your specified release criteria.

  • AUTO_RELEASE_DATA tasks automatically release files from an Amazon File Cache resource.

", - "DataRepositoryTask$Type": "

The type of data repository task.

  • EXPORT_TO_REPOSITORY tasks export from your Amazon FSx for Lustre file system to a linked data repository.

  • IMPORT_METADATA_FROM_REPOSITORY tasks import metadata changes from a linked S3 bucket to your Amazon FSx for Lustre file system.

  • RELEASE_DATA_FROM_FILESYSTEM tasks release files in your Amazon FSx for Lustre file system that are archived and that meet your specified release criteria.

  • AUTO_RELEASE_DATA tasks automatically release files from an Amazon File Cache resource.

" + "CreateDataRepositoryTaskRequest$Type": "

Specifies the type of data repository task to create.

  • EXPORT_TO_REPOSITORY tasks export from your Amazon FSx for Lustre file system to a linked data repository.

  • IMPORT_METADATA_FROM_REPOSITORY tasks import metadata changes from a linked S3 bucket to your Amazon FSx for Lustre file system.

  • RELEASE_DATA_FROM_FILESYSTEM tasks release files in your Amazon FSx for Lustre file system that have been exported to a linked S3 bucket and that meet your specified release criteria.

  • AUTO_RELEASE_DATA tasks automatically release files from an Amazon File Cache resource.

", + "DataRepositoryTask$Type": "

The type of data repository task.

  • EXPORT_TO_REPOSITORY tasks export from your Amazon FSx for Lustre file system to a linked data repository.

  • IMPORT_METADATA_FROM_REPOSITORY tasks import metadata changes from a linked S3 bucket to your Amazon FSx for Lustre file system.

  • RELEASE_DATA_FROM_FILESYSTEM tasks release files in your Amazon FSx for Lustre file system that have been exported to a linked S3 bucket and that meet your specified release criteria.

  • AUTO_RELEASE_DATA tasks automatically release files from an Amazon File Cache resource.

" } }, "DataRepositoryTasks": { @@ -1094,9 +1094,9 @@ } }, "DurationSinceLastAccess": { - "base": "

Defines the minimum amount of time since last access for a file to be eligible for release. Only archived files that were last accessed or modified before this point-in-time are eligible to be released from the Amazon FSx for Lustre file system.

", + "base": "

Defines the minimum amount of time since last access for a file to be eligible for release. Only files that have been exported to S3 and that were last accessed or modified before this point-in-time are eligible to be released from the Amazon FSx for Lustre file system.

", "refs": { - "ReleaseConfiguration$DurationSinceLastAccess": "

Defines the point-in-time since an archived file was last accessed, in order for that file to be eligible for release. Only files that were last accessed before this point-in-time are eligible to be released from the file system.

" + "ReleaseConfiguration$DurationSinceLastAccess": "

Defines the point-in-time since an exported file was last accessed, in order for that file to be eligible for release. Only files that were last accessed before this point-in-time are eligible to be released from the file system.

" } }, "EndTime": { @@ -1373,11 +1373,11 @@ "base": null, "refs": { "CreateFileCacheRequest$FileCacheTypeVersion": "

Sets the Lustre version for the cache that you're creating, which must be 2.12.

", - "CreateFileSystemFromBackupRequest$FileSystemTypeVersion": "

Sets the version for the Amazon FSx for Lustre file system that you're creating from a backup. Valid values are 2.10 and 2.12.

You don't need to specify FileSystemTypeVersion because it will be applied using the backup's FileSystemTypeVersion setting. If you choose to specify FileSystemTypeVersion when creating from backup, the value must match the backup's FileSystemTypeVersion setting.

", - "CreateFileSystemRequest$FileSystemTypeVersion": "

(Optional) For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are 2.10 and 2.12:

  • 2.10 is supported by the Scratch and Persistent_1 Lustre deployment types.

  • 2.12 is supported by all Lustre deployment types. 2.12 is required when setting FSx for Lustre DeploymentType to PERSISTENT_2.

Default value = 2.10, except when DeploymentType is set to PERSISTENT_2, then the default is 2.12.

If you set FileSystemTypeVersion to 2.10 for a PERSISTENT_2 Lustre deployment type, the CreateFileSystem operation fails.

", + "CreateFileSystemFromBackupRequest$FileSystemTypeVersion": "

Sets the version for the Amazon FSx for Lustre file system that you're creating from a backup. Valid values are 2.10, 2.12, and 2.15.

You don't need to specify FileSystemTypeVersion because it will be applied using the backup's FileSystemTypeVersion setting. If you choose to specify FileSystemTypeVersion when creating from backup, the value must match the backup's FileSystemTypeVersion setting.

", + "CreateFileSystemRequest$FileSystemTypeVersion": "

(Optional) For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are 2.10, 2.12m and 2.15:

  • 2.10 is supported by the Scratch and Persistent_1 Lustre deployment types.

  • 2.12 and 2.15 are supported by all Lustre deployment types. 2.12 or 2.15 is required when setting FSx for Lustre DeploymentType to PERSISTENT_2.

Default value = 2.10, except when DeploymentType is set to PERSISTENT_2, then the default is 2.12.

If you set FileSystemTypeVersion to 2.10 for a PERSISTENT_2 Lustre deployment type, the CreateFileSystem operation fails.

", "FileCache$FileCacheTypeVersion": "

The Lustre version of the cache, which must be 2.12.

", "FileCacheCreating$FileCacheTypeVersion": "

The Lustre version of the cache, which must be 2.12.

", - "FileSystem$FileSystemTypeVersion": "

The Lustre version of the Amazon FSx for Lustre file system, either 2.10 or 2.12.

" + "FileSystem$FileSystemTypeVersion": "

The Lustre version of the Amazon FSx for Lustre file system, which is 2.10, 2.12, or 2.15.

" } }, "FileSystems": { @@ -1647,7 +1647,7 @@ "base": null, "refs": { "CreateFileSystemLustreConfiguration$DeploymentType": "

(Optional) Choose SCRATCH_1 and SCRATCH_2 deployment types when you need temporary storage and shorter-term processing of data. The SCRATCH_2 deployment type provides in-transit encryption of data and higher burst throughput capacity than SCRATCH_1.

Choose PERSISTENT_1 for longer-term storage and for throughput-focused workloads that aren’t latency-sensitive. PERSISTENT_1 supports encryption of data in transit, and is available in all Amazon Web Services Regions in which FSx for Lustre is available.

Choose PERSISTENT_2 for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. PERSISTENT_2 supports SSD storage, and offers higher PerUnitStorageThroughput (up to 1000 MB/s/TiB). PERSISTENT_2 is available in a limited number of Amazon Web Services Regions. For more information, and an up-to-date list of Amazon Web Services Regions in which PERSISTENT_2 is available, see File system deployment options for FSx for Lustre in the Amazon FSx for Lustre User Guide.

If you choose PERSISTENT_2, and you set FileSystemTypeVersion to 2.10, the CreateFileSystem operation fails.

Encryption of data in transit is automatically turned on when you access SCRATCH_2, PERSISTENT_1 and PERSISTENT_2 file systems from Amazon EC2 instances that support automatic encryption in the Amazon Web Services Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see Encrypting data in transit in the Amazon FSx for Lustre User Guide.

(Default = SCRATCH_1)

", - "LustreFileSystemConfiguration$DeploymentType": "

The deployment type of the FSx for Lustre file system. Scratch deployment type is designed for temporary storage and shorter-term processing of data.

SCRATCH_1 and SCRATCH_2 deployment types are best suited for when you need temporary storage and shorter-term processing of data. The SCRATCH_2 deployment type provides in-transit encryption of data and higher burst throughput capacity than SCRATCH_1.

The PERSISTENT_1 and PERSISTENT_2 deployment type is used for longer-term storage and workloads and encryption of data in transit. PERSISTENT_2 is built on Lustre v2.12 and offers higher PerUnitStorageThroughput (up to 1000 MB/s/TiB) along with a lower minimum storage capacity requirement (600 GiB). To learn more about FSx for Lustre deployment types, see FSx for Lustre deployment options.

The default is SCRATCH_1.

" + "LustreFileSystemConfiguration$DeploymentType": "

The deployment type of the FSx for Lustre file system. Scratch deployment type is designed for temporary storage and shorter-term processing of data.

SCRATCH_1 and SCRATCH_2 deployment types are best suited for when you need temporary storage and shorter-term processing of data. The SCRATCH_2 deployment type provides in-transit encryption of data and higher burst throughput capacity than SCRATCH_1.

The PERSISTENT_1 and PERSISTENT_2 deployment type is used for longer-term storage and workloads and encryption of data in transit. PERSISTENT_2 offers higher PerUnitStorageThroughput (up to 1000 MB/s/TiB) along with a lower minimum storage capacity requirement (600 GiB). To learn more about FSx for Lustre deployment types, see FSx for Lustre deployment options.

The default is SCRATCH_1.

" } }, "LustreFileSystemConfiguration": { @@ -1731,12 +1731,12 @@ "base": "

The sustained throughput of an Amazon FSx file system in Megabytes per second (MBps).

", "refs": { "CreateFileSystemOntapConfiguration$ThroughputCapacity": "

Sets the throughput capacity for the file system that you're creating. Valid values are 128, 256, 512, 1024, 2048, and 4096 MBps.

", - "CreateFileSystemOpenZFSConfiguration$ThroughputCapacity": "

Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Valid values depend on the DeploymentType you choose, as follows:

  • For SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.

  • For SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.

You pay for additional throughput capacity that you provision.

", + "CreateFileSystemOpenZFSConfiguration$ThroughputCapacity": "

Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Valid values depend on the DeploymentType you choose, as follows:

  • For MULTI_AZ_1 and SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.

  • For SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.

You pay for additional throughput capacity that you provision.

", "CreateFileSystemWindowsConfiguration$ThroughputCapacity": "

Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the nth increments, between 2^3 (8) and 2^11 (2048).

", "OntapFileSystemConfiguration$ThroughputCapacity": null, "OpenZFSFileSystemConfiguration$ThroughputCapacity": "

The throughput of an Amazon FSx file system, measured in megabytes per second (MBps).

", "UpdateFileSystemOntapConfiguration$ThroughputCapacity": "

Enter a new value to change the amount of throughput capacity for the file system. Throughput capacity is measured in megabytes per second (MBps). Valid values are 128, 256, 512, 1024, 2048, and 4096 MBps. For more information, see Managing throughput capacity in the FSx for ONTAP User Guide.

", - "UpdateFileSystemOpenZFSConfiguration$ThroughputCapacity": "

The throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second
 (MB/s). Valid values depend on the DeploymentType you choose, as follows:

  • For SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MB/s.

  • For SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MB/s.

", + "UpdateFileSystemOpenZFSConfiguration$ThroughputCapacity": "

The throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second
 (MB/s). Valid values depend on the DeploymentType you choose, as follows:

  • For MULTI_AZ_1 and SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.

  • For SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MB/s.

", "UpdateFileSystemWindowsConfiguration$ThroughputCapacity": "

Sets the target value for a file system's throughput capacity, in MB/s, that you are updating the file system to. Valid values are 8, 16, 32, 64, 128, 256, 512, 1024, 2048. You cannot make a throughput capacity update request if there is an existing throughput capacity update request in progress. For more information, see Managing Throughput Capacity.

", "WindowsFileSystemConfiguration$ThroughputCapacity": "

The throughput of the Amazon FSx file system, measured in megabytes per second.

" } @@ -1912,7 +1912,7 @@ "OpenZFSDeploymentType": { "base": null, "refs": { - "CreateFileSystemOpenZFSConfiguration$DeploymentType": "

Specifies the file system deployment type. Single AZ deployment types are configured for redundancy within a single Availability Zone in an Amazon Web Services Region . Valid values are the following:

  • MULTI_AZ_1- Creates file systems with high availability that are configured for Multi-AZ redundancy to tolerate temporary unavailability in Availability Zones (AZs). Multi_AZ_1 is available in the following Amazon Web Services Regions:

  • SINGLE_AZ_1- (Default) Creates file systems with throughput capacities of 64 - 4,096 MB/s. Single_AZ_1 is available in all Amazon Web Services Regions where Amazon FSx for OpenZFS is available.

  • SINGLE_AZ_2- Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache. Single_AZ_2 is available only in the US East (N. Virginia), US East (Ohio), US West (Oregon), and Europe (Ireland) Amazon Web Services Regions.

For more information, see: Deployment type availability and File system performance in the Amazon FSx for OpenZFS User Guide.

", + "CreateFileSystemOpenZFSConfiguration$DeploymentType": "

Specifies the file system deployment type. Single AZ deployment types are configured for redundancy within a single Availability Zone in an Amazon Web Services Region . Valid values are the following:

  • MULTI_AZ_1- Creates file systems with high availability that are configured for Multi-AZ redundancy to tolerate temporary unavailability in Availability Zones (AZs). Multi_AZ_1 is available only in the US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Tokyo), and Europe (Ireland) Amazon Web Services Regions.

  • SINGLE_AZ_1- Creates file systems with throughput capacities of 64 - 4,096 MB/s. Single_AZ_1 is available in all Amazon Web Services Regions where Amazon FSx for OpenZFS is available.

  • SINGLE_AZ_2- Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache. Single_AZ_2 is available only in the US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Tokyo), and Europe (Ireland) Amazon Web Services Regions.

For more information, see Deployment type availability and File system performance in the Amazon FSx for OpenZFS User Guide.

", "OpenZFSFileSystemConfiguration$DeploymentType": "

Specifies the file-system deployment type. Amazon FSx for OpenZFS supports
 MULTI_AZ_1, SINGLE_AZ_1, and SINGLE_AZ_2.

" } }, @@ -2037,7 +2037,7 @@ } }, "ReleaseConfiguration": { - "base": "

The configuration that specifies a minimum amount of time since last access for an archived file to be eligible for release from an Amazon FSx for Lustre file system. Only files that were last accessed before this point-in-time can be released. For example, if you specify a last accessed time criteria of 9 days, only files that were last accessed 9.00001 or more days ago can be released.

Only file data that has been archived can be released. Files that have not yet been archived, such as new or changed files that have not been exported, are not eligible for release. When files are released, their metadata stays on the file system, so they can still be accessed later. Users and applications can access a released file by reading the file again, which restores data from Amazon S3 to the FSx for Lustre file system.

If a file meets the last accessed time criteria, its file or directory path must also be specified with the Paths parameter of the operation in order for the file to be released.

", + "base": "

The configuration that specifies a minimum amount of time since last access for an exported file to be eligible for release from an Amazon FSx for Lustre file system. Only files that were last accessed before this point-in-time can be released. For example, if you specify a last accessed time criteria of 9 days, only files that were last accessed 9.00001 or more days ago can be released.

Only file data that has been exported to S3 can be released. Files that have not yet been exported to S3, such as new or changed files that have not been exported, are not eligible for release. When files are released, their metadata stays on the file system, so they can still be accessed later. Users and applications can access a released file by reading the file again, which restores data from Amazon S3 to the FSx for Lustre file system.

If a file meets the last accessed time criteria, its file or directory path must also be specified with the Paths parameter of the operation in order for the file to be released.

", "refs": { "CreateDataRepositoryTaskRequest$ReleaseConfiguration": "

The configuration that specifies the last accessed time criteria for files that will be released from an Amazon FSx for Lustre file system.

", "DataRepositoryTask$ReleaseConfiguration": "

The configuration that specifies the last accessed time criteria for files that will be released from an Amazon FSx for Lustre file system.

" @@ -2175,8 +2175,8 @@ "RouteTableIds": { "base": null, "refs": { - "CreateFileSystemOntapConfiguration$RouteTableIds": "

(Multi-AZ only) Specifies the virtual private cloud (VPC) route tables in which your file system's endpoints will be created. You should specify all VPC route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.

", - "CreateFileSystemOpenZFSConfiguration$RouteTableIds": "

(Multi-AZ only) Specifies the virtual private cloud (VPC) route tables in which your file system's endpoints will be created. You should specify all VPC route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.

", + "CreateFileSystemOntapConfiguration$RouteTableIds": "

(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.

", + "CreateFileSystemOpenZFSConfiguration$RouteTableIds": "

(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.

", "OntapFileSystemConfiguration$RouteTableIds": "

(Multi-AZ only) The VPC route tables in which your file system's endpoints are created.

", "OpenZFSFileSystemConfiguration$RouteTableIds": "

(Multi-AZ only) The VPC route tables in which your file system's endpoints are created.

", "UpdateFileSystemOntapConfiguration$AddRouteTableIds": "

(Multi-AZ only) A list of IDs of new virtual private cloud (VPC) route tables to associate (add) with your Amazon FSx for NetApp ONTAP file system.

", @@ -2805,7 +2805,7 @@ "Value": { "base": null, "refs": { - "DurationSinceLastAccess$Value": "

An integer that represents the minimum amount of time (in days) since a file was last accessed in the file system. Only archived files with a MAX(atime, ctime, mtime) timestamp that is more than this amount of time in the past (relative to the task create time) will be released. The default of Value is 0. This is a required parameter.

If an archived file meets the last accessed time criteria, its file or directory path must also be specified in the Paths parameter of the operation in order for the file to be released.

" + "DurationSinceLastAccess$Value": "

An integer that represents the minimum amount of time (in days) since a file was last accessed in the file system. Only exported files with a MAX(atime, ctime, mtime) timestamp that is more than this amount of time in the past (relative to the task create time) will be released. The default of Value is 0. This is a required parameter.

If an exported file meets the last accessed time criteria, its file or directory path must also be specified in the Paths parameter of the operation in order for the file to be released.

" } }, "Volume": { diff --git a/models/apis/omics/2022-11-28/api-2.json b/models/apis/omics/2022-11-28/api-2.json index 2faa0d9de5e..3028bb427c1 100644 --- a/models/apis/omics/2022-11-28/api-2.json +++ b/models/apis/omics/2022-11-28/api-2.json @@ -5665,6 +5665,9 @@ "resourceDigests": { "shape": "RunResourceDigests" }, + "retentionMode": { + "shape": "RunRetentionMode" + }, "roleArn": { "shape": "RunRoleArn" }, @@ -8262,6 +8265,15 @@ "shape": "RunResourceDigest" } }, + "RunRetentionMode": { + "enum": [ + "RETAIN", + "REMOVE" + ], + "max": 64, + "min": 1, + "type": "string" + }, "RunRoleArn": { "max": 128, "min": 1, @@ -8901,6 +8913,9 @@ "idempotencyToken": true, "shape": "RunRequestId" }, + "retentionMode": { + "shape": "RunRetentionMode" + }, "roleArn": { "shape": "RunRoleArn" }, diff --git a/models/apis/omics/2022-11-28/docs-2.json b/models/apis/omics/2022-11-28/docs-2.json index b1cc72e4f4a..d839c8c0c83 100644 --- a/models/apis/omics/2022-11-28/docs-2.json +++ b/models/apis/omics/2022-11-28/docs-2.json @@ -74,7 +74,7 @@ "StartReadSetExportJob": "

Exports a read set to Amazon S3.

", "StartReadSetImportJob": "

Starts a read set import job.

", "StartReferenceImportJob": "

Starts a reference import job.

", - "StartRun": "

Starts a run.

", + "StartRun": "

Starts a workflow run. To duplicate a run, specify the run's ID and a role ARN. The remaining parameters are copied from the previous run.

The total number of runs in your account is subject to a quota per Region. To avoid needing to delete runs manually, you can set the retention mode to REMOVE. Runs with this setting are deleted automatically when the run quoata is exceeded.

", "StartVariantImportJob": "

Starts a variant import job.

", "TagResource": "

Tags a resource.

", "UntagResource": "

Removes tags from a resource.

", @@ -2278,7 +2278,7 @@ "GetRunTaskRequest$id": "

The task's ID.

", "ListRunTasksRequest$id": "

The run's ID.

", "RunListItem$id": "

The run's ID.

", - "StartRunRequest$runId": "

The run's ID.

", + "StartRunRequest$runId": "

The ID of a run to duplicate.

", "StartRunResponse$id": "

The run's ID.

" } }, @@ -2378,6 +2378,13 @@ "GetRunResponse$resourceDigests": "

The run's resource digests.

" } }, + "RunRetentionMode": { + "base": null, + "refs": { + "GetRunResponse$retentionMode": "

The run's retention mode.

", + "StartRunRequest$retentionMode": "

The retention mode for the run.

" + } + }, "RunRoleArn": { "base": null, "refs": { @@ -3586,7 +3593,7 @@ "GetWorkflowRequest$type": "

The workflow's type.

", "GetWorkflowResponse$type": "

The workflow's type.

", "ListWorkflowsRequest$type": "

The workflows' type.

", - "StartRunRequest$workflowType": "

The run's workflows type.

", + "StartRunRequest$workflowType": "

The run's workflow type.

", "WorkflowListItem$type": "

The workflow's type.

" } } diff --git a/models/apis/sesv2/2019-09-27/api-2.json b/models/apis/sesv2/2019-09-27/api-2.json index 208c73e2ea9..85493a0bf8a 100644 --- a/models/apis/sesv2/2019-09-27/api-2.json +++ b/models/apis/sesv2/2019-09-27/api-2.json @@ -28,6 +28,20 @@ {"shape":"NotFoundException"} ] }, + "CancelExportJob":{ + "name":"CancelExportJob", + "http":{ + "method":"PUT", + "requestUri":"/v2/email/export-jobs/{JobId}/cancel" + }, + "input":{"shape":"CancelExportJobRequest"}, + "output":{"shape":"CancelExportJobResponse"}, + "errors":[ + {"shape":"NotFoundException"}, + {"shape":"BadRequestException"}, + {"shape":"TooManyRequestsException"} + ] + }, "CreateConfigurationSet":{ "name":"CreateConfigurationSet", "http":{ @@ -191,6 +205,21 @@ {"shape":"LimitExceededException"} ] }, + "CreateExportJob":{ + "name":"CreateExportJob", + "http":{ + "method":"POST", + "requestUri":"/v2/email/export-jobs" + }, + "input":{"shape":"CreateExportJobRequest"}, + "output":{"shape":"CreateExportJobResponse"}, + "errors":[ + {"shape":"BadRequestException"}, + {"shape":"TooManyRequestsException"}, + {"shape":"NotFoundException"}, + {"shape":"LimitExceededException"} + ] + }, "CreateImportJob":{ "name":"CreateImportJob", "http":{ @@ -586,6 +615,20 @@ {"shape":"BadRequestException"} ] }, + "GetExportJob":{ + "name":"GetExportJob", + "http":{ + "method":"GET", + "requestUri":"/v2/email/export-jobs/{JobId}" + }, + "input":{"shape":"GetExportJobRequest"}, + "output":{"shape":"GetExportJobResponse"}, + "errors":[ + {"shape":"BadRequestException"}, + {"shape":"NotFoundException"}, + {"shape":"TooManyRequestsException"} + ] + }, "GetImportJob":{ "name":"GetImportJob", "http":{ @@ -600,6 +643,20 @@ {"shape":"TooManyRequestsException"} ] }, + "GetMessageInsights":{ + "name":"GetMessageInsights", + "http":{ + "method":"GET", + "requestUri":"/v2/email/insights/{MessageId}/" + }, + "input":{"shape":"GetMessageInsightsRequest"}, + "output":{"shape":"GetMessageInsightsResponse"}, + "errors":[ + {"shape":"NotFoundException"}, + {"shape":"TooManyRequestsException"}, + {"shape":"BadRequestException"} + ] + }, "GetSuppressedDestination":{ "name":"GetSuppressedDestination", "http":{ @@ -734,6 +791,19 @@ {"shape":"BadRequestException"} ] }, + "ListExportJobs":{ + "name":"ListExportJobs", + "http":{ + "method":"POST", + "requestUri":"/v2/email/list-export-jobs" + }, + "input":{"shape":"ListExportJobsRequest"}, + "output":{"shape":"ListExportJobsResponse"}, + "errors":[ + {"shape":"TooManyRequestsException"}, + {"shape":"BadRequestException"} + ] + }, "ListImportJobs":{ "name":"ListImportJobs", "http":{ @@ -1393,6 +1463,23 @@ "Html":{"shape":"Content"} } }, + "Bounce":{ + "type":"structure", + "members":{ + "BounceType":{"shape":"BounceType"}, + "BounceSubType":{"shape":"BounceSubType"}, + "DiagnosticCode":{"shape":"DiagnosticCode"} + } + }, + "BounceSubType":{"type":"string"}, + "BounceType":{ + "type":"string", + "enum":[ + "UNDETERMINED", + "TRANSIENT", + "PERMANENT" + ] + }, "BulkEmailContent":{ "type":"structure", "members":{ @@ -1444,6 +1531,22 @@ ] }, "CampaignId":{"type":"string"}, + "CancelExportJobRequest":{ + "type":"structure", + "required":["JobId"], + "members":{ + "JobId":{ + "shape":"JobId", + "location":"uri", + "locationName":"JobId" + } + } + }, + "CancelExportJobResponse":{ + "type":"structure", + "members":{ + } + }, "CaseId":{"type":"string"}, "Charset":{"type":"string"}, "CloudWatchDestination":{ @@ -1470,6 +1573,15 @@ "type":"list", "member":{"shape":"CloudWatchDimensionConfiguration"} }, + "Complaint":{ + "type":"structure", + "members":{ + "ComplaintSubType":{"shape":"ComplaintSubType"}, + "ComplaintFeedbackType":{"shape":"ComplaintFeedbackType"} + } + }, + "ComplaintFeedbackType":{"type":"string"}, + "ComplaintSubType":{"type":"string"}, "ConcurrentModificationException":{ "type":"structure", "members":{ @@ -1743,6 +1855,23 @@ "members":{ } }, + "CreateExportJobRequest":{ + "type":"structure", + "required":[ + "ExportDataSource", + "ExportDestination" + ], + "members":{ + "ExportDataSource":{"shape":"ExportDataSource"}, + "ExportDestination":{"shape":"ExportDestination"} + } + }, + "CreateExportJobResponse":{ + "type":"structure", + "members":{ + "JobId":{"shape":"JobId"} + } + }, "CreateImportJobRequest":{ "type":"structure", "required":[ @@ -2051,6 +2180,17 @@ ] }, "DeliverabilityTestSubject":{"type":"string"}, + "DeliveryEventType":{ + "type":"string", + "enum":[ + "SEND", + "DELIVERY", + "TRANSIENT_BOUNCE", + "PERMANENT_BOUNCE", + "UNDETERMINED_BOUNCE", + "COMPLAINT" + ] + }, "DeliveryOptions":{ "type":"structure", "members":{ @@ -2067,6 +2207,7 @@ "BccAddresses":{"shape":"EmailAddressList"} } }, + "DiagnosticCode":{"type":"string"}, "DimensionName":{"type":"string"}, "DimensionValueSource":{ "type":"string", @@ -2184,6 +2325,11 @@ "member":{"shape":"DomainIspPlacement"} }, "EmailAddress":{"type":"string"}, + "EmailAddressFilterList":{ + "type":"list", + "member":{"shape":"InsightsEmailAddress"}, + "max":5 + }, "EmailAddressList":{ "type":"list", "member":{"shape":"EmailAddress"} @@ -2196,6 +2342,29 @@ "Template":{"shape":"Template"} } }, + "EmailInsights":{ + "type":"structure", + "members":{ + "Destination":{"shape":"InsightsEmailAddress"}, + "Isp":{"shape":"Isp"}, + "Events":{"shape":"InsightsEvents"} + } + }, + "EmailInsightsList":{ + "type":"list", + "member":{"shape":"EmailInsights"} + }, + "EmailSubject":{ + "type":"string", + "max":998, + "min":1, + "sensitive":true + }, + "EmailSubjectFilterList":{ + "type":"list", + "member":{"shape":"EmailSubject"}, + "max":1 + }, "EmailTemplateContent":{ "type":"structure", "members":{ @@ -2228,6 +2397,13 @@ "EmailTemplateText":{"type":"string"}, "Enabled":{"type":"boolean"}, "EnabledWrapper":{"type":"boolean"}, + "EngagementEventType":{ + "type":"string", + "enum":[ + "OPEN", + "CLICK" + ] + }, "ErrorMessage":{"type":"string"}, "Esp":{"type":"string"}, "Esps":{ @@ -2266,6 +2442,13 @@ "type":"list", "member":{"shape":"EventDestination"} }, + "EventDetails":{ + "type":"structure", + "members":{ + "Bounce":{"shape":"Bounce"}, + "Complaint":{"shape":"Complaint"} + } + }, "EventType":{ "type":"string", "enum":[ @@ -2285,6 +2468,76 @@ "type":"list", "member":{"shape":"EventType"} }, + "ExportDataSource":{ + "type":"structure", + "members":{ + "MetricsDataSource":{"shape":"MetricsDataSource"}, + "MessageInsightsDataSource":{"shape":"MessageInsightsDataSource"} + } + }, + "ExportDestination":{ + "type":"structure", + "required":["DataFormat"], + "members":{ + "DataFormat":{"shape":"DataFormat"}, + "S3Url":{"shape":"S3Url"} + } + }, + "ExportDimensionValue":{ + "type":"list", + "member":{"shape":"MetricDimensionValue"}, + "max":10, + "min":1 + }, + "ExportDimensions":{ + "type":"map", + "key":{"shape":"MetricDimensionName"}, + "value":{"shape":"ExportDimensionValue"}, + "max":3, + "min":1 + }, + "ExportJobSummary":{ + "type":"structure", + "members":{ + "JobId":{"shape":"JobId"}, + "ExportSourceType":{"shape":"ExportSourceType"}, + "JobStatus":{"shape":"JobStatus"}, + "CreatedTimestamp":{"shape":"Timestamp"}, + "CompletedTimestamp":{"shape":"Timestamp"} + } + }, + "ExportJobSummaryList":{ + "type":"list", + "member":{"shape":"ExportJobSummary"} + }, + "ExportMetric":{ + "type":"structure", + "members":{ + "Name":{"shape":"Metric"}, + "Aggregation":{"shape":"MetricAggregation"} + } + }, + "ExportMetrics":{ + "type":"list", + "member":{"shape":"ExportMetric"}, + "max":10, + "min":1 + }, + "ExportSourceType":{ + "type":"string", + "enum":[ + "METRICS_DATA", + "MESSAGE_INSIGHTS" + ] + }, + "ExportStatistics":{ + "type":"structure", + "members":{ + "ProcessedRecordsCount":{"shape":"ProcessedRecordsCount"}, + "ExportedRecordsCount":{"shape":"ExportedRecordsCount"} + } + }, + "ExportedRecordsCount":{"type":"integer"}, "FailedRecordsCount":{"type":"integer"}, "FailedRecordsS3Url":{"type":"string"}, "FailureInfo":{ @@ -2678,6 +2931,31 @@ "TemplateContent":{"shape":"EmailTemplateContent"} } }, + "GetExportJobRequest":{ + "type":"structure", + "required":["JobId"], + "members":{ + "JobId":{ + "shape":"JobId", + "location":"uri", + "locationName":"JobId" + } + } + }, + "GetExportJobResponse":{ + "type":"structure", + "members":{ + "JobId":{"shape":"JobId"}, + "ExportSourceType":{"shape":"ExportSourceType"}, + "JobStatus":{"shape":"JobStatus"}, + "ExportDestination":{"shape":"ExportDestination"}, + "ExportDataSource":{"shape":"ExportDataSource"}, + "CreatedTimestamp":{"shape":"Timestamp"}, + "CompletedTimestamp":{"shape":"Timestamp"}, + "FailureInfo":{"shape":"FailureInfo"}, + "Statistics":{"shape":"ExportStatistics"} + } + }, "GetImportJobRequest":{ "type":"structure", "required":["JobId"], @@ -2703,6 +2981,27 @@ "FailedRecordsCount":{"shape":"FailedRecordsCount"} } }, + "GetMessageInsightsRequest":{ + "type":"structure", + "required":["MessageId"], + "members":{ + "MessageId":{ + "shape":"OutboundMessageId", + "location":"uri", + "locationName":"MessageId" + } + } + }, + "GetMessageInsightsResponse":{ + "type":"structure", + "members":{ + "MessageId":{"shape":"OutboundMessageId"}, + "FromEmailAddress":{"shape":"InsightsEmailAddress"}, + "Subject":{"shape":"EmailSubject"}, + "EmailTags":{"shape":"MessageTagList"}, + "Insights":{"shape":"EmailInsightsList"} + } + }, "GetSuppressedDestinationRequest":{ "type":"structure", "required":["EmailAddress"], @@ -2806,6 +3105,24 @@ "TrackedIsps":{"shape":"IspNameList"} } }, + "InsightsEmailAddress":{ + "type":"string", + "max":320, + "min":1, + "sensitive":true + }, + "InsightsEvent":{ + "type":"structure", + "members":{ + "Timestamp":{"shape":"Timestamp"}, + "Type":{"shape":"EventType"}, + "Details":{"shape":"EventDetails"} + } + }, + "InsightsEvents":{ + "type":"list", + "member":{"shape":"InsightsEvent"} + }, "InternalServiceErrorException":{ "type":"structure", "members":{ @@ -2826,6 +3143,12 @@ "type":"list", "member":{"shape":"Ip"} }, + "Isp":{"type":"string"}, + "IspFilterList":{ + "type":"list", + "member":{"shape":"Isp"}, + "max":5 + }, "IspName":{"type":"string"}, "IspNameList":{ "type":"list", @@ -2852,7 +3175,8 @@ "CREATED", "PROCESSING", "COMPLETED", - "FAILED" + "FAILED", + "CANCELLED" ] }, "KinesisFirehoseDestination":{ @@ -2866,6 +3190,16 @@ "DeliveryStreamArn":{"shape":"AmazonResourceName"} } }, + "LastDeliveryEventList":{ + "type":"list", + "member":{"shape":"DeliveryEventType"}, + "max":5 + }, + "LastEngagementEventList":{ + "type":"list", + "member":{"shape":"EngagementEventType"}, + "max":2 + }, "LastFreshStart":{"type":"timestamp"}, "LimitExceededException":{ "type":"structure", @@ -3108,6 +3442,22 @@ "NextToken":{"shape":"NextToken"} } }, + "ListExportJobsRequest":{ + "type":"structure", + "members":{ + "NextToken":{"shape":"NextToken"}, + "PageSize":{"shape":"MaxItems"}, + "ExportSourceType":{"shape":"ExportSourceType"}, + "JobStatus":{"shape":"JobStatus"} + } + }, + "ListExportJobsResponse":{ + "type":"structure", + "members":{ + "ExportJobs":{"shape":"ExportJobSummaryList"}, + "NextToken":{"shape":"NextToken"} + } + }, "ListImportJobsRequest":{ "type":"structure", "members":{ @@ -3295,6 +3645,36 @@ }, "MessageContent":{"type":"string"}, "MessageData":{"type":"string"}, + "MessageInsightsDataSource":{ + "type":"structure", + "required":[ + "StartDate", + "EndDate" + ], + "members":{ + "StartDate":{"shape":"Timestamp"}, + "EndDate":{"shape":"Timestamp"}, + "Include":{"shape":"MessageInsightsFilters"}, + "Exclude":{"shape":"MessageInsightsFilters"}, + "MaxResults":{"shape":"MessageInsightsExportMaxResults"} + } + }, + "MessageInsightsExportMaxResults":{ + "type":"integer", + "max":10000, + "min":1 + }, + "MessageInsightsFilters":{ + "type":"structure", + "members":{ + "FromEmailAddress":{"shape":"EmailAddressFilterList"}, + "Destination":{"shape":"EmailAddressFilterList"}, + "Subject":{"shape":"EmailSubjectFilterList"}, + "Isp":{"shape":"IspFilterList"}, + "LastDeliveryEvent":{"shape":"LastDeliveryEventList"}, + "LastEngagementEvent":{"shape":"LastEngagementEventList"} + } + }, "MessageRejected":{ "type":"structure", "members":{ @@ -3334,6 +3714,13 @@ "DELIVERY_COMPLAINT" ] }, + "MetricAggregation":{ + "type":"string", + "enum":[ + "RATE", + "VOLUME" + ] + }, "MetricDataError":{ "type":"structure", "members":{ @@ -3375,6 +3762,23 @@ "type":"list", "member":{"shape":"Counter"} }, + "MetricsDataSource":{ + "type":"structure", + "required":[ + "Dimensions", + "Namespace", + "Metrics", + "StartDate", + "EndDate" + ], + "members":{ + "Dimensions":{"shape":"ExportDimensions"}, + "Namespace":{"shape":"MetricNamespace"}, + "Metrics":{"shape":"ExportMetrics"}, + "StartDate":{"shape":"Timestamp"}, + "EndDate":{"shape":"Timestamp"} + } + }, "NextToken":{"type":"string"}, "NotFoundException":{ "type":"structure", diff --git a/models/apis/sesv2/2019-09-27/docs-2.json b/models/apis/sesv2/2019-09-27/docs-2.json index 6c0ca258918..825e0657ac7 100644 --- a/models/apis/sesv2/2019-09-27/docs-2.json +++ b/models/apis/sesv2/2019-09-27/docs-2.json @@ -3,6 +3,7 @@ "service": "Amazon SES API v2

