diff --git a/CHANGELOG.md b/CHANGELOG.md index 63ad040518f..d80a5302b22 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +Release v1.53.1 (2024-05-13) +=== + +### Service Client Updates +* `service/eventbridge`: Updates service API and documentation +* `service/vpc-lattice`: Updates service API and documentation + Release v1.53.0 (2024-05-10) === diff --git a/aws/endpoints/defaults.go b/aws/endpoints/defaults.go index 356c17b0a59..0fdd67b459c 100644 --- a/aws/endpoints/defaults.go +++ b/aws/endpoints/defaults.go @@ -1060,6 +1060,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, diff --git a/aws/version.go b/aws/version.go index 7cbd0a0b4d3..9150247556f 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.53.0" +const SDKVersion = "1.53.1" diff --git a/models/apis/eventbridge/2015-10-07/api-2.json b/models/apis/eventbridge/2015-10-07/api-2.json index 22bbd77b633..c192c8b7feb 100644 --- a/models/apis/eventbridge/2015-10-07/api-2.json +++ b/models/apis/eventbridge/2015-10-07/api-2.json @@ -5,6 +5,7 @@ "endpointPrefix":"events", "jsonVersion":"1.1", "protocol":"json", + "protocols":["json"], "serviceFullName":"Amazon EventBridge", "serviceId":"EventBridge", "signatureVersion":"v4", @@ -793,6 +794,21 @@ {"shape":"ConcurrentModificationException"}, {"shape":"InternalException"} ] + }, + "UpdateEventBus":{ + "name":"UpdateEventBus", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"UpdateEventBusRequest"}, + "output":{"shape":"UpdateEventBusResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalException"}, + {"shape":"ConcurrentModificationException"}, + {"shape":"OperationDisabledException"} + ] } }, "shapes":{ @@ -1367,13 +1383,19 @@ "members":{ "Name":{"shape":"EventBusName"}, "EventSourceName":{"shape":"EventSourceName"}, + "Description":{"shape":"EventBusDescription"}, + "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"}, + "DeadLetterConfig":{"shape":"DeadLetterConfig"}, "Tags":{"shape":"TagList"} } }, "CreateEventBusResponse":{ "type":"structure", "members":{ - "EventBusArn":{"shape":"String"} + "EventBusArn":{"shape":"String"}, + "Description":{"shape":"EventBusDescription"}, + "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"}, + "DeadLetterConfig":{"shape":"DeadLetterConfig"} } }, "CreatePartnerEventSourceRequest":{ @@ -1623,7 +1645,12 @@ "members":{ "Name":{"shape":"String"}, "Arn":{"shape":"String"}, - "Policy":{"shape":"String"} + "Description":{"shape":"EventBusDescription"}, + "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"}, + "DeadLetterConfig":{"shape":"DeadLetterConfig"}, + "Policy":{"shape":"String"}, + "CreationTime":{"shape":"Timestamp"}, + "LastModifiedTime":{"shape":"Timestamp"} } }, "DescribeEventSourceRequest":{ @@ -1830,9 +1857,16 @@ "members":{ "Name":{"shape":"String"}, "Arn":{"shape":"String"}, - "Policy":{"shape":"String"} + "Description":{"shape":"EventBusDescription"}, + "Policy":{"shape":"String"}, + "CreationTime":{"shape":"Timestamp"}, + "LastModifiedTime":{"shape":"Timestamp"} } }, + "EventBusDescription":{ + "type":"string", + "max":512 + }, "EventBusList":{ "type":"list", "member":{"shape":"EventBus"} @@ -2018,6 +2052,10 @@ "PartitionKeyPath":{"shape":"TargetPartitionKeyPath"} } }, + "KmsKeyIdentifier":{ + "type":"string", + "max":2048 + }, "LaunchType":{ "type":"string", "enum":[ @@ -3257,6 +3295,25 @@ "EndpointUrl":{"shape":"EndpointUrl"}, "State":{"shape":"EndpointState"} } + }, + "UpdateEventBusRequest":{ + "type":"structure", + "members":{ + "Name":{"shape":"EventBusName"}, + "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"}, + "Description":{"shape":"EventBusDescription"}, + "DeadLetterConfig":{"shape":"DeadLetterConfig"} + } + }, + "UpdateEventBusResponse":{ + "type":"structure", + "members":{ + "Arn":{"shape":"String"}, + "Name":{"shape":"EventBusName"}, + "KmsKeyIdentifier":{"shape":"KmsKeyIdentifier"}, + "Description":{"shape":"EventBusDescription"}, + "DeadLetterConfig":{"shape":"DeadLetterConfig"} + } } } } diff --git a/models/apis/eventbridge/2015-10-07/docs-2.json b/models/apis/eventbridge/2015-10-07/docs-2.json index 6cfc10fea38..a7b45858816 100644 --- a/models/apis/eventbridge/2015-10-07/docs-2.json +++ b/models/apis/eventbridge/2015-10-07/docs-2.json @@ -5,7 +5,7 @@ "ActivateEventSource": "

Activates a partner event source that has been deactivated. Once activated, your matching event bus will start receiving events from the event source.

", "CancelReplay": "

Cancels the specified replay.

", "CreateApiDestination": "

Creates an API destination, which is an HTTP invocation endpoint configured as a target for events.

API destinations do not support private destinations, such as interface VPC endpoints.

For more information, see API destinations in the EventBridge User Guide.

", - "CreateArchive": "

Creates an archive of events with the specified settings. When you create an archive, incoming events might not immediately start being sent to the archive. Allow a short period of time for changes to take effect. If you do not specify a pattern to filter events sent to the archive, all events are sent to the archive except replayed events. Replayed events are not sent to an archive.

", + "CreateArchive": "

Creates an archive of events with the specified settings. When you create an archive, incoming events might not immediately start being sent to the archive. Allow a short period of time for changes to take effect. If you do not specify a pattern to filter events sent to the archive, all events are sent to the archive except replayed events. Replayed events are not sent to an archive.

Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:

To enable archives or schema discovery on an event bus, choose to use an Amazon Web Services owned key. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide.

", "CreateConnection": "

Creates a connection. A connection defines the authorization type and credentials to use for authorization with an API destination HTTP endpoint.

", "CreateEndpoint": "

Creates a global endpoint. Global endpoints improve your application's availability by making it regional-fault tolerant. To do this, you define a primary and secondary Region with event buses in each Region. You also create a Amazon Route 53 health check that will tell EventBridge to route events to the secondary Region when an \"unhealthy\" state is encountered and events will be routed back to the primary Region when the health check reports a \"healthy\" state.

", "CreateEventBus": "

Creates a new event bus within your account. This can be a custom event bus which you can use to receive events from your custom applications and services, or it can be a partner event bus which can be matched to a partner event source.

", @@ -15,14 +15,14 @@ "DeleteApiDestination": "

Deletes the specified API destination.

", "DeleteArchive": "

Deletes the specified archive.

", "DeleteConnection": "

Deletes a connection.

", - "DeleteEndpoint": "

Delete an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.

", + "DeleteEndpoint": "

Delete an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide .

", "DeleteEventBus": "

Deletes the specified custom event bus or partner event bus. All rules associated with this event bus need to be deleted. You can't delete your account's default event bus.

", "DeletePartnerEventSource": "

This operation is used by SaaS partners to delete a partner event source. This operation is not used by Amazon Web Services customers.

When you delete an event source, the status of the corresponding partner event bus in the Amazon Web Services customer account becomes DELETED.

", "DeleteRule": "

Deletes the specified rule.

Before you can delete the rule, you must remove all targets, using RemoveTargets.

When you delete a rule, incoming events might continue to match to the deleted rule. Allow a short period of time for changes to take effect.

If you call delete rule multiple times for the same rule, all calls will succeed. When you call delete rule for a non-existent custom eventbus, ResourceNotFoundException is returned.

Managed rules are rules created and managed by another Amazon Web Services service on your behalf. These rules are created by those other Amazon Web Services services to support functionality in those services. You can delete these rules using the Force option, but you should do so only if you are sure the other service is not still using that rule.

", "DescribeApiDestination": "

Retrieves details about an API destination.

", "DescribeArchive": "

Retrieves details about an archive.

", "DescribeConnection": "

Retrieves details about a connection.

", - "DescribeEndpoint": "

Get the information about an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.

", + "DescribeEndpoint": "

Get the information about an existing global endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide .

", "DescribeEventBus": "

Displays details about an event bus in your account. This can include the external Amazon Web Services accounts that are permitted to write events to your default event bus, and the associated policy. For custom event buses and partner event buses, it displays the name, ARN, policy, state, and creation time.

To enable your account to receive events from other accounts on its default event bus, use PutPermission.

For more information about partner event buses, see CreateEventBus.

", "DescribeEventSource": "

This operation lists details about a partner event source that is shared with your account.

", "DescribePartnerEventSource": "

An SaaS partner can use this operation to list details about a partner event source that they have created. Amazon Web Services customers do not use this operation. Instead, Amazon Web Services customers can use DescribeEventSource to see details about a partner event source that is shared with them.

", @@ -33,7 +33,7 @@ "ListApiDestinations": "

Retrieves a list of API destination in the account in the current Region.

", "ListArchives": "

Lists your archives. You can either list all the archives or you can provide a prefix to match to the archive names. Filter parameters are exclusive.

", "ListConnections": "

Retrieves a list of connections from the account.

", - "ListEndpoints": "

List the global endpoints associated with this account. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.

", + "ListEndpoints": "

List the global endpoints associated with this account. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide .

", "ListEventBuses": "

Lists all the event buses in your account, including the default event bus, custom event buses, and partner event buses.

", "ListEventSources": "

You can use this to see all the partner event sources that have been shared with your Amazon Web Services account. For more information about partner event sources, see CreateEventBus.

", "ListPartnerEventSourceAccounts": "

An SaaS partner can use this operation to display the Amazon Web Services account ID that a particular partner event source name is associated with. This operation is not used by Amazon Web Services customers.

", @@ -43,11 +43,11 @@ "ListRules": "

Lists your Amazon EventBridge rules. You can either list all the rules or you can provide a prefix to match to the rule names.

The maximum number of results per page for requests is 100.

ListRules does not list the targets of a rule. To see the targets associated with a rule, use ListTargetsByRule.

", "ListTagsForResource": "

Displays the tags associated with an EventBridge resource. In EventBridge, rules and event buses can be tagged.

", "ListTargetsByRule": "

Lists the targets assigned to the specified rule.

The maximum number of results per page for requests is 100.

", - "PutEvents": "

Sends custom events to Amazon EventBridge so that they can be matched to rules.

The maximum size for a PutEvents event entry is 256 KB. Entry size is calculated including the event and any necessary characters and keys of the JSON representation of the event. To learn more, see Calculating PutEvents event entry size in the Amazon EventBridge User Guide

PutEvents accepts the data in JSON format. For the JSON number (integer) data type, the constraints are: a minimum value of -9,223,372,036,854,775,808 and a maximum value of 9,223,372,036,854,775,807.

PutEvents will only process nested JSON up to 1100 levels deep.

", + "PutEvents": "

Sends custom events to Amazon EventBridge so that they can be matched to rules.

The maximum size for a PutEvents event entry is 256 KB. Entry size is calculated including the event and any necessary characters and keys of the JSON representation of the event. To learn more, see Calculating PutEvents event entry size in the Amazon EventBridge User Guide

PutEvents accepts the data in JSON format. For the JSON number (integer) data type, the constraints are: a minimum value of -9,223,372,036,854,775,808 and a maximum value of 9,223,372,036,854,775,807.

PutEvents will only process nested JSON up to 1100 levels deep.

", "PutPartnerEvents": "

This is used by SaaS partners to write events to a customer's partner event bus. Amazon Web Services customers do not use this operation.

For information on calculating event batch size, see Calculating EventBridge PutEvents event entry size in the EventBridge User Guide.

", "PutPermission": "

Running PutPermission permits the specified Amazon Web Services account or Amazon Web Services organization to put events to the specified event bus. Amazon EventBridge (CloudWatch Events) rules in your account are triggered by these events arriving to an event bus in your account.

For another account to send events to your account, that external account must have an EventBridge rule with your account's event bus as a target.

To enable multiple Amazon Web Services accounts to put events to your event bus, run PutPermission once for each of these accounts. Or, if all the accounts are members of the same Amazon Web Services organization, you can run PutPermission once specifying Principal as \"*\" and specifying the Amazon Web Services organization ID in Condition, to grant permissions to all accounts in that organization.

If you grant permissions using an organization, then accounts in that organization must specify a RoleArn with proper permissions when they use PutTarget to add your account's event bus as a target. For more information, see Sending and Receiving Events Between Amazon Web Services Accounts in the Amazon EventBridge User Guide.

The permission policy on the event bus cannot exceed 10 KB in size.

", "PutRule": "

Creates or updates the specified rule. Rules are enabled by default, or based on value of the state. You can disable a rule using DisableRule.

A single rule watches for events from a single event bus. Events generated by Amazon Web Services services go to your account's default event bus. Events generated by SaaS partner services or applications go to the matching partner event bus. If you have custom applications or services, you can specify whether their events go to your default event bus or a custom event bus that you have created. For more information, see CreateEventBus.

If you are updating an existing rule, the rule is replaced with what you specify in this PutRule command. If you omit arguments in PutRule, the old values for those arguments are not kept. Instead, they are replaced with null values.

When you create or update a rule, incoming events might not immediately start matching to new or updated rules. Allow a short period of time for changes to take effect.

A rule must contain at least an EventPattern or ScheduleExpression. Rules with EventPatterns are triggered when a matching event is observed. Rules with ScheduleExpressions self-trigger based on the given schedule. A rule can have both an EventPattern and a ScheduleExpression, in which case the rule triggers on matching events as well as on a schedule.

When you initially create a rule, you can optionally assign one or more tags to the rule. Tags can help you organize and categorize your resources. You can also use them to scope user permissions, by granting a user permission to access or change only rules with certain tag values. To use the PutRule operation and assign tags, you must have both the events:PutRule and events:TagResource permissions.

If you are updating an existing rule, any tags you specify in the PutRule operation are ignored. To update the tags of an existing rule, use TagResource and UntagResource.

Most services in Amazon Web Services treat : or / as the same character in Amazon Resource Names (ARNs). However, EventBridge uses an exact match in event patterns and rules. Be sure to use the correct ARN characters when creating event patterns so that they match the ARN syntax in the event you want to match.

In EventBridge, it is possible to create rules that lead to infinite loops, where a rule is fired repeatedly. For example, a rule might detect that ACLs have changed on an S3 bucket, and trigger software to change them to the desired state. If the rule is not written carefully, the subsequent change to the ACLs fires the rule again, creating an infinite loop.

To prevent this, write the rules so that the triggered actions do not re-fire the same rule. For example, your rule could fire only if ACLs are found to be in a bad state, instead of after any change.

An infinite loop can quickly cause higher than expected charges. We recommend that you use budgeting, which alerts you when charges exceed your specified limit. For more information, see Managing Your Costs with Budgets.

", - "PutTargets": "

Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.

Targets are the resources that are invoked when a rule is triggered.

The maximum number of entries per request is 10.

Each rule can have up to five (5) targets associated with it at one time.

For a list of services you can configure as targets for events, see EventBridge targets in the Amazon EventBridge User Guide.

