diff --git a/CHANGELOG.md b/CHANGELOG.md
index e73c01d2dfa..9a2a2f6b7db 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,28 @@
+Release v1.25.38 (2019-11-19)
+===
+
+### Service Client Updates
+* `service/autoscaling`: Updates service API and documentation
+ * Amazon EC2 Auto Scaling now supports Instance Weighting and Max Instance Lifetime. Instance Weighting allows specifying the capacity units for each instance type included in the MixedInstancesPolicy and how they would contribute to your application's performance. Max Instance Lifetime allows specifying the maximum length of time that an instance can be in service. If any instances are approaching this limit, Amazon EC2 Auto Scaling gradually replaces them.
+* `service/cloudformation`: Updates service API and documentation
+ * This release of AWS CloudFormation StackSets enables users to detect drift on a stack set and the stack instances that belong to that stack set.
+* `service/codebuild`: Updates service API and documentation
+ * Add support for ARM and GPU-enhanced build environments and a new SSD-backed Linux compute type with additional CPU and memory in CodeBuild
+* `service/config`: Updates service API and documentation
+* `service/ec2`: Updates service API and documentation
+ * This release adds support for RunInstances to specify the metadata options for new instances; adds a new API, ModifyInstanceMetadataOptions, which lets you modify the metadata options for a running or stopped instance; and adds support for CreateCustomerGateway to specify a device name.
+* `service/elasticloadbalancingv2`: Updates service API and documentation
+* `service/iam`: Updates service API, documentation, and examples
+ * IAM reports the timestamp when a role's credentials were last used to make an AWS request. This helps you identify unused roles and remove them confidently from your AWS accounts.
+* `service/iot`: Updates service API and documentation
+ * As part of this release, we are extending the capability of AWS IoT Rules Engine to send messages directly to customer's own web services/applications. Customers can now create topic rules with HTTP actions to route messages from IoT Core directly to URL's that they own. Ownership is proved by creating and confirming topic rule destinations.
+* `service/lambda`: Updates service API
+ * This release provides three new runtimes to support Node.js 12 (initially 12.13.0), Python 3.8 and Java 11.
+
+### SDK Enhancements
+* `aws/ec2metadata`: Adds support for EC2Metadata client to use secure tokens provided by the IMDS ([#2958](https://github.com/aws/aws-sdk-go/pull/2958))
+ * Modifies and adds tests to verify the behavior of the EC2Metadata client.
+
Release v1.25.37 (2019-11-18)
===
diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md
index 9c6b4f6d022..8a1927a39ca 100644
--- a/CHANGELOG_PENDING.md
+++ b/CHANGELOG_PENDING.md
@@ -1,7 +1,5 @@
### SDK Features
### SDK Enhancements
-* `aws/ec2metadata`: Adds support for EC2Metadata client to use secure tokens provided by the IMDS ([#2958](https://github.com/aws/aws-sdk-go/pull/2958))
- * Modifies and adds tests to verify the behavior of the EC2Metadata client.
-
+
### SDK Bugs
diff --git a/aws/endpoints/defaults.go b/aws/endpoints/defaults.go
index de07715d57a..48d4f12e48f 100644
--- a/aws/endpoints/defaults.go
+++ b/aws/endpoints/defaults.go
@@ -2826,6 +2826,10 @@ var awsPartition = partition{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
@@ -3525,6 +3529,10 @@ var awsPartition = partition{
Endpoints: endpoints{
"ap-northeast-1": endpoint{},
+ "ap-northeast-2": endpoint{},
+ "ap-southeast-1": endpoint{},
+ "ap-southeast-2": endpoint{},
+ "eu-central-1": endpoint{},
"eu-west-1": endpoint{},
"us-east-1": endpoint{},
"us-east-2": endpoint{},
diff --git a/aws/version.go b/aws/version.go
index 14898362cac..c220bd200b9 100644
--- a/aws/version.go
+++ b/aws/version.go
@@ -5,4 +5,4 @@ package aws
const SDKName = "aws-sdk-go"
// SDKVersion is the version of this SDK
-const SDKVersion = "1.25.37"
+const SDKVersion = "1.25.38"
diff --git a/models/apis/autoscaling/2011-01-01/api-2.json b/models/apis/autoscaling/2011-01-01/api-2.json
index bb8a88957bd..512f6095f2a 100644
--- a/models/apis/autoscaling/2011-01-01/api-2.json
+++ b/models/apis/autoscaling/2011-01-01/api-2.json
@@ -939,7 +939,8 @@
"Tags":{"shape":"TagDescriptionList"},
"TerminationPolicies":{"shape":"TerminationPolicies"},
"NewInstancesProtectedFromScaleIn":{"shape":"InstanceProtected"},
- "ServiceLinkedRoleARN":{"shape":"ResourceName"}
+ "ServiceLinkedRoleARN":{"shape":"ResourceName"},
+ "MaxInstanceLifetime":{"shape":"MaxInstanceLifetime"}
}
},
"AutoScalingGroupDesiredCapacity":{"type":"integer"},
@@ -981,13 +982,15 @@
],
"members":{
"InstanceId":{"shape":"XmlStringMaxLen19"},
+ "InstanceType":{"shape":"XmlStringMaxLen255"},
"AutoScalingGroupName":{"shape":"XmlStringMaxLen255"},
"AvailabilityZone":{"shape":"XmlStringMaxLen255"},
"LifecycleState":{"shape":"XmlStringMaxLen32"},
"HealthStatus":{"shape":"XmlStringMaxLen32"},
"LaunchConfigurationName":{"shape":"XmlStringMaxLen255"},
"LaunchTemplate":{"shape":"LaunchTemplateSpecification"},
- "ProtectedFromScaleIn":{"shape":"InstanceProtected"}
+ "ProtectedFromScaleIn":{"shape":"InstanceProtected"},
+ "WeightedCapacity":{"shape":"XmlStringMaxLen32"}
}
},
"AutoScalingInstances":{
@@ -1128,7 +1131,8 @@
"NewInstancesProtectedFromScaleIn":{"shape":"InstanceProtected"},
"LifecycleHookSpecificationList":{"shape":"LifecycleHookSpecifications"},
"Tags":{"shape":"Tags"},
- "ServiceLinkedRoleARN":{"shape":"ResourceName"}
+ "ServiceLinkedRoleARN":{"shape":"ResourceName"},
+ "MaxInstanceLifetime":{"shape":"MaxInstanceLifetime"}
}
},
"CreateLaunchConfigurationType":{
@@ -1564,12 +1568,14 @@
],
"members":{
"InstanceId":{"shape":"XmlStringMaxLen19"},
+ "InstanceType":{"shape":"XmlStringMaxLen255"},
"AvailabilityZone":{"shape":"XmlStringMaxLen255"},
"LifecycleState":{"shape":"LifecycleState"},
"HealthStatus":{"shape":"XmlStringMaxLen32"},
"LaunchConfigurationName":{"shape":"XmlStringMaxLen255"},
"LaunchTemplate":{"shape":"LaunchTemplateSpecification"},
- "ProtectedFromScaleIn":{"shape":"InstanceProtected"}
+ "ProtectedFromScaleIn":{"shape":"InstanceProtected"},
+ "WeightedCapacity":{"shape":"XmlStringMaxLen32"}
}
},
"InstanceIds":{
@@ -1687,7 +1693,8 @@
"LaunchTemplateOverrides":{
"type":"structure",
"members":{
- "InstanceType":{"shape":"XmlStringMaxLen255"}
+ "InstanceType":{"shape":"XmlStringMaxLen255"},
+ "WeightedCapacity":{"shape":"XmlStringMaxLen32"}
}
},
"LaunchTemplateSpecification":{
@@ -1804,6 +1811,7 @@
"type":"list",
"member":{"shape":"LoadBalancerTargetGroupState"}
},
+ "MaxInstanceLifetime":{"type":"integer"},
"MaxNumberOfAutoScalingGroups":{"type":"integer"},
"MaxNumberOfLaunchConfigurations":{"type":"integer"},
"MaxRecords":{"type":"integer"},
@@ -2387,7 +2395,8 @@
"VPCZoneIdentifier":{"shape":"XmlStringMaxLen2047"},
"TerminationPolicies":{"shape":"TerminationPolicies"},
"NewInstancesProtectedFromScaleIn":{"shape":"InstanceProtected"},
- "ServiceLinkedRoleARN":{"shape":"ResourceName"}
+ "ServiceLinkedRoleARN":{"shape":"ResourceName"},
+ "MaxInstanceLifetime":{"shape":"MaxInstanceLifetime"}
}
},
"Values":{
diff --git a/models/apis/autoscaling/2011-01-01/docs-2.json b/models/apis/autoscaling/2011-01-01/docs-2.json
index 99b7bf6b277..cf99a3c32be 100644
--- a/models/apis/autoscaling/2011-01-01/docs-2.json
+++ b/models/apis/autoscaling/2011-01-01/docs-2.json
@@ -3,7 +3,7 @@
"service": "
Amazon EC2 Auto Scaling is designed to automatically launch or terminate EC2 instances based on user-defined scaling policies, scheduled actions, and health checks. Use this service with AWS Auto Scaling, Amazon CloudWatch, and Elastic Load Balancing.
For more information, including information about granting IAM users required permissions for Amazon EC2 Auto Scaling actions, see the Amazon EC2 Auto Scaling User Guide.
", "operations": { "AttachInstances": "Attaches one or more EC2 instances to the specified Auto Scaling group.
When you attach instances, Amazon EC2 Auto Scaling increases the desired capacity of the group by the number of instances being attached. If the number of instances being attached plus the desired capacity of the group exceeds the maximum size of the group, the operation fails.
If there is a Classic Load Balancer attached to your Auto Scaling group, the instances are also registered with the load balancer. If there are target groups attached to your Auto Scaling group, the instances are also registered with the target groups.
For more information, see Attach EC2 Instances to Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
", - "AttachLoadBalancerTargetGroups": "Attaches one or more target groups to the specified Auto Scaling group.
To describe the target groups for an Auto Scaling group, use DescribeLoadBalancerTargetGroups. To detach the target group from the Auto Scaling group, use DetachLoadBalancerTargetGroups.
With Application Load Balancers and Network Load Balancers, instances are registered as targets with a target group. With Classic Load Balancers, instances are registered with the load balancer. For more information, see Attaching a Load Balancer to Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
", + "AttachLoadBalancerTargetGroups": "Attaches one or more target groups to the specified Auto Scaling group.
To describe the target groups for an Auto Scaling group, use DescribeLoadBalancerTargetGroups. To detach the target group from the Auto Scaling group, use DetachLoadBalancerTargetGroups.
With Application Load Balancers and Network Load Balancers, instances are registered as targets with a target group. With Classic Load Balancers, instances are registered with the load balancer. For more information, see Attaching a Load Balancer to Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
", "AttachLoadBalancers": "Attaches one or more Classic Load Balancers to the specified Auto Scaling group.
To attach an Application Load Balancer or a Network Load Balancer instead, see AttachLoadBalancerTargetGroups.
To describe the load balancers for an Auto Scaling group, use DescribeLoadBalancers. To detach the load balancer from the Auto Scaling group, use DetachLoadBalancers.
For more information, see Attaching a Load Balancer to Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
", "BatchDeleteScheduledAction": "Deletes one or more scheduled actions for the specified Auto Scaling group.
", "BatchPutScheduledUpdateGroupAction": "Creates or updates one or more scheduled scaling actions for an Auto Scaling group. If you leave a parameter unspecified when updating a scheduled scaling action, the corresponding value remains unchanged.
", @@ -33,7 +33,7 @@ "DescribePolicies": "Describes the policies for the specified Auto Scaling group.
", "DescribeScalingActivities": "Describes one or more scaling activities for the specified Auto Scaling group.
", "DescribeScalingProcessTypes": "Describes the scaling process types for use with ResumeProcesses and SuspendProcesses.
", - "DescribeScheduledActions": "Describes the actions scheduled for your Auto Scaling group that haven't run or that have not reached their end time. To describe the actions that have already run, use DescribeScalingActivities.
", + "DescribeScheduledActions": "Describes the actions scheduled for your Auto Scaling group that haven't run or that have not reached their end time. To describe the actions that have already run, use DescribeScalingActivities.
", "DescribeTags": "Describes the specified tags.
You can use filters to limit the results. For example, you can query for the tags for a specific Auto Scaling group. You can specify multiple values for a filter. A tag must match at least one of the specified values for it to be included in the results.
You can also specify multiple filters. The result includes information for a particular tag only if it matches all the filters. If there's no match, no special message is returned.
", "DescribeTerminationPolicyTypes": "Describes the termination policies supported by Amazon EC2 Auto Scaling.
For more information, see Controlling Which Auto Scaling Instances Terminate During Scale In in the Amazon EC2 Auto Scaling User Guide.
", "DetachInstances": "Removes one or more instances from the specified Auto Scaling group.
After the instances are detached, you can manage them independent of the Auto Scaling group.
If you do not specify the option to decrement the desired capacity, Amazon EC2 Auto Scaling launches instances to replace the ones that are detached.
If there is a Classic Load Balancer attached to the Auto Scaling group, the instances are deregistered from the load balancer. If there are target groups attached to the Auto Scaling group, the instances are deregistered from the target groups.
For more information, see Detach EC2 Instances from Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
", @@ -41,9 +41,9 @@ "DetachLoadBalancers": "Detaches one or more Classic Load Balancers from the specified Auto Scaling group.
This operation detaches only Classic Load Balancers. If you have Application Load Balancers or Network Load Balancers, use DetachLoadBalancerTargetGroups instead.
When you detach a load balancer, it enters the Removing
state while deregistering the instances in the group. When all instances are deregistered, then you can no longer describe the load balancer using DescribeLoadBalancers. The instances remain running.
Disables group metrics for the specified Auto Scaling group.
", "EnableMetricsCollection": "Enables group metrics for the specified Auto Scaling group. For more information, see Monitoring Your Auto Scaling Groups and Instances in the Amazon EC2 Auto Scaling User Guide.
", - "EnterStandby": "Moves the specified instances into the standby state.
For more information, see Temporarily Removing Instances from Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
", + "EnterStandby": "Moves the specified instances into the standby state.
If you choose to decrement the desired capacity of the Auto Scaling group, the instances can enter standby as long as the desired capacity of the Auto Scaling group after the instances are placed into standby is equal to or greater than the minimum capacity of the group.
If you choose not to decrement the desired capacity of the Auto Scaling group, the Auto Scaling group launches new instances to replace the instances on standby.
For more information, see Temporarily Removing Instances from Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
", "ExecutePolicy": "Executes the specified policy.
", - "ExitStandby": "Moves the specified instances out of the standby state.
For more information, see Temporarily Removing Instances from Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
", + "ExitStandby": "Moves the specified instances out of the standby state.
After you put the instances back in service, the desired capacity is incremented.
For more information, see Temporarily Removing Instances from Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
", "PutLifecycleHook": "Creates or updates a lifecycle hook for the specified Auto Scaling group.
A lifecycle hook tells Amazon EC2 Auto Scaling to perform an action on an instance when the instance launches (before it is put into service) or as the instance terminates (before it is fully terminated).
This step is a part of the procedure for adding a lifecycle hook to an Auto Scaling group:
(Optional) Create a Lambda function and a rule that allows CloudWatch Events to invoke your Lambda function when Amazon EC2 Auto Scaling launches or terminates instances.
(Optional) Create a notification target and an IAM role. The target can be either an Amazon SQS queue or an Amazon SNS topic. The role allows Amazon EC2 Auto Scaling to publish lifecycle notifications to the target.
Create the lifecycle hook. Specify whether the hook is used when the instances launch or terminate.
If you need more time, record the lifecycle action heartbeat to keep the instance in a pending state using RecordLifecycleActionHeartbeat.
If you finish before the timeout period ends, complete the lifecycle action using CompleteLifecycleAction.
For more information, see Amazon EC2 Auto Scaling Lifecycle Hooks in the Amazon EC2 Auto Scaling User Guide.
If you exceed your maximum limit of lifecycle hooks, which by default is 50 per Auto Scaling group, the call fails.
You can view the lifecycle hooks for an Auto Scaling group using DescribeLifecycleHooks. If you are no longer using a lifecycle hook, you can delete it using DeleteLifecycleHook.
", "PutNotificationConfiguration": "Configures an Auto Scaling group to send notifications when specified events take place. Subscribers to the specified topic can have messages delivered to an endpoint such as a web server or an email address.
This configuration overwrites any existing configuration.
For more information, see Getting Amazon SNS Notifications When Your Auto Scaling Group Scales in the Amazon EC2 Auto Scaling User Guide.
", "PutScalingPolicy": "Creates or updates a scaling policy for an Auto Scaling group. To update an existing scaling policy, use the existing policy name and set the parameters to change. Any existing parameter not changed in an update to an existing policy is not changed in this update request.
For more information about using scaling policies to scale your Auto Scaling group automatically, see Dynamic Scaling in the Amazon EC2 Auto Scaling User Guide.
", @@ -55,7 +55,7 @@ "SetInstanceProtection": "Updates the instance protection settings of the specified instances.
For more information about preventing instances that are part of an Auto Scaling group from terminating on scale in, see Instance Protection in the Amazon EC2 Auto Scaling User Guide.
", "SuspendProcesses": "Suspends the specified automatic scaling processes, or all processes, for the specified Auto Scaling group.
If you suspend either the Launch
or Terminate
process types, it can prevent other process types from functioning properly.
To resume processes that have been suspended, use ResumeProcesses.
For more information, see Suspending and Resuming Scaling Processes in the Amazon EC2 Auto Scaling User Guide.
", "TerminateInstanceInAutoScalingGroup": "Terminates the specified instance and optionally adjusts the desired group size.
This call simply makes a termination request. The instance is not terminated immediately.
", - "UpdateAutoScalingGroup": "Updates the configuration for the specified Auto Scaling group.
To update an Auto Scaling group, specify the name of the group and the parameter that you want to change. Any parameters that you don't specify are not changed by this update request. The new settings take effect on any scaling activities after this call returns. Scaling activities that are currently in progress aren't affected.
If you associate a new launch configuration or template with an Auto Scaling group, all new instances will get the updated configuration. Existing instances continue to run with the configuration that they were originally launched with. When you update a group to specify a mixed instances policy instead of a launch configuration or template, existing instances may be replaced to match the new purchasing options that you specified in the policy. For example, if the group currently has 100% On-Demand capacity and the policy specifies 50% Spot capacity, this means that half of your instances will be gradually terminated and relaunched as Spot Instances. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the old ones, so that updating your group does not compromise the performance or availability of your application.
Note the following about changing DesiredCapacity
, MaxSize
, or MinSize
:
If a scale-in event occurs as a result of a new DesiredCapacity
value that is lower than the current size of the group, the Auto Scaling group uses its termination policy to determine which instances to terminate.
If you specify a new value for MinSize
without specifying a value for DesiredCapacity
, and the new MinSize
is larger than the current size of the group, this sets the group's DesiredCapacity
to the new MinSize
value.
If you specify a new value for MaxSize
without specifying a value for DesiredCapacity
, and the new MaxSize
is smaller than the current size of the group, this sets the group's DesiredCapacity
to the new MaxSize
value.
To see which parameters have been set, use DescribeAutoScalingGroups. You can also view the scaling policies for an Auto Scaling group using DescribePolicies. If the group has scaling policies, you can update them using PutScalingPolicy.
" + "UpdateAutoScalingGroup": "Updates the configuration for the specified Auto Scaling group.
To update an Auto Scaling group, specify the name of the group and the parameter that you want to change. Any parameters that you don't specify are not changed by this update request. The new settings take effect on any scaling activities after this call returns.
If you associate a new launch configuration or template with an Auto Scaling group, all new instances will get the updated configuration. Existing instances continue to run with the configuration that they were originally launched with. When you update a group to specify a mixed instances policy instead of a launch configuration or template, existing instances may be replaced to match the new purchasing options that you specified in the policy. For example, if the group currently has 100% On-Demand capacity and the policy specifies 50% Spot capacity, this means that half of your instances will be gradually terminated and relaunched as Spot Instances. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the old ones, so that updating your group does not compromise the performance or availability of your application.
Note the following about changing DesiredCapacity
, MaxSize
, or MinSize
:
If a scale-in event occurs as a result of a new DesiredCapacity
value that is lower than the current size of the group, the Auto Scaling group uses its termination policy to determine which instances to terminate.
If you specify a new value for MinSize
without specifying a value for DesiredCapacity
, and the new MinSize
is larger than the current size of the group, this sets the group's DesiredCapacity
to the new MinSize
value.
If you specify a new value for MaxSize
without specifying a value for DesiredCapacity
, and the new MaxSize
is smaller than the current size of the group, this sets the group's DesiredCapacity
to the new MaxSize
value.
To see which parameters have been set, use DescribeAutoScalingGroups. You can also view the scaling policies for an Auto Scaling group using DescribePolicies. If the group has scaling policies, you can update them using PutScalingPolicy.
" }, "shapes": { "Activities": { @@ -136,7 +136,7 @@ "base": null, "refs": { "CreateLaunchConfigurationType$AssociatePublicIpAddress": "For Auto Scaling groups that are running in a virtual private cloud (VPC), specifies whether to assign a public IP address to the group's instances. If you specify true
, each instance in the Auto Scaling group receives a unique public IP address. For more information, see Launching Auto Scaling Instances in a VPC in the Amazon EC2 Auto Scaling User Guide.
If you specify this parameter, you must specify at least one subnet for VPCZoneIdentifier
when you create your group.
If the instance is launched into a default subnet, the default is to assign a public IP address, unless you disabled the option to assign a public IP address on the subnet. If the instance is launched into a nondefault subnet, the default is not to assign a public IP address, unless you enabled the option to assign a public IP address on the subnet.
For Auto Scaling groups that are running in a VPC, specifies whether to assign a public IP address to the group's instances.
For more information, see Launching Auto Scaling Instances in a VPC in the Amazon EC2 Auto Scaling User Guide.
" + "LaunchConfiguration$AssociatePublicIpAddress": "For Auto Scaling groups that are running in a VPC, specifies whether to assign a public IP address to the group's instances.
For more information, see Launching Auto Scaling Instances in a VPC in the Amazon EC2 Auto Scaling User Guide.
" } }, "AttachInstancesQuery": { @@ -207,7 +207,7 @@ "AutoScalingGroupNames": { "base": null, "refs": { - "AutoScalingGroupNamesType$AutoScalingGroupNames": "The names of the Auto Scaling groups. Each name can be a maximum of 1600 characters. By default, you can only specify up to 50 names. You can optionally increase this limit using the MaxRecords
parameter.