Amazon SES is an Amazon Web Services service that you can use to send email messages to your customers.

If you're new to Amazon SES API v2, you might find it helpful to review the Amazon Simple Email Service Developer Guide. The Amazon SES Developer Guide provides information and code samples that demonstrate how to use Amazon SES API v2 features programmatically.

", "operations": { "BatchGetMetricData": "

Retrieves batches of metric data collected based on your sending activity.

You can execute this operation no more than 16 times per second, and with at most 160 queries from the batches per second (cumulative).

", + "CancelExportJob": "

Cancels an export job.

", "CreateConfigurationSet": "

Create a configuration set. Configuration sets are groups of rules that you can apply to the emails that you send. You apply a configuration set to an email by specifying the name of the configuration set when you call the Amazon SES API v2. When you apply a configuration set to an email, all of the rules in that configuration set are applied to the email.

", "CreateConfigurationSetEventDestination": "

Create an event destination. Events include message sends, deliveries, opens, clicks, bounces, and complaints. Event destinations are places that you can send information about these events to. For example, you can send event data to Amazon SNS to receive notifications when you receive bounces or complaints, or you can use Amazon Kinesis Data Firehose to stream data to Amazon S3 for long-term storage.

A single configuration set can include more than one event destination.

", "CreateContact": "

Creates a contact, which is an end-user who is receiving the email, and adds them to a contact list.

", @@ -13,6 +14,7 @@ "CreateEmailIdentity": "

Starts the process of verifying an email identity. An identity is an email address or domain that you use when you send email. Before you can use an identity to send email, you first have to verify it. By verifying an identity, you demonstrate that you're the owner of the identity, and that you've given Amazon SES API v2 permission to send email from the identity.

When you verify an email address, Amazon SES sends an email to the address. Your email address is verified as soon as you follow the link in the verification email.

When you verify a domain without specifying the DkimSigningAttributes object, this operation provides a set of DKIM tokens. You can convert these tokens into CNAME records, which you then add to the DNS configuration for your domain. Your domain is verified when Amazon SES detects these records in the DNS configuration for your domain. This verification method is known as Easy DKIM.

Alternatively, you can perform the verification process by providing your own public-private key pair. This verification method is known as Bring Your Own DKIM (BYODKIM). To use BYODKIM, your call to the CreateEmailIdentity operation has to include the DkimSigningAttributes object. When you specify this object, you provide a selector (a component of the DNS record name that identifies the public key to use for DKIM authentication) and a private key.

When you verify a domain, this operation provides a set of DKIM tokens, which you can convert into CNAME tokens. You add these CNAME tokens to the DNS configuration for your domain. Your domain is verified when Amazon SES detects these records in the DNS configuration for your domain. For some DNS providers, it can take 72 hours or more to complete the domain verification process.

Additionally, you can associate an existing configuration set with the email identity that you're verifying.

", "CreateEmailIdentityPolicy": "

Creates the specified sending authorization policy for the given identity (an email address or a domain).

This API is for the identity owner only. If you have not verified the identity, this API will return an error.

Sending authorization is a feature that enables an identity owner to authorize other senders to use its identities. For information about using sending authorization, see the Amazon SES Developer Guide.

You can execute this operation no more than once per second.

", "CreateEmailTemplate": "

Creates an email template. Email templates enable you to send personalized email to one or more destinations in a single API operation. For more information, see the Amazon SES Developer Guide.

You can execute this operation no more than once per second.

", + "CreateExportJob": "

Creates an export job for a data source and destination.

You can execute this operation no more than once per second.

", "CreateImportJob": "

Creates an import job for a data destination.

", "DeleteConfigurationSet": "

Delete an existing configuration set.

Configuration sets are groups of rules that you can apply to the emails you send. You apply a configuration set to an email by including a reference to the configuration set in the headers of the email. When you apply a configuration set to an email, all of the rules in that configuration set are applied to the email.

", "DeleteConfigurationSetEventDestination": "

Delete an event destination.

Events include message sends, deliveries, opens, clicks, bounces, and complaints. Event destinations are places that you can send information about these events to. For example, you can send event data to Amazon SNS to receive notifications when you receive bounces or complaints, or you can use Amazon Kinesis Data Firehose to stream data to Amazon S3 for long-term storage.

", @@ -41,7 +43,9 @@ "GetEmailIdentity": "

Provides information about a specific identity, including the identity's verification status, sending authorization policies, its DKIM authentication status, and its custom Mail-From settings.

", "GetEmailIdentityPolicies": "

Returns the requested sending authorization policies for the given identity (an email address or a domain). The policies are returned as a map of policy names to policy contents. You can retrieve a maximum of 20 policies at a time.

This API is for the identity owner only. If you have not verified the identity, this API will return an error.

Sending authorization is a feature that enables an identity owner to authorize other senders to use its identities. For information about using sending authorization, see the Amazon SES Developer Guide.

You can execute this operation no more than once per second.

", "GetEmailTemplate": "

Displays the template object (which includes the subject line, HTML part and text part) for the template you specify.

You can execute this operation no more than once per second.

", + "GetExportJob": "

Provides information about an export job.

", "GetImportJob": "

Provides information about an import job.

", + "GetMessageInsights": "

Provides information about a specific message, including the from address, the subject, the recipient address, email tags, as well as events associated with the message.

You can execute this operation no more than once per second.

", "GetSuppressedDestination": "

Retrieves information about a specific email address that's on the suppression list for your account.

", "ListConfigurationSets": "

List all of the configuration sets associated with your account in the current region.

Configuration sets are groups of rules that you can apply to the emails you send. You apply a configuration set to an email by including a reference to the configuration set in the headers of the email. When you apply a configuration set to an email, all of the rules in that configuration set are applied to the email.

", "ListContactLists": "

Lists all of the contact lists available.

", @@ -52,6 +56,7 @@ "ListDomainDeliverabilityCampaigns": "

Retrieve deliverability data for all the campaigns that used a specific domain to send email during a specified time range. This data is available for a domain only if you enabled the Deliverability dashboard for the domain.

", "ListEmailIdentities": "

Returns a list of all of the email identities that are associated with your Amazon Web Services account. An identity can be either an email address or a domain. This operation returns identities that are verified as well as those that aren't. This operation returns identities that are associated with Amazon SES and Amazon Pinpoint.

", "ListEmailTemplates": "

Lists the email templates present in your Amazon SES account in the current Amazon Web Services Region.

You can execute this operation no more than once per second.

", + "ListExportJobs": "

Lists all of the export jobs.

", "ListImportJobs": "

Lists all of the import jobs.

", "ListRecommendations": "

Lists the recommendations present in your Amazon SES account in the current Amazon Web Services Region.

You can execute this operation no more than once per second.

", "ListSuppressedDestinations": "

Retrieves a list of email addresses that are on the suppression list for your account.

", @@ -223,6 +228,24 @@ "Message$Body": "

The body of the message. You can specify an HTML version of the message, a text-only version of the message, or both.

" } }, + "Bounce": { + "base": "

Information about a Bounce event.

", + "refs": { + "EventDetails$Bounce": "

Information about a Bounce event.

" + } + }, + "BounceSubType": { + "base": null, + "refs": { + "Bounce$BounceSubType": "

The subtype of the bounce, as determined by SES.

" + } + }, + "BounceType": { + "base": null, + "refs": { + "Bounce$BounceType": "

The type of the bounce, as determined by SES. Can be one of UNDETERMINED, TRANSIENT, or PERMANENT

" + } + }, "BulkEmailContent": { "base": "

An object that contains the body of the message. You can specify a template message.

", "refs": { @@ -266,6 +289,16 @@ "GetDomainDeliverabilityCampaignRequest$CampaignId": "

The unique identifier for the campaign. The Deliverability dashboard automatically generates and assigns this identifier to a campaign.

" } }, + "CancelExportJobRequest": { + "base": "

Represents a request to cancel an export job using the export job ID.

", + "refs": { + } + }, + "CancelExportJobResponse": { + "base": "

An HTTP 200 response if the request succeeds, or an error message if the request fails.

", + "refs": { + } + }, "CaseId": { "base": null, "refs": { @@ -297,6 +330,24 @@ "CloudWatchDestination$DimensionConfigurations": "

An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.

" } }, + "Complaint": { + "base": "

Information about a Complaint event.

", + "refs": { + "EventDetails$Complaint": "

Information about a Complaint event.

" + } + }, + "ComplaintFeedbackType": { + "base": null, + "refs": { + "Complaint$ComplaintFeedbackType": "

The value of the Feedback-Type field from the feedback report received from the ISP.

" + } + }, + "ComplaintSubType": { + "base": null, + "refs": { + "Complaint$ComplaintSubType": "

Can either be null or OnAccountSuppressionList. If the value is OnAccountSuppressionList, SES accepted the message, but didn't attempt to send it because it was on the account-level suppression list.

" + } + }, "ConcurrentModificationException": { "base": "

The resource is being modified by another operation or thread.

", "refs": { @@ -503,6 +554,16 @@ "refs": { } }, + "CreateExportJobRequest": { + "base": "

Represents a request to create an export job from a data source to a data destination.

", + "refs": { + } + }, + "CreateExportJobResponse": { + "base": "

An HTTP 200 response if the request succeeds, or an error message if the request fails.

", + "refs": { + } + }, "CreateImportJobRequest": { "base": "

Represents a request to create an import job from a data source for a data destination.

", "refs": { @@ -557,8 +618,9 @@ } }, "DataFormat": { - "base": "

The data format of the import job's data source.

", + "base": "

The data format of a file, can be one of the following:

  • CSV – A comma-separated values file.

  • JSON – A JSON file.

", "refs": { + "ExportDestination$DataFormat": "

The data format of the final export job file, can be one of the following:

  • CSV - A comma-separated values file.

  • JSON - A Json file.

", "ImportDataSource$DataFormat": "

The data format of the import job's data source.

" } }, @@ -719,6 +781,12 @@ "DeliverabilityTestReport$Subject": "

The subject line for an email that you submitted in a predictive inbox placement test.

" } }, + "DeliveryEventType": { + "base": "

The type of delivery events:

  • SEND - The send request was successful and SES will attempt to deliver the message to the recipient’s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)

  • DELIVERY - SES successfully delivered the email to the recipient's mail server. Excludes deliveries to the mailbox simulator and emails addressed to more than one recipient.

  • TRANSIENT_BOUNCE - Feedback received for delivery failures excluding issues with non-existent mailboxes. Excludes bounces from the mailbox simulator, and those from emails addressed to more than one recipient.

  • PERMANENT_BOUNCE - Feedback received for emails sent to non-existent mailboxes. Excludes bounces from the mailbox simulator, those originating from your account-level suppression list (if enabled), and those from emails addressed to more than one recipient.

  • UNDETERMINED_BOUNCE - SES was unable to determine the bounce reason.

  • COMPLAINT - Complaint received for the email. This excludes complaints from the mailbox simulator, those originating from your account-level suppression list (if enabled), and those from emails addressed to more than one recipient.

", + "refs": { + "LastDeliveryEventList$member": null + } + }, "DeliveryOptions": { "base": "

Used to associate a configuration set with a dedicated IP pool.

", "refs": { @@ -742,6 +810,12 @@ "SendEmailRequest$Destination": "

An object that contains the recipients of the email message.

" } }, + "DiagnosticCode": { + "base": null, + "refs": { + "Bounce$DiagnosticCode": "

The status code issued by the reporting Message Transfer Authority (MTA). This field only appears if a delivery status notification (DSN) was attached to the bounce and the Diagnostic-Code was provided in the DSN.

" + } + }, "DimensionName": { "base": "

The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:

  • It can only contain ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).

  • It can contain no more than 256 characters.

", "refs": { @@ -890,6 +964,13 @@ "UpdateCustomVerificationEmailTemplateRequest$FromEmailAddress": "

The email address that the custom verification email is sent from.

" } }, + "EmailAddressFilterList": { + "base": null, + "refs": { + "MessageInsightsFilters$FromEmailAddress": "

The from address used to send the message.

", + "MessageInsightsFilters$Destination": "

The recipient's email address.

" + } + }, "EmailAddressList": { "base": null, "refs": { @@ -907,6 +988,31 @@ "SendEmailRequest$Content": "

An object that contains the body of the message. You can send either a Simple message Raw message or a template Message.

" } }, + "EmailInsights": { + "base": "

An email's insights contain metadata and delivery information about a specific email.

", + "refs": { + "EmailInsightsList$member": null + } + }, + "EmailInsightsList": { + "base": null, + "refs": { + "GetMessageInsightsResponse$Insights": "

A set of insights associated with the message.

" + } + }, + "EmailSubject": { + "base": null, + "refs": { + "EmailSubjectFilterList$member": null, + "GetMessageInsightsResponse$Subject": "

The subject line of the message.

" + } + }, + "EmailSubjectFilterList": { + "base": null, + "refs": { + "MessageInsightsFilters$Subject": "

The subject line of the message.

" + } + }, "EmailTemplateContent": { "base": "

The content of the email, composed of a subject line, an HTML part, and a text-only part.

", "refs": { @@ -1009,11 +1115,17 @@ "PutAccountDetailsRequest$ProductionAccessEnabled": "

Indicates whether or not your account should have production access in the current Amazon Web Services Region.

If the value is false, then your account is in the sandbox. When your account is in the sandbox, you can only send email to verified identities. Additionally, the maximum number of emails you can send in a 24-hour period (your sending quota) is 200, and the maximum number of emails you can send per second (your maximum sending rate) is 1.

If the value is true, then your account has production access. When your account has production access, you can send email to any address. The sending quota and maximum sending rate for your account vary based on your specific use case.

" } }, + "EngagementEventType": { + "base": "

The type of delivery events:

  • OPEN - Open event for emails including open trackers. Excludes opens for emails addressed to more than one recipient.

  • CLICK - Click event for emails including wrapped links. Excludes clicks for emails addressed to more than one recipient.

", + "refs": { + "LastEngagementEventList$member": null + } + }, "ErrorMessage": { "base": null, "refs": { "BulkEmailEntryResult$Error": "

A description of an error that prevented a message being sent using the SendBulkTemplatedEmail operation.

", - "FailureInfo$ErrorMessage": "

A message about why the import job failed.

" + "FailureInfo$ErrorMessage": "

A message about why the job failed.

" } }, "Esp": { @@ -1056,10 +1168,17 @@ "GetConfigurationSetEventDestinationsResponse$EventDestinations": "

An array that includes all of the events destinations that have been configured for the configuration set.

" } }, + "EventDetails": { + "base": "

Contains a Bounce object if the event type is BOUNCE. Contains a Complaint object if the event type is COMPLAINT.

", + "refs": { + "InsightsEvent$Details": "

Details about bounce or complaint events.

" + } + }, "EventType": { "base": "

An email sending event type. For example, email sends, opens, and bounces are all email events.

", "refs": { - "EventTypes$member": null + "EventTypes$member": null, + "InsightsEvent$Type": "

The type of event:

  • SEND - The send request was successful and SES will attempt to deliver the message to the recipient’s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)

  • DELIVERY - SES successfully delivered the email to the recipient's mail server. Excludes deliveries to the mailbox simulator, and those from emails addressed to more than one recipient.

  • BOUNCE - Feedback received for delivery failures. Additional details about the bounce are provided in the Details object. Excludes bounces from the mailbox simulator, and those from emails addressed to more than one recipient.

  • COMPLAINT - Complaint received for the email. Additional details about the complaint are provided in the Details object. This excludes complaints from the mailbox simulator, those originating from your account-level suppression list (if enabled), and those from emails addressed to more than one recipient.

  • OPEN - Open event for emails including open trackers. Excludes opens for emails addressed to more than one recipient.

  • CLICK - Click event for emails including wrapped links. Excludes clicks for emails addressed to more than one recipient.

" } }, "EventTypes": { @@ -1069,6 +1188,76 @@ "EventDestinationDefinition$MatchingEventTypes": "

An array that specifies which events the Amazon SES API v2 should send to the destinations in this EventDestinationDefinition.

" } }, + "ExportDataSource": { + "base": "

An object that contains details about the data source of the export job. It can only contain one of MetricsDataSource or MessageInsightsDataSource object.

", + "refs": { + "CreateExportJobRequest$ExportDataSource": "

The data source for the export job.

", + "GetExportJobResponse$ExportDataSource": "

The data source of the export job.

" + } + }, + "ExportDestination": { + "base": "

An object that contains details about the destination of the export job.

", + "refs": { + "CreateExportJobRequest$ExportDestination": "

The destination for the export job.

", + "GetExportJobResponse$ExportDestination": "

The destination of the export job.

" + } + }, + "ExportDimensionValue": { + "base": null, + "refs": { + "ExportDimensions$value": null + } + }, + "ExportDimensions": { + "base": null, + "refs": { + "MetricsDataSource$Dimensions": "

An object that contains a mapping between a MetricDimensionName and MetricDimensionValue to filter metrics by. Must contain a least 1 dimension but no more than 3 unique ones.

" + } + }, + "ExportJobSummary": { + "base": "

A summary of the export job.

", + "refs": { + "ExportJobSummaryList$member": null + } + }, + "ExportJobSummaryList": { + "base": "

A list of the export job summaries.

", + "refs": { + "ListExportJobsResponse$ExportJobs": "

A list of the export job summaries.

" + } + }, + "ExportMetric": { + "base": "

An object that contains a mapping between a Metric and MetricAggregation.

", + "refs": { + "ExportMetrics$member": null + } + }, + "ExportMetrics": { + "base": null, + "refs": { + "MetricsDataSource$Metrics": "

A list of ExportMetric objects to export.

" + } + }, + "ExportSourceType": { + "base": "

The type of data source of an export, can be one of the following:

  • METRICS_DATA - The metrics export.

  • MESSAGE_INSIGHTS - The Message Insights export.

", + "refs": { + "ExportJobSummary$ExportSourceType": "

The source type of the export job.

", + "GetExportJobResponse$ExportSourceType": "

The type of source of the export job.

", + "ListExportJobsRequest$ExportSourceType": "

A value used to list export jobs that have a certain ExportSourceType.

" + } + }, + "ExportStatistics": { + "base": "

Statistics about the execution of an export job.

", + "refs": { + "GetExportJobResponse$Statistics": "

The statistics about the export job.

" + } + }, + "ExportedRecordsCount": { + "base": null, + "refs": { + "ExportStatistics$ExportedRecordsCount": "

The number of records that were exported to the final export file.

This value might not be available for all export source types

" + } + }, "FailedRecordsCount": { "base": null, "refs": { @@ -1079,12 +1268,13 @@ "FailedRecordsS3Url": { "base": null, "refs": { - "FailureInfo$FailedRecordsS3Url": "

An Amazon S3 presigned URL that contains all the failed records and related information.

" + "FailureInfo$FailedRecordsS3Url": "

An Amazon S3 pre-signed URL that contains all the failed records and related information.

" } }, "FailureInfo": { - "base": "

An object that contains the failure details about an import job.

", + "base": "

An object that contains the failure details about a job.

", "refs": { + "GetExportJobResponse$FailureInfo": "

The failure details about an export job.

", "GetImportJobResponse$FailureInfo": "

The failure details about an import job.

" } }, @@ -1289,6 +1479,16 @@ "refs": { } }, + "GetExportJobRequest": { + "base": "

Represents a request to retrieve information about an export job using the export job ID.

", + "refs": { + } + }, + "GetExportJobResponse": { + "base": "

An HTTP 200 response if the request succeeds, or an error message if the request fails.

", + "refs": { + } + }, "GetImportJobRequest": { "base": "

Represents a request for information about an import job using the import job ID.

", "refs": { @@ -1299,6 +1499,16 @@ "refs": { } }, + "GetMessageInsightsRequest": { + "base": "

A request to return information about a message.

", + "refs": { + } + }, + "GetMessageInsightsResponse": { + "base": "

Information about a message.

", + "refs": { + } + }, "GetSuppressedDestinationRequest": { "base": "

A request to retrieve information about an email address that's on the suppression list for your account.

", "refs": { @@ -1406,6 +1616,26 @@ "DomainDeliverabilityTrackingOption$InboxPlacementTrackingOption": "

An object that contains information about the inbox placement data settings for the domain.

" } }, + "InsightsEmailAddress": { + "base": null, + "refs": { + "EmailAddressFilterList$member": null, + "EmailInsights$Destination": "

The recipient of the email.

", + "GetMessageInsightsResponse$FromEmailAddress": "

The from address used to send the message.

" + } + }, + "InsightsEvent": { + "base": "

An object containing details about a specific event.

", + "refs": { + "InsightsEvents$member": null + } + }, + "InsightsEvents": { + "base": null, + "refs": { + "EmailInsights$Events": "

A list of events associated with the sent email.

" + } + }, "InternalServiceErrorException": { "base": "

The request couldn't be processed because an error occurred with the Amazon SES API v2.

", "refs": { @@ -1432,6 +1662,19 @@ "DomainDeliverabilityCampaign$SendingIps": "

The IP addresses that were used to send the email message.

" } }, + "Isp": { + "base": null, + "refs": { + "EmailInsights$Isp": "

The recipient's ISP (e.g., Gmail, Yahoo, etc.).

", + "IspFilterList$member": null + } + }, + "IspFilterList": { + "base": null, + "refs": { + "MessageInsightsFilters$Isp": "

The recipient's ISP (e.g., Gmail, Yahoo, etc.).

" + } + }, "IspName": { "base": "

The name of an email provider.

", "refs": { @@ -1459,19 +1702,27 @@ } }, "JobId": { - "base": "

A string that represents the import job ID.

", + "base": "

A string that represents a job ID.

", "refs": { + "CancelExportJobRequest$JobId": "

The export job ID.

", + "CreateExportJobResponse$JobId": "

A string that represents the export job ID.

", "CreateImportJobResponse$JobId": "

A string that represents the import job ID.

", + "ExportJobSummary$JobId": "

The export job ID.

", + "GetExportJobRequest$JobId": "

The export job ID.

", + "GetExportJobResponse$JobId": "

The export job ID.

", "GetImportJobRequest$JobId": "

The ID of the import job.

", "GetImportJobResponse$JobId": "

A string that represents the import job ID.

", "ImportJobSummary$JobId": null } }, "JobStatus": { - "base": "

The status of the import job.

", + "base": "

The status of a job.

  • CREATED – Job has just been created.

  • PROCESSING – Job is processing.

  • ERROR – An error occurred during processing.

  • COMPLETED – Job has completed processing successfully.

", "refs": { + "ExportJobSummary$JobStatus": "

The status of the export job.

", + "GetExportJobResponse$JobStatus": "

The status of the export job.

", "GetImportJobResponse$JobStatus": "

The status of the import job.

", - "ImportJobSummary$JobStatus": null + "ImportJobSummary$JobStatus": null, + "ListExportJobsRequest$JobStatus": "

A value used to list export jobs that have a certain JobStatus.

" } }, "KinesisFirehoseDestination": { @@ -1481,6 +1732,18 @@ "EventDestinationDefinition$KinesisFirehoseDestination": "

An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.

" } }, + "LastDeliveryEventList": { + "base": null, + "refs": { + "MessageInsightsFilters$LastDeliveryEvent": "

The last delivery-related event for the email, where the ordering is as follows: SEND < BOUNCE < DELIVERY < COMPLAINT.

" + } + }, + "LastEngagementEventList": { + "base": null, + "refs": { + "MessageInsightsFilters$LastEngagementEvent": "

The last engagement-related event for the email, where the ordering is as follows: OPEN < CLICK.

Engagement events are only available if Engagement tracking is enabled.

" + } + }, "LastFreshStart": { "base": "

The date and time (in Unix time) when the reputation metrics were last given a fresh start. When your account is given a fresh start, your reputation metrics are calculated starting from the date of the fresh start.