Creating rules with built-in targets is supported only in the Amazon Web Services Management Console. The built-in targets are:

For some target types, PutTargets provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the KinesisParameters argument. To invoke a command on multiple EC2 instances with one rule, you can use the RunCommandParameters field.

To be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:

For more information, see Authentication and Access Control in the Amazon EventBridge User Guide.

If another Amazon Web Services account is in the same region and has granted you permission (using PutPermission), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the Arn value when you run PutTargets. If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see Amazon EventBridge Pricing.

Input, InputPath, and InputTransformer are not available with PutTarget if the target is an event bus of a different Amazon Web Services account.

If you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a RoleArn with proper permissions in the Target structure. For more information, see Sending and Receiving Events Between Amazon Web Services Accounts in the Amazon EventBridge User Guide.

If you have an IAM role on a cross-account event bus target, a PutTargets call without a role on the same target (same Id and Arn) will not remove the role.

For more information about enabling cross-account events, see PutPermission.

Input, InputPath, and InputTransformer are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:

When you specify InputPath or InputTransformer, you must use JSON dot notation, not bracket notation.

When you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.

This action can partially fail if too many requests are made at the same time. If that happens, FailedEntryCount is non-zero in the response and each entry in FailedEntries provides the ID of the failed target and the error code.

", + "PutTargets": "

Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.

Targets are the resources that are invoked when a rule is triggered.

The maximum number of entries per request is 10.

Each rule can have up to five (5) targets associated with it at one time.

For a list of services you can configure as targets for events, see EventBridge targets in the Amazon EventBridge User Guide .

Creating rules with built-in targets is supported only in the Amazon Web Services Management Console. The built-in targets are:

For some target types, PutTargets provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the KinesisParameters argument. To invoke a command on multiple EC2 instances with one rule, you can use the RunCommandParameters field.

To be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:

For more information, see Authentication and Access Control in the Amazon EventBridge User Guide .

If another Amazon Web Services account is in the same region and has granted you permission (using PutPermission), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the Arn value when you run PutTargets. If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see Amazon EventBridge Pricing.

Input, InputPath, and InputTransformer are not available with PutTarget if the target is an event bus of a different Amazon Web Services account.

If you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a RoleArn with proper permissions in the Target structure. For more information, see Sending and Receiving Events Between Amazon Web Services Accounts in the Amazon EventBridge User Guide.

If you have an IAM role on a cross-account event bus target, a PutTargets call without a role on the same target (same Id and Arn) will not remove the role.

For more information about enabling cross-account events, see PutPermission.

Input, InputPath, and InputTransformer are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:

When you specify InputPath or InputTransformer, you must use JSON dot notation, not bracket notation.

When you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.

This action can partially fail if too many requests are made at the same time. If that happens, FailedEntryCount is non-zero in the response and each entry in FailedEntries provides the ID of the failed target and the error code.

", "RemovePermission": "

Revokes the permission of another Amazon Web Services account to be able to put events to the specified event bus. Specify the account to revoke by the StatementId value that you associated with the account when you granted it permission with PutPermission. You can find the StatementId by using DescribeEventBus.

", "RemoveTargets": "

Removes the specified targets from the specified rule. When the rule is triggered, those targets are no longer be invoked.

A successful execution of RemoveTargets doesn't guarantee all targets are removed from the rule, it means that the target(s) listed in the request are removed.

When you remove a target, when the associated rule triggers, removed targets might continue to be invoked. Allow a short period of time for changes to take effect.

This action can partially fail if too many requests are made at the same time. If that happens, FailedEntryCount is non-zero in the response and each entry in FailedEntries provides the ID of the failed target and the error code.

The maximum number of entries per request is 10.

", "StartReplay": "

Starts the specified replay. Events are not necessarily replayed in the exact same order that they were added to the archive. A replay processes events to replay based on the time in the event, and replays them using 1 minute intervals. If you specify an EventStartTime and an EventEndTime that covers a 20 minute time range, the events are replayed from the first minute of that 20 minute range first. Then the events from the second minute are replayed. You can use DescribeReplay to determine the progress of a replay. The value returned for EventLastReplayedTime indicates the time within the specified time range associated with the last event replayed.

", @@ -57,7 +57,8 @@ "UpdateApiDestination": "

Updates an API destination.

", "UpdateArchive": "

Updates the specified archive.

", "UpdateConnection": "

Updates settings for a connection.

", - "UpdateEndpoint": "

Update an existing endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.

" + "UpdateEndpoint": "

Update an existing endpoint. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide .

", + "UpdateEventBus": "

Updates the specified event bus.

" }, "shapes": { "AccountId": { @@ -628,9 +629,14 @@ } }, "DeadLetterConfig": { - "base": "

A DeadLetterConfig object that contains information about a dead-letter queue configuration.

", + "base": "

Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ).

For more information, see Event retry policy and using dead-letter queues in the EventBridge User Guide.

", "refs": { - "Target$DeadLetterConfig": "

The DeadLetterConfig that defines the target queue to send dead-letter queue events to.

" + "CreateEventBusRequest$DeadLetterConfig": null, + "CreateEventBusResponse$DeadLetterConfig": null, + "DescribeEventBusResponse$DeadLetterConfig": null, + "Target$DeadLetterConfig": "

The DeadLetterConfig that defines the target queue to send dead-letter queue events to.

", + "UpdateEventBusRequest$DeadLetterConfig": null, + "UpdateEventBusResponse$DeadLetterConfig": null } }, "DeauthorizeConnectionRequest": { @@ -805,7 +811,7 @@ } }, "Endpoint": { - "base": "

A global endpoint used to improve your application's availability by making it regional-fault tolerant. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide.

", + "base": "

A global endpoint used to improve your application's availability by making it regional-fault tolerant. For more information about global endpoints, see Making applications Regional-fault tolerant with global endpoints and event replication in the Amazon EventBridge User Guide .

", "refs": { "EndpointList$member": null } @@ -922,6 +928,17 @@ "EventBusList$member": null } }, + "EventBusDescription": { + "base": null, + "refs": { + "CreateEventBusRequest$Description": "

The event bus description.

", + "CreateEventBusResponse$Description": "

The event bus description.

", + "DescribeEventBusResponse$Description": "

The event bus description.

", + "EventBus$Description": "

The event bus description.

", + "UpdateEventBusRequest$Description": "

The event bus description.

", + "UpdateEventBusResponse$Description": "

The event bus description.

" + } + }, "EventBusList": { "base": null, "refs": { @@ -935,7 +952,9 @@ "DeleteEventBusRequest$Name": "

The name of the event bus to delete.

", "DescribeRuleResponse$EventBusName": "

The name of the event bus associated with the rule.

", "ListEventBusesRequest$NamePrefix": "

Specifying this limits the results to only those event buses with names that start with the specified prefix.

", - "Rule$EventBusName": "

The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.

" + "Rule$EventBusName": "

The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.

", + "UpdateEventBusRequest$Name": "

The name of the event bus.

", + "UpdateEventBusResponse$Name": "

The event bus name.

" } }, "EventBusNameOrArn": { @@ -966,10 +985,10 @@ "refs": { "CreateArchiveRequest$EventPattern": "

An event pattern to use to filter events sent to the archive.

", "DescribeArchiveResponse$EventPattern": "

The event pattern used to filter events sent to the archive.

", - "DescribeRuleResponse$EventPattern": "

The event pattern. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide.

", - "PutRuleRequest$EventPattern": "

The event pattern. For more information, see Amazon EventBridge event patterns in the Amazon EventBridge User Guide.

", - "Rule$EventPattern": "

The event pattern of the rule. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide.

", - "TestEventPatternRequest$EventPattern": "

The event pattern. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide.

", + "DescribeRuleResponse$EventPattern": "

The event pattern. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide .

", + "PutRuleRequest$EventPattern": "

The event pattern. For more information, see Amazon EventBridge event patterns in the Amazon EventBridge User Guide .

", + "Rule$EventPattern": "

The event pattern of the rule. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide .

", + "TestEventPatternRequest$EventPattern": "

The event pattern. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide .

", "UpdateArchiveRequest$EventPattern": "

The event pattern to use to filter events sent to the archive.

" } }, @@ -1161,6 +1180,16 @@ "Target$KinesisParameters": "

The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the eventId as the partition key.

" } }, + "KmsKeyIdentifier": { + "base": null, + "refs": { + "CreateEventBusRequest$KmsKeyIdentifier": "

The identifier of the KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.

If you do not specify a customer managed key identifier, EventBridge uses an Amazon Web Services owned key to encrypt events on the event bus.

For more information, see Managing keys in the Key Management Service Developer Guide.

Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:

To enable archives or schema discovery on an event bus, choose to use an Amazon Web Services owned key. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide.

", + "CreateEventBusResponse$KmsKeyIdentifier": "

The identifier of the KMS customer managed key for EventBridge to use to encrypt events on this event bus, if one has been specified.

For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide.

", + "DescribeEventBusResponse$KmsKeyIdentifier": "

The identifier of the KMS customer managed key for EventBridge to use to encrypt events on this event bus, if one has been specified.

For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide.

", + "UpdateEventBusRequest$KmsKeyIdentifier": "

The identifier of the KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.

If you do not specify a customer managed key identifier, EventBridge uses an Amazon Web Services owned key to encrypt events on the event bus.

For more information, see Managing keys in the Key Management Service Developer Guide.

Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:

To enable archives or schema discovery on an event bus, choose to use an Amazon Web Services owned key. For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide.

", + "UpdateEventBusResponse$KmsKeyIdentifier": "

The identifier of the KMS customer managed key for EventBridge to use to encrypt events on this event bus, if one has been specified.

For more information, see Data encryption in EventBridge in the Amazon EventBridge User Guide.

" + } + }, "LaunchType": { "base": null, "refs": { @@ -1910,8 +1939,8 @@ "base": null, "refs": { "DescribeRuleResponse$State": "

Specifies whether the rule is enabled or disabled.

", - "PutRuleRequest$State": "

Indicates whether the rule is enabled or disabled.

", - "Rule$State": "

The state of the rule.

" + "PutRuleRequest$State": "

The state of the rule.

Valid values include:

", + "Rule$State": "

The state of the rule.

Valid values include:

" } }, "RunCommandParameters": { @@ -2084,7 +2113,8 @@ "PutPartnerEventsRequestEntry$Detail": "

A valid JSON string. There is no other schema imposed. The JSON string may contain fields and nested sub-objects.

Detail, DetailType, and Source are required for EventBridge to successfully send an event to an event bus. If you include event entries in a request that do not include each of those properties, EventBridge fails that entry. If you submit a request in which none of the entries have each of these properties, EventBridge fails the entire request.

", "PutPermissionRequest$Policy": "

A JSON string that describes the permission policy statement. You can include a Policy parameter in the request instead of using the StatementId, Action, Principal, or Condition parameters.

", "StringList$member": null, - "TestEventPatternRequest$Event": "

The event, in JSON format, to test against the event pattern. The JSON must follow the format specified in Amazon Web Services Events, and the following fields are mandatory:

" + "TestEventPatternRequest$Event": "

The event, in JSON format, to test against the event pattern. The JSON must follow the format specified in Amazon Web Services Events, and the following fields are mandatory:

", + "UpdateEventBusResponse$Arn": "

The event bus Amazon Resource Name (ARN).

" } }, "StringList": { @@ -2231,6 +2261,8 @@ "DescribeConnectionResponse$LastAuthorizedTime": "

A time stamp for the time that the connection was last authorized.

", "DescribeEndpointResponse$CreationTime": "

The time the endpoint you asked for information about was created.

", "DescribeEndpointResponse$LastModifiedTime": "

The last time the endpoint you asked for information about was modified.

", + "DescribeEventBusResponse$CreationTime": "

The time the event bus was created.

", + "DescribeEventBusResponse$LastModifiedTime": "

The time the event bus was last modified.

", "DescribeEventSourceResponse$CreationTime": "

The date and time that the event source was created.

", "DescribeEventSourceResponse$ExpirationTime": "

The date and time that the event source will expire if you do not create a matching event bus.

", "DescribeReplayResponse$EventStartTime": "

The time stamp of the first event that was last replayed from the archive.

", @@ -2240,6 +2272,8 @@ "DescribeReplayResponse$ReplayEndTime": "

A time stamp for the time that the replay stopped.

", "Endpoint$CreationTime": "

The time the endpoint was created.

", "Endpoint$LastModifiedTime": "

The last time the endpoint was modified.

", + "EventBus$CreationTime": "

The time the event bus was created.

", + "EventBus$LastModifiedTime": "

The time the event bus was last modified.

", "EventSource$CreationTime": "

The date and time the event source was created.

", "EventSource$ExpirationTime": "

The date and time that the event source will expire, if the Amazon Web Services account doesn't create a matching event bus for it.

", "PartnerEventSourceAccount$CreationTime": "

The date and time the event source was created.

", @@ -2357,6 +2391,16 @@ "base": null, "refs": { } + }, + "UpdateEventBusRequest": { + "base": null, + "refs": { + } + }, + "UpdateEventBusResponse": { + "base": null, + "refs": { + } } } } diff --git a/models/apis/vpc-lattice/2022-11-30/api-2.json b/models/apis/vpc-lattice/2022-11-30/api-2.json index 40c00f3fa65..54ee74ea581 100644 --- a/models/apis/vpc-lattice/2022-11-30/api-2.json +++ b/models/apis/vpc-lattice/2022-11-30/api-2.json @@ -2360,7 +2360,8 @@ "type":"string", "enum":[ "HTTP", - "HTTPS" + "HTTPS", + "TLS_PASSTHROUGH" ] }, "ListenerSummary":{ @@ -2985,7 +2986,8 @@ "type":"string", "enum":[ "HTTP", - "HTTPS" + "HTTPS", + "TCP" ] }, "TargetGroupProtocolVersion":{ @@ -3395,7 +3397,7 @@ "WeightedTargetGroupList":{ "type":"list", "member":{"shape":"WeightedTargetGroup"}, - "max":2, + "max":10, "min":1 } } diff --git a/models/apis/vpc-lattice/2022-11-30/docs-2.json b/models/apis/vpc-lattice/2022-11-30/docs-2.json index b1cd11b5e4f..b2824807fe0 100644 --- a/models/apis/vpc-lattice/2022-11-30/docs-2.json +++ b/models/apis/vpc-lattice/2022-11-30/docs-2.json @@ -2,30 +2,30 @@ "version": "2.0", "service": "

Amazon VPC Lattice is a fully managed application networking service that you use to connect, secure, and monitor all of your services across multiple accounts and virtual private clouds (VPCs). Amazon VPC Lattice interconnects your microservices and legacy services within a logical boundary, so that you can discover and manage them more efficiently. For more information, see the Amazon VPC Lattice User Guide

", "operations": { - "BatchUpdateRule": "

Updates the listener rules in a batch. You can use this operation to change the priority of listener rules. This can be useful when bulk updating or swapping rule priority.

", - "CreateAccessLogSubscription": "

Enables access logs to be sent to Amazon CloudWatch, Amazon S3, and Amazon Kinesis Data Firehose. The service network owner can use the access logs to audit the services in the network. The service network owner will only see access logs from clients and services that are associated with their service network. Access log entries represent traffic originated from VPCs associated with that network. For more information, see Access logs in the Amazon VPC Lattice User Guide.

", + "BatchUpdateRule": "

Updates the listener rules in a batch. You can use this operation to change the priority of listener rules. This can be useful when bulk updating or swapping rule priority.