If you omit this parameter, all Auto Scaling groups are described.
", + "AutoScalingGroupNamesType$AutoScalingGroupNames": "The names of the Auto Scaling groups. Each name can be a maximum of 1600 characters. By default, you can only specify up to 50 names. You can optionally increase this limit using the MaxRecords
parameter.
If you omit this parameter, all Auto Scaling groups are described.
", "DescribeNotificationConfigurationsType$AutoScalingGroupNames": "The name of the Auto Scaling group.
" } }, @@ -289,7 +289,7 @@ "BlockDeviceEbsEncrypted": { "base": null, "refs": { - "Ebs$Encrypted": "Specifies whether the volume should be encrypted. Encrypted EBS volumes can only be attached to instances that support Amazon EBS encryption. For more information, see Supported Instance Types. If your AMI uses encrypted volumes, you can also only launch it on supported instance types.
If you are creating a volume from a snapshot, you cannot specify an encryption value. Volumes that are created from encrypted snapshots are automatically encrypted, and volumes that are created from unencrypted snapshots are automatically unencrypted. By default, encrypted snapshots use the AWS managed CMK that is used for EBS encryption, but you can specify a custom CMK when you create the snapshot. The ability to encrypt a snapshot during copying also allows you to apply a new CMK to an already-encrypted snapshot. Volumes restored from the resulting copy are only accessible using the new CMK.
Enabling encryption by default results in all EBS volumes being encrypted with the AWS managed CMK or a customer managed CMK, whether or not the snapshot was encrypted.
For more information, see Using Encryption with EBS-Backed AMIs in the Amazon EC2 User Guide for Linux Instances and Required CMK Key Policy for Use with Encrypted Volumes in the Amazon EC2 Auto Scaling User Guide.
" + "Ebs$Encrypted": "Specifies whether the volume should be encrypted. Encrypted EBS volumes can only be attached to instances that support Amazon EBS encryption. For more information, see Supported Instance Types. If your AMI uses encrypted volumes, you can also only launch it on supported instance types.
If you are creating a volume from a snapshot, you cannot specify an encryption value. Volumes that are created from encrypted snapshots are automatically encrypted, and volumes that are created from unencrypted snapshots are automatically unencrypted. By default, encrypted snapshots use the AWS managed CMK that is used for EBS encryption, but you can specify a custom CMK when you create the snapshot. The ability to encrypt a snapshot during copying also allows you to apply a new CMK to an already-encrypted snapshot. Volumes restored from the resulting copy are only accessible using the new CMK.
Enabling encryption by default results in all EBS volumes being encrypted with the AWS managed CMK or a customer managed CMK, whether or not the snapshot was encrypted.
For more information, see Using Encryption with EBS-Backed AMIs in the Amazon EC2 User Guide for Linux Instances and Required CMK Key Policy for Use with Encrypted Volumes in the Amazon EC2 Auto Scaling User Guide.
" } }, "BlockDeviceEbsIops": { @@ -301,13 +301,13 @@ "BlockDeviceEbsVolumeSize": { "base": null, "refs": { - "Ebs$VolumeSize": "The volume size, in Gibibytes (GiB).
This can be a number from 1-1,024 for standard
, 4-16,384 for io1
, 1-16,384 for gp2
, and 500-16,384 for st1
and sc1
. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.
Default: If you create a volume from a snapshot and you don't specify a volume size, the default is the snapshot size.
At least one of VolumeSize or SnapshotId is required.
The volume size, in Gibibytes (GiB).
This can be a number from 1-1,024 for standard
, 4-16,384 for io1
, 1-16,384 for gp2
, and 500-16,384 for st1
and sc1
. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.
Default: If you create a volume from a snapshot and you don't specify a volume size, the default is the snapshot size.
At least one of VolumeSize or SnapshotId is required.
The volume type, which can be standard
for Magnetic, io1
for Provisioned IOPS SSD, gp2
for General Purpose SSD, st1
for Throughput Optimized HDD, or sc1
for Cold HDD. For more information, see Amazon EBS Volume Types in the Amazon EC2 User Guide for Linux Instances.
Valid values: standard
| io1
| gp2
| st1
| sc1
The volume type, which can be standard
for Magnetic, io1
for Provisioned IOPS SSD, gp2
for General Purpose SSD, st1
for Throughput Optimized HDD, or sc1
for Cold HDD. For more information, see Amazon EBS Volume Types in the Amazon EC2 User Guide for Linux Instances.
Valid Values: standard
| io1
| gp2
| st1
| sc1
The IDs of one or more security groups for the specified ClassicLink-enabled VPC. For more information, see ClassicLink in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic Instances to a VPC in the Amazon EC2 Auto Scaling User Guide.
If you specify the ClassicLinkVPCId
parameter, you must specify this parameter.
The IDs of one or more security groups for the VPC specified in ClassicLinkVPCId
.
For more information, see ClassicLink in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic Instances to a VPC in the Amazon EC2 Auto Scaling User Guide.
" + "CreateLaunchConfigurationType$ClassicLinkVPCSecurityGroups": "The IDs of one or more security groups for the specified ClassicLink-enabled VPC. For more information, see ClassicLink in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic Instances to a VPC in the Amazon EC2 Auto Scaling User Guide.
If you specify the ClassicLinkVPCId
parameter, you must specify this parameter.
The IDs of one or more security groups for the VPC specified in ClassicLinkVPCId
.
For more information, see ClassicLink in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic Instances to a VPC in the Amazon EC2 Auto Scaling User Guide.
" } }, "CompleteLifecycleActionAnswer": { @@ -366,7 +366,7 @@ } }, "CustomizedMetricSpecification": { - "base": "Represents a CloudWatch metric of your choosing for a target tracking scaling policy to use with Amazon EC2 Auto Scaling.
To create your customized metric specification:
Add values for each required parameter from CloudWatch. You can use an existing metric, or a new metric that you create. To use your own metric, you must first publish the metric to CloudWatch. For more information, see Publish Custom Metrics in the Amazon CloudWatch User Guide.
Choose a metric that changes proportionally with capacity. The value of the metric should increase or decrease in inverse proportion to the number of capacity units. That is, the value of the metric should decrease when capacity increases.
For more information about CloudWatch, see Amazon CloudWatch Concepts.
", + "base": "Represents a CloudWatch metric of your choosing for a target tracking scaling policy to use with Amazon EC2 Auto Scaling.
To create your customized metric specification:
Add values for each required parameter from CloudWatch. You can use an existing metric, or a new metric that you create. To use your own metric, you must first publish the metric to CloudWatch. For more information, see Publish Custom Metrics in the Amazon CloudWatch User Guide.
Choose a metric that changes proportionally with capacity. The value of the metric should increase or decrease in inverse proportion to the number of capacity units. That is, the value of the metric should decrease when capacity increases.
For more information about CloudWatch, see Amazon CloudWatch Concepts.
", "refs": { "TargetTrackingConfiguration$CustomizedMetricSpecification": "A customized metric. You must specify either a predefined metric or a customized metric.
" } @@ -551,8 +551,8 @@ "EbsOptimized": { "base": null, "refs": { - "CreateLaunchConfigurationType$EbsOptimized": "Specifies whether the launch configuration is optimized for EBS I/O (true
) or not (false
). The optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization is not available with all instance types. Additional fees are incurred when you enable EBS optimization for an instance type that is not EBS-optimized by default. For more information, see Amazon EBS-Optimized Instances in the Amazon EC2 User Guide for Linux Instances.
The default value is false
.
Specifies whether the launch configuration is optimized for EBS I/O (true
) or not (false
).
For more information, see Amazon EBS-Optimized Instances in the Amazon EC2 User Guide for Linux Instances.
" + "CreateLaunchConfigurationType$EbsOptimized": "Specifies whether the launch configuration is optimized for EBS I/O (true
) or not (false
). The optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization is not available with all instance types. Additional fees are incurred when you enable EBS optimization for an instance type that is not EBS-optimized by default. For more information, see Amazon EBS-Optimized Instances in the Amazon EC2 User Guide for Linux Instances.
The default value is false
.
Specifies whether the launch configuration is optimized for EBS I/O (true
) or not (false
).
For more information, see Amazon EBS-Optimized Instances in the Amazon EC2 User Guide for Linux Instances.
" } }, "EnableMetricsCollectionQuery": { @@ -613,7 +613,7 @@ "FailedScheduledUpdateGroupActionRequests": { "base": null, "refs": { - "BatchDeleteScheduledActionAnswer$FailedScheduledActions": "The names of the scheduled actions that could not be deleted, including an error message.
", + "BatchDeleteScheduledActionAnswer$FailedScheduledActions": "The names of the scheduled actions that could not be deleted, including an error message.
", "BatchPutScheduledUpdateGroupActionAnswer$FailedScheduledUpdateGroupActions": "The names of the scheduled actions that could not be created or updated, including an error message.
" } }, @@ -684,8 +684,8 @@ "InstanceMonitoring": { "base": "Describes whether detailed monitoring is enabled for the Auto Scaling instances.
", "refs": { - "CreateLaunchConfigurationType$InstanceMonitoring": "Controls whether instances in this group are launched with detailed (true
) or basic (false
) monitoring.
The default value is true
(enabled).
When detailed monitoring is enabled, Amazon CloudWatch generates metrics every minute and your account is charged a fee. When you disable detailed monitoring, CloudWatch generates metrics every 5 minutes. For more information, see Configure Monitoring for Auto Scaling Instances in the Amazon EC2 Auto Scaling User Guide.
Controls whether instances in this group are launched with detailed (true
) or basic (false
) monitoring.
For more information, see Configure Monitoring for Auto Scaling Instances in the Amazon EC2 Auto Scaling User Guide.
" + "CreateLaunchConfigurationType$InstanceMonitoring": "Controls whether instances in this group are launched with detailed (true
) or basic (false
) monitoring.
The default value is true
(enabled).
When detailed monitoring is enabled, Amazon CloudWatch generates metrics every minute and your account is charged a fee. When you disable detailed monitoring, CloudWatch generates metrics every 5 minutes. For more information, see Configure Monitoring for Auto Scaling Instances in the Amazon EC2 Auto Scaling User Guide.
Controls whether instances in this group are launched with detailed (true
) or basic (false
) monitoring.
For more information, see Configure Monitoring for Auto Scaling Instances in the Amazon EC2 Auto Scaling User Guide.
" } }, "InstanceProtected": { @@ -705,9 +705,9 @@ } }, "InstancesDistribution": { - "base": "Describes an instances distribution for an Auto Scaling group with MixedInstancesPolicy.
The instances distribution specifies the distribution of On-Demand Instances and Spot Instances, the maximum price to pay for Spot Instances, and how the Auto Scaling group allocates instance types to fulfill On-Demand and Spot capacity.
", + "base": "Describes an instances distribution for an Auto Scaling group with MixedInstancesPolicy.
The instances distribution specifies the distribution of On-Demand Instances and Spot Instances, the maximum price to pay for Spot Instances, and how the Auto Scaling group allocates instance types to fulfill On-Demand and Spot capacity.
When you update SpotAllocationStrategy
, SpotInstancePools
, or SpotMaxPrice
, this update action does not deploy any changes across the running Amazon EC2 instances in the group. Your existing Spot Instances continue to run as long as the maximum price for those instances is higher than the current Spot price. When scale out occurs, Amazon EC2 Auto Scaling launches instances based on the new settings. When scale in occurs, Amazon EC2 Auto Scaling terminates instances according to the group's termination policies.
The instances distribution to use.
If you leave this parameter unspecified when creating a mixed instances policy, the default values are used.
" + "MixedInstancesPolicy$InstancesDistribution": "The instances distribution to use.
If you leave this parameter unspecified, the value for each parameter in InstancesDistribution
uses a default value.
Describes a launch template and overrides.
The overrides are used to override the instance type specified by the launch template with multiple instance types that can be used to launch On-Demand Instances and Spot Instances.
", + "base": "Describes a launch template and overrides.
The overrides are used to override the instance type specified by the launch template with multiple instance types that can be used to launch On-Demand Instances and Spot Instances.
When you update the launch template or overrides, existing Amazon EC2 instances continue to run. When scale out occurs, Amazon EC2 Auto Scaling launches instances to match the new settings. When scale in occurs, Amazon EC2 Auto Scaling terminates instances according to the group's termination policies.
", "refs": { "MixedInstancesPolicy$LaunchTemplate": "The launch template and instance types (overrides).
This parameter must be specified when creating a mixed instances policy.
" } @@ -761,7 +761,7 @@ } }, "LaunchTemplateOverrides": { - "base": "Describes an override for a launch template.
", + "base": "Describes an override for a launch template.
", "refs": { "Overrides$member": null } @@ -773,7 +773,7 @@ "AutoScalingInstanceDetails$LaunchTemplate": "The launch template for the instance.
", "CreateAutoScalingGroupType$LaunchTemplate": "The launch template to use to launch instances.
For more information, see LaunchTemplateSpecification in the Amazon EC2 Auto Scaling API Reference.
If you do not specify LaunchTemplate
, you must specify one of the following parameters: InstanceId
, LaunchConfigurationName
, or MixedInstancesPolicy
.
The launch template for the instance.
", - "LaunchTemplate$LaunchTemplateSpecification": "The launch template to use. You must specify either the launch template ID or launch template name in the request.
", + "LaunchTemplate$LaunchTemplateSpecification": "The launch template to use. You must specify either the launch template ID or launch template name in the request.
", "UpdateAutoScalingGroupType$LaunchTemplate": "The launch template and version to use to specify the updates. If you specify LaunchTemplate
in your update request, you can't specify LaunchConfigurationName
or MixedInstancesPolicy
.
For more information, see LaunchTemplateSpecification in the Amazon EC2 Auto Scaling API Reference.
" } }, @@ -875,6 +875,14 @@ "DescribeLoadBalancerTargetGroupsResponse$LoadBalancerTargetGroups": "Information about the target groups.
" } }, + "MaxInstanceLifetime": { + "base": null, + "refs": { + "AutoScalingGroup$MaxInstanceLifetime": "The maximum amount of time, in seconds, that an instance can be in service.
Valid Range: Minimum value of 604800.
", + "CreateAutoScalingGroupType$MaxInstanceLifetime": "The maximum amount of time, in seconds, that an instance can be in service.
Valid Range: Minimum value of 604800.
", + "UpdateAutoScalingGroupType$MaxInstanceLifetime": "The maximum amount of time, in seconds, that an instance can be in service.
Valid Range: Minimum value of 604800.
" + } + }, "MaxNumberOfAutoScalingGroups": { "base": null, "refs": { @@ -890,7 +898,7 @@ "MaxRecords": { "base": null, "refs": { - "AutoScalingGroupNamesType$MaxRecords": "The maximum number of items to return with this call. The default value is 50
and the maximum value is 100
.
The maximum number of items to return with this call. The default value is 50
and the maximum value is 100
.
The maximum number of items to return with this call. The default value is 50
and the maximum value is 50
.
The maximum number of items to return with this call. The default value is 100
and the maximum value is 100
.
The maximum number of items to return with this call. The default value is 100
and the maximum value is 100
.
The metric type.
" + "PredefinedMetricSpecification$PredefinedMetricType": "The metric type. The following predefined metrics are available:
ASGAverageCPUUtilization
- Average CPU utilization of the Auto Scaling group.
ASGAverageNetworkIn
- Average number of bytes received on all network interfaces by the Auto Scaling group.
ASGAverageNetworkOut
- Average number of bytes sent out on all network interfaces by the Auto Scaling group.
ALBRequestCountPerTarget
- Number of requests completed per target in an Application Load Balancer target group.
Describes a mixed instances policy for an Auto Scaling group. With mixed instances, your Auto Scaling group can provision a combination of On-Demand Instances and Spot Instances across multiple instance types. For more information, see Auto Scaling Groups with Multiple Instance Types and Purchase Options in the Amazon EC2 Auto Scaling User Guide.
You can create a mixed instances policy for a new Auto Scaling group, or you can create it for an existing group by updating the group to specify MixedInstancesPolicy
as the top-level parameter instead of a launch configuration or template. For more information, see CreateAutoScalingGroup and UpdateAutoScalingGroup.
The mixed instances policy for the group.
", + "AutoScalingGroup$MixedInstancesPolicy": "The mixed instances policy for the group.
", "CreateAutoScalingGroupType$MixedInstancesPolicy": "An embedded object that specifies a mixed instances policy. The required parameters must be specified. If optional parameters are unspecified, their default values are used.
The policy includes parameters that not only define the distribution of On-Demand Instances and Spot Instances, the maximum price to pay for Spot Instances, and how the Auto Scaling group allocates instance types to fulfill On-Demand and Spot capacity, but also the parameters that specify the instance configuration information—the launch template and instance types.
For more information, see MixedInstancesPolicy in the Amazon EC2 Auto Scaling API Reference and Auto Scaling Groups with Multiple Instance Types and Purchase Options in the Amazon EC2 Auto Scaling User Guide.
You must specify one of the following parameters in your request: LaunchConfigurationName
, LaunchTemplate
, InstanceId
, or MixedInstancesPolicy
.
An embedded object that specifies a mixed instances policy.
In your call to UpdateAutoScalingGroup
, you can make changes to the policy that is specified. All optional parameters are left unchanged if not specified.
For more information, see MixedInstancesPolicy in the Amazon EC2 Auto Scaling API Reference and Auto Scaling Groups with Multiple Instance Types and Purchase Options in the Amazon EC2 Auto Scaling User Guide.
" } @@ -1071,19 +1079,19 @@ "OnDemandBaseCapacity": { "base": null, "refs": { - "InstancesDistribution$OnDemandBaseCapacity": "The minimum amount of the Auto Scaling group's capacity that must be fulfilled by On-Demand Instances. This base portion is provisioned first as your group scales.
The default value is 0
. If you leave this parameter set to 0
, On-Demand Instances are launched as a percentage of the Auto Scaling group's desired capacity, per the OnDemandPercentageAboveBaseCapacity
setting.
The minimum amount of the Auto Scaling group's capacity that must be fulfilled by On-Demand Instances. This base portion is provisioned first as your group scales.
Default if not set is 0. If you leave it set to 0, On-Demand Instances are launched as a percentage of the Auto Scaling group's desired capacity, per the OnDemandPercentageAboveBaseCapacity
setting.
An update to this setting means a gradual replacement of instances to maintain the specified number of On-Demand Instances for your base capacity. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the old ones.
Controls the percentages of On-Demand Instances and Spot Instances for your additional capacity beyond OnDemandBaseCapacity
. The range is 0–100.
The default value is 100
. If you leave this parameter set to 100
, the percentages are 100% for On-Demand Instances and 0% for Spot Instances.
Controls the percentages of On-Demand Instances and Spot Instances for your additional capacity beyond OnDemandBaseCapacity
.
Default if not set is 100. If you leave it set to 100, the percentages are 100% for On-Demand Instances and 0% for Spot Instances.
An update to this setting means a gradual replacement of instances to maintain the percentage of On-Demand Instances for your additional capacity above the base capacity. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the old ones.
Valid Range: Minimum value of 0. Maximum value of 100.
" } }, "Overrides": { "base": null, "refs": { - "LaunchTemplate$Overrides": "Any parameters that you specify override the same parameters in the launch template. Currently, the only supported override is instance type. You must specify between 2 and 20 overrides.
" + "LaunchTemplate$Overrides": "An optional setting. Any parameters that you specify override the same parameters in the launch template. Currently, the only supported override is instance type. You can specify between 1 and 20 instance types.
" } }, "PoliciesType": { @@ -1099,7 +1107,7 @@ "PolicyIncrement": { "base": null, "refs": { - "PutScalingPolicyType$ScalingAdjustment": "The amount by which a simple scaling policy scales the Auto Scaling group in response to an alarm breach. The adjustment is based on the value that you specified in the AdjustmentType
parameter (either an absolute number or a percentage). A positive value adds to the current capacity and a negative value subtracts from the current capacity. For exact capacity, you must specify a positive value.
Conditional: If you specify SimpleScaling
for the policy type, you must specify this parameter. (Not used with any other policy type.)
The amount by which a simple scaling policy scales the Auto Scaling group in response to an alarm breach. The adjustment is based on the value that you specified in the AdjustmentType
parameter (either an absolute number or a percentage). A positive value adds to the current capacity and a negative value subtracts from the current capacity. For exact capacity, you must specify a positive value.
Conditional: If you specify SimpleScaling
for the policy type, you must specify this parameter. (Not used with any other policy type.)
The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity.
", "StepAdjustment$ScalingAdjustment": "The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity.
" } @@ -1272,7 +1280,7 @@ "SetDesiredCapacityType$AutoScalingGroupName": "The name of the Auto Scaling group.
", "SetInstanceProtectionQuery$AutoScalingGroupName": "The name of the Auto Scaling group.
", "UpdateAutoScalingGroupType$AutoScalingGroupName": "The name of the Auto Scaling group.
", - "UpdateAutoScalingGroupType$LaunchConfigurationName": "The name of the launch configuration. If you specify LaunchConfigurationName
in your update request, you can't specify LaunchTemplate
or MixedInstancesPolicy
.
To update an Auto Scaling group with a launch configuration with InstanceMonitoring
set to false
, you must first disable the collection of group metrics. Otherwise, you get an error. If you have previously enabled the collection of group metrics, you can disable it using DisableMetricsCollection.
The name of the launch configuration. If you specify LaunchConfigurationName
in your update request, you can't specify LaunchTemplate
or MixedInstancesPolicy
.
The Amazon Resource Name (ARN) of the service-linked role that the Auto Scaling group uses to call other AWS services on your behalf. For more information, see Service-Linked Roles in the Amazon EC2 Auto Scaling User Guide.
" } }, @@ -1317,13 +1325,13 @@ } }, "ScheduledUpdateGroupAction": { - "base": "Describes a scheduled scaling action. Used in response to DescribeScheduledActions.
", + "base": "Describes a scheduled scaling action. Used in response to DescribeScheduledActions.
", "refs": { "ScheduledUpdateGroupActions$member": null } }, "ScheduledUpdateGroupActionRequest": { - "base": "Describes one or more scheduled scaling action updates for a specified Auto Scaling group. Used in combination with BatchPutScheduledUpdateGroupAction.
When updating a scheduled scaling action, all optional parameters are left unchanged if not specified.
", + "base": "Describes one or more scheduled scaling action updates for a specified Auto Scaling group. Used in combination with BatchPutScheduledUpdateGroupAction.
When updating a scheduled scaling action, all optional parameters are left unchanged if not specified.
