diff --git a/codegen/sdk-codegen/aws-models/application-discovery-service.json b/codegen/sdk-codegen/aws-models/application-discovery-service.json
index a47d155bc45..263d487b00e 100644
--- a/codegen/sdk-codegen/aws-models/application-discovery-service.json
+++ b/codegen/sdk-codegen/aws-models/application-discovery-service.json
@@ -2373,7 +2373,20 @@
"outputToken": "nextToken",
"items": "agentsInfo",
"pageSize": "maxResults"
- }
+ },
+ "smithy.test#smokeTests": [
+ {
+ "id": "DescribeAgentsSuccess",
+ "params": {},
+ "vendorParams": {
+ "region": "us-west-2"
+ },
+ "vendorParamsShape": "aws.test#AwsVendorParams",
+ "expect": {
+ "success": {}
+ }
+ }
+ ]
}
},
"com.amazonaws.applicationdiscoveryservice#DescribeAgentsRequest": {
diff --git a/codegen/sdk-codegen/aws-models/greengrassv2.json b/codegen/sdk-codegen/aws-models/greengrassv2.json
index 80822331e3c..3d4035e32f6 100644
--- a/codegen/sdk-codegen/aws-models/greengrassv2.json
+++ b/codegen/sdk-codegen/aws-models/greengrassv2.json
@@ -657,7 +657,8 @@
"componentVersion": {
"target": "com.amazonaws.greengrassv2#ComponentVersionString",
"traits": {
- "smithy.api#documentation": "The version of the component.
"
+ "smithy.api#documentation": "The version of the component.
",
+ "smithy.api#required": {}
}
},
"configurationUpdate": {
@@ -1045,7 +1046,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates a component. Components are software that run on Greengrass core devices. After you\n develop and test a component on your core device, you can use this operation to upload your\n component to IoT Greengrass. Then, you can deploy the component to other core devices.
\n You can use this operation to do the following:
\n \n - \n
\n Create components from recipes\n
\n Create a component from a recipe, which is a file that defines the component's\n metadata, parameters, dependencies, lifecycle, artifacts, and platform capability. For\n more information, see IoT Greengrass component recipe\n reference in the IoT Greengrass V2 Developer Guide.
\n To create a component from a recipe, specify inlineRecipe when you call\n this operation.
\n \n - \n
\n Create components from Lambda functions\n
\n Create a component from an Lambda function that runs on IoT Greengrass. This creates a recipe\n and artifacts from the Lambda function's deployment package. You can use this operation to\n migrate Lambda functions from IoT Greengrass V1 to IoT Greengrass V2.
\n This function only accepts Lambda functions that use the following runtimes:
\n \n - \n
Python 2.7 – python2.7\n
\n \n - \n
Python 3.7 – python3.7\n
\n \n - \n
Python 3.8 – python3.8\n
\n \n - \n
Python 3.9 – python3.9\n
\n \n - \n
Java 8 – java8\n
\n \n - \n
Java 11 – java11\n
\n \n - \n
Node.js 10 – nodejs10.x\n
\n \n - \n
Node.js 12 – nodejs12.x\n
\n \n - \n
Node.js 14 – nodejs14.x\n
\n \n
\n To create a component from a Lambda function, specify lambdaFunction when\n you call this operation.
\n \n IoT Greengrass currently supports Lambda functions on only Linux core devices.
\n \n \n
",
+ "smithy.api#documentation": "Creates a component. Components are software that run on Greengrass core devices. After you\n develop and test a component on your core device, you can use this operation to upload your\n component to IoT Greengrass. Then, you can deploy the component to other core devices.
\n You can use this operation to do the following:
\n \n - \n
\n Create components from recipes\n
\n Create a component from a recipe, which is a file that defines the component's\n metadata, parameters, dependencies, lifecycle, artifacts, and platform capability. For\n more information, see IoT Greengrass component recipe\n reference in the IoT Greengrass V2 Developer Guide.
\n To create a component from a recipe, specify inlineRecipe when you call\n this operation.
\n \n - \n
\n Create components from Lambda functions\n
\n Create a component from an Lambda function that runs on IoT Greengrass. This creates a recipe\n and artifacts from the Lambda function's deployment package. You can use this operation to\n migrate Lambda functions from IoT Greengrass V1 to IoT Greengrass V2.
\n This function accepts Lambda functions in all supported versions of Python, Node.js,\n and Java runtimes. IoT Greengrass doesn't apply any additional restrictions on deprecated Lambda\n runtime versions.
\n To create a component from a Lambda function, specify lambdaFunction when\n you call this operation.
\n \n IoT Greengrass currently supports Lambda functions on only Linux core devices.