Required permissions: vpc-lattice:UpdateRule

For more information, see How Amazon VPC Lattice works with IAM in the Amazon VPC Lattice User Guide.

", + "CreateAccessLogSubscription": "

Enables access logs to be sent to Amazon CloudWatch, Amazon S3, and Amazon Kinesis Data Firehose. The service network owner can use the access logs to audit the services in the network. The service network owner can only see access logs from clients and services that are associated with their service network. Access log entries represent traffic originated from VPCs associated with that network. For more information, see Access logs in the Amazon VPC Lattice User Guide.

", "CreateListener": "

Creates a listener for a service. Before you start using your Amazon VPC Lattice service, you must add one or more listeners. A listener is a process that checks for connection requests to your services. For more information, see Listeners in the Amazon VPC Lattice User Guide.

", "CreateRule": "

Creates a listener rule. Each listener has a default rule for checking connection requests, but you can define additional rules. Each rule consists of a priority, one or more actions, and one or more conditions. For more information, see Listener rules in the Amazon VPC Lattice User Guide.

", "CreateService": "

Creates a service. A service is any software application that can run on instances containers, or serverless functions within an account or virtual private cloud (VPC).

For more information, see Services in the Amazon VPC Lattice User Guide.

", "CreateServiceNetwork": "

Creates a service network. A service network is a logical boundary for a collection of services. You can associate services and VPCs with a service network.

For more information, see Service networks in the Amazon VPC Lattice User Guide.

", - "CreateServiceNetworkServiceAssociation": "

Associates a service with a service network.

You can't use this operation if the service and service network are already associated or if there is a disassociation or deletion in progress. If the association fails, you can retry the operation by deleting the association and recreating it.

You cannot associate a service and service network that are shared with a caller. The caller must own either the service or the service network.

As a result of this operation, the association is created in the service network account and the association owner account.

", - "CreateServiceNetworkVpcAssociation": "

Associates a VPC with a service network. When you associate a VPC with the service network, it enables all the resources within that VPC to be clients and communicate with other services in the service network. For more information, see Manage VPC associations in the Amazon VPC Lattice User Guide.

You can't use this operation if there is a disassociation in progress. If the association fails, retry by deleting the association and recreating it.

As a result of this operation, the association gets created in the service network account and the VPC owner account.

Once a security group is added to the VPC association it cannot be removed. You can add or update the security groups being used for the VPC association once a security group is attached. To remove all security groups you must reassociate the VPC.

", + "CreateServiceNetworkServiceAssociation": "

Associates a service with a service network. For more information, see Manage service associations in the Amazon VPC Lattice User Guide.

You can't use this operation if the service and service network are already associated or if there is a disassociation or deletion in progress. If the association fails, you can retry the operation by deleting the association and recreating it.

You cannot associate a service and service network that are shared with a caller. The caller must own either the service or the service network.

As a result of this operation, the association is created in the service network account and the association owner account.

", + "CreateServiceNetworkVpcAssociation": "

Associates a VPC with a service network. When you associate a VPC with the service network, it enables all the resources within that VPC to be clients and communicate with other services in the service network. For more information, see Manage VPC associations in the Amazon VPC Lattice User Guide.

You can't use this operation if there is a disassociation in progress. If the association fails, retry by deleting the association and recreating it.

As a result of this operation, the association gets created in the service network account and the VPC owner account.

If you add a security group to the service network and VPC association, the association must continue to always have at least one security group. You can add or edit security groups at any time. However, to remove all security groups, you must first delete the association and recreate it without security groups.

", "CreateTargetGroup": "

Creates a target group. A target group is a collection of targets, or compute resources, that run your application or service. A target group can only be used by a single service.

For more information, see Target groups in the Amazon VPC Lattice User Guide.

", "DeleteAccessLogSubscription": "

Deletes the specified access log subscription.

", - "DeleteAuthPolicy": "

Deletes the specified auth policy. If an auth is set to Amazon Web Services_IAM and the auth policy is deleted, all requests will be denied by default. If you are trying to remove the auth policy completely, you must set the auth_type to NONE. If auth is enabled on the resource, but no auth policy is set, all requests will be denied.

", + "DeleteAuthPolicy": "

Deletes the specified auth policy. If an auth is set to AWS_IAM and the auth policy is deleted, all requests are denied. If you are trying to remove the auth policy completely, you must set the auth type to NONE. If auth is enabled on the resource, but no auth policy is set, all requests are denied.

", "DeleteListener": "

Deletes the specified listener.

", "DeleteResourcePolicy": "

Deletes the specified resource policy.

", "DeleteRule": "

Deletes a listener rule. Each listener has a default rule for checking connection requests, but you can define additional rules. Each rule consists of a priority, one or more actions, and one or more conditions. You can delete additional listener rules, but you cannot delete the default rule.

For more information, see Listener rules in the Amazon VPC Lattice User Guide.

", "DeleteService": "

Deletes a service. A service can't be deleted if it's associated with a service network. If you delete a service, all resources related to the service, such as the resource policy, auth policy, listeners, listener rules, and access log subscriptions, are also deleted. For more information, see Delete a service in the Amazon VPC Lattice User Guide.

", "DeleteServiceNetwork": "

Deletes a service network. You can only delete the service network if there is no service or VPC associated with it. If you delete a service network, all resources related to the service network, such as the resource policy, auth policy, and access log subscriptions, are also deleted. For more information, see Delete a service network in the Amazon VPC Lattice User Guide.

", - "DeleteServiceNetworkServiceAssociation": "

Deletes the association between a specified service and the specific service network. This request will fail if an association is still in progress.

", + "DeleteServiceNetworkServiceAssociation": "

Deletes the association between a specified service and the specific service network. This operation fails if an association is still in progress.

", "DeleteServiceNetworkVpcAssociation": "

Disassociates the VPC from the service network. You can't disassociate the VPC if there is a create or update association in progress.

", "DeleteTargetGroup": "

Deletes a target group. You can't delete a target group if it is used in a listener rule or if the target group creation is in progress.

", "DeregisterTargets": "

Deregisters the specified targets from the specified target group.

", "GetAccessLogSubscription": "

Retrieves information about the specified access log subscription.

", "GetAuthPolicy": "

Retrieves information about the auth policy for the specified service or service network.

", "GetListener": "

Retrieves information about the specified listener for the specified service.

", - "GetResourcePolicy": "

Retrieves information about the resource policy. The resource policy is an IAM policy created by AWS RAM on behalf of the resource owner when they share a resource.

", + "GetResourcePolicy": "

Retrieves information about the resource policy. The resource policy is an IAM policy created on behalf of the resource owner when they share a resource.

", "GetRule": "

Retrieves information about listener rules. You can also retrieve information about the default listener rule. For more information, see Listener rules in the Amazon VPC Lattice User Guide.

", "GetService": "

Retrieves information about the specified service.

", "GetServiceNetwork": "

Retrieves information about the specified service network.

", @@ -35,14 +35,14 @@ "ListAccessLogSubscriptions": "

Lists all access log subscriptions for the specified service network or service.

", "ListListeners": "

Lists the listeners for the specified service.

", "ListRules": "

Lists the rules for the listener.

", - "ListServiceNetworkServiceAssociations": "

Lists the associations between the service network and the service. You can filter the list either by service or service network. You must provide either the service network identifier or the service identifier.

Every association in Amazon VPC Lattice is given a unique Amazon Resource Name (ARN), such as when a service network is associated with a VPC or when a service is associated with a service network. If the association is for a resource that is shared with another account, the association will include the local account ID as the prefix in the ARN for each account the resource is shared with.

", + "ListServiceNetworkServiceAssociations": "

Lists the associations between the service network and the service. You can filter the list either by service or service network. You must provide either the service network identifier or the service identifier.

Every association in Amazon VPC Lattice is given a unique Amazon Resource Name (ARN), such as when a service network is associated with a VPC or when a service is associated with a service network. If the association is for a resource that is shared with another account, the association includes the local account ID as the prefix in the ARN for each account the resource is shared with.

", "ListServiceNetworkVpcAssociations": "

Lists the service network and VPC associations. You can filter the list either by VPC or service network. You must provide either the service network identifier or the VPC identifier.

", "ListServiceNetworks": "

Lists the service networks owned by the caller account or shared with the caller account. Also includes the account ID in the ARN to show which account owns the service network.

", "ListServices": "

Lists the services owned by the caller account or shared with the caller account.

", "ListTagsForResource": "

Lists the tags for the specified resource.

", "ListTargetGroups": "

Lists your target groups. You can narrow your search by using the filters below in your request.

", - "ListTargets": "

Lists the targets for the target group. By default, all targets are included. You can use this API to check the health status of targets. You can also filter the results by target.

", - "PutAuthPolicy": "

Creates or updates the auth policy.

", + "ListTargets": "

Lists the targets for the target group. By default, all targets are included. You can use this API to check the health status of targets. You can also filter the results by target.

", + "PutAuthPolicy": "

Creates or updates the auth policy. The policy string in JSON must not contain newlines or blank lines.

For more information, see Auth policies in the Amazon VPC Lattice User Guide.

", "PutResourcePolicy": "

Attaches a resource-based permission policy to a service or service network. The policy must contain the same actions and condition statements as the Amazon Web Services Resource Access Manager permission for sharing services and service networks.

", "RegisterTargets": "

Registers the targets with the target group. If it's a Lambda target, you can only have one target in a target group.

", "TagResource": "

Adds the specified tags to the specified resource.

", @@ -52,7 +52,7 @@ "UpdateRule": "

Updates a rule for the listener. You can't modify a default listener rule. To modify a default listener rule, use UpdateListener.

", "UpdateService": "

Updates the specified service.

", "UpdateServiceNetwork": "

Updates the specified service network.

", - "UpdateServiceNetworkVpcAssociation": "

Updates the service network and VPC association. Once you add a security group, it cannot be removed.

", + "UpdateServiceNetworkVpcAssociation": "

Updates the service network and VPC association. If you add a security group to the service network and VPC association, the association must continue to always have at least one security group. You can add or edit security groups at any time. However, to remove all security groups, you must first delete the association and recreate it without security groups.

", "UpdateTargetGroup": "

Updates the specified target group.

" }, "shapes": { @@ -101,7 +101,7 @@ "AccessLogSubscriptionList": { "base": null, "refs": { - "ListAccessLogSubscriptionsResponse$items": "

The access log subscriptions.

" + "ListAccessLogSubscriptionsResponse$items": "

Information about the access log subscriptions.

" } }, "AccessLogSubscriptionSummary": { @@ -133,16 +133,16 @@ "AuthPolicyState": { "base": null, "refs": { - "GetAuthPolicyResponse$state": "

The state of the auth policy. The auth policy is only active when the auth type is set to Amazon Web Services_IAM. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the auth type is NONE, then any auth policy you provide will remain inactive. For more information, see Create a service network in the Amazon VPC Lattice User Guide.

", - "PutAuthPolicyResponse$state": "

The state of the auth policy. The auth policy is only active when the auth type is set to Amazon Web Services_IAM. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the Auth type is NONE, then, any auth policy you provide will remain inactive. For more information, see Create a service network in the Amazon VPC Lattice User Guide.

" + "GetAuthPolicyResponse$state": "

The state of the auth policy. The auth policy is only active when the auth type is set to AWS_IAM. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the auth type is NONE, then any auth policy that you provide remains inactive. For more information, see Create a service network in the Amazon VPC Lattice User Guide.

", + "PutAuthPolicyResponse$state": "

The state of the auth policy. The auth policy is only active when the auth type is set to AWS_IAM. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the Auth type is NONE, then, any auth policy that you provide remains inactive. For more information, see Create a service network in the Amazon VPC Lattice User Guide.

" } }, "AuthPolicyString": { "base": null, "refs": { "GetAuthPolicyResponse$policy": "

The auth policy.

", - "PutAuthPolicyRequest$policy": "

The auth policy.

", - "PutAuthPolicyResponse$policy": "

The auth policy.

" + "PutAuthPolicyRequest$policy": "

The auth policy. The policy string in JSON must not contain newlines or blank lines.

", + "PutAuthPolicyResponse$policy": "

The auth policy. The policy string in JSON must not contain newlines or blank lines.

" } }, "AuthType": { @@ -174,10 +174,10 @@ "base": null, "refs": { "GetRuleResponse$isDefault": "

Indicates whether this is the default rule.

", - "HeaderMatch$caseSensitive": "

Indicates whether the match is case sensitive. Defaults to false.

", + "HeaderMatch$caseSensitive": "

Indicates whether the match is case sensitive.

", "HealthCheckConfig$enabled": "

Indicates whether health checking is enabled.

", - "PathMatch$caseSensitive": "

Indicates whether the match is case sensitive. Defaults to false.

", - "RuleSummary$isDefault": "

Indicates whether this is the default rule. Listener rules are created when you create a listener. Each listener has a default rule for checking connection requests.

", + "PathMatch$caseSensitive": "

Indicates whether the match is case sensitive.

", + "RuleSummary$isDefault": "

Indicates whether this is the default listener rule.

", "RuleUpdateSuccess$isDefault": "

Indicates whether this is the default rule.

", "UpdateRuleResponse$isDefault": "

Indicates whether this is the default rule.

" } @@ -188,8 +188,8 @@ "CreateServiceRequest$certificateArn": "

The Amazon Resource Name (ARN) of the certificate.

", "CreateServiceResponse$certificateArn": "

The Amazon Resource Name (ARN) of the certificate.

", "GetServiceResponse$certificateArn": "

The Amazon Resource Name (ARN) of the certificate.

", - "UpdateServiceRequest$certificateArn": "

The Amazon Resource Name (ARN) of the certificate.

", - "UpdateServiceResponse$certificateArn": "

The Amazon Resource Name (ARN) of the certificate.

" + "UpdateServiceRequest$certificateArn": "

The Amazon Resource Name (ARN) of the certificate.

", + "UpdateServiceResponse$certificateArn": "

The Amazon Resource Name (ARN) of the certificate.

" } }, "ClientToken": { @@ -419,8 +419,8 @@ "CreateServiceResponse$dnsEntry": "

The public DNS name of the service.

", "GetServiceNetworkServiceAssociationResponse$dnsEntry": "

The DNS name of the service.

", "GetServiceResponse$dnsEntry": "

The DNS name of the service.

", - "ServiceNetworkServiceAssociationSummary$dnsEntry": "

DNS information about the service.

", - "ServiceSummary$dnsEntry": "

DNS information about the service.

" + "ServiceNetworkServiceAssociationSummary$dnsEntry": "

The DNS information.

", + "ServiceSummary$dnsEntry": "

The DNS information.

" } }, "FailureCode": { @@ -438,9 +438,9 @@ } }, "FixedResponseAction": { - "base": "

Information about an action that returns a custom HTTP response.

", + "base": "

Describes an action that returns a custom HTTP response.

", "refs": { - "RuleAction$fixedResponse": "

Describes the rule action that returns a custom HTTP response.

" + "RuleAction$fixedResponse": "

The fixed response action. The rule returns a custom HTTP response.

" } }, "ForwardAction": { @@ -558,13 +558,13 @@ "HeaderMatchContains": { "base": null, "refs": { - "HeaderMatchType$contains": "

Specifies a contains type match.

" + "HeaderMatchType$contains": "

A contains type match.

" } }, "HeaderMatchExact": { "base": null, "refs": { - "HeaderMatchType$exact": "

Specifies an exact type match.

