Creates an EFS access point. An access point is an application-specific view into an EFS file system that applies an operating system user and group, and a file system path, to any file system request made through the access point. The operating system user and group override any identity information provided by the NFS client. The file system path is exposed as the access point's root directory. Applications using the access point can only access data in the application's own directory and any subdirectories. To learn more, see Mounting a file system using EFS access points.
If multiple requests to create access points on the same file system are sent in quick succession, and the file system is near the limit of 1000 access points, you may experience a throttling response for these requests. This is to ensure that the file system does not exceed the stated access point limit.
This operation requires permissions for the elasticfilesystem:CreateAccessPoint action.
Creates a new, empty file system. The operation requires a creation token in the request that Amazon EFS uses to ensure idempotent creation (calling the operation with same creation token has no effect). If a file system does not currently exist that is owned by the caller's Amazon Web Services account with the specified creation token, this operation does the following:
Creates a new, empty file system. The file system will have an Amazon EFS assigned ID, and an initial lifecycle state creating.
Returns with the description of the created file system.
Otherwise, this operation returns a FileSystemAlreadyExists error with the ID of the existing file system.
For basic use cases, you can use a randomly generated UUID for the creation token.
The idempotent operation allows you to retry a CreateFileSystem call without risk of creating an extra file system. This can happen when an initial call fails in a way that leaves it uncertain whether or not a file system was actually created. An example might be that a transport level timeout occurred or your connection was reset. As long as you use the same creation token, if the initial call had succeeded in creating a file system, the client can learn of its existence from the FileSystemAlreadyExists error.
For more information, see Creating a file system in the Amazon EFS User Guide.
The CreateFileSystem call returns while the file system's lifecycle state is still creating. You can check the file system creation status by calling the DescribeFileSystems operation, which among other things returns the file system state.
This operation accepts an optional PerformanceMode parameter that you choose for your file system. We recommend generalPurpose performance mode for most file systems. File systems using the maxIO performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. For more information, see Amazon EFS performance modes.
You can set the throughput mode for the file system using the ThroughputMode parameter.
After the file system is fully created, Amazon EFS sets its lifecycle state to available, at which point you can create one or more mount targets for the file system in your VPC. For more information, see CreateMountTarget. You mount your Amazon EFS file system on an EC2 instances in your VPC by using the mount target. For more information, see Amazon EFS: How it Works.
This operation requires permissions for the elasticfilesystem:CreateFileSystem action.
Creates a mount target for a file system. You can then mount the file system on EC2 instances by using the mount target.
You can create one mount target in each Availability Zone in your VPC. All EC2 instances in a VPC within a given Availability Zone share a single mount target for a given file system. If you have multiple subnets in an Availability Zone, you create a mount target in one of the subnets. EC2 instances do not need to be in the same subnet as the mount target in order to access their file system.
You can create only one mount target for an EFS file system using One Zone storage classes. You must create that mount target in the same Availability Zone in which the file system is located. Use the AvailabilityZoneName and AvailabiltyZoneId properties in the DescribeFileSystems response object to get this information. Use the subnetId associated with the file system's Availability Zone when creating the mount target.
For more information, see Amazon EFS: How it Works.
To create a mount target for a file system, the file system's lifecycle state must be available. For more information, see DescribeFileSystems.
In the request, provide the following:
The file system ID for which you are creating the mount target.
A subnet ID, which determines the following:
The VPC in which Amazon EFS creates the mount target
The Availability Zone in which Amazon EFS creates the mount target
The IP address range from which Amazon EFS selects the IP address of the mount target (if you don't specify an IP address in the request)
After creating the mount target, Amazon EFS returns a response that includes, a MountTargetId and an IpAddress. You use this IP address when mounting the file system in an EC2 instance. You can also use the mount target's DNS name when mounting the file system. The EC2 instance on which you mount the file system by using the mount target can resolve the mount target's DNS name to its IP address. For more information, see How it Works: Implementation Overview.
Note that you can create mount targets for a file system in only one VPC, and there can be only one mount target per Availability Zone. That is, if the file system already has one or more mount targets created for it, the subnet specified in the request to add another mount target must meet the following requirements:
Must belong to the same VPC as the subnets of the existing mount targets
Must not be in the same Availability Zone as any of the subnets of the existing mount targets
If the request satisfies the requirements, Amazon EFS does the following:
Creates a new mount target in the specified subnet.
Also creates a new network interface in the subnet as follows:
If the request provides an IpAddress, Amazon EFS assigns that IP address to the network interface. Otherwise, Amazon EFS assigns a free address in the subnet (in the same way that the Amazon EC2 CreateNetworkInterface call does when a request does not specify a primary private IP address).
If the request provides SecurityGroups, this network interface is associated with those security groups. Otherwise, it belongs to the default security group for the subnet's VPC.
Assigns the description Mount target fsmt-id for file system fs-id where fsmt-id is the mount target ID, and fs-id is the FileSystemId.
Sets the requesterManaged property of the network interface to true, and the requesterId value to EFS.
Each Amazon EFS mount target has one corresponding requester-managed EC2 network interface. After the network interface is created, Amazon EFS sets the NetworkInterfaceId field in the mount target's description to the network interface ID, and the IpAddress field to its address. If network interface creation fails, the entire CreateMountTarget operation fails.
The CreateMountTarget call returns only after creating the network interface, but while the mount target state is still creating, you can check the mount target creation status by calling the DescribeMountTargets operation, which among other things returns the mount target state.
We recommend that you create a mount target in each of the Availability Zones. There are cost considerations for using a file system in an Availability Zone through a mount target created in another Availability Zone. For more information, see Amazon EFS. In addition, by always using a mount target local to the instance's Availability Zone, you eliminate a partial failure scenario. If the Availability Zone in which your mount target is created goes down, then you can't access your file system through that mount target.
This operation requires permissions for the following action on the file system:
elasticfilesystem:CreateMountTarget
This operation also requires permissions for the following Amazon EC2 actions:
ec2:DescribeSubnets
ec2:DescribeNetworkInterfaces
ec2:CreateNetworkInterface
Creates a replication configuration that replicates an existing EFS file system to a new, read-only file system. For more information, see Amazon EFS replication in the Amazon EFS User Guide. The replication configuration specifies the following:
Source file system - An existing EFS file system that you want replicated. The source file system cannot be a destination file system in an existing replication configuration.
Destination file system configuration - The configuration of the destination file system to which the source file system will be replicated. There can only be one destination file system in a replication configuration. The destination file system configuration consists of the following properties:
Amazon Web Services Region - The Amazon Web Services Region in which the destination file system is created. Amazon EFS replication is available in all Amazon Web Services Regions that Amazon EFS is available in, except Africa (Cape Town), Asia Pacific (Hong Kong), Asia Pacific (Jakarta), Europe (Milan), and Middle East (Bahrain).
Availability Zone - If you want the destination file system to use EFS One Zone availability and durability, you must specify the Availability Zone to create the file system in. For more information about EFS storage classes, see Amazon EFS storage classes in the Amazon EFS User Guide.
Encryption - All destination file systems are created with encryption at rest enabled. You can specify the Key Management Service (KMS) key that is used to encrypt the destination file system. If you don't specify a KMS key, your service-managed KMS key for Amazon EFS is used.
After the file system is created, you cannot change the KMS key.
The following properties are set by default:
Performance mode - The destination file system's performance mode matches that of the source file system, unless the destination file system uses EFS One Zone storage. In that case, the General Purpose performance mode is used. The performance mode cannot be changed.
Throughput mode - The destination file system uses the Bursting Throughput mode by default. After the file system is created, you can modify the throughput mode.
The following properties are turned off by default:
Lifecycle management - EFS lifecycle management and EFS Intelligent-Tiering are not enabled on the destination file system. After the destination file system is created, you can enable EFS lifecycle management and EFS Intelligent-Tiering.
Automatic backups - Automatic daily backups not enabled on the destination file system. After the file system is created, you can change this setting.
For more information, see Amazon EFS replication in the Amazon EFS User Guide.
", + "CreateReplicationConfiguration": "Creates a replication configuration that replicates an existing EFS file system to a new, read-only file system. For more information, see Amazon EFS replication in the Amazon EFS User Guide. The replication configuration specifies the following:
Source file system - An existing EFS file system that you want replicated. The source file system cannot be a destination file system in an existing replication configuration.
Destination file system configuration - The configuration of the destination file system to which the source file system will be replicated. There can only be one destination file system in a replication configuration. The destination file system configuration consists of the following properties:
Amazon Web Services Region - The Amazon Web Services Region in which the destination file system is created. Amazon EFS replication is available in all Amazon Web Services Regions that Amazon EFS is available in, except Africa (Cape Town), Asia Pacific (Hong Kong), Asia Pacific (Jakarta), Europe (Milan), and Middle East (Bahrain).
Availability Zone - If you want the destination file system to use EFS One Zone availability and durability, you must specify the Availability Zone to create the file system in. For more information about EFS storage classes, see Amazon EFS storage classes in the Amazon EFS User Guide.
Encryption - All destination file systems are created with encryption at rest enabled. You can specify the Key Management Service (KMS) key that is used to encrypt the destination file system. If you don't specify a KMS key, your service-managed KMS key for Amazon EFS is used.
After the file system is created, you cannot change the KMS key.
The following properties are set by default:
Performance mode - The destination file system's performance mode matches that of the source file system, unless the destination file system uses EFS One Zone storage. In that case, the General Purpose performance mode is used. The performance mode cannot be changed.
Throughput mode - The destination file system's throughput mode matches that of the source file system. After the file system is created, you can modify the throughput mode.
The following properties are turned off by default:
Lifecycle management - EFS lifecycle management and EFS Intelligent-Tiering are not enabled on the destination file system. After the destination file system is created, you can enable EFS lifecycle management and EFS Intelligent-Tiering.
Automatic backups - Automatic daily backups not enabled on the destination file system. After the file system is created, you can change this setting.
For more information, see Amazon EFS replication in the Amazon EFS User Guide.
", "CreateTags": "DEPRECATED - CreateTags is deprecated and not maintained. To create tags for EFS resources, use the API action.
Creates or overwrites tags associated with a file system. Each tag is a key-value pair. If a tag key specified in the request already exists on the file system, this operation overwrites its value with the value provided in the request. If you add the Name tag to your file system, Amazon EFS returns it in the response to the DescribeFileSystems operation.
This operation requires permission for the elasticfilesystem:CreateTags action.
Deletes the specified access point. After deletion is complete, new clients can no longer connect to the access points. Clients connected to the access point at the time of deletion will continue to function until they terminate their connection.
This operation requires permissions for the elasticfilesystem:DeleteAccessPoint action.
Deletes a file system, permanently severing access to its contents. Upon return, the file system no longer exists and you can't access any contents of the deleted file system.
You need to manually delete mount targets attached to a file system before you can delete an EFS file system. This step is performed for you when you use the Amazon Web Services console to delete a file system.
You cannot delete a file system that is part of an EFS Replication configuration. You need to delete the replication configuration first.
You can't delete a file system that is in use. That is, if the file system has any mount targets, you must first delete them. For more information, see DescribeMountTargets and DeleteMountTarget.
The DeleteFileSystem call returns while the file system state is still deleting. You can check the file system deletion status by calling the DescribeFileSystems operation, which returns a list of file systems in your account. If you pass file system ID or creation token for the deleted file system, the DescribeFileSystems returns a 404 FileSystemNotFound error.
This operation requires permissions for the elasticfilesystem:DeleteFileSystem action.
Identified the Amazon Web Services account that owns the access point resource.
", - "FileSystemDescription$OwnerId": "The Amazon Web Services account that created the file system. If the file system was created by an IAM user, the parent account to which the user belongs is the owner.
", + "AccessPointDescription$OwnerId": "Identifies the Amazon Web Services account that owns the access point resource.
", + "FileSystemDescription$OwnerId": "The Amazon Web Services account that created the file system.
", "MountTargetDescription$OwnerId": "Amazon Web Services account ID that owns the resource.
" } }, diff --git a/models/apis/elasticfilesystem/2015-02-01/endpoint-rule-set-1.json b/models/apis/elasticfilesystem/2015-02-01/endpoint-rule-set-1.json index 106cfc4d752..e2a751df21f 100644 --- a/models/apis/elasticfilesystem/2015-02-01/endpoint-rule-set-1.json +++ b/models/apis/elasticfilesystem/2015-02-01/endpoint-rule-set-1.json @@ -3,7 +3,7 @@ "parameters": { "Region": { "builtIn": "AWS::Region", - "required": true, + "required": false, "documentation": "The AWS region used to dispatch the request.", "type": "String" }, @@ -32,13 +32,12 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "isSet", "argv": [ { - "ref": "Region" + "ref": "Endpoint" } - ], - "assign": "PartitionResult" + ] } ], "type": "tree", @@ -46,14 +45,20 @@ { "conditions": [ { - "fn": "isSet", + "fn": "booleanEquals", "argv": [ { - "ref": "Endpoint" - } + "ref": "UseFIPS" + }, + true ] } ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], "type": "tree", "rules": [ { @@ -62,67 +67,42 @@ "fn": "booleanEquals", "argv": [ { - "ref": "UseFIPS" + "ref": "UseDualStack" }, true ] } ], - "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", "type": "error" }, { "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" + "endpoint": { + "url": { + "ref": "Endpoint" }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" - }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ { "conditions": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - }, - { - "fn": "booleanEquals", + "fn": "isSet", "argv": [ { - "ref": "UseDualStack" - }, - true + "ref": "Region" + } ] } ], @@ -131,90 +111,215 @@ { "conditions": [ { - "fn": "booleanEquals", + "fn": "aws.partition", "argv": [ - true, { - "fn": "getAttr", + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] }, - "supportsFIPS" + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://elasticfilesystem-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" } ] }, { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseFIPS" }, - "supportsDualStack" + true ] } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://elasticfilesystem-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://elasticfilesystem-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseDualStack" }, - "supportsFIPS" + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://elasticfilesystem.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] - } - ], - "type": "tree", - "rules": [ + }, { "conditions": [], "type": "tree", @@ -222,7 +327,7 @@ { "conditions": [], "endpoint": { - "url": "https://elasticfilesystem-fips.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://elasticfilesystem.{Region}.{PartitionResult#dnsSuffix}", "properties": {}, "headers": {} }, @@ -231,74 +336,13 @@ ] } ] - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://elasticfilesystem.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } ] }, { "conditions": [], - "endpoint": { - "url": "https://elasticfilesystem.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } diff --git a/models/apis/elasticfilesystem/2015-02-01/endpoint-tests-1.json b/models/apis/elasticfilesystem/2015-02-01/endpoint-tests-1.json index 7985bdc467e..7846888a5fe 100644 --- a/models/apis/elasticfilesystem/2015-02-01/endpoint-tests-1.json +++ b/models/apis/elasticfilesystem/2015-02-01/endpoint-tests-1.json @@ -1,1618 +1,796 @@ { "testCases": [ { - "documentation": "For region ap-south-1 with FIPS enabled and DualStack enabled", + "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.ap-south-1.api.aws" + "url": "https://elasticfilesystem.af-south-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-south-1" + "Region": "af-south-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled", + "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.ap-south-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.af-south-1.amazonaws.com" } }, "params": { + "Region": "af-south-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-south-1" + "UseFIPS": true } }, { - "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled", + "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.ap-south-1.api.aws" + "url": "https://elasticfilesystem.ap-east-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-south-1" + "Region": "ap-east-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.ap-south-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.ap-east-1.amazonaws.com" } }, "params": { + "Region": "ap-east-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-south-1" + "UseFIPS": true } }, { - "documentation": "For region eu-south-1 with FIPS enabled and DualStack enabled", + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-south-1.api.aws" + "url": "https://elasticfilesystem.ap-northeast-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-south-1" + "Region": "ap-northeast-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-south-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.ap-northeast-1.amazonaws.com" } }, "params": { + "Region": "ap-northeast-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-south-1" + "UseFIPS": true } }, { - "documentation": "For region eu-south-1 with FIPS disabled and DualStack enabled", + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-south-1.api.aws" + "url": "https://elasticfilesystem.ap-northeast-2.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-south-1" + "Region": "ap-northeast-2", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-south-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.ap-northeast-2.amazonaws.com" } }, "params": { + "Region": "ap-northeast-2", "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-south-1" + "UseFIPS": true } }, { - "documentation": "For region eu-south-2 with FIPS enabled and DualStack enabled", + "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-south-2.api.aws" + "url": "https://elasticfilesystem.ap-northeast-3.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-south-2" + "Region": "ap-northeast-3", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region eu-south-2 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-south-2.amazonaws.com" + "url": "https://elasticfilesystem-fips.ap-northeast-3.amazonaws.com" } }, "params": { + "Region": "ap-northeast-3", "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-south-2" + "UseFIPS": true } }, { - "documentation": "For region eu-south-2 with FIPS disabled and DualStack enabled", + "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-south-2.api.aws" + "url": "https://elasticfilesystem.ap-south-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-south-2" + "Region": "ap-south-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region eu-south-2 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-south-2.amazonaws.com" + "url": "https://elasticfilesystem-fips.ap-south-1.amazonaws.com" } }, "params": { + "Region": "ap-south-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-south-2" + "UseFIPS": true } }, { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.us-gov-east-1.api.aws" + "url": "https://elasticfilesystem.ap-southeast-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-gov-east-1" + "Region": "ap-southeast-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.us-gov-east-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.ap-southeast-1.amazonaws.com" } }, "params": { + "Region": "ap-southeast-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-gov-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-gov-east-1.api.aws" + "url": "https://elasticfilesystem.ap-southeast-2.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-gov-east-1" + "Region": "ap-southeast-2", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-gov-east-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.ap-southeast-2.amazonaws.com" } }, "params": { + "Region": "ap-southeast-2", "UseDualStack": false, - "UseFIPS": false, - "Region": "us-gov-east-1" + "UseFIPS": true } }, { - "documentation": "For region me-central-1 with FIPS enabled and DualStack enabled", + "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.me-central-1.api.aws" + "url": "https://elasticfilesystem.ap-southeast-3.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "me-central-1" + "Region": "ap-southeast-3", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region me-central-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.me-central-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.ap-southeast-3.amazonaws.com" } }, "params": { + "Region": "ap-southeast-3", "UseDualStack": false, - "UseFIPS": true, - "Region": "me-central-1" + "UseFIPS": true } }, { - "documentation": "For region me-central-1 with FIPS disabled and DualStack enabled", + "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.me-central-1.api.aws" + "url": "https://elasticfilesystem.ca-central-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "me-central-1" + "Region": "ca-central-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region me-central-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.me-central-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.ca-central-1.amazonaws.com" } }, "params": { + "Region": "ca-central-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "me-central-1" + "UseFIPS": true } }, { - "documentation": "For region ca-central-1 with FIPS enabled and DualStack enabled", + "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.ca-central-1.api.aws" + "url": "https://elasticfilesystem.eu-central-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ca-central-1" + "Region": "eu-central-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled", + "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.ca-central-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.eu-central-1.amazonaws.com" } }, "params": { + "Region": "eu-central-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "ca-central-1" + "UseFIPS": true } }, { - "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled", + "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.ca-central-1.api.aws" + "url": "https://elasticfilesystem.eu-north-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ca-central-1" + "Region": "eu-north-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", + "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.ca-central-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.eu-north-1.amazonaws.com" } }, "params": { + "Region": "eu-north-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "ca-central-1" + "UseFIPS": true } }, { - "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled", + "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-central-1.api.aws" + "url": "https://elasticfilesystem.eu-south-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-central-1" + "Region": "eu-south-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled", + "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-central-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.eu-south-1.amazonaws.com" } }, "params": { + "Region": "eu-south-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-central-1" + "UseFIPS": true } }, { - "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled", + "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-central-1.api.aws" + "url": "https://elasticfilesystem.eu-west-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-central-1" + "Region": "eu-west-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", + "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-central-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.eu-west-1.amazonaws.com" } }, "params": { + "Region": "eu-west-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-central-1" + "UseFIPS": true } }, { - "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack enabled", + "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + "endpoint": { + "url": "https://elasticfilesystem.eu-west-2.amazonaws.com" + } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-iso-west-1" + "Region": "eu-west-2", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack disabled", + "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.us-iso-west-1.c2s.ic.gov" + "url": "https://elasticfilesystem-fips.eu-west-2.amazonaws.com" } }, "params": { + "Region": "eu-west-2", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-iso-west-1" + "UseFIPS": true } }, { - "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack enabled", + "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" + "endpoint": { + "url": "https://elasticfilesystem.eu-west-3.amazonaws.com" + } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-iso-west-1" + "Region": "eu-west-3", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled", + "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-iso-west-1.c2s.ic.gov" + "url": "https://elasticfilesystem-fips.eu-west-3.amazonaws.com" } }, "params": { + "Region": "eu-west-3", "UseDualStack": false, - "UseFIPS": false, - "Region": "us-iso-west-1" + "UseFIPS": true } }, { - "documentation": "For region eu-central-2 with FIPS enabled and DualStack enabled", + "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-central-2.api.aws" + "url": "https://elasticfilesystem.me-south-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-central-2" + "Region": "me-south-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region eu-central-2 with FIPS enabled and DualStack disabled", + "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-central-2.amazonaws.com" + "url": "https://elasticfilesystem-fips.me-south-1.amazonaws.com" } }, "params": { + "Region": "me-south-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-central-2" + "UseFIPS": true } }, { - "documentation": "For region eu-central-2 with FIPS disabled and DualStack enabled", + "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-central-2.api.aws" + "url": "https://elasticfilesystem.sa-east-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-central-2" + "Region": "sa-east-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region eu-central-2 with FIPS disabled and DualStack disabled", + "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-central-2.amazonaws.com" + "url": "https://elasticfilesystem-fips.sa-east-1.amazonaws.com" } }, "params": { + "Region": "sa-east-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-central-2" + "UseFIPS": true } }, { - "documentation": "For region us-west-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.us-west-1.api.aws" + "url": "https://elasticfilesystem.us-east-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-west-1" + "Region": "us-east-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.us-west-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.us-east-1.amazonaws.com" } }, "params": { + "Region": "us-east-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-west-1" + "UseFIPS": true } }, { - "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-west-1.api.aws" + "url": "https://elasticfilesystem.us-east-2.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-west-1" + "Region": "us-east-2", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-west-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.us-east-2.amazonaws.com" } }, "params": { + "Region": "us-east-2", "UseDualStack": false, - "UseFIPS": false, - "Region": "us-west-1" + "UseFIPS": true } }, { - "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled", + "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.us-west-2.api.aws" + "url": "https://elasticfilesystem.us-west-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-west-2" + "Region": "us-west-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", + "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.us-west-2.amazonaws.com" + "url": "https://elasticfilesystem-fips.us-west-1.amazonaws.com" } }, "params": { + "Region": "us-west-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-west-2" + "UseFIPS": true } }, { - "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled", + "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-west-2.api.aws" + "url": "https://elasticfilesystem.us-west-2.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-west-2" + "Region": "us-west-2", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", + "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-west-2.amazonaws.com" + "url": "https://elasticfilesystem-fips.us-west-2.amazonaws.com" } }, "params": { + "Region": "us-west-2", "UseDualStack": false, - "UseFIPS": false, - "Region": "us-west-2" + "UseFIPS": true } }, { - "documentation": "For region af-south-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.af-south-1.api.aws" + "url": "https://elasticfilesystem-fips.us-east-1.api.aws" } }, "params": { + "Region": "us-east-1", "UseDualStack": true, - "UseFIPS": true, - "Region": "af-south-1" + "UseFIPS": true } }, { - "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.af-south-1.amazonaws.com" + "url": "https://elasticfilesystem.us-east-1.api.aws" } }, "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "af-south-1" + "Region": "us-east-1", + "UseDualStack": true, + "UseFIPS": false } }, { - "documentation": "For region af-south-1 with FIPS disabled and DualStack enabled", + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.af-south-1.api.aws" + "url": "https://elasticfilesystem.cn-north-1.amazonaws.com.cn" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "af-south-1" + "Region": "cn-north-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.af-south-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.cn-north-1.amazonaws.com.cn" } }, "params": { + "Region": "cn-north-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "af-south-1" + "UseFIPS": true } }, { - "documentation": "For region eu-north-1 with FIPS enabled and DualStack enabled", + "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-north-1.api.aws" + "url": "https://elasticfilesystem.cn-northwest-1.amazonaws.com.cn" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-north-1" + "Region": "cn-northwest-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled", + "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.eu-north-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.cn-northwest-1.amazonaws.com.cn" } }, "params": { + "Region": "cn-northwest-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-north-1" + "UseFIPS": true } }, { - "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled", + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-north-1.api.aws" + "url": "https://elasticfilesystem-fips.cn-north-1.api.amazonwebservices.com.cn" } }, "params": { + "Region": "cn-north-1", "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-north-1" + "UseFIPS": true } }, { - "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.eu-north-1.amazonaws.com" + "url": "https://elasticfilesystem.cn-north-1.api.amazonwebservices.com.cn" } }, "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-north-1" + "Region": "cn-north-1", + "UseDualStack": true, + "UseFIPS": false } }, { - "documentation": "For region eu-west-3 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.eu-west-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-west-3" - } - }, - { - "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.eu-west-3.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-west-3" - } - }, - { - "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.eu-west-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-west-3" - } - }, - { - "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.eu-west-3.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-west-3" - } - }, - { - "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.eu-west-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-west-2" - } - }, - { - "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.eu-west-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-west-2" - } - }, - { - "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.eu-west-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-west-2" - } - }, - { - "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.eu-west-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-west-2" - } - }, - { - "documentation": "For region eu-west-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.eu-west-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-west-1" - } - }, - { - "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.eu-west-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-west-1" - } - }, - { - "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.eu-west-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-west-1" - } - }, - { - "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.eu-west-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-west-1" - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-northeast-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-northeast-3" - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-northeast-3.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-northeast-3" - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-northeast-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-northeast-3" - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-northeast-3.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-northeast-3" - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-northeast-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-northeast-2" - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-northeast-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-northeast-2" - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-northeast-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-northeast-2" - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-northeast-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-northeast-2" - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-northeast-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-northeast-1" - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-northeast-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-northeast-1" - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-northeast-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-northeast-1" - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-northeast-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-northeast-1" - } - }, - { - "documentation": "For region me-south-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.me-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "me-south-1" - } - }, - { - "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.me-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "me-south-1" - } - }, - { - "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.me-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "me-south-1" - } - }, - { - "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.me-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "me-south-1" - } - }, - { - "documentation": "For region sa-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.sa-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "sa-east-1" - } - }, - { - "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.sa-east-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "sa-east-1" - } - }, - { - "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.sa-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "sa-east-1" - } - }, - { - "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.sa-east-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "sa-east-1" - } - }, - { - "documentation": "For region ap-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-east-1" - } - }, - { - "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-east-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-east-1" - } - }, - { - "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-east-1" - } - }, - { - "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-east-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-east-1" - } - }, - { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.cn-north-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "cn-north-1" - } - }, - { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.cn-north-1.amazonaws.com.cn" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "cn-north-1" - } - }, - { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.cn-north-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "cn-north-1" - } - }, - { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.cn-north-1.amazonaws.com.cn" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "cn-north-1" - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.us-gov-west-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-gov-west-1" - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.us-gov-west-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "us-gov-west-1" - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.us-gov-west-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-gov-west-1" - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.us-gov-west-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "us-gov-west-1" - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-southeast-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-southeast-1" - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-southeast-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-southeast-1" - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-southeast-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-southeast-1" - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-southeast-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-southeast-1" - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-southeast-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-southeast-2" - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-southeast-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-southeast-2" - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-southeast-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-southeast-2" - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-southeast-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-southeast-2" - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-iso-east-1" - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.us-iso-east-1.c2s.ic.gov" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "us-iso-east-1" - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-iso-east-1" - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.us-iso-east-1.c2s.ic.gov" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "us-iso-east-1" - } - }, - { - "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.ap-southeast-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-southeast-3" - } - }, - { - "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.ap-southeast-3.amazonaws.com" + "url": "https://elasticfilesystem.us-gov-east-1.amazonaws.com" } }, "params": { + "Region": "us-gov-east-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-southeast-3" - } - }, - { - "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.ap-southeast-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-southeast-3" + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.ap-southeast-3.amazonaws.com" + "url": "https://elasticfilesystem-fips.us-gov-east-1.amazonaws.com" } }, "params": { + "Region": "us-gov-east-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-southeast-3" - } - }, - { - "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.us-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.us-east-1.amazonaws.com" + "url": "https://elasticfilesystem.us-gov-west-1.amazonaws.com" } }, "params": { + "Region": "us-gov-west-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-east-1" - } - }, - { - "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.us-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-east-1" + "UseFIPS": false } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-east-1.amazonaws.com" + "url": "https://elasticfilesystem-fips.us-gov-west-1.amazonaws.com" } }, "params": { + "Region": "us-gov-west-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "us-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.us-east-2.api.aws" + "url": "https://elasticfilesystem-fips.us-gov-east-1.api.aws" } }, "params": { + "Region": "us-gov-east-1", "UseDualStack": true, - "UseFIPS": true, - "Region": "us-east-2" - } - }, - { - "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.us-east-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "us-east-2" + "UseFIPS": true } }, { - "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-east-2.api.aws" + "url": "https://elasticfilesystem.us-gov-east-1.api.aws" } }, "params": { + "Region": "us-gov-east-1", "UseDualStack": true, - "UseFIPS": false, - "Region": "us-east-2" + "UseFIPS": false } }, { - "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-east-2.amazonaws.com" + "url": "https://elasticfilesystem.us-iso-east-1.c2s.ic.gov" } }, "params": { + "Region": "us-iso-east-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "us-east-2" - } - }, - { - "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem-fips.cn-northwest-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "cn-northwest-1" + "UseFIPS": false } }, { - "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem-fips.cn-northwest-1.amazonaws.com.cn" + "url": "https://elasticfilesystem-fips.us-iso-east-1.c2s.ic.gov" } }, "params": { + "Region": "us-iso-east-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "cn-northwest-1" - } - }, - { - "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://elasticfilesystem.cn-northwest-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "cn-northwest-1" + "UseFIPS": true } }, { - "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.cn-northwest-1.amazonaws.com.cn" + "url": "https://elasticfilesystem.us-isob-east-1.sc2s.sgov.gov" } }, "params": { + "Region": "us-isob-east-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "cn-northwest-1" - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-isob-east-1" + "UseFIPS": false } }, { @@ -1623,37 +801,27 @@ } }, "params": { + "Region": "us-isob-east-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-isob-east-1" - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-isob-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", "expect": { "endpoint": { - "url": "https://elasticfilesystem.us-isob-east-1.sc2s.sgov.gov" + "url": "https://example.com" } }, "params": { + "Region": "us-east-1", "UseDualStack": false, "UseFIPS": false, - "Region": "us-isob-east-1" + "Endpoint": "https://example.com" } }, { - "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", "expect": { "endpoint": { "url": "https://example.com" @@ -1662,7 +830,6 @@ "params": { "UseDualStack": false, "UseFIPS": false, - "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -1672,9 +839,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { + "Region": "us-east-1", "UseDualStack": false, "UseFIPS": true, - "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -1684,9 +851,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { + "Region": "us-east-1", "UseDualStack": true, "UseFIPS": false, - "Region": "us-east-1", "Endpoint": "https://example.com" } } diff --git a/models/apis/frauddetector/2019-11-15/api-2.json b/models/apis/frauddetector/2019-11-15/api-2.json index 0d5dd87961a..30700798b49 100644 --- a/models/apis/frauddetector/2019-11-15/api-2.json +++ b/models/apis/frauddetector/2019-11-15/api-2.json @@ -122,6 +122,21 @@ {"shape":"AccessDeniedException"} ] }, + "CreateList":{ + "name":"CreateList", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreateListRequest"}, + "output":{"shape":"CreateListResult"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"AccessDeniedException"} + ] + }, "CreateModel":{ "name":"CreateModel", "http":{ @@ -341,6 +356,22 @@ {"shape":"InternalServerException"} ] }, + "DeleteList":{ + "name":"DeleteList", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteListRequest"}, + "output":{"shape":"DeleteListResult"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ConflictException"} + ] + }, "DeleteModel":{ "name":"DeleteModel", "http":{ @@ -661,6 +692,38 @@ {"shape":"AccessDeniedException"} ] }, + "GetListElements":{ + "name":"GetListElements", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetListElementsRequest"}, + "output":{"shape":"GetListElementsResult"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"AccessDeniedException"} + ] + }, + "GetListsMetadata":{ + "name":"GetListsMetadata", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetListsMetadataRequest"}, + "output":{"shape":"GetListsMetadataResult"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"AccessDeniedException"} + ] + }, "GetModelVersion":{ "name":"GetModelVersion", "http":{ @@ -998,6 +1061,23 @@ {"shape":"ConflictException"} ] }, + "UpdateList":{ + "name":"UpdateList", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdateListRequest"}, + "output":{"shape":"UpdateListResult"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalServerException"}, + {"shape":"ThrottlingException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ConflictException"} + ] + }, "UpdateModel":{ "name":"UpdateModel", "http":{ @@ -1161,6 +1241,22 @@ "logOddsMetrics":{"shape":"ListOfAggregatedLogOddsMetrics"} } }, + "AllowDenyList":{ + "type":"structure", + "required":["name"], + "members":{ + "name":{"shape":"noDashIdentifier"}, + "description":{"shape":"description"}, + "variableType":{"shape":"variableType"}, + "createdTime":{"shape":"time"}, + "updatedTime":{"shape":"time"}, + "arn":{"shape":"fraudDetectorArn"} + } + }, + "AllowDenyLists":{ + "type":"list", + "member":{"shape":"AllowDenyList"} + }, "AsyncJobStatus":{ "type":"string", "enum":[ @@ -1376,6 +1472,22 @@ "status":{"shape":"DetectorVersionStatus"} } }, + "CreateListRequest":{ + "type":"structure", + "required":["name"], + "members":{ + "name":{"shape":"noDashIdentifier"}, + "elements":{"shape":"ElementsList"}, + "variableType":{"shape":"variableType"}, + "description":{"shape":"description"}, + "tags":{"shape":"tagList"} + } + }, + "CreateListResult":{ + "type":"structure", + "members":{ + } + }, "CreateModelRequest":{ "type":"structure", "required":[ @@ -1632,6 +1744,18 @@ "members":{ } }, + "DeleteListRequest":{ + "type":"structure", + "required":["name"], + "members":{ + "name":{"shape":"noDashIdentifier"} + } + }, + "DeleteListResult":{ + "type":"structure", + "members":{ + } + }, "DeleteModelRequest":{ "type":"structure", "required":[ @@ -1785,6 +1909,19 @@ "max":10, "min":5 }, + "Elements":{ + "type":"string", + "max":320, + "min":1, + "pattern":"^\\S+( +\\S+)*$", + "sensitive":true + }, + "ElementsList":{ + "type":"list", + "member":{"shape":"Elements"}, + "max":100000, + "min":0 + }, "Entity":{ "type":"structure", "required":[ @@ -2231,6 +2368,37 @@ "nextToken":{"shape":"string"} } }, + "GetListElementsRequest":{ + "type":"structure", + "required":["name"], + "members":{ + "name":{"shape":"noDashIdentifier"}, + "nextToken":{"shape":"nextToken"}, + "maxResults":{"shape":"ListsElementsMaxResults"} + } + }, + "GetListElementsResult":{ + "type":"structure", + "members":{ + "elements":{"shape":"ElementsList"}, + "nextToken":{"shape":"nextToken"} + } + }, + "GetListsMetadataRequest":{ + "type":"structure", + "members":{ + "name":{"shape":"noDashIdentifier"}, + "nextToken":{"shape":"nextToken"}, + "maxResults":{"shape":"ListsMetadataMaxResults"} + } + }, + "GetListsMetadataResult":{ + "type":"structure", + "members":{ + "lists":{"shape":"AllowDenyLists"}, + "nextToken":{"shape":"nextToken"} + } + }, "GetModelVersionRequest":{ "type":"structure", "required":[ @@ -2485,6 +2653,26 @@ "nextToken":{"shape":"string"} } }, + "ListUpdateMode":{ + "type":"string", + "enum":[ + "REPLACE", + "APPEND", + "REMOVE" + ] + }, + "ListsElementsMaxResults":{ + "type":"integer", + "box":true, + "max":5000, + "min":500 + }, + "ListsMetadataMaxResults":{ + "type":"integer", + "box":true, + "max":50, + "min":5 + }, "LogOddsMetric":{ "type":"structure", "required":[ @@ -3166,6 +3354,22 @@ "members":{ } }, + "UpdateListRequest":{ + "type":"structure", + "required":["name"], + "members":{ + "name":{"shape":"noDashIdentifier"}, + "elements":{"shape":"ElementsList"}, + "description":{"shape":"description"}, + "updateMode":{"shape":"ListUpdateMode"}, + "variableType":{"shape":"variableType"} + } + }, + "UpdateListResult":{ + "type":"structure", + "members":{ + } + }, "UpdateModelRequest":{ "type":"structure", "required":[ @@ -3498,6 +3702,18 @@ "max":10, "min":1 }, + "nextToken":{ + "type":"string", + "max":8192, + "min":0, + "pattern":".*" + }, + "noDashIdentifier":{ + "type":"string", + "max":64, + "min":1, + "pattern":"^[0-9a-z_]+$" + }, "ruleExpression":{ "type":"string", "max":4096, @@ -3559,6 +3775,12 @@ "max":64, "min":1 }, + "variableType":{ + "type":"string", + "max":64, + "min":1, + "pattern":"^[A-Z_]{1,64}$" + }, "variableValue":{ "type":"string", "max":8192, diff --git a/models/apis/frauddetector/2019-11-15/docs-2.json b/models/apis/frauddetector/2019-11-15/docs-2.json index cc783667a32..f582a5957bb 100644 --- a/models/apis/frauddetector/2019-11-15/docs-2.json +++ b/models/apis/frauddetector/2019-11-15/docs-2.json @@ -9,6 +9,7 @@ "CreateBatchImportJob": "Creates a batch import job.