\n \n \n
",
"smithy.api#http": {
"method": "POST",
"uri": "/greengrass/v2/createComponentVersion",
@@ -2249,6 +2250,20 @@
"smithy.api#httpLabel": {},
"smithy.api#required": {}
}
+ },
+ "s3EndpointType": {
+ "target": "com.amazonaws.greengrassv2#S3EndpointType",
+ "traits": {
+ "smithy.api#documentation": "Specifies the endpoint to use when getting Amazon S3 pre-signed URLs.
\n All Amazon Web Services Regions except US East (N. Virginia) use REGIONAL in all cases.\n In the US East (N. Virginia) Region the default is GLOBAL, but you can change it\n to REGIONAL with this parameter.
",
+ "smithy.api#httpQuery": "s3EndpointType"
+ }
+ },
+ "iotEndpointType": {
+ "target": "com.amazonaws.greengrassv2#IotEndpointType",
+ "traits": {
+ "smithy.api#documentation": "Determines if the Amazon S3 URL returned is a FIPS pre-signed URL endpoint. \n Specify fips if you want the returned Amazon S3 pre-signed URL to point to \n an Amazon S3 FIPS endpoint. If you don't specify a value, the default is standard.
",
+ "smithy.api#httpHeader": "x-amz-iot-endpoint-type"
+ }
}
},
"traits": {
@@ -2724,7 +2739,7 @@
"sdkId": "GreengrassV2",
"arnNamespace": "greengrass",
"cloudFormationName": "GreengrassV2",
- "cloudTrailEventSource": "greengrassv2.amazonaws.com",
+ "cloudTrailEventSource": "greengrass.amazonaws.com",
"endpointPrefix": "greengrass"
},
"aws.auth#sigv4": {
@@ -3717,7 +3732,7 @@
"lastInstallationSource": {
"target": "com.amazonaws.greengrassv2#NonEmptyString",
"traits": {
- "smithy.api#documentation": "The most recent deployment source that brought the component to the Greengrass core device. For\n a thing group deployment or thing deployment, the source will be the The ID of the deployment. and for\n local deployments it will be LOCAL.
\n \n Any deployment will attempt to reinstall currently broken components on the device,\n which will update the last installation source.
\n "
+ "smithy.api#documentation": "The most recent deployment source that brought the component to the Greengrass core device. For\n a thing group deployment or thing deployment, the source will be the ID of the last deployment\n that contained the component. For local deployments it will be LOCAL.
\n \n Any deployment will attempt to reinstall currently broken components on the device,\n which will update the last installation source.
\n "
}
},
"lifecycleStatusCodes": {
@@ -4115,6 +4130,23 @@
}
}
},
+ "com.amazonaws.greengrassv2#IotEndpointType": {
+ "type": "enum",
+ "members": {
+ "fips": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "fips"
+ }
+ },
+ "standard": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "standard"
+ }
+ }
+ }
+ },
"com.amazonaws.greengrassv2#IsLatestForTarget": {
"type": "boolean",
"traits": {
@@ -4930,7 +4962,7 @@
"maxResults": {
"target": "com.amazonaws.greengrassv2#DefaultMaxResults",
"traits": {
- "smithy.api#documentation": "The maximum number of results to be returned per paginated request.
",
+ "smithy.api#documentation": "The maximum number of results to be returned per paginated request.