", "refs": { @@ -1588,6 +1851,16 @@ "refs": { } }, + "ListExportJobsRequest": { + "base": "

Represents a request to list all export jobs with filters.

", + "refs": { + } + }, + "ListExportJobsResponse": { + "base": "

An HTTP 200 response if the request succeeds, or an error message if the request fails.

", + "refs": { + } + }, "ListImportJobsRequest": { "base": "

Represents a request to list all of the import jobs for a data destination within the specified maximum number of import jobs.

", "refs": { @@ -1720,6 +1993,7 @@ "ListDomainDeliverabilityCampaignsRequest$PageSize": "

The maximum number of results to include in response to a single call to the ListDomainDeliverabilityCampaigns operation. If the number of results is larger than the number that you specify in this parameter, the response includes a NextToken element, which you can use to obtain additional results.

", "ListEmailIdentitiesRequest$PageSize": "

The number of results to show in a single call to ListEmailIdentities. If the number of results is larger than the number you specified in this parameter, then the response includes a NextToken element, which you can use to obtain additional results.

The value you specify has to be at least 0, and can be no more than 1000.

", "ListEmailTemplatesRequest$PageSize": "

The number of results to show in a single call to ListEmailTemplates. If the number of results is larger than the number you specified in this parameter, then the response includes a NextToken element, which you can use to obtain additional results.

The value you specify has to be at least 1, and can be no more than 10.

", + "ListExportJobsRequest$PageSize": "

Maximum number of export jobs to return at once. Use this parameter to paginate results. If additional export jobs exist beyond the specified limit, the NextToken element is sent in the response. Use the NextToken value in subsequent calls to ListExportJobs to retrieve additional export jobs.

", "ListImportJobsRequest$PageSize": "

Maximum number of import jobs to return at once. Use this parameter to paginate results. If additional import jobs exist beyond the specified limit, the NextToken element is sent in the response. Use the NextToken value in subsequent requests to retrieve additional addresses.

", "ListRecommendationsRequest$PageSize": "

The number of results to show in a single call to ListRecommendations. If the number of results is larger than the number you specified in this parameter, then the response includes a NextToken element, which you can use to obtain additional results.

The value you specify has to be at least 1, and can be no more than 100.

", "ListSuppressedDestinationsRequest$PageSize": "

The number of results to show in a single call to ListSuppressedDestinations. If the number of results is larger than the number you specified in this parameter, then the response includes a NextToken element, which you can use to obtain additional results.

" @@ -1749,6 +2023,25 @@ "Content$Data": "

The content of the message itself.

" } }, + "MessageInsightsDataSource": { + "base": "

An object that contains filters applied when performing the Message Insights export.

", + "refs": { + "ExportDataSource$MessageInsightsDataSource": null + } + }, + "MessageInsightsExportMaxResults": { + "base": null, + "refs": { + "MessageInsightsDataSource$MaxResults": "

The maximum number of results.

" + } + }, + "MessageInsightsFilters": { + "base": "

An object containing Message Insights filters.

If you specify multiple filters, the filters are joined by AND.

If you specify multiple values for a filter, the values are joined by OR. Filter values are case-sensitive.

FromEmailAddress, Destination, and Subject filters support partial match. A partial match is performed by using the * wildcard character placed at the beginning (suffix match), the end (prefix match) or both ends of the string (contains match). In order to match the literal characters * or \\, they must be escaped using the \\ character. If no wildcard character is present, an exact match is performed.

", + "refs": { + "MessageInsightsDataSource$Include": "

Filters for results to be included in the export file.

", + "MessageInsightsDataSource$Exclude": "

Filters for results to be excluded from the export file.

" + } + }, "MessageRejected": { "base": "

The message can't be sent because it contains invalid content.

", "refs": { @@ -1764,6 +2057,7 @@ "base": "

A list of message tags.

", "refs": { "BulkEmailEntry$ReplacementTags": "

A list of tags, in the form of name/value pairs, to apply to an email that you send using the SendBulkTemplatedEmail operation. Tags correspond to characteristics of the email that you define, so that you can publish email sending events.

", + "GetMessageInsightsResponse$EmailTags": "

A list of tags, in the form of name/value pairs, that were applied to the email you sent, along with Amazon SES Auto-Tags.

", "SendBulkEmailRequest$DefaultEmailTags": "

A list of tags, in the form of name/value pairs, to apply to an email that you send using the SendEmail operation. Tags correspond to characteristics of the email that you define, so that you can publish email sending events.

", "SendEmailRequest$EmailTags": "

A list of tags, in the form of name/value pairs, to apply to an email that you send using the SendEmail operation. Tags correspond to characteristics of the email that you define, so that you can publish email sending events.

" } @@ -1781,9 +2075,16 @@ } }, "Metric": { - "base": null, + "base": "

The metric to export, can be one of the following:

  • SEND - Emails sent eligible for tracking in the VDM dashboard. This excludes emails sent to the mailbox simulator and emails addressed to more than one recipient.

  • COMPLAINT - Complaints received for your account. This excludes complaints from the mailbox simulator, those originating from your account-level suppression list (if enabled), and those for emails addressed to more than one recipient

  • PERMANENT_BOUNCE - Permanent bounces - i.e., feedback received for emails sent to non-existent mailboxes. Excludes bounces from the mailbox simulator, those originating from your account-level suppression list (if enabled), and those for emails addressed to more than one recipient.

  • TRANSIENT_BOUNCE - Transient bounces - i.e., feedback received for delivery failures excluding issues with non-existent mailboxes. Excludes bounces from the mailbox simulator, and those for emails addressed to more than one recipient.

  • OPEN - Unique open events for emails including open trackers. Excludes opens for emails addressed to more than one recipient.

  • CLICK - Unique click events for emails including wrapped links. Excludes clicks for emails addressed to more than one recipient.

  • DELIVERY - Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator and for emails addressed to more than one recipient.

  • DELIVERY_OPEN - Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator, for emails addressed to more than one recipient, and emails without open trackers.

  • DELIVERY_CLICK - Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator, for emails addressed to more than one recipient, and emails without click trackers.

  • DELIVERY_COMPLAINT - Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator, for emails addressed to more than one recipient, and emails addressed to recipients hosted by ISPs with which Amazon SES does not have a feedback loop agreement.

", + "refs": { + "BatchGetMetricDataQuery$Metric": "

The queried metric. This can be one of the following:

  • SEND – Emails sent eligible for tracking in the VDM dashboard. This excludes emails sent to the mailbox simulator and emails addressed to more than one recipient.

  • COMPLAINT – Complaints received for your account. This excludes complaints from the mailbox simulator, those originating from your account-level suppression list (if enabled), and those for emails addressed to more than one recipient

  • PERMANENT_BOUNCE – Permanent bounces - i.e. feedback received for emails sent to non-existent mailboxes. Excludes bounces from the mailbox simulator, those originating from your account-level suppression list (if enabled), and those for emails addressed to more than one recipient.

  • TRANSIENT_BOUNCE – Transient bounces - i.e. feedback received for delivery failures excluding issues with non-existent mailboxes. Excludes bounces from the mailbox simulator, and those for emails addressed to more than one recipient.

  • OPEN – Unique open events for emails including open trackers. Excludes opens for emails addressed to more than one recipient.

  • CLICK – Unique click events for emails including wrapped links. Excludes clicks for emails addressed to more than one recipient.

  • DELIVERY – Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator and for emails addressed to more than one recipient.

  • DELIVERY_OPEN – Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator, for emails addressed to more than one recipient, and emails without open trackers.

  • DELIVERY_CLICK – Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator, for emails addressed to more than one recipient, and emails without click trackers.

  • DELIVERY_COMPLAINT – Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator, for emails addressed to more than one recipient, and emails addressed to recipients hosted by ISPs with which Amazon SES does not have a feedback loop agreement.

", + "ExportMetric$Name": null + } + }, + "MetricAggregation": { + "base": "

The aggregation to apply to a metric, can be one of the following:

  • VOLUME - The volume of events for this metric.

  • RATE - The rate for this metric relative to the SEND metric volume.

", "refs": { - "BatchGetMetricDataQuery$Metric": "

The queried metric. This can be one of the following:

  • SEND – Emails sent eligible for tracking in the VDM dashboard. This excludes emails sent to the mailbox simulator and emails addressed to more than one recipient.

  • COMPLAINT – Complaints received for your account. This excludes complaints from the mailbox simulator, those originating from your account-level suppression list (if enabled), and those for emails addressed to more than one recipient

  • PERMANENT_BOUNCE – Permanent bounces - i.e. feedback received for emails sent to non-existent mailboxes. Excludes bounces from the mailbox simulator, those originating from your account-level suppression list (if enabled), and those for emails addressed to more than one recipient.

  • TRANSIENT_BOUNCE – Transient bounces - i.e. feedback received for delivery failures excluding issues with non-existent mailboxes. Excludes bounces from the mailbox simulator, and those for emails addressed to more than one recipient.

  • OPEN – Unique open events for emails including open trackers. Excludes opens for emails addressed to more than one recipient.

  • CLICK – Unique click events for emails including wrapped links. Excludes clicks for emails addressed to more than one recipient.

  • DELIVERY – Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator and for emails addressed to more than one recipient.

  • DELIVERY_OPEN – Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator, for emails addressed to more than one recipient, and emails without open trackers.

  • DELIVERY_CLICK – Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator, for emails addressed to more than one recipient, and emails without click trackers.

  • DELIVERY_COMPLAINT – Successful deliveries for email sending attempts. Excludes deliveries to the mailbox simulator, for emails addressed to more than one recipient, and emails addressed to recipients hosted by ISPs with which Amazon SES does not have a feedback loop agreement.

" + "ExportMetric$Aggregation": null } }, "MetricDataError": { @@ -1813,19 +2114,22 @@ "MetricDimensionName": { "base": "

The BatchGetMetricDataQuery dimension name. This can be one of the following:

  • EMAIL_IDENTITY – The email identity used when sending messages.

  • CONFIGURATION_SET – The configuration set used when sending messages (if one was used).

  • ISP – The recipient ISP (e.g. Gmail, Yahoo, etc.).

", "refs": { - "Dimensions$key": null + "Dimensions$key": null, + "ExportDimensions$key": null } }, "MetricDimensionValue": { - "base": null, + "base": "

A list of values associated with the MetricDimensionName to filter metrics by. Can either be * as a wildcard for all values or a list of up to 10 specific values. If one Dimension has the * value, other dimensions can only contain one value.

", "refs": { - "Dimensions$value": null + "Dimensions$value": null, + "ExportDimensionValue$member": null } }, "MetricNamespace": { "base": null, "refs": { - "BatchGetMetricDataQuery$Namespace": "

The query namespace - e.g. VDM

" + "BatchGetMetricDataQuery$Namespace": "

The query namespace - e.g. VDM

", + "MetricsDataSource$Namespace": "

The metrics namespace - e.g., VDM.

" } }, "MetricValueList": { @@ -1834,6 +2138,12 @@ "MetricDataResult$Values": "

A list of values (cumulative / sum) for the metric data results.

" } }, + "MetricsDataSource": { + "base": "

An object that contains details about the data source for the metrics export.

", + "refs": { + "ExportDataSource$MetricsDataSource": null + } + }, "NextToken": { "base": null, "refs": { @@ -1857,6 +2167,8 @@ "ListEmailIdentitiesResponse$NextToken": "

A token that indicates that there are additional configuration sets to list. To view additional configuration sets, issue another request to ListEmailIdentities, and pass this token in the NextToken parameter.

", "ListEmailTemplatesRequest$NextToken": "

A token returned from a previous call to ListEmailTemplates to indicate the position in the list of email templates.

", "ListEmailTemplatesResponse$NextToken": "

A token indicating that there are additional email templates available to be listed. Pass this token to a subsequent ListEmailTemplates call to retrieve the next 10 email templates.

", + "ListExportJobsRequest$NextToken": "

The pagination token returned from a previous call to ListExportJobs to indicate the position in the list of export jobs.

", + "ListExportJobsResponse$NextToken": "

A string token indicating that there might be additional export jobs available to be listed. Use this token to a subsequent call to ListExportJobs with the same parameters to retrieve the next page of export jobs.

", "ListImportJobsRequest$NextToken": "

A string token indicating that there might be additional import jobs available to be listed. Copy this token to a subsequent call to ListImportJobs with the same parameters to retrieve the next page of import jobs.

", "ListImportJobsResponse$NextToken": "

A string token indicating that there might be additional import jobs available to be listed. Copy this token to a subsequent call to ListImportJobs with the same parameters to retrieve the next page of import jobs.

", "ListRecommendationsRequest$NextToken": "

A token returned from a previous call to ListRecommendations to indicate the position in the list of recommendations.

", @@ -1874,6 +2186,8 @@ "base": null, "refs": { "BulkEmailEntryResult$MessageId": "

The unique message identifier returned from the SendBulkTemplatedEmail operation.

", + "GetMessageInsightsRequest$MessageId": "

A MessageId is a unique identifier for a message, and is returned when sending emails through Amazon SES.

", + "GetMessageInsightsResponse$MessageId": "

A unique identifier for the message.

", "SendCustomVerificationEmailResponse$MessageId": "

The unique message identifier returned from the SendCustomVerificationEmail operation.

", "SendEmailResponse$MessageId": "

A unique identifier for the message that is generated when the message is accepted.

It's possible for Amazon SES to accept a message without sending it. This can happen when the message that you're trying to send has an attachment contains a virus, or when you send a templated email that contains invalid personalization content, for example.

", "SuppressedDestinationAttributes$MessageId": "

The unique identifier of the email message that caused the email address to be added to the suppression list for your account.

" @@ -1970,6 +2284,7 @@ "ProcessedRecordsCount": { "base": null, "refs": { + "ExportStatistics$ProcessedRecordsCount": "

The number of records that were processed to generate the final export file.

", "GetImportJobResponse$ProcessedRecordsCount": "

The current number of records processed.

", "ImportJobSummary$ProcessedRecordsCount": "

The current number of records processed.

" } @@ -2311,8 +2626,9 @@ } }, "S3Url": { - "base": "

An Amazon S3 URL in the format s3://<bucket_name>/<object>.

", + "base": "

An Amazon S3 URL in the format s3://<bucket_name>/<object> or a pre-signed URL.

", "refs": { + "ExportDestination$S3Url": "

An Amazon S3 pre-signed URL that points to the generated export file.

", "ImportDataSource$S3Url": "

An Amazon S3 URL in the format s3://<bucket_name>/<object>.

" } }, @@ -2579,6 +2895,8 @@ "DomainDeliverabilityCampaign$LastSeenDateTime": "

The last time when the email message was delivered to any recipient's inbox. This value can help you determine how long it took for a campaign to deliver an email message.

", "DomainDeliverabilityTrackingOption$SubscriptionStartDate": "

The date when you enabled the Deliverability dashboard for the domain.

", "EmailTemplateMetadata$CreatedTimestamp": "

The time and date the template was created.

", + "ExportJobSummary$CreatedTimestamp": "

The timestamp of when the export job was created.

", + "ExportJobSummary$CompletedTimestamp": "

The timestamp of when the export job was completed.

", "GetContactListResponse$CreatedTimestamp": "

A timestamp noting when the contact list was created.

", "GetContactListResponse$LastUpdatedTimestamp": "

A timestamp noting the last time the contact list was updated.

", "GetContactResponse$CreatedTimestamp": "

A timestamp noting when the contact was created.

", @@ -2586,13 +2904,20 @@ "GetDeliverabilityDashboardOptionsResponse$SubscriptionExpiryDate": "

The date when your current subscription to the Deliverability dashboard is scheduled to expire, if your subscription is scheduled to expire at the end of the current calendar month. This value is null if you have an active subscription that isn’t due to expire at the end of the month.

", "GetDomainStatisticsReportRequest$StartDate": "

The first day (in Unix time) that you want to obtain domain deliverability metrics for.

", "GetDomainStatisticsReportRequest$EndDate": "

The last day (in Unix time) that you want to obtain domain deliverability metrics for. The EndDate that you specify has to be less than or equal to 30 days after the StartDate.

", + "GetExportJobResponse$CreatedTimestamp": "

The timestamp of when the export job was created.

", + "GetExportJobResponse$CompletedTimestamp": "

The timestamp of when the export job was completed.

", "GetImportJobResponse$CreatedTimestamp": "

The time stamp of when the import job was created.

", "GetImportJobResponse$CompletedTimestamp": "

The time stamp of when the import job was completed.

", "ImportJobSummary$CreatedTimestamp": "

The date and time when the import job was created.

", + "InsightsEvent$Timestamp": "

The timestamp of the event.

", "ListDomainDeliverabilityCampaignsRequest$StartDate": "

The first day that you want to obtain deliverability data for.

", "ListDomainDeliverabilityCampaignsRequest$EndDate": "

The last day that you want to obtain deliverability data for. This value has to be less than or equal to 30 days after the value of the StartDate parameter.

", "ListSuppressedDestinationsRequest$StartDate": "

Used to filter the list of suppressed email destinations so that it only includes addresses that were added to the list after a specific date.

", "ListSuppressedDestinationsRequest$EndDate": "

Used to filter the list of suppressed email destinations so that it only includes addresses that were added to the list before a specific date.

", + "MessageInsightsDataSource$StartDate": "

Represents the start date for the export interval as a timestamp. The start date is inclusive.

", + "MessageInsightsDataSource$EndDate": "

Represents the end date for the export interval as a timestamp. The end date is inclusive.

", + "MetricsDataSource$StartDate": "

Represents the start date for the export interval as a timestamp.

", + "MetricsDataSource$EndDate": "

Represents the end date for the export interval as a timestamp.

", "Recommendation$CreatedTimestamp": "

The first time this issue was encountered and the recommendation was generated.

", "Recommendation$LastUpdatedTimestamp": "

The last time the recommendation was updated.

", "SuppressedDestination$LastUpdateTime": "

The date and time when the suppressed destination was last updated, shown in Unix time format.