", "CreateBatchPredictionJob": "Creates a batch prediction job.
", "CreateDetectorVersion": "Creates a detector version. The detector version starts in a DRAFT status.
Creates a list.
List is a set of input data for a variable in your event dataset. You use the input data in a rule that's associated with your detector. For more information, see Lists.
", "CreateModel": "Creates a model using the specified model type.
", "CreateModelVersion": "Creates a version of the model using the specified model type and model id.
", "CreateRule": "Creates a rule for use with the specified detector.
", @@ -23,6 +24,7 @@ "DeleteEventsByEventType": "Deletes all events of a particular event type.
", "DeleteExternalModel": "Removes a SageMaker model from Amazon Fraud Detector.
You can remove an Amazon SageMaker model if it is not associated with a detector version. Removing a SageMaker model disconnects it from Amazon Fraud Detector, but the model remains available in SageMaker.
", "DeleteLabel": "Deletes a label.
You cannot delete labels that are included in an event type in Amazon Fraud Detector.
You cannot delete a label assigned to an event ID. You must first delete the relevant event ID.
When you delete a label, Amazon Fraud Detector permanently deletes that label and the data is no longer stored in Amazon Fraud Detector.
", + "DeleteList": "Deletes the list, provided it is not used in a rule.
When you delete a list, Amazon Fraud Detector permanently deletes that list and the elements in the list.
", "DeleteModel": "Deletes a model.
You can delete models and model versions in Amazon Fraud Detector, provided that they are not associated with a detector version.
When you delete a model, Amazon Fraud Detector permanently deletes that model and the data is no longer stored in Amazon Fraud Detector.
", "DeleteModelVersion": "Deletes a model version.
You can delete models and model versions in Amazon Fraud Detector, provided that they are not associated with a detector version.
When you delete a model version, Amazon Fraud Detector permanently deletes that model version and the data is no longer stored in Amazon Fraud Detector.
", "DeleteOutcome": "Deletes an outcome.
You cannot delete an outcome that is used in a rule version.
When you delete an outcome, Amazon Fraud Detector permanently deletes that outcome and the data is no longer stored in Amazon Fraud Detector.
", @@ -43,6 +45,8 @@ "GetExternalModels": "Gets the details for one or more Amazon SageMaker models that have been imported into the service. This is a paginated API. If you provide a null maxResults, this actions retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 5 and 10. To get the next page results, provide the pagination token from the GetExternalModelsResult as part of your request. A null pagination token fetches the records from the beginning.
Gets the encryption key if a KMS key has been specified to be used to encrypt content in Amazon Fraud Detector.
", "GetLabels": "Gets all labels or a specific label if name is provided. This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 50 records per page. If you provide a maxResults, the value must be between 10 and 50. To get the next page results, provide the pagination token from the GetGetLabelsResponse as part of your request. A null pagination token fetches the records from the beginning.
Gets all the elements in the specified list.
", + "GetListsMetadata": "Gets the metadata of either all the lists under the account or the specified list.
", "GetModelVersion": "Gets the details of the specified model version.
", "GetModels": "Gets one or more models. Gets all models for the Amazon Web Services account if no model type and no model id provided. Gets all models for the Amazon Web Services account and model type, if the model type is specified but model id is not provided. Gets a specific model if (model type, model id) tuple is specified.
This is a paginated API. If you provide a null maxResults, this action retrieves a maximum of 10 records per page. If you provide a maxResults, the value must be between 1 and 10. To get the next page results, provide the pagination token from the response as part of your request. A null pagination token fetches the records from the beginning.
Gets one or more outcomes. This is a paginated API. If you provide a null maxResults, this actions retrieves a maximum of 100 records per page. If you provide a maxResults, the value must be between 50 and 100. To get the next page results, provide the pagination token from the GetOutcomesResult as part of your request. A null pagination token fetches the records from the beginning.
Updates the detector version's description. You can update the metadata for any detector version (DRAFT, ACTIVE, or INACTIVE).
Updates the detector version’s status. You can perform the following promotions or demotions using UpdateDetectorVersionStatus: DRAFT to ACTIVE, ACTIVE to INACTIVE, and INACTIVE to ACTIVE.
Updates the specified event with a new label.
", + "UpdateList": "Updates a list.
", "UpdateModel": "Updates model description.
", "UpdateModelVersion": "Updates a model version. Updating a model version retrains an existing model version using updated training data and produces a new minor version of the model. You can update the training data set location and data access role attributes using this action. This action creates and trains a new minor version of the model, for example version 1.01, 1.02, 1.03.
", "UpdateModelVersionStatus": "Updates the status of a model version.
You can perform the following status updates:
Change the TRAINING_IN_PROGRESS status to TRAINING_CANCELLED.
Change the TRAINING_COMPLETE status to ACTIVE.
Change ACTIVE to INACTIVE.
The variable importance metrics of the aggregated variables.
Account Takeover Insights (ATI) model uses event variables from the login data you provide to continuously calculate a set of variables (aggregated variables) based on historical events. For example, your ATI model might calculate the number of times an user has logged in using the same IP address. In this case, event variables used to derive the aggregated variables are IP address and user.
The metadata of a list.
", + "refs": { + "AllowDenyLists$member": null + } + }, + "AllowDenyLists": { + "base": null, + "refs": { + "GetListsMetadataResult$lists": "The metadata of the specified list or all lists under the account.
" + } + }, "AsyncJobStatus": { "base": null, "refs": { @@ -258,6 +275,16 @@ "refs": { } }, + "CreateListRequest": { + "base": null, + "refs": { + } + }, + "CreateListResult": { + "base": null, + "refs": { + } + }, "CreateModelRequest": { "base": null, "refs": { @@ -431,6 +458,16 @@ "refs": { } }, + "DeleteListRequest": { + "base": null, + "refs": { + } + }, + "DeleteListResult": { + "base": null, + "refs": { + } + }, "DeleteModelRequest": { "base": null, "refs": { @@ -546,6 +583,20 @@ "GetDetectorsRequest$maxResults": "The maximum number of objects to return for the request.
" } }, + "Elements": { + "base": null, + "refs": { + "ElementsList$member": null + } + }, + "ElementsList": { + "base": null, + "refs": { + "CreateListRequest$elements": "The names of the elements, if providing. You can also create an empty list and add elements later using the UpdateList API.
", + "GetListElementsResult$elements": "The list elements.
", + "UpdateListRequest$elements": " One or more list elements to add or replace. If you are providing the elements, make sure to specify the updateMode to use.
If you are deleting all elements from the list, use REPLACE for the updateMode and provide an empty list (0 elements).
The entity details.
", "refs": { @@ -829,6 +880,26 @@ "refs": { } }, + "GetListElementsRequest": { + "base": null, + "refs": { + } + }, + "GetListElementsResult": { + "base": null, + "refs": { + } + }, + "GetListsMetadataRequest": { + "base": null, + "refs": { + } + }, + "GetListsMetadataResult": { + "base": null, + "refs": { + } + }, "GetModelVersionRequest": { "base": null, "refs": { @@ -1066,6 +1137,24 @@ "refs": { } }, + "ListUpdateMode": { + "base": null, + "refs": { + "UpdateListRequest$updateMode": "The update mode (type).
Use APPEND if you are adding elements to the list.
Use REPLACE if you replacing existing elements in the list.
Use REMOVE if you are removing elements from the list.
The maximum number of objects to return for the request.
" + } + }, + "ListsMetadataMaxResults": { + "base": null, + "refs": { + "GetListsMetadataRequest$maxResults": "The maximum number of objects to return for the request.
" + } + }, "LogOddsMetric": { "base": "The log odds metric details.
", "refs": { @@ -1570,6 +1659,16 @@ "refs": { } }, + "UpdateListRequest": { + "base": null, + "refs": { + } + }, + "UpdateListResult": { + "base": null, + "refs": { + } + }, "UpdateModelRequest": { "base": null, "refs": { @@ -1724,7 +1823,9 @@ "description": { "base": null, "refs": { + "AllowDenyList$description": "The description of the list.
", "CreateDetectorVersionRequest$description": "The description of the detector version.
", + "CreateListRequest$description": "The description of the list.
", "CreateModelRequest$description": "The model description.
", "CreateRuleRequest$description": "The rule description.
", "Detector$description": "The detector description.
", @@ -1743,6 +1844,7 @@ "RuleDetail$description": "The rule description.
", "UpdateDetectorVersionMetadataRequest$description": "The description.
", "UpdateDetectorVersionRequest$description": "The detector version description.
", + "UpdateListRequest$description": "The new description.
", "UpdateModelRequest$description": "The new model description.
", "UpdateRuleMetadataRequest$description": "The rule description.
", "UpdateRuleVersionRequest$description": "The description.
" @@ -1846,6 +1948,7 @@ "fraudDetectorArn": { "base": null, "refs": { + "AllowDenyList$arn": "The ARN of the list.
", "BatchImport$arn": "The ARN of the batch import job.
", "BatchPrediction$arn": "The ARN of batch prediction job.
", "DescribeDetectorResult$arn": "The detector ARN.
", @@ -2050,6 +2153,26 @@ "GetModelsRequest$maxResults": "The maximum number of objects to return for the request.
" } }, + "nextToken": { + "base": null, + "refs": { + "GetListElementsRequest$nextToken": "The next token for the subsequent request.
", + "GetListElementsResult$nextToken": "The next page token.
", + "GetListsMetadataRequest$nextToken": "The next token for the subsequent request.
", + "GetListsMetadataResult$nextToken": "The next page token.
" + } + }, + "noDashIdentifier": { + "base": null, + "refs": { + "AllowDenyList$name": "The name of the list.
", + "CreateListRequest$name": "The name of the list.
", + "DeleteListRequest$name": "The name of the list to delete.
", + "GetListElementsRequest$name": "The name of the list.
", + "GetListsMetadataRequest$name": "The name of the list.
", + "UpdateListRequest$name": "The name of the list to update.
" + } + }, "ruleExpression": { "base": null, "refs": { @@ -2240,6 +2363,7 @@ "CreateBatchImportJobRequest$tags": "A collection of key-value pairs associated with this request.
", "CreateBatchPredictionJobRequest$tags": "A collection of key and value pairs.
", "CreateDetectorVersionRequest$tags": "A collection of key and value pairs.
", + "CreateListRequest$tags": "A collection of the key and value pairs.
", "CreateModelRequest$tags": "A collection of key and value pairs.
", "CreateModelVersionRequest$tags": "A collection of key and value pairs.
", "CreateRuleRequest$tags": "A collection of key and value pairs.
", @@ -2265,6 +2389,8 @@ "time": { "base": null, "refs": { + "AllowDenyList$createdTime": "The time the list was created.
", + "AllowDenyList$updatedTime": "The time the list was last updated.
", "BatchImport$startTime": "Timestamp of when the batch import job started.
", "BatchImport$completionTime": "Timestamp of when batch import job completed.
", "BatchPrediction$startTime": "Timestamp of when the batch prediction job started.
", @@ -2322,6 +2448,14 @@ "EventVariableMap$key": null } }, + "variableType": { + "base": null, + "refs": { + "AllowDenyList$variableType": "The variable type of the list.
", + "CreateListRequest$variableType": "The variable type of the list. You can only assign the variable type with String data type. For more information, see Variable types.
", + "UpdateListRequest$variableType": "The variable type you want to assign to the list.
You cannot update a variable type of a list that already has a variable type assigned to it. You can assign a variable type to a list only if the list does not already have a variable type.
A list of DevEndpoints not found.
Specifies the direct JDBC source connection.
", + "refs": { + "CodeGenConfigurationNode$DirectJDBCSource": null + } + }, "DirectKafkaSource": { "base": "Specifies an Apache Kafka data store.
", "refs": { @@ -2697,6 +2703,10 @@ "CatalogSource$Table": "The name of the table in the database to read from.
", "CustomCode$ClassName": "The name defined for the custom code node class.
", "DQResultsPublishingOptions$ResultsS3Prefix": "The Amazon S3 prefix prepended to the results.
", + "DirectJDBCSource$Database": "The database of the JDBC source connection.
", + "DirectJDBCSource$Table": "The table of the JDBC source connection.
", + "DirectJDBCSource$ConnectionName": "The connection name of the JDBC source.
", + "DirectJDBCSource$RedshiftTmpDir": "The temp directory of the JDBC Redshift source.
", "DirectSchemaChangePolicy$Table": "Specifies the table in the database that the schema change policy applies to.
", "DirectSchemaChangePolicy$Database": "Specifies the database that the schema change policy applies to.
", "DynamicTransform$Name": "Specifies the name of the dynamic transform.
", @@ -4266,6 +4276,12 @@ "CheckSchemaVersionValidityResponse$Valid": "Return true, if the schema is valid and false otherwise.
" } }, + "JDBCConnectionType": { + "base": null, + "refs": { + "DirectJDBCSource$ConnectionType": "The connection type of the JDBC source.
" + } + }, "JDBCConnectorOptions": { "base": "Additional connection options for the connector.
", "refs": { @@ -5440,6 +5456,7 @@ "CatalogKinesisSource$Name": "The name of the data source.
", "CatalogSource$Name": "The name of the data store.
", "CustomCode$Name": "The name of the transform node.
", + "DirectJDBCSource$Name": "The name of the JDBC source connection.
", "DirectKafkaSource$Name": "The name of the data store.
", "DirectKinesisSource$Name": "The name of the data source.
", "DropDuplicates$Name": "The name of the transform node.
", diff --git a/models/apis/glue/2017-03-31/endpoint-rule-set-1.json b/models/apis/glue/2017-03-31/endpoint-rule-set-1.json index 73361609bf9..477f7b05b76 100644 --- a/models/apis/glue/2017-03-31/endpoint-rule-set-1.json +++ b/models/apis/glue/2017-03-31/endpoint-rule-set-1.json @@ -3,7 +3,7 @@ "parameters": { "Region": { "builtIn": "AWS::Region", - "required": true, + "required": false, "documentation": "The AWS region used to dispatch the request.", "type": "String" }, @@ -32,13 +32,12 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "isSet", "argv": [ { - "ref": "Region" + "ref": "Endpoint" } - ], - "assign": "PartitionResult" + ] } ], "type": "tree", @@ -46,14 +45,20 @@ { "conditions": [ { - "fn": "isSet", + "fn": "booleanEquals", "argv": [ { - "ref": "Endpoint" - } + "ref": "UseFIPS" + }, + true ] } ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], "type": "tree", "rules": [ { @@ -62,67 +67,42 @@ "fn": "booleanEquals", "argv": [ { - "ref": "UseFIPS" + "ref": "UseDualStack" }, true ] } ], - "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", "type": "error" }, { "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" + "endpoint": { + "url": { + "ref": "Endpoint" }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" - }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ { "conditions": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - }, - { - "fn": "booleanEquals", + "fn": "isSet", "argv": [ { - "ref": "UseDualStack" - }, - true + "ref": "Region" + } ] } ], @@ -131,154 +111,215 @@ { "conditions": [ { - "fn": "booleanEquals", + "fn": "aws.partition", "argv": [ - true, { - "fn": "getAttr", + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseFIPS" }, - "supportsFIPS" + true ] - } - ] - }, - { - "fn": "booleanEquals", - "argv": [ - true, + }, { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseDualStack" }, - "supportsDualStack" + true ] } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], + ], "type": "tree", "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://glue-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, { "conditions": [], - "endpoint": { - "url": "https://glue-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" } ] - } - ] - }, - { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseFIPS" }, - "supportsFIPS" + true ] } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], + ], "type": "tree", "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://glue-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, { "conditions": [], - "endpoint": { - "url": "https://glue-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" } ] - } - ] - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseDualStack" }, - "supportsDualStack" + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://glue.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] - } - ], - "type": "tree", - "rules": [ + }, { "conditions": [], "type": "tree", @@ -286,7 +327,7 @@ { "conditions": [], "endpoint": { - "url": "https://glue.{Region}.{PartitionResult#dualStackDnsSuffix}", + "url": "https://glue.{Region}.{PartitionResult#dnsSuffix}", "properties": {}, "headers": {} }, @@ -295,28 +336,13 @@ ] } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } ] }, { "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://glue.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } diff --git a/models/apis/glue/2017-03-31/endpoint-tests-1.json b/models/apis/glue/2017-03-31/endpoint-tests-1.json index 349217abd0c..0f9ae44102e 100644 --- a/models/apis/glue/2017-03-31/endpoint-tests-1.json +++ b/models/apis/glue/2017-03-31/endpoint-tests-1.json @@ -9,8 +9,8 @@ }, "params": { "Region": "af-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -22,8 +22,8 @@ }, "params": { "Region": "ap-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -35,8 +35,8 @@ }, "params": { "Region": "ap-northeast-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -48,8 +48,8 @@ }, "params": { "Region": "ap-northeast-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -61,8 +61,8 @@ }, "params": { "Region": "ap-northeast-3", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -74,8 +74,8 @@ }, "params": { "Region": "ap-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -87,8 +87,8 @@ }, "params": { "Region": "ap-southeast-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -100,8 +100,8 @@ }, "params": { "Region": "ap-southeast-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -113,8 +113,8 @@ }, "params": { "Region": "ca-central-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -126,8 +126,8 @@ }, "params": { "Region": "eu-central-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -139,8 +139,8 @@ }, "params": { "Region": "eu-north-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -152,8 +152,8 @@ }, "params": { "Region": "eu-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -165,8 +165,8 @@ }, "params": { "Region": "eu-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -178,8 +178,8 @@ }, "params": { "Region": "eu-west-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -191,8 +191,8 @@ }, "params": { "Region": "eu-west-3", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -204,8 +204,8 @@ }, "params": { "Region": "me-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -217,8 +217,8 @@ }, "params": { "Region": "sa-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -230,8 +230,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -243,8 +243,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -256,8 +256,8 @@ }, "params": { "Region": "us-east-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -269,8 +269,8 @@ }, "params": { "Region": "us-east-2", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -282,8 +282,8 @@ }, "params": { "Region": "us-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -295,8 +295,8 @@ }, "params": { "Region": "us-west-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -308,8 +308,8 @@ }, "params": { "Region": "us-west-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -321,8 +321,8 @@ }, "params": { "Region": "us-west-2", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -334,8 +334,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -347,8 +347,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -360,8 +360,8 @@ }, "params": { "Region": "cn-north-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -373,8 +373,8 @@ }, "params": { "Region": "cn-northwest-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -386,8 +386,8 @@ }, "params": { "Region": "cn-north-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -399,8 +399,8 @@ }, "params": { "Region": "cn-north-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -412,8 +412,8 @@ }, "params": { "Region": "cn-north-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -425,8 +425,8 @@ }, "params": { "Region": "us-gov-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -438,8 +438,8 @@ }, "params": { "Region": "us-gov-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -451,8 +451,8 @@ }, "params": { "Region": "us-gov-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -464,8 +464,8 @@ }, "params": { "Region": "us-gov-west-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -477,8 +477,8 @@ }, "params": { "Region": "us-gov-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -490,8 +490,8 @@ }, "params": { "Region": "us-gov-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -503,8 +503,8 @@ }, "params": { "Region": "us-iso-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -516,8 +516,8 @@ }, "params": { "Region": "us-iso-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -529,8 +529,8 @@ }, "params": { "Region": "us-isob-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -542,12 +542,12 @@ }, "params": { "Region": "us-isob-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { - "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", "expect": { "endpoint": { "url": "https://example.com" @@ -555,8 +555,21 @@ }, "params": { "Region": "us-east-1", + "UseFIPS": false, "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { "UseFIPS": false, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -567,8 +580,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, "UseFIPS": true, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -579,8 +592,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": true, "UseFIPS": false, + "UseDualStack": true, "Endpoint": "https://example.com" } } diff --git a/models/apis/privatenetworks/2021-12-03/api-2.json b/models/apis/privatenetworks/2021-12-03/api-2.json index 855c254cbee..994fe490222 100644 --- a/models/apis/privatenetworks/2021-12-03/api-2.json +++ b/models/apis/privatenetworks/2021-12-03/api-2.json @@ -134,6 +134,7 @@ "output":{"shape":"DeleteNetworkResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"InternalServerException"} ], @@ -150,6 +151,7 @@ "output":{"shape":"DeleteNetworkSiteResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, + {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"InternalServerException"} ], @@ -334,6 +336,22 @@ {"shape":"InternalServerException"} ] }, + "StartNetworkResourceUpdate":{ + "name":"StartNetworkResourceUpdate", + "http":{ + "method":"POST", + "requestUri":"/v1/network-resources/update", + "responseCode":200 + }, + "input":{"shape":"StartNetworkResourceUpdateRequest"}, + "output":{"shape":"StartNetworkResourceUpdateResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ValidationException"}, + {"shape":"InternalServerException"} + ], + "idempotent":true + }, "TagResource":{ "name":"TagResource", "http":{ @@ -857,10 +875,7 @@ "required":["networkArn"], "members":{ "filters":{"shape":"DeviceIdentifierFilters"}, - "maxResults":{ - "shape":"ListDeviceIdentifiersRequestMaxResultsInteger", - "box":true - }, + "maxResults":{"shape":"ListDeviceIdentifiersRequestMaxResultsInteger"}, "networkArn":{"shape":"Arn"}, "startToken":{"shape":"PaginationToken"} } @@ -883,10 +898,7 @@ "required":["networkArn"], "members":{ "filters":{"shape":"NetworkResourceFilters"}, - "maxResults":{ - "shape":"ListNetworkResourcesRequestMaxResultsInteger", - "box":true - }, + "maxResults":{"shape":"ListNetworkResourcesRequestMaxResultsInteger"}, "networkArn":{"shape":"Arn"}, "startToken":{"shape":"PaginationToken"} } @@ -909,10 +921,7 @@ "required":["networkArn"], "members":{ "filters":{"shape":"NetworkSiteFilters"}, - "maxResults":{ - "shape":"ListNetworkSitesRequestMaxResultsInteger", - "box":true - }, + "maxResults":{"shape":"ListNetworkSitesRequestMaxResultsInteger"}, "networkArn":{"shape":"Arn"}, "startToken":{"shape":"PaginationToken"} } @@ -934,10 +943,7 @@ "type":"structure", "members":{ "filters":{"shape":"NetworkFilters"}, - "maxResults":{ - "shape":"ListNetworksRequestMaxResultsInteger", - "box":true - }, + "maxResults":{"shape":"ListNetworksRequestMaxResultsInteger"}, "startToken":{"shape":"PaginationToken"} } }, @@ -959,10 +965,7 @@ "required":["networkArn"], "members":{ "filters":{"shape":"OrderFilters"}, - "maxResults":{ - "shape":"ListOrdersRequestMaxResultsInteger", - "box":true - }, + "maxResults":{"shape":"ListOrdersRequestMaxResultsInteger"}, "networkArn":{"shape":"Arn"}, "startToken":{"shape":"PaginationToken"} } @@ -1061,6 +1064,7 @@ "networkSiteArn":{"shape":"Arn"}, "orderArn":{"shape":"Arn"}, "position":{"shape":"Position"}, + "returnInformation":{"shape":"ReturnInformation"}, "serialNumber":{"shape":"String"}, "status":{"shape":"NetworkResourceStatus"}, "statusReason":{"shape":"String"}, @@ -1126,7 +1130,8 @@ "AVAILABLE", "DELETING", "PENDING_RETURN", - "DELETED" + "DELETED", + "CREATING_SHIPPING_LABEL" ] }, "NetworkResourceType":{ @@ -1263,6 +1268,15 @@ }, "exception":true }, + "ReturnInformation":{ + "type":"structure", + "members":{ + "replacementOrderArn":{"shape":"Arn"}, + "returnReason":{"shape":"String"}, + "shippingAddress":{"shape":"Address"}, + "shippingLabel":{"shape":"String"} + } + }, "SitePlan":{ "type":"structure", "members":{ @@ -1270,6 +1284,30 @@ "resourceDefinitions":{"shape":"NetworkResourceDefinitions"} } }, + "StartNetworkResourceUpdateRequest":{ + "type":"structure", + "required":[ + "networkResourceArn", + "updateType" + ], + "members":{ + "networkResourceArn":{"shape":"Arn"}, + "returnReason":{"shape":"StartNetworkResourceUpdateRequestReturnReasonString"}, + "shippingAddress":{"shape":"Address"}, + "updateType":{"shape":"UpdateType"} + } + }, + "StartNetworkResourceUpdateRequestReturnReasonString":{ + "type":"string", + "max":1000, + "min":0 + }, + "StartNetworkResourceUpdateResponse":{ + "type":"structure", + "members":{ + "networkResource":{"shape":"NetworkResource"} + } + }, "String":{"type":"string"}, "TagKey":{ "type":"string", @@ -1396,6 +1434,13 @@ "tags":{"shape":"TagMap"} } }, + "UpdateType":{ + "type":"string", + "enum":[ + "REPLACE", + "RETURN" + ] + }, "ValidationException":{ "type":"structure", "required":[ diff --git a/models/apis/privatenetworks/2021-12-03/defaults-1.json b/models/apis/privatenetworks/2021-12-03/defaults-1.json new file mode 100644 index 00000000000..3549611be0f --- /dev/null +++ b/models/apis/privatenetworks/2021-12-03/defaults-1.json @@ -0,0 +1,4 @@ +{ + "added": { + } +} diff --git a/models/apis/privatenetworks/2021-12-03/docs-2.json b/models/apis/privatenetworks/2021-12-03/docs-2.json index f79b8db7769..5b36a6e7c09 100644 --- a/models/apis/privatenetworks/2021-12-03/docs-2.json +++ b/models/apis/privatenetworks/2021-12-03/docs-2.json @@ -16,13 +16,14 @@ "GetNetworkResource": "Gets the specified network resource.
", "GetNetworkSite": "Gets the specified network site.
", "GetOrder": "Gets the specified order.
", - "ListDeviceIdentifiers": "Lists device identifiers. Add filters to your request to return a more specific list of results. Use filters to match the Amazon Resource Name (ARN) of an order, the status of device identifiers, or the ARN of the traffic group.
<p>If you specify multiple filters, filters are joined with an OR, and the request returns results that match all of the specified filters.
", + "ListDeviceIdentifiers": "Lists device identifiers. Add filters to your request to return a more specific list of results. Use filters to match the Amazon Resource Name (ARN) of an order, the status of device identifiers, or the ARN of the traffic group.
If you specify multiple filters, filters are joined with an OR, and the request returns results that match all of the specified filters.
", "ListNetworkResources": "Lists network resources. Add filters to your request to return a more specific list of results. Use filters to match the Amazon Resource Name (ARN) of an order or the status of network resources.
If you specify multiple filters, filters are joined with an OR, and the request returns results that match all of the specified filters.
", "ListNetworkSites": "Lists network sites. Add filters to your request to return a more specific list of results. Use filters to match the status of the network site.
", "ListNetworks": "Lists networks. Add filters to your request to return a more specific list of results. Use filters to match the status of the network.
", "ListOrders": "Lists orders. Add filters to your request to return a more specific list of results. Use filters to match the Amazon Resource Name (ARN) of the network site or the status of the order.
If you specify multiple filters, filters are joined with an OR, and the request returns results that match all of the specified filters.
", "ListTagsForResource": "Lists the tags for the specified resource.
", "Ping": "Checks the health of the service.
", + "StartNetworkResourceUpdate": "Starts an update of the specified network resource.
After you submit a request to replace or return a network resource, the status of the network resource is CREATING_SHIPPING_LABEL. The shipping label is available when the status of the network resource is PENDING_RETURN. After the network resource is successfully returned, its status is DELETED. For more information, see Return a radio unit.
Adds tags to the specified resource.
", "UntagResource": "Removes tags from the specified resource.
", "UpdateNetworkSite": "Updates the specified network site.
", @@ -74,7 +75,9 @@ "base": "Information about an address.
", "refs": { "ActivateNetworkSiteRequest$shippingAddress": "The shipping address of the network site.
", - "Order$shippingAddress": "The shipping address of the order.
" + "Order$shippingAddress": "The shipping address of the order.
", + "ReturnInformation$shippingAddress": "The shipping address.
", + "StartNetworkResourceUpdateRequest$shippingAddress": "The shipping address. If you don't provide a shipping address when replacing or returning a network resource, we use the address from the original order for the network resource.
" } }, "AddressContent": { @@ -126,6 +129,8 @@ "Order$networkArn": "The Amazon Resource Name (ARN) of the network associated with this order.
", "Order$networkSiteArn": "The Amazon Resource Name (ARN) of the network site associated with this order.
", "Order$orderArn": "The Amazon Resource Name (ARN) of the order.
", + "ReturnInformation$replacementOrderArn": "The Amazon Resource Name (ARN) of the replacement order.
", + "StartNetworkResourceUpdateRequest$networkResourceArn": "The Amazon Resource Name (ARN) of the network resource.