\n Default: 50\n
",
"smithy.api#httpQuery": "maxResults"
}
},
@@ -5465,6 +5497,23 @@
"smithy.api#default": 0
}
},
+ "com.amazonaws.greengrassv2#S3EndpointType": {
+ "type": "enum",
+ "members": {
+ "REGIONAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "REGIONAL"
+ }
+ },
+ "GLOBAL": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "GLOBAL"
+ }
+ }
+ }
+ },
"com.amazonaws.greengrassv2#ServiceQuotaExceededException": {
"type": "structure",
"members": {
diff --git a/codegen/sdk-codegen/aws-models/sagemaker.json b/codegen/sdk-codegen/aws-models/sagemaker.json
index f843b6bb34c..1d75d61a7f9 100644
--- a/codegen/sdk-codegen/aws-models/sagemaker.json
+++ b/codegen/sdk-codegen/aws-models/sagemaker.json
@@ -1374,6 +1374,54 @@
"smithy.api#enumValue": "ml.g5.48xlarge"
}
},
+ "ML_G6_XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.xlarge"
+ }
+ },
+ "ML_G6_2XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.2xlarge"
+ }
+ },
+ "ML_G6_4XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.4xlarge"
+ }
+ },
+ "ML_G6_8XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.8xlarge"
+ }
+ },
+ "ML_G6_12XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.12xlarge"
+ }
+ },
+ "ML_G6_16XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.16xlarge"
+ }
+ },
+ "ML_G6_24XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.24xlarge"
+ }
+ },
+ "ML_G6_48XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.48xlarge"
+ }
+ },
"ML_GEOSPATIAL_INTERACTIVE": {
"target": "smithy.api#Unit",
"traits": {
@@ -33510,6 +33558,54 @@
"traits": {
"smithy.api#enumValue": "ml.r6id.32xlarge"
}
+ },
+ "ML_G6_XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.xlarge"
+ }
+ },
+ "ML_G6_2XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.2xlarge"
+ }
+ },
+ "ML_G6_4XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.4xlarge"
+ }
+ },
+ "ML_G6_8XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.8xlarge"
+ }
+ },
+ "ML_G6_12XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.12xlarge"
+ }
+ },
+ "ML_G6_16XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.16xlarge"
+ }
+ },
+ "ML_G6_24XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.24xlarge"
+ }
+ },
+ "ML_G6_48XLARGE": {
+ "target": "smithy.api#Unit",
+ "traits": {
+ "smithy.api#enumValue": "ml.g6.48xlarge"
+ }
}
}
},
diff --git a/codegen/sdk-codegen/aws-models/sso-oidc.json b/codegen/sdk-codegen/aws-models/sso-oidc.json
index 2974461fc06..ad40043c8de 100644
--- a/codegen/sdk-codegen/aws-models/sso-oidc.json
+++ b/codegen/sdk-codegen/aws-models/sso-oidc.json
@@ -990,6 +990,9 @@
"smithy.api#sensitive": {}
}
},
+ "com.amazonaws.ssooidc#ArnType": {
+ "type": "string"
+ },
"com.amazonaws.ssooidc#Assertion": {
"type": "string",
"traits": {
@@ -1036,6 +1039,12 @@
"com.amazonaws.ssooidc#ClientType": {
"type": "string"
},
+ "com.amazonaws.ssooidc#CodeVerifier": {
+ "type": "string",
+ "traits": {
+ "smithy.api#sensitive": {}
+ }
+ },
"com.amazonaws.ssooidc#CreateToken": {
"type": "operation",
"input": {
@@ -1098,6 +1107,25 @@
"expiresIn": 1579729529,
"refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN"
}
+ },
+ {
+ "title": "Call OAuth/OIDC /token endpoint for Refresh Token grant with Secret authentication",
+ "documentation": "",
+ "input": {
+ "clientId": "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ "clientSecret": "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ "grantType": "refresh_token",
+ "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ "scope": [
+ "codewhisperer:completions"
+ ]
+ },
+ "output": {
+ "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ "tokenType": "Bearer",
+ "expiresIn": 1579729529,
+ "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN"
+ }
}
],
"smithy.api#http": {
@@ -1161,6 +1189,12 @@
"traits": {
"smithy.api#documentation": "Used only when calling this API for the Authorization Code grant type. This value specifies\n the location of the client or application that has registered to receive the authorization\n code.
"
}
+ },
+ "codeVerifier": {
+ "target": "com.amazonaws.ssooidc#CodeVerifier",
+ "traits": {
+ "smithy.api#documentation": "Used only when calling this API for the Authorization Code grant type. This value is generated\n by the client and presented to validate the original code challenge value the client passed at\n authorization time.
"
+ }
}
},
"traits": {
@@ -1173,7 +1207,7 @@
"accessToken": {
"target": "com.amazonaws.ssooidc#AccessToken",
"traits": {
- "smithy.api#documentation": "A bearer token to access AWS accounts and applications assigned to a user.
"
+ "smithy.api#documentation": "A bearer token to access Amazon Web Services accounts and applications assigned to a user.
"
}
},
"tokenType": {
@@ -1253,7 +1287,7 @@
}
],
"traits": {
- "smithy.api#documentation": "Creates and returns access and refresh tokens for clients and applications that are\n authenticated using IAM entities. The access token can be used to fetch short-term credentials\n for the assigned AWS accounts or to access application APIs using bearer\n authentication.
",
+ "smithy.api#documentation": "Creates and returns access and refresh tokens for clients and applications that are\n authenticated using IAM entities. The access token can be used to fetch short-term credentials\n for the assigned Amazon Web Services accounts or to access application APIs using bearer\n authentication.