", diff --git a/models/apis/sesv2/2019-09-27/endpoint-rule-set-1.json b/models/apis/sesv2/2019-09-27/endpoint-rule-set-1.json index 1d567c5f974..900cfc973ee 100644 --- a/models/apis/sesv2/2019-09-27/endpoint-rule-set-1.json +++ b/models/apis/sesv2/2019-09-27/endpoint-rule-set-1.json @@ -58,52 +58,56 @@ "type": "error" }, { - "conditions": [], - "type": "tree", - "rules": [ + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" + "ref": "UseDualStack" }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" + true + ] } - ] + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, { - "conditions": [], + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], "type": "tree", "rules": [ { "conditions": [ { - "fn": "isSet", + "fn": "aws.partition", "argv": [ { "ref": "Region" } - ] + ], + "assign": "PartitionResult" } ], "type": "tree", @@ -111,13 +115,22 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "booleanEquals", "argv": [ { - "ref": "Region" - } - ], - "assign": "PartitionResult" + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] } ], "type": "tree", @@ -127,224 +140,175 @@ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] }, { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://email-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" + "endpoint": { + "url": "https://email-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ { - "conditions": [], - "endpoint": { - "url": "https://email-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsFIPS" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" + "endpoint": { + "url": "https://email-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://email.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } - ] - }, - { - "conditions": [], + ], "type": "tree", "rules": [ { "conditions": [], "endpoint": { - "url": "https://email.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://email.{Region}.{PartitionResult#dualStackDnsSuffix}", "properties": {}, "headers": {} }, "type": "endpoint" } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://email.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } \ No newline at end of file diff --git a/models/apis/sesv2/2019-09-27/examples-1.json b/models/apis/sesv2/2019-09-27/examples-1.json index 8eb6855a3d8..c89d126e042 100644 --- a/models/apis/sesv2/2019-09-27/examples-1.json +++ b/models/apis/sesv2/2019-09-27/examples-1.json @@ -1,6 +1,250 @@ { "version": "1.0", "examples": { + "CancelExportJob": [ + { + "input": { + "JobId": "ef28cf62-9d8e-4b60-9283-b09816c99a99" + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "Cancels the export job with ID ef28cf62-9d8e-4b60-9283-b09816c99a99", + "id": "cancel-export-job-1685699696331", + "title": "Cancel export job" + } + ], + "CreateExportJob": [ + { + "input": { + "ExportDataSource": { + "MetricsDataSource": { + "Dimensions": { + "ISP": [ + "*" + ] + }, + "EndDate": "2023-07-02T00:00:00", + "Metrics": [ + { + "Aggregation": "VOLUME", + "Name": "SEND" + }, + { + "Aggregation": "VOLUME", + "Name": "COMPLAINT" + }, + { + "Aggregation": "RATE", + "Name": "COMPLAINT" + } + ], + "Namespace": "VDM", + "StartDate": "2023-07-01T00:00:00" + } + }, + "ExportDestination": { + "DataFormat": "CSV" + } + }, + "output": { + "JobId": "ef28cf62-9d8e-4b60-9283-b09816c99a99" + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "Creates a new export job for Metrics data", + "id": "create-export-job-1685701853690", + "title": "Create Metrics export job" + }, + { + "input": { + "ExportDataSource": { + "MessageInsightsDataSource": { + "EndDate": "2023-07-02T00:00:00", + "Exclude": { + "FromEmailAddress": [ + "hello@example.com" + ] + }, + "Include": { + "Subject": [ + "Hello" + ] + }, + "StartDate": "2023-07-01T00:00:00" + } + }, + "ExportDestination": { + "DataFormat": "CSV" + } + }, + "output": { + "JobId": "ef28cf62-9d8e-4b60-9283-b09816c99a99" + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "Creates a new export job for Message Insights data", + "id": "create-export-job-1689957853323", + "title": "Create Message Insights export job" + } + ], + "GetExportJob": [ + { + "input": { + "JobId": "ef28cf62-9d8e-4b60-9283-b09816c99a99" + }, + "output": { + "CreatedTimestamp": "1685700961057", + "ExportDataSource": { + "MetricsDataSource": { + "Dimensions": { + "ISP": [ + "*" + ] + }, + "EndDate": "1675209600000", + "Metrics": [ + { + "Aggregation": "VOLUME", + "Name": "SEND" + }, + { + "Aggregation": "VOLUME", + "Name": "COMPLAINT" + }, + { + "Aggregation": "RATE", + "Name": "COMPLAINT" + } + ], + "Namespace": "VDM", + "StartDate": "1672531200000" + } + }, + "ExportDestination": { + "DataFormat": "CSV" + }, + "ExportSourceType": "METRICS_DATA", + "JobId": "ef28cf62-9d8e-4b60-9283-b09816c99a99", + "JobStatus": "PROCESSING", + "Statistics": { + "ExportedRecordsCount": 5, + "ProcessedRecordsCount": 5 + } + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "Gets the export job with ID ef28cf62-9d8e-4b60-9283-b09816c99a99", + "id": "get-export-job-1685699942772", + "title": "Get export job" + } + ], + "GetMessageInsights": [ + { + "input": { + "MessageId": "000000000000ab00-0a000aa0-1234-0a0a-1234-0a0aaa0aa00a-000000" + }, + "output": { + "EmailTags": [ + { + "Name": "ses:operation", + "Value": "SendEmail" + }, + { + "Name": "ses:recipient-isp", + "Value": "UNKNOWN_ISP" + }, + { + "Name": "ses:source-ip", + "Value": "0.0.0.0" + }, + { + "Name": "ses:from-domain", + "Value": "example.com" + }, + { + "Name": "ses:sender-identity", + "Value": "hello@example.com" + }, + { + "Name": "ses:caller-identity", + "Value": "Identity" + } + ], + "FromEmailAddress": "hello@example.com", + "Insights": [ + { + "Destination": "recipient@example.com", + "Events": [ + { + "Timestamp": "2023-01-01T00:00:00.000000+01:00", + "Type": "SEND" + }, + { + "Timestamp": "2023-01-01T00:00:01.000000+01:00", + "Type": "DELIVERY" + } + ], + "Isp": "UNKNOWN_ISP" + } + ], + "MessageId": "000000000000ab00-0a000aa0-1234-0a0a-1234-0a0aaa0aa00a-000000", + "Subject": "hello" + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "Provides information about a specific message.", + "id": "get-message-insights-1689955713493", + "title": "Get Message Insights" + } + ], + "ListExportJobs": [ + { + "input": { + "ExportSourceType": "METRICS_DATA", + "JobStatus": "PROCESSING", + "PageSize": 25 + }, + "output": { + "ExportJobs": [ + { + "CreatedTimestamp": "167697473543", + "ExportSourceType": "METRICS_DATA", + "JobId": "72de83a0-6b49-47ca-9783-8b812576887a", + "JobStatus": "PROCESSING" + } + ] + }, + "comments": { + "input": { + }, + "output": { + } + }, + "description": "Lists export jobs of type METRICS_DATA and status PROCESSING", + "id": "list-export-jobs-1685702074256", + "title": "List export jobs" + } + ], "PutDedicatedIpPoolScalingAttributes": [ { "input": { diff --git a/models/apis/sesv2/2019-09-27/paginators-1.json b/models/apis/sesv2/2019-09-27/paginators-1.json index 188b42d8a1d..5b3c2d8c3ac 100644 --- a/models/apis/sesv2/2019-09-27/paginators-1.json +++ b/models/apis/sesv2/2019-09-27/paginators-1.json @@ -50,6 +50,11 @@ "output_token": "NextToken", "limit_key": "PageSize" }, + "ListExportJobs": { + "input_token": "NextToken", + "output_token": "NextToken", + "limit_key": "PageSize" + }, "ListImportJobs": { "input_token": "NextToken", "output_token": "NextToken", diff --git a/service/cognitoidentityprovider/api.go b/service/cognitoidentityprovider/api.go index 96ca1654e9c..a3088577b40 100644 --- a/service/cognitoidentityprovider/api.go +++ b/service/cognitoidentityprovider/api.go @@ -3295,7 +3295,8 @@ func (c *CognitoIdentityProvider) AdminUpdateUserAttributesRequest(input *AdminU // in the Amazon Cognito Developer Guide. // // Updates the specified user's attributes, including developer attributes, -// as an administrator. Works on any user. +// as an administrator. Works on any user. To delete an attribute from your +// user, submit the attribute in your API request with a blank value. // // For custom attributes, you must prepend the custom: prefix to the attribute // name. @@ -3554,6 +3555,7 @@ func (c *CognitoIdentityProvider) AssociateSoftwareTokenRequest(input *Associate output = &AssociateSoftwareTokenOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials return } @@ -3799,6 +3801,7 @@ func (c *CognitoIdentityProvider) ConfirmDeviceRequest(input *ConfirmDeviceInput output = &ConfirmDeviceOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials return } @@ -6524,6 +6527,7 @@ func (c *CognitoIdentityProvider) ForgetDeviceRequest(input *ForgetDeviceInput) output = &ForgetDeviceOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -6905,6 +6909,7 @@ func (c *CognitoIdentityProvider) GetDeviceRequest(input *GetDeviceInput) (req * output = &GetDeviceOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials return } @@ -7870,6 +7875,7 @@ func (c *CognitoIdentityProvider) GlobalSignOutRequest(input *GlobalSignOutInput output = &GlobalSignOutOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -8148,6 +8154,7 @@ func (c *CognitoIdentityProvider) ListDevicesRequest(input *ListDevicesInput) (r output = &ListDevicesOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials return } @@ -9942,6 +9949,7 @@ func (c *CognitoIdentityProvider) RevokeTokenRequest(input *RevokeTokenInput) (r output = &RevokeTokenOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -10362,6 +10370,7 @@ func (c *CognitoIdentityProvider) SetUserMFAPreferenceRequest(input *SetUserMFAP output = &SetUserMFAPreferenceOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -11279,6 +11288,7 @@ func (c *CognitoIdentityProvider) UpdateAuthEventFeedbackRequest(input *UpdateAu output = &UpdateAuthEventFeedbackOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -11388,6 +11398,7 @@ func (c *CognitoIdentityProvider) UpdateDeviceStatusRequest(input *UpdateDeviceS output = &UpdateDeviceStatusOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -12410,6 +12421,7 @@ func (c *CognitoIdentityProvider) VerifySoftwareTokenRequest(input *VerifySoftwa output = &VerifySoftwareTokenOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials return } @@ -14843,7 +14855,11 @@ type AdminInitiateAuthOutput struct { // determines that the caller must pass another challenge, they return a session // with other challenge parameters. This session should be passed as it is to // the next AdminRespondToAuthChallenge API call. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AdminInitiateAuthOutput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` } // String returns the string representation. @@ -15726,7 +15742,11 @@ type AdminRespondToAuthChallengeInput struct { // (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash). // For information about DEVICE_KEY, see Working with user devices in your user // pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html). - ChallengeResponses map[string]*string `type:"map"` + // + // ChallengeResponses is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AdminRespondToAuthChallengeInput's + // String and GoString methods. + ChallengeResponses map[string]*string `type:"map" sensitive:"true"` // The app client ID. // @@ -15796,7 +15816,11 @@ type AdminRespondToAuthChallengeInput struct { // that the caller must pass another challenge, it returns a session with other // challenge parameters. This session should be passed as it is to the next // RespondToAuthChallenge API call. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AdminRespondToAuthChallengeInput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` // The ID of the Amazon Cognito user pool. // @@ -15920,7 +15944,11 @@ type AdminRespondToAuthChallengeOutput struct { // the service. If the caller must pass another challenge, they return a session // with other challenge parameters. This session should be passed as it is to // the next RespondToAuthChallenge API call. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AdminRespondToAuthChallengeOutput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` } // String returns the string representation. @@ -17044,7 +17072,11 @@ type AssociateSoftwareTokenInput struct { // The session that should be passed both ways in challenge-response calls to // the service. This allows authentication of the user as part of the MFA setup // process. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AssociateSoftwareTokenInput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` } // String returns the string representation. @@ -17104,7 +17136,11 @@ type AssociateSoftwareTokenOutput struct { // The session that should be passed both ways in challenge-response calls to // the service. This allows authentication of the user as part of the MFA setup // process. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AssociateSoftwareTokenOutput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` } // String returns the string representation. @@ -17550,6 +17586,11 @@ type CloudWatchLogsConfigurationType struct { // user pool sends logs. The log group must not be encrypted with Key Management // Service and must be in the same Amazon Web Services account as your user // pool. + // + // To send logs to log groups with a resource policy of a size greater than + // 5120 characters, configure a log group with a path that starts with /aws/vendedlogs. + // For more information, see Enabling logging from certain Amazon Web Services + // services (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html). LogGroupArn *string `min:"20" type:"string"` } @@ -18144,7 +18185,11 @@ type ConfirmForgotPasswordInput struct { // IP address, or location. Amazon Cognito advanced security evaluates the risk // of an authentication event based on the context that your app generates and // passes to Amazon Cognito when it makes API requests. - UserContextData *UserContextDataType `type:"structure"` + // + // UserContextData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's + // String and GoString methods. + UserContextData *UserContextDataType `type:"structure" sensitive:"true"` // The user name of the user for whom you want to enter a code to retrieve a // forgotten password. @@ -18353,7 +18398,11 @@ type ConfirmSignUpInput struct { // IP address, or location. Amazon Cognito advanced security evaluates the risk // of an authentication event based on the context that your app generates and // passes to Amazon Cognito when it makes API requests. - UserContextData *UserContextDataType `type:"structure"` + // + // UserContextData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ConfirmSignUpInput's + // String and GoString methods. + UserContextData *UserContextDataType `type:"structure" sensitive:"true"` // The user name of the user whose registration you want to confirm. // @@ -18759,7 +18808,7 @@ type CreateIdentityProviderInput struct { // The IdP name. // // ProviderName is a required field - ProviderName *string `min:"3" type:"string" required:"true"` + ProviderName *string `min:"1" type:"string" required:"true"` // The IdP type. // @@ -18799,8 +18848,8 @@ func (s *CreateIdentityProviderInput) Validate() error { if s.ProviderName == nil { invalidParams.Add(request.NewErrParamRequired("ProviderName")) } - if s.ProviderName != nil && len(*s.ProviderName) < 3 { - invalidParams.Add(request.NewErrParamMinLen("ProviderName", 3)) + if s.ProviderName != nil && len(*s.ProviderName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ProviderName", 1)) } if s.ProviderType == nil { invalidParams.Add(request.NewErrParamRequired("ProviderType")) @@ -22716,7 +22765,11 @@ type ForgotPasswordInput struct { // IP address, or location. Amazon Cognito advanced security evaluates the risk // of an authentication event based on the context that your app generates and // passes to Amazon Cognito when it makes API requests. - UserContextData *UserContextDataType `type:"structure"` + // + // UserContextData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ForgotPasswordInput's + // String and GoString methods. + UserContextData *UserContextDataType `type:"structure" sensitive:"true"` // The user name of the user for whom you want to enter a code to reset a forgotten // password. @@ -24401,7 +24454,11 @@ type InitiateAuthInput struct { // IP address, or location. Amazon Cognito advanced security evaluates the risk // of an authentication event based on the context that your app generates and // passes to Amazon Cognito when it makes API requests. - UserContextData *UserContextDataType `type:"structure"` + // + // UserContextData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by InitiateAuthInput's + // String and GoString methods. + UserContextData *UserContextDataType `type:"structure" sensitive:"true"` } // String returns the string representation. @@ -24546,7 +24603,11 @@ type InitiateAuthOutput struct { // service. If the caller must pass another challenge, they return a session // with other challenge parameters. This session should be passed as it is to // the next RespondToAuthChallenge API call. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by InitiateAuthOutput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` } // String returns the string representation. @@ -27788,7 +27849,11 @@ type ResendConfirmationCodeInput struct { // IP address, or location. Amazon Cognito advanced security evaluates the risk // of an authentication event based on the context that your app generates and // passes to Amazon Cognito when it makes API requests. - UserContextData *UserContextDataType `type:"structure"` + // + // UserContextData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ResendConfirmationCodeInput's + // String and GoString methods. + UserContextData *UserContextDataType `type:"structure" sensitive:"true"` // The username attribute of the user to whom you want to resend a confirmation // code. @@ -28160,7 +28225,11 @@ type RespondToAuthChallengeInput struct { // (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash). // For information about DEVICE_KEY, see Working with user devices in your user // pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html). - ChallengeResponses map[string]*string `type:"map"` + // + // ChallengeResponses is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RespondToAuthChallengeInput's + // String and GoString methods. + ChallengeResponses map[string]*string `type:"map" sensitive:"true"` // The app client ID. // @@ -28208,13 +28277,21 @@ type RespondToAuthChallengeInput struct { // that the caller must pass another challenge, they return a session with other // challenge parameters. This session should be passed as it is to the next // RespondToAuthChallenge API call. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RespondToAuthChallengeInput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` // Contextual data about your user session, such as the device fingerprint, // IP address, or location. Amazon Cognito advanced security evaluates the risk // of an authentication event based on the context that your app generates and // passes to Amazon Cognito when it makes API requests. - UserContextData *UserContextDataType `type:"structure"` + // + // UserContextData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RespondToAuthChallengeInput's + // String and GoString methods. + UserContextData *UserContextDataType `type:"structure" sensitive:"true"` } // String returns the string representation. @@ -28317,7 +28394,11 @@ type RespondToAuthChallengeOutput struct { // the service. If the caller must pass another challenge, they return a session // with other challenge parameters. This session should be passed as it is to // the next RespondToAuthChallenge API call. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RespondToAuthChallengeOutput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` } // String returns the string representation. @@ -29614,7 +29695,11 @@ type SignUpInput struct { // IP address, or location. Amazon Cognito advanced security evaluates the risk // of an authentication event based on the context that your app generates and // passes to Amazon Cognito when it makes API requests. - UserContextData *UserContextDataType `type:"structure"` + // + // UserContextData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SignUpInput's + // String and GoString methods. + UserContextData *UserContextDataType `type:"structure" sensitive:"true"` // The user name of the user you want to register. // @@ -32982,7 +33067,7 @@ func (s *UserAttributeUpdateSettingsType) SetAttributesRequireVerificationBefore // used for evaluating the risk of an unexpected event by Amazon Cognito advanced // security. type UserContextDataType struct { - _ struct{} `type:"structure"` + _ struct{} `type:"structure" sensitive:"true"` // Encoded device-fingerprint details that your app collected with the Amazon // Cognito context data collection library. For more information, see Adding @@ -35018,13 +35103,21 @@ type VerifySoftwareTokenInput struct { // The session that should be passed both ways in challenge-response calls to // the service. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by VerifySoftwareTokenInput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` // The one- time password computed using the secret code returned by AssociateSoftwareToken // (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html). // + // UserCode is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by VerifySoftwareTokenInput's + // String and GoString methods. + // // UserCode is a required field - UserCode *string `min:"6" type:"string" required:"true"` + UserCode *string `min:"6" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -35093,7 +35186,11 @@ type VerifySoftwareTokenOutput struct { // The session that should be passed both ways in challenge-response calls to // the service. - Session *string `min:"20" type:"string"` + // + // Session is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by VerifySoftwareTokenOutput's + // String and GoString methods. + Session *string `min:"20" type:"string" sensitive:"true"` // The status of the verify software token. Status *string `type:"string" enum:"VerifySoftwareTokenResponseType"` diff --git a/service/cognitoidentityprovider/examples_test.go b/service/cognitoidentityprovider/examples_test.go new file mode 100644 index 00000000000..de0500443bf --- /dev/null +++ b/service/cognitoidentityprovider/examples_test.go @@ -0,0 +1,520 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package cognitoidentityprovider_test + +import ( + "fmt" + "strings" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/cognitoidentityprovider" +) + +var _ time.Duration +var _ strings.Reader +var _ aws.Config + +func parseTime(layout, value string) *time.Time { + t, err := time.Parse(layout, value) + if err != nil { + panic(err) + } + return &t +} + +// An AdminCreateUser request for for a test user named John. +// This request submits a value for all possible parameters for AdminCreateUser. +func ExampleCognitoIdentityProvider_AdminCreateUser_shared00() { + svc := cognitoidentityprovider.New(session.New()) + input := &cognitoidentityprovider.AdminCreateUserInput{ + DesiredDeliveryMediums: []*string{ + aws.String("SMS"), + }, + MessageAction: aws.String("SUPPRESS"), + TemporaryPassword: aws.String("This-is-my-test-99!"), + UserAttributes: []*cognitoidentityprovider.AttributeType{ + { + Name: aws.String("name"), + Value: aws.String("John"), + }, + { + Name: aws.String("phone_number"), + Value: aws.String("+12065551212"), + }, + { + Name: aws.String("email"), + Value: aws.String("testuser@example.com"), + }, + }, + UserPoolId: aws.String("us-east-1_EXAMPLE"), + Username: aws.String("testuser"), + } + + result, err := svc.AdminCreateUser(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case cognitoidentityprovider.ErrCodeResourceNotFoundException: + fmt.Println(cognitoidentityprovider.ErrCodeResourceNotFoundException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidParameterException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUserNotFoundException: + fmt.Println(cognitoidentityprovider.ErrCodeUserNotFoundException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUsernameExistsException: + fmt.Println(cognitoidentityprovider.ErrCodeUsernameExistsException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidPasswordException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidPasswordException, aerr.Error()) + case cognitoidentityprovider.ErrCodeCodeDeliveryFailureException: + fmt.Println(cognitoidentityprovider.ErrCodeCodeDeliveryFailureException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUnexpectedLambdaException: + fmt.Println(cognitoidentityprovider.ErrCodeUnexpectedLambdaException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUserLambdaValidationException: + fmt.Println(cognitoidentityprovider.ErrCodeUserLambdaValidationException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidLambdaResponseException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidLambdaResponseException, aerr.Error()) + case cognitoidentityprovider.ErrCodePreconditionNotMetException: + fmt.Println(cognitoidentityprovider.ErrCodePreconditionNotMetException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, aerr.Error()) + case cognitoidentityprovider.ErrCodeTooManyRequestsException: + fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error()) + case cognitoidentityprovider.ErrCodeNotAuthorizedException: + fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUnsupportedUserStateException: + fmt.Println(cognitoidentityprovider.ErrCodeUnsupportedUserStateException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInternalErrorException: + fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// Example user pool with email and username sign-in +// The following example creates a user pool with all configurable properties set to +// an example value. The resulting user pool allows sign-in with username or email address, +// has optional MFA, and has a Lambda function assigned to each possible trigger. +func ExampleCognitoIdentityProvider_CreateUserPool_shared00() { + svc := cognitoidentityprovider.New(session.New()) + input := &cognitoidentityprovider.CreateUserPoolInput{ + AccountRecoverySetting: &cognitoidentityprovider.AccountRecoverySettingType{ + RecoveryMechanisms: []*cognitoidentityprovider.RecoveryOptionType{ + { + Name: aws.String("verified_email"), + Priority: aws.Int64(1), + }, + }, + }, + AdminCreateUserConfig: &cognitoidentityprovider.AdminCreateUserConfigType{ + AllowAdminCreateUserOnly: aws.Bool(false), + InviteMessageTemplate: &cognitoidentityprovider.MessageTemplateType{ + EmailMessage: aws.String("Your username is {username} and temporary password is {####}."), + EmailSubject: aws.String("Your sign-in information"), + SMSMessage: aws.String("Your username is {username} and temporary password is {####}."), + }, + }, + AliasAttributes: []*string{ + aws.String("email"), + }, + AutoVerifiedAttributes: []*string{ + aws.String("email"), + }, + DeletionProtection: aws.String("ACTIVE"), + DeviceConfiguration: &cognitoidentityprovider.DeviceConfigurationType{ + ChallengeRequiredOnNewDevice: aws.Bool(true), + DeviceOnlyRememberedOnUserPrompt: aws.Bool(true), + }, + EmailConfiguration: &cognitoidentityprovider.EmailConfigurationType{ + ConfigurationSet: aws.String("my-test-ses-configuration-set"), + EmailSendingAccount: aws.String("DEVELOPER"), + From: aws.String("support@example.com"), + ReplyToEmailAddress: aws.String("support@example.com"), + SourceArn: aws.String("arn:aws:ses:us-east-1:123456789012:identity/support@example.com"), + }, + EmailVerificationMessage: aws.String("Your verification code is {####}."), + EmailVerificationSubject: aws.String("Verify your email address"), + LambdaConfig: &cognitoidentityprovider.LambdaConfigType{ + CustomEmailSender: &cognitoidentityprovider.CustomEmailLambdaVersionConfigType{ + LambdaArn: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + LambdaVersion: aws.String("V1_0"), + }, + CustomMessage: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + CustomSMSSender: &cognitoidentityprovider.CustomSMSLambdaVersionConfigType{ + LambdaArn: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + LambdaVersion: aws.String("V1_0"), + }, + DefineAuthChallenge: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + KMSKeyID: aws.String("arn:aws:kms:us-east-1:123456789012:key/a6c4f8e2-0c45-47db-925f-87854bc9e357"), + PostAuthentication: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + PostConfirmation: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + PreAuthentication: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + PreSignUp: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + PreTokenGeneration: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + UserMigration: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + VerifyAuthChallengeResponse: aws.String("arn:aws:lambda:us-east-1:123456789012:function:MyFunction"), + }, + MfaConfiguration: aws.String("OPTIONAL"), + Policies: &cognitoidentityprovider.UserPoolPolicyType{ + PasswordPolicy: &cognitoidentityprovider.PasswordPolicyType{ + MinimumLength: aws.Int64(6), + RequireLowercase: aws.Bool(true), + RequireNumbers: aws.Bool(true), + RequireSymbols: aws.Bool(true), + RequireUppercase: aws.Bool(true), + TemporaryPasswordValidityDays: aws.Int64(7), + }, + }, + PoolName: aws.String("my-test-user-pool"), + Schema: []*cognitoidentityprovider.SchemaAttributeType{ + { + AttributeDataType: aws.String("Number"), + DeveloperOnlyAttribute: aws.Bool(true), + Mutable: aws.Bool(true), + Name: aws.String("mydev"), + NumberAttributeConstraints: &cognitoidentityprovider.NumberAttributeConstraintsType{ + MaxValue: aws.String("99"), + MinValue: aws.String("1"), + }, + Required: aws.Bool(false), + StringAttributeConstraints: &cognitoidentityprovider.StringAttributeConstraintsType{ + MaxLength: aws.String("99"), + MinLength: aws.String("1"), + }, + }, + }, + SmsAuthenticationMessage: aws.String("Your verification code is {####}."), + SmsConfiguration: &cognitoidentityprovider.SmsConfigurationType{ + ExternalId: aws.String("my-role-external-id"), + SnsCallerArn: aws.String("arn:aws:iam::123456789012:role/service-role/test-cognito-SMS-Role"), + }, + SmsVerificationMessage: aws.String("Your verification code is {####}."), + UserAttributeUpdateSettings: &cognitoidentityprovider.UserAttributeUpdateSettingsType{ + AttributesRequireVerificationBeforeUpdate: []*string{ + aws.String("email"), + }, + }, + UserPoolAddOns: &cognitoidentityprovider.UserPoolAddOnsType{ + AdvancedSecurityMode: aws.String("OFF"), + }, + UserPoolTags: map[string]*string{ + "my-test-tag-key": aws.String("my-test-tag-key"), + }, + UsernameConfiguration: &cognitoidentityprovider.UsernameConfigurationType{ + CaseSensitive: aws.Bool(true), + }, + VerificationMessageTemplate: &cognitoidentityprovider.VerificationMessageTemplateType{ + DefaultEmailOption: aws.String("CONFIRM_WITH_CODE"), + EmailMessage: aws.String("Your confirmation code is {####}"), + EmailMessageByLink: aws.String("Choose this link to {##verify your email##}"), + EmailSubject: aws.String("Here is your confirmation code"), + EmailSubjectByLink: aws.String("Here is your confirmation link"), + SmsMessage: aws.String("Your confirmation code is {####}"), + }, + } + + result, err := svc.CreateUserPool(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case cognitoidentityprovider.ErrCodeInvalidParameterException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error()) + case cognitoidentityprovider.ErrCodeTooManyRequestsException: + fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error()) + case cognitoidentityprovider.ErrCodeLimitExceededException: + fmt.Println(cognitoidentityprovider.ErrCodeLimitExceededException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidEmailRoleAccessPolicyException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidEmailRoleAccessPolicyException, aerr.Error()) + case cognitoidentityprovider.ErrCodeNotAuthorizedException: + fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUserPoolTaggingException: + fmt.Println(cognitoidentityprovider.ErrCodeUserPoolTaggingException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInternalErrorException: + fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// Example user pool app client with email and username sign-in +// The following example creates an app client with all configurable properties set +// to an example value. The resulting user pool client connects to an analytics client, +// allows sign-in with username and password, and has two external identity providers +// associated with it. +func ExampleCognitoIdentityProvider_CreateUserPoolClient_shared00() { + svc := cognitoidentityprovider.New(session.New()) + input := &cognitoidentityprovider.CreateUserPoolClientInput{ + AccessTokenValidity: aws.Int64(6), + AllowedOAuthFlows: []*string{ + aws.String("code"), + }, + AllowedOAuthFlowsUserPoolClient: aws.Bool(true), + AllowedOAuthScopes: []*string{ + aws.String("aws.cognito.signin.user.admin"), + aws.String("openid"), + }, + AnalyticsConfiguration: &cognitoidentityprovider.AnalyticsConfigurationType{ + ApplicationId: aws.String("d70b2ba36a8c4dc5a04a0451a31a1e12"), + ExternalId: aws.String("my-external-id"), + RoleArn: aws.String("arn:aws:iam::123456789012:role/test-cognitouserpool-role"), + UserDataShared: aws.Bool(true), + }, + CallbackURLs: []*string{ + aws.String("https://example.com"), + aws.String("http://localhost"), + aws.String("myapp://example"), + }, + ClientName: aws.String("my-test-app-client"), + DefaultRedirectURI: aws.String("https://example.com"), + ExplicitAuthFlows: []*string{ + aws.String("ALLOW_ADMIN_USER_PASSWORD_AUTH"), + aws.String("ALLOW_USER_PASSWORD_AUTH"), + aws.String("ALLOW_REFRESH_TOKEN_AUTH"), + }, + GenerateSecret: aws.Bool(true), + IdTokenValidity: aws.Int64(6), + LogoutURLs: []*string{ + aws.String("https://example.com/logout"), + }, + PreventUserExistenceErrors: aws.String("ENABLED"), + ReadAttributes: []*string{ + aws.String("email"), + aws.String("address"), + aws.String("preferred_username"), + }, + RefreshTokenValidity: aws.Int64(6), + SupportedIdentityProviders: []*string{ + aws.String("SignInWithApple"), + aws.String("MySSO"), + }, + TokenValidityUnits: &cognitoidentityprovider.TokenValidityUnitsType{ + AccessToken: aws.String("hours"), + IdToken: aws.String("minutes"), + RefreshToken: aws.String("days"), + }, + UserPoolId: aws.String("us-east-1_EXAMPLE"), + WriteAttributes: []*string{ + aws.String("family_name"), + aws.String("email"), + }, + } + + result, err := svc.CreateUserPoolClient(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case cognitoidentityprovider.ErrCodeInvalidParameterException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error()) + case cognitoidentityprovider.ErrCodeResourceNotFoundException: + fmt.Println(cognitoidentityprovider.ErrCodeResourceNotFoundException, aerr.Error()) + case cognitoidentityprovider.ErrCodeTooManyRequestsException: + fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error()) + case cognitoidentityprovider.ErrCodeLimitExceededException: + fmt.Println(cognitoidentityprovider.ErrCodeLimitExceededException, aerr.Error()) + case cognitoidentityprovider.ErrCodeNotAuthorizedException: + fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error()) + case cognitoidentityprovider.ErrCodeScopeDoesNotExistException: + fmt.Println(cognitoidentityprovider.ErrCodeScopeDoesNotExistException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidOAuthFlowException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidOAuthFlowException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInternalErrorException: + fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// Example username and password sign-in for a user who has TOTP MFA +// The following example signs in the user mytestuser with analytics data, client metadata, +// and user context data for advanced security. +func ExampleCognitoIdentityProvider_InitiateAuth_shared00() { + svc := cognitoidentityprovider.New(session.New()) + input := &cognitoidentityprovider.InitiateAuthInput{ + AnalyticsMetadata: &cognitoidentityprovider.AnalyticsMetadataType{ + AnalyticsEndpointId: aws.String("d70b2ba36a8c4dc5a04a0451a31a1e12"), + }, + AuthFlow: aws.String("USER_PASSWORD_AUTH"), + AuthParameters: map[string]*string{ + "PASSWORD": aws.String("This-is-my-test-99!"), + "SECRET_HASH": aws.String("oT5ZkS8ctnrhYeeGsGTvOzPhoc/Jd1cO5fueBWFVmp8="), + "USERNAME": aws.String("mytestuser"), + }, + ClientId: aws.String("1example23456789"), + ClientMetadata: map[string]*string{ + "MyTestKey": aws.String("MyTestValue"), + }, + UserContextData: &cognitoidentityprovider.UserContextDataType{ + EncodedData: aws.String("AmazonCognitoAdvancedSecurityData_object"), + IpAddress: aws.String("192.0.2.1"), + }, + } + + result, err := svc.InitiateAuth(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case cognitoidentityprovider.ErrCodeResourceNotFoundException: + fmt.Println(cognitoidentityprovider.ErrCodeResourceNotFoundException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidParameterException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error()) + case cognitoidentityprovider.ErrCodeNotAuthorizedException: + fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error()) + case cognitoidentityprovider.ErrCodeTooManyRequestsException: + fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUnexpectedLambdaException: + fmt.Println(cognitoidentityprovider.ErrCodeUnexpectedLambdaException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidUserPoolConfigurationException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidUserPoolConfigurationException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUserLambdaValidationException: + fmt.Println(cognitoidentityprovider.ErrCodeUserLambdaValidationException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidLambdaResponseException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidLambdaResponseException, aerr.Error()) + case cognitoidentityprovider.ErrCodePasswordResetRequiredException: + fmt.Println(cognitoidentityprovider.ErrCodePasswordResetRequiredException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUserNotFoundException: + fmt.Println(cognitoidentityprovider.ErrCodeUserNotFoundException, aerr.Error()) + case cognitoidentityprovider.ErrCodeUserNotConfirmedException: + fmt.Println(cognitoidentityprovider.ErrCodeUserNotConfirmedException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInternalErrorException: + fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleAccessPolicyException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidSmsRoleTrustRelationshipException, aerr.Error()) + case cognitoidentityprovider.ErrCodeForbiddenException: + fmt.Println(cognitoidentityprovider.ErrCodeForbiddenException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// A ListUsers request for the next 3 users whose email address starts with "testuser." +// This request submits a value for all possible parameters for ListUsers. By iterating +// the PaginationToken, you can page through and collect all users in a user pool. +func ExampleCognitoIdentityProvider_ListUsers_shared00() { + svc := cognitoidentityprovider.New(session.New()) + input := &cognitoidentityprovider.ListUsersInput{ + AttributesToGet: []*string{ + aws.String("email"), + aws.String("sub"), + }, + Filter: aws.String("\"email\"^=\"testuser\""), + Limit: aws.Int64(3), + PaginationToken: aws.String("abcd1234EXAMPLE"), + UserPoolId: aws.String("us-east-1_EXAMPLE"), + } + + result, err := svc.ListUsers(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case cognitoidentityprovider.ErrCodeInvalidParameterException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error()) + case cognitoidentityprovider.ErrCodeResourceNotFoundException: + fmt.Println(cognitoidentityprovider.ErrCodeResourceNotFoundException, aerr.Error()) + case cognitoidentityprovider.ErrCodeTooManyRequestsException: + fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error()) + case cognitoidentityprovider.ErrCodeNotAuthorizedException: + fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInternalErrorException: + fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// A ListUsers request for the next 3 users whose email address starts with "testuser." +// This request submits a value for all possible parameters for ListUsers. By iterating +// the PaginationToken, you can page through and collect all users in a user pool. +func ExampleCognitoIdentityProvider_ListUsers_shared01() { + svc := cognitoidentityprovider.New(session.New()) + input := &cognitoidentityprovider.ListUsersInput{ + AttributesToGet: []*string{ + aws.String("email"), + aws.String("sub"), + }, + Filter: aws.String("\"email\"^=\"testuser\""), + Limit: aws.Int64(3), + PaginationToken: aws.String("abcd1234EXAMPLE"), + UserPoolId: aws.String("us-east-1_EXAMPLE"), + } + + result, err := svc.ListUsers(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case cognitoidentityprovider.ErrCodeInvalidParameterException: + fmt.Println(cognitoidentityprovider.ErrCodeInvalidParameterException, aerr.Error()) + case cognitoidentityprovider.ErrCodeResourceNotFoundException: + fmt.Println(cognitoidentityprovider.ErrCodeResourceNotFoundException, aerr.Error()) + case cognitoidentityprovider.ErrCodeTooManyRequestsException: + fmt.Println(cognitoidentityprovider.ErrCodeTooManyRequestsException, aerr.Error()) + case cognitoidentityprovider.ErrCodeNotAuthorizedException: + fmt.Println(cognitoidentityprovider.ErrCodeNotAuthorizedException, aerr.Error()) + case cognitoidentityprovider.ErrCodeInternalErrorException: + fmt.Println(cognitoidentityprovider.ErrCodeInternalErrorException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} diff --git a/service/fsx/api.go b/service/fsx/api.go index 0ac859d9157..935f3187942 100644 --- a/service/fsx/api.go +++ b/service/fsx/api.go @@ -555,7 +555,7 @@ func (c *FSx) CreateDataRepositoryAssociationRequest(input *CreateDataRepository // repository association is a link between a directory on the file system and // an Amazon S3 bucket or prefix. You can have a maximum of 8 data repository // associations on a file system. Data repository associations are supported -// on all FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment +// on all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment // type. // // Each data repository association must have a unique Amazon FSx file system @@ -672,7 +672,7 @@ func (c *FSx) CreateDataRepositoryTaskRequest(input *CreateDataRepositoryTaskInp // from your FSx file system to a linked data repository. // // You use release data repository tasks to release data from your file system -// for files that are archived to S3. The metadata of released files remains +// for files that are exported to S3. The metadata of released files remains // on the file system so users or applications can still access released files // by reading the files again, which will restore data from Amazon S3 to the // FSx for Lustre file system. @@ -1718,7 +1718,7 @@ func (c *FSx) DeleteDataRepositoryAssociationRequest(input *DeleteDataRepository // Amazon S3 bucket. When deleting a data repository association, you have the // option of deleting the data in the file system that corresponds to the data // repository association. Data repository associations are supported on all -// FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment +// FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment // type. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1930,6 +1930,21 @@ func (c *FSx) DeleteFileSystemRequest(input *DeleteFileSystemInput) (req *reques // a final backup is created upon deletion. This final backup isn't subject // to the file system's retention policy, and must be manually deleted. // +// To delete an Amazon FSx for Lustre file system, first unmount (https://docs.aws.amazon.com/fsx/latest/LustreGuide/unmounting-fs.html) +// it from every connected Amazon EC2 instance, then provide a FileSystemId +// value to the DeleFileSystem operation. By default, Amazon FSx will not take +// a final backup when the DeleteFileSystem operation is invoked. On file systems +// not linked to an Amazon S3 bucket, set SkipFinalBackup to false to take a +// final backup of the file system you are deleting. Backups cannot be enabled +// on S3-linked file systems. To ensure all of your data is written back to +// S3 before deleting your file system, you can either monitor for the AgeOfOldestQueuedMessage +// (https://docs.aws.amazon.com/fsx/latest/LustreGuide/monitoring-cloudwatch.html#auto-import-export-metrics) +// metric to be zero (if using automatic export) or you can run an export data +// repository task (https://docs.aws.amazon.com/fsx/latest/LustreGuide/export-data-repo-task-dra.html). +// If you have automatic export enabled and want to use an export data repository +// task, you have to disable automatic export before executing the export data +// repository task. +// // The DeleteFileSystem operation returns while the file system has the DELETING // status. You can check the file system deletion status by calling the DescribeFileSystems // (https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeFileSystems.html) @@ -2493,7 +2508,7 @@ func (c *FSx) DescribeDataRepositoryAssociationsRequest(input *DescribeDataRepos // Cache data repository associations, if one or more AssociationIds values // are provided in the request, or if filters are used in the request. Data // repository associations are supported on Amazon File Cache resources and -// all FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment +// all FSx for Lustre 2.12 and 2,15 file systems, excluding scratch_1 deployment // type. // // You can use filters to narrow the response to include just data repository @@ -4367,7 +4382,7 @@ func (c *FSx) UpdateDataRepositoryAssociationRequest(input *UpdateDataRepository // // Updates the configuration of an existing data repository association on an // Amazon FSx for Lustre file system. Data repository associations are supported -// on all FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment +// on all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment // type. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4627,6 +4642,8 @@ func (c *FSx) UpdateFileSystemRequest(input *UpdateFileSystemInput) (req *reques // // For FSx for OpenZFS file systems, you can update the following properties: // +// - AddRouteTableIds +// // - AutomaticBackupRetentionDays // // - CopyTagsToBackups @@ -4637,6 +4654,8 @@ func (c *FSx) UpdateFileSystemRequest(input *UpdateFileSystemInput) (req *reques // // - DiskIopsConfiguration // +// - RemoveRouteTableIds +// // - StorageCapacity // // - ThroughputCapacity @@ -6984,7 +7003,7 @@ type CreateDataRepositoryTaskInput struct { // A list of paths for the data repository task to use when the task is processed. // If a path that you provide isn't valid, the task fails. If you don't provide // paths, the default behavior is to export all files to S3 (for export tasks), - // import all files from S3 (for import tasks), or release all archived files + // import all files from S3 (for import tasks), or release all exported files // that meet the last accessed time criteria (for release tasks). // // * For export tasks, the list contains paths on the FSx for Lustre file @@ -7000,9 +7019,9 @@ type CreateDataRepositoryTaskInput struct { // (where myPrefix is optional). // // * For release tasks, the list contains directory or file paths on the - // FSx for Lustre file system from which to release archived files. If a + // FSx for Lustre file system from which to release exported files. If a // directory is specified, files within the directory are released. If a - // file path is specified, only that file is released. To release all archived + // file path is specified, only that file is released. To release all exported // files in the file system, specify a forward slash (/) as the path. A file // must also meet the last accessed time criteria specified in for the file // to be released. @@ -7032,8 +7051,8 @@ type CreateDataRepositoryTaskInput struct { // linked S3 bucket to your Amazon FSx for Lustre file system. // // * RELEASE_DATA_FROM_FILESYSTEM tasks release files in your Amazon FSx - // for Lustre file system that are archived and that meet your specified - // release criteria. + // for Lustre file system that have been exported to a linked S3 bucket and + // that meet your specified release criteria. // // * AUTO_RELEASE_DATA tasks automatically release files from an Amazon File // Cache resource. @@ -7556,7 +7575,7 @@ type CreateFileSystemFromBackupInput struct { ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` // Sets the version for the Amazon FSx for Lustre file system that you're creating - // from a backup. Valid values are 2.10 and 2.12. + // from a backup. Valid values are 2.10, 2.12, and 2.15. // // You don't need to specify FileSystemTypeVersion because it will be applied // using the backup's FileSystemTypeVersion setting. If you choose to specify @@ -7849,13 +7868,13 @@ type CreateFileSystemInput struct { FileSystemType *string `type:"string" required:"true" enum:"FileSystemType"` // (Optional) For FSx for Lustre file systems, sets the Lustre version for the - // file system that you're creating. Valid values are 2.10 and 2.12: + // file system that you're creating. Valid values are 2.10, 2.12m and 2.15: // // * 2.10 is supported by the Scratch and Persistent_1 Lustre deployment // types. // - // * 2.12 is supported by all Lustre deployment types. 2.12 is required when - // setting FSx for Lustre DeploymentType to PERSISTENT_2. + // * 2.12 and 2.15 are supported by all Lustre deployment types. 2.12 or + // 2.15 is required when setting FSx for Lustre DeploymentType to PERSISTENT_2. // // Default value = 2.10, except when DeploymentType is set to PERSISTENT_2, // then the default is 2.12. @@ -8535,10 +8554,11 @@ type CreateFileSystemOntapConfiguration struct { // in which you want the preferred file server to be located. PreferredSubnetId *string `min:"15" type:"string"` - // (Multi-AZ only) Specifies the virtual private cloud (VPC) route tables in - // which your file system's endpoints will be created. You should specify all - // VPC route tables associated with the subnets in which your clients are located. - // By default, Amazon FSx selects your VPC's default route table. + // (Multi-AZ only) Specifies the route tables in which Amazon FSx creates the + // rules for routing traffic to the correct file server. You should specify + // all virtual private cloud (VPC) route tables associated with the subnets + // in which your clients are located. By default, Amazon FSx selects your VPC's + // default route table. RouteTableIds []*string `type:"list"` // Sets the throughput capacity for the file system that you're creating. Valid @@ -8710,19 +8730,21 @@ type CreateFileSystemOpenZFSConfiguration struct { // // * MULTI_AZ_1- Creates file systems with high availability that are configured // for Multi-AZ redundancy to tolerate temporary unavailability in Availability - // Zones (AZs). Multi_AZ_1 is available in the following Amazon Web Services - // Regions: + // Zones (AZs). Multi_AZ_1 is available only in the US East (N. Virginia), + // US East (Ohio), US West (Oregon), Asia Pacific (Singapore), Asia Pacific + // (Tokyo), and Europe (Ireland) Amazon Web Services Regions. // - // * SINGLE_AZ_1- (Default) Creates file systems with throughput capacities - // of 64 - 4,096 MB/s. Single_AZ_1 is available in all Amazon Web Services - // Regions where Amazon FSx for OpenZFS is available. + // * SINGLE_AZ_1- Creates file systems with throughput capacities of 64 - + // 4,096 MB/s. Single_AZ_1 is available in all Amazon Web Services Regions + // where Amazon FSx for OpenZFS is available. // // * SINGLE_AZ_2- Creates file systems with throughput capacities of 160 // - 10,240 MB/s using an NVMe L2ARC cache. Single_AZ_2 is available only - // in the US East (N. Virginia), US East (Ohio), US West (Oregon), and Europe - // (Ireland) Amazon Web Services Regions. + // in the US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific + // (Singapore), Asia Pacific (Tokyo), and Europe (Ireland) Amazon Web Services + // Regions. // - // For more information, see: Deployment type availability (https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) + // For more information, see Deployment type availability (https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) // and File system performance (https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) // in the Amazon FSx for OpenZFS User Guide. // @@ -8752,22 +8774,23 @@ type CreateFileSystemOpenZFSConfiguration struct { // FSx for OpenZFS file system. All volumes are children of the root volume. RootVolumeConfiguration *OpenZFSCreateRootVolumeConfiguration `type:"structure"` - // (Multi-AZ only) Specifies the virtual private cloud (VPC) route tables in - // which your file system's endpoints will be created. You should specify all - // VPC route tables associated with the subnets in which your clients are located. - // By default, Amazon FSx selects your VPC's default route table. + // (Multi-AZ only) Specifies the route tables in which Amazon FSx creates the + // rules for routing traffic to the correct file server. You should specify + // all virtual private cloud (VPC) route tables associated with the subnets + // in which your clients are located. By default, Amazon FSx selects your VPC's + // default route table. RouteTableIds []*string `type:"list"` // Specifies the throughput of an Amazon FSx for OpenZFS file system, measured // in megabytes per second (MBps). Valid values depend on the DeploymentType // you choose, as follows: // + // * For MULTI_AZ_1 and SINGLE_AZ_2, valid values are 160, 320, 640, 1280, + // 2560, 3840, 5120, 7680, or 10240 MBps. + // // * For SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, // or 4096 MBps. // - // * For SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, - // 7680, or 10240 MBps. - // // You pay for additional throughput capacity that you provision. // // ThroughputCapacity is a required field @@ -10547,7 +10570,7 @@ func (s *CreateVolumeOutput) SetVolume(v *Volume) *CreateVolumeOutput { // - DescribeDataRepositoryAssociations // // Data repository associations are supported on Amazon File Cache resources -// and all FSx for Lustre 2.12 and newer file systems, excluding scratch_1 deployment +// and all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment // type. type DataRepositoryAssociation struct { _ struct{} `type:"structure"` @@ -11044,8 +11067,8 @@ func (s *DataRepositoryFailureDetails) SetMessage(v string) *DataRepositoryFailu // operations between an Amazon FSx for Lustre file system and a linked data // repository. // -// - You use release data repository tasks to release archived files from -// your Amazon FSx for Lustre file system. +// - You use release data repository tasks to release have been exported +// to a linked S3 bucketed files from your Amazon FSx for Lustre file system. // // - An Amazon File Cache resource uses a task to automatically release files // from the cache. @@ -11154,8 +11177,8 @@ type DataRepositoryTask struct { // linked S3 bucket to your Amazon FSx for Lustre file system. // // * RELEASE_DATA_FROM_FILESYSTEM tasks release files in your Amazon FSx - // for Lustre file system that are archived and that meet your specified - // release criteria. + // for Lustre file system that have been exported to a linked S3 bucket and + // that meet your specified release criteria. // // * AUTO_RELEASE_DATA tasks automatically release files from an Amazon File // Cache resource. @@ -14248,9 +14271,9 @@ func (s *DiskIopsConfiguration) SetMode(v string) *DiskIopsConfiguration { } // Defines the minimum amount of time since last access for a file to be eligible -// for release. Only archived files that were last accessed or modified before -// this point-in-time are eligible to be released from the Amazon FSx for Lustre -// file system. +// for release. Only files that have been exported to S3 and that were last +// accessed or modified before this point-in-time are eligible to be released +// from the Amazon FSx for Lustre file system. type DurationSinceLastAccess struct { _ struct{} `type:"structure"` @@ -14260,12 +14283,12 @@ type DurationSinceLastAccess struct { Unit *string `type:"string" enum:"Unit"` // An integer that represents the minimum amount of time (in days) since a file - // was last accessed in the file system. Only archived files with a MAX(atime, + // was last accessed in the file system. Only exported files with a MAX(atime, // ctime, mtime) timestamp that is more than this amount of time in the past // (relative to the task create time) will be released. The default of Value // is 0. This is a required parameter. // - // If an archived file meets the last accessed time criteria, its file or directory + // If an exported file meets the last accessed time criteria, its file or directory // path must also be specified in the Paths parameter of the operation in order // for the file to be released. Value *int64 `type:"long"` @@ -15163,8 +15186,8 @@ type FileSystem struct { // or OPENZFS. FileSystemType *string `type:"string" enum:"FileSystemType"` - // The Lustre version of the Amazon FSx for Lustre file system, either 2.10 - // or 2.12. + // The Lustre version of the Amazon FSx for Lustre file system, which is 2.10, + // 2.12, or 2.15. FileSystemTypeVersion *string `min:"1" type:"string"` // The ID of the Key Management Service (KMS) key used to encrypt Amazon FSx @@ -16573,11 +16596,10 @@ type LustreFileSystemConfiguration struct { // than SCRATCH_1. // // The PERSISTENT_1 and PERSISTENT_2 deployment type is used for longer-term - // storage and workloads and encryption of data in transit. PERSISTENT_2 is - // built on Lustre v2.12 and offers higher PerUnitStorageThroughput (up to 1000 - // MB/s/TiB) along with a lower minimum storage capacity requirement (600 GiB). - // To learn more about FSx for Lustre deployment types, see FSx for Lustre deployment - // options (https://docs.aws.amazon.com/fsx/latest/LustreGuide/lustre-deployment-types.html). + // storage and workloads and encryption of data in transit. PERSISTENT_2 offers + // higher PerUnitStorageThroughput (up to 1000 MB/s/TiB) along with a lower + // minimum storage capacity requirement (600 GiB). To learn more about FSx for + // Lustre deployment types, see FSx for Lustre deployment options (https://docs.aws.amazon.com/fsx/latest/LustreGuide/lustre-deployment-types.html). // // The default is SCRATCH_1. DeploymentType *string `type:"string" enum:"LustreDeploymentType"` @@ -18386,18 +18408,18 @@ func (s *OpenZFSVolumeConfiguration) SetVolumePath(v string) *OpenZFSVolumeConfi } // The configuration that specifies a minimum amount of time since last access -// for an archived file to be eligible for release from an Amazon FSx for Lustre +// for an exported file to be eligible for release from an Amazon FSx for Lustre // file system. Only files that were last accessed before this point-in-time // can be released. For example, if you specify a last accessed time criteria // of 9 days, only files that were last accessed 9.00001 or more days ago can // be released. // -// Only file data that has been archived can be released. Files that have not -// yet been archived, such as new or changed files that have not been exported, -// are not eligible for release. When files are released, their metadata stays -// on the file system, so they can still be accessed later. Users and applications -// can access a released file by reading the file again, which restores data -// from Amazon S3 to the FSx for Lustre file system. +// Only file data that has been exported to S3 can be released. Files that have +// not yet been exported to S3, such as new or changed files that have not been +// exported, are not eligible for release. When files are released, their metadata +// stays on the file system, so they can still be accessed later. Users and +// applications can access a released file by reading the file again, which +// restores data from Amazon S3 to the FSx for Lustre file system. // // If a file meets the last accessed time criteria, its file or directory path // must also be specified with the Paths parameter of the operation in order @@ -18405,7 +18427,7 @@ func (s *OpenZFSVolumeConfiguration) SetVolumePath(v string) *OpenZFSVolumeConfi type ReleaseConfiguration struct { _ struct{} `type:"structure"` - // Defines the point-in-time since an archived file was last accessed, in order + // Defines the point-in-time since an exported file was last accessed, in order // for that file to be eligible for release. Only files that were last accessed // before this point-in-time are eligible to be released from the file system. DurationSinceLastAccess *DurationSinceLastAccess `type:"structure"` @@ -21530,11 +21552,11 @@ type UpdateFileSystemOpenZFSConfiguration struct { // per second (MB/s). Valid values depend on the DeploymentType you choose, // as follows: // + // * For MULTI_AZ_1 and SINGLE_AZ_2, valid values are 160, 320, 640, 1280, + // 2560, 3840, 5120, 7680, or 10240 MBps. + // // * For SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, // or 4096 MB/s. - // - // * For SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, - // 7680, or 10240 MB/s. ThroughputCapacity *int64 `min:"8" type:"integer"` // A recurring weekly time, in the format D:HH:MM. diff --git a/service/omics/api.go b/service/omics/api.go index 6e024d2394e..e3fa2ed5334 100644 --- a/service/omics/api.go +++ b/service/omics/api.go @@ -8330,7 +8330,13 @@ func (c *Omics) StartRunRequest(input *StartRunInput) (req *request.Request, out // StartRun API operation for Amazon Omics. // -// Starts a run. +// Starts a workflow run. To duplicate a run, specify the run's ID and a role +// ARN. The remaining parameters are copied from the previous run. +// +// The total number of runs in your account is subject to a quota per Region. +// To avoid needing to delete runs manually, you can set the retention mode +// to REMOVE. Runs with this setting are deleted automatically when the run +// quoata is exceeded. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16209,6 +16215,9 @@ type GetRunOutput struct { // The run's resource digests. ResourceDigests map[string]*string `locationName:"resourceDigests" type:"map"` + // The run's retention mode. + RetentionMode *string `locationName:"retentionMode" min:"1" type:"string" enum:"RunRetentionMode"` + // The run's service role ARN. RoleArn *string `locationName:"roleArn" min:"1" type:"string"` @@ -16330,6 +16339,12 @@ func (s *GetRunOutput) SetResourceDigests(v map[string]*string) *GetRunOutput { return s } +// SetRetentionMode sets the RetentionMode field's value. +func (s *GetRunOutput) SetRetentionMode(v string) *GetRunOutput { + s.RetentionMode = &v + return s +} + // SetRoleArn sets the RoleArn field's value. func (s *GetRunOutput) SetRoleArn(v string) *GetRunOutput { s.RoleArn = &v @@ -24109,6 +24124,9 @@ type StartRunInput struct { // each request. RequestId *string `locationName:"requestId" min:"1" type:"string" idempotencyToken:"true"` + // The retention mode for the run. + RetentionMode *string `locationName:"retentionMode" min:"1" type:"string" enum:"RunRetentionMode"` + // A service role for the run. // // RoleArn is a required field @@ -24117,7 +24135,7 @@ type StartRunInput struct { // The run's group ID. RunGroupId *string `locationName:"runGroupId" min:"1" type:"string"` - // The run's ID. + // The ID of a run to duplicate. RunId *string `locationName:"runId" min:"1" type:"string"` // A storage capacity for the run in gigabytes. @@ -24129,7 +24147,7 @@ type StartRunInput struct { // The run's workflow ID. WorkflowId *string `locationName:"workflowId" min:"1" type:"string"` - // The run's workflows type. + // The run's workflow type. WorkflowType *string `locationName:"workflowType" min:"1" type:"string" enum:"WorkflowType"` } @@ -24166,6 +24184,9 @@ func (s *StartRunInput) Validate() error { if s.RequestId != nil && len(*s.RequestId) < 1 { invalidParams.Add(request.NewErrParamMinLen("RequestId", 1)) } + if s.RetentionMode != nil && len(*s.RetentionMode) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RetentionMode", 1)) + } if s.RoleArn == nil { invalidParams.Add(request.NewErrParamRequired("RoleArn")) } @@ -24221,6 +24242,12 @@ func (s *StartRunInput) SetRequestId(v string) *StartRunInput { return s } +// SetRetentionMode sets the RetentionMode field's value. +func (s *StartRunInput) SetRetentionMode(v string) *StartRunInput { + s.RetentionMode = &v + return s +} + // SetRoleArn sets the RoleArn field's value. func (s *StartRunInput) SetRoleArn(v string) *StartRunInput { s.RoleArn = &v @@ -27180,6 +27207,22 @@ func RunLogLevel_Values() []string { } } +const ( + // RunRetentionModeRetain is a RunRetentionMode enum value + RunRetentionModeRetain = "RETAIN" + + // RunRetentionModeRemove is a RunRetentionMode enum value + RunRetentionModeRemove = "REMOVE" +) + +// RunRetentionMode_Values returns all elements of the RunRetentionMode enum +func RunRetentionMode_Values() []string { + return []string{ + RunRetentionModeRetain, + RunRetentionModeRemove, + } +} + const ( // RunStatusPending is a RunStatus enum value RunStatusPending = "PENDING" diff --git a/service/sesv2/api.go b/service/sesv2/api.go index bc00ff2aca2..5d1eeba256a 100644 --- a/service/sesv2/api.go +++ b/service/sesv2/api.go @@ -105,6 +105,92 @@ func (c *SESV2) BatchGetMetricDataWithContext(ctx aws.Context, input *BatchGetMe return out, req.Send() } +const opCancelExportJob = "CancelExportJob" + +// CancelExportJobRequest generates a "aws/request.Request" representing the +// client's request for the CancelExportJob operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CancelExportJob for more information on using the CancelExportJob +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CancelExportJobRequest method. +// req, resp := client.CancelExportJobRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/CancelExportJob +func (c *SESV2) CancelExportJobRequest(input *CancelExportJobInput) (req *request.Request, output *CancelExportJobOutput) { + op := &request.Operation{ + Name: opCancelExportJob, + HTTPMethod: "PUT", + HTTPPath: "/v2/email/export-jobs/{JobId}/cancel", + } + + if input == nil { + input = &CancelExportJobInput{} + } + + output = &CancelExportJobOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// CancelExportJob API operation for Amazon Simple Email Service. +// +// Cancels an export job. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Email Service's +// API operation CancelExportJob for usage and error information. +// +// Returned Error Types: +// +// - NotFoundException +// The resource you attempted to access doesn't exist. +// +// - BadRequestException +// The input you provided is invalid. +// +// - TooManyRequestsException +// Too many requests have been made to the operation. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/CancelExportJob +func (c *SESV2) CancelExportJob(input *CancelExportJobInput) (*CancelExportJobOutput, error) { + req, out := c.CancelExportJobRequest(input) + return out, req.Send() +} + +// CancelExportJobWithContext is the same as CancelExportJob with the addition of +// the ability to pass a context and additional request options. +// +// See CancelExportJob for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SESV2) CancelExportJobWithContext(ctx aws.Context, input *CancelExportJobInput, opts ...request.Option) (*CancelExportJobOutput, error) { + req, out := c.CancelExportJobRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateConfigurationSet = "CreateConfigurationSet" // CreateConfigurationSetRequest generates a "aws/request.Request" representing the @@ -1108,6 +1194,96 @@ func (c *SESV2) CreateEmailTemplateWithContext(ctx aws.Context, input *CreateEma return out, req.Send() } +const opCreateExportJob = "CreateExportJob" + +// CreateExportJobRequest generates a "aws/request.Request" representing the +// client's request for the CreateExportJob operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateExportJob for more information on using the CreateExportJob +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateExportJobRequest method. +// req, resp := client.CreateExportJobRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/CreateExportJob +func (c *SESV2) CreateExportJobRequest(input *CreateExportJobInput) (req *request.Request, output *CreateExportJobOutput) { + op := &request.Operation{ + Name: opCreateExportJob, + HTTPMethod: "POST", + HTTPPath: "/v2/email/export-jobs", + } + + if input == nil { + input = &CreateExportJobInput{} + } + + output = &CreateExportJobOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateExportJob API operation for Amazon Simple Email Service. +// +// Creates an export job for a data source and destination. +// +// You can execute this operation no more than once per second. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Email Service's +// API operation CreateExportJob for usage and error information. +// +// Returned Error Types: +// +// - BadRequestException +// The input you provided is invalid. +// +// - TooManyRequestsException +// Too many requests have been made to the operation. +// +// - NotFoundException +// The resource you attempted to access doesn't exist. +// +// - LimitExceededException +// There are too many instances of the specified resource type. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/CreateExportJob +func (c *SESV2) CreateExportJob(input *CreateExportJobInput) (*CreateExportJobOutput, error) { + req, out := c.CreateExportJobRequest(input) + return out, req.Send() +} + +// CreateExportJobWithContext is the same as CreateExportJob with the addition of +// the ability to pass a context and additional request options. +// +// See CreateExportJob for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SESV2) CreateExportJobWithContext(ctx aws.Context, input *CreateExportJobInput, opts ...request.Option) (*CreateExportJobOutput, error) { + req, out := c.CreateExportJobRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateImportJob = "CreateImportJob" // CreateImportJobRequest generates a "aws/request.Request" representing the @@ -3654,57 +3830,57 @@ func (c *SESV2) GetEmailTemplateWithContext(ctx aws.Context, input *GetEmailTemp return out, req.Send() } -const opGetImportJob = "GetImportJob" +const opGetExportJob = "GetExportJob" -// GetImportJobRequest generates a "aws/request.Request" representing the -// client's request for the GetImportJob operation. The "output" return +// GetExportJobRequest generates a "aws/request.Request" representing the +// client's request for the GetExportJob operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetImportJob for more information on using the GetImportJob +// See GetExportJob for more information on using the GetExportJob // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the GetImportJobRequest method. -// req, resp := client.GetImportJobRequest(params) +// // Example sending a request using the GetExportJobRequest method. +// req, resp := client.GetExportJobRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetImportJob -func (c *SESV2) GetImportJobRequest(input *GetImportJobInput) (req *request.Request, output *GetImportJobOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetExportJob +func (c *SESV2) GetExportJobRequest(input *GetExportJobInput) (req *request.Request, output *GetExportJobOutput) { op := &request.Operation{ - Name: opGetImportJob, + Name: opGetExportJob, HTTPMethod: "GET", - HTTPPath: "/v2/email/import-jobs/{JobId}", + HTTPPath: "/v2/email/export-jobs/{JobId}", } if input == nil { - input = &GetImportJobInput{} + input = &GetExportJobInput{} } - output = &GetImportJobOutput{} + output = &GetExportJobOutput{} req = c.newRequest(op, input, output) return } -// GetImportJob API operation for Amazon Simple Email Service. +// GetExportJob API operation for Amazon Simple Email Service. // -// Provides information about an import job. +// Provides information about an export job. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Simple Email Service's -// API operation GetImportJob for usage and error information. +// API operation GetExportJob for usage and error information. // // Returned Error Types: // @@ -3717,216 +3893,390 @@ func (c *SESV2) GetImportJobRequest(input *GetImportJobInput) (req *request.Requ // - TooManyRequestsException // Too many requests have been made to the operation. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetImportJob -func (c *SESV2) GetImportJob(input *GetImportJobInput) (*GetImportJobOutput, error) { - req, out := c.GetImportJobRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetExportJob +func (c *SESV2) GetExportJob(input *GetExportJobInput) (*GetExportJobOutput, error) { + req, out := c.GetExportJobRequest(input) return out, req.Send() } -// GetImportJobWithContext is the same as GetImportJob with the addition of +// GetExportJobWithContext is the same as GetExportJob with the addition of // the ability to pass a context and additional request options. // -// See GetImportJob for details on how to use this API operation. +// See GetExportJob for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *SESV2) GetImportJobWithContext(ctx aws.Context, input *GetImportJobInput, opts ...request.Option) (*GetImportJobOutput, error) { - req, out := c.GetImportJobRequest(input) +func (c *SESV2) GetExportJobWithContext(ctx aws.Context, input *GetExportJobInput, opts ...request.Option) (*GetExportJobOutput, error) { + req, out := c.GetExportJobRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetSuppressedDestination = "GetSuppressedDestination" +const opGetImportJob = "GetImportJob" -// GetSuppressedDestinationRequest generates a "aws/request.Request" representing the -// client's request for the GetSuppressedDestination operation. The "output" return +// GetImportJobRequest generates a "aws/request.Request" representing the +// client's request for the GetImportJob operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetSuppressedDestination for more information on using the GetSuppressedDestination +// See GetImportJob for more information on using the GetImportJob // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the GetSuppressedDestinationRequest method. -// req, resp := client.GetSuppressedDestinationRequest(params) +// // Example sending a request using the GetImportJobRequest method. +// req, resp := client.GetImportJobRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetSuppressedDestination -func (c *SESV2) GetSuppressedDestinationRequest(input *GetSuppressedDestinationInput) (req *request.Request, output *GetSuppressedDestinationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetImportJob +func (c *SESV2) GetImportJobRequest(input *GetImportJobInput) (req *request.Request, output *GetImportJobOutput) { op := &request.Operation{ - Name: opGetSuppressedDestination, + Name: opGetImportJob, HTTPMethod: "GET", - HTTPPath: "/v2/email/suppression/addresses/{EmailAddress}", + HTTPPath: "/v2/email/import-jobs/{JobId}", } if input == nil { - input = &GetSuppressedDestinationInput{} + input = &GetImportJobInput{} } - output = &GetSuppressedDestinationOutput{} + output = &GetImportJobOutput{} req = c.newRequest(op, input, output) return } -// GetSuppressedDestination API operation for Amazon Simple Email Service. +// GetImportJob API operation for Amazon Simple Email Service. // -// Retrieves information about a specific email address that's on the suppression -// list for your account. +// Provides information about an import job. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Simple Email Service's -// API operation GetSuppressedDestination for usage and error information. +// API operation GetImportJob for usage and error information. // // Returned Error Types: // // - BadRequestException // The input you provided is invalid. // -// - TooManyRequestsException -// Too many requests have been made to the operation. -// // - NotFoundException // The resource you attempted to access doesn't exist. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetSuppressedDestination -func (c *SESV2) GetSuppressedDestination(input *GetSuppressedDestinationInput) (*GetSuppressedDestinationOutput, error) { - req, out := c.GetSuppressedDestinationRequest(input) +// - TooManyRequestsException +// Too many requests have been made to the operation. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetImportJob +func (c *SESV2) GetImportJob(input *GetImportJobInput) (*GetImportJobOutput, error) { + req, out := c.GetImportJobRequest(input) return out, req.Send() } -// GetSuppressedDestinationWithContext is the same as GetSuppressedDestination with the addition of +// GetImportJobWithContext is the same as GetImportJob with the addition of // the ability to pass a context and additional request options. // -// See GetSuppressedDestination for details on how to use this API operation. +// See GetImportJob for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *SESV2) GetSuppressedDestinationWithContext(ctx aws.Context, input *GetSuppressedDestinationInput, opts ...request.Option) (*GetSuppressedDestinationOutput, error) { - req, out := c.GetSuppressedDestinationRequest(input) +func (c *SESV2) GetImportJobWithContext(ctx aws.Context, input *GetImportJobInput, opts ...request.Option) (*GetImportJobOutput, error) { + req, out := c.GetImportJobRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opListConfigurationSets = "ListConfigurationSets" +const opGetMessageInsights = "GetMessageInsights" -// ListConfigurationSetsRequest generates a "aws/request.Request" representing the -// client's request for the ListConfigurationSets operation. The "output" return +// GetMessageInsightsRequest generates a "aws/request.Request" representing the +// client's request for the GetMessageInsights operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListConfigurationSets for more information on using the ListConfigurationSets +// See GetMessageInsights for more information on using the GetMessageInsights // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListConfigurationSetsRequest method. -// req, resp := client.ListConfigurationSetsRequest(params) +// // Example sending a request using the GetMessageInsightsRequest method. +// req, resp := client.GetMessageInsightsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListConfigurationSets -func (c *SESV2) ListConfigurationSetsRequest(input *ListConfigurationSetsInput) (req *request.Request, output *ListConfigurationSetsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetMessageInsights +func (c *SESV2) GetMessageInsightsRequest(input *GetMessageInsightsInput) (req *request.Request, output *GetMessageInsightsOutput) { op := &request.Operation{ - Name: opListConfigurationSets, + Name: opGetMessageInsights, HTTPMethod: "GET", - HTTPPath: "/v2/email/configuration-sets", - Paginator: &request.Paginator{ - InputTokens: []string{"NextToken"}, - OutputTokens: []string{"NextToken"}, - LimitToken: "PageSize", - TruncationToken: "", - }, + HTTPPath: "/v2/email/insights/{MessageId}/", } if input == nil { - input = &ListConfigurationSetsInput{} + input = &GetMessageInsightsInput{} } - output = &ListConfigurationSetsOutput{} + output = &GetMessageInsightsOutput{} req = c.newRequest(op, input, output) return } -// ListConfigurationSets API operation for Amazon Simple Email Service. +// GetMessageInsights API operation for Amazon Simple Email Service. // -// List all of the configuration sets associated with your account in the current -// region. +// Provides information about a specific message, including the from address, +// the subject, the recipient address, email tags, as well as events associated +// with the message. // -// Configuration sets are groups of rules that you can apply to the emails you -// send. You apply a configuration set to an email by including a reference -// to the configuration set in the headers of the email. When you apply a configuration -// set to an email, all of the rules in that configuration set are applied to -// the email. +// You can execute this operation no more than once per second. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Simple Email Service's -// API operation ListConfigurationSets for usage and error information. +// API operation GetMessageInsights for usage and error information. // // Returned Error Types: // +// - NotFoundException +// The resource you attempted to access doesn't exist. +// // - TooManyRequestsException // Too many requests have been made to the operation. // // - BadRequestException // The input you provided is invalid. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListConfigurationSets -func (c *SESV2) ListConfigurationSets(input *ListConfigurationSetsInput) (*ListConfigurationSetsOutput, error) { - req, out := c.ListConfigurationSetsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetMessageInsights +func (c *SESV2) GetMessageInsights(input *GetMessageInsightsInput) (*GetMessageInsightsOutput, error) { + req, out := c.GetMessageInsightsRequest(input) return out, req.Send() } -// ListConfigurationSetsWithContext is the same as ListConfigurationSets with the addition of +// GetMessageInsightsWithContext is the same as GetMessageInsights with the addition of // the ability to pass a context and additional request options. // -// See ListConfigurationSets for details on how to use this API operation. +// See GetMessageInsights for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *SESV2) ListConfigurationSetsWithContext(ctx aws.Context, input *ListConfigurationSetsInput, opts ...request.Option) (*ListConfigurationSetsOutput, error) { - req, out := c.ListConfigurationSetsRequest(input) +func (c *SESV2) GetMessageInsightsWithContext(ctx aws.Context, input *GetMessageInsightsInput, opts ...request.Option) (*GetMessageInsightsOutput, error) { + req, out := c.GetMessageInsightsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// ListConfigurationSetsPages iterates over the pages of a ListConfigurationSets operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. +const opGetSuppressedDestination = "GetSuppressedDestination" + +// GetSuppressedDestinationRequest generates a "aws/request.Request" representing the +// client's request for the GetSuppressedDestination operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. // -// See ListConfigurationSets method for more information on how to use this operation. +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. // -// Note: This operation can generate multiple requests to a service. +// See GetSuppressedDestination for more information on using the GetSuppressedDestination +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetSuppressedDestinationRequest method. +// req, resp := client.GetSuppressedDestinationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetSuppressedDestination +func (c *SESV2) GetSuppressedDestinationRequest(input *GetSuppressedDestinationInput) (req *request.Request, output *GetSuppressedDestinationOutput) { + op := &request.Operation{ + Name: opGetSuppressedDestination, + HTTPMethod: "GET", + HTTPPath: "/v2/email/suppression/addresses/{EmailAddress}", + } + + if input == nil { + input = &GetSuppressedDestinationInput{} + } + + output = &GetSuppressedDestinationOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetSuppressedDestination API operation for Amazon Simple Email Service. +// +// Retrieves information about a specific email address that's on the suppression +// list for your account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Email Service's +// API operation GetSuppressedDestination for usage and error information. +// +// Returned Error Types: +// +// - BadRequestException +// The input you provided is invalid. +// +// - TooManyRequestsException +// Too many requests have been made to the operation. +// +// - NotFoundException +// The resource you attempted to access doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/GetSuppressedDestination +func (c *SESV2) GetSuppressedDestination(input *GetSuppressedDestinationInput) (*GetSuppressedDestinationOutput, error) { + req, out := c.GetSuppressedDestinationRequest(input) + return out, req.Send() +} + +// GetSuppressedDestinationWithContext is the same as GetSuppressedDestination with the addition of +// the ability to pass a context and additional request options. +// +// See GetSuppressedDestination for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SESV2) GetSuppressedDestinationWithContext(ctx aws.Context, input *GetSuppressedDestinationInput, opts ...request.Option) (*GetSuppressedDestinationOutput, error) { + req, out := c.GetSuppressedDestinationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opListConfigurationSets = "ListConfigurationSets" + +// ListConfigurationSetsRequest generates a "aws/request.Request" representing the +// client's request for the ListConfigurationSets operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListConfigurationSets for more information on using the ListConfigurationSets +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListConfigurationSetsRequest method. +// req, resp := client.ListConfigurationSetsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListConfigurationSets +func (c *SESV2) ListConfigurationSetsRequest(input *ListConfigurationSetsInput) (req *request.Request, output *ListConfigurationSetsOutput) { + op := &request.Operation{ + Name: opListConfigurationSets, + HTTPMethod: "GET", + HTTPPath: "/v2/email/configuration-sets", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "PageSize", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListConfigurationSetsInput{} + } + + output = &ListConfigurationSetsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListConfigurationSets API operation for Amazon Simple Email Service. +// +// List all of the configuration sets associated with your account in the current +// region. +// +// Configuration sets are groups of rules that you can apply to the emails you +// send. You apply a configuration set to an email by including a reference +// to the configuration set in the headers of the email. When you apply a configuration +// set to an email, all of the rules in that configuration set are applied to +// the email. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Email Service's +// API operation ListConfigurationSets for usage and error information. +// +// Returned Error Types: +// +// - TooManyRequestsException +// Too many requests have been made to the operation. +// +// - BadRequestException +// The input you provided is invalid. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListConfigurationSets +func (c *SESV2) ListConfigurationSets(input *ListConfigurationSetsInput) (*ListConfigurationSetsOutput, error) { + req, out := c.ListConfigurationSetsRequest(input) + return out, req.Send() +} + +// ListConfigurationSetsWithContext is the same as ListConfigurationSets with the addition of +// the ability to pass a context and additional request options. +// +// See ListConfigurationSets for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SESV2) ListConfigurationSetsWithContext(ctx aws.Context, input *ListConfigurationSetsInput, opts ...request.Option) (*ListConfigurationSetsOutput, error) { + req, out := c.ListConfigurationSetsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListConfigurationSetsPages iterates over the pages of a ListConfigurationSets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListConfigurationSets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. // // // Example iterating over at most 3 pages of a ListConfigurationSets operation. // pageNum := 0 @@ -5112,36 +5462,36 @@ func (c *SESV2) ListEmailTemplatesPagesWithContext(ctx aws.Context, input *ListE return p.Err() } -const opListImportJobs = "ListImportJobs" +const opListExportJobs = "ListExportJobs" -// ListImportJobsRequest generates a "aws/request.Request" representing the -// client's request for the ListImportJobs operation. The "output" return +// ListExportJobsRequest generates a "aws/request.Request" representing the +// client's request for the ListExportJobs operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListImportJobs for more information on using the ListImportJobs +// See ListExportJobs for more information on using the ListExportJobs // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListImportJobsRequest method. -// req, resp := client.ListImportJobsRequest(params) +// // Example sending a request using the ListExportJobsRequest method. +// req, resp := client.ListExportJobsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListImportJobs -func (c *SESV2) ListImportJobsRequest(input *ListImportJobsInput) (req *request.Request, output *ListImportJobsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListExportJobs +func (c *SESV2) ListExportJobsRequest(input *ListExportJobsInput) (req *request.Request, output *ListExportJobsOutput) { op := &request.Operation{ - Name: opListImportJobs, - HTTPMethod: "GET", - HTTPPath: "/v2/email/import-jobs", + Name: opListExportJobs, + HTTPMethod: "POST", + HTTPPath: "/v2/email/list-export-jobs", Paginator: &request.Paginator{ InputTokens: []string{"NextToken"}, OutputTokens: []string{"NextToken"}, @@ -5151,24 +5501,24 @@ func (c *SESV2) ListImportJobsRequest(input *ListImportJobsInput) (req *request. } if input == nil { - input = &ListImportJobsInput{} + input = &ListExportJobsInput{} } - output = &ListImportJobsOutput{} + output = &ListExportJobsOutput{} req = c.newRequest(op, input, output) return } -// ListImportJobs API operation for Amazon Simple Email Service. +// ListExportJobs API operation for Amazon Simple Email Service. // -// Lists all of the import jobs. +// Lists all of the export jobs. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Simple Email Service's -// API operation ListImportJobs for usage and error information. +// API operation ListExportJobs for usage and error information. // // Returned Error Types: // @@ -5178,64 +5528,64 @@ func (c *SESV2) ListImportJobsRequest(input *ListImportJobsInput) (req *request. // - BadRequestException // The input you provided is invalid. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListImportJobs -func (c *SESV2) ListImportJobs(input *ListImportJobsInput) (*ListImportJobsOutput, error) { - req, out := c.ListImportJobsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListExportJobs +func (c *SESV2) ListExportJobs(input *ListExportJobsInput) (*ListExportJobsOutput, error) { + req, out := c.ListExportJobsRequest(input) return out, req.Send() } -// ListImportJobsWithContext is the same as ListImportJobs with the addition of +// ListExportJobsWithContext is the same as ListExportJobs with the addition of // the ability to pass a context and additional request options. // -// See ListImportJobs for details on how to use this API operation. +// See ListExportJobs for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *SESV2) ListImportJobsWithContext(ctx aws.Context, input *ListImportJobsInput, opts ...request.Option) (*ListImportJobsOutput, error) { - req, out := c.ListImportJobsRequest(input) +func (c *SESV2) ListExportJobsWithContext(ctx aws.Context, input *ListExportJobsInput, opts ...request.Option) (*ListExportJobsOutput, error) { + req, out := c.ListExportJobsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// ListImportJobsPages iterates over the pages of a ListImportJobs operation, +// ListExportJobsPages iterates over the pages of a ListExportJobs operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See ListImportJobs method for more information on how to use this operation. +// See ListExportJobs method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListImportJobs operation. +// // Example iterating over at most 3 pages of a ListExportJobs operation. // pageNum := 0 -// err := client.ListImportJobsPages(params, -// func(page *sesv2.ListImportJobsOutput, lastPage bool) bool { +// err := client.ListExportJobsPages(params, +// func(page *sesv2.ListExportJobsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) -func (c *SESV2) ListImportJobsPages(input *ListImportJobsInput, fn func(*ListImportJobsOutput, bool) bool) error { - return c.ListImportJobsPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *SESV2) ListExportJobsPages(input *ListExportJobsInput, fn func(*ListExportJobsOutput, bool) bool) error { + return c.ListExportJobsPagesWithContext(aws.BackgroundContext(), input, fn) } -// ListImportJobsPagesWithContext same as ListImportJobsPages except +// ListExportJobsPagesWithContext same as ListExportJobsPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *SESV2) ListImportJobsPagesWithContext(ctx aws.Context, input *ListImportJobsInput, fn func(*ListImportJobsOutput, bool) bool, opts ...request.Option) error { +func (c *SESV2) ListExportJobsPagesWithContext(ctx aws.Context, input *ListExportJobsInput, fn func(*ListExportJobsOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { - var inCpy *ListImportJobsInput + var inCpy *ListExportJobsInput if input != nil { tmp := *input inCpy = &tmp } - req, _ := c.ListImportJobsRequest(inCpy) + req, _ := c.ListExportJobsRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil @@ -5243,7 +5593,7 @@ func (c *SESV2) ListImportJobsPagesWithContext(ctx aws.Context, input *ListImpor } for p.Next() { - if !fn(p.Page().(*ListImportJobsOutput), !p.HasNextPage()) { + if !fn(p.Page().(*ListExportJobsOutput), !p.HasNextPage()) { break } } @@ -5251,36 +5601,36 @@ func (c *SESV2) ListImportJobsPagesWithContext(ctx aws.Context, input *ListImpor return p.Err() } -const opListRecommendations = "ListRecommendations" +const opListImportJobs = "ListImportJobs" -// ListRecommendationsRequest generates a "aws/request.Request" representing the -// client's request for the ListRecommendations operation. The "output" return +// ListImportJobsRequest generates a "aws/request.Request" representing the +// client's request for the ListImportJobs operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListRecommendations for more information on using the ListRecommendations +// See ListImportJobs for more information on using the ListImportJobs // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListRecommendationsRequest method. -// req, resp := client.ListRecommendationsRequest(params) +// // Example sending a request using the ListImportJobsRequest method. +// req, resp := client.ListImportJobsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListRecommendations -func (c *SESV2) ListRecommendationsRequest(input *ListRecommendationsInput) (req *request.Request, output *ListRecommendationsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListImportJobs +func (c *SESV2) ListImportJobsRequest(input *ListImportJobsInput) (req *request.Request, output *ListImportJobsOutput) { op := &request.Operation{ - Name: opListRecommendations, - HTTPMethod: "POST", - HTTPPath: "/v2/email/vdm/recommendations", + Name: opListImportJobs, + HTTPMethod: "GET", + HTTPPath: "/v2/email/import-jobs", Paginator: &request.Paginator{ InputTokens: []string{"NextToken"}, OutputTokens: []string{"NextToken"}, @@ -5290,27 +5640,24 @@ func (c *SESV2) ListRecommendationsRequest(input *ListRecommendationsInput) (req } if input == nil { - input = &ListRecommendationsInput{} + input = &ListImportJobsInput{} } - output = &ListRecommendationsOutput{} + output = &ListImportJobsOutput{} req = c.newRequest(op, input, output) return } -// ListRecommendations API operation for Amazon Simple Email Service. -// -// Lists the recommendations present in your Amazon SES account in the current -// Amazon Web Services Region. +// ListImportJobs API operation for Amazon Simple Email Service. // -// You can execute this operation no more than once per second. +// Lists all of the import jobs. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Simple Email Service's -// API operation ListRecommendations for usage and error information. +// API operation ListImportJobs for usage and error information. // // Returned Error Types: // @@ -5320,13 +5667,155 @@ func (c *SESV2) ListRecommendationsRequest(input *ListRecommendationsInput) (req // - BadRequestException // The input you provided is invalid. // -// - NotFoundException -// The resource you attempted to access doesn't exist. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListRecommendations -func (c *SESV2) ListRecommendations(input *ListRecommendationsInput) (*ListRecommendationsOutput, error) { - req, out := c.ListRecommendationsRequest(input) - return out, req.Send() +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListImportJobs +func (c *SESV2) ListImportJobs(input *ListImportJobsInput) (*ListImportJobsOutput, error) { + req, out := c.ListImportJobsRequest(input) + return out, req.Send() +} + +// ListImportJobsWithContext is the same as ListImportJobs with the addition of +// the ability to pass a context and additional request options. +// +// See ListImportJobs for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SESV2) ListImportJobsWithContext(ctx aws.Context, input *ListImportJobsInput, opts ...request.Option) (*ListImportJobsOutput, error) { + req, out := c.ListImportJobsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListImportJobsPages iterates over the pages of a ListImportJobs operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListImportJobs method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListImportJobs operation. +// pageNum := 0 +// err := client.ListImportJobsPages(params, +// func(page *sesv2.ListImportJobsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *SESV2) ListImportJobsPages(input *ListImportJobsInput, fn func(*ListImportJobsOutput, bool) bool) error { + return c.ListImportJobsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListImportJobsPagesWithContext same as ListImportJobsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SESV2) ListImportJobsPagesWithContext(ctx aws.Context, input *ListImportJobsInput, fn func(*ListImportJobsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListImportJobsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListImportJobsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListImportJobsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListRecommendations = "ListRecommendations" + +// ListRecommendationsRequest generates a "aws/request.Request" representing the +// client's request for the ListRecommendations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListRecommendations for more information on using the ListRecommendations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListRecommendationsRequest method. +// req, resp := client.ListRecommendationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListRecommendations +func (c *SESV2) ListRecommendationsRequest(input *ListRecommendationsInput) (req *request.Request, output *ListRecommendationsOutput) { + op := &request.Operation{ + Name: opListRecommendations, + HTTPMethod: "POST", + HTTPPath: "/v2/email/vdm/recommendations", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "PageSize", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListRecommendationsInput{} + } + + output = &ListRecommendationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListRecommendations API operation for Amazon Simple Email Service. +// +// Lists the recommendations present in your Amazon SES account in the current +// Amazon Web Services Region. +// +// You can execute this operation no more than once per second. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Email Service's +// API operation ListRecommendations for usage and error information. +// +// Returned Error Types: +// +// - TooManyRequestsException +// Too many requests have been made to the operation. +// +// - BadRequestException +// The input you provided is invalid. +// +// - NotFoundException +// The resource you attempted to access doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sesv2-2019-09-27/ListRecommendations +func (c *SESV2) ListRecommendations(input *ListRecommendationsInput) (*ListRecommendationsOutput, error) { + req, out := c.ListRecommendationsRequest(input) + return out, req.Send() } // ListRecommendationsWithContext is the same as ListRecommendations with the addition of @@ -9302,6 +9791,59 @@ func (s *Body) SetText(v *Content) *Body { return s } +// Information about a Bounce event. +type Bounce struct { + _ struct{} `type:"structure"` + + // The subtype of the bounce, as determined by SES. + BounceSubType *string `type:"string"` + + // The type of the bounce, as determined by SES. Can be one of UNDETERMINED, + // TRANSIENT, or PERMANENT + BounceType *string `type:"string" enum:"BounceType"` + + // The status code issued by the reporting Message Transfer Authority (MTA). + // This field only appears if a delivery status notification (DSN) was attached + // to the bounce and the Diagnostic-Code was provided in the DSN. + DiagnosticCode *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Bounce) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Bounce) GoString() string { + return s.String() +} + +// SetBounceSubType sets the BounceSubType field's value. +func (s *Bounce) SetBounceSubType(v string) *Bounce { + s.BounceSubType = &v + return s +} + +// SetBounceType sets the BounceType field's value. +func (s *Bounce) SetBounceType(v string) *Bounce { + s.BounceType = &v + return s +} + +// SetDiagnosticCode sets the DiagnosticCode field's value. +func (s *Bounce) SetDiagnosticCode(v string) *Bounce { + s.DiagnosticCode = &v + return s +} + // An object that contains the body of the message. You can specify a template // message. type BulkEmailContent struct { @@ -9531,6 +10073,80 @@ func (s *BulkEmailEntryResult) SetStatus(v string) *BulkEmailEntryResult { return s } +// Represents a request to cancel an export job using the export job ID. +type CancelExportJobInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The export job ID. + // + // JobId is a required field + JobId *string `location:"uri" locationName:"JobId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CancelExportJobInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CancelExportJobInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CancelExportJobInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CancelExportJobInput"} + if s.JobId == nil { + invalidParams.Add(request.NewErrParamRequired("JobId")) + } + if s.JobId != nil && len(*s.JobId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("JobId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetJobId sets the JobId field's value. +func (s *CancelExportJobInput) SetJobId(v string) *CancelExportJobInput { + s.JobId = &v + return s +} + +// An HTTP 200 response if the request succeeds, or an error message if the +// request fails. +type CancelExportJobOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CancelExportJobOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CancelExportJobOutput) GoString() string { + return s.String() +} + // An object that defines an Amazon CloudWatch destination for email events. // You can use Amazon CloudWatch to monitor and gain insights on your email // sending metrics. @@ -9684,12 +10300,18 @@ func (s *CloudWatchDimensionConfiguration) SetDimensionValueSource(v string) *Cl return s } -// The resource is being modified by another operation or thread. -type ConcurrentModificationException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +// Information about a Complaint event. +type Complaint struct { + _ struct{} `type:"structure"` - Message_ *string `locationName:"message" type:"string"` + // The value of the Feedback-Type field from the feedback report received from + // the ISP. + ComplaintFeedbackType *string `type:"string"` + + // Can either be null or OnAccountSuppressionList. If the value is OnAccountSuppressionList, + // SES accepted the message, but didn't attempt to send it because it was on + // the account-level suppression list. + ComplaintSubType *string `type:"string"` } // String returns the string representation. @@ -9697,7 +10319,7 @@ type ConcurrentModificationException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ConcurrentModificationException) String() string { +func (s Complaint) String() string { return awsutil.Prettify(s) } @@ -9706,14 +10328,52 @@ func (s ConcurrentModificationException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ConcurrentModificationException) GoString() string { +func (s Complaint) GoString() string { return s.String() } -func newErrorConcurrentModificationException(v protocol.ResponseMetadata) error { - return &ConcurrentModificationException{ - RespMetadata: v, - } +// SetComplaintFeedbackType sets the ComplaintFeedbackType field's value. +func (s *Complaint) SetComplaintFeedbackType(v string) *Complaint { + s.ComplaintFeedbackType = &v + return s +} + +// SetComplaintSubType sets the ComplaintSubType field's value. +func (s *Complaint) SetComplaintSubType(v string) *Complaint { + s.ComplaintSubType = &v + return s +} + +// The resource is being modified by another operation or thread. +type ConcurrentModificationException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConcurrentModificationException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConcurrentModificationException) GoString() string { + return s.String() +} + +func newErrorConcurrentModificationException(v protocol.ResponseMetadata) error { + return &ConcurrentModificationException{ + RespMetadata: v, + } } // Code returns the exception type name. @@ -11321,6 +11981,111 @@ func (s CreateEmailTemplateOutput) GoString() string { return s.String() } +// Represents a request to create an export job from a data source to a data +// destination. +type CreateExportJobInput struct { + _ struct{} `type:"structure"` + + // The data source for the export job. + // + // ExportDataSource is a required field + ExportDataSource *ExportDataSource `type:"structure" required:"true"` + + // The destination for the export job. + // + // ExportDestination is a required field + ExportDestination *ExportDestination `type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateExportJobInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateExportJobInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateExportJobInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateExportJobInput"} + if s.ExportDataSource == nil { + invalidParams.Add(request.NewErrParamRequired("ExportDataSource")) + } + if s.ExportDestination == nil { + invalidParams.Add(request.NewErrParamRequired("ExportDestination")) + } + if s.ExportDataSource != nil { + if err := s.ExportDataSource.Validate(); err != nil { + invalidParams.AddNested("ExportDataSource", err.