", "refs": { "ScheduledUpdateGroupActionRequests$member": null } @@ -1331,7 +1339,7 @@ "ScheduledUpdateGroupActionRequests": { "base": null, "refs": { - "BatchPutScheduledUpdateGroupActionType$ScheduledUpdateGroupActions": "One or more scheduled actions. The maximum number allowed is 50.
" + "BatchPutScheduledUpdateGroupActionType$ScheduledUpdateGroupActions": "One or more scheduled actions. The maximum number allowed is 50.
" } }, "ScheduledUpdateGroupActions": { @@ -1344,7 +1352,7 @@ "base": null, "refs": { "CreateLaunchConfigurationType$SecurityGroups": "A list that contains the security groups to assign to the instances in the Auto Scaling group.
[EC2-VPC] Specify the security group IDs. For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.
[EC2-Classic] Specify either the security group names or the security group IDs. For more information, see Amazon EC2 Security Groups in the Amazon EC2 User Guide for Linux Instances.
", - "LaunchConfiguration$SecurityGroups": "A list that contains the security groups to assign to the instances in the Auto Scaling group.
For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.
" + "LaunchConfiguration$SecurityGroups": "A list that contains the security groups to assign to the instances in the Auto Scaling group.
For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.
" } }, "ServiceLinkedRoleFailure": { @@ -1389,14 +1397,14 @@ "SpotInstancePools": { "base": null, "refs": { - "InstancesDistribution$SpotInstancePools": "The number of Spot Instance pools across which to allocate your Spot Instances. The Spot pools are determined from the different instance types in the Overrides array of LaunchTemplate. The range is 1–20. The default value is 2
.
Valid only when the Spot allocation strategy is lowest-price
.
The number of Spot Instance pools across which to allocate your Spot Instances. The Spot pools are determined from the different instance types in the Overrides array of LaunchTemplate. Default if not set is 2.
Used only when the Spot allocation strategy is lowest-price
.
Valid Range: Minimum value of 1. Maximum value of 20.
" } }, "SpotPrice": { "base": null, "refs": { - "CreateLaunchConfigurationType$SpotPrice": "The maximum hourly price to be paid for any Spot Instance launched to fulfill the request. Spot Instances are launched when the price you specify exceeds the current Spot market price. For more information, see Launching Spot Instances in Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
If a Spot price is set, then the Auto Scaling group will only launch instances when the Spot price has been met, regardless of the setting in the Auto Scaling group's DesiredCapacity
.
When you change your Spot price by creating a new launch configuration, running instances will continue to run as long as the Spot price for those running instances is higher than the current Spot market price.
The maximum hourly price to be paid for any Spot Instance launched to fulfill the request. Spot Instances are launched when the price you specify exceeds the current Spot market price.
For more information, see Launching Spot Instances in Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
" + "CreateLaunchConfigurationType$SpotPrice": "The maximum hourly price to be paid for any Spot Instance launched to fulfill the request. Spot Instances are launched when the price you specify exceeds the current Spot price. For more information, see Launching Spot Instances in Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
When you change your maximum price by creating a new launch configuration, running instances will continue to run as long as the maximum price for those running instances is higher than the current Spot price.
The maximum hourly price to be paid for any Spot Instance launched to fulfill the request. Spot Instances are launched when the price you specify exceeds the current Spot price.
For more information, see Launching Spot Instances in Your Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide.
" } }, "StepAdjustment": { @@ -1511,7 +1519,7 @@ "LaunchConfiguration$CreatedTime": "The creation date and time for the launch configuration.
", "PutScheduledUpdateGroupActionType$Time": "This parameter is no longer used.
", "PutScheduledUpdateGroupActionType$StartTime": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, \"2019-06-01T00:00:00Z\"
).
If you specify Recurrence
and StartTime
, Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.
If you try to schedule your action in the past, Amazon EC2 Auto Scaling returns an error message.
", - "PutScheduledUpdateGroupActionType$EndTime": "The date and time for the recurring schedule to end. Amazon EC2 Auto Scaling does not perform the action after this time.
", + "PutScheduledUpdateGroupActionType$EndTime": "The date and time for the recurring schedule to end. Amazon EC2 Auto Scaling does not perform the action after this time.
", "ScheduledUpdateGroupAction$Time": "This parameter is no longer used.
", "ScheduledUpdateGroupAction$StartTime": "The date and time in UTC for this action to start. For example, \"2019-06-01T00:00:00Z\"
.
The date and time in UTC for the recurring schedule to end. For example, \"2019-06-01T00:00:00Z\"
.
The token for the next set of items to return. (You received this token from a previous call.)
", "FailedScheduledUpdateGroupActionRequest$ErrorMessage": "The error message accompanying the error code.
", "Filter$Name": "The name of the filter. The valid values are: \"auto-scaling-group\"
, \"key\"
, \"value\"
, and \"propagate-at-launch\"
.
Indicates how to allocate instance types to fulfill On-Demand capacity.
The only valid value is prioritized
, which is also the default value. This strategy uses the order of instance type overrides for the LaunchTemplate to define the launch priority of each instance type. The first instance type in the array is prioritized higher than the last. If all your On-Demand capacity cannot be fulfilled using your highest priority instance, then the Auto Scaling groups launches the remaining capacity using the second priority instance type, and so on.
Indicates how to allocate instances across Spot Instance pools.
If the allocation strategy is lowest-price
, the Auto Scaling group launches instances using the Spot pools with the lowest price, and evenly allocates your instances across the number of Spot pools that you specify. If the allocation strategy is capacity-optimized
, the Auto Scaling group launches instances using Spot pools that are optimally chosen based on the available Spot capacity.
The default Spot allocation strategy for calls that you make through the API, the AWS CLI, or the AWS SDKs is lowest-price
. The default Spot allocation strategy for the AWS Management Console is capacity-optimized
.
Valid values: lowest-price
| capacity-optimized
Indicates how to allocate instance types to fulfill On-Demand capacity.
The only valid value is prioritized
, which is also the default value. This strategy uses the order of instance type overrides for the LaunchTemplate to define the launch priority of each instance type. The first instance type in the array is prioritized higher than the last. If all your On-Demand capacity cannot be fulfilled using your highest priority instance, then the Auto Scaling groups launches the remaining capacity using the second priority instance type, and so on.
Indicates how to allocate instances across Spot Instance pools.
If the allocation strategy is lowest-price
, the Auto Scaling group launches instances using the Spot pools with the lowest price, and evenly allocates your instances across the number of Spot pools that you specify. If the allocation strategy is capacity-optimized
, the Auto Scaling group launches instances using Spot pools that are optimally chosen based on the available Spot capacity.
The default Spot allocation strategy for calls that you make through the API, the AWS CLI, or the AWS SDKs is lowest-price
. The default Spot allocation strategy for the AWS Management Console is capacity-optimized
.
Valid values: lowest-price
| capacity-optimized
The token for the next set of items to return. (You received this token from a previous call.)
", "LaunchConfigurationsType$NextToken": "A string that indicates that the response contains more items than can be returned in a single response. To receive additional items, specify this string for the NextToken
value when requesting the next set of items. This value is null when there are no more items to return.
A string that indicates that the response contains more items than can be returned in a single response. To receive additional items, specify this string for the NextToken
value when requesting the next set of items. This value is null when there are no more items to return.
The reason the activity began.
", "LifecycleHook$NotificationMetadata": "Additional information that is included any time Amazon EC2 Auto Scaling sends a message to the notification target.
", "LifecycleHookSpecification$NotificationMetadata": "Additional information that you want to include any time Amazon EC2 Auto Scaling sends a message to the notification target.
", - "PredefinedMetricSpecification$ResourceLabel": "Identifies the resource associated with the metric type. The following predefined metrics are available:
ASGAverageCPUUtilization
- Average CPU utilization of the Auto Scaling group.
ASGAverageNetworkIn
- Average number of bytes received on all network interfaces by the Auto Scaling group.
ASGAverageNetworkOut
- Average number of bytes sent out on all network interfaces by the Auto Scaling group.
ALBRequestCountPerTarget
- Number of requests completed per target in an Application Load Balancer target group.
For predefined metric types ASGAverageCPUUtilization
, ASGAverageNetworkIn
, and ASGAverageNetworkOut
, the parameter must not be specified as the resource associated with the metric type is the Auto Scaling group. For predefined metric type ALBRequestCountPerTarget
, the parameter must be specified in the format: app/load-balancer-name/load-balancer-id/targetgroup/target-group-name/target-group-id
, where app/load-balancer-name/load-balancer-id
is the final portion of the load balancer ARN, and targetgroup/target-group-name/target-group-id
is the final portion of the target group ARN. The target group must be attached to the Auto Scaling group.
Identifies the resource associated with the metric type. You can't specify a resource label unless the metric type is ALBRequestCountPerTarget
and there is a target group attached to the Auto Scaling group.
The format is app/load-balancer-name/load-balancer-id/targetgroup/target-group-name/target-group-id
, where
app/load-balancer-name/load-balancer-id
is the final portion of the load balancer ARN, and
targetgroup/target-group-name/target-group-id
is the final portion of the target group ARN.
Additional information that you want to include any time Amazon EC2 Auto Scaling sends a message to the notification target.
" } }, "XmlStringMaxLen1600": { "base": null, "refs": { - "CreateLaunchConfigurationType$IamInstanceProfile": "The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role.
For more information, see IAM Role for Applications That Run on Amazon EC2 Instances in the Amazon EC2 Auto Scaling User Guide.
", - "LaunchConfiguration$IamInstanceProfile": "The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role.
For more information, see IAM Role for Applications That Run on Amazon EC2 Instances in the Amazon EC2 Auto Scaling User Guide.
", + "CreateLaunchConfigurationType$IamInstanceProfile": "The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role.
For more information, see IAM Role for Applications That Run on Amazon EC2 Instances in the Amazon EC2 Auto Scaling User Guide.
", + "LaunchConfiguration$IamInstanceProfile": "The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role.
For more information, see IAM Role for Applications That Run on Amazon EC2 Instances in the Amazon EC2 Auto Scaling User Guide.
", "TerminationPolicies$member": null } }, @@ -1621,6 +1629,7 @@ "AutoScalingGroup$LaunchConfigurationName": "The name of the associated launch configuration.
", "AutoScalingGroup$PlacementGroup": "The name of the placement group into which to launch your instances, if any.
", "AutoScalingGroup$Status": "The current state of the group when DeleteAutoScalingGroup is in progress.
", + "AutoScalingInstanceDetails$InstanceType": "The instance type of the EC2 instance.
", "AutoScalingInstanceDetails$AutoScalingGroupName": "The name of the Auto Scaling group for the instance.
", "AutoScalingInstanceDetails$AvailabilityZone": "The Availability Zone for the instance.
", "AutoScalingInstanceDetails$LaunchConfigurationName": "The launch configuration used to launch the instance. This value is not available if you attached the instance to the Auto Scaling group.
", @@ -1634,26 +1643,27 @@ "CreateLaunchConfigurationType$LaunchConfigurationName": "The name of the launch configuration. This name must be unique per Region per account.
", "CreateLaunchConfigurationType$ImageId": "The ID of the Amazon Machine Image (AMI) that was assigned during registration. For more information, see Finding an AMI in the Amazon EC2 User Guide for Linux Instances.
If you do not specify InstanceId
, you must specify ImageId
.
The name of the key pair. For more information, see Amazon EC2 Key Pairs in the Amazon EC2 User Guide for Linux Instances.
", - "CreateLaunchConfigurationType$ClassicLinkVPCId": "The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to. For more information, see ClassicLink in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic Instances to a VPC in the Amazon EC2 Auto Scaling User Guide.
This parameter can only be used if you are launching EC2-Classic instances.
", + "CreateLaunchConfigurationType$ClassicLinkVPCId": "The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to. For more information, see ClassicLink in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic Instances to a VPC in the Amazon EC2 Auto Scaling User Guide.
This parameter can only be used if you are launching EC2-Classic instances.
", "CreateLaunchConfigurationType$InstanceType": "Specifies the instance type of the EC2 instance.
For information about available instance types, see Available Instance Types in the Amazon EC2 User Guide for Linux Instances.
If you do not specify InstanceId
, you must specify InstanceType
.
The ID of the kernel associated with the AMI.
", "CreateLaunchConfigurationType$RamdiskId": "The ID of the RAM disk to select.
", - "Ebs$SnapshotId": "The snapshot ID of the volume to use.
Conditional: This parameter is optional if you specify a volume size. If you specify both SnapshotId
and VolumeSize
, VolumeSize
must be equal or greater than the size of the snapshot.
The snapshot ID of the volume to use.
Conditional: This parameter is optional if you specify a volume size. If you specify both SnapshotId
and VolumeSize
, VolumeSize
must be equal or greater than the size of the snapshot.
The granularity to associate with the metrics to collect. The only valid value is 1Minute
.
One of the following metrics:
GroupMinSize
GroupMaxSize
GroupDesiredCapacity
GroupInServiceInstances
GroupPendingInstances
GroupStandbyInstances
GroupTerminatingInstances
GroupTotalInstances
The granularity of the metric. The only valid value is 1Minute
.
The name of the scheduled action.
", + "Instance$InstanceType": "The instance type of the EC2 instance.
", "Instance$AvailabilityZone": "The Availability Zone in which the instance is running.
", "Instance$LaunchConfigurationName": "The launch configuration associated with the instance.
", "InvalidNextToken$message": "", "LaunchConfiguration$LaunchConfigurationName": "The name of the launch configuration.
", - "LaunchConfiguration$ImageId": "The ID of the Amazon Machine Image (AMI) to use to launch your EC2 instances.
For more information, see Finding an AMI in the Amazon EC2 User Guide for Linux Instances.
", + "LaunchConfiguration$ImageId": "The ID of the Amazon Machine Image (AMI) to use to launch your EC2 instances.
For more information, see Finding an AMI in the Amazon EC2 User Guide for Linux Instances.
", "LaunchConfiguration$KeyName": "The name of the key pair.
For more information, see Amazon EC2 Key Pairs in the Amazon EC2 User Guide for Linux Instances.
", - "LaunchConfiguration$ClassicLinkVPCId": "The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to.
For more information, see ClassicLink in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic Instances to a VPC in the Amazon EC2 Auto Scaling User Guide.
", + "LaunchConfiguration$ClassicLinkVPCId": "The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to.
For more information, see ClassicLink in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic Instances to a VPC in the Amazon EC2 Auto Scaling User Guide.
", "LaunchConfiguration$InstanceType": "The instance type for the instances.
For information about available instance types, see Available Instance Types in the Amazon EC2 User Guide for Linux Instances.
", "LaunchConfiguration$KernelId": "The ID of the kernel associated with the AMI.
", "LaunchConfiguration$RamdiskId": "The ID of the RAM disk associated with the AMI.
", - "LaunchTemplateOverrides$InstanceType": "The instance type.
For information about available instance types, see Available Instance Types in the Amazon Elastic Compute Cloud User Guide.
", + "LaunchTemplateOverrides$InstanceType": "The instance type.
For information about available instance types, see Available Instance Types in the Amazon Elastic Compute Cloud User Guide.
", "LaunchTemplateSpecification$LaunchTemplateId": "The ID of the launch template. You must specify either a template ID or a template name.
", "LaunchTemplateSpecification$Version": "The version number, $Latest
, or $Default
. If the value is $Latest
, Amazon EC2 Auto Scaling selects the latest version of the launch template when launching instances. If the value is $Default
, Amazon EC2 Auto Scaling selects the default version of the launch template when launching instances. The default value is $Default
.
The adjustment type, which specifies how ScalingAdjustment
is interpreted. The valid values are ChangeInCapacity
, ExactCapacity
, and PercentChangeInCapacity
.
The name of the Auto Scaling group.
", "ScheduledUpdateGroupAction$ScheduledActionName": "The name of the scheduled action.
", - "ScheduledUpdateGroupAction$Recurrence": "The recurring schedule for the action, in Unix cron syntax format.
When StartTime
and EndTime
are specified with Recurrence
, they form the boundaries of when the recurring action starts and stops.
The recurring schedule for the action, in Unix cron syntax format.
When StartTime
and EndTime
are specified with Recurrence
, they form the boundaries of when the recurring action starts and stops.
The name of the scaling action.
", "ScheduledUpdateGroupActionRequest$Recurrence": "The recurring schedule for the action, in Unix cron syntax format. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, \"30 0 1 1,6,12 *\"
). For more information about this format, see Crontab.
When StartTime
and EndTime
are specified with Recurrence
, they form the boundaries of when the recurring action starts and stops.
The service to use for the health checks. The valid values are EC2
and ELB
. If you configure an Auto Scaling group to use ELB health checks, it considers the instance unhealthy if it fails either the EC2 status checks or the load balancer health checks.
The lifecycle state for the instance.
", "AutoScalingInstanceDetails$HealthStatus": "The last reported health status of this instance. \"Healthy\" means that the instance is healthy and should remain in service. \"Unhealthy\" means that the instance is unhealthy and Amazon EC2 Auto Scaling should terminate and replace it.
", + "AutoScalingInstanceDetails$WeightedCapacity": "The number of capacity units contributed by the instance based on its instance type.
Valid Range: Minimum value of 1. Maximum value of 999.
", "CreateAutoScalingGroupType$HealthCheckType": "The service to use for the health checks. The valid values are EC2
and ELB
. The default value is EC2
. If you configure an Auto Scaling group to use ELB health checks, it considers the instance unhealthy if it fails either the EC2 status checks or the load balancer health checks.
For more information, see Health Checks for Auto Scaling Instances in the Amazon EC2 Auto Scaling User Guide.
", "Instance$HealthStatus": "The last reported health status of the instance. \"Healthy\" means that the instance is healthy and should remain in service. \"Unhealthy\" means that the instance is unhealthy and that Amazon EC2 Auto Scaling should terminate and replace it.
", + "Instance$WeightedCapacity": "The number of capacity units contributed by the instance based on its instance type.
Valid Range: Minimum value of 1. Maximum value of 999.
", + "LaunchTemplateOverrides$WeightedCapacity": "The number of capacity units, which gives the instance type a proportional weight to other instance types. For example, larger instance types are generally weighted more than smaller instance types. These are the same units that you chose to set the desired capacity in terms of instances, or a performance attribute such as vCPUs, memory, or I/O.
Valid Range: Minimum value of 1. Maximum value of 999.
", "PutScalingPolicyType$MetricAggregationType": "The aggregation type for the CloudWatch metrics. The valid values are Minimum
, Maximum
, and Average
. If the aggregation type is null, the value is treated as Average
.
Valid only if the policy type is StepScaling
.
The aggregation type for the CloudWatch metrics. The valid values are Minimum
, Maximum
, and Average
.
The health status of the instance. Set to Healthy
to have the instance remain in service. Set to Unhealthy
to have the instance be out of service. Amazon EC2 Auto Scaling terminates and replaces the unhealthy instance.
The tenancy of the instance. An instance with dedicated
tenancy runs on isolated, single-tenant hardware and can only be launched into a VPC.
To launch dedicated instances into a shared tenancy VPC (a VPC with the instance placement tenancy attribute set to default
), you must set the value of this parameter to dedicated
.
If you specify PlacementTenancy
, you must specify at least one subnet for VPCZoneIdentifier
when you create your group.
For more information, see Instance Placement Tenancy in the Amazon EC2 Auto Scaling User Guide.
Valid values: default
| dedicated
The tenancy of the instance. An instance with dedicated
tenancy runs on isolated, single-tenant hardware and can only be launched into a VPC.
To launch dedicated instances into a shared tenancy VPC (a VPC with the instance placement tenancy attribute set to default
), you must set the value of this parameter to dedicated
.
If you specify PlacementTenancy
, you must specify at least one subnet for VPCZoneIdentifier
when you create your group.
For more information, see Instance Placement Tenancy in the Amazon EC2 Auto Scaling User Guide.
Valid Values: default
| dedicated
The error code.
", "LaunchConfiguration$PlacementTenancy": "The tenancy of the instance, either default
or dedicated
. An instance with dedicated
tenancy runs on isolated, single-tenant hardware and can only be launched into a VPC.
For more information, see Instance Placement Tenancy in the Amazon EC2 Auto Scaling User Guide.
", "PolicyTypes$member": null, @@ -1724,7 +1737,7 @@ "base": null, "refs": { "CreateLaunchConfigurationType$UserData": "The Base64-encoded user data to make available to the launched EC2 instances. For more information, see Instance Metadata and User Data in the Amazon EC2 User Guide for Linux Instances.
", - "LaunchConfiguration$UserData": "The Base64-encoded user data to make available to the launched EC2 instances.
For more information, see Instance Metadata and User Data in the Amazon EC2 User Guide for Linux Instances.
" + "LaunchConfiguration$UserData": "The Base64-encoded user data to make available to the launched EC2 instances.
For more information, see Instance Metadata and User Data in the Amazon EC2 User Guide for Linux Instances.