", "TagResourceRequest$resourceArn": "The Amazon Resource Name (ARN) of the resource.
", "UntagResourceRequest$resourceArn": "The Amazon Resource Name (ARN) of the resource.
", "UpdateNetworkSitePlanRequest$networkSiteArn": "The Amazon Resource Name (ARN) of the network site.
", @@ -528,7 +533,8 @@ "refs": { "ConfigureAccessPointResponse$accessPoint": "Information about the network resource.
", "GetNetworkResourceResponse$networkResource": "Information about the network resource.
", - "NetworkResourceList$member": null + "NetworkResourceList$member": null, + "StartNetworkResourceUpdateResponse$networkResource": "The network resource.
" } }, "NetworkResourceDefinition": { @@ -709,6 +715,12 @@ "refs": { } }, + "ReturnInformation": { + "base": "Information about a request to return a network resource.
", + "refs": { + "NetworkResource$returnInformation": "Information about a request to return the network resource.
" + } + }, "SitePlan": { "base": "Information about a site plan.
", "refs": { @@ -718,6 +730,22 @@ "UpdateNetworkSitePlanRequest$pendingPlan": "The pending plan.
" } }, + "StartNetworkResourceUpdateRequest": { + "base": null, + "refs": { + } + }, + "StartNetworkResourceUpdateRequestReturnReasonString": { + "base": null, + "refs": { + "StartNetworkResourceUpdateRequest$returnReason": "The reason for the return. Providing a reason for a return is optional.
" + } + }, + "StartNetworkResourceUpdateResponse": { + "base": null, + "refs": { + } + }, "String": { "base": null, "refs": { @@ -748,6 +776,8 @@ "ResourceNotFoundException$message": "Description of the error.
", "ResourceNotFoundException$resourceId": "Identifier of the affected resource.
", "ResourceNotFoundException$resourceType": "Type of the affected resource.
", + "ReturnInformation$returnReason": "The reason for the return. If the return request did not include a reason for the return, this value is null.
", + "ReturnInformation$shippingLabel": "The URL of the shipping label. The shipping label is available for download only if the status of the network resource is PENDING_RETURN. For more information, see Return a radio unit.
The tracking number of the shipment.
", "ValidationException$message": "Description of the error.
", @@ -854,6 +884,12 @@ "refs": { } }, + "UpdateType": { + "base": null, + "refs": { + "StartNetworkResourceUpdateRequest$updateType": "The update type.
REPLACE - Submits a request to replace a defective radio unit. We provide a shipping label that you can use for the return process and we ship a replacement radio unit to you.
RETURN - Submits a request to replace a radio unit that you no longer need. We provide a shipping label that you can use for the return process.
The request failed validation.
", "refs": { diff --git a/models/apis/privatenetworks/2021-12-03/endpoint-rule-set-1.json b/models/apis/privatenetworks/2021-12-03/endpoint-rule-set-1.json index 98ea1aca089..ea9a97d1fd4 100644 --- a/models/apis/privatenetworks/2021-12-03/endpoint-rule-set-1.json +++ b/models/apis/privatenetworks/2021-12-03/endpoint-rule-set-1.json @@ -32,13 +32,12 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "isSet", "argv": [ { - "ref": "Region" + "ref": "Endpoint" } - ], - "assign": "PartitionResult" + ] } ], "type": "tree", @@ -46,23 +45,20 @@ { "conditions": [ { - "fn": "isSet", + "fn": "booleanEquals", "argv": [ { - "ref": "Endpoint" - } + "ref": "UseFIPS" + }, + true ] - }, - { - "fn": "parseURL", - "argv": [ - { - "ref": "Endpoint" - } - ], - "assign": "url" } ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], "type": "tree", "rules": [ { @@ -71,67 +67,42 @@ "fn": "booleanEquals", "argv": [ { - "ref": "UseFIPS" + "ref": "UseDualStack" }, true ] } ], - "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", "type": "error" }, { "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" + "endpoint": { + "url": { + "ref": "Endpoint" }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" - }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ { "conditions": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - }, - { - "fn": "booleanEquals", + "fn": "isSet", "argv": [ { - "ref": "UseDualStack" - }, - true + "ref": "Region" + } ] } ], @@ -140,168 +111,238 @@ { "conditions": [ { - "fn": "booleanEquals", + "fn": "aws.partition", "argv": [ - true, { - "fn": "getAttr", + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseFIPS" }, - "supportsFIPS" + true ] - } - ] - }, - { - "fn": "booleanEquals", - "argv": [ - true, + }, { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseDualStack" }, - "supportsDualStack" + true ] } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://private-networks-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://private-networks-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseFIPS" }, - "supportsFIPS" + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://private-networks-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" } ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://private-networks-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseDualStack" }, - "supportsDualStack" + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://private-networks.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] - } - ], - "type": "tree", - "rules": [ + }, { "conditions": [], - "endpoint": { - "url": "https://private-networks.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://private-networks.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } ] }, { "conditions": [], - "endpoint": { - "url": "https://private-networks.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } diff --git a/models/apis/privatenetworks/2021-12-03/endpoint-tests-1.json b/models/apis/privatenetworks/2021-12-03/endpoint-tests-1.json index 9a44c67e760..24fcde110fb 100644 --- a/models/apis/privatenetworks/2021-12-03/endpoint-tests-1.json +++ b/models/apis/privatenetworks/2021-12-03/endpoint-tests-1.json @@ -1,172 +1,237 @@ { "testCases": [ { - "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://private-networks-fips.us-west-2.api.aws" + "url": "https://private-networks-fips.us-east-1.api.aws" } }, "params": { - "UseFIPS": true, + "Region": "us-east-1", "UseDualStack": true, - "Region": "us-west-2" + "UseFIPS": true } }, { - "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://private-networks-fips.us-west-2.amazonaws.com" + "url": "https://private-networks-fips.us-east-1.amazonaws.com" } }, "params": { - "UseFIPS": true, + "Region": "us-east-1", "UseDualStack": false, - "Region": "us-west-2" + "UseFIPS": true } }, { - "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://private-networks.us-west-2.api.aws" + "url": "https://private-networks.us-east-1.api.aws" } }, "params": { - "UseFIPS": false, + "Region": "us-east-1", "UseDualStack": true, - "Region": "us-west-2" + "UseFIPS": false } }, { - "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://private-networks.us-west-2.amazonaws.com" + "url": "https://private-networks.us-east-1.amazonaws.com" } }, "params": { - "UseFIPS": false, + "Region": "us-east-1", "UseDualStack": false, - "Region": "us-west-2" + "UseFIPS": false } }, { - "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://private-networks-fips.us-east-1.api.aws" + "url": "https://private-networks-fips.cn-north-1.api.amazonwebservices.com.cn" } }, "params": { - "UseFIPS": true, + "Region": "cn-north-1", "UseDualStack": true, - "Region": "us-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://private-networks-fips.us-east-1.amazonaws.com" + "url": "https://private-networks-fips.cn-north-1.amazonaws.com.cn" } }, "params": { - "UseFIPS": true, + "Region": "cn-north-1", "UseDualStack": false, - "Region": "us-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://private-networks.us-east-1.api.aws" + "url": "https://private-networks.cn-north-1.api.amazonwebservices.com.cn" } }, "params": { - "UseFIPS": false, + "Region": "cn-north-1", "UseDualStack": true, - "Region": "us-east-1" + "UseFIPS": false } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://private-networks.us-east-1.amazonaws.com" + "url": "https://private-networks.cn-north-1.amazonaws.com.cn" } }, "params": { - "UseFIPS": false, + "Region": "cn-north-1", "UseDualStack": false, - "Region": "us-east-1" + "UseFIPS": false } }, { - "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://private-networks-fips.us-east-2.api.aws" + "url": "https://private-networks-fips.us-gov-east-1.api.aws" } }, "params": { - "UseFIPS": true, + "Region": "us-gov-east-1", "UseDualStack": true, - "Region": "us-east-2" + "UseFIPS": true } }, { - "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://private-networks-fips.us-east-2.amazonaws.com" + "url": "https://private-networks-fips.us-gov-east-1.amazonaws.com" } }, "params": { - "UseFIPS": true, + "Region": "us-gov-east-1", "UseDualStack": false, - "Region": "us-east-2" + "UseFIPS": true } }, { - "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://private-networks.us-east-2.api.aws" + "url": "https://private-networks.us-gov-east-1.api.aws" } }, "params": { - "UseFIPS": false, + "Region": "us-gov-east-1", "UseDualStack": true, - "Region": "us-east-2" + "UseFIPS": false } }, { - "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://private-networks.us-east-2.amazonaws.com" + "url": "https://private-networks.us-gov-east-1.amazonaws.com" } }, "params": { - "UseFIPS": false, + "Region": "us-gov-east-1", + "UseDualStack": false, + "UseFIPS": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://private-networks-fips.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "Region": "us-iso-east-1", + "UseDualStack": false, + "UseFIPS": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://private-networks.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "Region": "us-iso-east-1", + "UseDualStack": false, + "UseFIPS": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://private-networks-fips.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "Region": "us-isob-east-1", + "UseDualStack": false, + "UseFIPS": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://private-networks.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "Region": "us-isob-east-1", "UseDualStack": false, - "Region": "us-east-2" + "UseFIPS": false } }, { - "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", "expect": { "endpoint": { "url": "https://example.com" } }, "params": { + "Region": "us-east-1", + "UseDualStack": false, "UseFIPS": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { "UseDualStack": false, - "Region": "us-east-1", + "UseFIPS": false, "Endpoint": "https://example.com" } }, @@ -176,9 +241,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { - "UseFIPS": true, - "UseDualStack": false, "Region": "us-east-1", + "UseDualStack": false, + "UseFIPS": true, "Endpoint": "https://example.com" } }, @@ -188,9 +253,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { - "UseFIPS": false, - "UseDualStack": true, "Region": "us-east-1", + "UseDualStack": true, + "UseFIPS": false, "Endpoint": "https://example.com" } } diff --git a/models/apis/rds/2014-10-31/docs-2.json b/models/apis/rds/2014-10-31/docs-2.json index 0d53b8c86a2..6692b47fa30 100644 --- a/models/apis/rds/2014-10-31/docs-2.json +++ b/models/apis/rds/2014-10-31/docs-2.json @@ -9,18 +9,18 @@ "ApplyPendingMaintenanceAction": "Applies a pending maintenance action to a resource (for example, to a DB instance).
", "AuthorizeDBSecurityGroupIngress": "Enables ingress to a DBSecurityGroup using one of two forms of authorization. First, EC2 or VPC security groups can be added to the DBSecurityGroup if the application using the database is running on EC2 or VPC instances. Second, IP ranges are available if the application accessing your database is running on the internet. Required parameters for this API are one of CIDR range, EC2SecurityGroupId for VPC, or (EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId for non-VPC).
You can't authorize ingress from an EC2 security group in one Amazon Web Services Region to an Amazon RDS DB instance in another. You can't authorize ingress from a VPC security group in one VPC to an Amazon RDS DB instance in another.
For an overview of CIDR ranges, go to the Wikipedia Tutorial.
EC2-Classic was retired on August 15, 2022. If you haven't migrated from EC2-Classic to a VPC, we recommend that you migrate as soon as possible. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide, the blog EC2-Classic Networking is Retiring – Here’s How to Prepare, and Moving a DB instance not in a VPC into a VPC in the Amazon RDS User Guide.
Backtracks a DB cluster to a specific time, without creating a new DB cluster.
For more information on backtracking, see Backtracking an Aurora DB Cluster in the Amazon Aurora User Guide.
This action applies only to Aurora MySQL DB clusters.
Cancels an export task in progress that is exporting a snapshot to Amazon S3. Any data that has already been written to the S3 bucket isn't removed.
", + "CancelExportTask": "Cancels an export task in progress that is exporting a snapshot or cluster to Amazon S3. Any data that has already been written to the S3 bucket isn't removed.
", "CopyDBClusterParameterGroup": "Copies the specified DB cluster parameter group.
", - "CopyDBClusterSnapshot": "Copies a snapshot of a DB cluster.
To copy a DB cluster snapshot from a shared manual DB cluster snapshot, SourceDBClusterSnapshotIdentifier must be the Amazon Resource Name (ARN) of the shared DB cluster snapshot.
You can copy an encrypted DB cluster snapshot from another Amazon Web Services Region. In that case, the Amazon Web Services Region where you call the CopyDBClusterSnapshot operation is the destination Amazon Web Services Region for the encrypted DB cluster snapshot to be copied to. To copy an encrypted DB cluster snapshot from another Amazon Web Services Region, you must provide the following values:
KmsKeyId - The Amazon Web Services Key Management System (Amazon Web Services KMS) key identifier for the key to use to encrypt the copy of the DB cluster snapshot in the destination Amazon Web Services Region.
TargetDBClusterSnapshotIdentifier - The identifier for the new copy of the DB cluster snapshot in the destination Amazon Web Services Region.
SourceDBClusterSnapshotIdentifier - The DB cluster snapshot identifier for the encrypted DB cluster snapshot to be copied. This identifier must be in the ARN format for the source Amazon Web Services Region and is the same value as the SourceDBClusterSnapshotIdentifier in the presigned URL.
To cancel the copy operation once it is in progress, delete the target DB cluster snapshot identified by TargetDBClusterSnapshotIdentifier while that DB cluster snapshot is in \"copying\" status.
For more information on copying encrypted Amazon Aurora DB cluster snapshots from one Amazon Web Services Region to another, see Copying a Snapshot in the Amazon Aurora User Guide.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "CopyDBClusterSnapshot": "Copies a snapshot of a DB cluster.
To copy a DB cluster snapshot from a shared manual DB cluster snapshot, SourceDBClusterSnapshotIdentifier must be the Amazon Resource Name (ARN) of the shared DB cluster snapshot.
You can copy an encrypted DB cluster snapshot from another Amazon Web Services Region. In that case, the Amazon Web Services Region where you call the CopyDBClusterSnapshot operation is the destination Amazon Web Services Region for the encrypted DB cluster snapshot to be copied to. To copy an encrypted DB cluster snapshot from another Amazon Web Services Region, you must provide the following values:
KmsKeyId - The Amazon Web Services Key Management System (Amazon Web Services KMS) key identifier for the key to use to encrypt the copy of the DB cluster snapshot in the destination Amazon Web Services Region.
TargetDBClusterSnapshotIdentifier - The identifier for the new copy of the DB cluster snapshot in the destination Amazon Web Services Region.
SourceDBClusterSnapshotIdentifier - The DB cluster snapshot identifier for the encrypted DB cluster snapshot to be copied. This identifier must be in the ARN format for the source Amazon Web Services Region and is the same value as the SourceDBClusterSnapshotIdentifier in the presigned URL.
To cancel the copy operation once it is in progress, delete the target DB cluster snapshot identified by TargetDBClusterSnapshotIdentifier while that DB cluster snapshot is in \"copying\" status.
For more information on copying encrypted Amazon Aurora DB cluster snapshots from one Amazon Web Services Region to another, see Copying a Snapshot in the Amazon Aurora User Guide.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "CopyDBParameterGroup": "Copies the specified DB parameter group.
", "CopyDBSnapshot": "Copies the specified DB snapshot. The source DB snapshot must be in the available state.
You can copy a snapshot from one Amazon Web Services Region to another. In that case, the Amazon Web Services Region where you call the CopyDBSnapshot operation is the destination Amazon Web Services Region for the DB snapshot copy.
This command doesn't apply to RDS Custom.
For more information about copying snapshots, see Copying a DB Snapshot in the Amazon RDS User Guide.
", "CopyOptionGroup": "Copies the specified option group.
", "CreateBlueGreenDeployment": "Creates a blue/green deployment.
A blue/green deployment creates a staging environment that copies the production environment. In a blue/green deployment, the blue environment is the current production environment. The green environment is the staging environment. The staging environment stays in sync with the current production environment using logical replication.
You can make changes to the databases in the green environment without affecting production workloads. For example, you can upgrade the major or minor DB engine version, change database parameters, or make schema changes in the staging environment. You can thoroughly test changes in the green environment. When ready, you can switch over the environments to promote the green environment to be the new production environment. The switchover typically takes under a minute.
For more information, see Using Amazon RDS Blue/Green Deployments for database updates in the Amazon RDS User Guide and Using Amazon RDS Blue/Green Deployments for database updates in the Amazon Aurora User Guide.
", "CreateCustomDBEngineVersion": "Creates a custom DB engine version (CEV).
", - "CreateDBCluster": "Creates a new Amazon Aurora DB cluster or Multi-AZ DB cluster.
You can use the ReplicationSourceIdentifier parameter to create an Amazon Aurora DB cluster as a read replica of another DB cluster or Amazon RDS MySQL or PostgreSQL DB instance.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "CreateDBCluster": "Creates a new Amazon Aurora DB cluster or Multi-AZ DB cluster.
You can use the ReplicationSourceIdentifier parameter to create an Amazon Aurora DB cluster as a read replica of another DB cluster or Amazon RDS MySQL or PostgreSQL DB instance. For more information about Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
You can also use the ReplicationSourceIdentifier parameter to create a Multi-AZ DB cluster read replica with an RDS for PostgreSQL DB instance as the source. For more information about Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
Creates a new custom endpoint and associates it with an Amazon Aurora DB cluster.
This action applies only to Aurora DB clusters.
Creates a new DB cluster parameter group.
Parameters in a DB cluster parameter group apply to all of the instances in a DB cluster.
A DB cluster parameter group is initially created with the default parameters for the database engine used by instances in the DB cluster. To provide custom values for any of the parameters, you must modify the group after creating it using ModifyDBClusterParameterGroup. Once you've created a DB cluster parameter group, you need to associate it with your DB cluster using ModifyDBCluster.
When you associate a new DB cluster parameter group with a running Aurora DB cluster, reboot the DB instances in the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.
When you associate a new DB cluster parameter group with a running Multi-AZ DB cluster, reboot the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.
After you create a DB cluster parameter group, you should wait at least 5 minutes before creating your first DB cluster that uses that DB cluster parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the DB cluster parameter group is used as the default for a new DB cluster. This is especially important for parameters that are critical when creating the default database for a DB cluster, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBClusterParameters operation to verify that your DB cluster parameter group has been created or modified.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", - "CreateDBClusterSnapshot": "Creates a snapshot of a DB cluster.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "CreateDBClusterParameterGroup": "Creates a new DB cluster parameter group.
Parameters in a DB cluster parameter group apply to all of the instances in a DB cluster.
A DB cluster parameter group is initially created with the default parameters for the database engine used by instances in the DB cluster. To provide custom values for any of the parameters, you must modify the group after creating it using ModifyDBClusterParameterGroup. Once you've created a DB cluster parameter group, you need to associate it with your DB cluster using ModifyDBCluster.
When you associate a new DB cluster parameter group with a running Aurora DB cluster, reboot the DB instances in the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.
When you associate a new DB cluster parameter group with a running Multi-AZ DB cluster, reboot the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.
After you create a DB cluster parameter group, you should wait at least 5 minutes before creating your first DB cluster that uses that DB cluster parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the DB cluster parameter group is used as the default for a new DB cluster. This is especially important for parameters that are critical when creating the default database for a DB cluster, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBClusterParameters operation to verify that your DB cluster parameter group has been created or modified.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", + "CreateDBClusterSnapshot": "Creates a snapshot of a DB cluster.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "CreateDBInstance": "Creates a new DB instance.
The new DB instance can be an RDS DB instance, or it can be a DB instance in an Aurora DB cluster. For an Aurora DB cluster, you can call this operation multiple times to add more than one DB instance to the cluster.
For more information about creating an RDS DB instance, see Creating an Amazon RDS DB instance in the Amazon RDS User Guide.
For more information about creating a DB instance in an Aurora DB cluster, see Creating an Amazon Aurora DB cluster in the Amazon Aurora User Guide.
", "CreateDBInstanceReadReplica": "Creates a new DB instance that acts as a read replica for an existing source DB instance. You can create a read replica for a DB instance running MySQL, MariaDB, Oracle, PostgreSQL, or SQL Server. For more information, see Working with Read Replicas in the Amazon RDS User Guide.
Amazon Aurora doesn't support this operation. Call the CreateDBInstance operation to create a DB instance for an Aurora DB cluster.
All read replica DB instances are created with backups disabled. All other DB instance attributes (including DB security groups and DB parameter groups) are inherited from the source DB instance, except as specified.
Your source DB instance must have backup retention enabled.
Creates a new DB parameter group.
A DB parameter group is initially created with the default parameters for the database engine used by the DB instance. To provide custom values for any of the parameters, you must modify the group after creating it using ModifyDBParameterGroup. Once you've created a DB parameter group, you need to associate it with your DB instance using ModifyDBInstance. When you associate a new DB parameter group with a running DB instance, you need to reboot the DB instance without failover for the new DB parameter group and associated settings to take effect.
This command doesn't apply to RDS Custom.
After you create a DB parameter group, you should wait at least 5 minutes before creating your first DB instance that uses that DB parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the parameter group is used as the default for a new DB instance. This is especially important for parameters that are critical when creating the default database for a DB instance, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBParameters command to verify that your DB parameter group has been created or modified.
Creates an Aurora global database spread across multiple Amazon Web Services Regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem.
You can create a global database that is initially empty, and then add a primary cluster and a secondary cluster to it. Or you can specify an existing Aurora cluster during the create operation, and this cluster becomes the primary cluster of the global database.
This action applies only to Aurora DB clusters.
Creates a new option group. You can create up to 20 option groups.
This command doesn't apply to RDS Custom.
", "DeleteBlueGreenDeployment": "Deletes a blue/green deployment.
For more information, see Using Amazon RDS Blue/Green Deployments for database updates in the Amazon RDS User Guide and Using Amazon RDS Blue/Green Deployments for database updates in the Amazon Aurora User Guide.
", - "DeleteCustomDBEngineVersion": "Deletes a custom engine version. To run this command, make sure you meet the following prerequisites:
The CEV must not be the default for RDS Custom. If it is, change the default before running this command.
The CEV must not be associated with an RDS Custom DB instance, RDS Custom instance snapshot, or automated backup of your RDS Custom instance.
Typically, deletion takes a few minutes.
The MediaImport service that imports files from Amazon S3 to create CEVs isn't integrated with Amazon Web Services CloudTrail. If you turn on data logging for Amazon RDS in CloudTrail, calls to the DeleteCustomDbEngineVersion event aren't logged. However, you might see calls from the API gateway that accesses your Amazon S3 bucket. These calls originate from the MediaImport service for the DeleteCustomDbEngineVersion event.
For more information, see Deleting a CEV in the Amazon RDS User Guide.
", - "DeleteDBCluster": "The DeleteDBCluster action deletes a previously provisioned DB cluster. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the specified DB cluster are not deleted.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "DeleteCustomDBEngineVersion": "Deletes a custom engine version. To run this command, make sure you meet the following prerequisites:
The CEV must not be the default for RDS Custom. If it is, change the default before running this command.
The CEV must not be associated with an RDS Custom DB instance, RDS Custom instance snapshot, or automated backup of your RDS Custom instance.
Typically, deletion takes a few minutes.
The MediaImport service that imports files from Amazon S3 to create CEVs isn't integrated with Amazon Web Services CloudTrail. If you turn on data logging for Amazon RDS in CloudTrail, calls to the DeleteCustomDbEngineVersion event aren't logged. However, you might see calls from the API gateway that accesses your Amazon S3 bucket. These calls originate from the MediaImport service for the DeleteCustomDbEngineVersion event.
For more information, see Deleting a CEV in the Amazon RDS User Guide.
", + "DeleteDBCluster": "The DeleteDBCluster action deletes a previously provisioned DB cluster. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the specified DB cluster are not deleted.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "DeleteDBClusterEndpoint": "Deletes a custom endpoint and removes it from an Amazon Aurora DB cluster.
This action only applies to Aurora DB clusters.
Deletes a specified DB cluster parameter group. The DB cluster parameter group to be deleted can't be associated with any DB clusters.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", - "DeleteDBClusterSnapshot": "Deletes a DB cluster snapshot. If the snapshot is being copied, the copy operation is terminated.
The DB cluster snapshot must be in the available state to be deleted.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "DeleteDBClusterParameterGroup": "Deletes a specified DB cluster parameter group. The DB cluster parameter group to be deleted can't be associated with any DB clusters.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", + "DeleteDBClusterSnapshot": "Deletes a DB cluster snapshot. If the snapshot is being copied, the copy operation is terminated.
The DB cluster snapshot must be in the available state to be deleted.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "DeleteDBInstance": "The DeleteDBInstance action deletes a previously provisioned DB instance. When you delete a DB instance, all automated backups for that instance are deleted and can't be recovered. Manual DB snapshots of the DB instance to be deleted by DeleteDBInstance are not deleted.
If you request a final DB snapshot the status of the Amazon RDS DB instance is deleting until the DB snapshot is created. The API action DescribeDBInstance is used to monitor the status of this operation. The action can't be canceled or reverted once submitted.
When a DB instance is in a failure state and has a status of failed, incompatible-restore, or incompatible-network, you can only delete it when you skip creation of the final snapshot with the SkipFinalSnapshot parameter.
If the specified DB instance is part of an Amazon Aurora DB cluster, you can't delete the DB instance if both of the following conditions are true:
The DB cluster is a read replica of another Amazon Aurora DB cluster.
The DB instance is the only instance in the DB cluster.
To delete a DB instance in this case, first call the PromoteReadReplicaDBCluster API action to promote the DB cluster so it's no longer a read replica. After the promotion completes, then call the DeleteDBInstance API action to delete the final instance in the DB cluster.
Deletes automated backups using the DbiResourceId value of the source DB instance or the Amazon Resource Name (ARN) of the automated backups.
Deletes a specified DB parameter group. The DB parameter group to be deleted can't be associated with any DB instances.
", @@ -55,11 +55,11 @@ "DescribeCertificates": "Lists the set of CA certificates provided by Amazon RDS for this Amazon Web Services account.
For more information, see Using SSL/TLS to encrypt a connection to a DB instance in the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to a DB cluster in the Amazon Aurora User Guide.
", "DescribeDBClusterBacktracks": "Returns information about backtracks for a DB cluster.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
This action only applies to Aurora MySQL DB clusters.
Returns information about endpoints for an Amazon Aurora DB cluster.
This action only applies to Aurora DB clusters.
Returns a list of DBClusterParameterGroup descriptions. If a DBClusterParameterGroupName parameter is specified, the list will contain only the description of the specified DB cluster parameter group.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", - "DescribeDBClusterParameters": "Returns the detailed parameter list for a particular DB cluster parameter group.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "DescribeDBClusterParameterGroups": "Returns a list of DBClusterParameterGroup descriptions. If a DBClusterParameterGroupName parameter is specified, the list will contain only the description of the specified DB cluster parameter group.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", + "DescribeDBClusterParameters": "Returns the detailed parameter list for a particular DB cluster parameter group.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "DescribeDBClusterSnapshotAttributes": "Returns a list of DB cluster snapshot attribute names and values for a manual DB cluster snapshot.
When sharing snapshots with other Amazon Web Services accounts, DescribeDBClusterSnapshotAttributes returns the restore attribute and a list of IDs for the Amazon Web Services accounts that are authorized to copy or restore the manual DB cluster snapshot. If all is included in the list of values for the restore attribute, then the manual DB cluster snapshot is public and can be copied or restored by all Amazon Web Services accounts.
To add or remove access for an Amazon Web Services account to copy or restore a manual DB cluster snapshot, or to make the manual DB cluster snapshot public or private, use the ModifyDBClusterSnapshotAttribute API action.
Returns information about DB cluster snapshots. This API action supports pagination.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", - "DescribeDBClusters": "Returns information about Amazon Aurora DB clusters and Multi-AZ DB clusters. This API supports pagination.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
This operation can also return information for Amazon Neptune DB instances and Amazon DocumentDB instances.
", + "DescribeDBClusterSnapshots": "Returns information about DB cluster snapshots. This API action supports pagination.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", + "DescribeDBClusters": "Returns information about Amazon Aurora DB clusters and Multi-AZ DB clusters. This API supports pagination.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
This operation can also return information for Amazon Neptune DB instances and Amazon DocumentDB instances.
", "DescribeDBEngineVersions": "Returns a list of the available DB engines.
", "DescribeDBInstanceAutomatedBackups": "Displays backups for both current and deleted instances. For example, use this operation to find details about automated backups for previously deleted instances. Current instances with retention periods greater than zero (0) are returned for both the DescribeDBInstanceAutomatedBackups and DescribeDBInstances operations.
All parameters are optional.
", "DescribeDBInstances": "Returns information about provisioned RDS instances. This API supports pagination.
This operation can also return information for Amazon Neptune DB instances and Amazon DocumentDB instances.
Displays a list of categories for all event source types, or, if specified, for a specified source type. You can also see this list in the \"Amazon RDS event categories and event messages\" section of the Amazon RDS User Guide or the Amazon Aurora User Guide .
", "DescribeEventSubscriptions": "Lists all the subscription descriptions for a customer account. The description for a subscription includes SubscriptionName, SNSTopicARN, CustomerID, SourceType, SourceID, CreationTime, and Status.
If you specify a SubscriptionName, lists the description for that subscription.
Returns events related to DB instances, DB clusters, DB parameter groups, DB security groups, DB snapshots, DB cluster snapshots, and RDS Proxies for the past 14 days. Events specific to a particular DB instance, DB cluster, DB parameter group, DB security group, DB snapshot, DB cluster snapshot group, or RDS Proxy can be obtained by providing the name as a parameter.
For more information on working with events, see Monitoring Amazon RDS events in the Amazon RDS User Guide and Monitoring Amazon Aurora events in the Amazon Aurora User Guide.
By default, RDS returns events that were generated in the past hour.
Returns information about a snapshot export to Amazon S3. This API operation supports pagination.
", + "DescribeExportTasks": "Returns information about a snapshot or cluster export to Amazon S3. This API operation supports pagination.
", "DescribeGlobalClusters": "Returns information about Aurora global database clusters. This API supports pagination.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
This action only applies to Aurora DB clusters.
Describes all available options.
", "DescribeOptionGroups": "Describes the available option groups.
", @@ -90,16 +90,16 @@ "DescribeSourceRegions": "Returns a list of the source Amazon Web Services Regions where the current Amazon Web Services Region can create a read replica, copy a DB snapshot from, or replicate automated backups from.
Use this operation to determine whether cross-Region features are supported between other Regions and your current Region. This operation supports pagination.
To return information about the Regions that are enabled for your account, or all Regions, use the EC2 operation DescribeRegions. For more information, see DescribeRegions in the Amazon EC2 API Reference.
You can call DescribeValidDBInstanceModifications to learn what modifications you can make to your DB instance. You can use this information when you call ModifyDBInstance.
This command doesn't apply to RDS Custom.
", "DownloadDBLogFilePortion": "Downloads all or a portion of the specified log file, up to 1 MB in size.
This command doesn't apply to RDS Custom.
", - "FailoverDBCluster": "Forces a failover for a DB cluster.
For an Aurora DB cluster, failover for a DB cluster promotes one of the Aurora Replicas (read-only instances) in the DB cluster to be the primary DB instance (the cluster writer).
For a Multi-AZ DB cluster, failover for a DB cluster promotes one of the readable standby DB instances (read-only instances) in the DB cluster to be the primary DB instance (the cluster writer).
An Amazon Aurora DB cluster automatically fails over to an Aurora Replica, if one exists, when the primary DB instance fails. A Multi-AZ DB cluster automatically fails over to a readable standby DB instance when the primary DB instance fails.
To simulate a failure of a primary instance for testing, you can force a failover. Because each instance in a DB cluster has its own endpoint address, make sure to clean up and re-establish any existing connections that use those endpoint addresses when the failover is complete.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "FailoverDBCluster": "Forces a failover for a DB cluster.
For an Aurora DB cluster, failover for a DB cluster promotes one of the Aurora Replicas (read-only instances) in the DB cluster to be the primary DB instance (the cluster writer).
For a Multi-AZ DB cluster, failover for a DB cluster promotes one of the readable standby DB instances (read-only instances) in the DB cluster to be the primary DB instance (the cluster writer).
An Amazon Aurora DB cluster automatically fails over to an Aurora Replica, if one exists, when the primary DB instance fails. A Multi-AZ DB cluster automatically fails over to a readable standby DB instance when the primary DB instance fails.
To simulate a failure of a primary instance for testing, you can force a failover. Because each instance in a DB cluster has its own endpoint address, make sure to clean up and re-establish any existing connections that use those endpoint addresses when the failover is complete.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "FailoverGlobalCluster": "Initiates the failover process for an Aurora global database (GlobalCluster).
A failover for an Aurora global database promotes one of secondary read-only DB clusters to be the primary DB cluster and demotes the primary DB cluster to being a secondary (read-only) DB cluster. In other words, the role of the current primary DB cluster and the selected (target) DB cluster are switched. The selected secondary DB cluster assumes full read/write capabilities for the Aurora global database.
For more information about failing over an Amazon Aurora global database, see Managed planned failover for Amazon Aurora global databases in the Amazon Aurora User Guide.
This action applies to GlobalCluster (Aurora global databases) only. Use this action only on healthy Aurora global databases with running Aurora DB clusters and no Region-wide outages, to test disaster recovery scenarios or to reconfigure your Aurora global database topology.
Lists all tags on an Amazon RDS resource.