" + "HeaderMatchType$exact": "

An exact type match.

" } }, "HeaderMatchList": { @@ -582,19 +582,19 @@ "HeaderMatchPrefix": { "base": null, "refs": { - "HeaderMatchType$prefix": "

Specifies a prefix type match. Matches the value with the prefix.

" + "HeaderMatchType$prefix": "

A prefix type match. Matches the value with the prefix.

" } }, "HeaderMatchType": { - "base": "

Describes a header match type. Only one can be provided.

", + "base": "

Describes a header match type.

", "refs": { "HeaderMatch$match": "

The header match type.

" } }, "HealthCheckConfig": { - "base": "

The health check configuration of a target group. Health check configurations aren't used for LAMBDA and ALB target groups.

", + "base": "

Describes the health check configuration of a target group. Health check configurations aren't used for target groups of type LAMBDA or ALB.

", "refs": { - "TargetGroupConfig$healthCheck": "

The health check configuration.

", + "TargetGroupConfig$healthCheck": "

The health check configuration. Not supported if the target group type is LAMBDA or ALB.

", "UpdateTargetGroupRequest$healthCheck": "

The health check configuration.

" } }, @@ -673,15 +673,15 @@ "IpAddressType": { "base": null, "refs": { - "TargetGroupConfig$ipAddressType": "

The type of IP address used for the target group. The possible values are ipv4 and ipv6. This is an optional parameter. If not specified, the IP address type defaults to ipv4.

", - "TargetGroupSummary$ipAddressType": "

The type of IP address used for the target group. The possible values are ipv4 and ipv6. This is an optional parameter. If not specified, the IP address type defaults to ipv4.

" + "TargetGroupConfig$ipAddressType": "

The type of IP address used for the target group. Supported only if the target group type is IP. The default is IPV4.

", + "TargetGroupSummary$ipAddressType": "

The type of IP address used for the target group. The possible values are IPV4 and IPV6. This is an optional parameter. If not specified, the default is IPV4.

" } }, "LambdaEventStructureVersion": { "base": null, "refs": { - "TargetGroupConfig$lambdaEventStructureVersion": "

Lambda event structure version

", - "TargetGroupSummary$lambdaEventStructureVersion": "

Lambda event structure version

" + "TargetGroupConfig$lambdaEventStructureVersion": "

The version of the event structure that your Lambda function receives. Supported only if the target group type is LAMBDA. The default is V1.

", + "TargetGroupSummary$lambdaEventStructureVersion": "

The version of the event structure that your Lambda function receives. Supported only if the target group type is LAMBDA.

" } }, "ListAccessLogSubscriptionsRequest": { @@ -782,7 +782,7 @@ "ListTargetsRequestTargetsList": { "base": null, "refs": { - "ListTargetsRequest$targets": "

The targets to list.

" + "ListTargetsRequest$targets": "

The targets.

" } }, "ListTargetsResponse": { @@ -835,7 +835,7 @@ "ListenerProtocol": { "base": null, "refs": { - "CreateListenerRequest$protocol": "

The listener protocol HTTP or HTTPS.

", + "CreateListenerRequest$protocol": "

The listener protocol.

", "CreateListenerResponse$protocol": "

The protocol of the listener.

", "GetListenerResponse$protocol": "

The listener protocol.

", "ListenerSummary$protocol": "

The listener protocol.

", @@ -864,9 +864,9 @@ } }, "Matcher": { - "base": "

The codes to use when checking for a successful response from a target for health checks.

", + "base": "

Describes the codes to use when checking for a successful response from a target for health checks.

", "refs": { - "HealthCheckConfig$matcher": "

The codes to use when checking for a successful response from a target. These are called Success codes in the console.

" + "HealthCheckConfig$matcher": "

The codes to use when checking for a successful response from a target.

" } }, "MaxResults": { @@ -933,20 +933,20 @@ "PolicyString": { "base": null, "refs": { - "GetResourcePolicyResponse$policy": "

The Amazon Resource Name (ARN) of the service network or service.

", - "PutResourcePolicyRequest$policy": "

An IAM policy.

" + "GetResourcePolicyResponse$policy": "

An IAM policy.

", + "PutResourcePolicyRequest$policy": "

An IAM policy. The policy string in JSON must not contain newlines or blank lines.

" } }, "Port": { "base": null, "refs": { - "CreateListenerRequest$port": "

The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.

", + "CreateListenerRequest$port": "

The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.

", "CreateListenerResponse$port": "

The port number of the listener.

", "GetListenerResponse$port": "

The listener port.

", "ListenerSummary$port": "

The listener port.

", - "Target$port": "

The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.

", + "Target$port": "

The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.

", "TargetFailure$port": "

The port on which the target is listening. This parameter doesn't apply if the target is a Lambda function.

", - "TargetGroupConfig$port": "

The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443

", + "TargetGroupConfig$port": "

The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is LAMBDA.

", "TargetGroupSummary$port": "

The port of the target group.

", "TargetSummary$port": "

The port on which the target is listening.

", "UpdateListenerResponse$port": "

The listener port.

" @@ -995,7 +995,7 @@ "CreateAccessLogSubscriptionResponse$resourceArn": "

The Amazon Resource Name (ARN) of the service network or service.

", "DeleteResourcePolicyRequest$resourceArn": "

The Amazon Resource Name (ARN) of the resource.

", "GetAccessLogSubscriptionResponse$resourceArn": "

The Amazon Resource Name (ARN) of the service network or service.

", - "GetResourcePolicyRequest$resourceArn": "

An IAM policy.

", + "GetResourcePolicyRequest$resourceArn": "

The Amazon Resource Name (ARN) of the service network or service.

", "PutResourcePolicyRequest$resourceArn": "

The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.

", "UpdateAccessLogSubscriptionResponse$resourceArn": "

The Amazon Resource Name (ARN) of the access log subscription.

" } @@ -1025,16 +1025,16 @@ } }, "RuleAction": { - "base": "

Describes the action for a rule. Each rule must include exactly one of the following types of actions: forward or fixed-response, and it must be the last action to be performed.

", + "base": "

Describes the action for a rule.

", "refs": { - "CreateListenerRequest$defaultAction": "

The action for the default rule. Each listener has a default rule. Each rule consists of a priority, one or more actions, and one or more conditions. The default rule is the rule that's used if no other rules match. Each rule must include exactly one of the following types of actions: forward or fixed-response, and it must be the last action to be performed.

", + "CreateListenerRequest$defaultAction": "

The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.

", "CreateListenerResponse$defaultAction": "

The action for the default rule.

", "CreateRuleRequest$action": "

The action for the default rule.

", - "CreateRuleResponse$action": "

The rule action. Each rule must include exactly one of the following types of actions: forward or fixed-response, and it must be the last action to be performed.

", + "CreateRuleResponse$action": "

The rule action.

", "GetListenerResponse$defaultAction": "

The actions for the default listener rule.

", "GetRuleResponse$action": "

The action for the default rule.

", "RuleUpdate$action": "

The rule action.

", - "RuleUpdateSuccess$action": "

The action for the default rule.

", + "RuleUpdateSuccess$action": "

The action for the rule.

", "UpdateListenerRequest$defaultAction": "

The action for the default rule.

", "UpdateListenerResponse$defaultAction": "

The action for the default rule.

", "UpdateRuleRequest$action": "

Information about the action for the specified listener rule.

", @@ -1100,7 +1100,7 @@ "CreateRuleRequest$priority": "

The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.

", "CreateRuleResponse$priority": "

The priority assigned to the rule. The lower the priority number the higher the priority.

", "GetRuleResponse$priority": "

The priority level for the specified rule.

", - "RuleSummary$priority": "

The priority of the rule.

", + "RuleSummary$priority": "

The priority of the rule.

", "RuleUpdate$priority": "

The rule priority. A listener can't have multiple rules with the same priority.

", "RuleUpdateSuccess$priority": "

The rule priority.

", "UpdateRuleRequest$priority": "

The rule priority. A listener can't have multiple rules with the same priority.

", @@ -1120,7 +1120,7 @@ } }, "RuleUpdate": { - "base": "

Represents an object when updating a rule.

", + "base": "

Describes a rule update.

", "refs": { "RuleUpdateList$member": null } @@ -1191,7 +1191,7 @@ "base": null, "refs": { "GetTargetGroupResponse$serviceArns": "

The Amazon Resource Names (ARNs) of the service.

", - "TargetGroupSummary$serviceArns": "

The list of Amazon Resource Names (ARNs) of the service.

" + "TargetGroupSummary$serviceArns": "

The Amazon Resource Names (ARNs) of the service.

" } }, "ServiceCustomDomainName": { @@ -1200,10 +1200,10 @@ "CreateServiceNetworkServiceAssociationResponse$customDomainName": "

The custom domain name of the service.

", "CreateServiceRequest$customDomainName": "

The custom domain name of the service.

", "CreateServiceResponse$customDomainName": "

The custom domain name of the service.

", - "GetServiceNetworkServiceAssociationResponse$customDomainName": "

The custom domain name of the service.

", + "GetServiceNetworkServiceAssociationResponse$customDomainName": "

The custom domain name of the service.

", "GetServiceResponse$customDomainName": "

The custom domain name of the service.

", - "ServiceNetworkServiceAssociationSummary$customDomainName": "

The custom domain name of the service.

", - "ServiceSummary$customDomainName": "

The custom domain name of the service.

", + "ServiceNetworkServiceAssociationSummary$customDomainName": "

The custom domain name of the service.

", + "ServiceSummary$customDomainName": "

The custom domain name of the service.

", "UpdateServiceResponse$customDomainName": "

The custom domain name of the service.

" } }, @@ -1246,7 +1246,7 @@ "ServiceList": { "base": null, "refs": { - "ListServicesResponse$items": "

The services.

" + "ListServicesResponse$items": "

Information about the services.

" } }, "ServiceName": { @@ -1349,8 +1349,8 @@ "ServiceNetworkServiceAssociationStatus": { "base": null, "refs": { - "CreateServiceNetworkServiceAssociationResponse$status": "

The operation's status.

", - "DeleteServiceNetworkServiceAssociationResponse$status": "

The operation's status. You can retry the operation if the status is DELETE_FAILED. However, if you retry it when the status is DELETE_IN_PROGRESS, there is no change in the status.

", + "CreateServiceNetworkServiceAssociationResponse$status": "

The association status.

", + "DeleteServiceNetworkServiceAssociationResponse$status": "

The status. You can retry the operation if the status is DELETE_FAILED. However, if you retry it when the status is DELETE_IN_PROGRESS, there is no change in the status.

", "GetServiceNetworkServiceAssociationResponse$status": "

The status of the association.

", "ServiceNetworkServiceAssociationSummary$status": "

The status. If the deletion fails, try to delete again.

" } @@ -1404,8 +1404,8 @@ "ServiceNetworkVpcAssociationStatus": { "base": null, "refs": { - "CreateServiceNetworkVpcAssociationResponse$status": "

The operation's status.

", - "DeleteServiceNetworkVpcAssociationResponse$status": "

The status. You can retry the operation if the status is DELETE_FAILED. However, if you retry it when the status is DELETE_IN_PROGRESS, there is no change in the status.

", + "CreateServiceNetworkVpcAssociationResponse$status": "

The association status.

", + "DeleteServiceNetworkVpcAssociationResponse$status": "

The status. You can retry the operation if the status is DELETE_FAILED. However, if you retry it while the status is DELETE_IN_PROGRESS, there is no change in the status.

", "GetServiceNetworkVpcAssociationResponse$status": "

The status of the association.

", "ServiceNetworkVpcAssociationSummary$status": "

The status.

", "UpdateServiceNetworkVpcAssociationResponse$status": "

The status. You can retry the operation if the status is DELETE_FAILED. However, if you retry it while the status is DELETE_IN_PROGRESS, there is no change in the status.

" @@ -1425,7 +1425,7 @@ "ServiceStatus": { "base": null, "refs": { - "CreateServiceResponse$status": "

The status. If the status is CREATE_FAILED, you will have to delete and recreate the service.

", + "CreateServiceResponse$status": "

The status. If the status is CREATE_FAILED, you must delete and recreate the service.

", "DeleteServiceResponse$status": "

The status. You can retry the operation if the status is DELETE_FAILED. However, if you retry it while the status is DELETE_IN_PROGRESS, the status doesn't change.

", "GetServiceResponse$status": "

The status of the service.

", "ServiceSummary$status": "

The status.

" @@ -1463,14 +1463,14 @@ "ServiceQuotaExceededException$serviceCode": "

The service code.

", "TargetFailure$failureCode": "

The failure code.

", "TargetFailure$failureMessage": "

The failure message.

", - "TargetFailure$id": "

The ID of the target. If the target type of the target group is INSTANCE, this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA, this is the ARN of the Lambda function. If the target type is ALB, this is the ARN of the Application Load Balancer.

", - "TargetSummary$id": "

The ID of the target. If the target type of the target group is INSTANCE, this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA, this is the ARN of the Lambda function. If the target type is ALB, this is the ARN of the Application Load Balancer.

", + "TargetFailure$id": "

The ID of the target. If the target group type is INSTANCE, this is an instance ID. If the target group type is IP, this is an IP address. If the target group type is LAMBDA, this is the ARN of a Lambda function. If the target group type is ALB, this is the ARN of an Application Load Balancer.

", + "TargetSummary$id": "

The ID of the target. If the target group type is INSTANCE, this is an instance ID. If the target group type is IP, this is an IP address. If the target group type is LAMBDA, this is the ARN of a Lambda function. If the target type is ALB, this is the ARN of an Application Load Balancer.

", "TargetSummary$reasonCode": "

The code for why the target status is what it is.

", "ThrottlingException$message": null, "ThrottlingException$quotaCode": "

The ID of the service quota that was exceeded.

", "ThrottlingException$serviceCode": "

The service code.

", "ValidationException$message": null, - "ValidationExceptionField$message": "

Additional details about why the validation failed.

", + "ValidationExceptionField$message": "

Additional information about why the validation failed.

", "ValidationExceptionField$name": "

The name of the validation exception.

" } }, @@ -1498,7 +1498,7 @@ "CreateServiceNetworkVpcAssociationRequest$tags": "

The tags for the association.

", "CreateServiceRequest$tags": "

The tags for the service.

", "CreateTargetGroupRequest$tags": "

The tags for the target group.

", - "ListTagsForResourceResponse$tags": "

The tags.

", + "ListTagsForResourceResponse$tags": "

Information about the tags.

", "TagResourceRequest$tags": "

The tags for the resource.

" } }, @@ -1551,10 +1551,10 @@ } }, "TargetGroupConfig": { - "base": "

Describes the configuration of a target group. Lambda functions don't support target group configuration.

", + "base": "

Describes the configuration of a target group.

For more information, see Target groups in the Amazon VPC Lattice User Guide.

", "refs": { - "CreateTargetGroupRequest$config": "

The target group configuration. If type is set to LAMBDA, this parameter doesn't apply.

", - "CreateTargetGroupResponse$config": "

The target group configuration. If type is set to LAMBDA, this parameter doesn't apply.

", + "CreateTargetGroupRequest$config": "

The target group configuration.

", + "CreateTargetGroupResponse$config": "

The target group configuration.

", "GetTargetGroupResponse$config": "

The target group configuration.

", "UpdateTargetGroupResponse$config": "

The target group configuration.