" } } } diff --git a/models/apis/cloudformation/2010-05-15/api-2.json b/models/apis/cloudformation/2010-05-15/api-2.json index 0499b794075..f6c8345483a 100644 --- a/models/apis/cloudformation/2010-05-15/api-2.json +++ b/models/apis/cloudformation/2010-05-15/api-2.json @@ -390,6 +390,23 @@ "resultWrapper":"DetectStackResourceDriftResult" } }, + "DetectStackSetDrift":{ + "name":"DetectStackSetDrift", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DetectStackSetDriftInput"}, + "output":{ + "shape":"DetectStackSetDriftOutput", + "resultWrapper":"DetectStackSetDriftResult" + }, + "errors":[ + {"shape":"InvalidOperationException"}, + {"shape":"OperationInProgressException"}, + {"shape":"StackSetNotFoundException"} + ] + }, "EstimateTemplateCost":{ "name":"EstimateTemplateCost", "http":{ @@ -1497,6 +1514,24 @@ "StackResourceDrift":{"shape":"StackResourceDrift"} } }, + "DetectStackSetDriftInput":{ + "type":"structure", + "required":["StackSetName"], + "members":{ + "StackSetName":{"shape":"StackSetNameOrId"}, + "OperationPreferences":{"shape":"StackSetOperationPreferences"}, + "OperationId":{ + "shape":"ClientRequestToken", + "idempotencyToken":true + } + } + }, + "DetectStackSetDriftOutput":{ + "type":"structure", + "members":{ + "OperationId":{"shape":"ClientRequestToken"} + } + }, "DifferenceType":{ "type":"string", "enum":[ @@ -1506,6 +1541,10 @@ ] }, "DisableRollback":{"type":"boolean"}, + "DriftedStackInstancesCount":{ + "type":"integer", + "min":0 + }, "EnableTerminationProtection":{"type":"boolean"}, "ErrorMessage":{ "type":"string", @@ -1579,6 +1618,10 @@ "type":"list", "member":{"shape":"Export"} }, + "FailedStackInstancesCount":{ + "type":"integer", + "min":0 + }, "FailureToleranceCount":{ "type":"integer", "min":0 @@ -1662,6 +1705,14 @@ "type":"list", "member":{"shape":"StackName"} }, + "InProgressStackInstancesCount":{ + "type":"integer", + "min":0 + }, + "InSyncStackInstancesCount":{ + "type":"integer", + "min":0 + }, "InsufficientCapabilitiesException":{ "type":"structure", "members":{ @@ -2590,7 +2641,9 @@ "StackId":{"shape":"StackId"}, "ParameterOverrides":{"shape":"Parameters"}, "Status":{"shape":"StackInstanceStatus"}, - "StatusReason":{"shape":"Reason"} + "StatusReason":{"shape":"Reason"}, + "DriftStatus":{"shape":"StackDriftStatus"}, + "LastDriftCheckTimestamp":{"shape":"Timestamp"} } }, "StackInstanceNotFoundException":{ @@ -2624,7 +2677,9 @@ "Account":{"shape":"Account"}, "StackId":{"shape":"StackId"}, "Status":{"shape":"StackInstanceStatus"}, - "StatusReason":{"shape":"Reason"} + "StatusReason":{"shape":"Reason"}, + "DriftStatus":{"shape":"StackDriftStatus"}, + "LastDriftCheckTimestamp":{"shape":"Timestamp"} } }, "StackName":{"type":"string"}, @@ -2792,10 +2847,42 @@ "Tags":{"shape":"Tags"}, "StackSetARN":{"shape":"StackSetARN"}, "AdministrationRoleARN":{"shape":"RoleARN"}, - "ExecutionRoleName":{"shape":"ExecutionRoleName"} + "ExecutionRoleName":{"shape":"ExecutionRoleName"}, + "StackSetDriftDetectionDetails":{"shape":"StackSetDriftDetectionDetails"} } }, "StackSetARN":{"type":"string"}, + "StackSetDriftDetectionDetails":{ + "type":"structure", + "members":{ + "DriftStatus":{"shape":"StackSetDriftStatus"}, + "DriftDetectionStatus":{"shape":"StackSetDriftDetectionStatus"}, + "LastDriftCheckTimestamp":{"shape":"Timestamp"}, + "TotalStackInstancesCount":{"shape":"TotalStackInstancesCount"}, + "DriftedStackInstancesCount":{"shape":"DriftedStackInstancesCount"}, + "InSyncStackInstancesCount":{"shape":"InSyncStackInstancesCount"}, + "InProgressStackInstancesCount":{"shape":"InProgressStackInstancesCount"}, + "FailedStackInstancesCount":{"shape":"FailedStackInstancesCount"} + } + }, + "StackSetDriftDetectionStatus":{ + "type":"string", + "enum":[ + "COMPLETED", + "FAILED", + "PARTIAL_SUCCESS", + "IN_PROGRESS", + "STOPPED" + ] + }, + "StackSetDriftStatus":{ + "type":"string", + "enum":[ + "DRIFTED", + "IN_SYNC", + "NOT_CHECKED" + ] + }, "StackSetId":{"type":"string"}, "StackSetName":{"type":"string"}, "StackSetNameOrId":{ @@ -2836,7 +2923,8 @@ "AdministrationRoleARN":{"shape":"RoleARN"}, "ExecutionRoleName":{"shape":"ExecutionRoleName"}, "CreationTimestamp":{"shape":"Timestamp"}, - "EndTimestamp":{"shape":"Timestamp"} + "EndTimestamp":{"shape":"Timestamp"}, + "StackSetDriftDetectionDetails":{"shape":"StackSetDriftDetectionDetails"} } }, "StackSetOperationAction":{ @@ -2844,7 +2932,8 @@ "enum":[ "CREATE", "UPDATE", - "DELETE" + "DELETE", + "DETECT_DRIFT" ] }, "StackSetOperationPreferences":{ @@ -2922,7 +3011,9 @@ "StackSetName":{"shape":"StackSetName"}, "StackSetId":{"shape":"StackSetId"}, "Description":{"shape":"Description"}, - "Status":{"shape":"StackSetStatus"} + "Status":{"shape":"StackSetStatus"}, + "DriftStatus":{"shape":"StackDriftStatus"}, + "LastDriftCheckTimestamp":{"shape":"Timestamp"} } }, "StackStatus":{ @@ -3093,6 +3184,10 @@ }, "exception":true }, + "TotalStackInstancesCount":{ + "type":"integer", + "min":0 + }, "TransformName":{"type":"string"}, "TransformsList":{ "type":"list", diff --git a/models/apis/cloudformation/2010-05-15/docs-2.json b/models/apis/cloudformation/2010-05-15/docs-2.json index 5d73943b51c..77cf095dffa 100644 --- a/models/apis/cloudformation/2010-05-15/docs-2.json +++ b/models/apis/cloudformation/2010-05-15/docs-2.json @@ -28,6 +28,7 @@ "DescribeTypeRegistration": "Returns information about a type's registration, including its current status and type and version identifiers.
When you initiate a registration request using RegisterType
, you can then use DescribeTypeRegistration
to monitor the progress of that registration request.
Once the registration request has completed, use DescribeType
to return detailed informaiton about a type.
Detects whether a stack's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters. For each resource in the stack that supports drift detection, AWS CloudFormation compares the actual configuration of the resource with its expected template configuration. Only resource properties explicitly defined in the stack template are checked for drift. A stack is considered to have drifted if one or more of its resources differ from their expected template configurations. For more information, see Detecting Unregulated Configuration Changes to Stacks and Resources.
Use DetectStackDrift
to detect drift on all supported resources for a given stack, or DetectStackResourceDrift to detect drift on individual resources.
For a list of stack resources that currently support drift detection, see Resources that Support Drift Detection.
DetectStackDrift
can take up to several minutes, depending on the number of resources contained within the stack. Use DescribeStackDriftDetectionStatus to monitor the progress of a detect stack drift operation. Once the drift detection operation has completed, use DescribeStackResourceDrifts to return drift information about the stack and its resources.
When detecting drift on a stack, AWS CloudFormation does not detect drift on any nested stacks belonging to that stack. Perform DetectStackDrift
directly on the nested stack itself.
Returns information about whether a resource's actual configuration differs, or has drifted, from it's expected configuration, as defined in the stack template and any values specified as template parameters. This information includes actual and expected property values for resources in which AWS CloudFormation detects drift. Only resource properties explicitly defined in the stack template are checked for drift. For more information about stack and resource drift, see Detecting Unregulated Configuration Changes to Stacks and Resources.
Use DetectStackResourceDrift
to detect drift on individual resources, or DetectStackDrift to detect drift on all resources in a given stack that support drift detection.
Resources that do not currently support drift detection cannot be checked. For a list of resources that support drift detection, see Resources that Support Drift Detection.
", + "DetectStackSetDrift": "Detect drift on a stack set. When CloudFormation performs drift detection on a stack set, it performs drift detection on the stack associated with each stack instance in the stack set. For more information, see How CloudFormation Performs Drift Detection on a Stack Set.
DetectStackSetDrift
returns the OperationId
of the stack set drift detection operation. Use this operation id with DescribeStackSetOperation
to monitor the progress of the drift detection operation. The drift detection operation may take some time, depending on the number of stack instances included in the stack set, as well as the number of resources included in each stack.
Once the operation has completed, use the following actions to return drift information:
Use DescribeStackSet
to return detailed informaiton about the stack set, including detailed information about the last completed drift operation performed on the stack set. (Information about drift operations that are in progress is not included.)
Use ListStackInstances
to return a list of stack instances belonging to the stack set, including the drift status and last drift time checked of each instance.
Use DescribeStackInstance
to return detailed information about a specific stack instance, including its drift status and last drift time checked.
For more information on performing a drift detection operation on a stack set, see Detecting Unmanaged Changes in Stack Sets.
You can only run a single drift detection operation on a given stack set at one time.
To stop a drift detection stack set operation, use StopStackSetOperation
.
Returns the estimated monthly cost of a template. The return value is an AWS Simple Monthly Calculator URL with a query string that describes the resources required to run the template.
", "ExecuteChangeSet": "Updates a stack using the input information that was provided when the specified change set was created. After the call successfully completes, AWS CloudFormation starts updating the stack. Use the DescribeStacks action to view the status of the update.
When you execute a change set, AWS CloudFormation deletes all other change sets associated with the stack because they aren't valid for the updated stack.
If a stack policy is associated with the stack, AWS CloudFormation enforces the policy during the update. You can't specify a temporary stack policy that overrides the current policy.
", "GetStackPolicy": "Returns the stack policy for a specified stack. If a stack doesn't have a policy, a null value is returned.
", @@ -293,6 +294,8 @@ "DeleteStackInstancesInput$OperationId": "The unique identifier for this stack set operation.
If you don't specify an operation ID, the SDK generates one automatically.
The operation ID also functions as an idempotency token, to ensure that AWS CloudFormation performs the stack set operation only once, even if you retry the request multiple times. You can retry stack set operation requests to ensure that AWS CloudFormation successfully received them.
Repeating this stack set operation with a new operation ID retries all stack instances whose status is OUTDATED
.
The unique identifier for this stack set operation.
", "DescribeStackSetOperationInput$OperationId": "The unique ID of the stack set operation.
", + "DetectStackSetDriftInput$OperationId": "The ID of the stack set operation.
", + "DetectStackSetDriftOutput$OperationId": "The ID of the drift detection stack set operation.
you can use this operation id with DescribeStackSetOperation
to monitor the progress of the drift detection operation.
A unique identifier for this ExecuteChangeSet
request. Specify this token if you plan to retry requests so that AWS CloudFormation knows that you're not attempting to execute a change set to update a stack with the same name. You might retry ExecuteChangeSet
requests to ensure that AWS CloudFormation successfully received them.
The ID of the stack set operation.
", "RecordHandlerProgressInput$ClientRequestToken": "Reserved for use by the CloudFormation CLI.
", @@ -612,6 +615,16 @@ "refs": { } }, + "DetectStackSetDriftInput": { + "base": null, + "refs": { + } + }, + "DetectStackSetDriftOutput": { + "base": null, + "refs": { + } + }, "DifferenceType": { "base": null, "refs": { @@ -625,6 +638,12 @@ "Stack$DisableRollback": "Boolean to enable or disable rollback on stack creation failures:
true
: disable rollback
false
: enable rollback
The number of stack instances that have drifted from the expected template and parameter configuration of the stack set. A stack instance is considered to have drifted if one or more of the resources in the associated stack do not match their expected configuration.
" + } + }, "EnableTerminationProtection": { "base": null, "refs": { @@ -713,6 +732,12 @@ "ListExportsOutput$Exports": "The output for the ListExports action.
" } }, + "FailedStackInstancesCount": { + "base": null, + "refs": { + "StackSetDriftDetectionDetails$FailedStackInstancesCount": "The number of stack instances for which the drift detection operation failed.
" + } + }, "FailureToleranceCount": { "base": null, "refs": { @@ -767,6 +792,18 @@ "ListImportsOutput$Imports": "A list of stack names that are importing the specified exported output value.
" } }, + "InProgressStackInstancesCount": { + "base": null, + "refs": { + "StackSetDriftDetectionDetails$InProgressStackInstancesCount": "The number of stack instances that are currently being checked for drift.
" + } + }, + "InSyncStackInstancesCount": { + "base": null, + "refs": { + "StackSetDriftDetectionDetails$InSyncStackInstancesCount": "The number of stack instances which match the expected template and parameter configuration of the stack set.
" + } + }, "InsufficientCapabilitiesException": { "base": "The template contains resources with capabilities that weren't specified in the Capabilities parameter.
", "refs": { @@ -1681,7 +1718,10 @@ "refs": { "DescribeStackDriftDetectionStatusOutput$StackDriftStatus": "Status of the stack's actual configuration compared to its expected configuration.
DRIFTED
: The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.
NOT_CHECKED
: AWS CloudFormation has not checked if the stack differs from its expected template configuration.
IN_SYNC
: The stack's actual configuration matches its expected template configuration.
UNKNOWN
: This value is reserved for future use.
Status of the stack's actual configuration compared to its expected template configuration.
DRIFTED
: The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.
NOT_CHECKED
: AWS CloudFormation has not checked if the stack differs from its expected template configuration.
IN_SYNC
: The stack's actual configuration matches its expected template configuration.
UNKNOWN
: This value is reserved for future use.
Status of the stack's actual configuration compared to its expected template configuration.
DRIFTED
: The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.
NOT_CHECKED
: AWS CloudFormation has not checked if the stack differs from its expected template configuration.
IN_SYNC
: The stack's actual configuration matches its expected template configuration.
UNKNOWN
: This value is reserved for future use.
Status of the stack's actual configuration compared to its expected template configuration.
DRIFTED
: The stack differs from its expected template configuration. A stack is considered to have drifted if one or more of its resources have drifted.
NOT_CHECKED
: AWS CloudFormation has not checked if the stack differs from its expected template configuration.
IN_SYNC
: The stack's actual configuration matches its expected template configuration.
UNKNOWN
: This value is reserved for future use.
Status of the stack instance's actual configuration compared to the expected template and parameter configuration of the stack set to which it belongs.
DRIFTED
: The stack differs from the expected template and parameter configuration of the stack set to which it belongs. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.
NOT_CHECKED
: AWS CloudFormation has not checked if the stack instance differs from its expected stack set configuration.
IN_SYNC
: The stack instance's actual configuration matches its expected stack set configuration.
UNKNOWN
: This value is reserved for future use.
Status of the stack instance's actual configuration compared to the expected template and parameter configuration of the stack set to which it belongs.
DRIFTED
: The stack differs from the expected template and parameter configuration of the stack set to which it belongs. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.
NOT_CHECKED
: AWS CloudFormation has not checked if the stack instance differs from its expected stack set configuration.
IN_SYNC
: The stack instance's actual configuration matches its expected stack set configuration.
UNKNOWN
: This value is reserved for future use.
Status of the stack set's actual configuration compared to its expected template and parameter configuration. A stack set is considered to have drifted if one or more of its stack instances have drifted from their expected template and parameter configuration.
DRIFTED
: One or more of the stack instances belonging to the stack set stack differs from the expected template and parameter configuration. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.
NOT_CHECKED
: AWS CloudFormation has not checked the stack set for drift.
IN_SYNC
: All of the stack instances belonging to the stack set stack match from the expected template and parameter configuration.
UNKNOWN
: This value is reserved for future use.
The Amazon Resource Number (ARN) of the stack set.
" } }, + "StackSetDriftDetectionDetails": { + "base": "Detailed information about the drift status of the stack set.
For stack sets, contains information about the last completed drift operation performed on the stack set. Information about drift operations in-progress is not included.
For stack set operations, includes information about drift operations currently being performed on the stack set.
For more information, see Detecting Unmanaged Changes in Stack Sets in the AWS CloudFormation User Guide.
", + "refs": { + "StackSet$StackSetDriftDetectionDetails": "Detailed information about the drift status of the stack set.
For stack sets, contains information about the last completed drift operation performed on the stack set. Information about drift operations currently in progress is not included.
", + "StackSetOperation$StackSetDriftDetectionDetails": "Detailed information about the drift status of the stack set. This includes information about drift operations currently being performed on the stack set.
this information will only be present for stack set operations whose Action
type is DETECT_DRIFT
.
For more information, see Detecting Unmanaged Changes in Stack Sets in the AWS CloudFormation User Guide.
" + } + }, + "StackSetDriftDetectionStatus": { + "base": null, + "refs": { + "StackSetDriftDetectionDetails$DriftDetectionStatus": "The status of the stack set drift detection operation.
COMPLETED
: The drift detection operation completed without failing on any stack instances.
FAILED
: The drift detection operation exceeded the specified failure tolerance.
PARTIAL_SUCCESS
: The drift detection operation completed without exceeding the failure tolerance for the operation.
IN_PROGRESS
: The drift detection operation is currently being performed.
STOPPED
: The user has cancelled the drift detection operation.
Status of the stack set's actual configuration compared to its expected template and parameter configuration. A stack set is considered to have drifted if one or more of its stack instances have drifted from their expected template and parameter configuration.
DRIFTED
: One or more of the stack instances belonging to the stack set stack differs from the expected template and parameter configuration. A stack instance is considered to have drifted if one or more of the resources in the associated stack have drifted.
NOT_CHECKED
: AWS CloudFormation has not checked the stack set for drift.
IN_SYNC
: All of the stack instances belonging to the stack set stack match from the expected template and parameter configuration.
The name of the stack set on which to perform the drift detection operation.
", "GetTemplateSummaryInput$StackSetName": "The name or unique ID of the stack set from which the stack was created.
Conditional: You must specify only one of the following parameters: StackName
, StackSetName
, TemplateBody
, or TemplateURL
.
The name or unique ID of the stack set associated with the stack instances.
" } @@ -1970,6 +2030,7 @@ "refs": { "CreateStackInstancesInput$OperationPreferences": "Preferences for how AWS CloudFormation performs this stack set operation.
", "DeleteStackInstancesInput$OperationPreferences": "Preferences for how AWS CloudFormation performs this stack set operation.
", + "DetectStackSetDriftInput$OperationPreferences": null, "StackSetOperation$OperationPreferences": "The preferences for how AWS CloudFormation performs this stack set operation.
", "UpdateStackInstancesInput$OperationPreferences": "Preferences for how AWS CloudFormation performs this stack set operation.
", "UpdateStackSetInput$OperationPreferences": "Preferences for how AWS CloudFormation performs this stack set operation.
" @@ -2198,16 +2259,20 @@ "StackDriftInformation$LastCheckTimestamp": "Most recent time when a drift detection operation was initiated on the stack, or any of its individual resources that support drift detection.
", "StackDriftInformationSummary$LastCheckTimestamp": "Most recent time when a drift detection operation was initiated on the stack, or any of its individual resources that support drift detection.
", "StackEvent$Timestamp": "Time the status was updated.
", + "StackInstance$LastDriftCheckTimestamp": "Most recent time when CloudFormation performed a drift detection operation on the stack instance. This value will be NULL
for any stack instance on which drift detection has not yet been performed.
Most recent time when CloudFormation performed a drift detection operation on the stack instance. This value will be NULL
for any stack instance on which drift detection has not yet been performed.
Time the status was updated.
", "StackResourceDetail$LastUpdatedTimestamp": "Time the status was updated.
", "StackResourceDrift$Timestamp": "Time at which AWS CloudFormation performed drift detection on the stack resource.
", "StackResourceDriftInformation$LastCheckTimestamp": "When AWS CloudFormation last checked if the resource had drifted from its expected configuration.
", "StackResourceDriftInformationSummary$LastCheckTimestamp": "When AWS CloudFormation last checked if the resource had drifted from its expected configuration.
", "StackResourceSummary$LastUpdatedTimestamp": "Time the status was updated.
", + "StackSetDriftDetectionDetails$LastDriftCheckTimestamp": "Most recent time when CloudFormation performed a drift detection operation on the stack set. This value will be NULL
for any stack set on which drift detection has not yet been performed.
The time at which the operation was initiated. Note that the creation times for the stack set operation might differ from the creation time of the individual stacks themselves. This is because AWS CloudFormation needs to perform preparatory work for the operation, such as dispatching the work to the requested regions, before actually creating the first stacks.
", "StackSetOperation$EndTimestamp": "The time at which the stack set operation ended, across all accounts and regions specified. Note that this doesn't necessarily mean that the stack set operation was successful, or even attempted, in each account or region.
", "StackSetOperationSummary$CreationTimestamp": "The time at which the operation was initiated. Note that the creation times for the stack set operation might differ from the creation time of the individual stacks themselves. This is because AWS CloudFormation needs to perform preparatory work for the operation, such as dispatching the work to the requested regions, before actually creating the first stacks.
", "StackSetOperationSummary$EndTimestamp": "The time at which the stack set operation ended, across all accounts and regions specified. Note that this doesn't necessarily mean that the stack set operation was successful, or even attempted, in each account or region.
", + "StackSetSummary$LastDriftCheckTimestamp": "Most recent time when CloudFormation performed a drift detection operation on the stack set. This value will be NULL
for any stack set on which drift detection has not yet been performed.
When the current default version of the type was registered.
", "TypeVersionSummary$TimeCreated": "When the version was registered.
" } @@ -2217,6 +2282,12 @@ "refs": { } }, + "TotalStackInstancesCount": { + "base": null, + "refs": { + "StackSetDriftDetectionDetails$TotalStackInstancesCount": "The total number of stack instances belonging to this stack set.
The total number of stack instances is equal to the total of:
Stack instances that match the stack set configuration.
Stack instances that have drifted from the stack set configuration.
Stack instances where the drift detection operation has failed.
Stack instances currently being checked for drift.
AWS CodeBuild is a fully managed build service in the cloud. AWS CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. AWS CodeBuild eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for the most popular programming languages and build tools, such as Apache Maven, Gradle, and more. You can also fully customize build environments in AWS CodeBuild to use your own build tools. AWS CodeBuild scales automatically to meet peak build requests. You pay only for the build time you consume. For more information about AWS CodeBuild, see the AWS CodeBuild User Guide.
AWS CodeBuild supports these operations:
BatchDeleteBuilds
: Deletes one or more builds.
BatchGetProjects
: Gets information about one or more build projects. A build project defines how AWS CodeBuild runs a build. This includes information such as where to get the source code to build, the build environment to use, the build commands to run, and where to store the build output. A build environment is a representation of operating system, programming language runtime, and tools that AWS CodeBuild uses to run a build. You can add tags to build projects to help manage your resources and costs.
CreateProject
: Creates a build project.
CreateWebhook
: For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables AWS CodeBuild to start rebuilding the source code every time a code change is pushed to the repository.
UpdateWebhook
: Changes the settings of an existing webhook.
DeleteProject
: Deletes a build project.
DeleteWebhook
: For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, stops AWS CodeBuild from rebuilding the source code every time a code change is pushed to the repository.
ListProjects
: Gets a list of build project names, with each build project name representing a single build project.
UpdateProject
: Changes the settings of an existing build project.
BatchGetBuilds
: Gets information about one or more builds.
ListBuilds
: Gets a list of build IDs, with each build ID representing a single build.
ListBuildsForProject
: Gets a list of build IDs for the specified build project, with each build ID representing a single build.
StartBuild
: Starts running a build.
StopBuild
: Attempts to stop running a build.
ListCuratedEnvironmentImages
: Gets information about Docker images that are managed by AWS CodeBuild.