For an overview on tagging an Amazon RDS resource, see Tagging Amazon RDS Resources in the Amazon RDS User Guide.
", - "ModifyActivityStream": "Changes the audit policy state of a database activity stream to either locked (default) or unlocked. A locked policy is read-only, whereas an unlocked policy is read/write. If your activity stream is started and locked, you can unlock it, customize your audit policy, and then lock your activity stream. Restarting the activity stream isn't required. For more information, see Modifying a database activity stream in the Amazon RDS User Guide.
This operation is supported for RDS for Oracle only.
", + "ModifyActivityStream": "Changes the audit policy state of a database activity stream to either locked (default) or unlocked. A locked policy is read-only, whereas an unlocked policy is read/write. If your activity stream is started and locked, you can unlock it, customize your audit policy, and then lock your activity stream. Restarting the activity stream isn't required. For more information, see Modifying a database activity stream in the Amazon RDS User Guide.
This operation is supported for RDS for Oracle and Microsoft SQL Server.
", "ModifyCertificates": "Override the system-default Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate for Amazon RDS for new DB instances, or remove the override.
By using this operation, you can specify an RDS-approved SSL/TLS certificate for new DB instances that is different from the default certificate provided by RDS. You can also use this operation to remove the override, so that new DB instances use the default certificate provided by RDS.
You might need to override the default certificate in the following situations:
You already migrated your applications to support the latest certificate authority (CA) certificate, but the new CA certificate is not yet the RDS default CA certificate for the specified Amazon Web Services Region.
RDS has already moved to a new default CA certificate for the specified Amazon Web Services Region, but you are still in the process of supporting the new CA certificate. In this case, you temporarily need additional time to finish your application changes.
For more information about rotating your SSL/TLS certificate for RDS DB engines, see Rotating Your SSL/TLS Certificate in the Amazon RDS User Guide.
For more information about rotating your SSL/TLS certificate for Aurora DB engines, see Rotating Your SSL/TLS Certificate in the Amazon Aurora User Guide.
", "ModifyCurrentDBClusterCapacity": "Set the capacity of an Aurora Serverless v1 DB cluster to a specific value.
Aurora Serverless v1 scales seamlessly based on the workload on the DB cluster. In some cases, the capacity might not scale fast enough to meet a sudden change in workload, such as a large number of new transactions. Call ModifyCurrentDBClusterCapacity to set the capacity explicitly.
After this call sets the DB cluster capacity, Aurora Serverless v1 can automatically scale the DB cluster based on the cooldown period for scaling up and the cooldown period for scaling down.
For more information about Aurora Serverless v1, see Using Amazon Aurora Serverless v1 in the Amazon Aurora User Guide.
If you call ModifyCurrentDBClusterCapacity with the default TimeoutAction, connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. For more information about scaling points, see Autoscaling for Aurora Serverless v1 in the Amazon Aurora User Guide.
This action only applies to Aurora Serverless v1 DB clusters.
Modifies the status of a custom engine version (CEV). You can find CEVs to modify by calling DescribeDBEngineVersions.
The MediaImport service that imports files from Amazon S3 to create CEVs isn't integrated with Amazon Web Services CloudTrail. If you turn on data logging for Amazon RDS in CloudTrail, calls to the ModifyCustomDbEngineVersion event aren't logged. However, you might see calls from the API gateway that accesses your Amazon S3 bucket. These calls originate from the MediaImport service for the ModifyCustomDbEngineVersion event.
For more information, see Modifying CEV status in the Amazon RDS User Guide.
", - "ModifyDBCluster": "Modify the settings for an Amazon Aurora DB cluster or a Multi-AZ DB cluster. You can change one or more settings by specifying these parameters and the new values in the request.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "ModifyDBCluster": "Modify the settings for an Amazon Aurora DB cluster or a Multi-AZ DB cluster. You can change one or more settings by specifying these parameters and the new values in the request.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "ModifyDBClusterEndpoint": "Modifies the properties of an endpoint in an Amazon Aurora DB cluster.
This action only applies to Aurora DB clusters.
Modifies the parameters of a DB cluster parameter group. To modify more than one parameter, submit a list of the following: ParameterName, ParameterValue, and ApplyMethod. A maximum of 20 parameters can be modified in a single request.
After you create a DB cluster parameter group, you should wait at least 5 minutes before creating your first DB cluster that uses that DB cluster parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the parameter group is used as the default for a new DB cluster. This is especially important for parameters that are critical when creating the default database for a DB cluster, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBClusterParameters operation to verify that your DB cluster parameter group has been created or modified.
If the modified DB cluster parameter group is used by an Aurora Serverless v1 cluster, Aurora applies the update immediately. The cluster restart might interrupt your workload. In that case, your application must reopen any connections and retry any transactions that were active when the parameter changes took effect.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "ModifyDBClusterParameterGroup": "Modifies the parameters of a DB cluster parameter group. To modify more than one parameter, submit a list of the following: ParameterName, ParameterValue, and ApplyMethod. A maximum of 20 parameters can be modified in a single request.
After you create a DB cluster parameter group, you should wait at least 5 minutes before creating your first DB cluster that uses that DB cluster parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the parameter group is used as the default for a new DB cluster. This is especially important for parameters that are critical when creating the default database for a DB cluster, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBClusterParameters operation to verify that your DB cluster parameter group has been created or modified.
If the modified DB cluster parameter group is used by an Aurora Serverless v1 cluster, Aurora applies the update immediately. The cluster restart might interrupt your workload. In that case, your application must reopen any connections and retry any transactions that were active when the parameter changes took effect.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "ModifyDBClusterSnapshotAttribute": "Adds an attribute and values to, or removes an attribute and values from, a manual DB cluster snapshot.
To share a manual DB cluster snapshot with other Amazon Web Services accounts, specify restore as the AttributeName and use the ValuesToAdd parameter to add a list of IDs of the Amazon Web Services accounts that are authorized to restore the manual DB cluster snapshot. Use the value all to make the manual DB cluster snapshot public, which means that it can be copied or restored by all Amazon Web Services accounts.
Don't add the all value for any manual DB cluster snapshots that contain private information that you don't want available to all Amazon Web Services accounts.
If a manual DB cluster snapshot is encrypted, it can be shared, but only by specifying a list of authorized Amazon Web Services account IDs for the ValuesToAdd parameter. You can't use all as a value for that parameter in this case.
To view which Amazon Web Services accounts have access to copy or restore a manual DB cluster snapshot, or whether a manual DB cluster snapshot is public or private, use the DescribeDBClusterSnapshotAttributes API operation. The accounts are returned as values for the restore attribute.
Modifies settings for a DB instance. You can change one or more database configuration parameters by specifying these parameters and the new values in the request. To learn what modifications you can make to your DB instance, call DescribeValidDBInstanceModifications before you call ModifyDBInstance.
Modifies the parameters of a DB parameter group. To modify more than one parameter, submit a list of the following: ParameterName, ParameterValue, and ApplyMethod. A maximum of 20 parameters can be modified in a single request.
After you modify a DB parameter group, you should wait at least 5 minutes before creating your first DB instance that uses that DB parameter group as the default parameter group. This allows Amazon RDS to fully complete the modify action before the parameter group is used as the default for a new DB instance. This is especially important for parameters that are critical when creating the default database for a DB instance, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBParameters command to verify that your DB parameter group has been created or modified.
Promotes a read replica DB instance to a standalone DB instance.
Backup duration is a function of the amount of changes to the database since the previous backup. If you plan to promote a read replica to a standalone instance, we recommend that you enable backups and complete at least one backup prior to promotion. In addition, a read replica cannot be promoted to a standalone instance when it is in the backing-up status. If you have enabled backups on your read replica, configure the automated backup window so that daily backups do not interfere with read replica promotion.
This command doesn't apply to Aurora MySQL, Aurora PostgreSQL, or RDS Custom.
Promotes a read replica DB cluster to a standalone DB cluster.
", "PurchaseReservedDBInstancesOffering": "Purchases a reserved DB instance offering.
", - "RebootDBCluster": "You might need to reboot your DB cluster, usually for maintenance reasons. For example, if you make certain modifications, or if you change the DB cluster parameter group associated with the DB cluster, reboot the DB cluster for the changes to take effect.
Rebooting a DB cluster restarts the database engine service. Rebooting a DB cluster results in a momentary outage, during which the DB cluster status is set to rebooting.
Use this operation only for a non-Aurora Multi-AZ DB cluster.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "RebootDBCluster": "You might need to reboot your DB cluster, usually for maintenance reasons. For example, if you make certain modifications, or if you change the DB cluster parameter group associated with the DB cluster, reboot the DB cluster for the changes to take effect.
Rebooting a DB cluster restarts the database engine service. Rebooting a DB cluster results in a momentary outage, during which the DB cluster status is set to rebooting.
Use this operation only for a non-Aurora Multi-AZ DB cluster.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "RebootDBInstance": "You might need to reboot your DB instance, usually for maintenance reasons. For example, if you make certain modifications, or if you change the DB parameter group associated with the DB instance, you must reboot the instance for the changes to take effect.
Rebooting a DB instance restarts the database engine service. Rebooting a DB instance results in a momentary outage, during which the DB instance status is set to rebooting.
For more information about rebooting, see Rebooting a DB Instance in the Amazon RDS User Guide.
This command doesn't apply to RDS Custom.
If your DB instance is part of a Multi-AZ DB cluster, you can reboot the DB cluster with the RebootDBCluster operation.
Associate one or more DBProxyTarget data structures with a DBProxyTargetGroup.
Detaches an Aurora secondary cluster from an Aurora global database cluster. The cluster becomes a standalone cluster with read-write capability instead of being read-only and receiving data from a primary cluster in a different Region.
This action only applies to Aurora DB clusters.
Removes the asssociation of an Amazon Web Services Identity and Access Management (IAM) role from a DB cluster.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "RemoveRoleFromDBCluster": "Removes the asssociation of an Amazon Web Services Identity and Access Management (IAM) role from a DB cluster.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "RemoveRoleFromDBInstance": "Disassociates an Amazon Web Services Identity and Access Management (IAM) role from a DB instance.
", "RemoveSourceIdentifierFromSubscription": "Removes a source identifier from an existing RDS event notification subscription.
", "RemoveTagsFromResource": "Removes metadata tags from an Amazon RDS resource.
For an overview on tagging an Amazon RDS resource, see Tagging Amazon RDS Resources in the Amazon RDS User Guide.
", - "ResetDBClusterParameterGroup": "Modifies the parameters of a DB cluster parameter group to the default value. To reset specific parameters submit a list of the following: ParameterName and ApplyMethod. To reset the entire DB cluster parameter group, specify the DBClusterParameterGroupName and ResetAllParameters parameters.
When resetting the entire group, dynamic parameters are updated immediately and static parameters are set to pending-reboot to take effect on the next DB instance restart or RebootDBInstance request. You must call RebootDBInstance for every DB instance in your DB cluster that you want the updated static parameter to apply to.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "ResetDBClusterParameterGroup": "Modifies the parameters of a DB cluster parameter group to the default value. To reset specific parameters submit a list of the following: ParameterName and ApplyMethod. To reset the entire DB cluster parameter group, specify the DBClusterParameterGroupName and ResetAllParameters parameters.
When resetting the entire group, dynamic parameters are updated immediately and static parameters are set to pending-reboot to take effect on the next DB instance restart or RebootDBInstance request. You must call RebootDBInstance for every DB instance in your DB cluster that you want the updated static parameter to apply to.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "ResetDBParameterGroup": "Modifies the parameters of a DB parameter group to the engine/system default value. To reset specific parameters, provide a list of the following: ParameterName and ApplyMethod. To reset the entire DB parameter group, specify the DBParameterGroup name and ResetAllParameters parameters. When resetting the entire group, dynamic parameters are updated immediately and static parameters are set to pending-reboot to take effect on the next DB instance restart or RebootDBInstance request.
Creates an Amazon Aurora DB cluster from MySQL data stored in an Amazon S3 bucket. Amazon RDS must be authorized to access the Amazon S3 bucket and the data must be created using the Percona XtraBackup utility as described in Migrating Data from MySQL by Using an Amazon S3 Bucket in the Amazon Aurora User Guide.
This action only restores the DB cluster, not the DB instances for that DB cluster. You must invoke the CreateDBInstance action to create DB instances for the restored DB cluster, specifying the identifier of the restored DB cluster in DBClusterIdentifier. You can create DB instances only after the RestoreDBClusterFromS3 action has completed and the DB cluster is available.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
This action only applies to Aurora DB clusters. The source DB engine must be MySQL.
Creates a new DB cluster from a DB snapshot or DB cluster snapshot.
The target DB cluster is created from the source snapshot with a default configuration. If you don't specify a security group, the new DB cluster is associated with the default security group.
This action only restores the DB cluster, not the DB instances for that DB cluster. You must invoke the CreateDBInstance action to create DB instances for the restored DB cluster, specifying the identifier of the restored DB cluster in DBClusterIdentifier. You can create DB instances only after the RestoreDBClusterFromSnapshot action has completed and the DB cluster is available.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", - "RestoreDBClusterToPointInTime": "Restores a DB cluster to an arbitrary point in time. Users can restore to any point in time before LatestRestorableTime for up to BackupRetentionPeriod days. The target DB cluster is created from the source DB cluster with the same configuration as the original DB cluster, except that the new DB cluster is created with the default DB security group.
For Aurora, this action only restores the DB cluster, not the DB instances for that DB cluster. You must invoke the CreateDBInstance action to create DB instances for the restored DB cluster, specifying the identifier of the restored DB cluster in DBClusterIdentifier. You can create DB instances only after the RestoreDBClusterToPointInTime action has completed and the DB cluster is available.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
", + "RestoreDBClusterFromSnapshot": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.
The target DB cluster is created from the source snapshot with a default configuration. If you don't specify a security group, the new DB cluster is associated with the default security group.
This action only restores the DB cluster, not the DB instances for that DB cluster. You must invoke the CreateDBInstance action to create DB instances for the restored DB cluster, specifying the identifier of the restored DB cluster in DBClusterIdentifier. You can create DB instances only after the RestoreDBClusterFromSnapshot action has completed and the DB cluster is available.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", + "RestoreDBClusterToPointInTime": "Restores a DB cluster to an arbitrary point in time. Users can restore to any point in time before LatestRestorableTime for up to BackupRetentionPeriod days. The target DB cluster is created from the source DB cluster with the same configuration as the original DB cluster, except that the new DB cluster is created with the default DB security group.
For Aurora, this action only restores the DB cluster, not the DB instances for that DB cluster. You must invoke the CreateDBInstance action to create DB instances for the restored DB cluster, specifying the identifier of the restored DB cluster in DBClusterIdentifier. You can create DB instances only after the RestoreDBClusterToPointInTime action has completed and the DB cluster is available.
For more information on Amazon Aurora DB clusters, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
", "RestoreDBInstanceFromDBSnapshot": "Creates a new DB instance from a DB snapshot. The target database is created from the source database restore point with most of the source's original configuration, including the default security group and DB parameter group. By default, the new DB instance is created as a Single-AZ deployment, except when the instance is a SQL Server instance that has an option group associated with mirroring. In this case, the instance becomes a Multi-AZ deployment, not a Single-AZ deployment.
If you want to replace your original DB instance with the new, restored DB instance, then rename your original DB instance before you call the RestoreDBInstanceFromDBSnapshot action. RDS doesn't allow two DB instances with the same name. After you have renamed your original DB instance with a different identifier, then you can pass the original name of the DB instance as the DBInstanceIdentifier in the call to the RestoreDBInstanceFromDBSnapshot action. The result is that you replace the original DB instance with the DB instance created from the snapshot.
If you are restoring from a shared manual DB snapshot, the DBSnapshotIdentifier must be the ARN of the shared DB snapshot.
This command doesn't apply to Aurora MySQL and Aurora PostgreSQL. For Aurora, use RestoreDBClusterFromSnapshot.
Amazon Relational Database Service (Amazon RDS) supports importing MySQL databases by using backup files. You can create a backup of your on-premises database, store it on Amazon Simple Storage Service (Amazon S3), and then restore the backup file onto a new Amazon RDS DB instance running MySQL. For more information, see Importing Data into an Amazon RDS MySQL DB Instance in the Amazon RDS User Guide.
This command doesn't apply to RDS Custom.
", "RestoreDBInstanceToPointInTime": "Restores a DB instance to an arbitrary point in time. You can restore to any point in time before the time identified by the LatestRestorableTime property. You can restore to a point up to the number of days specified by the BackupRetentionPeriod property.
The target database is created with most of the original configuration, but in a system-selected Availability Zone, with the default security group, the default subnet group, and the default DB parameter group. By default, the new DB instance is created as a single-AZ deployment except when the instance is a SQL Server instance that has an option group that is associated with mirroring; in this case, the instance becomes a mirrored deployment and not a single-AZ deployment.
This command doesn't apply to Aurora MySQL and Aurora PostgreSQL. For Aurora, use RestoreDBClusterToPointInTime.
Starts an Amazon Aurora DB cluster that was stopped using the Amazon Web Services console, the stop-db-cluster CLI command, or the StopDBCluster action.
For more information, see Stopping and Starting an Aurora Cluster in the Amazon Aurora User Guide.
This action only applies to Aurora DB clusters.
Starts an Amazon RDS DB instance that was stopped using the Amazon Web Services console, the stop-db-instance CLI command, or the StopDBInstance action.
For more information, see Starting an Amazon RDS DB instance That Was Previously Stopped in the Amazon RDS User Guide.
This command doesn't apply to RDS Custom, Aurora MySQL, and Aurora PostgreSQL. For Aurora DB clusters, use StartDBCluster instead.
Enables replication of automated backups to a different Amazon Web Services Region.
This command doesn't apply to RDS Custom.
For more information, see Replicating Automated Backups to Another Amazon Web Services Region in the Amazon RDS User Guide.
", - "StartExportTask": "Starts an export of a snapshot to Amazon S3. The provided IAM role must have access to the S3 bucket.
This command doesn't apply to RDS Custom.
", + "StartExportTask": "Starts an export of DB snapshot or DB cluster data to Amazon S3. The provided IAM role must have access to the S3 bucket.
You can't export snapshot data from RDS Custom DB instances.
You can't export cluster data from Multi-AZ DB clusters.
For more information on exporting DB snapshot data, see Exporting DB snapshot data to Amazon S3 in the Amazon RDS User Guide or Exporting DB cluster snapshot data to Amazon S3 in the Amazon Aurora User Guide.
For more information on exporting DB cluster data, see Exporting DB cluster data to Amazon S3 in the Amazon Aurora User Guide.
", "StopActivityStream": "Stops a database activity stream that was started using the Amazon Web Services console, the start-activity-stream CLI command, or the StartActivityStream action.
For more information, see Monitoring Amazon Aurora with Database Activity Streams in the Amazon Aurora User Guide or Monitoring Amazon RDS with Database Activity Streams in the Amazon RDS User Guide.
", "StopDBCluster": "Stops an Amazon Aurora DB cluster. When you stop a DB cluster, Aurora retains the DB cluster's metadata, including its endpoints and DB parameter groups. Aurora also retains the transaction logs so you can do a point-in-time restore if necessary.
For more information, see Stopping and Starting an Aurora Cluster in the Amazon Aurora User Guide.
This action only applies to Aurora DB clusters.
Stops an Amazon RDS DB instance. When you stop a DB instance, Amazon RDS retains the DB instance's metadata, including its endpoint, DB parameter group, and option group membership. Amazon RDS also retains the transaction logs so you can do a point-in-time restore if necessary.
For more information, see Stopping an Amazon RDS DB Instance Temporarily in the Amazon RDS User Guide.
This command doesn't apply to RDS Custom, Aurora MySQL, and Aurora PostgreSQL. For Aurora clusters, use StopDBCluster instead.
True if Performance Insights is enabled for the DB instance, and otherwise false.
", "DBInstance$CustomerOwnedIpEnabled": "Specifies whether a customer-owned IP address (CoIP) is enabled for an RDS on Outposts DB instance.
A CoIP provides local or external connectivity to resources in your Outpost subnets through your on-premises network. For some use cases, a CoIP can provide lower latency for connections to the DB instance from outside of its virtual private cloud (VPC) on your local network.
For more information about RDS on Outposts, see Working with Amazon RDS on Amazon Web Services Outposts in the Amazon RDS User Guide.
For more information about CoIPs, see Customer-owned IP addresses in the Amazon Web Services Outposts User Guide.
", "DBInstance$ActivityStreamEngineNativeAuditFieldsIncluded": "Indicates whether engine-native audit fields are included in the database activity stream.
", - "DeleteBlueGreenDeploymentRequest$DeleteTarget": "A value that indicates whether to delete the resources in the green environment.
", + "DeleteBlueGreenDeploymentRequest$DeleteTarget": "A value that indicates whether to delete the resources in the green environment. You can't specify this option if the blue/green deployment status is SWITCHOVER_COMPLETED.
A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.
", "DescribeDBEngineVersionsMessage$ListSupportedCharacterSets": "A value that indicates whether to list the supported character sets for each engine version.
If this parameter is enabled and the requested engine supports the CharacterSetName parameter for CreateDBInstance, the response includes a list of supported character sets for each engine version.
For RDS Custom, the default is not to list supported character sets. If you set ListSupportedCharacterSets to true, RDS Custom returns no results.
A value that indicates whether to list the supported time zones for each engine version.
If this parameter is enabled and the requested engine supports the TimeZone parameter for CreateDBInstance, the response includes a list of supported time zones for each engine version.
For RDS Custom, the default is not to list supported time zones. If you set ListSupportedTimezones to true, RDS Custom returns no results.
A value that indicates whether to allow or disallow automatic pause for an Aurora DB cluster in serverless DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).
If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.
A value that indicates whether automatic pause is allowed for the Aurora DB cluster in serverless DB engine mode.
When the value is set to false for an Aurora Serverless v1 DB cluster, the DB cluster automatically resumes.
", "StartActivityStreamRequest$ApplyImmediately": "Specifies whether or not the database activity stream is to start as soon as possible, regardless of the maintenance window for the database.
", - "StartActivityStreamRequest$EngineNativeAuditFieldsIncluded": "Specifies whether the database activity stream includes engine-native audit fields. This option only applies to an Oracle DB instance. By default, no engine-native audit fields are included.
", + "StartActivityStreamRequest$EngineNativeAuditFieldsIncluded": "Specifies whether the database activity stream includes engine-native audit fields. This option applies to an Oracle or Microsoft SQL Server DB instance. By default, no engine-native audit fields are included.
", "StartActivityStreamResponse$EngineNativeAuditFieldsIncluded": "Indicates whether engine-native audit fields are included in the database activity stream.
", "StopActivityStreamRequest$ApplyImmediately": "Specifies whether or not the database activity stream is to stop as soon as possible, regardless of the maintenance window for the database.
", "UpgradeTarget$SupportsParallelQuery": "A value that indicates whether you can use Aurora parallel query with the target engine version.
", @@ -2356,7 +2356,7 @@ } }, "ExportTask": { - "base": "Contains the details of a snapshot export to Amazon S3.
This data type is used as a response element in the DescribeExportTasks action.
Contains the details of a snapshot or cluster export to Amazon S3.
This data type is used as a response element in the DescribeExportTasks action.
Information about an export of a snapshot to Amazon S3.
" + "ExportTasksMessage$ExportTasks": "Information about an export of a snapshot or cluster to Amazon S3.
" } }, "ExportTasksMessage": { @@ -2455,7 +2455,7 @@ "DescribeEventCategoriesMessage$Filters": "This parameter isn't currently supported.
", "DescribeEventSubscriptionsMessage$Filters": "This parameter isn't currently supported.
", "DescribeEventsMessage$Filters": "This parameter isn't currently supported.
", - "DescribeExportTasksMessage$Filters": "Filters specify one or more snapshot exports to describe. The filters are specified as name-value pairs that define what to include in the output. Filter names and values are case-sensitive.
Supported filters include the following:
export-task-identifier - An identifier for the snapshot export task.
s3-bucket - The Amazon S3 bucket the snapshot is exported to.
source-arn - The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3
status - The status of the export task. Must be lowercase. Valid statuses are the following:
canceled
canceling
complete
failed
in_progress
starting
Filters specify one or more snapshot or cluster exports to describe. The filters are specified as name-value pairs that define what to include in the output. Filter names and values are case-sensitive.
Supported filters include the following:
export-task-identifier - An identifier for the snapshot or cluster export task.
s3-bucket - The Amazon S3 bucket the data is exported to.
source-arn - The Amazon Resource Name (ARN) of the snapshot or cluster exported to Amazon S3.
status - The status of the export task. Must be lowercase. Valid statuses are the following:
canceled
canceling
complete
failed
in_progress
starting
This parameter isn't currently supported.
", "DescribeOptionGroupOptionsMessage$Filters": "This parameter isn't currently supported.
", "DescribeOptionGroupsMessage$Filters": "This parameter isn't currently supported.
", @@ -2603,7 +2603,7 @@ "DBSnapshot$PercentProgress": "The percentage of the estimated data that has been transferred.
", "DownloadDBLogFilePortionMessage$NumberOfLines": "The number of lines to download. If the number of lines specified results in a file over 1 MB in size, the file is truncated at 1 MB in size.
If the NumberOfLines parameter is specified, then the block of lines returned can be from the beginning or the end of the log file, depending on the value of the Marker parameter.
If neither Marker or NumberOfLines are specified, the entire log file is returned up to a maximum of 10000 lines, starting with the most recent log entries first.
If NumberOfLines is specified and Marker isn't specified, then the most recent lines from the end of the log file are returned.
If Marker is specified as \"0\", then the specified number of lines from the beginning of the log file are returned.
You can download the log file in blocks of lines by specifying the size of the block using the NumberOfLines parameter, and by specifying a value of \"0\" for the Marker parameter in your first request. Include the Marker value returned in the response as the Marker value for the next request, continuing until the AdditionalDataPending response element returns false.
Specifies the port that the database engine is listening on.
", - "ExportTask$PercentProgress": "The progress of the snapshot export task as a percentage.
", + "ExportTask$PercentProgress": "The progress of the snapshot or cluster export task as a percentage.
", "ExportTask$TotalExtractedDataInGB": "The total amount of data exported, in gigabytes.
", "Range$From": "The minimum value in the range.
", "Range$To": "The maximum value in the range.
", @@ -2642,7 +2642,7 @@ "CreateDBInstanceReadReplicaMessage$PerformanceInsightsRetentionPeriod": "The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:
7
month * 31, where month is a number of months from 1-23
731
For example, the following values are valid:
93 (3 months * 31)
341 (11 months * 31)
589 (19 months * 31)
731
If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.
This setting doesn't apply to RDS Custom.
", "CreateDBInstanceReadReplicaMessage$MaxAllocatedStorage": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.
For more information about this setting, including limitations that apply to it, see Managing capacity automatically with Amazon RDS storage autoscaling in the Amazon RDS User Guide.
", "CreateDBInstanceReadReplicaMessage$StorageThroughput": "Specifies the storage throughput value for the read replica.
This setting doesn't apply to RDS Custom or Amazon Aurora.
", - "CreateDBInstanceReadReplicaMessage$AllocatedStorage": "The amount of storage (in gibibytes) to allocate initially for the read replica. Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough memory for your read replica so that the create operation can succeed. You can also allocate additional memory for future growth.
The amount of storage (in gibibytes) to allocate initially for the read replica. Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough storage for your read replica so that the create operation can succeed. You can also allocate additional storage for future growth.
The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.
", "DBCluster$AllocatedStorage": "For all database engines except Amazon Aurora, AllocatedStorage specifies the allocated storage size in gibibytes (GiB). For Aurora, AllocatedStorage always returns 1, because Aurora DB cluster storage size isn't fixed, but instead automatically adjusts as needed.
Specifies the number of days for which automatic DB snapshots are retained.
", @@ -2740,8 +2740,8 @@ "RestoreDBInstanceFromDBSnapshotMessage$Port": "The port number on which the database accepts connections.
Default: The same port as the original DB instance
Constraints: Value must be 1150-65535
Specifies the amount of provisioned IOPS for the DB instance, expressed in I/O operations per second. If this parameter isn't specified, the IOPS value is taken from the backup. If this parameter is set to 0, the new instance is converted to a non-PIOPS instance. The conversion takes additional time, though your DB instance is available for connections before the conversion starts.
The provisioned IOPS value must follow the requirements for your database engine. For more information, see Amazon RDS Provisioned IOPS storage in the Amazon RDS User Guide.
Constraints: Must be an integer greater than 1000.
", "RestoreDBInstanceFromDBSnapshotMessage$StorageThroughput": "Specifies the storage throughput value for the DB instance.
This setting doesn't apply to RDS Custom or Amazon Aurora.
", - "RestoreDBInstanceFromDBSnapshotMessage$AllocatedStorage": "The amount of storage (in gibibytes) to allocate initially for the DB instance. Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough memory for your new DB instance so that the restore operation can succeed. You can also allocate additional memory for future growth.
The amount of storage (in gibibytes) to allocate initially for the DB instance. Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough memory for your new DB instance so that the restore operation can succeed. You can also allocate additional memory for future growth.
The amount of storage (in gibibytes) to allocate initially for the DB instance. Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough storage for your new DB instance so that the restore operation can succeed. You can also allocate additional storage for future growth.
The amount of storage (in gibibytes) to allocate initially for the DB instance. Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough storage for your new DB instance so that the restore operation can succeed. You can also allocate additional storage for future growth.
The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. For more information, see CreateDBInstance.
The port number on which the database accepts connections.
Type: Integer
Valid Values: 1150-65535
Default: 3306
The amount of Provisioned IOPS (input/output operations per second) to allocate initially for the DB instance. For information about valid IOPS values, see Amazon RDS Provisioned IOPS storage in the Amazon RDS User Guide.
", @@ -2753,7 +2753,7 @@ "RestoreDBInstanceToPointInTimeMessage$Iops": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance.
Constraints: Must be an integer greater than 1000.
SQL Server
Setting the IOPS value for the SQL Server database engine isn't supported.
", "RestoreDBInstanceToPointInTimeMessage$MaxAllocatedStorage": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.
For more information about this setting, including limitations that apply to it, see Managing capacity automatically with Amazon RDS storage autoscaling in the Amazon RDS User Guide.
This setting doesn't apply to RDS Custom.
", "RestoreDBInstanceToPointInTimeMessage$StorageThroughput": "Specifies the storage throughput value for the DB instance.
This setting doesn't apply to RDS Custom or Amazon Aurora.
", - "RestoreDBInstanceToPointInTimeMessage$AllocatedStorage": "The amount of storage (in gibibytes) to allocate initially for the DB instance. Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough memory for your new DB instance so that the restore operation can succeed. You can also allocate additional memory for future growth.
The amount of storage (in gibibytes) to allocate initially for the DB instance. Follow the allocation rules specified in CreateDBInstance.
Be sure to allocate enough storage for your new DB instance so that the restore operation can succeed. You can also allocate additional storage for future growth.
The minimum capacity for an Aurora DB cluster in serverless DB engine mode.
For Aurora MySQL, valid capacity values are 1, 2, 4, 8, 16, 32, 64, 128, and 256.
For Aurora PostgreSQL, valid capacity values are 2, 4, 8, 16, 32, 64, 192, and 384.
The minimum capacity must be less than or equal to the maximum capacity.
", "ScalingConfiguration$MaxCapacity": "The maximum capacity for an Aurora DB cluster in serverless DB engine mode.
For Aurora MySQL, valid capacity values are 1, 2, 4, 8, 16, 32, 64, 128, and 256.
For Aurora PostgreSQL, valid capacity values are 2, 4, 8, 16, 32, 64, 192, and 384.
The maximum capacity must be greater than or equal to the minimum capacity.
", "ScalingConfiguration$SecondsUntilAutoPause": "The time, in seconds, before an Aurora DB cluster in serverless mode is paused.
Specify a value between 300 and 86,400 seconds.
", @@ -3951,7 +3951,7 @@ "AvailableProcessorFeature$AllowedValues": "The allowed values for the processor feature of the DB instance class.
", "BacktrackDBClusterMessage$DBClusterIdentifier": "The DB cluster identifier of the DB cluster to be backtracked. This parameter is stored as a lowercase string.
Constraints:
Must contain from 1 to 63 alphanumeric characters or hyphens.
First character must be a letter.
Can't end with a hyphen or contain two consecutive hyphens.
Example: my-cluster1
The identifier of the snapshot export task to cancel.
", + "CancelExportTaskMessage$ExportTaskIdentifier": "The identifier of the snapshot or cluster export task to cancel.
", "Certificate$CertificateIdentifier": "The unique key that identifies a certificate.
", "Certificate$CertificateType": "The type of the certificate.
", "Certificate$Thumbprint": "The thumbprint of the certificate.
", @@ -3999,7 +3999,7 @@ "CreateDBClusterMessage$OptionGroupName": "A value that indicates that the DB cluster should be associated with the specified option group.
DB clusters are associated with a default option group that can't be modified.
", "CreateDBClusterMessage$PreferredBackupWindow": "The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.
The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region. To view the time blocks available, see Backup window in the Amazon Aurora User Guide.
Constraints:
Must be in the format hh24:mi-hh24:mi.
Must be in Universal Coordinated Time (UTC).
Must not conflict with the preferred maintenance window.
Must be at least 30 minutes.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "CreateDBClusterMessage$PreferredMaintenanceWindow": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
Format: ddd:hh24:mi-ddd:hh24:mi
The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide.
Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.