" } @@ -1601,20 +1601,20 @@ "base": null, "refs": { "HealthCheckConfig$protocol": "

The protocol used when performing health checks on targets. The possible protocols are HTTP and HTTPS. The default is HTTP.

", - "TargetGroupConfig$protocol": "

The protocol to use for routing traffic to the targets. Default is the protocol of a target group.

", + "TargetGroupConfig$protocol": "

The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is LAMBDA.

", "TargetGroupSummary$protocol": "

The protocol of the target group.

" } }, "TargetGroupProtocolVersion": { "base": null, "refs": { - "TargetGroupConfig$protocolVersion": "

The protocol version. Default value is HTTP1.

" + "TargetGroupConfig$protocolVersion": "

The protocol version. The default is HTTP1. Not supported if the target group type is LAMBDA.

" } }, "TargetGroupStatus": { "base": null, "refs": { - "CreateTargetGroupResponse$status": "

The operation's status. You can retry the operation if the status is CREATE_FAILED. However, if you retry it while the status is CREATE_IN_PROGRESS, there is no change in the status.

", + "CreateTargetGroupResponse$status": "

The status. You can retry the operation if the status is CREATE_FAILED. However, if you retry it while the status is CREATE_IN_PROGRESS, there is no change in the status.

", "DeleteTargetGroupResponse$status": "

The status. You can retry the operation if the status is DELETE_FAILED. However, if you retry it while the status is DELETE_IN_PROGRESS, the status doesn't change.

", "GetTargetGroupResponse$status": "

The status.

", "TargetGroupSummary$status": "

The status.

", @@ -1622,7 +1622,7 @@ } }, "TargetGroupSummary": { - "base": "

Summary information about a target group.

", + "base": "

Summary information about a target group.

For more information, see Target groups in the Amazon VPC Lattice User Guide.

", "refs": { "TargetGroupList$member": null } @@ -1641,13 +1641,13 @@ "TargetGroupWeight": { "base": null, "refs": { - "WeightedTargetGroup$weight": "

Only required if you specify multiple target groups for a forward action. The \"weight\" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.

" + "WeightedTargetGroup$weight": "

Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.

" } }, "TargetIdString": { "base": null, "refs": { - "Target$id": "

The ID of the target. If the target type of the target group is INSTANCE, this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA, this is the ARN of the Lambda function. If the target type is ALB, this is the ARN of the Application Load Balancer.

" + "Target$id": "

The ID of the target. If the target group type is INSTANCE, this is an instance ID. If the target group type is IP, this is an IP address. If the target group type is LAMBDA, this is the ARN of a Lambda function. If the target group type is ALB, this is the ARN of an Application Load Balancer.

" } }, "TargetList": { @@ -1660,7 +1660,7 @@ "TargetStatus": { "base": null, "refs": { - "TargetSummary$status": "

The status of the target.

" + "TargetSummary$status": "

The status of the target.

" } }, "TargetSummary": { @@ -1781,7 +1781,7 @@ "UpdateServiceNetworkVpcAssociationRequestSecurityGroupIdsList": { "base": null, "refs": { - "UpdateServiceNetworkVpcAssociationRequest$securityGroupIds": "

The IDs of the security groups. Once you add a security group, it cannot be removed.

" + "UpdateServiceNetworkVpcAssociationRequest$securityGroupIds": "

The IDs of the security groups.

" } }, "UpdateServiceNetworkVpcAssociationResponse": { @@ -1838,9 +1838,9 @@ "CreateServiceNetworkVpcAssociationRequest$vpcIdentifier": "

The ID of the VPC.

", "GetServiceNetworkVpcAssociationResponse$vpcId": "

The ID of the VPC.

", "ListServiceNetworkVpcAssociationsRequest$vpcIdentifier": "

The ID or Amazon Resource Name (ARN) of the VPC.

", - "ListTargetGroupsRequest$vpcIdentifier": "

The ID or Amazon Resource Name (ARN) of the service.

", + "ListTargetGroupsRequest$vpcIdentifier": "

The ID or Amazon Resource Name (ARN) of the VPC.

", "ServiceNetworkVpcAssociationSummary$vpcId": "

The ID of the VPC.

", - "TargetGroupConfig$vpcIdentifier": "

The ID of the VPC.

", + "TargetGroupConfig$vpcIdentifier": "

The ID of the VPC. Not supported if the target group type is LAMBDA.

", "TargetGroupSummary$vpcIdentifier": "

The ID of the VPC of the target group.

" } }, @@ -1853,7 +1853,7 @@ "WeightedTargetGroupList": { "base": null, "refs": { - "ForwardAction$targetGroups": "

The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.

The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.

" + "ForwardAction$targetGroups": "

The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.

The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.