(request.ErrInvalidParams)) + } + } + if s.ExportDestination != nil { + if err := s.ExportDestination.Validate(); err != nil { + invalidParams.AddNested("ExportDestination", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetExportDataSource sets the ExportDataSource field's value. +func (s *CreateExportJobInput) SetExportDataSource(v *ExportDataSource) *CreateExportJobInput { + s.ExportDataSource = v + return s +} + +// SetExportDestination sets the ExportDestination field's value. +func (s *CreateExportJobInput) SetExportDestination(v *ExportDestination) *CreateExportJobInput { + s.ExportDestination = v + return s +} + +// An HTTP 200 response if the request succeeds, or an error message if the +// request fails. +type CreateExportJobOutput struct { + _ struct{} `type:"structure"` + + // A string that represents the export job ID. + JobId *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateExportJobOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateExportJobOutput) GoString() string { + return s.String() +} + +// SetJobId sets the JobId field's value. +func (s *CreateExportJobOutput) SetJobId(v string) *CreateExportJobOutput { + s.JobId = &v + return s +} + // Represents a request to create an import job from a data source for a data // destination. type CreateImportJobInput struct { @@ -13347,6 +14112,61 @@ func (s *EmailContent) SetTemplate(v *Template) *EmailContent { return s } +// An email's insights contain metadata and delivery information about a specific +// email. +type EmailInsights struct { + _ struct{} `type:"structure"` + + // The recipient of the email. + // + // Destination is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by EmailInsights's + // String and GoString methods. + Destination *string `min:"1" type:"string" sensitive:"true"` + + // A list of events associated with the sent email. + Events []*InsightsEvent `type:"list"` + + // The recipient's ISP (e.g., Gmail, Yahoo, etc.). + Isp *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EmailInsights) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EmailInsights) GoString() string { + return s.String() +} + +// SetDestination sets the Destination field's value. +func (s *EmailInsights) SetDestination(v string) *EmailInsights { + s.Destination = &v + return s +} + +// SetEvents sets the Events field's value. +func (s *EmailInsights) SetEvents(v []*InsightsEvent) *EmailInsights { + s.Events = v + return s +} + +// SetIsp sets the Isp field's value. +func (s *EmailInsights) SetIsp(v string) *EmailInsights { + s.Isp = &v + return s +} + // The content of the email, composed of a subject line, an HTML part, and a // text-only part. type EmailTemplateContent struct { @@ -13694,26 +14514,390 @@ func (s *EventDestinationDefinition) SetMatchingEventTypes(v []*string) *EventDe return s } -// SetPinpointDestination sets the PinpointDestination field's value. -func (s *EventDestinationDefinition) SetPinpointDestination(v *PinpointDestination) *EventDestinationDefinition { - s.PinpointDestination = v +// SetPinpointDestination sets the PinpointDestination field's value. +func (s *EventDestinationDefinition) SetPinpointDestination(v *PinpointDestination) *EventDestinationDefinition { + s.PinpointDestination = v + return s +} + +// SetSnsDestination sets the SnsDestination field's value. +func (s *EventDestinationDefinition) SetSnsDestination(v *SnsDestination) *EventDestinationDefinition { + s.SnsDestination = v + return s +} + +// Contains a Bounce object if the event type is BOUNCE. Contains a Complaint +// object if the event type is COMPLAINT. +type EventDetails struct { + _ struct{} `type:"structure"` + + // Information about a Bounce event. + Bounce *Bounce `type:"structure"` + + // Information about a Complaint event. + Complaint *Complaint `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EventDetails) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EventDetails) GoString() string { + return s.String() +} + +// SetBounce sets the Bounce field's value. +func (s *EventDetails) SetBounce(v *Bounce) *EventDetails { + s.Bounce = v + return s +} + +// SetComplaint sets the Complaint field's value. +func (s *EventDetails) SetComplaint(v *Complaint) *EventDetails { + s.Complaint = v + return s +} + +// An object that contains details about the data source of the export job. +// It can only contain one of MetricsDataSource or MessageInsightsDataSource +// object. +type ExportDataSource struct { + _ struct{} `type:"structure"` + + // An object that contains filters applied when performing the Message Insights + // export. + MessageInsightsDataSource *MessageInsightsDataSource `type:"structure"` + + // An object that contains details about the data source for the metrics export. + MetricsDataSource *MetricsDataSource `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportDataSource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportDataSource) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ExportDataSource) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ExportDataSource"} + if s.MessageInsightsDataSource != nil { + if err := s.MessageInsightsDataSource.Validate(); err != nil { + invalidParams.AddNested("MessageInsightsDataSource", err.(request.ErrInvalidParams)) + } + } + if s.MetricsDataSource != nil { + if err := s.MetricsDataSource.Validate(); err != nil { + invalidParams.AddNested("MetricsDataSource", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMessageInsightsDataSource sets the MessageInsightsDataSource field's value. +func (s *ExportDataSource) SetMessageInsightsDataSource(v *MessageInsightsDataSource) *ExportDataSource { + s.MessageInsightsDataSource = v + return s +} + +// SetMetricsDataSource sets the MetricsDataSource field's value. +func (s *ExportDataSource) SetMetricsDataSource(v *MetricsDataSource) *ExportDataSource { + s.MetricsDataSource = v + return s +} + +// An object that contains details about the destination of the export job. +type ExportDestination struct { + _ struct{} `type:"structure"` + + // The data format of the final export job file, can be one of the following: + // + // * CSV - A comma-separated values file. + // + // * JSON - A Json file. + // + // DataFormat is a required field + DataFormat *string `type:"string" required:"true" enum:"DataFormat"` + + // An Amazon S3 pre-signed URL that points to the generated export file. + S3Url *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportDestination) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportDestination) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ExportDestination) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ExportDestination"} + if s.DataFormat == nil { + invalidParams.Add(request.NewErrParamRequired("DataFormat")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDataFormat sets the DataFormat field's value. +func (s *ExportDestination) SetDataFormat(v string) *ExportDestination { + s.DataFormat = &v + return s +} + +// SetS3Url sets the S3Url field's value. +func (s *ExportDestination) SetS3Url(v string) *ExportDestination { + s.S3Url = &v + return s +} + +// A summary of the export job. +type ExportJobSummary struct { + _ struct{} `type:"structure"` + + // The timestamp of when the export job was completed. + CompletedTimestamp *time.Time `type:"timestamp"` + + // The timestamp of when the export job was created. + CreatedTimestamp *time.Time `type:"timestamp"` + + // The source type of the export job. + ExportSourceType *string `type:"string" enum:"ExportSourceType"` + + // The export job ID. + JobId *string `min:"1" type:"string"` + + // The status of the export job. + JobStatus *string `type:"string" enum:"JobStatus"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportJobSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportJobSummary) GoString() string { + return s.String() +} + +// SetCompletedTimestamp sets the CompletedTimestamp field's value. +func (s *ExportJobSummary) SetCompletedTimestamp(v time.Time) *ExportJobSummary { + s.CompletedTimestamp = &v + return s +} + +// SetCreatedTimestamp sets the CreatedTimestamp field's value. +func (s *ExportJobSummary) SetCreatedTimestamp(v time.Time) *ExportJobSummary { + s.CreatedTimestamp = &v + return s +} + +// SetExportSourceType sets the ExportSourceType field's value. +func (s *ExportJobSummary) SetExportSourceType(v string) *ExportJobSummary { + s.ExportSourceType = &v + return s +} + +// SetJobId sets the JobId field's value. +func (s *ExportJobSummary) SetJobId(v string) *ExportJobSummary { + s.JobId = &v + return s +} + +// SetJobStatus sets the JobStatus field's value. +func (s *ExportJobSummary) SetJobStatus(v string) *ExportJobSummary { + s.JobStatus = &v + return s +} + +// An object that contains a mapping between a Metric and MetricAggregation. +type ExportMetric struct { + _ struct{} `type:"structure"` + + // The aggregation to apply to a metric, can be one of the following: + // + // * VOLUME - The volume of events for this metric. + // + // * RATE - The rate for this metric relative to the SEND metric volume. + Aggregation *string `type:"string" enum:"MetricAggregation"` + + // The metric to export, can be one of the following: + // + // * SEND - Emails sent eligible for tracking in the VDM dashboard. This + // excludes emails sent to the mailbox simulator and emails addressed to + // more than one recipient. + // + // * COMPLAINT - Complaints received for your account. This excludes complaints + // from the mailbox simulator, those originating from your account-level + // suppression list (if enabled), and those for emails addressed to more + // than one recipient + // + // * PERMANENT_BOUNCE - Permanent bounces - i.e., feedback received for emails + // sent to non-existent mailboxes. Excludes bounces from the mailbox simulator, + // those originating from your account-level suppression list (if enabled), + // and those for emails addressed to more than one recipient. + // + // * TRANSIENT_BOUNCE - Transient bounces - i.e., feedback received for delivery + // failures excluding issues with non-existent mailboxes. Excludes bounces + // from the mailbox simulator, and those for emails addressed to more than + // one recipient. + // + // * OPEN - Unique open events for emails including open trackers. Excludes + // opens for emails addressed to more than one recipient. + // + // * CLICK - Unique click events for emails including wrapped links. Excludes + // clicks for emails addressed to more than one recipient. + // + // * DELIVERY - Successful deliveries for email sending attempts. Excludes + // deliveries to the mailbox simulator and for emails addressed to more than + // one recipient. + // + // * DELIVERY_OPEN - Successful deliveries for email sending attempts. Excludes + // deliveries to the mailbox simulator, for emails addressed to more than + // one recipient, and emails without open trackers. + // + // * DELIVERY_CLICK - Successful deliveries for email sending attempts. Excludes + // deliveries to the mailbox simulator, for emails addressed to more than + // one recipient, and emails without click trackers. + // + // * DELIVERY_COMPLAINT - Successful deliveries for email sending attempts. + // Excludes deliveries to the mailbox simulator, for emails addressed to + // more than one recipient, and emails addressed to recipients hosted by + // ISPs with which Amazon SES does not have a feedback loop agreement. + Name *string `type:"string" enum:"Metric"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportMetric) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportMetric) GoString() string { + return s.String() +} + +// SetAggregation sets the Aggregation field's value. +func (s *ExportMetric) SetAggregation(v string) *ExportMetric { + s.Aggregation = &v + return s +} + +// SetName sets the Name field's value. +func (s *ExportMetric) SetName(v string) *ExportMetric { + s.Name = &v + return s +} + +// Statistics about the execution of an export job. +type ExportStatistics struct { + _ struct{} `type:"structure"` + + // The number of records that were exported to the final export file. + // + // This value might not be available for all export source types + ExportedRecordsCount *int64 `type:"integer"` + + // The number of records that were processed to generate the final export file. + ProcessedRecordsCount *int64 `type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportStatistics) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExportStatistics) GoString() string { + return s.String() +} + +// SetExportedRecordsCount sets the ExportedRecordsCount field's value. +func (s *ExportStatistics) SetExportedRecordsCount(v int64) *ExportStatistics { + s.ExportedRecordsCount = &v return s } -// SetSnsDestination sets the SnsDestination field's value. -func (s *EventDestinationDefinition) SetSnsDestination(v *SnsDestination) *EventDestinationDefinition { - s.SnsDestination = v +// SetProcessedRecordsCount sets the ProcessedRecordsCount field's value. +func (s *ExportStatistics) SetProcessedRecordsCount(v int64) *ExportStatistics { + s.ProcessedRecordsCount = &v return s } -// An object that contains the failure details about an import job. +// An object that contains the failure details about a job. type FailureInfo struct { _ struct{} `type:"structure"` - // A message about why the import job failed. + // A message about why the job failed. ErrorMessage *string `type:"string"` - // An Amazon S3 presigned URL that contains all the failed records and related + // An Amazon S3 pre-signed URL that contains all the failed records and related // information. FailedRecordsS3Url *string `type:"string"` } @@ -15721,6 +16905,162 @@ func (s *GetEmailTemplateOutput) SetTemplateName(v string) *GetEmailTemplateOutp return s } +// Represents a request to retrieve information about an export job using the +// export job ID. +type GetExportJobInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The export job ID. + // + // JobId is a required field + JobId *string `location:"uri" locationName:"JobId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetExportJobInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetExportJobInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetExportJobInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetExportJobInput"} + if s.JobId == nil { + invalidParams.Add(request.NewErrParamRequired("JobId")) + } + if s.JobId != nil && len(*s.JobId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("JobId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetJobId sets the JobId field's value. +func (s *GetExportJobInput) SetJobId(v string) *GetExportJobInput { + s.JobId = &v + return s +} + +// An HTTP 200 response if the request succeeds, or an error message if the +// request fails. +type GetExportJobOutput struct { + _ struct{} `type:"structure"` + + // The timestamp of when the export job was completed. + CompletedTimestamp *time.Time `type:"timestamp"` + + // The timestamp of when the export job was created. + CreatedTimestamp *time.Time `type:"timestamp"` + + // The data source of the export job. + ExportDataSource *ExportDataSource `type:"structure"` + + // The destination of the export job. + ExportDestination *ExportDestination `type:"structure"` + + // The type of source of the export job. + ExportSourceType *string `type:"string" enum:"ExportSourceType"` + + // The failure details about an export job. + FailureInfo *FailureInfo `type:"structure"` + + // The export job ID. + JobId *string `min:"1" type:"string"` + + // The status of the export job. + JobStatus *string `type:"string" enum:"JobStatus"` + + // The statistics about the export job. + Statistics *ExportStatistics `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetExportJobOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetExportJobOutput) GoString() string { + return s.String() +} + +// SetCompletedTimestamp sets the CompletedTimestamp field's value. +func (s *GetExportJobOutput) SetCompletedTimestamp(v time.Time) *GetExportJobOutput { + s.CompletedTimestamp = &v + return s +} + +// SetCreatedTimestamp sets the CreatedTimestamp field's value. +func (s *GetExportJobOutput) SetCreatedTimestamp(v time.Time) *GetExportJobOutput { + s.CreatedTimestamp = &v + return s +} + +// SetExportDataSource sets the ExportDataSource field's value. +func (s *GetExportJobOutput) SetExportDataSource(v *ExportDataSource) *GetExportJobOutput { + s.ExportDataSource = v + return s +} + +// SetExportDestination sets the ExportDestination field's value. +func (s *GetExportJobOutput) SetExportDestination(v *ExportDestination) *GetExportJobOutput { + s.ExportDestination = v + return s +} + +// SetExportSourceType sets the ExportSourceType field's value. +func (s *GetExportJobOutput) SetExportSourceType(v string) *GetExportJobOutput { + s.ExportSourceType = &v + return s +} + +// SetFailureInfo sets the FailureInfo field's value. +func (s *GetExportJobOutput) SetFailureInfo(v *FailureInfo) *GetExportJobOutput { + s.FailureInfo = v + return s +} + +// SetJobId sets the JobId field's value. +func (s *GetExportJobOutput) SetJobId(v string) *GetExportJobOutput { + s.JobId = &v + return s +} + +// SetJobStatus sets the JobStatus field's value. +func (s *GetExportJobOutput) SetJobStatus(v string) *GetExportJobOutput { + s.JobStatus = &v + return s +} + +// SetStatistics sets the Statistics field's value. +func (s *GetExportJobOutput) SetStatistics(v *ExportStatistics) *GetExportJobOutput { + s.Statistics = v + return s +} + // Represents a request for information about an import job using the import // job ID. type GetImportJobInput struct { @@ -15878,6 +17218,134 @@ func (s *GetImportJobOutput) SetProcessedRecordsCount(v int64) *GetImportJobOutp return s } +// A request to return information about a message. +type GetMessageInsightsInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // A MessageId is a unique identifier for a message, and is returned when sending + // emails through Amazon SES. + // + // MessageId is a required field + MessageId *string `location:"uri" locationName:"MessageId" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetMessageInsightsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetMessageInsightsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetMessageInsightsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetMessageInsightsInput"} + if s.MessageId == nil { + invalidParams.Add(request.NewErrParamRequired("MessageId")) + } + if s.MessageId != nil && len(*s.MessageId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("MessageId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMessageId sets the MessageId field's value. +func (s *GetMessageInsightsInput) SetMessageId(v string) *GetMessageInsightsInput { + s.MessageId = &v + return s +} + +// Information about a message. +type GetMessageInsightsOutput struct { + _ struct{} `type:"structure"` + + // A list of tags, in the form of name/value pairs, that were applied to the + // email you sent, along with Amazon SES Auto-Tags (https://docs.aws.amazon.com/ses/latest/dg/monitor-using-event-publishing.html). + EmailTags []*MessageTag `type:"list"` + + // The from address used to send the message. + // + // FromEmailAddress is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetMessageInsightsOutput's + // String and GoString methods. + FromEmailAddress *string `min:"1" type:"string" sensitive:"true"` + + // A set of insights associated with the message. + Insights []*EmailInsights `type:"list"` + + // A unique identifier for the message. + MessageId *string `type:"string"` + + // The subject line of the message. + // + // Subject is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetMessageInsightsOutput's + // String and GoString methods. + Subject *string `min:"1" type:"string" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetMessageInsightsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetMessageInsightsOutput) GoString() string { + return s.String() +} + +// SetEmailTags sets the EmailTags field's value. +func (s *GetMessageInsightsOutput) SetEmailTags(v []*MessageTag) *GetMessageInsightsOutput { + s.EmailTags = v + return s +} + +// SetFromEmailAddress sets the FromEmailAddress field's value. +func (s *GetMessageInsightsOutput) SetFromEmailAddress(v string) *GetMessageInsightsOutput { + s.FromEmailAddress = &v + return s +} + +// SetInsights sets the Insights field's value. +func (s *GetMessageInsightsOutput) SetInsights(v []*EmailInsights) *GetMessageInsightsOutput { + s.Insights = v + return s +} + +// SetMessageId sets the MessageId field's value. +func (s *GetMessageInsightsOutput) SetMessageId(v string) *GetMessageInsightsOutput { + s.MessageId = &v + return s +} + +// SetSubject sets the Subject field's value. +func (s *GetMessageInsightsOutput) SetSubject(v string) *GetMessageInsightsOutput { + s.Subject = &v + return s +} + // A request to retrieve information about an email address that's on the suppression // list for your account. type GetSuppressedDestinationInput struct { @@ -16258,10 +17726,18 @@ type ImportJobSummary struct { // job is going to target. ImportDestination *ImportDestination `type:"structure"` - // A string that represents the import job ID. + // A string that represents a job ID. JobId *string `min:"1" type:"string"` - // The status of the import job. + // The status of a job. + // + // * CREATED – Job has just been created. + // + // * PROCESSING – Job is processing. + // + // * ERROR – An error occurred during processing. + // + // * COMPLETED – Job has completed processing successfully. JobStatus *string `type:"string" enum:"JobStatus"` // The current number of records processed. @@ -16329,12 +17805,82 @@ func (s *ImportJobSummary) SetProcessedRecordsCount(v int64) *ImportJobSummary { type InboxPlacementTrackingOption struct { _ struct{} `type:"structure"` - // Specifies whether inbox placement data is being tracked for the domain. - Global *bool `type:"boolean"` + // Specifies whether inbox placement data is being tracked for the domain. + Global *bool `type:"boolean"` + + // An array of strings, one for each major email provider that the inbox placement + // data applies to. + TrackedIsps []*string `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InboxPlacementTrackingOption) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InboxPlacementTrackingOption) GoString() string { + return s.String() +} + +// SetGlobal sets the Global field's value. +func (s *InboxPlacementTrackingOption) SetGlobal(v bool) *InboxPlacementTrackingOption { + s.Global = &v + return s +} + +// SetTrackedIsps sets the TrackedIsps field's value. +func (s *InboxPlacementTrackingOption) SetTrackedIsps(v []*string) *InboxPlacementTrackingOption { + s.TrackedIsps = v + return s +} + +// An object containing details about a specific event. +type InsightsEvent struct { + _ struct{} `type:"structure"` + + // Details about bounce or complaint events. + Details *EventDetails `type:"structure"` - // An array of strings, one for each major email provider that the inbox placement - // data applies to. - TrackedIsps []*string `type:"list"` + // The timestamp of the event. + Timestamp *time.Time `type:"timestamp"` + + // The type of event: + // + // * SEND - The send request was successful and SES will attempt to deliver + // the message to the recipient’s mail server. (If account-level or global + // suppression is being used, SES will still count it as a send, but delivery + // is suppressed.) + // + // * DELIVERY - SES successfully delivered the email to the recipient's mail + // server. Excludes deliveries to the mailbox simulator, and those from emails + // addressed to more than one recipient. + // + // * BOUNCE - Feedback received for delivery failures. Additional details + // about the bounce are provided in the Details object. Excludes bounces + // from the mailbox simulator, and those from emails addressed to more than + // one recipient. + // + // * COMPLAINT - Complaint received for the email. Additional details about + // the complaint are provided in the Details object. This excludes complaints + // from the mailbox simulator, those originating from your account-level + // suppression list (if enabled), and those from emails addressed to more + // than one recipient. + // + // * OPEN - Open event for emails including open trackers. Excludes opens + // for emails addressed to more than one recipient. + // + // * CLICK - Click event for emails including wrapped links. Excludes clicks + // for emails addressed to more than one recipient. + Type *string `type:"string" enum:"EventType"` } // String returns the string representation. @@ -16342,7 +17888,7 @@ type InboxPlacementTrackingOption struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InboxPlacementTrackingOption) String() string { +func (s InsightsEvent) String() string { return awsutil.Prettify(s) } @@ -16351,19 +17897,25 @@ func (s InboxPlacementTrackingOption) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InboxPlacementTrackingOption) GoString() string { +func (s InsightsEvent) GoString() string { return s.String() } -// SetGlobal sets the Global field's value. -func (s *InboxPlacementTrackingOption) SetGlobal(v bool) *InboxPlacementTrackingOption { - s.Global = &v +// SetDetails sets the Details field's value. +func (s *InsightsEvent) SetDetails(v *EventDetails) *InsightsEvent { + s.Details = v return s } -// SetTrackedIsps sets the TrackedIsps field's value. -func (s *InboxPlacementTrackingOption) SetTrackedIsps(v []*string) *InboxPlacementTrackingOption { - s.TrackedIsps = v +// SetTimestamp sets the Timestamp field's value. +func (s *InsightsEvent) SetTimestamp(v time.Time) *InsightsEvent { + s.Timestamp = &v + return s +} + +// SetType sets the Type field's value. +func (s *InsightsEvent) SetType(v string) *InsightsEvent { + s.Type = &v return s } @@ -17630,6 +19182,113 @@ func (s *ListEmailTemplatesOutput) SetTemplatesMetadata(v []*EmailTemplateMetada return s } +// Represents a request to list all export jobs with filters. +type ListExportJobsInput struct { + _ struct{} `type:"structure"` + + // A value used to list export jobs that have a certain ExportSourceType. + ExportSourceType *string `type:"string" enum:"ExportSourceType"` + + // A value used to list export jobs that have a certain JobStatus. + JobStatus *string `type:"string" enum:"JobStatus"` + + // The pagination token returned from a previous call to ListExportJobs to indicate + // the position in the list of export jobs. + NextToken *string `type:"string"` + + // Maximum number of export jobs to return at once. Use this parameter to paginate + // results. If additional export jobs exist beyond the specified limit, the + // NextToken element is sent in the response. Use the NextToken value in subsequent + // calls to ListExportJobs to retrieve additional export jobs. + PageSize *int64 `type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListExportJobsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListExportJobsInput) GoString() string { + return s.String() +} + +// SetExportSourceType sets the ExportSourceType field's value. +func (s *ListExportJobsInput) SetExportSourceType(v string) *ListExportJobsInput { + s.ExportSourceType = &v + return s +} + +// SetJobStatus sets the JobStatus field's value. +func (s *ListExportJobsInput) SetJobStatus(v string) *ListExportJobsInput { + s.JobStatus = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListExportJobsInput) SetNextToken(v string) *ListExportJobsInput { + s.NextToken = &v + return s +} + +// SetPageSize sets the PageSize field's value. +func (s *ListExportJobsInput) SetPageSize(v int64) *ListExportJobsInput { + s.PageSize = &v + return s +} + +// An HTTP 200 response if the request succeeds, or an error message if the +// request fails. +type ListExportJobsOutput struct { + _ struct{} `type:"structure"` + + // A list of the export job summaries. + ExportJobs []*ExportJobSummary `type:"list"` + + // A string token indicating that there might be additional export jobs available + // to be listed. Use this token to a subsequent call to ListExportJobs with + // the same parameters to retrieve the next page of export jobs. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListExportJobsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListExportJobsOutput) GoString() string { + return s.String() +} + +// SetExportJobs sets the ExportJobs field's value. +func (s *ListExportJobsOutput) SetExportJobs(v []*ExportJobSummary) *ListExportJobsOutput { + s.ExportJobs = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListExportJobsOutput) SetNextToken(v string) *ListExportJobsOutput { + s.NextToken = &v + return s +} + // Represents a request to list all of the import jobs for a data destination // within the specified maximum number of import jobs. type ListImportJobsInput struct { @@ -18207,57 +19866,247 @@ func newErrorMailFromDomainNotVerifiedException(v protocol.ResponseMetadata) err return &MailFromDomainNotVerifiedException{ RespMetadata: v, } -} +} + +// Code returns the exception type name. +func (s *MailFromDomainNotVerifiedException) Code() string { + return "MailFromDomainNotVerifiedException" +} + +// Message returns the exception's message. +func (s *MailFromDomainNotVerifiedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *MailFromDomainNotVerifiedException) OrigErr() error { + return nil +} + +func (s *MailFromDomainNotVerifiedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *MailFromDomainNotVerifiedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *MailFromDomainNotVerifiedException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Represents the email message that you're sending. The Message object consists +// of a subject line and a message body. +type Message struct { + _ struct{} `type:"structure"` + + // The body of the message. You can specify an HTML version of the message, + // a text-only version of the message, or both. + // + // Body is a required field + Body *Body `type:"structure" required:"true"` + + // The subject line of the email. The subject line can only contain 7-bit ASCII + // characters. However, you can specify non-ASCII characters in the subject + // line by using encoded-word syntax, as described in RFC 2047 (https://tools.ietf.org/html/rfc2047). + // + // Subject is a required field + Subject *Content `type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Message) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Message) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *Message) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "Message"} + if s.Body == nil { + invalidParams.Add(request.NewErrParamRequired("Body")) + } + if s.Subject == nil { + invalidParams.Add(request.NewErrParamRequired("Subject")) + } + if s.Body != nil { + if err := s.Body.Validate(); err != nil { + invalidParams.AddNested("Body", err.(request.ErrInvalidParams)) + } + } + if s.Subject != nil { + if err := s.Subject.Validate(); err != nil { + invalidParams.AddNested("Subject", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBody sets the Body field's value. +func (s *Message) SetBody(v *Body) *Message { + s.Body = v + return s +} + +// SetSubject sets the Subject field's value. +func (s *Message) SetSubject(v *Content) *Message { + s.Subject = v + return s +} + +// An object that contains filters applied when performing the Message Insights +// export. +type MessageInsightsDataSource struct { + _ struct{} `type:"structure"` + + // Represents the end date for the export interval as a timestamp. The end date + // is inclusive. + // + // EndDate is a required field + EndDate *time.Time `type:"timestamp" required:"true"` + + // Filters for results to be excluded from the export file. + Exclude *MessageInsightsFilters `type:"structure"` + + // Filters for results to be included in the export file. + Include *MessageInsightsFilters `type:"structure"` + + // The maximum number of results. + MaxResults *int64 `min:"1" type:"integer"` + + // Represents the start date for the export interval as a timestamp. The start + // date is inclusive. + // + // StartDate is a required field + StartDate *time.Time `type:"timestamp" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MessageInsightsDataSource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MessageInsightsDataSource) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *MessageInsightsDataSource) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "MessageInsightsDataSource"} + if s.EndDate == nil { + invalidParams.Add(request.NewErrParamRequired("EndDate")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.StartDate == nil { + invalidParams.Add(request.NewErrParamRequired("StartDate")) + } -// Code returns the exception type name. -func (s *MailFromDomainNotVerifiedException) Code() string { - return "MailFromDomainNotVerifiedException" + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// Message returns the exception's message. -func (s *MailFromDomainNotVerifiedException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" +// SetEndDate sets the EndDate field's value. +func (s *MessageInsightsDataSource) SetEndDate(v time.Time) *MessageInsightsDataSource { + s.EndDate = &v + return s } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *MailFromDomainNotVerifiedException) OrigErr() error { - return nil +// SetExclude sets the Exclude field's value. +func (s *MessageInsightsDataSource) SetExclude(v *MessageInsightsFilters) *MessageInsightsDataSource { + s.Exclude = v + return s } -func (s *MailFromDomainNotVerifiedException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +// SetInclude sets the Include field's value. +func (s *MessageInsightsDataSource) SetInclude(v *MessageInsightsFilters) *MessageInsightsDataSource { + s.Include = v + return s } -// Status code returns the HTTP status code for the request's response error. -func (s *MailFromDomainNotVerifiedException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetMaxResults sets the MaxResults field's value. +func (s *MessageInsightsDataSource) SetMaxResults(v int64) *MessageInsightsDataSource { + s.MaxResults = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *MailFromDomainNotVerifiedException) RequestID() string { - return s.RespMetadata.RequestID +// SetStartDate sets the StartDate field's value. +func (s *MessageInsightsDataSource) SetStartDate(v time.Time) *MessageInsightsDataSource { + s.StartDate = &v + return s } -// Represents the email message that you're sending. The Message object consists -// of a subject line and a message body. -type Message struct { +// An object containing Message Insights filters. +// +// If you specify multiple filters, the filters are joined by AND. +// +// If you specify multiple values for a filter, the values are joined by OR. +// Filter values are case-sensitive. +// +// FromEmailAddress, Destination, and Subject filters support partial match. +// A partial match is performed by using the * wildcard character placed at +// the beginning (suffix match), the end (prefix match) or both ends of the +// string (contains match). In order to match the literal characters * or \, +// they must be escaped using the \ character. If no wildcard character is present, +// an exact match is performed. +type MessageInsightsFilters struct { _ struct{} `type:"structure"` - // The body of the message. You can specify an HTML version of the message, - // a text-only version of the message, or both. - // - // Body is a required field - Body *Body `type:"structure" required:"true"` + // The recipient's email address. + Destination []*string `type:"list"` - // The subject line of the email. The subject line can only contain 7-bit ASCII - // characters. However, you can specify non-ASCII characters in the subject - // line by using encoded-word syntax, as described in RFC 2047 (https://tools.ietf.org/html/rfc2047). + // The from address used to send the message. + FromEmailAddress []*string `type:"list"` + + // The recipient's ISP (e.g., Gmail, Yahoo, etc.). + Isp []*string `type:"list"` + + // The last delivery-related event for the email, where the ordering is as follows: + // SEND < BOUNCE < DELIVERY < COMPLAINT. + LastDeliveryEvent []*string `type:"list" enum:"DeliveryEventType"` + + // The last engagement-related event for the email, where the ordering is as + // follows: OPEN < CLICK. // - // Subject is a required field - Subject *Content `type:"structure" required:"true"` + // Engagement events are only available if Engagement tracking (https://docs.aws.amazon.com/ses/latest/dg/vdm-settings.html) + // is enabled. + LastEngagementEvent []*string `type:"list" enum:"EngagementEventType"` + + // The subject line of the message. + Subject []*string `type:"list"` } // String returns the string representation. @@ -18265,7 +20114,7 @@ type Message struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Message) String() string { +func (s MessageInsightsFilters) String() string { return awsutil.Prettify(s) } @@ -18274,44 +20123,42 @@ func (s Message) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s Message) GoString() string { +func (s MessageInsightsFilters) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *Message) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "Message"} - if s.Body == nil { - invalidParams.Add(request.NewErrParamRequired("Body")) - } - if s.Subject == nil { - invalidParams.Add(request.NewErrParamRequired("Subject")) - } - if s.Body != nil { - if err := s.Body.Validate(); err != nil { - invalidParams.AddNested("Body", err.(request.ErrInvalidParams)) - } - } - if s.Subject != nil { - if err := s.Subject.Validate(); err != nil { - invalidParams.AddNested("Subject", err.