Constraints: Minimum 30-minute window.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", - "CreateDBClusterMessage$ReplicationSourceIdentifier": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.
Valid for: Aurora DB clusters only
", + "CreateDBClusterMessage$ReplicationSourceIdentifier": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.
Valid for: Aurora DB clusters and RDS for PostgreSQL Multi-AZ DB clusters
", "CreateDBClusterMessage$KmsKeyId": "The Amazon Web Services KMS key identifier for an encrypted DB cluster.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.
When a KMS key isn't specified in KmsKeyId:
If ReplicationSourceIdentifier identifies an encrypted source, then Amazon RDS will use the KMS key used to encrypt the source. Otherwise, Amazon RDS will use your default KMS key.
If the StorageEncrypted parameter is enabled and ReplicationSourceIdentifier isn't specified, then Amazon RDS will use your default KMS key.
There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
If you create a read replica of an encrypted DB cluster in another Amazon Web Services Region, you must set KmsKeyId to a KMS key identifier that is valid in the destination Amazon Web Services Region. This KMS key is used to encrypt the read replica in that Amazon Web Services Region.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "CreateDBClusterMessage$PreSignedUrl": "When you are replicating a DB cluster from one Amazon Web Services GovCloud (US) Region to another, an URL that contains a Signature Version 4 signed request for the CreateDBCluster operation to be called in the source Amazon Web Services Region where the DB cluster is replicated from. Specify PreSignedUrl only when you are performing cross-Region replication from an encrypted DB cluster.
The presigned URL must be a valid request for the CreateDBCluster API operation that can run in the source Amazon Web Services Region that contains the encrypted DB cluster to copy.
The presigned URL request must contain the following parameter values:
KmsKeyId - The KMS key identifier for the KMS key to use to encrypt the copy of the DB cluster in the destination Amazon Web Services Region. This should refer to the same KMS key for both the CreateDBCluster operation that is called in the destination Amazon Web Services Region, and the operation contained in the presigned URL.
DestinationRegion - The name of the Amazon Web Services Region that Aurora read replica will be created in.
ReplicationSourceIdentifier - The DB cluster identifier for the encrypted DB cluster to be copied. This identifier must be in the Amazon Resource Name (ARN) format for the source Amazon Web Services Region. For example, if you are copying an encrypted DB cluster from the us-west-2 Amazon Web Services Region, then your ReplicationSourceIdentifier would look like Example: arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1.
To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.
If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can run in the source Amazon Web Services Region.
Valid for: Aurora DB clusters only
", "CreateDBClusterMessage$EngineMode": "The DB engine mode of the DB cluster, either provisioned, serverless, parallelquery, global, or multimaster.
The parallelquery engine mode isn't required for Aurora MySQL version 1.23 and higher 1.x versions, and version 2.09 and higher 2.x versions.
The global engine mode isn't required for Aurora MySQL version 1.22 and higher 1.x versions, and global engine mode isn't required for any 2.x versions.
The multimaster engine mode only applies for DB clusters created with Aurora MySQL version 5.6.10a.
The serverless engine mode only applies for Aurora Serverless v1 DB clusters.
For Aurora PostgreSQL, the global engine mode isn't required, and both the parallelquery and the multimaster engine modes currently aren't supported.
Limitations and requirements apply to some DB engine modes. For more information, see the following sections in the Amazon Aurora User Guide:
Valid for: Aurora DB clusters only
", @@ -4398,8 +4398,8 @@ "DescribeEventSubscriptionsMessage$Marker": "An optional pagination token provided by a previous DescribeOrderableDBInstanceOptions request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords .
The identifier of the event source for which events are returned. If not specified, then all sources are included in the response.
Constraints:
If SourceIdentifier is supplied, SourceType must also be provided.
If the source type is a DB instance, a DBInstanceIdentifier value must be supplied.
If the source type is a DB cluster, a DBClusterIdentifier value must be supplied.
If the source type is a DB parameter group, a DBParameterGroupName value must be supplied.
If the source type is a DB security group, a DBSecurityGroupName value must be supplied.
If the source type is a DB snapshot, a DBSnapshotIdentifier value must be supplied.
If the source type is a DB cluster snapshot, a DBClusterSnapshotIdentifier value must be supplied.
If the source type is an RDS Proxy, a DBProxyName value must be supplied.
Can't end with a hyphen or contain two consecutive hyphens.
An optional pagination token provided by a previous DescribeEvents request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.
The identifier of the snapshot export task to be described.
", - "DescribeExportTasksMessage$SourceArn": "The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3.
", + "DescribeExportTasksMessage$ExportTaskIdentifier": "The identifier of the snapshot or cluster export task to be described.
", + "DescribeExportTasksMessage$SourceArn": "The Amazon Resource Name (ARN) of the snapshot or cluster exported to Amazon S3.
", "DescribeExportTasksMessage$Marker": "An optional pagination token provided by a previous DescribeExportTasks request. If you specify this parameter, the response includes only records beyond the marker, up to the value specified by the MaxRecords parameter.
The user-supplied DB cluster identifier. If this parameter is specified, information from only the specific DB cluster is returned. This parameter isn't case-sensitive.
Constraints:
If supplied, must match an existing DBClusterIdentifier.
An optional pagination token provided by a previous DescribeGlobalClusters request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.
The Amazon Resource Name (ARN) for the event subscription.
", "EventSubscriptionsMessage$Marker": "An optional pagination token provided by a previous DescribeOrderableDBInstanceOptions request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.
An optional pagination token provided by a previous Events request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.
A unique identifier for the snapshot export task. This ID isn't an identifier for the Amazon S3 bucket where the snapshot is exported to.
", - "ExportTask$SourceArn": "The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3.
", - "ExportTask$S3Bucket": "The Amazon S3 bucket that the snapshot is exported to.
", - "ExportTask$S3Prefix": "The Amazon S3 bucket prefix that is the file name and path of the exported snapshot.
", - "ExportTask$IamRoleArn": "The name of the IAM role that is used to write to Amazon S3 when exporting a snapshot.
", - "ExportTask$KmsKeyId": "The key identifier of the Amazon Web Services KMS key that is used to encrypt the snapshot when it's exported to Amazon S3. The KMS key identifier is its key ARN, key ID, alias ARN, or alias name. The IAM role used for the snapshot export must have encryption and decryption permissions to use this KMS key.
", - "ExportTask$Status": "The progress status of the export task.
", + "ExportTask$ExportTaskIdentifier": "A unique identifier for the snapshot or cluster export task. This ID isn't an identifier for the Amazon S3 bucket where the data is exported.
", + "ExportTask$SourceArn": "The Amazon Resource Name (ARN) of the snapshot or cluster exported to Amazon S3.
", + "ExportTask$S3Bucket": "The Amazon S3 bucket that the snapshot or cluster is exported to.
", + "ExportTask$S3Prefix": "The Amazon S3 bucket prefix that is the file name and path of the exported data.
", + "ExportTask$IamRoleArn": "The name of the IAM role that is used to write to Amazon S3 when exporting a snapshot or cluster.
", + "ExportTask$KmsKeyId": "The key identifier of the Amazon Web Services KMS key that is used to encrypt the data when it's exported to Amazon S3. The KMS key identifier is its key ARN, key ID, alias ARN, or alias name. The IAM role used for the export must have encryption and decryption permissions to use this KMS key.
", + "ExportTask$Status": "The progress status of the export task. The status can be one of the following:
CANCELED
CANCELING
COMPLETE
FAILED
IN_PROGRESS
STARTING
The reason the export failed, if it failed.
", - "ExportTask$WarningMessage": "A warning about the snapshot export task.
", + "ExportTask$WarningMessage": "A warning about the snapshot or cluster export task.
", "ExportTasksMessage$Marker": "A pagination token that can be used in a later DescribeExportTasks request. A marker is used for pagination to identify the location to begin output for the next response of DescribeExportTasks.
A DB cluster identifier to force a failover for. This parameter isn't case-sensitive.
Constraints:
Must match the identifier of an existing DBCluster.
The name of the DB instance to promote to the primary DB instance.
Specify the DB instance identifier for an Aurora Replica or a Multi-AZ readable standby in the DB cluster, for example mydbcluster-replica1.
This setting isn't supported for RDS for MySQL Multi-AZ DB clusters.
", @@ -4503,7 +4503,7 @@ "MasterUserSecret$KmsKeyId": "The Amazon Web Services KMS key identifier that is used to encrypt the secret.
", "MinimumEngineVersionPerAllowedValue$AllowedValue": "The allowed value for an option setting.
", "MinimumEngineVersionPerAllowedValue$MinimumEngineVersion": "The minimum DB engine version required for the allowed value.
", - "ModifyActivityStreamRequest$ResourceArn": "The Amazon Resource Name (ARN) of the RDS for Oracle DB instance, for example, arn:aws:rds:us-east-1:12345667890:instance:my-orcl-db.
The Amazon Resource Name (ARN) of the RDS for Oracle or Microsoft SQL Server DB instance. For example, arn:aws:rds:us-east-1:12345667890:instance:my-orcl-db.
The Amazon Web Services KMS key identifier for encryption of messages in the database activity stream.
", "ModifyActivityStreamResponse$KinesisStreamName": "The name of the Amazon Kinesis data stream to be used for the database activity stream.
", "ModifyCertificatesMessage$CertificateIdentifier": "The new default certificate identifier to override the current one with.
To determine the valid values, use the describe-certificates CLI command or the DescribeCertificates API operation.
The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance. The instance profile must meet the following requirements:
The profile must exist in your account.
The profile must have an IAM role that Amazon EC2 has permissions to assume.
The instance profile name and the associated IAM role name must start with the prefix AWSRDSCustom.
For the list of permissions required for the IAM role, see Configure IAM and your VPC in the Amazon RDS User Guide.
This setting is required for RDS Custom.
", "RestoreDBInstanceFromDBSnapshotMessage$BackupTarget": "Specifies where automated backups and manual snapshots are stored for the restored DB instance.
Possible values are outposts (Amazon Web Services Outposts) and region (Amazon Web Services Region). The default is region.
For more information, see Working with Amazon RDS on Amazon Web Services Outposts in the Amazon RDS User Guide.
", "RestoreDBInstanceFromDBSnapshotMessage$NetworkType": "The network type of the DB instance.
Valid values:
IPV4
DUAL
The network type is determined by the DBSubnetGroup specified for the DB instance. A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and the IPv6 protocols (DUAL).
For more information, see Working with a DB instance in a VPC in the Amazon RDS User Guide.
", - "RestoreDBInstanceFromDBSnapshotMessage$DBClusterSnapshotIdentifier": "The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore from.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
Constraints:
Must match the identifier of an existing Multi-AZ DB cluster snapshot.
Can't be specified when DBSnapshotIdentifier is specified.
Must be specified when DBSnapshotIdentifier isn't specified.
If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the DBClusterSnapshotIdentifier must be the ARN of the shared snapshot.
Can't be the identifier of an Aurora DB cluster snapshot.
Can't be the identifier of an RDS for PostgreSQL Multi-AZ DB cluster snapshot.
The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore from.
For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments in the Amazon RDS User Guide.
Constraints:
Must match the identifier of an existing Multi-AZ DB cluster snapshot.
Can't be specified when DBSnapshotIdentifier is specified.
Must be specified when DBSnapshotIdentifier isn't specified.
If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the DBClusterSnapshotIdentifier must be the ARN of the shared snapshot.
Can't be the identifier of an Aurora DB cluster snapshot.
Can't be the identifier of an RDS for PostgreSQL Multi-AZ DB cluster snapshot.
The name of the database to create when the DB instance is created. Follow the naming rules specified in CreateDBInstance.
The DB instance identifier. This parameter is stored as a lowercase string.
Constraints:
Must contain from 1 to 63 letters, numbers, or hyphens.
First character must be a letter.
Can't end with a hyphen or contain two consecutive hyphens.
Example: mydbinstance
The compute and memory capacity of the DB instance, for example db.m4.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.
Importing from Amazon S3 isn't supported on the db.t2.micro DB instance class.
", @@ -4820,12 +4820,12 @@ "StartDBInstanceAutomatedBackupsReplicationMessage$KmsKeyId": "The Amazon Web Services KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination Amazon Web Services Region, for example, arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE.
In an Amazon Web Services GovCloud (US) Region, an URL that contains a Signature Version 4 signed request for the StartDBInstanceAutomatedBackupsReplication operation to call in the Amazon Web Services Region of the source DB instance. The presigned URL must be a valid request for the StartDBInstanceAutomatedBackupsReplication API operation that can run in the Amazon Web Services Region that contains the source DB instance.
This setting applies only to Amazon Web Services GovCloud (US) Regions. It's ignored in other Amazon Web Services Regions.
To learn how to generate a Signature Version 4 signed request, see Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and Signature Version 4 Signing Process.
If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a presigned URL that is a valid request for the operation that can run in the source Amazon Web Services Region.
The user-supplied instance identifier.
", - "StartExportTaskMessage$ExportTaskIdentifier": "A unique identifier for the snapshot export task. This ID isn't an identifier for the Amazon S3 bucket where the snapshot is to be exported to.
", - "StartExportTaskMessage$SourceArn": "The Amazon Resource Name (ARN) of the snapshot to export to Amazon S3.
", - "StartExportTaskMessage$S3BucketName": "The name of the Amazon S3 bucket to export the snapshot to.
", - "StartExportTaskMessage$IamRoleArn": "The name of the IAM role to use for writing to the Amazon S3 bucket when exporting a snapshot.
", - "StartExportTaskMessage$KmsKeyId": "The ID of the Amazon Web Services KMS key to use to encrypt the snapshot exported to Amazon S3. The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. The caller of this operation must be authorized to run the following operations. These can be set in the Amazon Web Services KMS key policy:
kms:Encrypt
kms:Decrypt
kms:GenerateDataKey
kms:GenerateDataKeyWithoutPlaintext
kms:ReEncryptFrom
kms:ReEncryptTo
kms:CreateGrant
kms:DescribeKey
kms:RetireGrant
The Amazon S3 bucket prefix to use as the file name and path of the exported snapshot.
", + "StartExportTaskMessage$ExportTaskIdentifier": "A unique identifier for the export task. This ID isn't an identifier for the Amazon S3 bucket where the data is to be exported.
", + "StartExportTaskMessage$SourceArn": "The Amazon Resource Name (ARN) of the snapshot or cluster to export to Amazon S3.
", + "StartExportTaskMessage$S3BucketName": "The name of the Amazon S3 bucket to export the snapshot or cluster data to.
", + "StartExportTaskMessage$IamRoleArn": "The name of the IAM role to use for writing to the Amazon S3 bucket when exporting a snapshot or cluster.
", + "StartExportTaskMessage$KmsKeyId": "The ID of the Amazon Web Services KMS key to use to encrypt the data exported to Amazon S3. The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. The caller of this operation must be authorized to run the following operations. These can be set in the Amazon Web Services KMS key policy:
kms:Encrypt
kms:Decrypt
kms:GenerateDataKey
kms:GenerateDataKeyWithoutPlaintext
kms:ReEncryptFrom
kms:ReEncryptTo
kms:CreateGrant
kms:DescribeKey
kms:RetireGrant
The Amazon S3 bucket prefix to use as the file name and path of the exported data.
", "StopActivityStreamRequest$ResourceArn": "The Amazon Resource Name (ARN) of the DB cluster for the database activity stream. For example, arn:aws:rds:us-east-1:12345667890:cluster:das-cluster.
The Amazon Web Services KMS key identifier used for encrypting messages in the database activity stream.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
", "StopActivityStreamResponse$KinesisStreamName": "The name of the Amazon Kinesis data stream used for the database activity stream.
", @@ -4885,7 +4885,7 @@ "DBSubnetGroup$SupportedNetworkTypes": "The network type of the DB subnet group.
Valid values:
IPV4
DUAL
A DBSubnetGroup can support only the IPv4 protocol or the IPv4 and the IPv6 protocols (DUAL).
For more information, see Working with a DB instance in a VPC in the Amazon RDS User Guide.
", "DeregisterDBProxyTargetsRequest$DBInstanceIdentifiers": "One or more DB instance identifiers.
", "DeregisterDBProxyTargetsRequest$DBClusterIdentifiers": "One or more DB cluster identifiers.
", - "ExportTask$ExportOnly": "The data exported from the snapshot. Valid values are the following:
database - Export all the data from a specified database.
database.table table-name - Export a table of the snapshot. This format is valid only for RDS for MySQL, RDS for MariaDB, and Aurora MySQL.
database.schema schema-name - Export a database schema of the snapshot. This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL.
database.schema.table table-name - Export a table of the database schema. This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL.
The data exported from the snapshot or cluster. Valid values are the following:
database - Export all the data from a specified database.
database.table table-name - Export a table of the snapshot or cluster. This format is valid only for RDS for MySQL, RDS for MariaDB, and Aurora MySQL.
database.schema schema-name - Export a database schema of the snapshot or cluster. This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL.
database.schema.table table-name - Export a table of the database schema. This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL.
List of DB instance identifiers that are part of the custom endpoint group.
", "ModifyDBClusterEndpointMessage$ExcludedMembers": "List of DB instance identifiers that aren't part of the custom endpoint group. All other eligible instances are reachable through the custom endpoint. Only relevant if the list of static members is empty.
", "ModifyDBProxyEndpointRequest$VpcSecurityGroupIds": "The VPC security group IDs for the DB proxy endpoint. When the DB proxy endpoint uses a different VPC than the original proxy, you also specify a different set of security group IDs than for the original proxy.
", @@ -4893,7 +4893,7 @@ "OrderableDBInstanceOption$SupportedNetworkTypes": "The network types supported by the DB instance (IPV4 or DUAL).
A DB instance can support only the IPv4 protocol or the IPv4 and the IPv6 protocols (DUAL).
For more information, see Working with a DB instance in a VPC in the Amazon RDS User Guide.
", "RegisterDBProxyTargetsRequest$DBInstanceIdentifiers": "One or more DB instance identifiers.
", "RegisterDBProxyTargetsRequest$DBClusterIdentifiers": "One or more DB cluster identifiers.
", - "StartExportTaskMessage$ExportOnly": "The data to be exported from the snapshot. If this parameter is not provided, all the snapshot data is exported. Valid values are the following:
database - Export all the data from a specified database.
database.table table-name - Export a table of the snapshot. This format is valid only for RDS for MySQL, RDS for MariaDB, and Aurora MySQL.
database.schema schema-name - Export a database schema of the snapshot. This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL.
database.schema.table table-name - Export a table of the database schema. This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL.
The data to be exported from the snapshot or cluster. If this parameter is not provided, all of the data is exported. Valid values are the following:
database - Export all the data from a specified database.
database.table table-name - Export a table of the snapshot or cluster. This format is valid only for RDS for MySQL, RDS for MariaDB, and Aurora MySQL.
database.schema schema-name - Export a database schema of the snapshot or cluster. This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL.
database.schema.table table-name - Export a table of the database schema. This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL.
The end of the time interval for which to retrieve events, specified in ISO 8601 format. For more information about ISO 8601, go to the ISO8601 Wikipedia page.
Example: 2009-07-08T18:00Z
", "Event$Date": "Specifies the date and time of the event.
", "ExportTask$SnapshotTime": "The time that the snapshot was created.
", - "ExportTask$TaskStartTime": "The time that the snapshot export task started.
", - "ExportTask$TaskEndTime": "The time that the snapshot export task completed.
", + "ExportTask$TaskStartTime": "The time that the snapshot or cluster export task started.
", + "ExportTask$TaskEndTime": "The time that the snapshot or cluster export task ended.
", "OptionGroup$CopyTimestamp": "Indicates when the option group was copied.
", "PendingMaintenanceAction$AutoAppliedAfterDate": "The date of the maintenance window when the action is applied. The maintenance action is applied to the resource during its first maintenance window after this date.
", "PendingMaintenanceAction$ForcedApplyDate": "The date when the maintenance action is automatically applied.
On this date, the maintenance action is applied to the resource as soon as possible, regardless of the maintenance window for the resource. There might be a delay of one or more days from this date before the maintenance action is applied.
", diff --git a/models/apis/rds/2014-10-31/endpoint-rule-set-1.json b/models/apis/rds/2014-10-31/endpoint-rule-set-1.json index 7ab4d4e1957..b9aff9f06c8 100644 --- a/models/apis/rds/2014-10-31/endpoint-rule-set-1.json +++ b/models/apis/rds/2014-10-31/endpoint-rule-set-1.json @@ -3,7 +3,7 @@ "parameters": { "Region": { "builtIn": "AWS::Region", - "required": true, + "required": false, "documentation": "The AWS region used to dispatch the request.", "type": "String" }, @@ -32,13 +32,12 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "isSet", "argv": [ { - "ref": "Region" + "ref": "Endpoint" } - ], - "assign": "PartitionResult" + ] } ], "type": "tree", @@ -46,14 +45,20 @@ { "conditions": [ { - "fn": "isSet", + "fn": "booleanEquals", "argv": [ { - "ref": "Endpoint" - } + "ref": "UseFIPS" + }, + true ] } ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], "type": "tree", "rules": [ { @@ -62,67 +67,42 @@ "fn": "booleanEquals", "argv": [ { - "ref": "UseFIPS" + "ref": "UseDualStack" }, true ] } ], - "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", "type": "error" }, { "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" + "endpoint": { + "url": { + "ref": "Endpoint" }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" - }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ { "conditions": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - }, - { - "fn": "booleanEquals", + "fn": "isSet", "argv": [ { - "ref": "UseDualStack" - }, - true + "ref": "Region" + } ] } ], @@ -131,294 +111,263 @@ { "conditions": [ { - "fn": "booleanEquals", + "fn": "aws.partition", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] + "ref": "Region" } - ] - }, + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseFIPS" }, - "supportsDualStack" + true ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://rds-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, + }, { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseDualStack" }, - "supportsFIPS" + true ] } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], + ], "type": "tree", "rules": [ { "conditions": [ { - "fn": "stringEquals", + "fn": "booleanEquals", "argv": [ + true, { - "ref": "Region" - }, - "rds.ca-central-1" + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] - } - ], - "endpoint": { - "url": "https://rds-fips.ca-central-1.amazonaws.com", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [ + }, { - "fn": "stringEquals", + "fn": "booleanEquals", "argv": [ + true, { - "ref": "Region" - }, - "rds.us-east-1" + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } ] } ], - "endpoint": { - "url": "https://rds-fips.us-east-1.amazonaws.com", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [ + "type": "tree", + "rules": [ { - "fn": "stringEquals", - "argv": [ + "conditions": [], + "type": "tree", + "rules": [ { - "ref": "Region" - }, - "rds.us-east-2" + "conditions": [], + "endpoint": { + "url": "https://rds-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } ] } - ], - "endpoint": { - "url": "https://rds-fips.us-east-2.amazonaws.com", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + ] }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { - "fn": "stringEquals", + "fn": "booleanEquals", "argv": [ + true, { - "ref": "Region" - }, - "rds.us-west-1" + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] } ], - "endpoint": { - "url": "https://rds-fips.us-west-1.amazonaws.com", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [ + "type": "tree", + "rules": [ { - "fn": "stringEquals", - "argv": [ + "conditions": [], + "type": "tree", + "rules": [ { - "ref": "Region" + "conditions": [ + { + "fn": "stringEquals", + "argv": [ + "aws-us-gov", + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "name" + ] + } + ] + } + ], + "endpoint": { + "url": "https://rds.{Region}.amazonaws.com", + "properties": {}, + "headers": {} + }, + "type": "endpoint" }, - "rds.us-west-2" + { + "conditions": [], + "endpoint": { + "url": "https://rds-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } ] } - ], - "endpoint": { - "url": "https://rds-fips.us-west-2.amazonaws.com", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + ] }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { - "fn": "stringEquals", + "fn": "booleanEquals", "argv": [ - "aws-us-gov", + true, { "fn": "getAttr", "argv": [ { "ref": "PartitionResult" }, - "name" + "supportsDualStack" ] } ] } ], - "endpoint": { - "url": "https://rds.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://rds.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] }, { "conditions": [], - "endpoint": { - "url": "https://rds-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] - } - ] - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [], + "type": "tree", + "rules": [ { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] + "conditions": [], + "endpoint": { + "url": "https://rds.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://rds.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } ] }, { "conditions": [], - "endpoint": { - "url": "https://rds.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } diff --git a/models/apis/rds/2014-10-31/endpoint-tests-1.json b/models/apis/rds/2014-10-31/endpoint-tests-1.json index 8b105992113..4bcb5a33082 100644 --- a/models/apis/rds/2014-10-31/endpoint-tests-1.json +++ b/models/apis/rds/2014-10-31/endpoint-tests-1.json @@ -1,1722 +1,575 @@ { "testCases": [ { - "documentation": "For region ap-south-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-south-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-south-2" - } - }, - { - "documentation": "For region ap-south-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-south-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-south-2" - } - }, - { - "documentation": "For region ap-south-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-south-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-south-2" - } - }, - { - "documentation": "For region ap-south-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-south-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-south-2" - } - }, - { - "documentation": "For region ap-south-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-south-1" - } - }, - { - "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-south-1" - } - }, - { - "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-south-1" - } - }, - { - "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-south-1" - } - }, - { - "documentation": "For region eu-south-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-south-1" - } - }, - { - "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-south-1" - } - }, - { - "documentation": "For region eu-south-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-south-1" - } - }, - { - "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-south-1" - } - }, - { - "documentation": "For region eu-south-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-south-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-south-2" - } - }, - { - "documentation": "For region eu-south-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-south-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-south-2" - } - }, - { - "documentation": "For region eu-south-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-south-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-south-2" - } - }, - { - "documentation": "For region eu-south-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-south-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-south-2" - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.us-gov-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-gov-east-1" - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.us-gov-east-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "us-gov-east-1" - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.us-gov-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-gov-east-1" - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.us-gov-east-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "us-gov-east-1" - } - }, - { - "documentation": "For region me-central-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.me-central-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "me-central-1" - } - }, - { - "documentation": "For region me-central-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.me-central-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "me-central-1" - } - }, - { - "documentation": "For region me-central-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.me-central-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "me-central-1" - } - }, - { - "documentation": "For region me-central-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.me-central-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "me-central-1" - } - }, - { - "documentation": "For region ca-central-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ca-central-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ca-central-1" - } - }, - { - "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ca-central-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ca-central-1" - } - }, - { - "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.ca-central-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ca-central-1" - } - }, - { - "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.ca-central-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ca-central-1" - } - }, - { - "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-central-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-central-1" - } - }, - { - "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-central-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-central-1" - } - }, - { - "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-central-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-central-1" - } - }, - { - "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-central-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-central-1" - } - }, - { - "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-iso-west-1" - } - }, - { - "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.us-iso-west-1.c2s.ic.gov" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "us-iso-west-1" - } - }, - { - "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-iso-west-1" - } - }, - { - "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.us-iso-west-1.c2s.ic.gov" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "us-iso-west-1" - } - }, - { - "documentation": "For region eu-central-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-central-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-central-2" - } - }, - { - "documentation": "For region eu-central-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-central-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-central-2" - } - }, - { - "documentation": "For region eu-central-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-central-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-central-2" - } - }, - { - "documentation": "For region eu-central-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-central-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-central-2" - } - }, - { - "documentation": "For region us-west-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.us-west-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-west-1" - } - }, - { - "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.us-west-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "us-west-1" - } - }, - { - "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.us-west-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-west-1" - } - }, - { - "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.us-west-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "us-west-1" - } - }, - { - "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.us-west-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-west-2" - } - }, - { - "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.us-west-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "us-west-2" - } - }, - { - "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.us-west-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-west-2" - } - }, - { - "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.us-west-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "us-west-2" - } - }, - { - "documentation": "For region af-south-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.af-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "af-south-1" - } - }, - { - "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.af-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "af-south-1" - } - }, - { - "documentation": "For region af-south-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.af-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "af-south-1" - } - }, - { - "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.af-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "af-south-1" - } - }, - { - "documentation": "For region eu-north-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-north-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-north-1" - } - }, - { - "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-north-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-north-1" - } - }, - { - "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-north-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-north-1" - } - }, - { - "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-north-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-north-1" - } - }, - { - "documentation": "For region eu-west-3 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-west-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-west-3" - } - }, - { - "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-west-3.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-west-3" - } - }, - { - "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-west-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-west-3" - } - }, - { - "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-west-3.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-west-3" - } - }, - { - "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-west-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-west-2" - } - }, - { - "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-west-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-west-2" - } - }, - { - "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-west-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-west-2" - } - }, - { - "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-west-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-west-2" - } - }, - { - "documentation": "For region eu-west-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-west-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "eu-west-1" - } - }, - { - "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.eu-west-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "eu-west-1" - } - }, - { - "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-west-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "eu-west-1" - } - }, - { - "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.eu-west-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "eu-west-1" - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-northeast-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-northeast-3" - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-northeast-3.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-northeast-3" - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-northeast-3.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-northeast-3" - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-northeast-3.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-northeast-3" - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-northeast-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-northeast-2" - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-northeast-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-northeast-2" - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-northeast-2.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-northeast-2" - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-northeast-2.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-northeast-2" - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-northeast-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-northeast-1" - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.ap-northeast-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-northeast-1" - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-northeast-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-northeast-1" - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.ap-northeast-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-northeast-1" - } - }, - { - "documentation": "For region me-south-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.me-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "me-south-1" - } - }, - { - "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.me-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "me-south-1" - } - }, - { - "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.me-south-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "me-south-1" - } - }, - { - "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds.me-south-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "me-south-1" - } - }, - { - "documentation": "For region sa-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.sa-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "sa-east-1" - } - }, - { - "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://rds-fips.sa-east-1.amazonaws.com" - } - }, - "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "sa-east-1" - } - }, - { - "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://rds.sa-east-1.api.aws" - } - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "sa-east-1" - } - }, - { - "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.sa-east-1.amazonaws.com" + "url": "https://rds.af-south-1.amazonaws.com" } }, "params": { + "Region": "af-south-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "sa-east-1" + "UseFIPS": false } }, { - "documentation": "For region ap-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-east-1.api.aws" + "url": "https://rds.ap-east-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-east-1" + "Region": "ap-east-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-east-1.amazonaws.com" + "url": "https://rds.ap-northeast-1.amazonaws.com" } }, "params": { + "Region": "ap-northeast-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-east-1" + "UseFIPS": false } }, { - "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-east-1.api.aws" + "url": "https://rds.ap-northeast-2.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-east-1" + "Region": "ap-northeast-2", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-east-1.amazonaws.com" + "url": "https://rds.ap-northeast-3.amazonaws.com" } }, "params": { + "Region": "ap-northeast-3", "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-east-1" + "UseFIPS": false } }, { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.cn-north-1.api.amazonwebservices.com.cn" + "url": "https://rds.ap-south-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "cn-north-1" + "Region": "ap-south-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.cn-north-1.amazonaws.com.cn" + "url": "https://rds.ap-southeast-1.amazonaws.com" } }, "params": { + "Region": "ap-southeast-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "cn-north-1" + "UseFIPS": false } }, { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.cn-north-1.api.amazonwebservices.com.cn" + "url": "https://rds.ap-southeast-2.