DeleteSourceCredentials
: Deletes a set of GitHub, GitHub Enterprise, or Bitbucket source credentials.
ImportSourceCredentials
: Imports the source repository credentials for an AWS CodeBuild project that has its source code stored in a GitHub, GitHub Enterprise, or Bitbucket repository.
ListSourceCredentials
: Returns a list of SourceCredentialsInfo
objects. Each SourceCredentialsInfo
object includes the authentication type, token ARN, and type of source provider for one set of credentials.
AWS CodeBuild is a fully managed build service in the cloud. AWS CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. AWS CodeBuild eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for the most popular programming languages and build tools, such as Apache Maven, Gradle, and more. You can also fully customize build environments in AWS CodeBuild to use your own build tools. AWS CodeBuild scales automatically to meet peak build requests. You pay only for the build time you consume. For more information about AWS CodeBuild, see the AWS CodeBuild User Guide.
AWS CodeBuild supports these operations:
BatchDeleteBuilds
: Deletes one or more builds.
BatchGetBuilds
: Gets information about one or more builds.
BatchGetProjects
: Gets information about one or more build projects. A build project defines how AWS CodeBuild runs a build. This includes information such as where to get the source code to build, the build environment to use, the build commands to run, and where to store the build output. A build environment is a representation of operating system, programming language runtime, and tools that AWS CodeBuild uses to run a build. You can add tags to build projects to help manage your resources and costs.
CreateProject
: Creates a build project.
CreateWebhook
: For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables AWS CodeBuild to start rebuilding the source code every time a code change is pushed to the repository.
DeleteProject
: Deletes a build project.
DeleteSourceCredentials
: Deletes a set of GitHub, GitHub Enterprise, or Bitbucket source credentials.
DeleteWebhook
: For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, stops AWS CodeBuild from rebuilding the source code every time a code change is pushed to the repository.
ImportSourceCredentials
: Imports the source repository credentials for an AWS CodeBuild project that has its source code stored in a GitHub, GitHub Enterprise, or Bitbucket repository.
InvalidateProjectCache
: Resets the cache for a project.
ListBuilds
: Gets a list of build IDs, with each build ID representing a single build.
ListBuildsForProject
: Gets a list of build IDs for the specified build project, with each build ID representing a single build.
ListCuratedEnvironmentImages
: Gets information about Docker images that are managed by AWS CodeBuild.
ListProjects
: Gets a list of build project names, with each build project name representing a single build project.
ListSourceCredentials
: Returns a list of SourceCredentialsInfo
objects. Each SourceCredentialsInfo
object includes the authentication type, token ARN, and type of source provider for one set of credentials.
StartBuild
: Starts running a build.
StopBuild
: Attempts to stop running a build.
UpdateProject
: Changes the settings of an existing build project.
UpdateWebhook
: Changes the settings of an existing webhook.
Deletes one or more builds.
", - "BatchGetBuilds": "Gets information about builds.
", - "BatchGetProjects": "Gets information about build projects.
", + "BatchGetBuilds": "Gets information about one or more builds.
", + "BatchGetProjects": "Gets information about one or more build projects.
", "CreateProject": "Creates a build project.
", "CreateWebhook": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables AWS CodeBuild to start rebuilding the source code every time a code change is pushed to the repository.
If you enable webhooks for an AWS CodeBuild project, and the project is used as a build step in AWS CodePipeline, then two identical builds are created for each commit. One build is triggered through webhooks, and one through AWS CodePipeline. Because billing is on a per-build basis, you are billed for both builds. Therefore, if you are using AWS CodePipeline, we recommend that you disable webhooks in AWS CodeBuild. In the AWS CodeBuild console, clear the Webhook box. For more information, see step 5 in Change a Build Project's Settings.
Deletes a build project.
", @@ -181,7 +181,7 @@ "ComputeType": { "base": null, "refs": { - "ProjectEnvironment$computeType": "Information about the compute resources the build project uses. Available values include:
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds.
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds.
BUILD_GENERAL1_LARGE
: Use up to 15 GB memory and 8 vCPUs for builds.
For more information, see Build Environment Compute Types in the AWS CodeBuild User Guide.
", + "ProjectEnvironment$computeType": "Information about the compute resources the build project uses. Available values include:
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds.
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds.
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.
If you use BUILD_GENERAL1_LARGE
:
For environment type LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds.
For environment type LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.
For environment type ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
For more information, see Build Environment Compute Types in the AWS CodeBuild User Guide.
", "StartBuildInput$computeTypeOverride": "The name of a compute type for this build that overrides the one specified in the build project.
" } }, @@ -280,7 +280,7 @@ "EnvironmentType": { "base": null, "refs": { - "ProjectEnvironment$type": "The type of build environment to use for related builds.
", + "ProjectEnvironment$type": "The type of build environment to use for related builds.
The environment type ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).
The environment type LINUX_CONTAINER
with compute type build.general1.2xlarge
is available only in regions US East (N. Virginia), US East (N. Virginia), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).
The environment type LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (N. Virginia), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
A container type for this build that overrides the one specified in the build project.
" } }, diff --git a/models/apis/config/2014-11-12/api-2.json b/models/apis/config/2014-11-12/api-2.json index c70b178d44a..97d0dba03bd 100644 --- a/models/apis/config/2014-11-12/api-2.json +++ b/models/apis/config/2014-11-12/api-2.json @@ -84,6 +84,18 @@ {"shape":"NoSuchConfigurationRecorderException"} ] }, + "DeleteConformancePack":{ + "name":"DeleteConformancePack", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteConformancePackRequest"}, + "errors":[ + {"shape":"NoSuchConformancePackException"}, + {"shape":"ResourceInUseException"} + ] + }, "DeleteDeliveryChannel":{ "name":"DeleteDeliveryChannel", "http":{ @@ -122,6 +134,19 @@ {"shape":"OrganizationAccessDeniedException"} ] }, + "DeleteOrganizationConformancePack":{ + "name":"DeleteOrganizationConformancePack", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteOrganizationConformancePackRequest"}, + "errors":[ + {"shape":"NoSuchOrganizationConformancePackException"}, + {"shape":"ResourceInUseException"}, + {"shape":"OrganizationAccessDeniedException"} + ] + }, "DeletePendingAggregationRequest":{ "name":"DeletePendingAggregationRequest", "http":{ @@ -321,6 +346,49 @@ {"shape":"NoSuchConfigurationRecorderException"} ] }, + "DescribeConformancePackCompliance":{ + "name":"DescribeConformancePackCompliance", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DescribeConformancePackComplianceRequest"}, + "output":{"shape":"DescribeConformancePackComplianceResponse"}, + "errors":[ + {"shape":"InvalidLimitException"}, + {"shape":"InvalidNextTokenException"}, + {"shape":"InvalidParameterValueException"}, + {"shape":"NoSuchConfigRuleInConformancePackException"}, + {"shape":"NoSuchConformancePackException"} + ] + }, + "DescribeConformancePackStatus":{ + "name":"DescribeConformancePackStatus", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DescribeConformancePackStatusRequest"}, + "output":{"shape":"DescribeConformancePackStatusResponse"}, + "errors":[ + {"shape":"InvalidLimitException"}, + {"shape":"InvalidNextTokenException"} + ] + }, + "DescribeConformancePacks":{ + "name":"DescribeConformancePacks", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DescribeConformancePacksRequest"}, + "output":{"shape":"DescribeConformancePacksResponse"}, + "errors":[ + {"shape":"NoSuchConformancePackException"}, + {"shape":"InvalidLimitException"}, + {"shape":"InvalidNextTokenException"} + ] + }, "DescribeDeliveryChannelStatus":{ "name":"DescribeDeliveryChannelStatus", "http":{ @@ -375,6 +443,36 @@ {"shape":"OrganizationAccessDeniedException"} ] }, + "DescribeOrganizationConformancePackStatuses":{ + "name":"DescribeOrganizationConformancePackStatuses", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DescribeOrganizationConformancePackStatusesRequest"}, + "output":{"shape":"DescribeOrganizationConformancePackStatusesResponse"}, + "errors":[ + {"shape":"NoSuchOrganizationConformancePackException"}, + {"shape":"InvalidLimitException"}, + {"shape":"InvalidNextTokenException"}, + {"shape":"OrganizationAccessDeniedException"} + ] + }, + "DescribeOrganizationConformancePacks":{ + "name":"DescribeOrganizationConformancePacks", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DescribeOrganizationConformancePacksRequest"}, + "output":{"shape":"DescribeOrganizationConformancePacksResponse"}, + "errors":[ + {"shape":"NoSuchOrganizationConformancePackException"}, + {"shape":"InvalidNextTokenException"}, + {"shape":"InvalidLimitException"}, + {"shape":"OrganizationAccessDeniedException"} + ] + }, "DescribePendingAggregationRequests":{ "name":"DescribePendingAggregationRequests", "http":{ @@ -544,6 +642,36 @@ {"shape":"InvalidParameterValueException"} ] }, + "GetConformancePackComplianceDetails":{ + "name":"GetConformancePackComplianceDetails", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetConformancePackComplianceDetailsRequest"}, + "output":{"shape":"GetConformancePackComplianceDetailsResponse"}, + "errors":[ + {"shape":"InvalidLimitException"}, + {"shape":"InvalidNextTokenException"}, + {"shape":"NoSuchConformancePackException"}, + {"shape":"NoSuchConfigRuleInConformancePackException"}, + {"shape":"InvalidParameterValueException"} + ] + }, + "GetConformancePackComplianceSummary":{ + "name":"GetConformancePackComplianceSummary", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetConformancePackComplianceSummaryRequest"}, + "output":{"shape":"GetConformancePackComplianceSummaryResponse"}, + "errors":[ + {"shape":"NoSuchConformancePackException"}, + {"shape":"InvalidLimitException"}, + {"shape":"InvalidNextTokenException"} + ] + }, "GetDiscoveredResourceCounts":{ "name":"GetDiscoveredResourceCounts", "http":{ @@ -573,6 +701,21 @@ {"shape":"OrganizationAccessDeniedException"} ] }, + "GetOrganizationConformancePackDetailedStatus":{ + "name":"GetOrganizationConformancePackDetailedStatus", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetOrganizationConformancePackDetailedStatusRequest"}, + "output":{"shape":"GetOrganizationConformancePackDetailedStatusResponse"}, + "errors":[ + {"shape":"NoSuchOrganizationConformancePackException"}, + {"shape":"InvalidLimitException"}, + {"shape":"InvalidNextTokenException"}, + {"shape":"OrganizationAccessDeniedException"} + ] + }, "GetResourceConfigHistory":{ "name":"GetResourceConfigHistory", "http":{ @@ -693,6 +836,22 @@ {"shape":"InvalidRecordingGroupException"} ] }, + "PutConformancePack":{ + "name":"PutConformancePack", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"PutConformancePackRequest"}, + "output":{"shape":"PutConformancePackResponse"}, + "errors":[ + {"shape":"InsufficientPermissionsException"}, + {"shape":"ConformancePackTemplateValidationException"}, + {"shape":"ResourceInUseException"}, + {"shape":"InvalidParameterValueException"}, + {"shape":"MaxNumberOfConformancePacksExceededException"} + ] + }, "PutDeliveryChannel":{ "name":"PutDeliveryChannel", "http":{ @@ -743,6 +902,25 @@ {"shape":"InsufficientPermissionsException"} ] }, + "PutOrganizationConformancePack":{ + "name":"PutOrganizationConformancePack", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"PutOrganizationConformancePackRequest"}, + "output":{"shape":"PutOrganizationConformancePackResponse"}, + "errors":[ + {"shape":"MaxNumberOfOrganizationConformancePacksExceededException"}, + {"shape":"ResourceInUseException"}, + {"shape":"ValidationException"}, + {"shape":"OrganizationAccessDeniedException"}, + {"shape":"InsufficientPermissionsException"}, + {"shape":"OrganizationConformancePackTemplateValidationException"}, + {"shape":"OrganizationAllFeaturesNotEnabledException"}, + {"shape":"NoAvailableOrganizationException"} + ] + }, "PutRemediationConfigurations":{ "name":"PutRemediationConfigurations", "http":{ @@ -1015,6 +1193,11 @@ "max":256, "min":1 }, + "Annotation":{ + "type":"string", + "max":256, + "min":0 + }, "AutoRemediationAttemptSeconds":{ "type":"long", "box":true, @@ -1398,6 +1581,211 @@ "member":{"shape":"ConfigurationRecorderStatus"} }, "ConfigurationStateId":{"type":"string"}, + "ConformancePackArn":{ + "type":"string", + "max":2048, + "min":1 + }, + "ConformancePackComplianceFilters":{ + "type":"structure", + "members":{ + "ConfigRuleNames":{"shape":"ConformancePackConfigRuleNames"}, + "ComplianceType":{"shape":"ConformancePackComplianceType"} + } + }, + "ConformancePackComplianceResourceIds":{ + "type":"list", + "member":{"shape":"StringWithCharLimit256"}, + "max":5, + "min":0 + }, + "ConformancePackComplianceSummary":{ + "type":"structure", + "required":[ + "ConformancePackName", + "ConformancePackComplianceStatus" + ], + "members":{ + "ConformancePackName":{"shape":"ConformancePackName"}, + "ConformancePackComplianceStatus":{"shape":"ConformancePackComplianceType"} + } + }, + "ConformancePackComplianceSummaryList":{ + "type":"list", + "member":{"shape":"ConformancePackComplianceSummary"}, + "max":5, + "min":1 + }, + "ConformancePackComplianceType":{ + "type":"string", + "enum":[ + "COMPLIANT", + "NON_COMPLIANT" + ] + }, + "ConformancePackConfigRuleNames":{ + "type":"list", + "member":{"shape":"StringWithCharLimit64"}, + "max":10, + "min":0 + }, + "ConformancePackDetail":{ + "type":"structure", + "required":[ + "ConformancePackName", + "ConformancePackArn", + "ConformancePackId", + "DeliveryS3Bucket" + ], + "members":{ + "ConformancePackName":{"shape":"ConformancePackName"}, + "ConformancePackArn":{"shape":"ConformancePackArn"}, + "ConformancePackId":{"shape":"ConformancePackId"}, + "DeliveryS3Bucket":{"shape":"DeliveryS3Bucket"}, + "DeliveryS3KeyPrefix":{"shape":"DeliveryS3KeyPrefix"}, + "ConformancePackInputParameters":{"shape":"ConformancePackInputParameters"}, + "LastUpdateRequestedTime":{"shape":"Date"}, + "CreatedBy":{"shape":"StringWithCharLimit256"} + } + }, + "ConformancePackDetailList":{ + "type":"list", + "member":{"shape":"ConformancePackDetail"}, + "max":25, + "min":0 + }, + "ConformancePackEvaluationFilters":{ + "type":"structure", + "members":{ + "ConfigRuleNames":{"shape":"ConformancePackConfigRuleNames"}, + "ComplianceType":{"shape":"ConformancePackComplianceType"}, + "ResourceType":{"shape":"StringWithCharLimit256"}, + "ResourceIds":{"shape":"ConformancePackComplianceResourceIds"} + } + }, + "ConformancePackEvaluationResult":{ + "type":"structure", + "required":[ + "ComplianceType", + "EvaluationResultIdentifier", + "ConfigRuleInvokedTime", + "ResultRecordedTime" + ], + "members":{ + "ComplianceType":{"shape":"ConformancePackComplianceType"}, + "EvaluationResultIdentifier":{"shape":"EvaluationResultIdentifier"}, + "ConfigRuleInvokedTime":{"shape":"Date"}, + "ResultRecordedTime":{"shape":"Date"}, + "Annotation":{"shape":"Annotation"} + } + }, + "ConformancePackId":{ + "type":"string", + "max":1024, + "min":1 + }, + "ConformancePackInputParameter":{ + "type":"structure", + "required":[ + "ParameterName", + "ParameterValue" + ], + "members":{ + "ParameterName":{"shape":"ParameterName"}, + "ParameterValue":{"shape":"ParameterValue"} + } + }, + "ConformancePackInputParameters":{ + "type":"list", + "member":{"shape":"ConformancePackInputParameter"}, + "max":60, + "min":0 + }, + "ConformancePackName":{ + "type":"string", + "max":256, + "min":1, + "pattern":"[a-zA-Z][-a-zA-Z0-9]*" + }, + "ConformancePackNamesList":{ + "type":"list", + "member":{"shape":"ConformancePackName"}, + "max":25, + "min":0 + }, + "ConformancePackNamesToSummarizeList":{ + "type":"list", + "member":{"shape":"ConformancePackName"}, + "max":5, + "min":1 + }, + "ConformancePackRuleCompliance":{ + "type":"structure", + "members":{ + "ConfigRuleName":{"shape":"ConfigRuleName"}, + "ComplianceType":{"shape":"ConformancePackComplianceType"} + } + }, + "ConformancePackRuleComplianceList":{ + "type":"list", + "member":{"shape":"ConformancePackRuleCompliance"}, + "max":1000, + "min":0 + }, + "ConformancePackRuleEvaluationResultsList":{ + "type":"list", + "member":{"shape":"ConformancePackEvaluationResult"}, + "max":100, + "min":0 + }, + "ConformancePackState":{ + "type":"string", + "enum":[ + "CREATE_IN_PROGRESS", + "CREATE_COMPLETE", + "CREATE_FAILED", + "DELETE_IN_PROGRESS", + "DELETE_FAILED" + ] + }, + "ConformancePackStatusDetail":{ + "type":"structure", + "required":[ + "ConformancePackName", + "ConformancePackId", + "ConformancePackArn", + "ConformancePackState", + "StackArn", + "LastUpdateRequestedTime" + ], + "members":{ + "ConformancePackName":{"shape":"ConformancePackName"}, + "ConformancePackId":{"shape":"ConformancePackId"}, + "ConformancePackArn":{"shape":"ConformancePackArn"}, + "ConformancePackState":{"shape":"ConformancePackState"}, + "StackArn":{"shape":"StackArn"}, + "ConformancePackStatusReason":{"shape":"ConformancePackStatusReason"}, + "LastUpdateRequestedTime":{"shape":"Date"}, + "LastUpdateCompletedTime":{"shape":"Date"} + } + }, + "ConformancePackStatusDetailsList":{ + "type":"list", + "member":{"shape":"ConformancePackStatusDetail"}, + "max":25, + "min":0 + }, + "ConformancePackStatusReason":{ + "type":"string", + "max":2000, + "min":0 + }, + "ConformancePackTemplateValidationException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, "CosmosPageLimit":{ "type":"integer", "max":100, @@ -1436,6 +1824,13 @@ "ConfigurationRecorderName":{"shape":"RecorderName"} } }, + "DeleteConformancePackRequest":{ + "type":"structure", + "required":["ConformancePackName"], + "members":{ + "ConformancePackName":{"shape":"ConformancePackName"} + } + }, "DeleteDeliveryChannelRequest":{ "type":"structure", "required":["DeliveryChannelName"], @@ -1462,6 +1857,13 @@ "OrganizationConfigRuleName":{"shape":"OrganizationConfigRuleName"} } }, + "DeleteOrganizationConformancePackRequest":{ + "type":"structure", + "required":["OrganizationConformancePackName"], + "members":{ + "OrganizationConformancePackName":{"shape":"OrganizationConformancePackName"} + } + }, "DeletePendingAggregationRequestRequest":{ "type":"structure", "required":[ @@ -1554,6 +1956,16 @@ "type":"list", "member":{"shape":"DeliveryChannelStatus"} }, + "DeliveryS3Bucket":{ + "type":"string", + "max":63, + "min":3 + }, + "DeliveryS3KeyPrefix":{ + "type":"string", + "max":1024, + "min":1 + }, "DeliveryStatus":{ "type":"string", "enum":[ @@ -1710,6 +2122,63 @@ "ConfigurationRecorders":{"shape":"ConfigurationRecorderList"} } }, + "DescribeConformancePackComplianceLimit":{ + "type":"integer", + "max":1000, + "min":0 + }, + "DescribeConformancePackComplianceRequest":{ + "type":"structure", + "required":["ConformancePackName"], + "members":{ + "ConformancePackName":{"shape":"ConformancePackName"}, + "Filters":{"shape":"ConformancePackComplianceFilters"}, + "Limit":{"shape":"DescribeConformancePackComplianceLimit"}, + "NextToken":{"shape":"NextToken"} + } + }, + "DescribeConformancePackComplianceResponse":{ + "type":"structure", + "required":[ + "ConformancePackName", + "ConformancePackRuleComplianceList" + ], + "members":{ + "ConformancePackName":{"shape":"ConformancePackName"}, + "ConformancePackRuleComplianceList":{"shape":"ConformancePackRuleComplianceList"}, + "NextToken":{"shape":"NextToken"} + } + }, + "DescribeConformancePackStatusRequest":{ + "type":"structure", + "members":{ + "ConformancePackNames":{"shape":"ConformancePackNamesList"}, + "Limit":{"shape":"PageSizeLimit"}, + "NextToken":{"shape":"NextToken"} + } + }, + "DescribeConformancePackStatusResponse":{ + "type":"structure", + "members":{ + "ConformancePackStatusDetails":{"shape":"ConformancePackStatusDetailsList"}, + "NextToken":{"shape":"NextToken"} + } + }, + "DescribeConformancePacksRequest":{ + "type":"structure", + "members":{ + "ConformancePackNames":{"shape":"ConformancePackNamesList"}, + "Limit":{"shape":"PageSizeLimit"}, + "NextToken":{"shape":"NextToken"} + } + }, + "DescribeConformancePacksResponse":{ + "type":"structure", + "members":{ + "ConformancePackDetails":{"shape":"ConformancePackDetailList"}, + "NextToken":{"shape":"NextToken"} + } + }, "DescribeDeliveryChannelStatusRequest":{ "type":"structure", "members":{ @@ -1764,6 +2233,36 @@ "NextToken":{"shape":"String"} } }, + "DescribeOrganizationConformancePackStatusesRequest":{ + "type":"structure", + "members":{ + "OrganizationConformancePackNames":{"shape":"OrganizationConformancePackNames"}, + "Limit":{"shape":"CosmosPageLimit"}, + "NextToken":{"shape":"String"} + } + }, + "DescribeOrganizationConformancePackStatusesResponse":{ + "type":"structure", + "members":{ + "OrganizationConformancePackStatuses":{"shape":"OrganizationConformancePackStatuses"}, + "NextToken":{"shape":"String"} + } + }, + "DescribeOrganizationConformancePacksRequest":{ + "type":"structure", + "members":{ + "OrganizationConformancePackNames":{"shape":"OrganizationConformancePackNames"}, + "Limit":{"shape":"CosmosPageLimit"}, + "NextToken":{"shape":"String"} + } + }, + "DescribeOrganizationConformancePacksResponse":{ + "type":"structure", + "members":{ + "OrganizationConformancePacks":{"shape":"OrganizationConformancePacks"}, + "NextToken":{"shape":"String"} + } + }, "DescribePendingAggregationRequestsLimit":{ "type":"integer", "max":20, @@ -2108,6 +2607,46 @@ "ComplianceSummariesByResourceType":{"shape":"ComplianceSummariesByResourceType"} } }, + "GetConformancePackComplianceDetailsLimit":{ + "type":"integer", + "max":100, + "min":0 + }, + "GetConformancePackComplianceDetailsRequest":{ + "type":"structure", + "required":["ConformancePackName"], + "members":{ + "ConformancePackName":{"shape":"ConformancePackName"}, + "Filters":{"shape":"ConformancePackEvaluationFilters"}, + "Limit":{"shape":"GetConformancePackComplianceDetailsLimit"}, + "NextToken":{"shape":"NextToken"} + } + }, + "GetConformancePackComplianceDetailsResponse":{ + "type":"structure", + "required":["ConformancePackName"], + "members":{ + "ConformancePackName":{"shape":"ConformancePackName"}, + "ConformancePackRuleEvaluationResults":{"shape":"ConformancePackRuleEvaluationResultsList"}, + "NextToken":{"shape":"NextToken"} + } + }, + "GetConformancePackComplianceSummaryRequest":{ + "type":"structure", + "required":["ConformancePackNames"], + "members":{ + "ConformancePackNames":{"shape":"ConformancePackNamesToSummarizeList"}, + "Limit":{"shape":"PageSizeLimit"}, + "NextToken":{"shape":"NextToken"} + } + }, + "GetConformancePackComplianceSummaryResponse":{ + "type":"structure", + "members":{ + "ConformancePackComplianceSummaryList":{"shape":"ConformancePackComplianceSummaryList"}, + "NextToken":{"shape":"NextToken"} + } + }, "GetDiscoveredResourceCountsRequest":{ "type":"structure", "members":{ @@ -2141,6 +2680,23 @@ "NextToken":{"shape":"String"} } }, + "GetOrganizationConformancePackDetailedStatusRequest":{ + "type":"structure", + "required":["OrganizationConformancePackName"], + "members":{ + "OrganizationConformancePackName":{"shape":"OrganizationConformancePackName"}, + "Filters":{"shape":"OrganizationResourceDetailedStatusFilters"}, + "Limit":{"shape":"CosmosPageLimit"}, + "NextToken":{"shape":"String"} + } + }, + "GetOrganizationConformancePackDetailedStatusResponse":{ + "type":"structure", + "members":{ + "OrganizationConformancePackDetailedStatuses":{"shape":"OrganizationConformancePackDetailedStatuses"}, + "NextToken":{"shape":"String"} + } + }, "GetResourceConfigHistoryRequest":{ "type":"structure", "required":[ @@ -2357,6 +2913,12 @@ }, "exception":true }, + "MaxNumberOfConformancePacksExceededException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, "MaxNumberOfDeliveryChannelsExceededException":{ "type":"structure", "members":{ @@ -2369,6 +2931,12 @@ }, "exception":true }, + "MaxNumberOfOrganizationConformancePacksExceededException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, "MaxNumberOfRetentionConfigurationsExceededException":{ "type":"structure", "members":{ @@ -2391,12 +2959,12 @@ "CREATE_SUCCESSFUL", "CREATE_IN_PROGRESS", "CREATE_FAILED", - "UPDATE_SUCCESSFUL", - "UPDATE_FAILED", - "UPDATE_IN_PROGRESS", "DELETE_SUCCESSFUL", "DELETE_FAILED", - "DELETE_IN_PROGRESS" + "DELETE_IN_PROGRESS", + "UPDATE_SUCCESSFUL", + "UPDATE_IN_PROGRESS", + "UPDATE_FAILED" ] }, "MemberAccountStatus":{ @@ -2462,6 +3030,12 @@ }, "exception":true }, + "NoSuchConfigRuleInConformancePackException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, "NoSuchConfigurationAggregatorException":{ "type":"structure", "members":{ @@ -2474,6 +3048,12 @@ }, "exception":true }, + "NoSuchConformancePackException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, "NoSuchDeliveryChannelException":{ "type":"structure", "members":{ @@ -2486,6 +3066,12 @@ }, "exception":true }, + "NoSuchOrganizationConformancePackException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, "NoSuchRemediationConfigurationException":{ "type":"structure", "members":{ @@ -2591,6 +3177,84 @@ "type":"list", "member":{"shape":"OrganizationConfigRule"} }, + "OrganizationConformancePack":{ + "type":"structure", + "required":[ + "OrganizationConformancePackName", + "OrganizationConformancePackArn", + "DeliveryS3Bucket", + "LastUpdateTime" + ], + "members":{ + "OrganizationConformancePackName":{"shape":"OrganizationConformancePackName"}, + "OrganizationConformancePackArn":{"shape":"StringWithCharLimit256"}, + "DeliveryS3Bucket":{"shape":"DeliveryS3Bucket"}, + "DeliveryS3KeyPrefix":{"shape":"DeliveryS3KeyPrefix"}, + "ConformancePackInputParameters":{"shape":"ConformancePackInputParameters"}, + "ExcludedAccounts":{"shape":"ExcludedAccounts"}, + "LastUpdateTime":{"shape":"Date"} + } + }, + "OrganizationConformancePackDetailedStatus":{ + "type":"structure", + "required":[ + "AccountId", + "ConformancePackName", + "Status" + ], + "members":{ + "AccountId":{"shape":"AccountId"}, + "ConformancePackName":{"shape":"StringWithCharLimit256"}, + "Status":{"shape":"OrganizationResourceDetailedStatus"}, + "ErrorCode":{"shape":"String"}, + "ErrorMessage":{"shape":"String"}, + "LastUpdateTime":{"shape":"Date"} + } + }, + "OrganizationConformancePackDetailedStatuses":{ + "type":"list", + "member":{"shape":"OrganizationConformancePackDetailedStatus"} + }, + "OrganizationConformancePackName":{ + "type":"string", + "max":128, + "min":1, + "pattern":"[a-zA-Z][-a-zA-Z0-9]*" + }, + "OrganizationConformancePackNames":{ + "type":"list", + "member":{"shape":"OrganizationConformancePackName"}, + "max":25, + "min":0 + }, + "OrganizationConformancePackStatus":{ + "type":"structure", + "required":[ + "OrganizationConformancePackName", + "Status" + ], + "members":{ + "OrganizationConformancePackName":{"shape":"OrganizationConformancePackName"}, + "Status":{"shape":"OrganizationResourceStatus"}, + "ErrorCode":{"shape":"String"}, + "ErrorMessage":{"shape":"String"}, + "LastUpdateTime":{"shape":"Date"} + } + }, + "OrganizationConformancePackStatuses":{ + "type":"list", + "member":{"shape":"OrganizationConformancePackStatus"} + }, + "OrganizationConformancePackTemplateValidationException":{ + "type":"structure", + "members":{ + }, + "exception":true + }, + "OrganizationConformancePacks":{ + "type":"list", + "member":{"shape":"OrganizationConformancePack"} + }, "OrganizationCustomRuleMetadata":{ "type":"structure", "required":[ @@ -2623,18 +3287,53 @@ "TagValueScope":{"shape":"StringWithCharLimit256"} } }, - "OrganizationRuleStatus":{ + "OrganizationResourceDetailedStatus":{ "type":"string", "enum":[ "CREATE_SUCCESSFUL", "CREATE_IN_PROGRESS", "CREATE_FAILED", + "DELETE_SUCCESSFUL", + "DELETE_FAILED", + "DELETE_IN_PROGRESS", "UPDATE_SUCCESSFUL", - "UPDATE_FAILED", "UPDATE_IN_PROGRESS", + "UPDATE_FAILED" + ] + }, + "OrganizationResourceDetailedStatusFilters":{ + "type":"structure", + "members":{ + "AccountId":{"shape":"AccountId"}, + "Status":{"shape":"OrganizationResourceDetailedStatus"} + } + }, + "OrganizationResourceStatus":{ + "type":"string", + "enum":[ + "CREATE_SUCCESSFUL", + "CREATE_IN_PROGRESS", + "CREATE_FAILED", "DELETE_SUCCESSFUL", "DELETE_FAILED", - "DELETE_IN_PROGRESS" + "DELETE_IN_PROGRESS", + "UPDATE_SUCCESSFUL", + "UPDATE_IN_PROGRESS", + "UPDATE_FAILED" + ] + }, + "OrganizationRuleStatus":{ + "type":"string", + "enum":[ + "CREATE_SUCCESSFUL", + "CREATE_IN_PROGRESS", + "CREATE_FAILED", + "DELETE_SUCCESSFUL", + "DELETE_FAILED", + "DELETE_IN_PROGRESS", + "UPDATE_SUCCESSFUL", + "UPDATE_IN_PROGRESS", + "UPDATE_FAILED" ] }, "OversizedConfigurationItemException":{ @@ -2650,6 +3349,21 @@ "AWS" ] }, + "PageSizeLimit":{ + "type":"integer", + "max":20, + "min":0 + }, + "ParameterName":{ + "type":"string", + "max":255, + "min":0 + }, + "ParameterValue":{ + "type":"string", + "max":4096, + "min":0 + }, "PendingAggregationRequest":{ "type":"structure", "members":{ @@ -2716,6 +3430,27 @@ "ConfigurationRecorder":{"shape":"ConfigurationRecorder"} } }, + "PutConformancePackRequest":{ + "type":"structure", + "required":[ + "ConformancePackName", + "DeliveryS3Bucket" + ], + "members":{ + "ConformancePackName":{"shape":"ConformancePackName"}, + "TemplateS3Uri":{"shape":"TemplateS3Uri"}, + "TemplateBody":{"shape":"TemplateBody"}, + "DeliveryS3Bucket":{"shape":"DeliveryS3Bucket"}, + "DeliveryS3KeyPrefix":{"shape":"DeliveryS3KeyPrefix"}, + "ConformancePackInputParameters":{"shape":"ConformancePackInputParameters"} + } + }, + "PutConformancePackResponse":{ + "type":"structure", + "members":{ + "ConformancePackArn":{"shape":"ConformancePackArn"} + } + }, "PutDeliveryChannelRequest":{ "type":"structure", "required":["DeliveryChannel"], @@ -2754,6 +3489,28 @@ "OrganizationConfigRuleArn":{"shape":"StringWithCharLimit256"} } }, + "PutOrganizationConformancePackRequest":{ + "type":"structure", + "required":[ + "OrganizationConformancePackName", + "DeliveryS3Bucket" + ], + "members":{ + "OrganizationConformancePackName":{"shape":"OrganizationConformancePackName"}, + "TemplateS3Uri":{"shape":"TemplateS3Uri"}, + "TemplateBody":{"shape":"TemplateBody"}, + "DeliveryS3Bucket":{"shape":"DeliveryS3Bucket"}, + "DeliveryS3KeyPrefix":{"shape":"DeliveryS3KeyPrefix"}, + "ConformancePackInputParameters":{"shape":"ConformancePackInputParameters"}, + "ExcludedAccounts":{"shape":"ExcludedAccounts"} + } + }, + "PutOrganizationConformancePackResponse":{ + "type":"structure", + "members":{ + "OrganizationConformancePackArn":{"shape":"StringWithCharLimit256"} + } + }, "PutRemediationConfigurationsRequest":{ "type":"structure", "required":["RemediationConfigurations"], @@ -3306,6 +4063,11 @@ "ErrorPercentage":{"shape":"Percentage"} } }, + "StackArn":{ + "type":"string", + "max":2048, + "min":1 + }, "StartConfigRulesEvaluationRequest":{ "type":"structure", "members":{ @@ -3463,6 +4225,17 @@ "max":50, "min":0 }, + "TemplateBody":{ + "type":"string", + "max":51200, + "min":1 + }, + "TemplateS3Uri":{ + "type":"string", + "max":1024, + "min":1, + "pattern":"s3://.*" + }, "TooManyTagsException":{ "type":"structure", "members":{ diff --git a/models/apis/config/2014-11-12/docs-2.json b/models/apis/config/2014-11-12/docs-2.json index 74426c39318..8017af42247 100644 --- a/models/apis/config/2014-11-12/docs-2.json +++ b/models/apis/config/2014-11-12/docs-2.json @@ -8,9 +8,11 @@ "DeleteConfigRule": "Deletes the specified AWS Config rule and all of its evaluation results.
AWS Config sets the state of a rule to DELETING
until the deletion is complete. You cannot update a rule while it is in this state. If you make a PutConfigRule
or DeleteConfigRule
request for the rule, you will receive a ResourceInUseException
.
You can check the state of a rule by using the DescribeConfigRules
request.
Deletes the specified configuration aggregator and the aggregated data associated with the aggregator.
", "DeleteConfigurationRecorder": "Deletes the configuration recorder.
After the configuration recorder is deleted, AWS Config will not record resource configuration changes until you create a new configuration recorder.
This action does not delete the configuration information that was previously recorded. You will be able to access the previously recorded information by using the GetResourceConfigHistory
action, but you will not be able to access this information in the AWS Config console until you create a new configuration recorder.
Deletes the specified conformance pack and all the AWS Config rules and all evaluation results within that conformance pack.
AWS Config sets the conformance pack to DELETE_IN_PROGRESS
until the deletion is complete. You cannot update a conformance pack while it is in this state.
Deletes the delivery channel.
Before you can delete the delivery channel, you must stop the configuration recorder by using the StopConfigurationRecorder action.
", "DeleteEvaluationResults": "Deletes the evaluation results for the specified AWS Config rule. You can specify one AWS Config rule per request. After you delete the evaluation results, you can call the StartConfigRulesEvaluation API to start evaluating your AWS resources against the rule.
", "DeleteOrganizationConfigRule": "Deletes the specified organization config rule and all of its evaluation results from all member accounts in that organization. Only a master account can delete an organization config rule.
AWS Config sets the state of a rule to DELETE_IN_PROGRESS until the deletion is complete. You cannot update a rule while it is in this state.
", + "DeleteOrganizationConformancePack": "Deletes the specified organization conformance pack and all of the config rules and remediation actions from all member accounts in that organization. Only a master account can delete an organization conformance pack.
AWS Config sets the state of a conformance pack to DELETE_IN_PROGRESS until the deletion is complete. You cannot update a conformance pack while it is in this state.
", "DeletePendingAggregationRequest": "Deletes pending authorization requests for a specified aggregator account in a specified region.
", "DeleteRemediationConfiguration": "Deletes the remediation configuration.
", "DeleteRemediationExceptions": "Deletes one or more remediation exceptions mentioned in the resource keys.
", @@ -26,10 +28,15 @@ "DescribeConfigurationAggregators": "Returns the details of one or more configuration aggregators. If the configuration aggregator is not specified, this action returns the details for all the configuration aggregators associated with the account.
", "DescribeConfigurationRecorderStatus": "Returns the current status of the specified configuration recorder. If a configuration recorder is not specified, this action returns the status of all configuration recorders associated with the account.
Currently, you can specify only one configuration recorder per region in your account.
Returns the details for the specified configuration recorders. If the configuration recorder is not specified, this action returns the details for all configuration recorders associated with the account.
Currently, you can specify only one configuration recorder per region in your account.
Returns compliance information for each rule in that conformance pack.
You must provide exact rule names otherwise AWS Config cannot return evaluation results due to insufficient data.
Provides one or more conformance packs deployment status.
", + "DescribeConformancePacks": "Returns a list of one or more conformance packs.
", "DescribeDeliveryChannelStatus": "Returns the current status of the specified delivery channel. If a delivery channel is not specified, this action returns the current status of all delivery channels associated with the account.
Currently, you can specify only one delivery channel per region in your account.
Returns details about the specified delivery channel. If a delivery channel is not specified, this action returns the details of all delivery channels associated with the account.
Currently, you can specify only one delivery channel per region in your account.
Provides organization config rule deployment status for an organization.
The status is not considered successful until organization config rule is successfully deployed in all the member accounts with an exception of excluded accounts.
When you specify the limit and the next token, you receive a paginated response. Limit and next token are not applicable if you specify organization config rule names. It is only applicable, when you request all the organization config rules.
Only a master account can call this API.
Returns a list of organization config rules.
When you specify the limit and the next token, you receive a paginated response. Limit and next token are not applicable if you specify organization config rule names. It is only applicable, when you request all the organization config rules.
Only a master account can call this API.
Provides organization conformance pack deployment status for an organization.
The status is not considered successful until organization conformance pack is successfully deployed in all the member accounts with an exception of excluded accounts.
When you specify the limit and the next token, you receive a paginated response. Limit and next token are not applicable if you specify organization conformance pack names. They are only applicable, when you request all the organization conformance packs.
Only a master account can call this API.
Returns a list of organization conformance packs.
When you specify the limit and the next token, you receive a paginated response. Limit and next token are not applicable if you specify organization conformance packs names. They are only applicable, when you request all the organization conformance packs. Only a master account can call this API.
Returns a list of all pending aggregation requests.
", "DescribeRemediationConfigurations": "Returns the details of one or more remediation configurations.
", "DescribeRemediationExceptions": "Returns the details of one or more remediation exceptions. A detailed view of a remediation exception for a set of resources that includes an explanation of an exception and the time when the exception will be deleted. When you specify the limit and the next token, you receive a paginated response.
When you specify the limit and the next token, you receive a paginated response.
Limit and next token are not applicable if you request resources in batch. It is only applicable, when you request all resources.
Returns the evaluation results for the specified AWS resource. The results indicate which AWS Config rules were used to evaluate the resource, when each rule was last used, and whether the resource complies with each rule.
", "GetComplianceSummaryByConfigRule": "Returns the number of AWS Config rules that are compliant and noncompliant, up to a maximum of 25 for each.
", "GetComplianceSummaryByResourceType": "Returns the number of resources that are compliant and the number that are noncompliant. You can specify one or more resource types to get these numbers for each resource type. The maximum number returned is 100.
", + "GetConformancePackComplianceDetails": "Returns compliance details of a conformance pack for all AWS resources that are monitered by conformance pack.
", + "GetConformancePackComplianceSummary": null, "GetDiscoveredResourceCounts": "Returns the resource types, the number of each resource type, and the total number of resources that AWS Config is recording in this region for your AWS account.
Example
AWS Config is recording three resource types in the US East (Ohio) Region for your account: 25 EC2 instances, 20 IAM users, and 15 S3 buckets.
You make a call to the GetDiscoveredResourceCounts
action and specify that you want all resource types.
AWS Config returns the following:
The resource types (EC2 instances, IAM users, and S3 buckets).
The number of each resource type (25, 20, and 15).
The total number of all resources (60).
The response is paginated. By default, AWS Config lists 100 ResourceCount objects on each page. You can customize this number with the limit
parameter. The response includes a nextToken
string. To get the next page of results, run the request again and specify the string for the nextToken
parameter.
If you make a call to the GetDiscoveredResourceCounts action, you might not immediately receive resource counts in the following situations:
You are a new AWS Config customer.
You just enabled resource recording.
It might take a few minutes for AWS Config to record and count your resources. Wait a few minutes and then retry the GetDiscoveredResourceCounts action.
Returns detailed status for each member account within an organization for a given organization config rule.
Only a master account can call this API.
Returns detailed status for each member account within an organization for a given organization conformance pack.
Only a master account can call this API.
", "GetResourceConfigHistory": "Returns a list of configuration items for the specified resource. The list contains details about each state of the resource during the specified time interval. If you specified a retention period to retain your ConfigurationItems
between a minimum of 30 days and a maximum of 7 years (2557 days), AWS Config returns the ConfigurationItems
for the specified retention period.
The response is paginated. By default, AWS Config returns a limit of 10 configuration items per page. You can customize this number with the limit
parameter. The response includes a nextToken
string. To get the next page of results, run the request again and specify the string for the nextToken
parameter.
Each call to the API is limited to span a duration of seven days. It is likely that the number of records returned is smaller than the specified limit
. In such cases, you can make another call, using the nextToken
.
Accepts a resource type and returns a list of resource identifiers that are aggregated for a specific resource type across accounts and regions. A resource identifier includes the resource type, ID, (if available) the custom resource name, source account, and source region. You can narrow the results to include only resources that have specific resource IDs, or a resource name, or source account ID, or source region.
For example, if the input consists of accountID 12345678910 and the region is us-east-1 for resource type AWS::EC2::Instance
then the API returns all the EC2 instance identifiers of accountID 12345678910 and region us-east-1.
Accepts a resource type and returns a list of resource identifiers for the resources of that type. A resource identifier includes the resource type, ID, and (if available) the custom resource name. The results consist of resources that AWS Config has discovered, including those that AWS Config is not currently recording. You can narrow the results to include only resources that have specific resource IDs or a resource name.
You can specify either resource IDs or a resource name, but not both, in the same request.
The response is paginated. By default, AWS Config lists 100 resource identifiers on each page. You can customize this number with the limit
parameter. The response includes a nextToken
string. To get the next page of results, run the request again and specify the string for the nextToken
parameter.
Adds or updates an AWS Config rule for evaluating whether your AWS resources comply with your desired configurations.
You can use this action for custom AWS Config rules and AWS managed Config rules. A custom AWS Config rule is a rule that you develop and maintain. An AWS managed Config rule is a customizable, predefined rule that AWS Config provides.
If you are adding a new custom AWS Config rule, you must first create the AWS Lambda function that the rule invokes to evaluate your resources. When you use the PutConfigRule
action to add the rule to AWS Config, you must specify the Amazon Resource Name (ARN) that AWS Lambda assigns to the function. Specify the ARN for the SourceIdentifier
key. This key is part of the Source
object, which is part of the ConfigRule
object.
If you are adding an AWS managed Config rule, specify the rule's identifier for the SourceIdentifier
key. To reference AWS managed Config rule identifiers, see About AWS Managed Config Rules.
For any new rule that you add, specify the ConfigRuleName
in the ConfigRule
object. Do not specify the ConfigRuleArn
or the ConfigRuleId
. These values are generated by AWS Config for new rules.
If you are updating a rule that you added previously, you can specify the rule by ConfigRuleName
, ConfigRuleId
, or ConfigRuleArn
in the ConfigRule
data type that you use in this request.
The maximum number of rules that AWS Config supports is 150.
For information about requesting a rule limit increase, see AWS Config Limits in the AWS General Reference Guide.
For more information about developing and using AWS Config rules, see Evaluating AWS Resource Configurations with AWS Config in the AWS Config Developer Guide.