",
"smithy.api#examples": [
{
"title": "Call OAuth/OIDC /token endpoint for Authorization Code grant with IAM authentication",
@@ -1282,6 +1316,72 @@
"sts:identity_context"
]
}
+ },
+ {
+ "title": "Call OAuth/OIDC /token endpoint for Refresh Token grant with IAM authentication",
+ "documentation": "",
+ "input": {
+ "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ "grantType": "refresh_token",
+ "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN"
+ },
+ "output": {
+ "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ "tokenType": "Bearer",
+ "expiresIn": 1579729529,
+ "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
+ "scope": [
+ "openid",
+ "aws",
+ "sts:identity_context"
+ ]
+ }
+ },
+ {
+ "title": "Call OAuth/OIDC /token endpoint for JWT Bearer grant with IAM authentication",
+ "documentation": "",
+ "input": {
+ "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ "grantType": "urn:ietf:params:oauth:grant-type:jwt-bearer",
+ "assertion": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTEyMjA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIiOiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFJa3pxRlZyU2FTYUZIeTc4MmJidGFRIiwiYXVkIjoiNmNiMDQwMTgtYTNmNS00NmE3LWI5OTUtOTQwYzc4ZjVhZWYzIiwiZXhwIjoxNTM2MzYxNDExLCJpYXQiOjE1MzYyNzQ3MTEsIm5iZiI6MTUzNjI3NDcxMSwibmFtZSI6IkFiZSBMaW5jb2xuIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWJlTGlAbWljcm9zb2Z0LmNvbSIsIm9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC02NmYzLTMzMzJlY2E3ZWE4MSIsInRpZCI6IjkxMjIwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCIsIm5vbmNlIjoiMTIzNTIzIiwiYWlvIjoiRGYyVVZYTDFpeCFsTUNXTVNPSkJjRmF0emNHZnZGR2hqS3Y4cTVnMHg3MzJkUjVNQjVCaXN2R1FPN1lXQnlqZDhpUURMcSFlR2JJRGFreXA1bW5PcmNkcUhlWVNubHRlcFFtUnA2QUlaOGpZIn0.1AFWW-Ck5nROwSlltm7GzZvDwUkqvhSQpm55TQsmVo9Y59cLhRXpvB8n-55HCr9Z6G_31_UbeUkoz612I2j_Sm9FFShSDDjoaLQr54CreGIJvjtmS3EkK9a7SJBbcpL1MpUtlfygow39tFjY7EVNW9plWUvRrTgVk7lYLprvfzw-CIqw3gHC-T7IK_m_xkr08INERBtaecwhTeN4chPC4W3jdmw_lIxzC48YoQ0dB1L9-ImX98Egypfrlbm0IBL5spFzL6JDZIRRJOu8vecJvj1mq-IUhGt0MacxX8jdxYLP-KUu2d9MbNKpCKJuZ7p8gwTL5B7NlUdh_dmSviPWrw"
+ },
+ "output": {
+ "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ "tokenType": "Bearer",
+ "expiresIn": 1579729529,
+ "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
+ "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
+ "scope": [
+ "openid",
+ "aws",
+ "sts:identity_context"
+ ]
+ }
+ },
+ {
+ "title": "Call OAuth/OIDC /token endpoint for Token Exchange grant with IAM authentication",
+ "documentation": "",
+ "input": {
+ "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ "grantType": "urn:ietf:params:oauth:grant-type:token-exchange",
+ "subjectToken": "aoak-Hig8TUDPNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZDIFFERENTACCESSTOKEN",
+ "subjectTokenType": "urn:ietf:params:oauth:token-type:access_token",
+ "requestedTokenType": "urn:ietf:params:oauth:token-type:access_token"
+ },
+ "output": {
+ "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ "tokenType": "Bearer",
+ "expiresIn": 1579729529,
+ "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.5SYiW1kMsuUr7nna-l5tlakM0GNbMHvIM2_n0QD23jM",
+ "issuedTokenType": "urn:ietf:params:oauth:token-type:access_token",
+ "scope": [
+ "openid",
+ "aws",
+ "sts:identity_context"
+ ]
+ }
}
],
"smithy.api#http": {
@@ -1355,6 +1455,12 @@
"traits": {
"smithy.api#documentation": "Used only when calling this API for the Token Exchange grant type. This value specifies\n the type of token that the requester can receive. The following values are supported:
\n * Access Token - urn:ietf:params:oauth:token-type:access_token\n
\n * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token\n
"
}
+ },
+ "codeVerifier": {
+ "target": "com.amazonaws.ssooidc#CodeVerifier",
+ "traits": {
+ "smithy.api#documentation": "Used only when calling this API for the Authorization Code grant type. This value is generated\n by the client and presented to validate the original code challenge value the client passed at\n authorization time.