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "cn-north-1" + "Region": "ap-southeast-2", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.cn-north-1.amazonaws.com.cn" + "url": "https://rds.ap-southeast-3.amazonaws.com" } }, "params": { + "Region": "ap-southeast-3", "UseDualStack": false, - "UseFIPS": false, - "Region": "cn-north-1" + "UseFIPS": false } }, { - "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled", + "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.us-gov-west-1.api.aws" + "url": "https://rds.ca-central-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-gov-west-1" + "Region": "ca-central-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.us-gov-west-1.amazonaws.com" + "url": "https://rds-fips.ca-central-1.amazonaws.com" } }, "params": { + "Region": "ca-central-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-gov-west-1" + "UseFIPS": true } }, { - "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled", + "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.us-gov-west-1.api.aws" + "url": "https://rds.eu-central-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-gov-west-1" + "Region": "eu-central-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", + "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.us-gov-west-1.amazonaws.com" + "url": "https://rds.eu-north-1.amazonaws.com" } }, "params": { + "Region": "eu-north-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "us-gov-west-1" + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack enabled", + "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-southeast-1.api.aws" + "url": "https://rds.eu-south-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-southeast-1" + "Region": "eu-south-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled", + "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-southeast-1.amazonaws.com" + "url": "https://rds.eu-west-1.amazonaws.com" } }, "params": { + "Region": "eu-west-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-southeast-1" + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled", + "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-southeast-1.api.aws" + "url": "https://rds.eu-west-2.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-southeast-1" + "Region": "eu-west-2", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", + "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-southeast-1.amazonaws.com" + "url": "https://rds.eu-west-3.amazonaws.com" } }, "params": { + "Region": "eu-west-3", "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-southeast-1" + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled", + "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-southeast-2.api.aws" + "url": "https://rds.me-south-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-southeast-2" + "Region": "me-south-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled", + "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-southeast-2.amazonaws.com" + "url": "https://rds.sa-east-1.amazonaws.com" } }, "params": { + "Region": "sa-east-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-southeast-2" + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-southeast-2.api.aws" + "url": "https://rds.us-east-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-southeast-2" + "Region": "us-east-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-southeast-2.amazonaws.com" + "url": "https://rds-fips.us-east-1.amazonaws.com" } }, "params": { + "Region": "us-east-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-southeast-2" - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-iso-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.us-iso-east-1.c2s.ic.gov" + "url": "https://rds.us-east-2.amazonaws.com" } }, "params": { + "Region": "us-east-2", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-iso-east-1" - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-iso-east-1" + "UseFIPS": false } }, { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.us-iso-east-1.c2s.ic.gov" + "url": "https://rds-fips.us-east-2.amazonaws.com" } }, "params": { + "Region": "us-east-2", "UseDualStack": false, - "UseFIPS": false, - "Region": "us-iso-east-1" + "UseFIPS": true } }, { - "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack enabled", + "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-southeast-3.api.aws" + "url": "https://rds.us-west-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-southeast-3" + "Region": "us-west-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled", + "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-southeast-3.amazonaws.com" + "url": "https://rds-fips.us-west-1.amazonaws.com" } }, "params": { + "Region": "us-west-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-southeast-3" + "UseFIPS": true } }, { - "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack enabled", + "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-southeast-3.api.aws" + "url": "https://rds.us-west-2.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-southeast-3" + "Region": "us-west-2", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", + "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-southeast-3.amazonaws.com" + "url": "https://rds-fips.us-west-2.amazonaws.com" } }, "params": { + "Region": "us-west-2", "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-southeast-3" + "UseFIPS": true } }, { - "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-southeast-4.api.aws" + "url": "https://rds-fips.us-east-1.api.aws" } }, "params": { + "Region": "us-east-1", "UseDualStack": true, - "UseFIPS": true, - "Region": "ap-southeast-4" + "UseFIPS": true } }, { - "documentation": "For region ap-southeast-4 with FIPS enabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://rds-fips.ap-southeast-4.amazonaws.com" + "url": "https://rds.us-east-1.api.aws" } }, "params": { - "UseDualStack": false, - "UseFIPS": true, - "Region": "ap-southeast-4" + "Region": "us-east-1", + "UseDualStack": true, + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack enabled", + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-southeast-4.api.aws" + "url": "https://rds.cn-north-1.amazonaws.com.cn" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "ap-southeast-4" + "Region": "cn-north-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-4 with FIPS disabled and DualStack disabled", + "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.ap-southeast-4.amazonaws.com" + "url": "https://rds.cn-northwest-1.amazonaws.com.cn" } }, "params": { + "Region": "cn-northwest-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "ap-southeast-4" + "UseFIPS": false } }, { - "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://rds-fips.us-east-1.api.aws" + "url": "https://rds-fips.cn-north-1.api.amazonwebservices.com.cn" } }, "params": { + "Region": "cn-north-1", "UseDualStack": true, - "UseFIPS": true, - "Region": "us-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.us-east-1.amazonaws.com" + "url": "https://rds-fips.cn-north-1.amazonaws.com.cn" } }, "params": { + "Region": "cn-north-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://rds.us-east-1.api.aws" + "url": "https://rds.cn-north-1.api.amazonwebservices.com.cn" } }, "params": { + "Region": "cn-north-1", "UseDualStack": true, - "UseFIPS": false, - "Region": "us-east-1" + "UseFIPS": false } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.us-east-1.amazonaws.com" + "url": "https://rds.us-gov-east-1.amazonaws.com" } }, "params": { + "Region": "us-gov-east-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "us-east-1" + "UseFIPS": false } }, { - "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.us-east-2.api.aws" + "url": "https://rds.us-gov-east-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-east-2" + "Region": "us-gov-east-1", + "UseDualStack": false, + "UseFIPS": true } }, { - "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.us-east-2.amazonaws.com" + "url": "https://rds.us-gov-west-1.amazonaws.com" } }, "params": { + "Region": "us-gov-west-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-east-2" + "UseFIPS": false } }, { - "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled", + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.us-east-2.api.aws" + "url": "https://rds.us-gov-west-1.amazonaws.com" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-east-2" + "Region": "us-gov-west-1", + "UseDualStack": false, + "UseFIPS": true } }, { - "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://rds.us-east-2.amazonaws.com" + "url": "https://rds-fips.us-gov-east-1.api.aws" } }, "params": { - "UseDualStack": false, - "UseFIPS": false, - "Region": "us-east-2" + "Region": "us-gov-east-1", + "UseDualStack": true, + "UseFIPS": true } }, { - "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://rds-fips.cn-northwest-1.api.amazonwebservices.com.cn" + "url": "https://rds.us-gov-east-1.api.aws" } }, "params": { + "Region": "us-gov-east-1", "UseDualStack": true, - "UseFIPS": true, - "Region": "cn-northwest-1" + "UseFIPS": false } }, { - "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds-fips.cn-northwest-1.amazonaws.com.cn" + "url": "https://rds.us-iso-east-1.c2s.ic.gov" } }, "params": { + "Region": "us-iso-east-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "cn-northwest-1" + "UseFIPS": false } }, { - "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.cn-northwest-1.api.amazonwebservices.com.cn" + "url": "https://rds.us-iso-west-1.c2s.ic.gov" } }, "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "cn-northwest-1" + "Region": "us-iso-west-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://rds.cn-northwest-1.amazonaws.com.cn" + "url": "https://rds-fips.us-iso-east-1.c2s.ic.gov" } }, "params": { + "Region": "us-iso-east-1", "UseDualStack": false, - "UseFIPS": false, - "Region": "cn-northwest-1" + "UseFIPS": true } }, { - "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + "endpoint": { + "url": "https://rds.us-isob-east-1.sc2s.sgov.gov" + } }, "params": { - "UseDualStack": true, - "UseFIPS": true, - "Region": "us-isob-east-1" + "Region": "us-isob-east-1", + "UseDualStack": false, + "UseFIPS": false } }, { @@ -1727,37 +580,27 @@ } }, "params": { + "Region": "us-isob-east-1", "UseDualStack": false, - "UseFIPS": true, - "Region": "us-isob-east-1" - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "UseDualStack": true, - "UseFIPS": false, - "Region": "us-isob-east-1" + "UseFIPS": true } }, { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", "expect": { "endpoint": { - "url": "https://rds.us-isob-east-1.sc2s.sgov.gov" + "url": "https://example.com" } }, "params": { + "Region": "us-east-1", "UseDualStack": false, "UseFIPS": false, - "Region": "us-isob-east-1" + "Endpoint": "https://example.com" } }, { - "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", "expect": { "endpoint": { "url": "https://example.com" @@ -1766,7 +609,6 @@ "params": { "UseDualStack": false, "UseFIPS": false, - "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -1776,9 +618,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { + "Region": "us-east-1", "UseDualStack": false, "UseFIPS": true, - "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -1788,9 +630,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { + "Region": "us-east-1", "UseDualStack": true, "UseFIPS": false, - "Region": "us-east-1", "Endpoint": "https://example.com" } } diff --git a/models/apis/wafv2/2019-07-29/api-2.json b/models/apis/wafv2/2019-07-29/api-2.json index e3b4640e5a4..d96f94c5234 100755 --- a/models/apis/wafv2/2019-07-29/api-2.json +++ b/models/apis/wafv2/2019-07-29/api-2.json @@ -809,6 +809,15 @@ } }, "shapes":{ + "AWSManagedRulesATPRuleSet":{ + "type":"structure", + "required":["LoginPath"], + "members":{ + "LoginPath":{"shape":"String"}, + "RequestInspection":{"shape":"RequestInspection"}, + "ResponseInspection":{"shape":"ResponseInspection"} + } + }, "AWSManagedRulesBotControlRuleSet":{ "type":"structure", "required":["InspectionLevel"], @@ -1649,6 +1658,11 @@ "member":{"shape":"ExcludedRule"}, "max":100 }, + "FailureCode":{ + "type":"integer", + "max":999, + "min":0 + }, "FailureReason":{ "type":"string", "enum":[ @@ -1658,6 +1672,12 @@ "TOKEN_DOMAIN_MISMATCH" ] }, + "FailureValue":{ + "type":"string", + "max":100, + "min":1, + "pattern":".*\\S.*" + }, "FallbackBehavior":{ "type":"string", "enum":[ @@ -2473,17 +2493,33 @@ "ManagedRuleGroupConfig":{ "type":"structure", "members":{ - "LoginPath":{"shape":"LoginPathString"}, - "PayloadType":{"shape":"PayloadType"}, - "UsernameField":{"shape":"UsernameField"}, - "PasswordField":{"shape":"PasswordField"}, - "AWSManagedRulesBotControlRuleSet":{"shape":"AWSManagedRulesBotControlRuleSet"} + "LoginPath":{ + "shape":"LoginPathString", + "deprecated":true, + "deprecatedMessage":"Deprecated. Use AWSManagedRulesATPRuleSet LoginPath" + }, + "PayloadType":{ + "shape":"PayloadType", + "deprecated":true, + "deprecatedMessage":"Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection PayloadType" + }, + "UsernameField":{ + "shape":"UsernameField", + "deprecated":true, + "deprecatedMessage":"Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection UsernameField" + }, + "PasswordField":{ + "shape":"PasswordField", + "deprecated":true, + "deprecatedMessage":"Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection PasswordField" + }, + "AWSManagedRulesBotControlRuleSet":{"shape":"AWSManagedRulesBotControlRuleSet"}, + "AWSManagedRulesATPRuleSet":{"shape":"AWSManagedRulesATPRuleSet"} } }, "ManagedRuleGroupConfigs":{ "type":"list", - "member":{"shape":"ManagedRuleGroupConfig"}, - "min":1 + "member":{"shape":"ManagedRuleGroupConfig"} }, "ManagedRuleGroupStatement":{ "type":"structure", @@ -2709,7 +2745,8 @@ "MAP_MATCH_SCOPE", "OVERSIZE_HANDLING", "CHALLENGE_CONFIG", - "TOKEN_DOMAIN" + "TOKEN_DOMAIN", + "ATP_RULE_SET_RESPONSE_INSPECTION" ] }, "ParameterExceptionParameter":{ @@ -2931,6 +2968,19 @@ "Timestamp":{"shape":"Timestamp"} } }, + "RequestInspection":{ + "type":"structure", + "required":[ + "PayloadType", + "UsernameField", + "PasswordField" + ], + "members":{ + "PayloadType":{"shape":"PayloadType"}, + "UsernameField":{"shape":"UsernameField"}, + "PasswordField":{"shape":"PasswordField"} + } + }, "ResourceArn":{ "type":"string", "max":2048, @@ -2965,6 +3015,117 @@ "APPLICATION_JSON" ] }, + "ResponseInspection":{ + "type":"structure", + "members":{ + "StatusCode":{"shape":"ResponseInspectionStatusCode"}, + "Header":{"shape":"ResponseInspectionHeader"}, + "BodyContains":{"shape":"ResponseInspectionBodyContains"}, + "Json":{"shape":"ResponseInspectionJson"} + } + }, + "ResponseInspectionBodyContains":{ + "type":"structure", + "required":[ + "SuccessStrings", + "FailureStrings" + ], + "members":{ + "SuccessStrings":{"shape":"ResponseInspectionBodyContainsSuccessStrings"}, + "FailureStrings":{"shape":"ResponseInspectionBodyContainsFailureStrings"} + } + }, + "ResponseInspectionBodyContainsFailureStrings":{ + "type":"list", + "member":{"shape":"FailureValue"}, + "max":5, + "min":1 + }, + "ResponseInspectionBodyContainsSuccessStrings":{ + "type":"list", + "member":{"shape":"SuccessValue"}, + "max":5, + "min":1 + }, + "ResponseInspectionHeader":{ + "type":"structure", + "required":[ + "Name", + "SuccessValues", + "FailureValues" + ], + "members":{ + "Name":{"shape":"ResponseInspectionHeaderName"}, + "SuccessValues":{"shape":"ResponseInspectionHeaderSuccessValues"}, + "FailureValues":{"shape":"ResponseInspectionHeaderFailureValues"} + } + }, + "ResponseInspectionHeaderFailureValues":{ + "type":"list", + "member":{"shape":"FailureValue"}, + "max":3, + "min":1 + }, + "ResponseInspectionHeaderName":{ + "type":"string", + "max":200, + "min":1, + "pattern":".*\\S.*" + }, + "ResponseInspectionHeaderSuccessValues":{ + "type":"list", + "member":{"shape":"SuccessValue"}, + "max":3, + "min":1 + }, + "ResponseInspectionJson":{ + "type":"structure", + "required":[ + "Identifier", + "SuccessValues", + "FailureValues" + ], + "members":{ + "Identifier":{"shape":"FieldIdentifier"}, + "SuccessValues":{"shape":"ResponseInspectionJsonSuccessValues"}, + "FailureValues":{"shape":"ResponseInspectionJsonFailureValues"} + } + }, + "ResponseInspectionJsonFailureValues":{ + "type":"list", + "member":{"shape":"FailureValue"}, + "max":5, + "min":1 + }, + "ResponseInspectionJsonSuccessValues":{ + "type":"list", + "member":{"shape":"SuccessValue"}, + "max":5, + "min":1 + }, + "ResponseInspectionStatusCode":{ + "type":"structure", + "required":[ + "SuccessCodes", + "FailureCodes" + ], + "members":{ + "SuccessCodes":{"shape":"ResponseInspectionStatusCodeSuccessCodes"}, + "FailureCodes":{"shape":"ResponseInspectionStatusCodeFailureCodes"} + } + }, + "ResponseInspectionStatusCodeFailureCodes":{ + "type":"list", + "member":{"shape":"FailureCode"}, + "max":10, + "min":1 + }, + "ResponseInspectionStatusCodeSuccessCodes":{ + "type":"list", + "member":{"shape":"SuccessCode"}, + "max":10, + "min":1 + }, "ResponseStatusCode":{ "type":"integer", "max":599, @@ -3202,6 +3363,18 @@ "type":"list", "member":{"shape":"Statement"} }, + "String":{"type":"string"}, + "SuccessCode":{ + "type":"integer", + "max":999, + "min":0 + }, + "SuccessValue":{ + "type":"string", + "max":100, + "min":1, + "pattern":".*\\S.*" + }, "Tag":{ "type":"structure", "required":[ @@ -3333,8 +3506,7 @@ }, "TokenDomains":{ "type":"list", - "member":{"shape":"TokenDomain"}, - "min":1 + "member":{"shape":"TokenDomain"} }, "URIString":{"type":"string"}, "UntagResourceRequest":{ diff --git a/models/apis/wafv2/2019-07-29/docs-2.json b/models/apis/wafv2/2019-07-29/docs-2.json index d5b996c9e34..790f502ab7e 100755 --- a/models/apis/wafv2/2019-07-29/docs-2.json +++ b/models/apis/wafv2/2019-07-29/docs-2.json @@ -1,6 +1,6 @@ { "version": "2.0", - "service": "This is the latest version of the WAF API, released in November, 2019. The names of the entities that you use to access this API, like endpoints and namespaces, all have the versioning information added, like \"V2\" or \"v2\", to distinguish from the prior version. We recommend migrating your resources to this version, because it has a number of significant improvements.
If you used WAF prior to this release, you can't use this WAFV2 API to access any WAF resources that you created before. You can access your old rules, web ACLs, and other WAF resources only through the WAF Classic APIs. The WAF Classic APIs have retained the prior names, endpoints, and namespaces.
For information, including how to migrate your WAF resources to this version, see the WAF Developer Guide.
WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool. WAF also lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, the Amazon API Gateway REST API, CloudFront distribution, the Application Load Balancer, the AppSync GraphQL API, or the Amazon Cognito user pool responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You also can configure CloudFront to return a custom error page when a request is blocked.
This API guide is for developers who need detailed information about WAF API actions, data types, and errors. For detailed information about WAF features and an overview of how to use WAF, see the WAF Developer Guide.
You can make calls using the endpoints listed in WAF endpoints and quotas.
For regional applications, you can use any of the endpoints in the list. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.
For Amazon CloudFront applications, you must use the API endpoint listed for US East (N. Virginia): us-east-1.
Alternatively, you can use one of the Amazon Web Services SDKs to access an API that's tailored to the programming language or platform that you're using. For more information, see Amazon Web Services SDKs.
We currently provide two versions of the WAF API: this API and the prior versions, the classic WAF APIs. This new API provides the same functionality as the older versions, with the following major improvements:
You use one API for both global and regional applications. Where you need to distinguish the scope, you specify a Scope parameter and set it to CLOUDFRONT or REGIONAL.
You can define a web ACL or rule group with a single call, and update it with a single call. You define all rule specifications in JSON format, and pass them to your rule group or web ACL calls.
The limits WAF places on the use of rules more closely reflects the cost of running each type of rule. Rule groups include capacity settings, so you know the maximum cost of a rule group when you use it.
This is the latest version of the WAF API, released in November, 2019. The names of the entities that you use to access this API, like endpoints and namespaces, all have the versioning information added, like \"V2\" or \"v2\", to distinguish from the prior version. We recommend migrating your resources to this version, because it has a number of significant improvements.
If you used WAF prior to this release, you can't use this WAFV2 API to access any WAF resources that you created before. You can access your old rules, web ACLs, and other WAF resources only through the WAF Classic APIs. The WAF Classic APIs have retained the prior names, endpoints, and namespaces.
For information, including how to migrate your WAF resources to this version, see the WAF Developer Guide.
WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to an Amazon CloudFront distribution, Amazon API Gateway REST API, Application Load Balancer, AppSync GraphQL API, or Amazon Cognito user pool. WAF also lets you control access to your content, to protect the Amazon Web Services resource that WAF is monitoring. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, the protected resource responds to requests with either the requested content, an HTTP 403 status code (Forbidden), or with a custom response.
This API guide is for developers who need detailed information about WAF API actions, data types, and errors. For detailed information about WAF features and guidance for configuring and using WAF, see the WAF Developer Guide.
You can make calls using the endpoints listed in WAF endpoints and quotas.
For regional applications, you can use any of the endpoints in the list. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.
For Amazon CloudFront applications, you must use the API endpoint listed for US East (N. Virginia): us-east-1.
Alternatively, you can use one of the Amazon Web Services SDKs to access an API that's tailored to the programming language or platform that you're using. For more information, see Amazon Web Services SDKs.
We currently provide two versions of the WAF API: this API and the prior versions, the classic WAF APIs. This new API provides the same functionality as the older versions, with the following major improvements:
You use one API for both global and regional applications. Where you need to distinguish the scope, you specify a Scope parameter and set it to CLOUDFRONT or REGIONAL.
You can define a web ACL or rule group with a single call, and update it with a single call. You define all rule specifications in JSON format, and pass them to your rule group or web ACL calls.
The limits WAF places on the use of rules more closely reflects the cost of running each type of rule. Rule groups include capacity settings, so you know the maximum cost of a rule group when you use it.
Associates a web ACL with a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, or an Amazon Cognito user pool.
For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To associate a web ACL, in the CloudFront call UpdateDistribution, set the web ACL ID to the Amazon Resource Name (ARN) of the web ACL. For information, see UpdateDistribution.
When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
", "CheckCapacity": "Returns the web ACL capacity unit (WCU) requirements for a specified scope and set of rules. You can use this to check the capacity requirements for the rules you want to use in a RuleGroup or WebACL.
WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.
", @@ -52,8 +52,14 @@ "UpdateWebACL": "Updates the specified WebACL. While updating a web ACL, WAF provides continuous coverage to the resources that you have associated with the web ACL.
This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call.
To modify a web ACL, do the following:
Retrieve it by calling GetWebACL
Update its settings as needed
Provide the complete web ACL specification to this call
When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has an action defined (allow, block, or count) for requests that match the statement of the rule. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito user pool.
" }, "shapes": { + "AWSManagedRulesATPRuleSet": { + "base": "Details for your use of the account takeover prevention managed rule group, AWSManagedRulesATPRuleSet. This configuration is used in ManagedRuleGroupConfig.
Additional configuration for using the account takeover prevention (ATP) managed rule group, AWSManagedRulesATPRuleSet. Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests. This configuration replaces the individual configuration fields in ManagedRuleGroupConfig and provides additional feature configuration.
For information about using the ATP managed rule group, see WAF Fraud Control account takeover prevention (ATP) rule group and WAF Fraud Control account takeover prevention (ATP) in the WAF Developer Guide.
" + } + }, "AWSManagedRulesBotControlRuleSet": { - "base": "Details for your use of the Bot Control managed rule group, used in ManagedRuleGroupConfig.
Details for your use of the Bot Control managed rule group, AWSManagedRulesBotControlRuleSet. This configuration is used in ManagedRuleGroupConfig.
Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see WAF Bot Control rule group and WAF Bot Control in the WAF Developer Guide.
" } @@ -626,6 +632,12 @@ "RuleGroupReferenceStatement$ExcludedRules": "Rules in the referenced rule group whose actions are set to Count.
Instead of this option, use RuleActionOverrides. It accepts any valid action setting, including Count.
The reason for failure, populated when the evaluation of the token fails.
" } }, + "FailureValue": { + "base": null, + "refs": { + "ResponseInspectionBodyContainsFailureStrings$member": null, + "ResponseInspectionHeaderFailureValues$member": null, + "ResponseInspectionJsonFailureValues$member": null + } + }, "FallbackBehavior": { "base": null, "refs": { @@ -644,6 +664,7 @@ "base": null, "refs": { "PasswordField$Identifier": "The name of the password field. For example /form/password.
The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.
JSON example: \"Identifier\": [ \"/login/success\" ]
The name of the username field. For example /form/username.
The path of the login endpoint for your application. For example, for the URL https://example.com/web/login, you would provide the path /web/login.
Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet.
Additional information that's used by a managed rule group. Many managed rule groups don't require this.
Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.
For example specifications, see the examples section of CreateWebACL.
", + "base": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.
Use the AWSManagedRulesATPRuleSet configuration object for the account takeover prevention managed rule group, to provide information such as the sign-in page of your application and the type of content to accept or reject from the client.
Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.
For example specifications, see the examples section of CreateWebACL.
", "refs": { "ManagedRuleGroupConfigs$member": null } @@ -1278,7 +1299,7 @@ "ManagedRuleGroupConfigs": { "base": null, "refs": { - "ManagedRuleGroupStatement$ManagedRuleGroupConfigs": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.
Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.
Additional information that's used by a managed rule group. Many managed rule groups don't require this.
Use the AWSManagedRulesATPRuleSet configuration object for the account takeover prevention managed rule group, to provide information such as the sign-in page of your application and the type of content to accept or reject from the client.
Use the AWSManagedRulesBotControlRuleSet configuration object to configure the protection level that you want the Bot Control rule group to use.
Details about your login page password field, used in a ManagedRuleGroupConfig.
Details about your login page password field for request inspection, used in the AWSManagedRulesATPRuleSet RequestInspection configuration.
Details about your login page password field.
" + "ManagedRuleGroupConfig$PasswordField": "Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet RequestInspection.
Details about your login page password field.
How you specify this depends on the payload type.
For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer.
For example, for the JSON payload { \"login\": { \"username\": \"THE_USERNAME\", \"password\": \"THE_PASSWORD\" } }, the username field specification is /login/username and the password field specification is /login/password.
For form encoded payload types, use the HTML form names.
For example, for an HTML form with input elements named username1 and password1, the username field specification is username1 and the password field specification is password1.
The payload type for your login endpoint, either JSON or form encoded.
" + "ManagedRuleGroupConfig$PayloadType": "Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet RequestInspection.
The payload type for your login endpoint, either JSON or form encoded.
" } }, "Platform": { @@ -1536,9 +1559,9 @@ } }, "RateBasedStatement": { - "base": "A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.
WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF.
When the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.
You can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:
An IP match statement with an IP set that specified the address 192.0.2.44.
A string match statement that searches in the User-Agent header for the string BadBot.
In this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet the criteria of both of the nested statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet the criteria of both of the nested statements are not counted towards the rate limit and are not affected by this rule.
You cannot nest a RateBasedStatement inside another statement, for example inside a NotStatement or OrStatement. You can define a RateBasedStatement inside a web ACL and inside a rule group.
A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.
WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF.
When the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.
You can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:
An IP match statement with an IP set that specifies the address 192.0.2.44.
A string match statement that searches in the User-Agent header for the string BadBot.
In this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet the criteria of both of the nested statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet the criteria of both of the nested statements are not counted towards the rate limit and are not affected by this rule.
You cannot nest a RateBasedStatement inside another statement, for example inside a NotStatement or OrStatement. You can define a RateBasedStatement inside a web ACL and inside a rule group.
A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.
WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF.
When the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.
You can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:
An IP match statement with an IP set that specified the address 192.0.2.44.
A string match statement that searches in the User-Agent header for the string BadBot.
In this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet the criteria of both of the nested statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet the criteria of both of the nested statements are not counted towards the rate limit and are not affected by this rule.
You cannot nest a RateBasedStatement inside another statement, for example inside a NotStatement or OrStatement. You can define a RateBasedStatement inside a web ACL and inside a rule group.
A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.
WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by WAF. If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by WAF.
When the rule action triggers, WAF blocks additional requests from the IP address until the request rate falls below the limit.
You can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts requests that match the nested statement. For example, based on recent requests that you have seen from an attacker, you might create a rate-based rule with a nested AND rule statement that contains the following nested statements:
An IP match statement with an IP set that specifies the address 192.0.2.44.
A string match statement that searches in the User-Agent header for the string BadBot.
In this rate-based rule, you also define a rate limit. For this example, the rate limit is 1,000. Requests that meet the criteria of both of the nested statements are counted. If the count exceeds 1,000 requests per five minutes, the rule action triggers. Requests that do not meet the criteria of both of the nested statements are not counted towards the rate limit and are not affected by this rule.
You cannot nest a RateBasedStatement inside another statement, for example inside a NotStatement or OrStatement. You can define a RateBasedStatement inside a web ACL and inside a rule group.
The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.
This is part of the AWSManagedRulesATPRuleSet configuration in ManagedRuleGroupConfig.
In these settings, you specify how your application accepts login attempts by providing the request payload type and the names of the fields within the request body where the username and password are provided.
", + "refs": { + "AWSManagedRulesATPRuleSet$RequestInspection": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.
" + } + }, "ResourceArn": { "base": null, "refs": { @@ -1708,6 +1737,90 @@ "CustomResponseBody$ContentType": "The type of content in the payload that you are defining in the Content string.
The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
This is part of the AWSManagedRulesATPRuleSet configuration in ManagedRuleGroupConfig.
Enable login response inspection by configuring exactly one component of the response to inspect. You can't configure more than one. If you don't configure any of the response inspection options, response inspection is disabled.
", + "refs": { + "AWSManagedRulesATPRuleSet$ResponseInspection": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
Configures inspection of the response body. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.
Configures inspection of the response body.
" + } + }, + "ResponseInspectionBodyContainsFailureStrings": { + "base": null, + "refs": { + "ResponseInspectionBodyContains$FailureStrings": "Strings in the body of the response that indicate a failed login attempt. To be counted as a failed login, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.
JSON example: \"FailureStrings\": [ \"Login failed\" ]
Strings in the body of the response that indicate a successful login attempt. To be counted as a successful login, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.
JSON example: \"SuccessStrings\": [ \"Login successful\", \"Welcome to our site!\" ]
Configures inspection of the response header. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.
Configures inspection of the response header.
" + } + }, + "ResponseInspectionHeaderFailureValues": { + "base": null, + "refs": { + "ResponseInspectionHeader$FailureValues": "Values in the response header with the specified name that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
JSON example: \"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]
The name of the header to match against. The name must be an exact match, including case.
JSON example: \"Name\": [ \"LoginResult\" ]
Values in the response header with the specified name that indicate a successful login attempt. To be counted as a successful login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
JSON example: \"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]
Configures inspection of the response JSON. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.
Configures inspection of the response JSON.
" + } + }, + "ResponseInspectionJsonFailureValues": { + "base": null, + "refs": { + "ResponseInspectionJson$FailureValues": "Values for the specified identifier in the response JSON that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
JSON example: \"FailureValues\": [ \"False\", \"Failed\" ]
Values for the specified identifier in the response JSON that indicate a successful login attempt. To be counted as a successful login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
JSON example: \"SuccessValues\": [ \"True\", \"Succeeded\" ]
Configures inspection of the response status code. This is part of the ResponseInspection configuration for AWSManagedRulesATPRuleSet.
Configures inspection of the response status code.
" + } + }, + "ResponseInspectionStatusCodeFailureCodes": { + "base": null, + "refs": { + "ResponseInspectionStatusCode$FailureCodes": "Status codes in the response that indicate a failed login attempt. To be counted as a failed login, the response status code must match one of these. Each code must be unique among the success and failure status codes.
JSON example: \"FailureCodes\": [ 400, 404 ]
Status codes in the response that indicate a successful login attempt. To be counted as a successful login, the response status code must match one of these. Each code must be unique among the success and failure status codes.
JSON example: \"SuccessCodes\": [ 200, 201 ]
A string value that you want WAF to search for. WAF searches only in the part of web requests that you designate for inspection in FieldToMatch. The maximum length of the value is 50 bytes.
Valid values depend on the component that you specify for inspection in FieldToMatch:
Method: The HTTP method that you want WAF to search for. This indicates the type of operation specified in the request.
UriPath: The value that you want WAF to search for in the URI path, for example, /images/daily-ad.jpg.
If SearchString includes alphabetic characters A-Z and a-z, note that the value is case sensitive.
If you're using the WAF API
Specify a base64-encoded version of the value. The maximum length of the value before you base64-encode it is 50 bytes.
For example, suppose the value of Type is HEADER and the value of Data is User-Agent. If you want to search the User-Agent header for the value BadBot, you base64-encode BadBot using MIME base64-encoding and include the resulting value, QmFkQm90, in the value of SearchString.
If you're using the CLI or one of the Amazon Web Services SDKs
The value that you want WAF to search for. The SDK automatically base64 encodes the value.
" + "ByteMatchStatement$SearchString": "A string value that you want WAF to search for. WAF searches only in the part of web requests that you designate for inspection in FieldToMatch. The maximum length of the value is 200 bytes.
Valid values depend on the component that you specify for inspection in FieldToMatch:
Method: The HTTP method that you want WAF to search for. This indicates the type of operation specified in the request.
UriPath: The value that you want WAF to search for in the URI path, for example, /images/daily-ad.jpg.
If SearchString includes alphabetic characters A-Z and a-z, note that the value is case sensitive.
If you're using the WAF API
Specify a base64-encoded version of the value. The maximum length of the value before you base64-encode it is 200 bytes.
For example, suppose the value of Type is HEADER and the value of Data is User-Agent. If you want to search the User-Agent header for the value BadBot, you base64-encode BadBot using MIME base64-encoding and include the resulting value, QmFkQm90, in the value of SearchString.
If you're using the CLI or one of the Amazon Web Services SDKs
The value that you want WAF to search for. The SDK automatically base64 encodes the value.
" } }, "SensitivityLevel": { @@ -1925,6 +2038,26 @@ "OrStatement$Statements": "The statements to combine with OR logic. You can use any statements that can be nested.
" } }, + "String": { + "base": null, + "refs": { + "AWSManagedRulesATPRuleSet$LoginPath": "The path of the login endpoint for your application. For example, for the URL https://example.com/web/login, you would provide the path /web/login.
The rule group inspects only HTTP POST requests to your specified login endpoint.
A tag associated with an Amazon Web Services resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing or other management. Typically, the tag key represents a category, such as \"environment\", and the tag value represents a specific value within that category, such as \"test,\" \"development,\" or \"production\". Or you might set the tag key to \"customer\" and the value to the customer name or ID. You can specify one or more tags to add to each Amazon Web Services resource, up to 50 tags for a resource.
You can tag the Amazon Web Services resources that you manage through WAF: web ACLs, rule groups, IP sets, and regex pattern sets. You can't manage or view tags through the WAF console.
", "refs": { @@ -2130,9 +2263,10 @@ } }, "UsernameField": { - "base": "Details about your login page username field, used in a ManagedRuleGroupConfig.
Details about your login page username field for request inspection, used in the AWSManagedRulesATPRuleSet RequestInspection configuration.
Details about your login page username field.
" + "ManagedRuleGroupConfig$UsernameField": "Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet RequestInspection.
Details about your login page username field.
How you specify this depends on the payload type.
For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer.
For example, for the JSON payload { \"login\": { \"username\": \"THE_USERNAME\", \"password\": \"THE_PASSWORD\" } }, the username field specification is /login/username and the password field specification is /login/password.
For form encoded payload types, use the HTML form names.
For example, for an HTML form with input elements named username1 and password1, the username field specification is username1 and the password field specification is password1.