", "PutConfigurationAggregator": "Creates and updates the configuration aggregator with the selected source accounts and regions. The source account can be individual account(s) or an organization.
AWS Config should be enabled in source accounts and regions you want to aggregate.
If your source type is an organization, you must be signed in to the master account and all features must be enabled in your organization. AWS Config calls EnableAwsServiceAccess
API to enable integration between AWS Config and AWS Organizations.
Creates a new configuration recorder to record the selected resource configurations.
You can use this action to change the role roleARN
or the recordingGroup
of an existing recorder. To change the role, call the action on the existing configuration recorder and specify a role.
Currently, you can specify only one configuration recorder per region in your account.
If ConfigurationRecorder
does not have the recordingGroup parameter specified, the default is to record all supported resource types.
Creates or updates a conformance pack. A conformance pack is a collection of AWS Config rules that can be easily deployed in an account and a region.
This API creates a service linked role AWSServiceRoleForConfigConforms
in your account. The service linked role is created only when the role does not exist in your account. AWS Config verifies the existence of role with GetRole
action.
You must specify either the TemplateS3Uri
or the TemplateBody
parameter, but not both. If you provide both AWS Config uses the TemplateS3Uri
parameter and ignores the TemplateBody
parameter.
Creates a delivery channel object to deliver configuration information to an Amazon S3 bucket and Amazon SNS topic.
Before you can create a delivery channel, you must create a configuration recorder.
You can use this action to change the Amazon S3 bucket or an Amazon SNS topic of the existing delivery channel. To change the Amazon S3 bucket or an Amazon SNS topic, call this action and specify the changed values for the S3 bucket and the SNS topic. If you specify a different value for either the S3 bucket or the SNS topic, this action will keep the existing value for the parameter that is not changed.
You can have only one delivery channel per region in your account.
Used by an AWS Lambda function to deliver evaluation results to AWS Config. This action is required in every AWS Lambda function that is invoked by an AWS Config rule.
", "PutOrganizationConfigRule": "Adds or updates organization config rule for your entire organization evaluating whether your AWS resources comply with your desired configurations. Only a master account can create or update an organization config rule.
This API enables organization service access through the EnableAWSServiceAccess
action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup
in the master account of your organization. The service linked role is created only when the role does not exist in the master account. AWS Config verifies the existence of role with GetRole
action.
You can use this action to create both custom AWS Config rules and AWS managed Config rules. If you are adding a new custom AWS Config rule, you must first create AWS Lambda function in the master account that the rule invokes to evaluate your resources. When you use the PutOrganizationConfigRule
action to add the rule to AWS Config, you must specify the Amazon Resource Name (ARN) that AWS Lambda assigns to the function. If you are adding an AWS managed Config rule, specify the rule's identifier for the RuleIdentifier
key.
The maximum number of organization config rules that AWS Config supports is 150.
Specify either OrganizationCustomRuleMetadata
or OrganizationManagedRuleMetadata
.
Deploys conformance packs across member accounts in an AWS Organization.
This API enables organization service access through the EnableAWSServiceAccess
action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master account of your organization. The service linked role is created only when the role does not exist in the master account. AWS Config verifies the existence of role with GetRole action.
The SPN is config-multiaccountsetup.amazonaws.com
.
You must specify either the TemplateS3Uri
or the TemplateBody
parameter, but not both. If you provide both AWS Config uses the TemplateS3Uri
parameter and ignores the TemplateBody
parameter.
Adds or updates the remediation configuration with a specific AWS Config rule with the selected target or action. The API creates the RemediationConfiguration
object for the AWS Config rule. The AWS Config rule must already exist for you to add a remediation configuration. The target (SSM document) must exist and have permissions to use the target.
A remediation exception is when a specific resource is no longer considered for auto-remediation. This API adds a new exception or updates an exisiting exception for a specific resource with a specific AWS Config rule.
", "PutRetentionConfiguration": "Creates and updates the retention configuration with details about retention period (number of days) that AWS Config stores your historical information. The API creates the RetentionConfiguration
object and names the object as default. When you have a RetentionConfiguration
object named default, calling the API modifies the default object.
Currently, AWS Config supports only one retention configuration per region in your account.
The 12-digit account ID of the source account.
", "MemberAccountStatus$AccountId": "The 12-digit account ID of a member account.
", + "OrganizationConformancePackDetailedStatus$AccountId": "The 12-digit account ID of a member account.
", + "OrganizationResourceDetailedStatusFilters$AccountId": "The 12-digit account ID of the member account within an organization.
", "PendingAggregationRequest$RequesterAccountId": "The 12-digit account ID of the account requesting to aggregate data.
", "PutAggregationAuthorizationRequest$AuthorizedAccountId": "The 12-digit account ID of the account authorized to aggregate data.
", "ResourceCountFilters$AccountId": "The 12-digit ID of the account.
", @@ -228,6 +242,12 @@ "UntagResourceRequest$ResourceArn": "The Amazon Resource Name (ARN) that identifies the resource for which to list the tags. Currently, the supported resources are ConfigRule
, ConfigurationAggregator
and AggregatorAuthorization
.
Supplementary information about how the evaluation determined the compliance.
" + } + }, "AutoRemediationAttemptSeconds": { "base": null, "refs": { @@ -477,6 +497,7 @@ "AggregateComplianceByConfigRule$ConfigRuleName": "The name of the AWS Config rule.
", "ConfigRuleComplianceFilters$ConfigRuleName": "The name of the AWS Config rule.
", "ConfigRuleNames$member": null, + "ConformancePackRuleCompliance$ConfigRuleName": "Filters the results by AWS Config rule name.
", "DeleteRemediationConfigurationRequest$ConfigRuleName": "The name of the AWS Config rule for which you want to delete remediation configuration.
", "DeleteRemediationExceptionsRequest$ConfigRuleName": "The name of the AWS Config rule for which you want to delete remediation exception configuration.
", "DescribeRemediationExceptionsRequest$ConfigRuleName": "The name of the AWS Config rule.
", @@ -642,12 +663,186 @@ "ConfigurationItem$configurationStateId": "An identifier that indicates the ordering of the configuration items of a resource.
" } }, + "ConformancePackArn": { + "base": null, + "refs": { + "ConformancePackDetail$ConformancePackArn": "Amazon Resource Name (ARN) of the conformance pack.
", + "ConformancePackStatusDetail$ConformancePackArn": "Amazon Resource Name (ARN) of comformance pack.
", + "PutConformancePackResponse$ConformancePackArn": "ARN of the conformance pack.
" + } + }, + "ConformancePackComplianceFilters": { + "base": "Filters the conformance pack by compliance types and AWS Config rule names.
", + "refs": { + "DescribeConformancePackComplianceRequest$Filters": "A ConformancePackComplianceFilters
object.
Filters the results by resource IDs.
" + } + }, + "ConformancePackComplianceSummary": { + "base": null, + "refs": { + "ConformancePackComplianceSummaryList$member": null + } + }, + "ConformancePackComplianceSummaryList": { + "base": null, + "refs": { + "GetConformancePackComplianceSummaryResponse$ConformancePackComplianceSummaryList": null + } + }, + "ConformancePackComplianceType": { + "base": null, + "refs": { + "ConformancePackComplianceFilters$ComplianceType": "Filters the results by compliance.
The allowed values are COMPLIANT
and NON_COMPLIANT
.
Filters the results by compliance.
The allowed values are COMPLIANT
and NON_COMPLIANT
.
Filters the results by compliance.
The allowed values are COMPLIANT
and NON_COMPLIANT
.
Filters the results by compliance.
The allowed values are COMPLIANT
and NON_COMPLIANT
.
Filters the results by AWS Config rule names.
", + "ConformancePackEvaluationFilters$ConfigRuleNames": "Filters the results by AWS Config rule names.
" + } + }, + "ConformancePackDetail": { + "base": "Returns details of a conformance pack. A conformance pack is a collection of AWS Config rules that can be easily deployed in an account and a region.
", + "refs": { + "ConformancePackDetailList$member": null + } + }, + "ConformancePackDetailList": { + "base": null, + "refs": { + "DescribeConformancePacksResponse$ConformancePackDetails": "Returns a list of ConformancePackDetail
objects.
Filters a conformance pack by AWS Config rule names, compliance types, AWS resource types, and resource IDs.
", + "refs": { + "GetConformancePackComplianceDetailsRequest$Filters": "A ConformancePackEvaluationFilters
object.
The details of a conformance pack evaluation. Provides AWS Config rule and AWS resource type that was evaluated, the compliance of the conformance pack, related time stamps, and supplementary information.
", + "refs": { + "ConformancePackRuleEvaluationResultsList$member": null + } + }, + "ConformancePackId": { + "base": null, + "refs": { + "ConformancePackDetail$ConformancePackId": "ID of the conformance pack.
", + "ConformancePackStatusDetail$ConformancePackId": "ID of the conformance pack.
" + } + }, + "ConformancePackInputParameter": { + "base": "Input parameters in the form of key-value pairs for the conformance pack, both of which you define. Keys can have a maximum character length of 128 characters, and values can have a maximum length of 256 characters.
", + "refs": { + "ConformancePackInputParameters$member": null + } + }, + "ConformancePackInputParameters": { + "base": null, + "refs": { + "ConformancePackDetail$ConformancePackInputParameters": "A list of ConformancePackInputParameter
objects.
A list of ConformancePackInputParameter
objects.
A list of ConformancePackInputParameter
objects.
A list of ConformancePackInputParameter
objects.
Name of the conformance pack.
", + "ConformancePackNamesList$member": null, + "ConformancePackNamesToSummarizeList$member": null, + "ConformancePackStatusDetail$ConformancePackName": "Name of the conformance pack.
", + "DeleteConformancePackRequest$ConformancePackName": "Name of the conformance pack you want to delete.
", + "DescribeConformancePackComplianceRequest$ConformancePackName": "Name of the conformance pack.
", + "DescribeConformancePackComplianceResponse$ConformancePackName": "Name of the conformance pack.
", + "GetConformancePackComplianceDetailsRequest$ConformancePackName": "Name of the conformance pack.
", + "GetConformancePackComplianceDetailsResponse$ConformancePackName": "Name of the conformance pack.
", + "PutConformancePackRequest$ConformancePackName": "Name of the conformance pack you want to create.
" + } + }, + "ConformancePackNamesList": { + "base": null, + "refs": { + "DescribeConformancePackStatusRequest$ConformancePackNames": "Comma-separated list of conformance pack names.
", + "DescribeConformancePacksRequest$ConformancePackNames": "Comma-separated list of conformance pack names for which you want details. If you do not specify any names, AWS Config returns details for all your conformance packs.
" + } + }, + "ConformancePackNamesToSummarizeList": { + "base": null, + "refs": { + "GetConformancePackComplianceSummaryRequest$ConformancePackNames": null + } + }, + "ConformancePackRuleCompliance": { + "base": "Compliance information of one or more AWS Config rules within a conformance pack. You can filter using AWS Config rule names and compliance types.
", + "refs": { + "ConformancePackRuleComplianceList$member": null + } + }, + "ConformancePackRuleComplianceList": { + "base": null, + "refs": { + "DescribeConformancePackComplianceResponse$ConformancePackRuleComplianceList": "Returns a list of ConformancePackRuleCompliance
objects.
Returns a list of ConformancePackEvaluationResult
objects.
Indicates deployment status of conformance pack.
AWS Config sets the state of the conformance pack to:
CREATE_IN_PROGRESS when a conformance pack creation is in progress for an account.
CREATE_COMPLETE when a conformance pack has been successfully created in your account.
CREATE_FAILED when a conformance pack creation failed in your account.
DELETE_IN_PROGRESS when a conformance pack deletion is in progress.
DELETE_FAILED when a conformance pack deletion failed from your account.
Status details of a conformance pack.
", + "refs": { + "ConformancePackStatusDetailsList$member": null + } + }, + "ConformancePackStatusDetailsList": { + "base": null, + "refs": { + "DescribeConformancePackStatusResponse$ConformancePackStatusDetails": "A list of ConformancePackStatusDetail
objects.
The reason of conformance pack creation failure.
" + } + }, + "ConformancePackTemplateValidationException": { + "base": "You have specified a template that is not valid or supported.
", + "refs": { + } + }, "CosmosPageLimit": { "base": null, "refs": { "DescribeOrganizationConfigRuleStatusesRequest$Limit": "The maximum number of OrganizationConfigRuleStatuses
returned on each page. If you do no specify a number, AWS Config uses the default. The default is 100.
The maximum number of organization config rules returned on each page. If you do no specify a number, AWS Config uses the default. The default is 100.
", - "GetOrganizationConfigRuleDetailedStatusRequest$Limit": "The maximum number of OrganizationConfigRuleDetailedStatus
returned on each page. If you do not specify a number, AWS Config uses the default. The default is 100.
The maximum number of OrganizationConformancePackStatuses returned on each page. If you do no specify a number, AWS Config uses the default. The default is 100.
", + "DescribeOrganizationConformancePacksRequest$Limit": "The maximum number of organization config packs returned on each page. If you do no specify a number, AWS Config uses the default. The default is 100.
", + "GetOrganizationConfigRuleDetailedStatusRequest$Limit": "The maximum number of OrganizationConfigRuleDetailedStatus
returned on each page. If you do not specify a number, AWS Config uses the default. The default is 100.
The maximum number of OrganizationConformancePackDetailedStatuses
returned on each page. If you do not specify a number, AWS Config uses the default. The default is 100.
The time the recorder was last started.
", "ConfigurationRecorderStatus$lastStopTime": "The time the recorder was last stopped.
", "ConfigurationRecorderStatus$lastStatusChangeTime": "The time when the status was last changed.
", + "ConformancePackDetail$LastUpdateRequestedTime": "Last time when conformation pack update was requested.
", + "ConformancePackEvaluationResult$ConfigRuleInvokedTime": "The time when AWS Config rule evaluated AWS resource.
", + "ConformancePackEvaluationResult$ResultRecordedTime": "The time when AWS Config recorded the evaluation result.
", + "ConformancePackStatusDetail$LastUpdateRequestedTime": "Last time when conformation pack creation and update was requested.
", + "ConformancePackStatusDetail$LastUpdateCompletedTime": "Last time when conformation pack creation and update was successful.
", "EvaluationResult$ResultRecordedTime": "The time when AWS Config recorded the evaluation result.
", "EvaluationResult$ConfigRuleInvokedTime": "The time when the AWS Config rule evaluated the AWS resource.
", "EvaluationResultIdentifier$OrderingTimestamp": "The time of the event that triggered the evaluation of your AWS resources. The time can indicate when AWS Config delivered a configuration item change notification, or it can indicate when AWS Config delivered the configuration snapshot, depending on which event triggered the evaluation.
", "MemberAccountStatus$LastUpdateTime": "The timestamp of the last status update.
", "OrganizationConfigRule$LastUpdateTime": "The timestamp of the last update.
", "OrganizationConfigRuleStatus$LastUpdateTime": "The timestamp of the last update.
", + "OrganizationConformancePack$LastUpdateTime": "Last time when organization conformation pack was updated.
", + "OrganizationConformancePackDetailedStatus$LastUpdateTime": "The timestamp of the last status update.
", + "OrganizationConformancePackStatus$LastUpdateTime": "The timestamp of the last update.
", "PutRemediationExceptionsRequest$ExpirationTime": "The exception is automatically deleted after the expiration date.
", "RemediationException$ExpirationTime": "The time when the remediation exception will be deleted.
", "RemediationExecutionStatus$InvocationTime": "Start time when the remediation was executed.
", @@ -706,6 +909,11 @@ "refs": { } }, + "DeleteConformancePackRequest": { + "base": null, + "refs": { + } + }, "DeleteDeliveryChannelRequest": { "base": "The input for the DeleteDeliveryChannel action. The action accepts the following data, in JSON format.
", "refs": { @@ -726,6 +934,11 @@ "refs": { } }, + "DeleteOrganizationConformancePackRequest": { + "base": null, + "refs": { + } + }, "DeletePendingAggregationRequestRequest": { "base": null, "refs": { @@ -798,6 +1011,24 @@ "DescribeDeliveryChannelStatusResponse$DeliveryChannelsStatus": "A list that contains the status of a specified delivery channel.
" } }, + "DeliveryS3Bucket": { + "base": null, + "refs": { + "ConformancePackDetail$DeliveryS3Bucket": "Location of an Amazon S3 bucket where AWS Config can deliver evaluation results and conformance pack template that is used to create a pack.
", + "OrganizationConformancePack$DeliveryS3Bucket": "Location of an Amazon S3 bucket where AWS Config can deliver evaluation results and conformance pack template that is used to create a pack.
", + "PutConformancePackRequest$DeliveryS3Bucket": "Location of an Amazon S3 bucket where AWS Config can deliver evaluation results. AWS Config stores intermediate files while processing conformance pack template.
", + "PutOrganizationConformancePackRequest$DeliveryS3Bucket": "Location of an Amazon S3 bucket where AWS Config can deliver evaluation results. AWS Config stores intermediate files while processing conformance pack template.
" + } + }, + "DeliveryS3KeyPrefix": { + "base": null, + "refs": { + "ConformancePackDetail$DeliveryS3KeyPrefix": "Any folder structure you want to add to an Amazon S3 bucket.
", + "OrganizationConformancePack$DeliveryS3KeyPrefix": "Any folder structure you want to add to an Amazon S3 bucket.
", + "PutConformancePackRequest$DeliveryS3KeyPrefix": "The prefix for the Amazon S3 bucket.
", + "PutOrganizationConformancePackRequest$DeliveryS3KeyPrefix": "The prefix for the Amazon S3 bucket.
" + } + }, "DeliveryStatus": { "base": null, "refs": { @@ -905,6 +1136,42 @@ "refs": { } }, + "DescribeConformancePackComplianceLimit": { + "base": null, + "refs": { + "DescribeConformancePackComplianceRequest$Limit": "The maximum number of AWS Config rules within a conformance pack are returned on each page.
" + } + }, + "DescribeConformancePackComplianceRequest": { + "base": null, + "refs": { + } + }, + "DescribeConformancePackComplianceResponse": { + "base": null, + "refs": { + } + }, + "DescribeConformancePackStatusRequest": { + "base": null, + "refs": { + } + }, + "DescribeConformancePackStatusResponse": { + "base": null, + "refs": { + } + }, + "DescribeConformancePacksRequest": { + "base": null, + "refs": { + } + }, + "DescribeConformancePacksResponse": { + "base": null, + "refs": { + } + }, "DescribeDeliveryChannelStatusRequest": { "base": "The input for the DeliveryChannelStatus action.
", "refs": { @@ -945,6 +1212,26 @@ "refs": { } }, + "DescribeOrganizationConformancePackStatusesRequest": { + "base": null, + "refs": { + } + }, + "DescribeOrganizationConformancePackStatusesResponse": { + "base": null, + "refs": { + } + }, + "DescribeOrganizationConformancePacksRequest": { + "base": null, + "refs": { + } + }, + "DescribeOrganizationConformancePacksResponse": { + "base": null, + "refs": { + } + }, "DescribePendingAggregationRequestsLimit": { "base": null, "refs": { @@ -1035,6 +1322,7 @@ "base": "Uniquely identifies an evaluation result.
", "refs": { "AggregateEvaluationResult$EvaluationResultIdentifier": "Uniquely identifies the evaluation result.
", + "ConformancePackEvaluationResult$EvaluationResultIdentifier": null, "EvaluationResult$EvaluationResultIdentifier": "Uniquely identifies the evaluation result.
" } }, @@ -1068,7 +1356,9 @@ "base": null, "refs": { "OrganizationConfigRule$ExcludedAccounts": "A comma-separated list of accounts excluded from organization config rule.
", - "PutOrganizationConfigRuleRequest$ExcludedAccounts": "A comma-separated list of accounts that you want to exclude from an organization config rule.
" + "OrganizationConformancePack$ExcludedAccounts": "A comma-separated list of accounts excluded from organization conformance pack.
", + "PutOrganizationConfigRuleRequest$ExcludedAccounts": "A comma-separated list of accounts that you want to exclude from an organization config rule.
", + "PutOrganizationConformancePackRequest$ExcludedAccounts": "A list of AWS accounts to be excluded from an organization conformance pack while deploying a conformance pack.
" } }, "ExecutionControls": { @@ -1212,6 +1502,32 @@ "refs": { } }, + "GetConformancePackComplianceDetailsLimit": { + "base": null, + "refs": { + "GetConformancePackComplianceDetailsRequest$Limit": "The maximum number of evaluation results returned on each page. If you do no specify a number, AWS Config uses the default. The default is 100.
" + } + }, + "GetConformancePackComplianceDetailsRequest": { + "base": null, + "refs": { + } + }, + "GetConformancePackComplianceDetailsResponse": { + "base": null, + "refs": { + } + }, + "GetConformancePackComplianceSummaryRequest": { + "base": null, + "refs": { + } + }, + "GetConformancePackComplianceSummaryResponse": { + "base": null, + "refs": { + } + }, "GetDiscoveredResourceCountsRequest": { "base": null, "refs": { @@ -1232,6 +1548,16 @@ "refs": { } }, + "GetOrganizationConformancePackDetailedStatusRequest": { + "base": null, + "refs": { + } + }, + "GetOrganizationConformancePackDetailedStatusResponse": { + "base": null, + "refs": { + } + }, "GetResourceConfigHistoryRequest": { "base": "The input for the GetResourceConfigHistory action.
", "refs": { @@ -1274,7 +1600,7 @@ } }, "InsufficientPermissionsException": { - "base": "Indicates one of the following errors:
For PutConfigRule, the rule cannot be created because the IAM role assigned to AWS Config lacks permissions to perform the config:Put* action.
For PutConfigRule, the AWS Lambda function cannot be invoked. Check the function ARN, and check the function's permissions.
For OrganizationConfigRule, organization config rule cannot be created because you do not have permissions to call IAM GetRole
action or create service linked role.
Indicates one of the following errors:
For PutConfigRule, the rule cannot be created because the IAM role assigned to AWS Config lacks permissions to perform the config:Put* action.
For PutConfigRule, the AWS Lambda function cannot be invoked. Check the function ARN, and check the function's permissions.
For PutOrganizationConfigRule, organization config rule cannot be created because you do not have permissions to call IAM GetRole
action or create a service linked role.
For PutConformancePack and PutOrganizationConformancePack, a conformance pack cannot be created becuase you do not have permissions:
To call IAM GetRole
action or create a service linked role.
To read Amazon S3 bucket.
To create a rule and a stack.
You have reached the limit (20) of the number of conformance packs in an account.