" } } } diff --git a/models/apis/vpc-lattice/2022-11-30/endpoint-rule-set-1.json b/models/apis/vpc-lattice/2022-11-30/endpoint-rule-set-1.json index a5c3af9ab09..e23373ab493 100644 --- a/models/apis/vpc-lattice/2022-11-30/endpoint-rule-set-1.json +++ b/models/apis/vpc-lattice/2022-11-30/endpoint-rule-set-1.json @@ -40,7 +40,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -59,7 +58,6 @@ }, { "conditions": [], - "type": "tree", "rules": [ { "conditions": [ @@ -87,13 +85,14 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], - "type": "tree", "rules": [ { "conditions": [ @@ -106,7 +105,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -120,7 +118,6 @@ "assign": "PartitionResult" } ], - "type": "tree", "rules": [ { "conditions": [ @@ -143,7 +140,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -178,11 +174,9 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [], - "type": "tree", "rules": [ { "conditions": [], @@ -193,16 +187,19 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "FIPS and DualStack are enabled, but this partition does not support one or both", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -216,14 +213,12 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ - true, { "fn": "getAttr", "argv": [ @@ -232,15 +227,14 @@ }, "supportsFIPS" ] - } + }, + true ] } ], - "type": "tree", "rules": [ { "conditions": [], - "type": "tree", "rules": [ { "conditions": [], @@ -251,16 +245,19 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "FIPS is enabled but this partition does not support FIPS", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -274,7 +271,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -294,11 +290,9 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [], - "type": "tree", "rules": [ { "conditions": [], @@ -309,20 +303,22 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "DualStack is enabled but this partition does not support DualStack", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [], - "type": "tree", "rules": [ { "conditions": [], @@ -333,18 +329,22 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "Invalid Configuration: Missing Region", "type": "error" } - ] + ], + "type": "tree" } ] } \ No newline at end of file diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 4f5b138f527..16dbbadf2dc 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -544,6 +544,7 @@ "aoss" : { "endpoints" : { "ap-northeast-1" : { }, + "ap-south-1" : { }, "ap-southeast-1" : { }, "ap-southeast-2" : { }, "eu-central-1" : { }, diff --git a/service/eventbridge/api.go b/service/eventbridge/api.go index 76837f66f6f..352af62144d 100644 --- a/service/eventbridge/api.go +++ b/service/eventbridge/api.go @@ -341,6 +341,24 @@ func (c *EventBridge) CreateArchiveRequest(input *CreateArchiveInput) (req *requ // are sent to the archive except replayed events. Replayed events are not sent // to an archive. // +// Archives and schema discovery are not supported for event buses encrypted +// using a customer managed key. EventBridge returns an error if: +// +// - You call CreateArchive (https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html) +// on an event bus set to use a customer managed key for encryption. +// +// - You call CreateDiscoverer (https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer) +// on an event bus set to use a customer managed key for encryption. +// +// - You call UpdatedEventBus (https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html) +// to set a customer managed key on an event bus with an archives or schema +// discovery enabled. +// +// To enable archives or schema discovery on an event bus, choose to use an +// Amazon Web Services owned key. For more information, see Data encryption +// in EventBridge (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html) +// in the Amazon EventBridge User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1285,7 +1303,7 @@ func (c *EventBridge) DeleteEndpointRequest(input *DeleteEndpointInput) (req *re // Delete an existing global endpoint. For more information about global endpoints, // see Making applications Regional-fault tolerant with global endpoints and // event replication (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-global-endpoints.html) -// in the Amazon EventBridge User Guide. +// in the Amazon EventBridge User Guide . // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1907,7 +1925,7 @@ func (c *EventBridge) DescribeEndpointRequest(input *DescribeEndpointInput) (req // Get the information about an existing global endpoint. For more information // about global endpoints, see Making applications Regional-fault tolerant with // global endpoints and event replication (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-global-endpoints.html) -// in the Amazon EventBridge User Guide. +// in the Amazon EventBridge User Guide . // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2868,7 +2886,7 @@ func (c *EventBridge) ListEndpointsRequest(input *ListEndpointsInput) (req *requ // List the global endpoints associated with this account. For more information // about global endpoints, see Making applications Regional-fault tolerant with // global endpoints and event replication (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-global-endpoints.html) -// in the Amazon EventBridge User Guide. +// in the Amazon EventBridge User Guide . // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4156,7 +4174,7 @@ func (c *EventBridge) PutTargetsRequest(input *PutTargetsInput) (req *request.Re // // For a list of services you can configure as targets for events, see EventBridge // targets (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) -// in the Amazon EventBridge User Guide. +// in the Amazon EventBridge User Guide . // // Creating rules with built-in targets is supported only in the Amazon Web // Services Management Console. The built-in targets are: @@ -4186,7 +4204,7 @@ func (c *EventBridge) PutTargetsRequest(input *PutTargetsInput) (req *request.Re // in the RoleARN argument in PutTargets. // // For more information, see Authentication and Access Control (https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) -// in the Amazon EventBridge User Guide. +// in the Amazon EventBridge User Guide . // // If another Amazon Web Services account is in the same region and has granted // you permission (using PutPermission), you can send events to that account. @@ -5208,7 +5226,7 @@ func (c *EventBridge) UpdateEndpointRequest(input *UpdateEndpointInput) (req *re // Update an existing endpoint. For more information about global endpoints, // see Making applications Regional-fault tolerant with global endpoints and // event replication (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-global-endpoints.html) -// in the Amazon EventBridge User Guide. +// in the Amazon EventBridge User Guide . // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5250,6 +5268,94 @@ func (c *EventBridge) UpdateEndpointWithContext(ctx aws.Context, input *UpdateEn return out, req.Send() } +const opUpdateEventBus = "UpdateEventBus" + +// UpdateEventBusRequest generates a "aws/request.Request" representing the +// client's request for the UpdateEventBus operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateEventBus for more information on using the UpdateEventBus +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateEventBusRequest method. +// req, resp := client.UpdateEventBusRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/eventbridge-2015-10-07/UpdateEventBus +func (c *EventBridge) UpdateEventBusRequest(input *UpdateEventBusInput) (req *request.Request, output *UpdateEventBusOutput) { + op := &request.Operation{ + Name: opUpdateEventBus, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateEventBusInput{} + } + + output = &UpdateEventBusOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateEventBus API operation for Amazon EventBridge. +// +// Updates the specified event bus. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon EventBridge's +// API operation UpdateEventBus for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// An entity that you specified does not exist. +// +// - InternalException +// This exception occurs due to unexpected causes. +// +// - ConcurrentModificationException +// There is concurrent modification on a rule, target, archive, or replay. +// +// - OperationDisabledException +// The operation you are attempting is not available in this region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/eventbridge-2015-10-07/UpdateEventBus +func (c *EventBridge) UpdateEventBus(input *UpdateEventBusInput) (*UpdateEventBusOutput, error) { + req, out := c.UpdateEventBusRequest(input) + return out, req.Send() +} + +// UpdateEventBusWithContext is the same as UpdateEventBus with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateEventBus for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EventBridge) UpdateEventBusWithContext(ctx aws.Context, input *UpdateEventBusInput, opts ...request.Option) (*UpdateEventBusOutput, error) { + req, out := c.UpdateEventBusRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + type ActivateEventSourceInput struct { _ struct{} `type:"structure"` @@ -7758,10 +7864,50 @@ func (s *CreateEndpointOutput) SetState(v string) *CreateEndpointOutput { type CreateEventBusInput struct { _ struct{} `type:"structure"` + // Configuration details of the Amazon SQS queue for EventBridge to use as a + // dead-letter queue (DLQ). + // + // For more information, see Event retry policy and using dead-letter queues + // (eventbridge/latest/userguide/eb-rule-dlq.html) in the EventBridge User Guide. + DeadLetterConfig *DeadLetterConfig `type:"structure"` + + // The event bus description. + Description *string `type:"string"` + // If you are creating a partner event bus, this specifies the partner event // source that the new event bus will be matched with. EventSourceName *string `min:"1" type:"string"` + // The identifier of the KMS customer managed key for EventBridge to use, if + // you choose to use a customer managed key to encrypt events on this event + // bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key + // alias, or key alias ARN. + // + // If you do not specify a customer managed key identifier, EventBridge uses + // an Amazon Web Services owned key to encrypt events on the event bus. + // + // For more information, see Managing keys (https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html) + // in the Key Management Service Developer Guide. + // + // Archives and schema discovery are not supported for event buses encrypted + // using a customer managed key. EventBridge returns an error if: + // + // * You call CreateArchive (https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html) + // on an event bus set to use a customer managed key for encryption. + // + // * You call CreateDiscoverer (https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer) + // on an event bus set to use a customer managed key for encryption. + // + // * You call UpdatedEventBus (https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html) + // to set a customer managed key on an event bus with an archives or schema + // discovery enabled. + // + // To enable archives or schema discovery on an event bus, choose to use an + // Amazon Web Services owned key. For more information, see Data encryption + // in EventBridge (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html) + // in the Amazon EventBridge User Guide. + KmsKeyIdentifier *string `type:"string"` + // The name of the new event bus. // // Custom event bus names can't contain the / character, but you can use the @@ -7809,6 +7955,11 @@ func (s *CreateEventBusInput) Validate() error { if s.Name != nil && len(*s.Name) < 1 { invalidParams.Add(request.NewErrParamMinLen("Name", 1)) } + if s.DeadLetterConfig != nil { + if err := s.DeadLetterConfig.Validate(); err != nil { + invalidParams.AddNested("DeadLetterConfig", err.(request.ErrInvalidParams)) + } + } if s.Tags != nil { for i, v := range s.Tags { if v == nil { @@ -7826,12 +7977,30 @@ func (s *CreateEventBusInput) Validate() error { return nil } +// SetDeadLetterConfig sets the DeadLetterConfig field's value. +func (s *CreateEventBusInput) SetDeadLetterConfig(v *DeadLetterConfig) *CreateEventBusInput { + s.DeadLetterConfig = v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateEventBusInput) SetDescription(v string) *CreateEventBusInput { + s.Description = &v + return s +} + // SetEventSourceName sets the EventSourceName field's value. func (s *CreateEventBusInput) SetEventSourceName(v string) *CreateEventBusInput { s.EventSourceName = &v return s } +// SetKmsKeyIdentifier sets the KmsKeyIdentifier field's value. +func (s *CreateEventBusInput) SetKmsKeyIdentifier(v string) *CreateEventBusInput { + s.KmsKeyIdentifier = &v + return s +} + // SetName sets the Name field's value. func (s *CreateEventBusInput) SetName(v string) *CreateEventBusInput { s.Name = &v @@ -7847,8 +8016,25 @@ func (s *CreateEventBusInput) SetTags(v []*Tag) *CreateEventBusInput { type CreateEventBusOutput struct { _ struct{} `type:"structure"` + // Configuration details of the Amazon SQS queue for EventBridge to use as a + // dead-letter queue (DLQ). + // + // For more information, see Event retry policy and using dead-letter queues + // (eventbridge/latest/userguide/eb-rule-dlq.html) in the EventBridge User Guide. + DeadLetterConfig *DeadLetterConfig `type:"structure"` + + // The event bus description. + Description *string `type:"string"` + // The ARN of the new event bus. EventBusArn *string `type:"string"` + + // The identifier of the KMS customer managed key for EventBridge to use to + // encrypt events on this event bus, if one has been specified. + // + // For more information, see Data encryption in EventBridge (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html) + // in the Amazon EventBridge User Guide. + KmsKeyIdentifier *string `type:"string"` } // String returns the string representation. @@ -7869,12 +8055,30 @@ func (s CreateEventBusOutput) GoString() string { return s.String() } +// SetDeadLetterConfig sets the DeadLetterConfig field's value. +func (s *CreateEventBusOutput) SetDeadLetterConfig(v *DeadLetterConfig) *CreateEventBusOutput { + s.DeadLetterConfig = v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateEventBusOutput) SetDescription(v string) *CreateEventBusOutput { + s.Description = &v + return s +} + // SetEventBusArn sets the EventBusArn field's value. func (s *CreateEventBusOutput) SetEventBusArn(v string) *CreateEventBusOutput { s.EventBusArn = &v return s } +// SetKmsKeyIdentifier sets the KmsKeyIdentifier field's value. +func (s *CreateEventBusOutput) SetKmsKeyIdentifier(v string) *CreateEventBusOutput { + s.KmsKeyIdentifier = &v + return s +} + type CreatePartnerEventSourceInput struct { _ struct{} `type:"structure"` @@ -8047,8 +8251,11 @@ func (s DeactivateEventSourceOutput) GoString() string { return s.String() } -// A DeadLetterConfig object that contains information about a dead-letter queue -// configuration. +// Configuration details of the Amazon SQS queue for EventBridge to use as a +// dead-letter queue (DLQ). +// +// For more information, see Event retry policy and using dead-letter queues +// (eventbridge/latest/userguide/eb-rule-dlq.html) in the EventBridge User Guide. type DeadLetterConfig struct { _ struct{} `type:"structure"` @@ -9561,6 +9768,29 @@ type DescribeEventBusOutput struct { // the current account. Arn *string `type:"string"` + // The time the event bus was created. + CreationTime *time.Time `type:"timestamp"` + + // Configuration details of the Amazon SQS queue for EventBridge to use as a + // dead-letter queue (DLQ). + // + // For more information, see Event retry policy and using dead-letter queues + // (eventbridge/latest/userguide/eb-rule-dlq.html) in the EventBridge User Guide. + DeadLetterConfig *DeadLetterConfig `type:"structure"` + + // The event bus description. + Description *string `type:"string"` + + // The identifier of the KMS customer managed key for EventBridge to use to + // encrypt events on this event bus, if one has been specified. + // + // For more information, see Data encryption in EventBridge (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html) + // in the Amazon EventBridge User Guide. + KmsKeyIdentifier *string `type:"string"` + + // The time the event bus was last modified. + LastModifiedTime *time.Time `type:"timestamp"` + // The name of the event bus. Currently, this is always default. Name *string `type:"string"` @@ -9592,6 +9822,36 @@ func (s *DescribeEventBusOutput) SetArn(v string) *DescribeEventBusOutput { return s } +// SetCreationTime sets the CreationTime field's value. +func (s *DescribeEventBusOutput) SetCreationTime(v time.Time) *DescribeEventBusOutput { + s.CreationTime = &v + return s +} + +// SetDeadLetterConfig sets the DeadLetterConfig field's value. +func (s *DescribeEventBusOutput) SetDeadLetterConfig(v *DeadLetterConfig) *DescribeEventBusOutput { + s.DeadLetterConfig = v + return s +} + +// SetDescription sets the Description field's value. +func (s *DescribeEventBusOutput) SetDescription(v string) *DescribeEventBusOutput { + s.Description = &v + return s +} + +// SetKmsKeyIdentifier sets the KmsKeyIdentifier field's value. +func (s *DescribeEventBusOutput) SetKmsKeyIdentifier(v string) *DescribeEventBusOutput { + s.KmsKeyIdentifier = &v + return s +} + +// SetLastModifiedTime sets the LastModifiedTime field's value. +func (s *DescribeEventBusOutput) SetLastModifiedTime(v time.Time) *DescribeEventBusOutput { + s.LastModifiedTime = &v + return s +} + // SetName sets the Name field's value. func (s *DescribeEventBusOutput) SetName(v string) *DescribeEventBusOutput { s.Name = &v @@ -10084,7 +10344,7 @@ type DescribeRuleOutput struct { EventBusName *string `min:"1" type:"string"` // The event pattern. For more information, see Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) - // in the Amazon EventBridge User Guide. + // in the Amazon EventBridge User Guide . EventPattern *string `type:"string"` // If this is a managed rule, created by an Amazon Web Services service on your @@ -10585,7 +10845,7 @@ func (s EnableRuleOutput) GoString() string { // it regional-fault tolerant. For more information about global endpoints, // see Making applications Regional-fault tolerant with global endpoints and // event replication (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-global-endpoints.html) -// in the Amazon EventBridge User Guide. +// in the Amazon EventBridge User Guide . type Endpoint struct { _ struct{} `type:"structure"` @@ -10792,6 +11052,15 @@ type EventBus struct { // The ARN of the event bus. Arn *string `type:"string"` + // The time the event bus was created. + CreationTime *time.Time `type:"timestamp"` + + // The event bus description. + Description *string `type:"string"` + + // The time the event bus was last modified. + LastModifiedTime *time.Time `type:"timestamp"` + // The name of the event bus. Name *string `type:"string"` @@ -10824,6 +11093,24 @@ func (s *EventBus) SetArn(v string) *EventBus { return s } +// SetCreationTime sets the CreationTime field's value. +func (s *EventBus) SetCreationTime(v time.Time) *EventBus { + s.CreationTime = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *EventBus) SetDescription(v string) *EventBus { + s.Description = &v + return s +} + +// SetLastModifiedTime sets the LastModifiedTime field's value. +func (s *EventBus) SetLastModifiedTime(v time.Time) *EventBus { + s.LastModifiedTime = &v + return s +} + // SetName sets the Name field's value. func (s *EventBus) SetName(v string) *EventBus { s.Name = &v @@ -14359,7 +14646,7 @@ type PutRuleInput struct { // The event pattern. For more information, see Amazon EventBridge event patterns // (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) - // in the Amazon EventBridge User Guide. + // in the Amazon EventBridge User Guide . EventPattern *string `type:"string"` // The name of the rule that you are creating or updating. @@ -14378,7 +14665,29 @@ type PutRuleInput struct { // The scheduling expression. For example, "cron(0 20 * * ? *)" or "rate(5 minutes)". ScheduleExpression *string `type:"string"` - // Indicates whether the rule is enabled or disabled. + // The state of the rule. + // + // Valid values include: + // + // * DISABLED: The rule is disabled. EventBridge does not match any events + // against the rule. + // + // * ENABLED: The rule is enabled. EventBridge matches events against the + // rule, except for Amazon Web Services management events delivered through + // CloudTrail. + // + // * ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS: The rule is enabled for + // all events, including Amazon Web Services management events delivered + // through CloudTrail. Management events provide visibility into management + // operations that are performed on resources in your Amazon Web Services + // account. These are also known as control plane operations. For more information, + // see Logging management events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) + // in the CloudTrail User Guide, and Filtering management events from Amazon + // Web Services services (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) + // in the Amazon EventBridge User Guide . This value is only valid for rules + // on the default (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) + // event bus or custom event buses (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html). + // It