(request.ErrInvalidParams)) - } - } +// SetDestination sets the Destination field's value. +func (s *MessageInsightsFilters) SetDestination(v []*string) *MessageInsightsFilters { + s.Destination = v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetFromEmailAddress sets the FromEmailAddress field's value. +func (s *MessageInsightsFilters) SetFromEmailAddress(v []*string) *MessageInsightsFilters { + s.FromEmailAddress = v + return s } -// SetBody sets the Body field's value. -func (s *Message) SetBody(v *Body) *Message { - s.Body = v +// SetIsp sets the Isp field's value. +func (s *MessageInsightsFilters) SetIsp(v []*string) *MessageInsightsFilters { + s.Isp = v + return s +} + +// SetLastDeliveryEvent sets the LastDeliveryEvent field's value. +func (s *MessageInsightsFilters) SetLastDeliveryEvent(v []*string) *MessageInsightsFilters { + s.LastDeliveryEvent = v + return s +} + +// SetLastEngagementEvent sets the LastEngagementEvent field's value. +func (s *MessageInsightsFilters) SetLastEngagementEvent(v []*string) *MessageInsightsFilters { + s.LastEngagementEvent = v return s } // SetSubject sets the Subject field's value. -func (s *Message) SetSubject(v *Content) *Message { +func (s *MessageInsightsFilters) SetSubject(v []*string) *MessageInsightsFilters { s.Subject = v return s } @@ -18560,6 +20407,117 @@ func (s *MetricDataResult) SetValues(v []*int64) *MetricDataResult { return s } +// An object that contains details about the data source for the metrics export. +type MetricsDataSource struct { + _ struct{} `type:"structure"` + + // An object that contains a mapping between a MetricDimensionName and MetricDimensionValue + // to filter metrics by. Must contain a least 1 dimension but no more than 3 + // unique ones. + // + // Dimensions is a required field + Dimensions map[string][]*string `min:"1" type:"map" required:"true"` + + // Represents the end date for the export interval as a timestamp. + // + // EndDate is a required field + EndDate *time.Time `type:"timestamp" required:"true"` + + // A list of ExportMetric objects to export. + // + // Metrics is a required field + Metrics []*ExportMetric `min:"1" type:"list" required:"true"` + + // The metrics namespace - e.g., VDM. + // + // Namespace is a required field + Namespace *string `type:"string" required:"true" enum:"MetricNamespace"` + + // Represents the start date for the export interval as a timestamp. + // + // StartDate is a required field + StartDate *time.Time `type:"timestamp" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MetricsDataSource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MetricsDataSource) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *MetricsDataSource) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "MetricsDataSource"} + if s.Dimensions == nil { + invalidParams.Add(request.NewErrParamRequired("Dimensions")) + } + if s.Dimensions != nil && len(s.Dimensions) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Dimensions", 1)) + } + if s.EndDate == nil { + invalidParams.Add(request.NewErrParamRequired("EndDate")) + } + if s.Metrics == nil { + invalidParams.Add(request.NewErrParamRequired("Metrics")) + } + if s.Metrics != nil && len(s.Metrics) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Metrics", 1)) + } + if s.Namespace == nil { + invalidParams.Add(request.NewErrParamRequired("Namespace")) + } + if s.StartDate == nil { + invalidParams.Add(request.NewErrParamRequired("StartDate")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDimensions sets the Dimensions field's value. +func (s *MetricsDataSource) SetDimensions(v map[string][]*string) *MetricsDataSource { + s.Dimensions = v + return s +} + +// SetEndDate sets the EndDate field's value. +func (s *MetricsDataSource) SetEndDate(v time.Time) *MetricsDataSource { + s.EndDate = &v + return s +} + +// SetMetrics sets the Metrics field's value. +func (s *MetricsDataSource) SetMetrics(v []*ExportMetric) *MetricsDataSource { + s.Metrics = v + return s +} + +// SetNamespace sets the Namespace field's value. +func (s *MetricsDataSource) SetNamespace(v string) *MetricsDataSource { + s.Namespace = &v + return s +} + +// SetStartDate sets the StartDate field's value. +func (s *MetricsDataSource) SetStartDate(v time.Time) *MetricsDataSource { + s.StartDate = &v + return s +} + // The resource you attempted to access doesn't exist. type NotFoundException struct { _ struct{} `type:"structure"` @@ -23745,6 +25703,26 @@ func BehaviorOnMxFailure_Values() []string { } } +const ( + // BounceTypeUndetermined is a BounceType enum value + BounceTypeUndetermined = "UNDETERMINED" + + // BounceTypeTransient is a BounceType enum value + BounceTypeTransient = "TRANSIENT" + + // BounceTypePermanent is a BounceType enum value + BounceTypePermanent = "PERMANENT" +) + +// BounceType_Values returns all elements of the BounceType enum +func BounceType_Values() []string { + return []string{ + BounceTypeUndetermined, + BounceTypeTransient, + BounceTypePermanent, + } +} + const ( // BulkEmailStatusSuccess is a BulkEmailStatus enum value BulkEmailStatusSuccess = "SUCCESS" @@ -23841,7 +25819,11 @@ func ContactListImportAction_Values() []string { } } -// The data format of the import job's data source. +// The data format of a file, can be one of the following: +// +// - CSV – A comma-separated values file. +// +// - JSON – A JSON file. const ( // DataFormatCsv is a DataFormat enum value DataFormatCsv = "CSV" @@ -23902,6 +25884,64 @@ func DeliverabilityTestStatus_Values() []string { } } +// The type of delivery events: +// +// - SEND - The send request was successful and SES will attempt to deliver +// the message to the recipient’s mail server. (If account-level or global +// suppression is being used, SES will still count it as a send, but delivery +// is suppressed.) +// +// - DELIVERY - SES successfully delivered the email to the recipient's mail +// server. Excludes deliveries to the mailbox simulator and emails addressed +// to more than one recipient. +// +// - TRANSIENT_BOUNCE - Feedback received for delivery failures excluding +// issues with non-existent mailboxes. Excludes bounces from the mailbox +// simulator, and those from emails addressed to more than one recipient. +// +// - PERMANENT_BOUNCE - Feedback received for emails sent to non-existent +// mailboxes. Excludes bounces from the mailbox simulator, those originating +// from your account-level suppression list (if enabled), and those from +// emails addressed to more than one recipient. +// +// - UNDETERMINED_BOUNCE - SES was unable to determine the bounce reason. +// +// - COMPLAINT - Complaint received for the email. This excludes complaints +// from the mailbox simulator, those originating from your account-level +// suppression list (if enabled), and those from emails addressed to more +// than one recipient. +const ( + // DeliveryEventTypeSend is a DeliveryEventType enum value + DeliveryEventTypeSend = "SEND" + + // DeliveryEventTypeDelivery is a DeliveryEventType enum value + DeliveryEventTypeDelivery = "DELIVERY" + + // DeliveryEventTypeTransientBounce is a DeliveryEventType enum value + DeliveryEventTypeTransientBounce = "TRANSIENT_BOUNCE" + + // DeliveryEventTypePermanentBounce is a DeliveryEventType enum value + DeliveryEventTypePermanentBounce = "PERMANENT_BOUNCE" + + // DeliveryEventTypeUndeterminedBounce is a DeliveryEventType enum value + DeliveryEventTypeUndeterminedBounce = "UNDETERMINED_BOUNCE" + + // DeliveryEventTypeComplaint is a DeliveryEventType enum value + DeliveryEventTypeComplaint = "COMPLAINT" +) + +// DeliveryEventType_Values returns all elements of the DeliveryEventType enum +func DeliveryEventType_Values() []string { + return []string{ + DeliveryEventTypeSend, + DeliveryEventTypeDelivery, + DeliveryEventTypeTransientBounce, + DeliveryEventTypePermanentBounce, + DeliveryEventTypeUndeterminedBounce, + DeliveryEventTypeComplaint, + } +} + // The location where the Amazon SES API v2 finds the value of a dimension to // publish to Amazon CloudWatch. To use the message tags that you specify using // an X-SES-MESSAGE-TAGS header or a parameter to the SendEmail or SendRawEmail @@ -24004,6 +26044,29 @@ func DkimStatus_Values() []string { } } +// The type of delivery events: +// +// - OPEN - Open event for emails including open trackers. Excludes opens +// for emails addressed to more than one recipient. +// +// - CLICK - Click event for emails including wrapped links. Excludes clicks +// for emails addressed to more than one recipient. +const ( + // EngagementEventTypeOpen is a EngagementEventType enum value + EngagementEventTypeOpen = "OPEN" + + // EngagementEventTypeClick is a EngagementEventType enum value + EngagementEventTypeClick = "CLICK" +) + +// EngagementEventType_Values returns all elements of the EngagementEventType enum +func EngagementEventType_Values() []string { + return []string{ + EngagementEventTypeOpen, + EngagementEventTypeClick, + } +} + // An email sending event type. For example, email sends, opens, and bounces // are all email events. const ( @@ -24054,6 +26117,27 @@ func EventType_Values() []string { } } +// The type of data source of an export, can be one of the following: +// +// - METRICS_DATA - The metrics export. +// +// - MESSAGE_INSIGHTS - The Message Insights export. +const ( + // ExportSourceTypeMetricsData is a ExportSourceType enum value + ExportSourceTypeMetricsData = "METRICS_DATA" + + // ExportSourceTypeMessageInsights is a ExportSourceType enum value + ExportSourceTypeMessageInsights = "MESSAGE_INSIGHTS" +) + +// ExportSourceType_Values returns all elements of the ExportSourceType enum +func ExportSourceType_Values() []string { + return []string{ + ExportSourceTypeMetricsData, + ExportSourceTypeMessageInsights, + } +} + const ( // FeatureStatusEnabled is a FeatureStatus enum value FeatureStatusEnabled = "ENABLED" @@ -24108,7 +26192,15 @@ func ImportDestinationType_Values() []string { } } -// The status of the import job. +// The status of a job. +// +// - CREATED – Job has just been created. +// +// - PROCESSING – Job is processing. +// +// - ERROR – An error occurred during processing. +// +// - COMPLETED – Job has completed processing successfully. const ( // JobStatusCreated is a JobStatus enum value JobStatusCreated = "CREATED" @@ -24121,6 +26213,9 @@ const ( // JobStatusFailed is a JobStatus enum value JobStatusFailed = "FAILED" + + // JobStatusCancelled is a JobStatus enum value + JobStatusCancelled = "CANCELLED" ) // JobStatus_Values returns all elements of the JobStatus enum @@ -24130,6 +26225,7 @@ func JobStatus_Values() []string { JobStatusProcessing, JobStatusCompleted, JobStatusFailed, + JobStatusCancelled, } } @@ -24220,6 +26316,49 @@ func MailType_Values() []string { } } +// The metric to export, can be one of the following: +// +// - SEND - Emails sent eligible for tracking in the VDM dashboard. This +// excludes emails sent to the mailbox simulator and emails addressed to +// more than one recipient. +// +// - COMPLAINT - Complaints received for your account. This excludes complaints +// from the mailbox simulator, those originating from your account-level +// suppression list (if enabled), and those for emails addressed to more +// than one recipient +// +// - PERMANENT_BOUNCE - Permanent bounces - i.e., feedback received for emails +// sent to non-existent mailboxes. Excludes bounces from the mailbox simulator, +// those originating from your account-level suppression list (if enabled), +// and those for emails addressed to more than one recipient. +// +// - TRANSIENT_BOUNCE - Transient bounces - i.e., feedback received for delivery +// failures excluding issues with non-existent mailboxes. Excludes bounces +// from the mailbox simulator, and those for emails addressed to more than +// one recipient. +// +// - OPEN - Unique open events for emails including open trackers. Excludes +// opens for emails addressed to more than one recipient. +// +// - CLICK - Unique click events for emails including wrapped links. Excludes +// clicks for emails addressed to more than one recipient. +// +// - DELIVERY - Successful deliveries for email sending attempts. Excludes +// deliveries to the mailbox simulator and for emails addressed to more than +// one recipient. +// +// - DELIVERY_OPEN - Successful deliveries for email sending attempts. Excludes +// deliveries to the mailbox simulator, for emails addressed to more than +// one recipient, and emails without open trackers. +// +// - DELIVERY_CLICK - Successful deliveries for email sending attempts. Excludes +// deliveries to the mailbox simulator, for emails addressed to more than +// one recipient, and emails without click trackers. +// +// - DELIVERY_COMPLAINT - Successful deliveries for email sending attempts. +// Excludes deliveries to the mailbox simulator, for emails addressed to +// more than one recipient, and emails addressed to recipients hosted by +// ISPs with which Amazon SES does not have a feedback loop agreement. const ( // MetricSend is a Metric enum value MetricSend = "SEND" @@ -24268,6 +26407,27 @@ func Metric_Values() []string { } } +// The aggregation to apply to a metric, can be one of the following: +// +// - VOLUME - The volume of events for this metric. +// +// - RATE - The rate for this metric relative to the SEND metric volume. +const ( + // MetricAggregationRate is a MetricAggregation enum value + MetricAggregationRate = "RATE" + + // MetricAggregationVolume is a MetricAggregation enum value + MetricAggregationVolume = "VOLUME" +) + +// MetricAggregation_Values returns all elements of the MetricAggregation enum +func MetricAggregation_Values() []string { + return []string{ + MetricAggregationRate, + MetricAggregationVolume, + } +} + // The BatchGetMetricDataQuery dimension name. This can be one of the following: // // - EMAIL_IDENTITY – The email identity used when sending messages. diff --git a/service/sesv2/examples_test.go b/service/sesv2/examples_test.go index 3b6bdbc440e..3139d25b3c4 100644 --- a/service/sesv2/examples_test.go +++ b/service/sesv2/examples_test.go @@ -25,6 +25,248 @@ func parseTime(layout, value string) *time.Time { return &t } +// Cancel export job +// Cancels the export job with ID ef28cf62-9d8e-4b60-9283-b09816c99a99 +func ExampleSESV2_CancelExportJob_shared00() { + svc := sesv2.New(session.New()) + input := &sesv2.CancelExportJobInput{ + JobId: aws.String("ef28cf62-9d8e-4b60-9283-b09816c99a99"), + } + + result, err := svc.CancelExportJob(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case sesv2.ErrCodeNotFoundException: + fmt.Println(sesv2.ErrCodeNotFoundException, aerr.Error()) + case sesv2.ErrCodeBadRequestException: + fmt.Println(sesv2.ErrCodeBadRequestException, aerr.Error()) + case sesv2.ErrCodeTooManyRequestsException: + fmt.Println(sesv2.ErrCodeTooManyRequestsException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// Create Metrics export job +// Creates a new export job for Metrics data +func ExampleSESV2_CreateExportJob_shared00() { + svc := sesv2.New(session.New()) + input := &sesv2.CreateExportJobInput{ + ExportDataSource: &sesv2.ExportDataSource{ + MetricsDataSource: &sesv2.MetricsDataSource{ + Dimensions: map[string][]*string{ + "ISP": { + aws.String("*"), + }, + }, + EndDate: parseTime("2006-01-02T15:04:05.999999999Z", "2023-07-02T00:00:00"), + Metrics: []*sesv2.ExportMetric{ + { + Aggregation: aws.String("VOLUME"), + Name: aws.String("SEND"), + }, + { + Aggregation: aws.String("VOLUME"), + Name: aws.String("COMPLAINT"), + }, + { + Aggregation: aws.String("RATE"), + Name: aws.String("COMPLAINT"), + }, + }, + Namespace: aws.String("VDM"), + StartDate: parseTime("2006-01-02T15:04:05.999999999Z", "2023-07-01T00:00:00"), + }, + }, + ExportDestination: &sesv2.ExportDestination{ + DataFormat: aws.String("CSV"), + }, + } + + result, err := svc.CreateExportJob(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case sesv2.ErrCodeBadRequestException: + fmt.Println(sesv2.ErrCodeBadRequestException, aerr.Error()) + case sesv2.ErrCodeTooManyRequestsException: + fmt.Println(sesv2.ErrCodeTooManyRequestsException, aerr.Error()) + case sesv2.ErrCodeNotFoundException: + fmt.Println(sesv2.ErrCodeNotFoundException, aerr.Error()) + case sesv2.ErrCodeLimitExceededException: + fmt.Println(sesv2.ErrCodeLimitExceededException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// Create Message Insights export job +// Creates a new export job for Message Insights data +func ExampleSESV2_CreateExportJob_shared01() { + svc := sesv2.New(session.New()) + input := &sesv2.CreateExportJobInput{ + ExportDataSource: &sesv2.ExportDataSource{ + MessageInsightsDataSource: &sesv2.MessageInsightsDataSource{ + EndDate: parseTime("2006-01-02T15:04:05.999999999Z", "2023-07-02T00:00:00"), + Exclude: &sesv2.MessageInsightsFilters{ + FromEmailAddress: []*string{ + aws.String("hello@example.com"), + }, + }, + Include: &sesv2.MessageInsightsFilters{ + Subject: []*string{ + aws.String("Hello"), + }, + }, + StartDate: parseTime("2006-01-02T15:04:05.999999999Z", "2023-07-01T00:00:00"), + }, + }, + ExportDestination: &sesv2.ExportDestination{ + DataFormat: aws.String("CSV"), + }, + } + + result, err := svc.CreateExportJob(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case sesv2.ErrCodeBadRequestException: + fmt.Println(sesv2.ErrCodeBadRequestException, aerr.Error()) + case sesv2.ErrCodeTooManyRequestsException: + fmt.Println(sesv2.ErrCodeTooManyRequestsException, aerr.Error()) + case sesv2.ErrCodeNotFoundException: + fmt.Println(sesv2.ErrCodeNotFoundException, aerr.Error()) + case sesv2.ErrCodeLimitExceededException: + fmt.Println(sesv2.ErrCodeLimitExceededException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// Get export job +// Gets the export job with ID ef28cf62-9d8e-4b60-9283-b09816c99a99 +func ExampleSESV2_GetExportJob_shared00() { + svc := sesv2.New(session.New()) + input := &sesv2.GetExportJobInput{ + JobId: aws.String("ef28cf62-9d8e-4b60-9283-b09816c99a99"), + } + + result, err := svc.GetExportJob(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case sesv2.ErrCodeBadRequestException: + fmt.Println(sesv2.ErrCodeBadRequestException, aerr.Error()) + case sesv2.ErrCodeNotFoundException: + fmt.Println(sesv2.ErrCodeNotFoundException, aerr.Error()) + case sesv2.ErrCodeTooManyRequestsException: + fmt.Println(sesv2.ErrCodeTooManyRequestsException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// Get Message Insights +// Provides information about a specific message. +func ExampleSESV2_GetMessageInsights_shared00() { + svc := sesv2.New(session.New()) + input := &sesv2.GetMessageInsightsInput{ + MessageId: aws.String("000000000000ab00-0a000aa0-1234-0a0a-1234-0a0aaa0aa00a-000000"), + } + + result, err := svc.GetMessageInsights(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case sesv2.ErrCodeNotFoundException: + fmt.Println(sesv2.ErrCodeNotFoundException, aerr.Error()) + case sesv2.ErrCodeTooManyRequestsException: + fmt.Println(sesv2.ErrCodeTooManyRequestsException, aerr.Error()) + case sesv2.ErrCodeBadRequestException: + fmt.Println(sesv2.ErrCodeBadRequestException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + +// List export jobs +// Lists export jobs of type METRICS_DATA and status PROCESSING +func ExampleSESV2_ListExportJobs_shared00() { + svc := sesv2.New(session.New()) + input := &sesv2.ListExportJobsInput{ + ExportSourceType: aws.String("METRICS_DATA"), + JobStatus: aws.String("PROCESSING"), + PageSize: aws.Int64(25), + } + + result, err := svc.ListExportJobs(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok { + switch aerr.Code() { + case sesv2.ErrCodeTooManyRequestsException: + fmt.Println(sesv2.ErrCodeTooManyRequestsException, aerr.Error()) + case sesv2.ErrCodeBadRequestException: + fmt.Println(sesv2.ErrCodeBadRequestException, aerr.Error()) + default: + fmt.Println(aerr.Error()) + } + } else { + // Print the error, cast err to awserr.Error to get the Code and + // Message from an error. + fmt.Println(err.Error()) + } + return + } + + fmt.Println(result) +} + // Used to convert a dedicated IP pool to a different scaling mode. // This example converts a dedicated IP pool from STANDARD to MANAGED. func ExampleSESV2_PutDedicatedIpPoolScalingAttributes_shared00() { diff --git a/service/sesv2/sesv2iface/interface.go b/service/sesv2/sesv2iface/interface.go index c2ffa7208c5..f5346793d7d 100644 --- a/service/sesv2/sesv2iface/interface.go +++ b/service/sesv2/sesv2iface/interface.go @@ -64,6 +64,10 @@ type SESV2API interface { BatchGetMetricDataWithContext(aws.Context, *sesv2.BatchGetMetricDataInput, ...request.Option) (*sesv2.BatchGetMetricDataOutput, error) BatchGetMetricDataRequest(*sesv2.BatchGetMetricDataInput) (*request.Request, *sesv2.BatchGetMetricDataOutput) + CancelExportJob(*sesv2.CancelExportJobInput) (*sesv2.CancelExportJobOutput, error) + CancelExportJobWithContext(aws.Context, *sesv2.CancelExportJobInput, ...request.Option) (*sesv2.CancelExportJobOutput, error) + CancelExportJobRequest(*sesv2.CancelExportJobInput) (*request.Request, *sesv2.CancelExportJobOutput) + CreateConfigurationSet(*sesv2.CreateConfigurationSetInput) (*sesv2.CreateConfigurationSetOutput, error) CreateConfigurationSetWithContext(aws.Context, *sesv2.CreateConfigurationSetInput, ...request.Option) (*sesv2.CreateConfigurationSetOutput, error) CreateConfigurationSetRequest(*sesv2.CreateConfigurationSetInput) (*request.Request, *sesv2.CreateConfigurationSetOutput) @@ -104,6 +108,10 @@ type SESV2API interface { CreateEmailTemplateWithContext(aws.Context, *sesv2.CreateEmailTemplateInput, ...request.Option) (*sesv2.CreateEmailTemplateOutput, error) CreateEmailTemplateRequest(*sesv2.CreateEmailTemplateInput) (*request.Request, *sesv2.CreateEmailTemplateOutput) + CreateExportJob(*sesv2.CreateExportJobInput) (*sesv2.CreateExportJobOutput, error) + CreateExportJobWithContext(aws.Context, *sesv2.CreateExportJobInput, ...request.Option) (*sesv2.CreateExportJobOutput, error) + CreateExportJobRequest(*sesv2.CreateExportJobInput) (*request.Request, *sesv2.CreateExportJobOutput) + CreateImportJob(*sesv2.CreateImportJobInput) (*sesv2.CreateImportJobOutput, error) CreateImportJobWithContext(aws.Context, *sesv2.CreateImportJobInput, ...request.Option) (*sesv2.CreateImportJobOutput, error) CreateImportJobRequest(*sesv2.CreateImportJobInput) (*request.Request, *sesv2.CreateImportJobOutput) @@ -219,10 +227,18 @@ type SESV2API interface { GetEmailTemplateWithContext(aws.Context, *sesv2.GetEmailTemplateInput, ...request.Option) (*sesv2.GetEmailTemplateOutput, error) GetEmailTemplateRequest(*sesv2.GetEmailTemplateInput) (*request.Request, *sesv2.GetEmailTemplateOutput) + GetExportJob(*sesv2.GetExportJobInput) (*sesv2.GetExportJobOutput, error) + GetExportJobWithContext(aws.Context, *sesv2.GetExportJobInput, ...request.Option) (*sesv2.GetExportJobOutput, error) + GetExportJobRequest(*sesv2.GetExportJobInput) (*request.Request, *sesv2.GetExportJobOutput) + GetImportJob(*sesv2.GetImportJobInput) (*sesv2.GetImportJobOutput, error) GetImportJobWithContext(aws.Context, *sesv2.GetImportJobInput, ...request.Option) (*sesv2.GetImportJobOutput, error) GetImportJobRequest(*sesv2.GetImportJobInput) (*request.Request, *sesv2.GetImportJobOutput) + GetMessageInsights(*sesv2.GetMessageInsightsInput) (*sesv2.GetMessageInsightsOutput, error) + GetMessageInsightsWithContext(aws.Context, *sesv2.GetMessageInsightsInput, ...request.Option) (*sesv2.GetMessageInsightsOutput, error) + GetMessageInsightsRequest(*sesv2.GetMessageInsightsInput) (*request.Request, *sesv2.GetMessageInsightsOutput) + GetSuppressedDestination(*sesv2.GetSuppressedDestinationInput) (*sesv2.GetSuppressedDestinationOutput, error) GetSuppressedDestinationWithContext(aws.Context, *sesv2.GetSuppressedDestinationInput, ...request.Option) (*sesv2.GetSuppressedDestinationOutput, error) GetSuppressedDestinationRequest(*sesv2.GetSuppressedDestinationInput) (*request.Request, *sesv2.GetSuppressedDestinationOutput) @@ -290,6 +306,13 @@ type SESV2API interface { ListEmailTemplatesPages(*sesv2.ListEmailTemplatesInput, func(*sesv2.ListEmailTemplatesOutput, bool) bool) error ListEmailTemplatesPagesWithContext(aws.Context, *sesv2.ListEmailTemplatesInput, func(*sesv2.ListEmailTemplatesOutput, bool) bool, ...request.Option) error + ListExportJobs(*sesv2.ListExportJobsInput) (*sesv2.ListExportJobsOutput, error) + ListExportJobsWithContext(aws.Context, *sesv2.ListExportJobsInput, ...request.Option) (*sesv2.ListExportJobsOutput, error) + ListExportJobsRequest(*sesv2.ListExportJobsInput) (*request.Request, *sesv2.ListExportJobsOutput) + + ListExportJobsPages(*sesv2.ListExportJobsInput, func(*sesv2.ListExportJobsOutput, bool) bool) error + ListExportJobsPagesWithContext(aws.Context, *sesv2.ListExportJobsInput, func(*sesv2.ListExportJobsOutput, bool) bool, ...request.Option) error + ListImportJobs(*sesv2.ListImportJobsInput) (*sesv2.ListImportJobsOutput, error) ListImportJobsWithContext(aws.Context, *sesv2.ListImportJobsInput, ...request.Option) (*sesv2.ListImportJobsOutput, error) ListImportJobsRequest(*sesv2.ListImportJobsInput) (*request.Request, *sesv2.ListImportJobsOutput) From 460e7161c8a2d802513236e5712c765643e0cd6c Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Tue, 29 Aug 2023 16:12:13 -0400 Subject: [PATCH 12/17] Modify and Merge eks auth syntax --- aws/credentials/endpointcreds/provider.go | 12 ++++++------ aws/credentials/endpointcreds/provider_test.go | 4 ++-- aws/defaults/defaults.go | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/aws/credentials/endpointcreds/provider.go b/aws/credentials/endpointcreds/provider.go index 4007d77b388..03face559ea 100644 --- a/aws/credentials/endpointcreds/provider.go +++ b/aws/credentials/endpointcreds/provider.go @@ -96,12 +96,12 @@ type AuthTokenProvider interface { GetToken() (string, error) } -// TokenProvider is a func type implementing AuthTokenProvider interface +// TokenProviderFunc is a func type implementing AuthTokenProvider interface // and enables customizing token provider behavior -type TokenProvider func() (string, error) +type TokenProviderFunc func() (string, error) -// GetToken func retrieves auth token according to TokenProvider implementation -func (p TokenProvider) GetToken() (string, error) { +// GetToken func retrieves auth token according to TokenProviderFunc implementation +func (p TokenProviderFunc) GetToken() (string, error) { return p() } @@ -203,12 +203,12 @@ func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error if p.AuthorizationTokenProvider != nil { authToken, err = p.AuthorizationTokenProvider.GetToken() if err != nil { - return &getCredentialsOutput{}, err + return nil, fmt.Errorf("get authorization token: %v", err) } } if strings.ContainsAny(authToken, "\r\n") { - return &getCredentialsOutput{}, fmt.Errorf("authorization token contains invalid newline sequence") + return nil, fmt.Errorf("authorization token contains invalid newline sequence") } if len(authToken) != 0 { req.HTTPRequest.Header.Set("Authorization", authToken) diff --git a/aws/credentials/endpointcreds/provider_test.go b/aws/credentials/endpointcreds/provider_test.go index cb9b5f73215..00c0fac23b8 100644 --- a/aws/credentials/endpointcreds/provider_test.go +++ b/aws/credentials/endpointcreds/provider_test.go @@ -177,7 +177,7 @@ func TestAuthorizationToken(t *testing.T) { ExpectPath: "/path/to/endpoint", ServerPath: "/path/to/endpoint?something=else", AuthToken: "Basic abc123", - AuthTokenProvider: endpointcreds.TokenProvider(func() (string, error) { + AuthTokenProvider: endpointcreds.TokenProviderFunc(func() (string, error) { return "Hello %20world", nil }), ExpectAuthToken: "Hello %20world", @@ -186,7 +186,7 @@ func TestAuthorizationToken(t *testing.T) { ExpectPath: "/path/to/endpoint", ServerPath: "/path/to/endpoint?something=else", AuthToken: "Basic abc123", - AuthTokenProvider: endpointcreds.TokenProvider(func() (string, error) { + AuthTokenProvider: endpointcreds.TokenProviderFunc(func() (string, error) { return "", fmt.Errorf("test error") }), ExpectAuthToken: "Hello %20world", diff --git a/aws/defaults/defaults.go b/aws/defaults/defaults.go index 94ffc12f488..88099f006ef 100644 --- a/aws/defaults/defaults.go +++ b/aws/defaults/defaults.go @@ -208,7 +208,7 @@ func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) crede p.ExpiryWindow = 5 * time.Minute p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar) if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { - p.AuthorizationTokenProvider = endpointcreds.TokenProvider(func() (string, error) { + p.AuthorizationTokenProvider = endpointcreds.TokenProviderFunc(func() (string, error) { if contents, err := ioutil.ReadFile(authFilePath); err != nil { return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) } else { From bcc4451db167837d314912ff667b2975eaba34af Mon Sep 17 00:00:00 2001 From: Luc Talatinian Date: Tue, 29 Aug 2023 19:35:25 -0400 Subject: [PATCH 13/17] allow ipv6 eks host --- aws/defaults/defaults.go | 51 +++++++++++++++++++++++------------ aws/defaults/defaults_test.go | 15 ++++++++--- 2 files changed, 45 insertions(+), 21 deletions(-) diff --git a/aws/defaults/defaults.go b/aws/defaults/defaults.go index 88099f006ef..98278141935 100644 --- a/aws/defaults/defaults.go +++ b/aws/defaults/defaults.go @@ -117,10 +117,29 @@ const ( httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN" httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI" - ecsContainerHost = "169.254.170.2" - eksContainerHost = "169.254.170.23" ) +// direct representation of the IPv4 address for the ECS container +// "169.254.170.2" +var ecsContainerIPv4 net.IP = []byte{ + 169, 254, 170, 2, +} + +// direct representation of the IPv4 address for the EKS container +// "169.254.170.23" +var eksContainerIPv4 net.IP = []byte{ + 169, 254, 170, 23, +} + +// direct representation of the IPv6 address for the EKS container +// "fd00:ec2::23" +var eksContainerIPv6 net.IP = []byte{ + 0xFD, 0, 0xE, 0xC2, + 0, 0, 0, 0, + 0, 0, 0, 0, + 0, 0, 0, 0x23, +} + // RemoteCredProvider returns a credentials provider for the default remote // endpoints such as EC2 or ECS Roles. func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.Provider { @@ -138,20 +157,22 @@ func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.P var lookupHostFn = net.LookupHost -// isAllowedHost allows host to be loopback host,ECS container host 169.254.170.2 -// and EKS container host 169.254.170.23 +// isAllowedHost allows host to be loopback or known ECS/EKS container IPs +// +// host can either be an IP address OR an unresolved hostname - resolution will +// be automatically performed in the latter case func isAllowedHost(host string) (bool, error) { - if isHostAllowed(host) { - return true, nil + if ip := net.ParseIP(host); ip != nil { + return isIPAllowed(ip), nil } - // Host is not an ip, perform lookup addrs, err := lookupHostFn(host) if err != nil { return false, err } + for _, addr := range addrs { - if !isHostAllowed(addr) { + if ip := net.ParseIP(addr); ip == nil || !isIPAllowed(ip) { return false, nil } } @@ -159,15 +180,11 @@ func isAllowedHost(host string) (bool, error) { return true, nil } -func isHostAllowed(host string) bool { - if host == ecsContainerHost || host == eksContainerHost { - return true - } - ip := net.ParseIP(host) - if ip != nil { - return ip.IsLoopback() - } - return false +func isIPAllowed(ip net.IP) bool { + return ip.IsLoopback() || + ip.Equal(ecsContainerIPv4) || + ip.Equal(eksContainerIPv4) || + ip.Equal(eksContainerIPv6) } func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { diff --git a/aws/defaults/defaults_test.go b/aws/defaults/defaults_test.go index c8bdf0eeb48..ee29a221104 100644 --- a/aws/defaults/defaults_test.go +++ b/aws/defaults/defaults_test.go @@ -23,10 +23,12 @@ func TestHTTPCredProvider(t *testing.T) { Addrs []string Err error }{ - "localhost": {Addrs: []string{"::1", "127.0.0.1"}}, - "actuallylocal": {Addrs: []string{"127.0.0.2"}}, - "notlocal": {Addrs: []string{"::1", "127.0.0.1", "192.168.1.10"}}, - "www.example.com": {Addrs: []string{"10.10.10.10"}}, + "localhost": {Addrs: []string{"::1", "127.0.0.1"}}, + "actuallylocal": {Addrs: []string{"127.0.0.2"}}, + "notlocal": {Addrs: []string{"::1", "127.0.0.1", "192.168.1.10"}}, + "www.example.com": {Addrs: []string{"10.10.10.10"}}, + "www.eks.legit.com": {Addrs: []string{"fd00:ec2::23"}}, + "www.eks.scary.com": {Addrs: []string{"fd00:ec3::23"}}, } h, ok := m[host] @@ -51,6 +53,11 @@ func TestHTTPCredProvider(t *testing.T) { {Host: "www.example.com", Fail: true}, {Host: "169.254.170.2", Fail: false}, {Host: "169.254.170.23", Fail: false}, + {Host: "[fd00:ec2::23]", Fail: false}, + {Host: "[fd00:ec2:0::23]", Fail: false}, + {Host: "[fd00:ec2:0:1::23]", Fail: true}, + {Host: "www.eks.legit.com", Fail: false}, + {Host: "www.eks.scary.com", Fail: true}, {Host: "localhost", Fail: false, AuthToken: "Basic abc123"}, } From 98515f320cc6677e7655f760d5e756c21d35cfeb Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Wed, 30 Aug 2023 10:50:26 -0400 Subject: [PATCH 14/17] Modify and Merge comment --- aws/credentials/endpointcreds/provider.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/aws/credentials/endpointcreds/provider.go b/aws/credentials/endpointcreds/provider.go index 03face559ea..ca8b116879c 100644 --- a/aws/credentials/endpointcreds/provider.go +++ b/aws/credentials/endpointcreds/provider.go @@ -14,7 +14,7 @@ // // Refreshable credentials will expire within the "ExpiryWindow" of the Expiration // value in the response. The format of the refreshable credentials response: -// { +// { // "AccessKeyId" : "MUA...", // "SecretAccessKey" : "/7PC5om....", // "Token" : "AQoDY....=", @@ -23,7 +23,6 @@ // // Errors should be returned in the following format and only returned with 400 // or 500 HTTP status codes. - // { // "code": "ErrorCode", // "message": "Helpful error message." From 47a47018c88c05981991016da822daf36223dea4 Mon Sep 17 00:00:00 2001 From: Tianyi Wang Date: Wed, 30 Aug 2023 10:53:00 -0400 Subject: [PATCH 15/17] Modify and Merge comment format --- aws/credentials/endpointcreds/provider.go | 28 +++++++++++------------ 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/aws/credentials/endpointcreds/provider.go b/aws/credentials/endpointcreds/provider.go index ca8b116879c..329f788a38a 100644 --- a/aws/credentials/endpointcreds/provider.go +++ b/aws/credentials/endpointcreds/provider.go @@ -7,26 +7,26 @@ // // Static credentials will never expire once they have been retrieved. The format // of the static credentials response: -// { -// "AccessKeyId" : "MUA...", -// "SecretAccessKey" : "/7PC5om....", -// } +// { +// "AccessKeyId" : "MUA...", +// "SecretAccessKey" : "/7PC5om....", +// } // // Refreshable credentials will expire within the "ExpiryWindow" of the Expiration // value in the response. The format of the refreshable credentials response: -// { -// "AccessKeyId" : "MUA...", -// "SecretAccessKey" : "/7PC5om....", -// "Token" : "AQoDY....=", -// "Expiration" : "2016-02-25T06:03:31Z" -// } +// { +// "AccessKeyId" : "MUA...", +// "SecretAccessKey" : "/7PC5om....", +// "Token" : "AQoDY....=", +// "Expiration" : "2016-02-25T06:03:31Z" +// } // // Errors should be returned in the following format and only returned with 400 // or 500 HTTP status codes. -// { -// "code": "ErrorCode", -// "message": "Helpful error message." -// } +// { +// "code": "ErrorCode", +// "message": "Helpful error message." +// } package endpointcreds import ( From 7195c34b174c50ab8e6e75cff490f6275fb8388e Mon Sep 17 00:00:00 2001 From: Luc Talatinian <102624213+lucix-aws@users.noreply.github.com> Date: Mon, 13 Nov 2023 13:55:28 -0500 Subject: [PATCH 16/17] Update CHANGELOG_PENDING.md --- CHANGELOG_PENDING.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md index b24b0d10e85..880d500f17a 100644 --- a/CHANGELOG_PENDING.md +++ b/CHANGELOG_PENDING.md @@ -3,5 +3,5 @@ ### SDK Enhancements ### SDK Bugs -* `aws/defaults`: Modify http credential provider resolving logic to allow EKS/ECS container host and auth token file. - * Fix http cred provider only allows local hosts endpoint and auth token directly set in env var \ No newline at end of file +* `aws/defaults`: endpoint credentials provider: add support for dynamic auth token from file and EKS container host in absolute/relative URIs. + * Supports upcoming IRSAv2 authentication in EKS. \ No newline at end of file From 0b32bd70c33c5cb0e857fe5e04cecb102ef3239f Mon Sep 17 00:00:00 2001 From: Luc Talatinian <102624213+lucix-aws@users.noreply.github.com> Date: Mon, 13 Nov 2023 17:29:24 -0500 Subject: [PATCH 17/17] Update CHANGELOG_PENDING.md --- CHANGELOG_PENDING.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md index 880d500f17a..388b1943547 100644 --- a/CHANGELOG_PENDING.md +++ b/CHANGELOG_PENDING.md @@ -3,5 +3,5 @@ ### SDK Enhancements ### SDK Bugs -* `aws/defaults`: endpoint credentials provider: add support for dynamic auth token from file and EKS container host in absolute/relative URIs. - * Supports upcoming IRSAv2 authentication in EKS. \ No newline at end of file +* `aws/defaults`: Feature updates to endpoint credentials provider. + * Add support for dynamic auth token from file and EKS container host in configured URI. \ No newline at end of file