If you specify multiple filters, filters are joined with an OR, and -// the request -// +// If you specify multiple filters, filters are joined with an OR, and the request // returns results that match all of the specified filters. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2112,6 +2116,97 @@ func (c *PrivateNetworks) PingWithContext(ctx aws.Context, input *PingInput, opt return out, req.Send() } +const opStartNetworkResourceUpdate = "StartNetworkResourceUpdate" + +// StartNetworkResourceUpdateRequest generates a "aws/request.Request" representing the +// client's request for the StartNetworkResourceUpdate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartNetworkResourceUpdate for more information on using the StartNetworkResourceUpdate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StartNetworkResourceUpdateRequest method. +// req, resp := client.StartNetworkResourceUpdateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/privatenetworks-2021-12-03/StartNetworkResourceUpdate +func (c *PrivateNetworks) StartNetworkResourceUpdateRequest(input *StartNetworkResourceUpdateInput) (req *request.Request, output *StartNetworkResourceUpdateOutput) { + op := &request.Operation{ + Name: opStartNetworkResourceUpdate, + HTTPMethod: "POST", + HTTPPath: "/v1/network-resources/update", + } + + if input == nil { + input = &StartNetworkResourceUpdateInput{} + } + + output = &StartNetworkResourceUpdateOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartNetworkResourceUpdate API operation for AWS Private 5G. +// +// Starts an update of the specified network resource. +// +// After you submit a request to replace or return a network resource, the status +// of the network resource is CREATING_SHIPPING_LABEL. The shipping label is +// available when the status of the network resource is PENDING_RETURN. After +// the network resource is successfully returned, its status is DELETED. For +// more information, see Return a radio unit (https://docs.aws.amazon.com/private-networks/latest/userguide/radio-units.html#return-radio-unit). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Private 5G's +// API operation StartNetworkResourceUpdate for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The resource was not found. +// +// - ValidationException +// The request failed validation. +// +// - InternalServerException +// Information about an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/privatenetworks-2021-12-03/StartNetworkResourceUpdate +func (c *PrivateNetworks) StartNetworkResourceUpdate(input *StartNetworkResourceUpdateInput) (*StartNetworkResourceUpdateOutput, error) { + req, out := c.StartNetworkResourceUpdateRequest(input) + return out, req.Send() +} + +// StartNetworkResourceUpdateWithContext is the same as StartNetworkResourceUpdate with the addition of +// the ability to pass a context and additional request options. +// +// See StartNetworkResourceUpdate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *PrivateNetworks) StartNetworkResourceUpdateWithContext(ctx aws.Context, input *StartNetworkResourceUpdateInput, opts ...request.Option) (*StartNetworkResourceUpdateOutput, error) { + req, out := c.StartNetworkResourceUpdateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opTagResource = "TagResource" // TagResourceRequest generates a "aws/request.Request" representing the @@ -5374,6 +5469,9 @@ type NetworkResource struct { // The position of the network resource. Position *Position `locationName:"position" type:"structure"` + // Information about a request to return the network resource. + ReturnInformation *ReturnInformation `locationName:"returnInformation" type:"structure"` + // The serial number of the network resource. SerialNumber *string `locationName:"serialNumber" type:"string"` @@ -5468,6 +5566,12 @@ func (s *NetworkResource) SetPosition(v *Position) *NetworkResource { return s } +// SetReturnInformation sets the ReturnInformation field's value. +func (s *NetworkResource) SetReturnInformation(v *ReturnInformation) *NetworkResource { + s.ReturnInformation = v + return s +} + // SetSerialNumber sets the SerialNumber field's value. func (s *NetworkResource) SetSerialNumber(v string) *NetworkResource { s.SerialNumber = &v @@ -5990,6 +6094,68 @@ func (s *ResourceNotFoundException) RequestID() string { return s.RespMetadata.RequestID } +// Information about a request to return a network resource. +type ReturnInformation struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the replacement order. + ReplacementOrderArn *string `locationName:"replacementOrderArn" type:"string"` + + // The reason for the return. If the return request did not include a reason + // for the return, this value is null. + ReturnReason *string `locationName:"returnReason" type:"string"` + + // The shipping address. + ShippingAddress *Address `locationName:"shippingAddress" type:"structure"` + + // The URL of the shipping label. The shipping label is available for download + // only if the status of the network resource is PENDING_RETURN. For more information, + // see Return a radio unit (https://docs.aws.amazon.com/private-networks/latest/userguide/radio-units.html#return-radio-unit). + ShippingLabel *string `locationName:"shippingLabel" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReturnInformation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReturnInformation) GoString() string { + return s.String() +} + +// SetReplacementOrderArn sets the ReplacementOrderArn field's value. +func (s *ReturnInformation) SetReplacementOrderArn(v string) *ReturnInformation { + s.ReplacementOrderArn = &v + return s +} + +// SetReturnReason sets the ReturnReason field's value. +func (s *ReturnInformation) SetReturnReason(v string) *ReturnInformation { + s.ReturnReason = &v + return s +} + +// SetShippingAddress sets the ShippingAddress field's value. +func (s *ReturnInformation) SetShippingAddress(v *Address) *ReturnInformation { + s.ShippingAddress = v + return s +} + +// SetShippingLabel sets the ShippingLabel field's value. +func (s *ReturnInformation) SetShippingLabel(v string) *ReturnInformation { + s.ShippingLabel = &v + return s +} + // Information about a site plan. type SitePlan struct { _ struct{} `type:"structure"` @@ -6061,6 +6227,129 @@ func (s *SitePlan) SetResourceDefinitions(v []*NetworkResourceDefinition) *SiteP return s } +type StartNetworkResourceUpdateInput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the network resource. + // + // NetworkResourceArn is a required field + NetworkResourceArn *string `locationName:"networkResourceArn" type:"string" required:"true"` + + // The reason for the return. Providing a reason for a return is optional. + ReturnReason *string `locationName:"returnReason" type:"string"` + + // The shipping address. If you don't provide a shipping address when replacing + // or returning a network resource, we use the address from the original order + // for the network resource. + ShippingAddress *Address `locationName:"shippingAddress" type:"structure"` + + // The update type. + // + // * REPLACE - Submits a request to replace a defective radio unit. We provide + // a shipping label that you can use for the return process and we ship a + // replacement radio unit to you. + // + // * RETURN - Submits a request to replace a radio unit that you no longer + // need. We provide a shipping label that you can use for the return process. + // + // UpdateType is a required field + UpdateType *string `locationName:"updateType" type:"string" required:"true" enum:"UpdateType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartNetworkResourceUpdateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartNetworkResourceUpdateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartNetworkResourceUpdateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartNetworkResourceUpdateInput"} + if s.NetworkResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkResourceArn")) + } + if s.UpdateType == nil { + invalidParams.Add(request.NewErrParamRequired("UpdateType")) + } + if s.ShippingAddress != nil { + if err := s.ShippingAddress.Validate(); err != nil { + invalidParams.AddNested("ShippingAddress", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetNetworkResourceArn sets the NetworkResourceArn field's value. +func (s *StartNetworkResourceUpdateInput) SetNetworkResourceArn(v string) *StartNetworkResourceUpdateInput { + s.NetworkResourceArn = &v + return s +} + +// SetReturnReason sets the ReturnReason field's value. +func (s *StartNetworkResourceUpdateInput) SetReturnReason(v string) *StartNetworkResourceUpdateInput { + s.ReturnReason = &v + return s +} + +// SetShippingAddress sets the ShippingAddress field's value. +func (s *StartNetworkResourceUpdateInput) SetShippingAddress(v *Address) *StartNetworkResourceUpdateInput { + s.ShippingAddress = v + return s +} + +// SetUpdateType sets the UpdateType field's value. +func (s *StartNetworkResourceUpdateInput) SetUpdateType(v string) *StartNetworkResourceUpdateInput { + s.UpdateType = &v + return s +} + +type StartNetworkResourceUpdateOutput struct { + _ struct{} `type:"structure"` + + // The network resource. + NetworkResource *NetworkResource `locationName:"networkResource" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartNetworkResourceUpdateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartNetworkResourceUpdateOutput) GoString() string { + return s.String() +} + +// SetNetworkResource sets the NetworkResource field's value. +func (s *StartNetworkResourceUpdateOutput) SetNetworkResource(v *NetworkResource) *StartNetworkResourceUpdateOutput { + s.NetworkResource = v + return s +} + type TagResourceInput struct { _ struct{} `type:"structure"` @@ -6865,6 +7154,9 @@ const ( // NetworkResourceStatusDeleted is a NetworkResourceStatus enum value NetworkResourceStatusDeleted = "DELETED" + + // NetworkResourceStatusCreatingShippingLabel is a NetworkResourceStatus enum value + NetworkResourceStatusCreatingShippingLabel = "CREATING_SHIPPING_LABEL" ) // NetworkResourceStatus_Values returns all elements of the NetworkResourceStatus enum @@ -6878,6 +7170,7 @@ func NetworkResourceStatus_Values() []string { NetworkResourceStatusDeleting, NetworkResourceStatusPendingReturn, NetworkResourceStatusDeleted, + NetworkResourceStatusCreatingShippingLabel, } } @@ -6977,6 +7270,22 @@ func OrderFilterKeys_Values() []string { } } +const ( + // UpdateTypeReplace is a UpdateType enum value + UpdateTypeReplace = "REPLACE" + + // UpdateTypeReturn is a UpdateType enum value + UpdateTypeReturn = "RETURN" +) + +// UpdateType_Values returns all elements of the UpdateType enum +func UpdateType_Values() []string { + return []string{ + UpdateTypeReplace, + UpdateTypeReturn, + } +} + const ( // ValidationExceptionReasonUnknownOperation is a ValidationExceptionReason enum value ValidationExceptionReasonUnknownOperation = "UNKNOWN_OPERATION" diff --git a/service/privatenetworks/privatenetworksiface/interface.go b/service/privatenetworks/privatenetworksiface/interface.go index ce75b127e12..9c4f2f01bb8 100644 --- a/service/privatenetworks/privatenetworksiface/interface.go +++ b/service/privatenetworks/privatenetworksiface/interface.go @@ -159,6 +159,10 @@ type PrivateNetworksAPI interface { PingWithContext(aws.Context, *privatenetworks.PingInput, ...request.Option) (*privatenetworks.PingOutput, error) PingRequest(*privatenetworks.PingInput) (*request.Request, *privatenetworks.PingOutput) + StartNetworkResourceUpdate(*privatenetworks.StartNetworkResourceUpdateInput) (*privatenetworks.StartNetworkResourceUpdateOutput, error) + StartNetworkResourceUpdateWithContext(aws.Context, *privatenetworks.StartNetworkResourceUpdateInput, ...request.Option) (*privatenetworks.StartNetworkResourceUpdateOutput, error) + StartNetworkResourceUpdateRequest(*privatenetworks.StartNetworkResourceUpdateInput) (*request.Request, *privatenetworks.StartNetworkResourceUpdateOutput) + TagResource(*privatenetworks.TagResourceInput) (*privatenetworks.TagResourceOutput, error) TagResourceWithContext(aws.Context, *privatenetworks.TagResourceInput, ...request.Option) (*privatenetworks.TagResourceOutput, error) TagResourceRequest(*privatenetworks.TagResourceInput) (*request.Request, *privatenetworks.TagResourceOutput) diff --git a/service/rds/api.go b/service/rds/api.go index 724871c2020..7f6cd736ddc 100644 --- a/service/rds/api.go +++ b/service/rds/api.go @@ -711,8 +711,9 @@ func (c *RDS) CancelExportTaskRequest(input *CancelExportTaskInput) (req *reques // CancelExportTask API operation for Amazon Relational Database Service. // -// Cancels an export task in progress that is exporting a snapshot to Amazon -// S3. Any data that has already been written to the S3 bucket isn't removed. +// Cancels an export task in progress that is exporting a snapshot or cluster +// to Amazon S3. Any data that has already been written to the S3 bucket isn't +// removed. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -916,8 +917,8 @@ func (c *RDS) CopyDBClusterSnapshotRequest(input *CopyDBClusterSnapshotInput) (r // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1512,13 +1513,14 @@ func (c *RDS) CreateDBClusterRequest(input *CreateDBClusterInput) (req *request. // // You can use the ReplicationSourceIdentifier parameter to create an Amazon // Aurora DB cluster as a read replica of another DB cluster or Amazon RDS MySQL -// or PostgreSQL DB instance. -// -// For more information on Amazon Aurora, see What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) +// or PostgreSQL DB instance. For more information about Amazon Aurora, see +// What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// You can also use the ReplicationSourceIdentifier parameter to create a Multi-AZ +// DB cluster read replica with an RDS for PostgreSQL DB instance as the source. +// For more information about Multi-AZ DB clusters, see Multi-AZ DB cluster +// deployments (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1790,8 +1792,8 @@ func (c *RDS) CreateDBClusterParameterGroupRequest(input *CreateDBClusterParamet // For more information on Amazon Aurora, see What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1880,8 +1882,8 @@ func (c *RDS) CreateDBClusterSnapshotRequest(input *CreateDBClusterSnapshotInput // For more information on Amazon Aurora, see What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3372,8 +3374,8 @@ func (c *RDS) DeleteDBClusterRequest(input *DeleteDBClusterInput) (req *request. // For more information on Amazon Aurora, see What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3560,8 +3562,8 @@ func (c *RDS) DeleteDBClusterParameterGroupRequest(input *DeleteDBClusterParamet // For more information on Amazon Aurora, see What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3654,8 +3656,8 @@ func (c *RDS) DeleteDBClusterSnapshotRequest(input *DeleteDBClusterSnapshotInput // For more information on Amazon Aurora, see What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5465,8 +5467,8 @@ func (c *RDS) DescribeDBClusterParameterGroupsRequest(input *DescribeDBClusterPa // For more information on Amazon Aurora, see What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5608,8 +5610,8 @@ func (c *RDS) DescribeDBClusterParametersRequest(input *DescribeDBClusterParamet // For more information on Amazon Aurora, see What is Amazon Aurora? (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5842,8 +5844,8 @@ func (c *RDS) DescribeDBClusterSnapshotsRequest(input *DescribeDBClusterSnapshot // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5986,8 +5988,8 @@ func (c *RDS) DescribeDBClustersRequest(input *DescribeDBClustersInput) (req *re // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // This operation can also return information for Amazon Neptune DB instances @@ -8587,8 +8589,8 @@ func (c *RDS) DescribeExportTasksRequest(input *DescribeExportTasksInput) (req * // DescribeExportTasks API operation for Amazon Relational Database Service. // -// Returns information about a snapshot export to Amazon S3. This API operation -// supports pagination. +// Returns information about a snapshot or cluster export to Amazon S3. This +// API operation supports pagination. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10053,8 +10055,8 @@ func (c *RDS) FailoverDBClusterRequest(input *FailoverDBClusterInput) (req *requ // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -10354,7 +10356,7 @@ func (c *RDS) ModifyActivityStreamRequest(input *ModifyActivityStreamInput) (req // Modifying a database activity stream (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/DBActivityStreams.Modifying.html) // in the Amazon RDS User Guide. // -// This operation is supported for RDS for Oracle only. +// This operation is supported for RDS for Oracle and Microsoft SQL Server. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10751,8 +10753,8 @@ func (c *RDS) ModifyDBClusterRequest(input *ModifyDBClusterInput) (req *request. // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -10988,8 +10990,8 @@ func (c *RDS) ModifyDBClusterParameterGroupRequest(input *ModifyDBClusterParamet // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12524,8 +12526,8 @@ func (c *RDS) RebootDBClusterRequest(input *RebootDBClusterInput) (req *request. // // Use this operation only for a non-Aurora Multi-AZ DB cluster. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12916,8 +12918,8 @@ func (c *RDS) RemoveRoleFromDBClusterRequest(input *RemoveRoleFromDBClusterInput // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13290,8 +13292,8 @@ func (c *RDS) ResetDBClusterParameterGroupRequest(input *ResetDBClusterParameter // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13625,8 +13627,8 @@ func (c *RDS) RestoreDBClusterFromSnapshotRequest(input *RestoreDBClusterFromSna // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13788,8 +13790,8 @@ func (c *RDS) RestoreDBClusterToPointInTimeRequest(input *RestoreDBClusterToPoin // (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html) // in the Amazon Aurora User Guide. // -// For more information on Multi-AZ DB clusters, see Multi-AZ deployments with -// two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) +// For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments +// (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -14932,10 +14934,22 @@ func (c *RDS) StartExportTaskRequest(input *StartExportTaskInput) (req *request. // StartExportTask API operation for Amazon Relational Database Service. // -// Starts an export of a snapshot to Amazon S3. The provided IAM role must have -// access to the S3 bucket. +// Starts an export of DB snapshot or DB cluster data to Amazon S3. The provided +// IAM role must have access to the S3 bucket. // -// This command doesn't apply to RDS Custom. +// You can't export snapshot data from RDS Custom DB instances. +// +// You can't export cluster data from Multi-AZ DB clusters. +// +// For more information on exporting DB snapshot data, see Exporting DB snapshot +// data to Amazon S3 (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ExportSnapshot.html) +// in the Amazon RDS User Guide or Exporting DB cluster snapshot data to Amazon +// S3 (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/aurora-export-snapshot.html) +// in the Amazon Aurora User Guide. +// +// For more information on exporting DB cluster data, see Exporting DB cluster +// data to Amazon S3 (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/export-cluster-data.html) +// in the Amazon Aurora User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16830,7 +16844,7 @@ func (s *BlueGreenDeploymentTask) SetStatus(v string) *BlueGreenDeploymentTask { type CancelExportTaskInput struct { _ struct{} `type:"structure"` - // The identifier of the snapshot export task to cancel. + // The identifier of the snapshot or cluster export task to cancel. // // ExportTaskIdentifier is a required field ExportTaskIdentifier *string `type:"string" required:"true"` @@ -16873,75 +16887,90 @@ func (s *CancelExportTaskInput) SetExportTaskIdentifier(v string) *CancelExportT return s } -// Contains the details of a snapshot export to Amazon S3. +// Contains the details of a snapshot or cluster export to Amazon S3. // // This data type is used as a response element in the DescribeExportTasks action. type CancelExportTaskOutput struct { _ struct{} `type:"structure"` - // The data exported from the snapshot. Valid values are the following: + // The data exported from the snapshot or cluster. Valid values are the following: // // * database - Export all the data from a specified database. // - // * database.table table-name - Export a table of the snapshot. This format - // is valid only for RDS for MySQL, RDS for MariaDB, and Aurora MySQL. + // * database.table table-name - Export a table of the snapshot or cluster. + // This format is valid only for RDS for MySQL, RDS for MariaDB, and Aurora + // MySQL. // - // * database.schema schema-name - Export a database schema of the snapshot. - // This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL. + // * database.schema schema-name - Export a database schema of the snapshot + // or cluster. This format is valid only for RDS for PostgreSQL and Aurora + // PostgreSQL. // // * database.schema.table table-name - Export a table of the database schema. // This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL. ExportOnly []*string `type:"list"` - // A unique identifier for the snapshot export task. This ID isn't an identifier - // for the Amazon S3 bucket where the snapshot is exported to. + // A unique identifier for the snapshot or cluster export task. This ID isn't + // an identifier for the Amazon S3 bucket where the data is exported. ExportTaskIdentifier *string `type:"string"` // The reason the export failed, if it failed. FailureCause *string `type:"string"` // The name of the IAM role that is used to write to Amazon S3 when exporting - // a snapshot. + // a snapshot or cluster. IamRoleArn *string `type:"string"` // The key identifier of the Amazon Web Services KMS key that is used to encrypt - // the snapshot when it's exported to Amazon S3. The KMS key identifier is its - // key ARN, key ID, alias ARN, or alias name. The IAM role used for the snapshot - // export must have encryption and decryption permissions to use this KMS key. + // the data when it's exported to Amazon S3. The KMS key identifier is its key + // ARN, key ID, alias ARN, or alias name. The IAM role used for the export must + // have encryption and decryption permissions to use this KMS key. KmsKeyId *string `type:"string"` - // The progress of the snapshot export task as a percentage. + // The progress of the snapshot or cluster export task as a percentage. PercentProgress *int64 `type:"integer"` - // The Amazon S3 bucket that the snapshot is exported to. + // The Amazon S3 bucket that the snapshot or cluster is exported to. S3Bucket *string `type:"string"` // The Amazon S3 bucket prefix that is the file name and path of the exported - // snapshot. + // data. S3Prefix *string `type:"string"` // The time that the snapshot was created. SnapshotTime *time.Time `type:"timestamp"` - // The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3. + // The Amazon Resource Name (ARN) of the snapshot or cluster exported to Amazon + // S3. SourceArn *string `type:"string"` // The type of source for the export. SourceType *string `type:"string" enum:"ExportSourceType"` - // The progress status of the export task. + // The progress status of the export task. The status can be one of the following: + // + // * CANCELED + // + // * CANCELING + // + // * COMPLETE + // + // * FAILED + // + // * IN_PROGRESS + // + // * STARTING Status *string `type:"string"` - // The time that the snapshot export task completed. + // The time that the snapshot or cluster export task ended. TaskEndTime *time.Time `type:"timestamp"` - // The time that the snapshot export task started. + // The time that the snapshot or cluster export task started. TaskStartTime *time.Time `type:"timestamp"` // The total amount of data exported, in gigabytes. TotalExtractedDataInGB *int64 `type:"integer"` - // A warning about the snapshot export task. + // A warning about the snapshot or cluster export task. WarningMessage *string `type:"string"` } @@ -20161,7 +20190,7 @@ type CreateDBClusterInput struct { // The Amazon Resource Name (ARN) of the source DB instance or DB cluster if // this DB cluster is created as a read replica. // - // Valid for: Aurora DB clusters only + // Valid for: Aurora DB clusters and RDS for PostgreSQL Multi-AZ DB clusters ReplicationSourceIdentifier *string `type:"string"` // For DB clusters in serverless DB engine mode, the scaling properties of the @@ -22328,8 +22357,8 @@ type CreateDBInstanceReadReplicaInput struct { // The amount of storage (in gibibytes) to allocate initially for the read replica. // Follow the allocation rules specified in CreateDBInstance. // - // Be sure to allocate enough memory for your read replica so that the create - // operation can succeed. You can also allocate additional memory for future + // Be sure to allocate enough storage for your read replica so that the create + // operation can succeed. You can also allocate additional storage for future // growth. AllocatedStorage *int64 `type:"integer"` @@ -29253,6 +29282,8 @@ type DeleteBlueGreenDeploymentInput struct { BlueGreenDeploymentIdentifier *string `min:"1" type:"string" required:"true"` // A value that indicates whether to delete the resources in the green environment. + // You can't specify this option if the blue/green deployment status (https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_BlueGreenDeployment.html) + // is SWITCHOVER_COMPLETED. DeleteTarget *bool `type:"boolean"` } @@ -35688,21 +35719,22 @@ func (s *DescribeEventsOutput) SetMarker(v string) *DescribeEventsOutput { type DescribeExportTasksInput struct { _ struct{} `type:"structure"` - // The identifier of the snapshot export task to be described. + // The identifier of the snapshot or cluster export task to be described. ExportTaskIdentifier *string `type:"string"` - // Filters specify one or more snapshot exports to describe. The filters are - // specified as name-value pairs that define what to include in the output. - // Filter names and values are case-sensitive. + // Filters specify one or more snapshot or cluster exports to describe. The + // filters are specified as name-value pairs that define what to include in + // the output. Filter names and values are case-sensitive. // // Supported filters include the following: // - // * export-task-identifier - An identifier for the snapshot export task. + // * export-task-identifier - An identifier for the snapshot or cluster export + // task. // - // * s3-bucket - The Amazon S3 bucket the snapshot is exported to. + // * s3-bucket - The Amazon S3 bucket the data is exported to. // - // * source-arn - The Amazon Resource Name (ARN) of the snapshot exported - // to Amazon S3 + // * source-arn - The Amazon Resource Name (ARN) of the snapshot or cluster + // exported to Amazon S3. // // * status - The status of the export task. Must be lowercase. Valid statuses // are the following: canceled canceling complete failed in_progress starting @@ -35723,7 +35755,8 @@ type DescribeExportTasksInput struct { // Constraints: Minimum 20, maximum 100. MaxRecords *int64 `min:"20" type:"integer"` - // The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3. + // The Amazon Resource Name (ARN) of the snapshot or cluster exported to Amazon + // S3. SourceArn *string `type:"string"` // The type of source for the export. @@ -35810,7 +35843,7 @@ func (s *DescribeExportTasksInput) SetSourceType(v string) *DescribeExportTasksI type DescribeExportTasksOutput struct { _ struct{} `type:"structure"` - // Information about an export of a snapshot to Amazon S3. + // Information about an export of a snapshot or cluster to Amazon S3. ExportTasks []*ExportTask `locationNameList:"ExportTask" type:"list"` // A pagination token that can be used in a later DescribeExportTasks request. @@ -37990,75 +38023,90 @@ func (s *EventSubscription) SetSubscriptionCreationTime(v string) *EventSubscrip return s } -// Contains the details of a snapshot export to Amazon S3. +// Contains the details of a snapshot or cluster export to Amazon S3. // // This data type is used as a response element in the DescribeExportTasks action. type ExportTask struct { _ struct{} `type:"structure"` - // The data exported from the snapshot. Valid values are the following: + // The data exported from the snapshot or cluster. Valid values are the following: // // * database - Export all the data from a specified database. // - // * database.table table-name - Export a table of the snapshot. This format - // is valid only for RDS for MySQL, RDS for MariaDB, and Aurora MySQL. + // * database.table table-name - Export a table of the snapshot or cluster. + // This format is valid only for RDS for MySQL, RDS for MariaDB, and Aurora + // MySQL. // - // * database.schema schema-name - Export a database schema of the snapshot. - // This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL. + // * database.schema schema-name - Export a database schema of the snapshot + // or cluster. This format is valid only for RDS for PostgreSQL and Aurora + // PostgreSQL. // // * database.schema.table table-name - Export a table of the database schema. // This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL. ExportOnly []*string `type:"list"` - // A unique identifier for the snapshot export task. This ID isn't an identifier - // for the Amazon S3 bucket where the snapshot is exported to. + // A unique identifier for the snapshot or cluster export task. This ID isn't + // an identifier for the Amazon S3 bucket where the data is exported. ExportTaskIdentifier *string `type:"string"` // The reason the export failed, if it failed. FailureCause *string `type:"string"` // The name of the IAM role that is used to write to Amazon S3 when exporting - // a snapshot. + // a snapshot or cluster. IamRoleArn *string `type:"string"` // The key identifier of the Amazon Web Services KMS key that is used to encrypt - // the snapshot when it's exported to Amazon S3. The KMS key identifier is its - // key ARN, key ID, alias ARN, or alias name. The IAM role used for the snapshot - // export must have encryption and decryption permissions to use this KMS key. + // the data when it's exported to Amazon S3. The KMS key identifier is its key + // ARN, key ID, alias ARN, or alias name. The IAM role used for the export must + // have encryption and decryption permissions to use this KMS key. KmsKeyId *string `type:"string"` - // The progress of the snapshot export task as a percentage. + // The progress of the snapshot or cluster export task as a percentage. PercentProgress *int64 `type:"integer"` - // The Amazon S3 bucket that the snapshot is exported to. + // The Amazon S3 bucket that the snapshot or cluster is exported to. S3Bucket *string `type:"string"` // The Amazon S3 bucket prefix that is the file name and path of the exported - // snapshot. + // data. S3Prefix *string `type:"string"` // The time that the snapshot was created. SnapshotTime *time.Time `type:"timestamp"` - // The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3. + // The Amazon Resource Name (ARN) of the snapshot or cluster exported to Amazon + // S3. SourceArn *string `type:"string"` // The type of source for the export. SourceType *string `type:"string" enum:"ExportSourceType"` - // The progress status of the export task. + // The progress status of the export task. The status can be one of the following: + // + // * CANCELED + // + // * CANCELING + // + // * COMPLETE + // + // * FAILED + // + // * IN_PROGRESS + // + // * STARTING Status *string `type:"string"` - // The time that the snapshot export task completed. + // The time that the snapshot or cluster export task ended. TaskEndTime *time.Time `type:"timestamp"` - // The time that the snapshot export task started. + // The time that the snapshot or cluster export task started. TaskStartTime *time.Time `type:"timestamp"` // The total amount of data exported, in gigabytes. TotalExtractedDataInGB *int64 `type:"integer"` - // A warning about the snapshot export task. + // A warning about the snapshot or cluster export task. WarningMessage *string `type:"string"` } @@ -39002,8 +39050,8 @@ type ModifyActivityStreamInput struct { // activity stream is unlocked or stopped. AuditPolicyState *string `type:"string" enum:"AuditPolicyState"` - // The Amazon Resource Name (ARN) of the RDS for Oracle DB instance, for example, - // arn:aws:rds:us-east-1:12345667890:instance:my-orcl-db. + // The Amazon Resource Name (ARN) of the RDS for Oracle or Microsoft SQL Server + // DB instance. For example, arn:aws:rds:us-east-1:12345667890:instance:my-orcl-db. ResourceArn *string `type:"string"` } @@ -48767,8 +48815,8 @@ type RestoreDBInstanceFromDBSnapshotInput struct { // The amount of storage (in gibibytes) to allocate initially for the DB instance. // Follow the allocation rules specified in CreateDBInstance. // - // Be sure to allocate enough memory for your new DB instance so that the restore - // operation can succeed. You can also allocate additional memory for future + // Be sure to allocate enough storage for your new DB instance so that the restore + // operation can succeed. You can also allocate additional storage for future // growth. AllocatedStorage *int64 `type:"integer"` @@ -48833,8 +48881,8 @@ type RestoreDBInstanceFromDBSnapshotInput struct { // The identifier for the RDS for MySQL Multi-AZ DB cluster snapshot to restore // from. // - // For more information on Multi-AZ DB clusters, see Multi-AZ deployments with - // two readable standby DB instances (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) + // For more information on Multi-AZ DB clusters, see Multi-AZ DB cluster deployments + // (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) // in the Amazon RDS User Guide. // // Constraints: @@ -49426,8 +49474,8 @@ type RestoreDBInstanceFromS3Input struct { // The amount of storage (in gibibytes) to allocate initially for the DB instance. // Follow the allocation rules specified in CreateDBInstance. // - // Be sure to allocate enough memory for your new DB instance so that the restore - // operation can succeed. You can also allocate additional memory for future + // Be sure to allocate enough storage for your new DB instance so that the restore + // operation can succeed. You can also allocate additional storage for future // growth. AllocatedStorage *int64 `type:"integer"` @@ -50232,8 +50280,8 @@ type RestoreDBInstanceToPointInTimeInput struct { // The amount of storage (in gibibytes) to allocate initially for the DB instance. // Follow the allocation rules specified in CreateDBInstance. // - // Be sure to allocate enough memory for your new DB instance so that the restore - // operation can succeed. You can also allocate additional memory for future + // Be sure to allocate enough storage for your new DB instance so that the restore + // operation can succeed. You can also allocate additional storage for future // growth. AllocatedStorage *int64 `type:"integer"` @@ -51450,8 +51498,8 @@ type StartActivityStreamInput struct { ApplyImmediately *bool `type:"boolean"` // Specifies whether the database activity stream includes engine-native audit - // fields. This option only applies to an Oracle DB instance. By default, no - // engine-native audit fields are included. + // fields. This option applies to an Oracle or Microsoft SQL Server DB instance. + // By default, no engine-native audit fields are included. EngineNativeAuditFieldsIncluded *bool `type:"boolean"` // The Amazon Web Services KMS key identifier for encrypting messages in the @@ -51950,38 +51998,40 @@ func (s *StartDBInstanceOutput) SetDBInstance(v *DBInstance) *StartDBInstanceOut type StartExportTaskInput struct { _ struct{} `type:"structure"` - // The data to be exported from the snapshot. If this parameter is not provided, - // all the snapshot data is exported. Valid values are the following: + // The data to be exported from the snapshot or cluster. If this parameter is + // not provided, all of the data is exported. Valid values are the following: // // * database - Export all the data from a specified database. // - // * database.table table-name - Export a table of the snapshot. This format - // is valid only for RDS for MySQL, RDS for MariaDB, and Aurora MySQL. + // * database.table table-name - Export a table of the snapshot or cluster. + // This format is valid only for RDS for MySQL, RDS for MariaDB, and Aurora + // MySQL. // - // * database.schema schema-name - Export a database schema of the snapshot. - // This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL. + // * database.schema schema-name - Export a database schema of the snapshot + // or cluster. This format is valid only for RDS for PostgreSQL and Aurora + // PostgreSQL. // // * database.schema.table table-name - Export a table of the database schema. // This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL. ExportOnly []*string `type:"list"` - // A unique identifier for the snapshot export task. This ID isn't an identifier - // for the Amazon S3 bucket where the snapshot is to be exported to. + // A unique identifier for the export task. This ID isn't an identifier for + // the Amazon S3 bucket where the data is to be exported. // // ExportTaskIdentifier is a required field ExportTaskIdentifier *string `type:"string" required:"true"` // The name of the IAM role to use for writing to the Amazon S3 bucket when - // exporting a snapshot. + // exporting a snapshot or cluster. // // IamRoleArn is a required field IamRoleArn *string `type:"string" required:"true"` - // The ID of the Amazon Web Services KMS key to use to encrypt the snapshot - // exported to Amazon S3. The Amazon Web Services KMS key identifier is the - // key ARN, key ID, alias ARN, or alias name for the KMS key. The caller of - // this operation must be authorized to run the following operations. These - // can be set in the Amazon Web Services KMS key policy: + // The ID of the Amazon Web Services KMS key to use to encrypt the data exported + // to Amazon S3. The Amazon Web Services KMS key identifier is the key ARN, + // key ID, alias ARN, or alias name for the KMS key. The caller of this operation + // must be authorized to run the following operations. These can be set in the + // Amazon Web Services KMS key policy: // // * kms:Encrypt // @@ -52004,16 +52054,17 @@ type StartExportTaskInput struct { // KmsKeyId is a required field KmsKeyId *string `type:"string" required:"true"` - // The name of the Amazon S3 bucket to export the snapshot to. + // The name of the Amazon S3 bucket to export the snapshot or cluster data to. // // S3BucketName is a required field S3BucketName *string `type:"string" required:"true"` // The Amazon S3 bucket prefix to use as the file name and path of the exported - // snapshot. + // data. S3Prefix *string `type:"string"` - // The Amazon Resource Name (ARN) of the snapshot to export to Amazon S3. + // The Amazon Resource Name (ARN) of the snapshot or cluster to export to Amazon + // S3. // // SourceArn is a required field SourceArn *string `type:"string" required:"true"` @@ -52104,75 +52155,90 @@ func (s *StartExportTaskInput) SetSourceArn(v string) *StartExportTaskInput { return s } -// Contains the details of a snapshot export to Amazon S3. +// Contains the details of a snapshot or cluster export to Amazon S3. // // This data type is used as a response element in the DescribeExportTasks action. type StartExportTaskOutput struct { _ struct{} `type:"structure"` - // The data exported from the snapshot. Valid values are the following: + // The data exported from the snapshot or cluster. Valid values are the following: // // * database - Export all the data from a specified database. // - // * database.table table-name - Export a table of the snapshot. This format - // is valid only for RDS for MySQL, RDS for MariaDB, and Aurora MySQL. + // * database.table table-name - Export a table of the snapshot or cluster. + // This format is valid only for RDS for MySQL, RDS for MariaDB, and Aurora + // MySQL. // - // * database.schema schema-name - Export a database schema of the snapshot. - // This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL. + // * database.schema schema-name - Export a database schema of the snapshot + // or cluster. This format is valid only for RDS for PostgreSQL and Aurora + // PostgreSQL. // // * database.schema.table table-name - Export a table of the database schema. // This format is valid only for RDS for PostgreSQL and Aurora PostgreSQL. ExportOnly []*string `type:"list"` - // A unique identifier for the snapshot export task. This ID isn't an identifier - // for the Amazon S3 bucket where the snapshot is exported to. + // A unique identifier for the snapshot or cluster export task. This ID isn't + // an identifier for the Amazon S3 bucket where the data is exported. ExportTaskIdentifier *string `type:"string"` // The reason the export failed, if it failed. FailureCause *string `type:"string"` // The name of the IAM role that is used to write to Amazon S3 when exporting - // a snapshot. + // a snapshot or cluster. IamRoleArn *string `type:"string"` // The key identifier of the Amazon Web Services KMS key that is used to encrypt - // the snapshot when it's exported to Amazon S3. The KMS key identifier is its - // key ARN, key ID, alias ARN, or alias name. The IAM role used for the snapshot - // export must have encryption and decryption permissions to use this KMS key. + // the data when it's exported to Amazon S3. The KMS key identifier is its key + // ARN, key ID, alias ARN, or alias name. The IAM role used for the export must + // have encryption and decryption permissions to use this KMS key. KmsKeyId *string `type:"string"` - // The progress of the snapshot export task as a percentage. + // The progress of the snapshot or cluster export task as a percentage. PercentProgress *int64 `type:"integer"` - // The Amazon S3 bucket that the snapshot is exported to. + // The Amazon S3 bucket that the snapshot or cluster is exported to. S3Bucket *string `type:"string"` // The Amazon S3 bucket prefix that is the file name and path of the exported - // snapshot. + // data. S3Prefix *string `type:"string"` // The time that the snapshot was created. SnapshotTime *time.Time `type:"timestamp"` - // The Amazon Resource Name (ARN) of the snapshot exported to Amazon S3. + // The Amazon Resource Name (ARN) of the snapshot or cluster exported to Amazon + // S3. SourceArn *string `type:"string"` // The type of source for the export. SourceType *string `type:"string" enum:"ExportSourceType"` - // The progress status of the export task. + // The progress status of the export task. The status can be one of the following: + // + // * CANCELED + // + // * CANCELING + // + // * COMPLETE + // + // * FAILED + // + // * IN_PROGRESS + // + // * STARTING Status *string `type:"string"` - // The time that the snapshot export task completed. + // The time that the snapshot or cluster export task ended. TaskEndTime *time.Time `type:"timestamp"` - // The time that the snapshot export task started. + // The time that the snapshot or cluster export task started. TaskStartTime *time.Time `type:"timestamp"` // The total amount of data exported, in gigabytes. TotalExtractedDataInGB *int64 `type:"integer"` - // A warning about the snapshot export task. + // A warning about the snapshot or cluster export task. WarningMessage *string `type:"string"` } diff --git a/service/wafv2/api.go b/service/wafv2/api.go index bb27069c2e3..e8ff9cb2b8e 100644 --- a/service/wafv2/api.go +++ b/service/wafv2/api.go @@ -5772,7 +5772,99 @@ func (c *WAFV2) UpdateWebACLWithContext(ctx aws.Context, input *UpdateWebACLInpu return out, req.Send() } -// Details for your use of the Bot Control managed rule group, used in ManagedRuleGroupConfig. +// Details for your use of the account takeover prevention managed rule group, +// AWSManagedRulesATPRuleSet. This configuration is used in ManagedRuleGroupConfig. +type AWSManagedRulesATPRuleSet struct { + _ struct{} `type:"structure"` + + // The path of the login endpoint for your application. For example, for the + // URL https://example.com/web/login, you would provide the path /web/login. + // + // The rule group inspects only HTTP POST requests to your specified login endpoint. + // + // LoginPath is a required field + LoginPath *string `type:"string" required:"true"` + + // The criteria for inspecting login requests, used by the ATP rule group to + // validate credentials usage. + RequestInspection *RequestInspection `type:"structure"` + + // The criteria for inspecting responses to login requests, used by the ATP + // rule group to track login failure rates. + // + // The ATP rule group evaluates the responses that your protected resources + // send back to client login attempts, keeping count of successful and failed + // attempts from each IP address and client session. Using this information, + // the rule group labels and mitigates requests from client sessions and IP + // addresses that submit too many failed login attempts in a short amount of + // time. + // + // Response inspection is available only in web ACLs that protect Amazon CloudFront + // distributions. + ResponseInspection *ResponseInspection `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AWSManagedRulesATPRuleSet) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AWSManagedRulesATPRuleSet) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AWSManagedRulesATPRuleSet) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AWSManagedRulesATPRuleSet"} + if s.LoginPath == nil { + invalidParams.Add(request.NewErrParamRequired("LoginPath")) + } + if s.RequestInspection != nil { + if err := s.RequestInspection.Validate(); err != nil { + invalidParams.AddNested("RequestInspection", err.(request.ErrInvalidParams)) + } + } + if s.ResponseInspection != nil { + if err := s.ResponseInspection.Validate(); err != nil { + invalidParams.AddNested("ResponseInspection", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLoginPath sets the LoginPath field's value. +func (s *AWSManagedRulesATPRuleSet) SetLoginPath(v string) *AWSManagedRulesATPRuleSet { + s.LoginPath = &v + return s +} + +// SetRequestInspection sets the RequestInspection field's value. +func (s *AWSManagedRulesATPRuleSet) SetRequestInspection(v *RequestInspection) *AWSManagedRulesATPRuleSet { + s.RequestInspection = v + return s +} + +// SetResponseInspection sets the ResponseInspection field's value. +func (s *AWSManagedRulesATPRuleSet) SetResponseInspection(v *ResponseInspection) *AWSManagedRulesATPRuleSet { + s.ResponseInspection = v + return s +} + +// Details for your use of the Bot Control managed rule group, AWSManagedRulesBotControlRuleSet. +// This configuration is used in ManagedRuleGroupConfig. type AWSManagedRulesBotControlRuleSet struct { _ struct{} `type:"structure"` @@ -6303,7 +6395,7 @@ type ByteMatchStatement struct { // A string value that you want WAF to search for. WAF searches only in the // part of web requests that you designate for inspection in FieldToMatch. The - // maximum length of the value is 50 bytes. + // maximum length of the value is 200 bytes. // // Valid values depend on the component that you specify for inspection in FieldToMatch: // @@ -6319,7 +6411,7 @@ type ByteMatchStatement struct { // If you're using the WAF API // // Specify a base64-encoded version of the value. The maximum length of the - // value before you base64-encode it is 50 bytes. + // value before you base64-encode it is 200 bytes. // // For example, suppose the value of Type is HEADER and the value of Data is // User-Agent. If you want to search the User-Agent header for the value BadBot, @@ -7889,7 +7981,7 @@ type CreateWebACLInput struct { // // Public suffixes aren't allowed. For example, you can't use usa.gov or co.uk // as token domains. - TokenDomains []*string `min:"1" type:"list"` + TokenDomains []*string `type:"list"` // Defines and enables Amazon CloudWatch metrics and web request sample collection. // @@ -7939,9 +8031,6 @@ func (s *CreateWebACLInput) Validate() error { if s.Tags != nil && len(s.Tags) < 1 { invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) } - if s.TokenDomains != nil && len(s.TokenDomains) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TokenDomains", 1)) - } if s.VisibilityConfig == nil { invalidParams.Add(request.NewErrParamRequired("VisibilityConfig")) } @@ -14678,6 +14767,11 @@ func (s *LoggingFilter) SetFilters(v []*Filter) *LoggingFilter { // Additional information that's used by a managed rule group. Many managed // rule groups don't require this. // +// Use the AWSManagedRulesATPRuleSet configuration object for the account takeover +// prevention managed rule group, to provide information such as the sign-in +// page of your application and the type of content to accept or reject from +// the client. +// // Use the AWSManagedRulesBotControlRuleSet configuration object to configure // the protection level that you want the Bot Control rule group to use. // @@ -14685,6 +14779,19 @@ func (s *LoggingFilter) SetFilters(v []*Filter) *LoggingFilter { type ManagedRuleGroupConfig struct { _ struct{} `type:"structure"` + // Additional configuration for using the account takeover prevention (ATP) + // managed rule group, AWSManagedRulesATPRuleSet. Use this to provide login + // request information to the rule group. For web ACLs that protect CloudFront + // distributions, use this to also provide the information about how your distribution + // responds to login requests. This configuration replaces the individual configuration + // fields in ManagedRuleGroupConfig and provides additional feature configuration. + // + // For information about using the ATP managed rule group, see WAF Fraud Control + // account takeover prevention (ATP) rule group (https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) + // and WAF Fraud Control account takeover prevention (ATP) (https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) + // in the WAF Developer Guide. + AWSManagedRulesATPRuleSet *AWSManagedRulesATPRuleSet `type:"structure"` + // Additional configuration for using the Bot Control managed rule group. Use // this to specify the inspection level that you want to use. For information // about using the Bot Control managed rule group, see WAF Bot Control rule @@ -14693,18 +14800,32 @@ type ManagedRuleGroupConfig struct { // in the WAF Developer Guide. AWSManagedRulesBotControlRuleSet *AWSManagedRulesBotControlRuleSet `type:"structure"` - // The path of the login endpoint for your application. For example, for the - // URL https://example.com/web/login, you would provide the path /web/login. - LoginPath *string `min:"1" type:"string"` + // + // Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet. + // + // Deprecated: Deprecated. Use AWSManagedRulesATPRuleSet LoginPath + LoginPath *string `min:"1" deprecated:"true" type:"string"` - // Details about your login page password field. - PasswordField *PasswordField `type:"structure"` + // + // Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet + // RequestInspection. + // + // Deprecated: Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection PasswordField + PasswordField *PasswordField `deprecated:"true" type:"structure"` - // The payload type for your login endpoint, either JSON or form encoded. - PayloadType *string `type:"string" enum:"PayloadType"` + // + // Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet + // RequestInspection. + // + // Deprecated: Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection PayloadType + PayloadType *string `deprecated:"true" type:"string" enum:"PayloadType"` - // Details about your login page username field. - UsernameField *UsernameField `type:"structure"` + // + // Instead of this setting, provide your configuration under AWSManagedRulesATPRuleSet + // RequestInspection. + // + // Deprecated: Deprecated. Use AWSManagedRulesATPRuleSet RequestInspection UsernameField + UsernameField *UsernameField `deprecated:"true" type:"structure"` } // String returns the string representation. @@ -14731,6 +14852,11 @@ func (s *ManagedRuleGroupConfig) Validate() error { if s.LoginPath != nil && len(*s.LoginPath) < 1 { invalidParams.Add(request.NewErrParamMinLen("LoginPath", 1)) } + if s.AWSManagedRulesATPRuleSet != nil { + if err := s.AWSManagedRulesATPRuleSet.Validate(); err != nil { + invalidParams.AddNested("AWSManagedRulesATPRuleSet", err.(request.ErrInvalidParams)) + } + } if s.AWSManagedRulesBotControlRuleSet != nil { if err := s.AWSManagedRulesBotControlRuleSet.Validate(); err != nil { invalidParams.AddNested("AWSManagedRulesBotControlRuleSet", err.(request.ErrInvalidParams)) @@ -14753,6 +14879,12 @@ func (s *ManagedRuleGroupConfig) Validate() error { return nil } +// SetAWSManagedRulesATPRuleSet sets the AWSManagedRulesATPRuleSet field's value. +func (s *ManagedRuleGroupConfig) SetAWSManagedRulesATPRuleSet(v *AWSManagedRulesATPRuleSet) *ManagedRuleGroupConfig { + s.AWSManagedRulesATPRuleSet = v + return s +} + // SetAWSManagedRulesBotControlRuleSet sets the AWSManagedRulesBotControlRuleSet field's value. func (s *ManagedRuleGroupConfig) SetAWSManagedRulesBotControlRuleSet(v *AWSManagedRulesBotControlRuleSet) *ManagedRuleGroupConfig { s.AWSManagedRulesBotControlRuleSet = v @@ -14807,9 +14939,14 @@ type ManagedRuleGroupStatement struct { // Additional information that's used by a managed rule group. Many managed // rule groups don't require this. // + // Use the AWSManagedRulesATPRuleSet configuration object for the account takeover + // prevention managed rule group, to provide information such as the sign-in + // page of your application and the type of content to accept or reject from + // the client. + // // Use the AWSManagedRulesBotControlRuleSet configuration object to configure // the protection level that you want the Bot Control rule group to use. - ManagedRuleGroupConfigs []*ManagedRuleGroupConfig `min:"1" type:"list"` + ManagedRuleGroupConfigs []*ManagedRuleGroupConfig `type:"list"` // The name of the managed rule group. You use this, along with the vendor name, // to identify the rule group. @@ -14869,9 +15006,6 @@ func (s ManagedRuleGroupStatement) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ManagedRuleGroupStatement) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ManagedRuleGroupStatement"} - if s.ManagedRuleGroupConfigs != nil && len(s.ManagedRuleGroupConfigs) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ManagedRuleGroupConfigs", 1)) - } if s.Name == nil { invalidParams.Add(request.NewErrParamRequired("Name")) } @@ -15722,7 +15856,8 @@ func (s *OverrideAction) SetNone(v *NoneAction) *OverrideAction { return s } -// Details about your login page password field, used in a ManagedRuleGroupConfig. +// Details about your login page password field for request inspection, used +// in the AWSManagedRulesATPRuleSet RequestInspection configuration. type PasswordField struct { _ struct{} `type:"structure"` @@ -16271,7 +16406,7 @@ func (s QueryString) GoString() string { // seen from an attacker, you might create a rate-based rule with a nested AND // rule statement that contains the following nested statements: // -// - An IP match statement with an IP set that specified the address 192.0.2.44. +// - An IP match statement with an IP set that specifies the address 192.0.2.44. // // - A string match statement that searches in the User-Agent header for // the string BadBot. @@ -16890,6 +17025,586 @@ func (s *ReleaseSummary) SetTimestamp(v time.Time) *ReleaseSummary { return s } +// The criteria for inspecting login requests, used by the ATP rule group to +// validate credentials usage. +// +// This is part of the AWSManagedRulesATPRuleSet configuration in ManagedRuleGroupConfig. +// +// In these settings, you specify how your application accepts login attempts +// by providing the request payload type and the names of the fields within +// the request body where the username and password are provided. +type RequestInspection struct { + _ struct{} `type:"structure"` + + // Details about your login page password field. + // + // How you specify this depends on the payload type. + // + // * For JSON payloads, specify the field name in JSON pointer syntax. For + // information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "login": { "username": "THE_USERNAME", "password": "THE_PASSWORD" } + // }, the username field specification is /login/username and the password + // field specification is /login/password. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with input elements named username1 and password1, the + // username field specification is username1 and the password field specification + // is password1. + // + // PasswordField is a required field + PasswordField *PasswordField `type:"structure" required:"true"` + + // The payload type for your login endpoint, either JSON or form encoded. + // + // PayloadType is a required field + PayloadType *string `type:"string" required:"true" enum:"PayloadType"` + + // Details about your login page username field. + // + // How you specify this depends on the payload type. + // + // * For JSON payloads, specify the field name in JSON pointer syntax. For + // information about the JSON Pointer syntax, see the Internet Engineering + // Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer + // (https://tools.ietf.org/html/rfc6901). For example, for the JSON payload + // { "login": { "username": "THE_USERNAME", "password": "THE_PASSWORD" } + // }, the username field specification is /login/username and the password + // field specification is /login/password. + // + // * For form encoded payload types, use the HTML form names. For example, + // for an HTML form with input elements named username1 and password1, the + // username field specification is username1 and the password field specification + // is password1. + // + // UsernameField is a required field + UsernameField *UsernameField `type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RequestInspection) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RequestInspection) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RequestInspection) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RequestInspection"} + if s.PasswordField == nil { + invalidParams.Add(request.NewErrParamRequired("PasswordField")) + } + if s.PayloadType == nil { + invalidParams.Add(request.NewErrParamRequired("PayloadType")) + } + if s.UsernameField == nil { + invalidParams.Add(request.NewErrParamRequired("UsernameField")) + } + if s.PasswordField != nil { + if err := s.PasswordField.Validate(); err != nil { + invalidParams.AddNested("PasswordField", err.(request.ErrInvalidParams)) + } + } + if s.UsernameField != nil { + if err := s.UsernameField.Validate(); err != nil { + invalidParams.AddNested("UsernameField", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPasswordField sets the PasswordField field's value. +func (s *RequestInspection) SetPasswordField(v *PasswordField) *RequestInspection { + s.PasswordField = v + return s +} + +// SetPayloadType sets the PayloadType field's value. +func (s *RequestInspection) SetPayloadType(v string) *RequestInspection { + s.PayloadType = &v + return s +} + +// SetUsernameField sets the UsernameField field's value. +func (s *RequestInspection) SetUsernameField(v *UsernameField) *RequestInspection { + s.UsernameField = v + return s +} + +// The criteria for inspecting responses to login requests, used by the ATP +// rule group to track login failure rates. +// +// The ATP rule group evaluates the responses that your protected resources +// send back to client login attempts, keeping count of successful and failed +// attempts from each IP address and client session. Using this information, +// the rule group labels and mitigates requests from client sessions and IP +// addresses that submit too many failed login attempts in a short amount of +// time. +// +// Response inspection is available only in web ACLs that protect Amazon CloudFront +// distributions. +// +// This is part of the AWSManagedRulesATPRuleSet configuration in ManagedRuleGroupConfig. +// +// Enable login response inspection by configuring exactly one component of +// the response to inspect. You can't configure more than one. If you don't +// configure any of the response inspection options, response inspection is +// disabled. +type ResponseInspection struct { + _ struct{} `type:"structure"` + + // Configures inspection of the response body. + BodyContains *ResponseInspectionBodyContains `type:"structure"` + + // Configures inspection of the response header. + Header *ResponseInspectionHeader `type:"structure"` + + // Configures inspection of the response JSON. + Json *ResponseInspectionJson `type:"structure"` + + // Configures inspection of the response status code. + StatusCode *ResponseInspectionStatusCode `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspection) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspection) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ResponseInspection) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ResponseInspection"} + if s.BodyContains != nil { + if err := s.BodyContains.Validate(); err != nil { + invalidParams.AddNested("BodyContains", err.(request.ErrInvalidParams)) + } + } + if s.Header != nil { + if err := s.Header.Validate(); err != nil { + invalidParams.AddNested("Header", err.(request.ErrInvalidParams)) + } + } + if s.Json != nil { + if err := s.Json.Validate(); err != nil { + invalidParams.AddNested("Json", err.(request.ErrInvalidParams)) + } + } + if s.StatusCode != nil { + if err := s.StatusCode.Validate(); err != nil { + invalidParams.AddNested("StatusCode", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBodyContains sets the BodyContains field's value. +func (s *ResponseInspection) SetBodyContains(v *ResponseInspectionBodyContains) *ResponseInspection { + s.BodyContains = v + return s +} + +// SetHeader sets the Header field's value. +func (s *ResponseInspection) SetHeader(v *ResponseInspectionHeader) *ResponseInspection { + s.Header = v + return s +} + +// SetJson sets the Json field's value. +func (s *ResponseInspection) SetJson(v *ResponseInspectionJson) *ResponseInspection { + s.Json = v + return s +} + +// SetStatusCode sets the StatusCode field's value. +func (s *ResponseInspection) SetStatusCode(v *ResponseInspectionStatusCode) *ResponseInspection { + s.StatusCode = v + return s +} + +// Configures inspection of the response body. This is part of the ResponseInspection +// configuration for AWSManagedRulesATPRuleSet. +type ResponseInspectionBodyContains struct { + _ struct{} `type:"structure"` + + // Strings in the body of the response that indicate a failed login attempt. + // To be counted as a failed login, the string can be anywhere in the body and + // must be an exact match, including case. Each string must be unique among + // the success and failure strings. + // + // JSON example: "FailureStrings": [ "Login failed" ] + // + // FailureStrings is a required field + FailureStrings []*string `min:"1" type:"list" required:"true"` + + // Strings in the body of the response that indicate a successful login attempt. + // To be counted as a successful login, the string can be anywhere in the body + // and must be an exact match, including case. Each string must be unique among + // the success and failure strings. + // + // JSON example: "SuccessStrings": [ "Login successful", "Welcome to our site!" + // ] + // + // SuccessStrings is a required field + SuccessStrings []*string `min:"1" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspectionBodyContains) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspectionBodyContains) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ResponseInspectionBodyContains) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ResponseInspectionBodyContains"} + if s.FailureStrings == nil { + invalidParams.Add(request.NewErrParamRequired("FailureStrings")) + } + if s.FailureStrings != nil && len(s.FailureStrings) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FailureStrings", 1)) + } + if s.SuccessStrings == nil { + invalidParams.Add(request.NewErrParamRequired("SuccessStrings")) + } + if s.SuccessStrings != nil && len(s.SuccessStrings) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SuccessStrings", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFailureStrings sets the FailureStrings field's value. +func (s *ResponseInspectionBodyContains) SetFailureStrings(v []*string) *ResponseInspectionBodyContains { + s.FailureStrings = v + return s +} + +// SetSuccessStrings sets the SuccessStrings field's value. +func (s *ResponseInspectionBodyContains) SetSuccessStrings(v []*string) *ResponseInspectionBodyContains { + s.SuccessStrings = v + return s +} + +// Configures inspection of the response header. This is part of the ResponseInspection +// configuration for AWSManagedRulesATPRuleSet. +type ResponseInspectionHeader struct { + _ struct{} `type:"structure"` + + // Values in the response header with the specified name that indicate a failed + // login attempt. To be counted as a failed login, the value must be an exact + // match, including case. Each value must be unique among the success and failure + // values. + // + // JSON example: "FailureValues": [ "LoginFailed", "Failed login" ] + // + // FailureValues is a required field + FailureValues []*string `min:"1" type:"list" required:"true"` + + // The name of the header to match against. The name must be an exact match, + // including case. + // + // JSON example: "Name": [ "LoginResult" ] + // + // Name is a required field + Name *string `min:"1" type:"string" required:"true"` + + // Values in the response header with the specified name that indicate a successful + // login attempt. To be counted as a successful login, the value must be an + // exact match, including case. Each value must be unique among the success + // and failure values. + // + // JSON example: "SuccessValues": [ "LoginPassed", "Successful login" ] + // + // SuccessValues is a required field + SuccessValues []*string `min:"1" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspectionHeader) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspectionHeader) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ResponseInspectionHeader) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ResponseInspectionHeader"} + if s.FailureValues == nil { + invalidParams.Add(request.NewErrParamRequired("FailureValues")) + } + if s.FailureValues != nil && len(s.FailureValues) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FailureValues", 1)) + } + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.SuccessValues == nil { + invalidParams.Add(request.NewErrParamRequired("SuccessValues")) + } + if s.SuccessValues != nil && len(s.SuccessValues) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SuccessValues", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFailureValues sets the FailureValues field's value. +func (s *ResponseInspectionHeader) SetFailureValues(v []*string) *ResponseInspectionHeader { + s.FailureValues = v + return s +} + +// SetName sets the Name field's value. +func (s *ResponseInspectionHeader) SetName(v string) *ResponseInspectionHeader { + s.Name = &v + return s +} + +// SetSuccessValues sets the SuccessValues field's value. +func (s *ResponseInspectionHeader) SetSuccessValues(v []*string) *ResponseInspectionHeader { + s.SuccessValues = v + return s +} + +// Configures inspection of the response JSON. This is part of the ResponseInspection +// configuration for AWSManagedRulesATPRuleSet. +type ResponseInspectionJson struct { + _ struct{} `type:"structure"` + + // Values for the specified identifier in the response JSON that indicate a + // failed login attempt. To be counted as a failed login, the value must be + // an exact match, including case. Each value must be unique among the success + // and failure values. + // + // JSON example: "FailureValues": [ "False", "Failed" ] + // + // FailureValues is a required field + FailureValues []*string `min:"1" type:"list" required:"true"` + + // The identifier for the value to match against in the JSON. The identifier + // must be an exact match, including case. + // + // JSON example: "Identifier": [ "/login/success" ] + // + // Identifier is a required field + Identifier *string `min:"1" type:"string" required:"true"` + + // Values for the specified identifier in the response JSON that indicate a + // successful login attempt. To be counted as a successful login, the value + // must be an exact match, including case. Each value must be unique among the + // success and failure values. + // + // JSON example: "SuccessValues": [ "True", "Succeeded" ] + // + // SuccessValues is a required field + SuccessValues []*string `min:"1" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspectionJson) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspectionJson) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ResponseInspectionJson) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ResponseInspectionJson"} + if s.FailureValues == nil { + invalidParams.Add(request.NewErrParamRequired("FailureValues")) + } + if s.FailureValues != nil && len(s.FailureValues) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FailureValues", 1)) + } + if s.Identifier == nil { + invalidParams.Add(request.NewErrParamRequired("Identifier")) + } + if s.Identifier != nil && len(*s.Identifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Identifier", 1)) + } + if s.SuccessValues == nil { + invalidParams.Add(request.NewErrParamRequired("SuccessValues")) + } + if s.SuccessValues != nil && len(s.SuccessValues) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SuccessValues", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFailureValues sets the FailureValues field's value. +func (s *ResponseInspectionJson) SetFailureValues(v []*string) *ResponseInspectionJson { + s.FailureValues = v + return s +} + +// SetIdentifier sets the Identifier field's value. +func (s *ResponseInspectionJson) SetIdentifier(v string) *ResponseInspectionJson { + s.Identifier = &v + return s +} + +// SetSuccessValues sets the SuccessValues field's value. +func (s *ResponseInspectionJson) SetSuccessValues(v []*string) *ResponseInspectionJson { + s.SuccessValues = v + return s +} + +// Configures inspection of the response status code. This is part of the ResponseInspection +// configuration for AWSManagedRulesATPRuleSet. +type ResponseInspectionStatusCode struct { + _ struct{} `type:"structure"` + + // Status codes in the response that indicate a failed login attempt. To be + // counted as a failed login, the response status code must match one of these. + // Each code must be unique among the success and failure status codes. + // + // JSON example: "FailureCodes": [ 400, 404 ] + // + // FailureCodes is a required field + FailureCodes []*int64 `min:"1" type:"list" required:"true"` + + // Status codes in the response that indicate a successful login attempt. To + // be counted as a successful login, the response status code must match one + // of these. Each code must be unique among the success and failure status codes. + // + // JSON example: "SuccessCodes": [ 200, 201 ] + // + // SuccessCodes is a required field + SuccessCodes []*int64 `min:"1" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspectionStatusCode) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResponseInspectionStatusCode) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ResponseInspectionStatusCode) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ResponseInspectionStatusCode"} + if s.FailureCodes == nil { + invalidParams.Add(request.NewErrParamRequired("FailureCodes")) + } + if s.FailureCodes != nil && len(s.FailureCodes) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FailureCodes", 1)) + } + if s.SuccessCodes == nil { + invalidParams.Add(request.NewErrParamRequired("SuccessCodes")) + } + if s.SuccessCodes != nil && len(s.SuccessCodes) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SuccessCodes", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFailureCodes sets the FailureCodes field's value. +func (s *ResponseInspectionStatusCode) SetFailureCodes(v []*int64) *ResponseInspectionStatusCode { + s.FailureCodes = v + return s +} + +// SetSuccessCodes sets the SuccessCodes field's value. +func (s *ResponseInspectionStatusCode) SetSuccessCodes(v []*int64) *ResponseInspectionStatusCode { + s.SuccessCodes = v + return s +} + // A single rule, which you can use in a WebACL or RuleGroup to identify web // requests that you want to allow, block, or count. Each rule includes one // top-level Statement that WAF uses to identify matching web requests, and @@ -18323,7 +19038,7 @@ type Statement struct { // seen from an attacker, you might create a rate-based rule with a nested AND // rule statement that contains the following nested statements: // - // * An IP match statement with an IP set that specified the address 192.0.2.44. + // * An IP match statement with an IP set that specifies the address 192.0.2.44. // // * A string match statement that searches in the User-Agent header for // the string BadBot. @@ -20090,7 +20805,7 @@ type UpdateWebACLInput struct { // // Public suffixes aren't allowed. For example, you can't use usa.gov or co.uk // as token domains. - TokenDomains []*string `min:"1" type:"list"` + TokenDomains []*string `type:"list"` // Defines and enables Amazon CloudWatch metrics and web request sample collection. // @@ -20149,9 +20864,6 @@ func (s *UpdateWebACLInput) Validate() error { if s.Scope == nil { invalidParams.Add(request.NewErrParamRequired("Scope")) } - if s.TokenDomains != nil && len(s.TokenDomains) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TokenDomains", 1)) - } if s.VisibilityConfig == nil { invalidParams.Add(request.NewErrParamRequired("VisibilityConfig")) } @@ -20335,7 +21047,8 @@ func (s UriPath) GoString() string { return s.String() } -// Details about your login page username field, used in a ManagedRuleGroupConfig. +// Details about your login page username field for request inspection, used +// in the AWSManagedRulesATPRuleSet RequestInspection configuration. type UsernameField struct { _ struct{} `type:"structure"` @@ -21894,7 +22607,7 @@ type WebACL struct { // accepts tokens only for the domain of the protected resource. With a token // domain list, WAF accepts the resource's host domain plus all domains in the // token domain list, including their prefixed subdomains. - TokenDomains []*string `min:"1" type:"list"` + TokenDomains []*string `type:"list"` // Defines and enables Amazon CloudWatch metrics and web request sample collection. // @@ -23668,6 +24381,9 @@ const ( // ParameterExceptionFieldTokenDomain is a ParameterExceptionField enum value ParameterExceptionFieldTokenDomain = "TOKEN_DOMAIN" + + // ParameterExceptionFieldAtpRuleSetResponseInspection is a ParameterExceptionField enum value + ParameterExceptionFieldAtpRuleSetResponseInspection = "ATP_RULE_SET_RESPONSE_INSPECTION" ) // ParameterExceptionField_Values returns all elements of the ParameterExceptionField enum @@ -23738,6 +24454,7 @@ func ParameterExceptionField_Values() []string { ParameterExceptionFieldOversizeHandling, ParameterExceptionFieldChallengeConfig, ParameterExceptionFieldTokenDomain, + ParameterExceptionFieldAtpRuleSetResponseInspection, } } diff --git a/service/wafv2/doc.go b/service/wafv2/doc.go index aab7d0f46f5..94c2067645e 100644 --- a/service/wafv2/doc.go +++ b/service/wafv2/doc.go @@ -18,19 +18,18 @@ // see the WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html). // // WAF is a web application firewall that lets you monitor the HTTP and HTTPS -// requests that are forwarded to Amazon CloudFront, an Amazon API Gateway REST -// API, an Application Load Balancer, an AppSync GraphQL API, or an Amazon Cognito -// user pool. WAF also lets you control access to your content. Based on conditions -// that you specify, such as the IP addresses that requests originate from or -// the values of query strings, the Amazon API Gateway REST API, CloudFront -// distribution, the Application Load Balancer, the AppSync GraphQL API, or -// the Amazon Cognito user pool responds to requests either with the requested -// content or with an HTTP 403 status code (Forbidden). You also can configure -// CloudFront to return a custom error page when a request is blocked. +// requests that are forwarded to an Amazon CloudFront distribution, Amazon +// API Gateway REST API, Application Load Balancer, AppSync GraphQL API, or +// Amazon Cognito user pool. WAF also lets you control access to your content, +// to protect the Amazon Web Services resource that WAF is monitoring. Based +// on conditions that you specify, such as the IP addresses that requests originate +// from or the values of query strings, the protected resource responds to requests +// with either the requested content, an HTTP 403 status code (Forbidden), or +// with a custom response. // // This API guide is for developers who need detailed information about WAF // API actions, data types, and errors. For detailed information about WAF features -// and an overview of how to use WAF, see the WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html). +// and guidance for configuring and using WAF, see the WAF Developer Guide (https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html). // // You can make calls using the endpoints listed in WAF endpoints and quotas // (https://docs.aws.amazon.com/general/latest/gr/waf.html).