"
+ }
}
},
"traits": {
@@ -1367,7 +1473,7 @@
"accessToken": {
"target": "com.amazonaws.ssooidc#AccessToken",
"traits": {
- "smithy.api#documentation": "A bearer token to access AWS accounts and applications assigned to a user.
"
+ "smithy.api#documentation": "A bearer token to access Amazon Web Services accounts and applications assigned to a user.
"
}
},
"tokenType": {
@@ -1452,6 +1558,12 @@
"com.amazonaws.ssooidc#GrantType": {
"type": "string"
},
+ "com.amazonaws.ssooidc#GrantTypes": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.ssooidc#GrantType"
+ }
+ },
"com.amazonaws.ssooidc#IdToken": {
"type": "string",
"traits": {
@@ -1552,6 +1664,28 @@
"smithy.api#httpError": 400
}
},
+ "com.amazonaws.ssooidc#InvalidRedirectUriException": {
+ "type": "structure",
+ "members": {
+ "error": {
+ "target": "com.amazonaws.ssooidc#Error",
+ "traits": {
+ "smithy.api#documentation": "Single error code.\n For this exception the value will be invalid_redirect_uri.
"
+ }
+ },
+ "error_description": {
+ "target": "com.amazonaws.ssooidc#ErrorDescription",
+ "traits": {
+ "smithy.api#documentation": "Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.
"
+ }
+ }
+ },
+ "traits": {
+ "smithy.api#documentation": "Indicates that one or more redirect URI in the request is not supported for this operation.
",
+ "smithy.api#error": "client",
+ "smithy.api#httpError": 400
+ }
+ },
"com.amazonaws.ssooidc#InvalidRequestException": {
"type": "structure",
"members": {
@@ -1639,6 +1773,12 @@
"smithy.api#default": 0
}
},
+ "com.amazonaws.ssooidc#RedirectUris": {
+ "type": "list",
+ "member": {
+ "target": "com.amazonaws.ssooidc#URI"
+ }
+ },
"com.amazonaws.ssooidc#RefreshToken": {
"type": "string",
"traits": {
@@ -1663,11 +1803,17 @@
{
"target": "com.amazonaws.ssooidc#InvalidClientMetadataException"
},
+ {
+ "target": "com.amazonaws.ssooidc#InvalidRedirectUriException"
+ },
{
"target": "com.amazonaws.ssooidc#InvalidRequestException"
},
{
"target": "com.amazonaws.ssooidc#InvalidScopeException"
+ },
+ {
+ "target": "com.amazonaws.ssooidc#UnsupportedGrantTypeException"
}
],
"traits": {
@@ -1683,7 +1829,16 @@
"scopes": [
"sso:account:access",
"codewhisperer:completions"
- ]
+ ],
+ "redirectUris": [
+ "127.0.0.1:PORT/oauth/callback"
+ ],
+ "grantTypes": [
+ "authorization_code",
+ "refresh_token"
+ ],
+ "issuerUrl": "https://identitycenter.amazonaws.com/ssoins-1111111111111111",
+ "entitledApplicationArn": "arn:aws:sso::ACCOUNTID:application/ssoins-1111111111111111/apl-1111111111111111"
},
"output": {
"clientId": "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
@@ -1723,6 +1878,30 @@
"traits": {
"smithy.api#documentation": "The list of scopes that are defined by the client. Upon authorization, this list is used\n to restrict permissions when granting an access token.
"
}
+ },
+ "redirectUris": {
+ "target": "com.amazonaws.ssooidc#RedirectUris",
+ "traits": {
+ "smithy.api#documentation": "The list of redirect URI that are defined by the client. At completion of authorization,\n this list is used to restrict what locations the user agent can be redirected back to.
"
+ }
+ },
+ "grantTypes": {
+ "target": "com.amazonaws.ssooidc#GrantTypes",
+ "traits": {
+ "smithy.api#documentation": "The list of OAuth 2.0 grant types that are defined by the client. This list is used to\n restrict the token granting flows available to the client.
"
+ }
+ },
+ "issuerUrl": {
+ "target": "com.amazonaws.ssooidc#URI",
+ "traits": {
+ "smithy.api#documentation": "The IAM Identity Center Issuer URL associated with an instance of IAM Identity Center. This value is needed for user access to resources through the client.
"
+ }
+ },
+ "entitledApplicationArn": {
+ "target": "com.amazonaws.ssooidc#ArnType",
+ "traits": {
+ "smithy.api#documentation": "This IAM Identity Center application ARN is used to define administrator-managed configuration for public client access to resources. At\n authorization, the scopes, grants, and redirect URI available to this client will be restricted by this application resource.
"
+ }
}
},
"traits": {