does not apply to partner event buses (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html). State *string `type:"string" enum:"RuleState"` // The list of key-value pairs to associate with the rule. @@ -15552,7 +15861,7 @@ type Rule struct { // The event pattern of the rule. For more information, see Events and Event // Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) - // in the Amazon EventBridge User Guide. + // in the Amazon EventBridge User Guide . EventPattern *string `type:"string"` // If the rule was created on behalf of your account by an Amazon Web Services @@ -15577,6 +15886,28 @@ type Rule struct { ScheduleExpression *string `type:"string"` // The state of the rule. + // + // Valid values include: + // + // * DISABLED: The rule is disabled. EventBridge does not match any events + // against the rule. + // + // * ENABLED: The rule is enabled. EventBridge matches events against the + // rule, except for Amazon Web Services management events delivered through + // CloudTrail. + // + // * ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS: The rule is enabled for + // all events, including Amazon Web Services management events delivered + // through CloudTrail. Management events provide visibility into management + // operations that are performed on resources in your Amazon Web Services + // account. These are also known as control plane operations. For more information, + // see Logging management events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) + // in the CloudTrail User Guide, and Filtering management events from Amazon + // Web Services services (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) + // in the Amazon EventBridge User Guide . This value is only valid for rules + // on the default (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) + // event bus or custom event buses (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html). + // It does not apply to partner event buses (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html). State *string `type:"string" enum:"RuleState"` } @@ -16661,7 +16992,7 @@ type TestEventPatternInput struct { Event *string `type:"string" required:"true"` // The event pattern. For more information, see Events and Event Patterns (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) - // in the Amazon EventBridge User Guide. + // in the Amazon EventBridge User Guide . // // EventPattern is a required field EventPattern *string `type:"string" required:"true"` @@ -17844,6 +18175,188 @@ func (s *UpdateEndpointOutput) SetState(v string) *UpdateEndpointOutput { return s } +type UpdateEventBusInput struct { + _ struct{} `type:"structure"` + + // Configuration details of the Amazon SQS queue for EventBridge to use as a + // dead-letter queue (DLQ). + // + // For more information, see Event retry policy and using dead-letter queues + // (eventbridge/latest/userguide/eb-rule-dlq.html) in the EventBridge User Guide. + DeadLetterConfig *DeadLetterConfig `type:"structure"` + + // The event bus description. + Description *string `type:"string"` + + // The identifier of the KMS customer managed key for EventBridge to use, if + // you choose to use a customer managed key to encrypt events on this event + // bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key + // alias, or key alias ARN. + // + // If you do not specify a customer managed key identifier, EventBridge uses + // an Amazon Web Services owned key to encrypt events on the event bus. + // + // For more information, see Managing keys (https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html) + // in the Key Management Service Developer Guide. + // + // Archives and schema discovery are not supported for event buses encrypted + // using a customer managed key. EventBridge returns an error if: + // + // * You call CreateArchive (https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html) + // on an event bus set to use a customer managed key for encryption. + // + // * You call CreateDiscoverer (https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer) + // on an event bus set to use a customer managed key for encryption. + // + // * You call UpdatedEventBus (https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html) + // to set a customer managed key on an event bus with an archives or schema + // discovery enabled. + // + // To enable archives or schema discovery on an event bus, choose to use an + // Amazon Web Services owned key. For more information, see Data encryption + // in EventBridge (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html) + // in the Amazon EventBridge User Guide. + KmsKeyIdentifier *string `type:"string"` + + // The name of the event bus. + Name *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateEventBusInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateEventBusInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateEventBusInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateEventBusInput"} + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.DeadLetterConfig != nil { + if err := s.DeadLetterConfig.Validate(); err != nil { + invalidParams.AddNested("DeadLetterConfig", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDeadLetterConfig sets the DeadLetterConfig field's value. +func (s *UpdateEventBusInput) SetDeadLetterConfig(v *DeadLetterConfig) *UpdateEventBusInput { + s.DeadLetterConfig = v + return s +} + +// SetDescription sets the Description field's value. +func (s *UpdateEventBusInput) SetDescription(v string) *UpdateEventBusInput { + s.Description = &v + return s +} + +// SetKmsKeyIdentifier sets the KmsKeyIdentifier field's value. +func (s *UpdateEventBusInput) SetKmsKeyIdentifier(v string) *UpdateEventBusInput { + s.KmsKeyIdentifier = &v + return s +} + +// SetName sets the Name field's value. +func (s *UpdateEventBusInput) SetName(v string) *UpdateEventBusInput { + s.Name = &v + return s +} + +type UpdateEventBusOutput struct { + _ struct{} `type:"structure"` + + // The event bus Amazon Resource Name (ARN). + Arn *string `type:"string"` + + // Configuration details of the Amazon SQS queue for EventBridge to use as a + // dead-letter queue (DLQ). + // + // For more information, see Event retry policy and using dead-letter queues + // (eventbridge/latest/userguide/eb-rule-dlq.html) in the EventBridge User Guide. + DeadLetterConfig *DeadLetterConfig `type:"structure"` + + // The event bus description. + Description *string `type:"string"` + + // The identifier of the KMS customer managed key for EventBridge to use to + // encrypt events on this event bus, if one has been specified. + // + // For more information, see Data encryption in EventBridge (https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html) + // in the Amazon EventBridge User Guide. + KmsKeyIdentifier *string `type:"string"` + + // The event bus name. + Name *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateEventBusOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateEventBusOutput) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *UpdateEventBusOutput) SetArn(v string) *UpdateEventBusOutput { + s.Arn = &v + return s +} + +// SetDeadLetterConfig sets the DeadLetterConfig field's value. +func (s *UpdateEventBusOutput) SetDeadLetterConfig(v *DeadLetterConfig) *UpdateEventBusOutput { + s.DeadLetterConfig = v + return s +} + +// SetDescription sets the Description field's value. +func (s *UpdateEventBusOutput) SetDescription(v string) *UpdateEventBusOutput { + s.Description = &v + return s +} + +// SetKmsKeyIdentifier sets the KmsKeyIdentifier field's value. +func (s *UpdateEventBusOutput) SetKmsKeyIdentifier(v string) *UpdateEventBusOutput { + s.KmsKeyIdentifier = &v + return s +} + +// SetName sets the Name field's value. +func (s *UpdateEventBusOutput) SetName(v string) *UpdateEventBusOutput { + s.Name = &v + return s +} + const ( // ApiDestinationHttpMethodPost is a ApiDestinationHttpMethod enum value ApiDestinationHttpMethodPost = "POST" diff --git a/service/eventbridge/eventbridgeiface/interface.go b/service/eventbridge/eventbridgeiface/interface.go index 8d0871ed018..365f1fb0412 100644 --- a/service/eventbridge/eventbridgeiface/interface.go +++ b/service/eventbridge/eventbridgeiface/interface.go @@ -283,6 +283,10 @@ type EventBridgeAPI interface { UpdateEndpoint(*eventbridge.UpdateEndpointInput) (*eventbridge.UpdateEndpointOutput, error) UpdateEndpointWithContext(aws.Context, *eventbridge.UpdateEndpointInput, ...request.Option) (*eventbridge.UpdateEndpointOutput, error) UpdateEndpointRequest(*eventbridge.UpdateEndpointInput) (*request.Request, *eventbridge.UpdateEndpointOutput) + + UpdateEventBus(*eventbridge.UpdateEventBusInput) (*eventbridge.UpdateEventBusOutput, error) + UpdateEventBusWithContext(aws.Context, *eventbridge.UpdateEventBusInput, ...request.Option) (*eventbridge.UpdateEventBusOutput, error) + UpdateEventBusRequest(*eventbridge.UpdateEventBusInput) (*request.Request, *eventbridge.UpdateEventBusOutput) } var _ EventBridgeAPI = (*eventbridge.EventBridge)(nil) diff --git a/service/vpclattice/api.go b/service/vpclattice/api.go index f2d5e16df03..02d54961e37 100644 --- a/service/vpclattice/api.go +++ b/service/vpclattice/api.go @@ -60,6 +60,11 @@ func (c *VPCLattice) BatchUpdateRuleRequest(input *BatchUpdateRuleInput) (req *r // the priority of listener rules. This can be useful when bulk updating or // swapping rule priority. // +// Required permissions: vpc-lattice:UpdateRule +// +// For more information, see How Amazon VPC Lattice works with IAM (https://docs.aws.amazon.com/vpc-lattice/latest/ug/security_iam_service-with-iam.html) +// in the Amazon VPC Lattice User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -156,7 +161,7 @@ func (c *VPCLattice) CreateAccessLogSubscriptionRequest(input *CreateAccessLogSu // // Enables access logs to be sent to Amazon CloudWatch, Amazon S3, and Amazon // Kinesis Data Firehose. The service network owner can use the access logs -// to audit the services in the network. The service network owner will only +// to audit the services in the network. The service network owner can only // see access logs from clients and services that are associated with their // service network. Access log entries represent traffic originated from VPCs // associated with that network. For more information, see Access logs (https://docs.aws.amazon.com/vpc-lattice/latest/ug/monitoring-access-logs.html) @@ -670,7 +675,9 @@ func (c *VPCLattice) CreateServiceNetworkServiceAssociationRequest(input *Create // CreateServiceNetworkServiceAssociation API operation for Amazon VPC Lattice. // -// Associates a service with a service network. +// Associates a service with a service network. For more information, see Manage +// service associations (https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-network-associations.html#service-network-service-associations) +// in the Amazon VPC Lattice User Guide. // // You can't use this operation if the service and service network are already // associated or if there is a disassociation or deletion in progress. If the @@ -792,10 +799,11 @@ func (c *VPCLattice) CreateServiceNetworkVpcAssociationRequest(input *CreateServ // As a result of this operation, the association gets created in the service // network account and the VPC owner account. // -// Once a security group is added to the VPC association it cannot be removed. -// You can add or update the security groups being used for the VPC association -// once a security group is attached. To remove all security groups you must -// reassociate the VPC. +// If you add a security group to the service network and VPC association, the +// association must continue to always have at least one security group. You +// can add or edit security groups at any time. However, to remove all security +// groups, you must first delete the association and recreate it without security +// groups. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1092,11 +1100,10 @@ func (c *VPCLattice) DeleteAuthPolicyRequest(input *DeleteAuthPolicyInput) (req // DeleteAuthPolicy API operation for Amazon VPC Lattice. // -// Deletes the specified auth policy. If an auth is set to Amazon Web Services_IAM -// and the auth policy is deleted, all requests will be denied by default. If -// you are trying to remove the auth policy completely, you must set the auth_type -// to NONE. If auth is enabled on the resource, but no auth policy is set, all -// requests will be denied. +// Deletes the specified auth policy. If an auth is set to AWS_IAM and the auth +// policy is deleted, all requests are denied. If you are trying to remove the +// auth policy completely, you must set the auth type to NONE. If auth is enabled +// on the resource, but no auth policy is set, all requests are denied. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1685,7 +1692,7 @@ func (c *VPCLattice) DeleteServiceNetworkServiceAssociationRequest(input *Delete // DeleteServiceNetworkServiceAssociation API operation for Amazon VPC Lattice. // // Deletes the association between a specified service and the specific service -// network. This request will fail if an association is still in progress. +// network. This operation fails if an association is still in progress. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2346,8 +2353,7 @@ func (c *VPCLattice) GetResourcePolicyRequest(input *GetResourcePolicyInput) (re // GetResourcePolicy API operation for Amazon VPC Lattice. // // Retrieves information about the resource policy. The resource policy is an -// IAM policy created by AWS RAM on behalf of the resource owner when they share -// a resource. +// IAM policy created on behalf of the resource owner when they share a resource. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3453,7 +3459,7 @@ func (c *VPCLattice) ListServiceNetworkServiceAssociationsRequest(input *ListSer // Every association in Amazon VPC Lattice is given a unique Amazon Resource // Name (ARN), such as when a service network is associated with a VPC or when // a service is associated with a service network. If the association is for -// a resource that is shared with another account, the association will include +// a resource that is shared with another account, the association includes // the local account ID as the prefix in the ARN for each account the resource // is shared with. // @@ -4425,7 +4431,11 @@ func (c *VPCLattice) PutAuthPolicyRequest(input *PutAuthPolicyInput) (req *reque // PutAuthPolicy API operation for Amazon VPC Lattice. // -// Creates or updates the auth policy. +// Creates or updates the auth policy. The policy string in JSON must not contain +// newlines or blank lines. +// +// For more information, see Auth policies (https://docs.aws.amazon.com/vpc-lattice/latest/ug/auth-policies.html) +// in the Amazon VPC Lattice User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5377,8 +5387,11 @@ func (c *VPCLattice) UpdateServiceNetworkVpcAssociationRequest(input *UpdateServ // UpdateServiceNetworkVpcAssociation API operation for Amazon VPC Lattice. // -// Updates the service network and VPC association. Once you add a security -// group, it cannot be removed. +// Updates the service network and VPC association. If you add a security group +// to the service network and VPC association, the association must continue +// to always have at least one security group. You can add or edit security +// groups at any time. However, to remove all security groups, you must first +// delete the association and recreate it without security groups. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6079,11 +6092,8 @@ type CreateListenerInput struct { // any actions. If the parameters aren't identical, the retry fails. ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` - // The action for the default rule. Each listener has a default rule. Each rule - // consists of a priority, one or more actions, and one or more conditions. - // The default rule is the rule that's used if no other rules match. Each rule - // must include exactly one of the following types of actions: forward or fixed-response, - // and it must be the last action to be performed. + // The action for the default rule. Each listener has a default rule. The default + // rule is used if no other rules match. // // DefaultAction is a required field DefaultAction *RuleAction `locationName:"defaultAction" type:"structure" required:"true"` @@ -6099,7 +6109,7 @@ type CreateListenerInput struct { // default is 80. For HTTPS, the default is 443. Port *int64 `locationName:"port" min:"1" type:"integer"` - // The listener protocol HTTP or HTTPS. + // The listener protocol. // // Protocol is a required field Protocol *string `locationName:"protocol" type:"string" required:"true" enum:"ListenerProtocol"` @@ -6474,9 +6484,7 @@ func (s *CreateRuleInput) SetTags(v map[string]*string) *CreateRuleInput { type CreateRuleOutput struct { _ struct{} `type:"structure"` - // The rule action. Each rule must include exactly one of the following types - // of actions: forward or fixed-response, and it must be the last action to - // be performed. + // The rule action. Action *RuleAction `locationName:"action" type:"structure"` // The Amazon Resource Name (ARN) of the rule. @@ -6918,7 +6926,7 @@ type CreateServiceNetworkServiceAssociationOutput struct { // The ID of the association. Id *string `locationName:"id" min:"17" type:"string"` - // The operation's status. + // The association status. Status *string `locationName:"status" type:"string" enum:"ServiceNetworkServiceAssociationStatus"` } @@ -7096,7 +7104,7 @@ type CreateServiceNetworkVpcAssociationOutput struct { // The IDs of the security groups. SecurityGroupIds []*string `locationName:"securityGroupIds" type:"list"` - // The operation's status. + // The association status. Status *string `locationName:"status" type:"string" enum:"ServiceNetworkVpcAssociationStatus"` } @@ -7172,7 +7180,7 @@ type CreateServiceOutput struct { // The name of the service. Name *string `locationName:"name" min:"3" type:"string"` - // The status. If the status is CREATE_FAILED, you will have to delete and recreate + // The status. If the status is CREATE_FAILED, you must delete and recreate // the service. Status *string `locationName:"status" type:"string" enum:"ServiceStatus"` } @@ -7252,8 +7260,7 @@ type CreateTargetGroupInput struct { // any actions. If the parameters aren't identical, the retry fails. ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` - // The target group configuration. If type is set to LAMBDA, this parameter - // doesn't apply. + // The target group configuration. Config *TargetGroupConfig `locationName:"config" type:"structure"` // The name of the target group. The name must be unique within the account. @@ -7353,8 +7360,7 @@ type CreateTargetGroupOutput struct { // The Amazon Resource Name (ARN) of the target group. Arn *string `locationName:"arn" min:"20" type:"string"` - // The target group configuration. If type is set to LAMBDA, this parameter - // doesn't apply. + // The target group configuration. Config *TargetGroupConfig `locationName:"config" type:"structure"` // The ID of the target group. @@ -7363,9 +7369,9 @@ type CreateTargetGroupOutput struct { // The name of the target group. Name *string `locationName:"name" min:"3" type:"string"` - // The operation's status. You can retry the operation if the status is CREATE_FAILED. - // However, if you retry it while the status is CREATE_IN_PROGRESS, there is - // no change in the status. + // The status. You can retry the operation if the status is CREATE_FAILED. However, + // if you retry it while the status is CREATE_IN_PROGRESS, there is no change + // in the status. Status *string `locationName:"status" type:"string" enum:"TargetGroupStatus"` // The type of target group. @@ -8010,9 +8016,9 @@ type DeleteServiceNetworkServiceAssociationOutput struct { // The ID of the association. Id *string `locationName:"id" min:"17" type:"string"` - // The operation's status. You can retry the operation if the status is DELETE_FAILED. - // However, if you retry it when the status is DELETE_IN_PROGRESS, there is - // no change in the status. + // The status. You can retry the operation if the status is DELETE_FAILED. However, + // if you retry it when the status is DELETE_IN_PROGRESS, there is no change + // in the status. Status *string `locationName:"status" type:"string" enum:"ServiceNetworkServiceAssociationStatus"` } @@ -8111,7 +8117,7 @@ type DeleteServiceNetworkVpcAssociationOutput struct { Id *string `locationName:"id" min:"22" type:"string"` // The status. You can retry the operation if the status is DELETE_FAILED. However, - // if you retry it when the status is DELETE_IN_PROGRESS, there is no change + // if you retry it while the status is DELETE_IN_PROGRESS, there is no change // in the status. Status *string `locationName:"status" type:"string" enum:"ServiceNetworkVpcAssociationStatus"` } @@ -8469,7 +8475,7 @@ func (s *DnsEntry) SetHostedZoneId(v string) *DnsEntry { return s } -// Information about an action that returns a custom HTTP response. +// Describes an action that returns a custom HTTP response. type FixedResponseAction struct { _ struct{} `type:"structure"` @@ -8532,7 +8538,7 @@ type ForwardAction struct { // of the traffic. // // The default value is 1. This means that if only one target group is provided, - // there is no need to set the weight; 100% of traffic will go to that target + // there is no need to set the weight; 100% of the traffic goes to that target // group. // // TargetGroups is a required field @@ -8803,10 +8809,10 @@ type GetAuthPolicyOutput struct { Policy *string `locationName:"policy" type:"string"` // The state of the auth policy. The auth policy is only active when the auth - // type is set to Amazon Web Services_IAM. If you provide a policy, then authentication - // and authorization decisions are made based on this policy and the client's - // IAM policy. If the auth type is NONE, then any auth policy you provide will - // remain inactive. For more information, see Create a service network (https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-networks.html#create-service-network) + // type is set to AWS_IAM. If you provide a policy, then authentication and + // authorization decisions are made based on this policy and the client's IAM + // policy. If the auth type is NONE, then any auth policy that you provide remains + // inactive. For more information, see Create a service network (https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-networks.html#create-service-network) // in the Amazon VPC Lattice User Guide. State *string `locationName:"state" type:"string" enum:"AuthPolicyState"` } @@ -9035,7 +9041,7 @@ func (s *GetListenerOutput) SetServiceId(v string) *GetListenerOutput { type GetResourcePolicyInput struct { _ struct{} `type:"structure" nopayload:"true"` - // An IAM policy. + // The Amazon Resource Name (ARN) of the service network or service. // // ResourceArn is a required field ResourceArn *string `location:"uri" locationName:"resourceArn" min:"20" type:"string" required:"true"` @@ -9084,7 +9090,7 @@ func (s *GetResourcePolicyInput) SetResourceArn(v string) *GetResourcePolicyInpu type GetResourcePolicyOutput struct { _ struct{} `type:"structure"` - // The Amazon Resource Name (ARN) of the service network or service. + // An IAM policy. Policy *string `locationName:"policy" min:"1" type:"string"` } @@ -10198,7 +10204,7 @@ func (s *GetTargetGroupOutput) SetType(v string) *GetTargetGroupOutput { type HeaderMatch struct { _ struct{} `type:"structure"` - // Indicates whether the match is case sensitive. Defaults to false. + // Indicates whether the match is case sensitive. CaseSensitive *bool `locationName:"caseSensitive" type:"boolean"` // The header match type. @@ -10272,17 +10278,17 @@ func (s *HeaderMatch) SetName(v string) *HeaderMatch { return s } -// Describes a header match type. Only one can be provided. +// Describes a header match type. type HeaderMatchType struct { _ struct{} `type:"structure"` - // Specifies a contains type match. + // A contains type match. Contains *string `locationName:"contains" min:"1" type:"string"` - // Specifies an exact type match. + // An exact type match. Exact *string `locationName:"exact" min:"1" type:"string"` - // Specifies a prefix type match. Matches the value with the prefix. + // A prefix type match. Matches the value with the prefix. Prefix *string `locationName:"prefix" min:"1" type:"string"` } @@ -10341,8 +10347,8 @@ func (s *HeaderMatchType) SetPrefix(v string) *HeaderMatchType { return s } -// The health check configuration of a target group. Health check configurations -// aren't used for LAMBDA and ALB target groups. +// Describes the health check configuration of a target group. Health check +// configurations aren't used for target groups of type LAMBDA or ALB. type HealthCheckConfig struct { _ struct{} `type:"structure"` @@ -10361,8 +10367,7 @@ type HealthCheckConfig struct { // an unhealthy target healthy. The range is 2–10. The default is 5. HealthyThresholdCount *int64 `locationName:"healthyThresholdCount" type:"integer"` - // The codes to use when checking for a successful response from a target. These - // are called Success codes in the console. + // The codes to use when checking for a successful response from a target. Matcher *Matcher `locationName:"matcher" type:"structure"` // The destination for health checks on the targets. If the protocol version @@ -10688,7 +10693,7 @@ func (s *ListAccessLogSubscriptionsInput) SetResourceIdentifier(v string) *ListA type ListAccessLogSubscriptionsOutput struct { _ struct{} `type:"structure"` - // The access log subscriptions. + // Information about the access log subscriptions. // // Items is a required field Items []*AccessLogSubscriptionSummary `locationName:"items" type:"list" required:"true"` @@ -11380,7 +11385,7 @@ func (s *ListServicesInput) SetNextToken(v string) *ListServicesInput { type ListServicesOutput struct { _ struct{} `type:"structure"` - // The services. + // Information about the services. Items []*ServiceSummary `locationName:"items" type:"list"` // If there are additional results, a pagination token for the next page of @@ -11470,7 +11475,7 @@ func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResource type ListTagsForResourceOutput struct { _ struct{} `type:"structure"` - // The tags. + // Information about the tags. Tags map[string]*string `locationName:"tags" type:"map"` } @@ -11510,7 +11515,7 @@ type ListTargetGroupsInput struct { // The target group type. TargetGroupType *string `location:"querystring" locationName:"targetGroupType" type:"string" enum:"TargetGroupType"` - // The ID or Amazon Resource Name (ARN) of the service. + // The ID or Amazon Resource Name (ARN) of the VPC. VpcIdentifier *string `location:"querystring" locationName:"vpcIdentifier" min:"5" type:"string"` } @@ -11630,7 +11635,7 @@ type ListTargetsInput struct { // TargetGroupIdentifier is a required field TargetGroupIdentifier *string `location:"uri" locationName:"targetGroupIdentifier" min:"17" type:"string" required:"true"` - // The targets to list. + // The targets. Targets []*Target `locationName:"targets" type:"list"` } @@ -11838,8 +11843,8 @@ func (s *ListenerSummary) SetProtocol(v string) *ListenerSummary { return s } -// The codes to use when checking for a successful response from a target for -// health checks. +// Describes the codes to use when checking for a successful response from a +// target for health checks. type Matcher struct { _ struct{} `type:"structure"` @@ -11876,7 +11881,7 @@ func (s *Matcher) SetHttpCode(v string) *Matcher { type PathMatch struct { _ struct{} `type:"structure"` - // Indicates whether the match is case sensitive. Defaults to false. + // Indicates whether the match is case sensitive. CaseSensitive *bool `locationName:"caseSensitive" type:"boolean"` // The type of path match. @@ -11994,7 +11999,8 @@ func (s *PathMatchType) SetPrefix(v string) *PathMatchType { type PutAuthPolicyInput struct { _ struct{} `type:"structure"` - // The auth policy. + // The auth policy. The policy string in JSON must not contain newlines or blank + // lines. // // Policy is a required field Policy *string `locationName:"policy" type:"string" required:"true"` @@ -12058,14 +12064,15 @@ func (s *PutAuthPolicyInput) SetResourceIdentifier(v string) *PutAuthPolicyInput type PutAuthPolicyOutput struct { _ struct{} `type:"structure"` - // The auth policy. + // The auth policy. The policy string in JSON must not contain newlines or blank + // lines. Policy *string `locationName:"policy" type:"string"` // The state of the auth policy. The auth policy is only active when the auth - // type is set to Amazon Web Services_IAM. If you provide a policy, then authentication - // and authorization decisions are made based on this policy and the client's - // IAM policy. If the Auth type is NONE, then, any auth policy you provide will - // remain inactive. For more information, see Create a service network (https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-networks.html#create-service-network) + // type is set to AWS_IAM. If you provide a policy, then authentication and + // authorization decisions are made based on this policy and the client's IAM + // policy. If the Auth type is NONE, then, any auth policy that you provide + // remains inactive. For more information, see Create a service network (https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-networks.html#create-service-network) // in the Amazon VPC Lattice User Guide. State *string `locationName:"state" type:"string" enum:"AuthPolicyState"` } @@ -12103,7 +12110,8 @@ func (s *PutAuthPolicyOutput) SetState(v string) *PutAuthPolicyOutput { type PutResourcePolicyInput struct { _ struct{} `type:"structure"` - // An IAM policy. + // An IAM policy. The policy string in JSON must not contain newlines or blank + // lines. // // Policy is a required field Policy *string `locationName:"policy" min:"1" type:"string" required:"true"` @@ -12379,13 +12387,11 @@ func (s *ResourceNotFoundException) RequestID() string { return s.RespMetadata.RequestID } -// Describes the action for a rule. Each rule must include exactly one of the -// following types of actions: forward or fixed-response, and it must be the -// last action to be performed. +// Describes the action for a rule. type RuleAction struct { _ struct{} `type:"structure"` - // Describes the rule action that returns a custom HTTP response. + // The fixed response action. The rule returns a custom HTTP response. FixedResponse *FixedResponseAction `locationName:"fixedResponse" type:"structure"` // The forward action. Traffic that matches the rule is forwarded to the specified @@ -12504,9 +12510,7 @@ type RuleSummary struct { // The ID of the rule. Id *string `locationName:"id" min:"5" type:"string"` - // Indicates whether this is the default rule. Listener rules are created when - // you create a listener. Each listener has a default rule for checking connection - // requests. + // Indicates whether this is the default listener rule. IsDefault *bool `locationName:"isDefault" type:"boolean"` // The date and time that the listener rule was last updated, specified in ISO-8601 @@ -12580,7 +12584,7 @@ func (s *RuleSummary) SetPriority(v int64) *RuleSummary { return s } -// Represents an object when updating a rule. +// Describes a rule update. type RuleUpdate struct { _ struct{} `type:"structure"` @@ -12724,7 +12728,7 @@ func (s *RuleUpdateFailure) SetRuleIdentifier(v string) *RuleUpdateFailure { type RuleUpdateSuccess struct { _ struct{} `type:"structure"` - // The action for the default rule. + // The action for the rule. Action *RuleAction `locationName:"action" type:"structure"` // The Amazon Resource Name (ARN) of the listener. @@ -12824,7 +12828,7 @@ type ServiceNetworkServiceAssociationSummary struct { // The custom domain name of the service. CustomDomainName *string `locationName:"customDomainName" min:"3" type:"string"` - // DNS information about the service. + // The DNS information. DnsEntry *DnsEntry `locationName:"dnsEntry" type:"structure"` // The ID of the association. @@ -13247,7 +13251,7 @@ type ServiceSummary struct { // The custom domain name of the service. CustomDomainName *string `locationName:"customDomainName" min:"3" type:"string"` - // DNS information about the service. + // The DNS information. DnsEntry *DnsEntry `locationName:"dnsEntry" type:"structure"` // The ID of the service. @@ -13418,10 +13422,10 @@ func (s TagResourceOutput) GoString() string { type Target struct { _ struct{} `type:"structure"` - // The ID of the target. If the target type of the target group is INSTANCE, - // this is an instance ID. If the target type is IP , this is an IP address. - // If the target type is LAMBDA, this is the ARN of the Lambda function. If - // the target type is ALB, this is the ARN of the Application Load Balancer. + // The ID of the target. If the target group type is INSTANCE, this is an instance + // ID. If the target group type is IP, this is an IP address. If the target + // group type is LAMBDA, this is the ARN of a Lambda function. If the target + // group type is ALB, this is the ARN of an Application Load Balancer. // // Id is a required field Id *string `locationName:"id" min:"1" type:"string" required:"true"` @@ -13490,10 +13494,10 @@ type TargetFailure struct { // The failure message. FailureMessage *string `locationName:"failureMessage" type:"string"` - // The ID of the target. If the target type of the target group is INSTANCE, - // this is an instance ID. If the target type is IP , this is an IP address. - // If the target type is LAMBDA, this is the ARN of the Lambda function. If - // the target type is ALB, this is the ARN of the Application Load Balancer. + // The ID of the target. If the target group type is INSTANCE, this is an instance + // ID. If the target group type is IP, this is an IP address. If the target + // group type is LAMBDA, this is the ARN of a Lambda function. If the target + // group type is ALB, this is the ARN of an Application Load Balancer. Id *string `locationName:"id" type:"string"` // The port on which the target is listening. This parameter doesn't apply if @@ -13543,34 +13547,39 @@ func (s *TargetFailure) SetPort(v int64) *TargetFailure { return s } -// Describes the configuration of a target group. Lambda functions don't support -// target group configuration. +// Describes the configuration of a target group. +// +// For more information, see Target groups (https://docs.aws.amazon.com/vpc-lattice/latest/ug/target-groups.html) +// in the Amazon VPC Lattice User Guide. type TargetGroupConfig struct { _ struct{} `type:"structure"` - // The health check configuration. + // The health check configuration. Not supported if the target group type is + // LAMBDA or ALB. HealthCheck *HealthCheckConfig `locationName:"healthCheck" type:"structure"` - // The type of IP address used for the target group. The possible values are - // ipv4 and ipv6. This is an optional parameter. If not specified, the IP address - // type defaults to ipv4. + // The type of IP address used for the target group. Supported only if the target + // group type is IP. The default is IPV4. IpAddressType *string `locationName:"ipAddressType" type:"string" enum:"IpAddressType"` - // Lambda event structure version + // The version of the event structure that your Lambda function receives. Supported + // only if the target group type is LAMBDA. The default is V1. LambdaEventStructureVersion *string `locationName:"lambdaEventStructureVersion" type:"string" enum:"LambdaEventStructureVersion"` // The port on which the targets are listening. For HTTP, the default is 80. - // For HTTPS, the default is 443 + // For HTTPS, the default is 443. Not supported if the target group type is + // LAMBDA. Port *int64 `locationName:"port" min:"1" type:"integer"` - // The protocol to use for routing traffic to the targets. Default is the protocol - // of a target group. + // The protocol to use for routing traffic to the targets. The default is the + // protocol of the target group. Not supported if the target group type is LAMBDA. Protocol *string `locationName:"protocol" type:"string" enum:"TargetGroupProtocol"` - // The protocol version. Default value is HTTP1. + // The protocol version. The default is HTTP1. Not supported if the target group + // type is LAMBDA. ProtocolVersion *string `locationName:"protocolVersion" type:"string" enum:"TargetGroupProtocolVersion"` - // The ID of the VPC. + // The ID of the VPC. Not supported if the target group type is LAMBDA. VpcIdentifier *string `locationName:"vpcIdentifier" min:"5" type:"string"` } @@ -13651,6 +13660,9 @@ func (s *TargetGroupConfig) SetVpcIdentifier(v string) *TargetGroupConfig { } // Summary information about a target group. +// +// For more information, see Target groups (https://docs.aws.amazon.com/vpc-lattice/latest/ug/target-groups.html) +// in the Amazon VPC Lattice User Guide. type TargetGroupSummary struct { _ struct{} `type:"structure"` @@ -13665,11 +13677,12 @@ type TargetGroupSummary struct { Id *string `locationName:"id" min:"20" type:"string"` // The type of IP address used for the target group. The possible values are - // ipv4 and ipv6. This is an optional parameter. If not specified, the IP address - // type defaults to ipv4. + // IPV4 and IPV6. This is an optional parameter. If not specified, the default + // is IPV4. IpAddressType *string `locationName:"ipAddressType" type:"string" enum:"IpAddressType"` - // Lambda event structure version + // The version of the event structure that your Lambda function receives. Supported + // only if the target group type is LAMBDA. LambdaEventStructureVersion *string `locationName:"lambdaEventStructureVersion" type:"string" enum:"LambdaEventStructureVersion"` // The date and time that the target group was last updated, specified in ISO-8601 @@ -13685,7 +13698,7 @@ type TargetGroupSummary struct { // The protocol of the target group. Protocol *string `locationName:"protocol" type:"string" enum:"TargetGroupProtocol"` - // The list of Amazon Resource Names (ARNs) of the service. + // The Amazon Resource Names (ARNs) of the service. ServiceArns []*string `locationName:"serviceArns" type:"list"` // The status. @@ -13798,10 +13811,10 @@ func (s *TargetGroupSummary) SetVpcIdentifier(v string) *TargetGroupSummary { type TargetSummary struct { _ struct{} `type:"structure"` - // The ID of the target. If the target type of the target group is INSTANCE, - // this is an instance ID. If the target type is IP , this is an IP address. - // If the target type is LAMBDA, this is the ARN of the Lambda function. If - // the target type is ALB, this is the ARN of the Application Load Balancer. + // The ID of the target. If the target group type is INSTANCE, this is an instance + // ID. If the target group type is IP, this is an IP address. If the target + // group type is LAMBDA, this is the ARN of a Lambda function. If the target + // type is ALB, this is the ARN of an Application Load Balancer. Id *string `locationName:"id" type:"string"` // The port on which the target is listening. @@ -13812,19 +13825,19 @@ type TargetSummary struct { // The status of the target. // - // * Draining: The target is being deregistered. No new connections will - // be sent to this target while current connections are being drained. Default + // * DRAINING: The target is being deregistered. No new connections are sent + // to this target while current connections are being drained. The default // draining time is 5 minutes. // - // * Unavailable: Health checks are unavailable for the target group. + // * UNAVAILABLE: Health checks are unavailable for the target group. // - // * Healthy: The target is healthy. + // * HEALTHY: The target is healthy. // - // * Unhealthy: The target is unhealthy. + // * UNHEALTHY: The target is unhealthy. // - // * Initial: Initial health checks on the target are being performed. + // * INITIAL: Initial health checks on the target are being performed. // - // * Unused: Target group is not used in a service. + // * UNUSED: Target group is not used in a service. Status *string `locationName:"status" type:"string" enum:"TargetStatus"` } @@ -14759,8 +14772,7 @@ func (s *UpdateServiceNetworkOutput) SetName(v string) *UpdateServiceNetworkOutp type UpdateServiceNetworkVpcAssociationInput struct { _ struct{} `type:"structure"` - // The IDs of the security groups. Once you add a security group, it cannot - // be removed. + // The IDs of the security groups. // // SecurityGroupIds is a required field SecurityGroupIds []*string `locationName:"securityGroupIds" min:"1" type:"list" required:"true"` @@ -15184,7 +15196,7 @@ func (s *ValidationException) RequestID() string { type ValidationExceptionField struct { _ struct{} `type:"structure"` - // Additional details about why the validation failed. + // Additional information about why the validation failed. // // Message is a required field Message *string `locationName:"message" type:"string" required:"true"` @@ -15235,9 +15247,9 @@ type WeightedTargetGroup struct { TargetGroupIdentifier *string `locationName:"targetGroupIdentifier" min:"17" type:"string" required:"true"` // Only required if you specify multiple target groups for a forward action. - // The "weight" determines how requests are distributed to the target group. - // For example, if you specify two target groups, each with a weight of 10, - // each target group receives half the requests. If you specify two target groups, + // The weight determines how requests are distributed to the target group. For + // example, if you specify two target groups, each with a weight of 10, each + // target group receives half the requests. If you specify two target groups, // one with a weight of 10 and the other with a weight of 20, the target group // with a weight of 20 receives twice as many requests as the other target group. // If there's only one target group specified, then the default value is 100. @@ -15376,6 +15388,9 @@ const ( // ListenerProtocolHttps is a ListenerProtocol enum value ListenerProtocolHttps = "HTTPS" + + // ListenerProtocolTlsPassthrough is a ListenerProtocol enum value + ListenerProtocolTlsPassthrough = "TLS_PASSTHROUGH" ) // ListenerProtocol_Values returns all elements of the ListenerProtocol enum @@ -15383,6 +15398,7 @@ func ListenerProtocol_Values() []string { return []string{ ListenerProtocolHttp, ListenerProtocolHttps, + ListenerProtocolTlsPassthrough, } } @@ -15484,6 +15500,9 @@ const ( // TargetGroupProtocolHttps is a TargetGroupProtocol enum value TargetGroupProtocolHttps = "HTTPS" + + // TargetGroupProtocolTcp is a TargetGroupProtocol enum value + TargetGroupProtocolTcp = "TCP" ) // TargetGroupProtocol_Values returns all elements of the TargetGroupProtocol enum @@ -15491,6 +15510,7 @@ func TargetGroupProtocol_Values() []string { return []string{ TargetGroupProtocolHttp, TargetGroupProtocolHttps, + TargetGroupProtocolTcp, } }