", + "refs": { + } + }, "MaxNumberOfDeliveryChannelsExceededException": { "base": "You have reached the limit of the number of delivery channels you can create.
", "refs": { @@ -1438,6 +1769,11 @@ "refs": { } }, + "MaxNumberOfOrganizationConformancePacksExceededException": { + "base": "You have reached the limit (10) of the number of organization conformance packs in an account.
", + "refs": { + } + }, "MaxNumberOfRetentionConfigurationsExceededException": { "base": "Failed to add the retention configuration because a retention configuration with that name already exists.
", "refs": { @@ -1485,6 +1821,12 @@ "DescribeAggregateComplianceByConfigRulesResponse$NextToken": "The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The string that you use in a subsequent request to get the next page of results in a paginated response.
", + "DescribeConformancePackComplianceRequest$NextToken": "The nextToken
string returned in a previous request that you use to request the next page of results in a paginated response.
The nextToken
string returned in a previous request that you use to request the next page of results in a paginated response.
The nextToken
string returned in a previous request that you use to request the next page of results in a paginated response.
The nextToken
string returned in a previous request that you use to request the next page of results in a paginated response.
The nextToken
string returned in a previous request that you use to request the next page of results in a paginated response.
The nextToken
string returned in a previous request that you use to request the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The string that you use in a subsequent request to get the next page of results in a paginated response.
", + "GetConformancePackComplianceDetailsRequest$NextToken": "The nextToken
string returned in a previous request that you use to request the next page of results in a paginated response.
The nextToken
string returned in a previous request that you use to request the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The string that you use in a subsequent request to get the next page of results in a paginated response.
", "GetResourceConfigHistoryRequest$nextToken": "The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
AWS Config rule that you passed in the filter does not exist.
", + "refs": { + } + }, "NoSuchConfigurationAggregatorException": { "base": "You have specified a configuration aggregator that does not exist.
", "refs": { @@ -1549,6 +1900,11 @@ "refs": { } }, + "NoSuchConformancePackException": { + "base": "You specified one or more conformance packs that do not exist.
", + "refs": { + } + }, "NoSuchDeliveryChannelException": { "base": "You have specified a delivery channel that does not exist.
", "refs": { @@ -1559,6 +1915,11 @@ "refs": { } }, + "NoSuchOrganizationConformancePackException": { + "base": "AWS Config organization conformance pack that you passed in the filter does not exist.
For DeleteOrganizationConformancePack, you tried to delete an organization conformance pack that does not exist.
", + "refs": { + } + }, "NoSuchRemediationConfigurationException": { "base": "You specified an AWS Config rule without a remediation configuration.
", "refs": { @@ -1581,7 +1942,7 @@ } }, "OrganizationAccessDeniedException": { - "base": "For PutConfigAggregator API, no permission to call EnableAWSServiceAccess API.
For all OrganizationConfigRule APIs, AWS Config throws an exception if APIs are called from member accounts. All APIs must be called from organization master account.
", + "base": "For PutConfigAggregator API, no permission to call EnableAWSServiceAccess API.
For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS Config throws an exception if APIs are called from member accounts. All APIs must be called from organization master account.
", "refs": { } }, @@ -1653,7 +2014,66 @@ "OrganizationConfigRules": { "base": null, "refs": { - "DescribeOrganizationConfigRulesResponse$OrganizationConfigRules": "Retuns a list OrganizationConfigRule
objects.
Returns a list of OrganizationConfigRule
objects.
An organization conformance pack that has information about conformance packs that AWS Config creates in member accounts.
", + "refs": { + "OrganizationConformancePacks$member": null + } + }, + "OrganizationConformancePackDetailedStatus": { + "base": "Organization conformance pack creation or deletion status in each member account. This includes the name of the conformance pack, the status, error code and error message when the conformance pack creation or deletion failed.
", + "refs": { + "OrganizationConformancePackDetailedStatuses$member": null + } + }, + "OrganizationConformancePackDetailedStatuses": { + "base": null, + "refs": { + "GetOrganizationConformancePackDetailedStatusResponse$OrganizationConformancePackDetailedStatuses": "A list of OrganizationConformancePackDetailedStatus
objects.
The name of organization conformance pack that you want to delete.
", + "GetOrganizationConformancePackDetailedStatusRequest$OrganizationConformancePackName": "The name of organization conformance pack for which you want status details for member accounts.
", + "OrganizationConformancePack$OrganizationConformancePackName": "The name you assign to an organization conformance pack.
", + "OrganizationConformancePackNames$member": null, + "OrganizationConformancePackStatus$OrganizationConformancePackName": "The name that you assign to organization conformance pack.
", + "PutOrganizationConformancePackRequest$OrganizationConformancePackName": "Name of the organization conformance pack you want to create.
" + } + }, + "OrganizationConformancePackNames": { + "base": null, + "refs": { + "DescribeOrganizationConformancePackStatusesRequest$OrganizationConformancePackNames": "The names of organization conformance packs for which you want status details. If you do not specify any names, AWS Config returns details for all your organization conformance packs.
", + "DescribeOrganizationConformancePacksRequest$OrganizationConformancePackNames": "The name that you assign to an organization conformance pack.
" + } + }, + "OrganizationConformancePackStatus": { + "base": "Returns the status for an organization conformance pack in an organization.
", + "refs": { + "OrganizationConformancePackStatuses$member": null + } + }, + "OrganizationConformancePackStatuses": { + "base": null, + "refs": { + "DescribeOrganizationConformancePackStatusesResponse$OrganizationConformancePackStatuses": "A list of OrganizationConformancePackStatus
objects.
You have specified a template that is not valid or supported.
", + "refs": { + } + }, + "OrganizationConformancePacks": { + "base": null, + "refs": { + "DescribeOrganizationConformancePacksResponse$OrganizationConformancePacks": "Returns a list of OrganizationConformancePacks objects.
" } }, "OrganizationCustomRuleMetadata": { @@ -1670,6 +2090,25 @@ "PutOrganizationConfigRuleRequest$OrganizationManagedRuleMetadata": "An OrganizationManagedRuleMetadata
object.
Indicates deployment status for conformance pack in a member account. When master account calls PutOrganizationConformancePack
action for the first time, conformance pack status is created in the member account. When master account calls PutOrganizationConformancePack
action for the second time, conformance pack status is updated in the member account. Conformance pack status is deleted when the master account deletes OrganizationConformancePack
and disables service access for config-multiaccountsetup.amazonaws.com
.
AWS Config sets the state of the conformance pack to:
CREATE_SUCCESSFUL
when conformance pack has been created in the member account.
CREATE_IN_PROGRESS
when conformance pack is being created in the member account.
CREATE_FAILED
when conformance pack creation has failed in the member account.
DELETE_FAILED
when conformance pack deletion has failed in the member account.
DELETE_IN_PROGRESS
when conformance pack is being deleted in the member account.
DELETE_SUCCESSFUL
when conformance pack has been deleted in the member account.
UPDATE_SUCCESSFUL
when conformance pack has been updated in the member account.
UPDATE_IN_PROGRESS
when conformance pack is being updated in the member account.
UPDATE_FAILED
when conformance pack deletion has failed in the member account.
Indicates deployment status for conformance pack in a member account. When master account calls PutOrganizationConformancePack
action for the first time, conformance pack status is created in the member account. When master account calls PutOrganizationConformancePack
action for the second time, conformance pack status is updated in the member account. Conformance pack status is deleted when the master account deletes OrganizationConformancePack
and disables service access for config-multiaccountsetup.amazonaws.com
.
AWS Config sets the state of the conformance pack to:
CREATE_SUCCESSFUL
when conformance pack has been created in the member account.
CREATE_IN_PROGRESS
when conformance pack is being created in the member account.
CREATE_FAILED
when conformance pack creation has failed in the member account.
DELETE_FAILED
when conformance pack deletion has failed in the member account.
DELETE_IN_PROGRESS
when conformance pack is being deleted in the member account.
DELETE_SUCCESSFUL
when conformance pack has been deleted in the member account.
UPDATE_SUCCESSFUL
when conformance pack has been updated in the member account.
UPDATE_IN_PROGRESS
when conformance pack is being updated in the member account.
UPDATE_FAILED
when conformance pack deletion has failed in the member account.
Status filter object to filter results based on specific member account ID or status type for an organization conformance pack.
", + "refs": { + "GetOrganizationConformancePackDetailedStatusRequest$Filters": "An OrganizationResourceDetailedStatusFilters
object.
Indicates deployment status of an organization conformance pack. When master account calls PutOrganizationConformancePack for the first time, conformance pack status is created in all the member accounts. When master account calls PutOrganizationConformancePack for the second time, conformance pack status is updated in all the member accounts. Additionally, conformance pack status is updated when one or more member accounts join or leave an organization. Conformance pack status is deleted when the master account deletes OrganizationConformancePack in all the member accounts and disables service access for config-multiaccountsetup.amazonaws.com
.
AWS Config sets the state of the conformance pack to:
CREATE_SUCCESSFUL
when an organization conformance pack has been successfully created in all the member accounts.
CREATE_IN_PROGRESS
when an organization conformance pack creation is in progress.
CREATE_FAILED
when an organization conformance pack creation failed in one or more member accounts within that organization.
DELETE_FAILED
when an organization conformance pack deletion failed in one or more member accounts within that organization.
DELETE_IN_PROGRESS
when an organization conformance pack deletion is in progress.
DELETE_SUCCESSFUL
when an organization conformance pack has been successfully deleted from all the member accounts.
UPDATE_SUCCESSFUL
when an organization conformance pack has been successfully updated in all the member accounts.
UPDATE_IN_PROGRESS
when an organization conformance pack update is in progress.
UPDATE_FAILED
when an organization conformance pack update failed in one or more member accounts within that organization.
Indicates whether AWS or the customer owns and manages the AWS Config rule.
" } }, + "PageSizeLimit": { + "base": null, + "refs": { + "DescribeConformancePackStatusRequest$Limit": "The maximum number of conformance packs returned on each page.
", + "DescribeConformancePacksRequest$Limit": "The maximum number of conformance packs returned on each page.
", + "GetConformancePackComplianceSummaryRequest$Limit": null + } + }, + "ParameterName": { + "base": null, + "refs": { + "ConformancePackInputParameter$ParameterName": "One part of a key-value pair.
" + } + }, + "ParameterValue": { + "base": null, + "refs": { + "ConformancePackInputParameter$ParameterValue": "Another part of the key-value pair.
" + } + }, "PendingAggregationRequest": { "base": "An object that represents the account ID and region of an aggregator account that is requesting authorization but is not yet authorized.
", "refs": { @@ -1736,6 +2195,16 @@ "refs": { } }, + "PutConformancePackRequest": { + "base": null, + "refs": { + } + }, + "PutConformancePackResponse": { + "base": null, + "refs": { + } + }, "PutDeliveryChannelRequest": { "base": "The input for the PutDeliveryChannel action.
", "refs": { @@ -1761,6 +2230,16 @@ "refs": { } }, + "PutOrganizationConformancePackRequest": { + "base": null, + "refs": { + } + }, + "PutOrganizationConformancePackResponse": { + "base": null, + "refs": { + } + }, "PutRemediationConfigurationsRequest": { "base": null, "refs": { @@ -2038,7 +2517,7 @@ } }, "ResourceInUseException": { - "base": "You see this exception in the following cases:
For DeleteConfigRule API, AWS Config is deleting this rule. Try your request again later.
For DeleteConfigRule API, the rule is deleting your evaluation results. Try your request again later.
For DeleteConfigRule API, a remediation action is associated with the rule and AWS Config cannot delete this rule. Delete the remediation action associated with the rule before deleting the rule and try your request again later.
For PutConfigOrganizationRule, organization config rule deletion is in progress. Try your request again later.
For DeleteOrganizationConfigRule, organization config rule creation is in progress. Try your request again later.
You see this exception in the following cases:
For DeleteConfigRule, AWS Config is deleting this rule. Try your request again later.
For DeleteConfigRule, the rule is deleting your evaluation results. Try your request again later.
For DeleteConfigRule, a remediation action is associated with the rule and AWS Config cannot delete this rule. Delete the remediation action associated with the rule before deleting the rule and try your request again later.
For PutConfigOrganizationRule, organization config rule deletion is in progress. Try your request again later.
For DeleteOrganizationConfigRule, organization config rule creation is in progress. Try your request again later.
For PutConformancePack and PutOrganizationConformancePack, a conformance pack creation, update, and deletion is in progress. Try your request again later.
For DeleteConformancePack, a conformance pack creation, update, and deletion is in progress. Try your request again later.
A SsmControls object.
" } }, + "StackArn": { + "base": null, + "refs": { + "ConformancePackStatusDetail$StackArn": "Amazon Resource Name (ARN) of AWS CloudFormation stack.
" + } + }, "StartConfigRulesEvaluationRequest": { "base": "", "refs": { @@ -2308,6 +2793,10 @@ "DescribeOrganizationConfigRuleStatusesResponse$NextToken": "The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
", + "DescribeOrganizationConformancePackStatusesResponse$NextToken": "The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
", + "DescribeOrganizationConformancePacksRequest$NextToken": "The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
", + "DescribeOrganizationConformancePacksResponse$NextToken": "The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
", "DescribePendingAggregationRequestsRequest$NextToken": "The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned in a previous request that you use to request the next page of results in a paginated response.
The string that you use in a subsequent request to get the next page of results in a paginated response.
", "GetOrganizationConfigRuleDetailedStatusRequest$NextToken": "The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken
string returned on a previous page that you use to get the next page of results in a paginated response.
The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
", + "GetOrganizationConformancePackDetailedStatusResponse$NextToken": "The nextToken string returned on a previous page that you use to get the next page of results in a paginated response.
", "MemberAccountStatus$ErrorCode": "An error code that is returned when config rule creation or deletion failed in the member account.
", "MemberAccountStatus$ErrorMessage": "An error message indicating that config rule account creation or deletion has failed due to an error in the member account.
", "OrganizationAggregationSource$RoleArn": "ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account.
", "OrganizationConfigRuleStatus$ErrorCode": "An error code that is returned when organization config rule creation or deletion has failed.
", "OrganizationConfigRuleStatus$ErrorMessage": "An error message indicating that organization config rule creation or deletion failed due to an error.
", + "OrganizationConformancePackDetailedStatus$ErrorCode": "An error code that is returned when conformance pack creation or deletion failed in the member account.
", + "OrganizationConformancePackDetailedStatus$ErrorMessage": "An error message indicating that conformance pack account creation or deletion has failed due to an error in the member account.
", + "OrganizationConformancePackStatus$ErrorCode": "An error code that is returned when organization conformance pack creation or deletion has failed in the member account.
", + "OrganizationConformancePackStatus$ErrorMessage": "An error message indicating that organization conformance pack creation or deletion failed due to an error.
", "PutEvaluationsRequest$ResultToken": "An encrypted token that associates an evaluation with an AWS Config rule. Identifies the rule and the event that triggered the evaluation.
", "RemediationConfiguration$TargetVersion": "Version of the target. For example, version of the SSM document.
", "RemediationConfiguration$ResourceType": "The type of a resource.
", @@ -2372,6 +2867,9 @@ "ComplianceResourceTypes$member": null, "ComplianceSummaryByResourceType$ResourceType": "The type of AWS resource.
", "ConfigRule$CreatedBy": "Service principal name of the service that created the rule.
The field is populated only if the service linked rule is created by a service. The field is empty if you create your own rule.
Filters the results by the resource type (for example, \"AWS::EC2::Instance\"
).
The types of AWS resources for which you want compliance information (for example, AWS::EC2::Instance
). For this action, you can specify that the resource type is an AWS account by specifying AWS::::Account
.
The type of AWS resource that was evaluated.
", "Evaluation$Annotation": "Supplementary information about how the evaluation determined the compliance.
", @@ -2381,12 +2879,15 @@ "GetAggregateDiscoveredResourceCountsResponse$GroupByKey": "The key passed into the request object. If GroupByKey
is not provided, the result will be empty.
The type of the AWS resource for which you want compliance information.
", "GroupedResourceCount$GroupName": "The name of the group that can be region, account ID, or resource type. For example, region1, region2 if the region was chosen as GroupByKey
.
The Amazon Resource Name (ARN) of organization config rule.
", + "OrganizationConfigRule$OrganizationConfigRuleArn": "Amazon Resource Name (ARN) of organization config rule.
", + "OrganizationConformancePack$OrganizationConformancePackArn": "Amazon Resource Name (ARN) of organization conformance pack.
", + "OrganizationConformancePackDetailedStatus$ConformancePackName": "The name of conformance pack deployed in the member account.
", "OrganizationCustomRuleMetadata$LambdaFunctionArn": "The lambda function ARN.
", "OrganizationCustomRuleMetadata$TagValueScope": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).
", "OrganizationManagedRuleMetadata$RuleIdentifier": "For organization config managed rules, a predefined identifier from a list. For example, IAM_PASSWORD_POLICY
is a managed rule. To reference a managed rule, see Using AWS Managed Config Rules.
The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).
", "PutOrganizationConfigRuleResponse$OrganizationConfigRuleArn": "The Amazon Resource Name (ARN) of an organization config rule.
", + "PutOrganizationConformancePackResponse$OrganizationConformancePackArn": "ARN of the organization conformance pack.
", "RemediationConfiguration$TargetId": "Target ID is the name of the public document.
", "RemediationException$ResourceType": "The type of a resource.
", "RemediationExceptionResourceKey$ResourceType": "The type of a resource.
", @@ -2411,6 +2912,7 @@ "ComplianceByConfigRule$ConfigRuleName": "The name of the AWS Config rule.
", "ConfigRule$ConfigRuleName": "The name that you assign to the AWS Config rule. The name is required if you are adding a new rule.
", "ConfigRuleEvaluationStatus$ConfigRuleName": "The name of the AWS Config rule.
", + "ConformancePackConfigRuleNames$member": null, "DeleteConfigRuleRequest$ConfigRuleName": "The name of the AWS Config rule that you want to delete.
", "DeleteEvaluationResultsRequest$ConfigRuleName": "The name of the AWS Config rule for which you want to delete the evaluation results.
", "EvaluationResultQualifier$ConfigRuleName": "The name of the AWS Config rule that was used in the evaluation.
", @@ -2498,6 +3000,20 @@ "PutConfigurationAggregatorRequest$Tags": "An array of tag object.
" } }, + "TemplateBody": { + "base": null, + "refs": { + "PutConformancePackRequest$TemplateBody": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.
You can only use a YAML template with one resource type, that is, config rule.
A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.
" + } + }, + "TemplateS3Uri": { + "base": null, + "refs": { + "PutConformancePackRequest$TemplateS3Uri": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300,000 bytes) that is located in an Amazon S3 bucket in the same region as the conformance pack.
You must have access to read Amazon S3 bucket.
Location of file containing the template body. The uri must point to the conformance pack template (max size: 300,000 bytes).
You must have access to read Amazon S3 bucket.
You have reached the limit of the number of tags you can use. You have more than 50 tags.
", "refs": { diff --git a/models/apis/ec2/2016-11-15/api-2.json b/models/apis/ec2/2016-11-15/api-2.json index d5e5e4f0349..621658634a6 100755 --- a/models/apis/ec2/2016-11-15/api-2.json +++ b/models/apis/ec2/2016-11-15/api-2.json @@ -2579,6 +2579,15 @@ "input":{"shape":"ModifyInstanceEventStartTimeRequest"}, "output":{"shape":"ModifyInstanceEventStartTimeResult"} }, + "ModifyInstanceMetadataOptions":{ + "name":"ModifyInstanceMetadataOptions", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"ModifyInstanceMetadataOptionsRequest"}, + "output":{"shape":"ModifyInstanceMetadataOptionsResult"} + }, "ModifyInstancePlacement":{ "name":"ModifyInstancePlacement", "http":{ @@ -5813,6 +5822,7 @@ }, "CertificateArn":{"shape":"String"}, "Type":{"shape":"GatewayType"}, + "DeviceName":{"shape":"String"}, "DryRun":{ "shape":"Boolean", "locationName":"dryRun" @@ -7225,6 +7235,10 @@ "shape":"String", "locationName":"type" }, + "DeviceName":{ + "shape":"String", + "locationName":"deviceName" + }, "Tags":{ "shape":"TagList", "locationName":"tagSet" @@ -13775,6 +13789,13 @@ "host" ] }, + "HttpTokensState":{ + "type":"string", + "enum":[ + "optional", + "required" + ] + }, "HypervisorType":{ "type":"string", "enum":[ @@ -14767,6 +14788,10 @@ "Licenses":{ "shape":"LicenseList", "locationName":"licenseSet" + }, + "MetadataOptions":{ + "shape":"InstanceMetadataOptionsResponse", + "locationName":"metadataOptions" } } }, @@ -15088,6 +15113,49 @@ "targeted" ] }, + "InstanceMetadataEndpointState":{ + "type":"string", + "enum":[ + "disabled", + "enabled" + ] + }, + "InstanceMetadataOptionsRequest":{ + "type":"structure", + "members":{ + "HttpTokens":{"shape":"HttpTokensState"}, + "HttpPutResponseHopLimit":{"shape":"Integer"}, + "HttpEndpoint":{"shape":"InstanceMetadataEndpointState"} + } + }, + "InstanceMetadataOptionsResponse":{ + "type":"structure", + "members":{ + "State":{ + "shape":"InstanceMetadataOptionsState", + "locationName":"state" + }, + "HttpTokens":{ + "shape":"HttpTokensState", + "locationName":"httpTokens" + }, + "HttpPutResponseHopLimit":{ + "shape":"Integer", + "locationName":"httpPutResponseHopLimit" + }, + "HttpEndpoint":{ + "shape":"InstanceMetadataEndpointState", + "locationName":"httpEndpoint" + } + } + }, + "InstanceMetadataOptionsState":{ + "type":"string", + "enum":[ + "pending", + "applied" + ] + }, "InstanceMonitoring":{ "type":"structure", "members":{ @@ -17197,6 +17265,30 @@ } } }, + "ModifyInstanceMetadataOptionsRequest":{ + "type":"structure", + "required":["InstanceId"], + "members":{ + "InstanceId":{"shape":"String"}, + "HttpTokens":{"shape":"HttpTokensState"}, + "HttpPutResponseHopLimit":{"shape":"Integer"}, + "HttpEndpoint":{"shape":"InstanceMetadataEndpointState"}, + "DryRun":{"shape":"Boolean"} + } + }, + "ModifyInstanceMetadataOptionsResult":{ + "type":"structure", + "members":{ + "InstanceId":{ + "shape":"String", + "locationName":"instanceId" + }, + "InstanceMetadataOptions":{ + "shape":"InstanceMetadataOptionsResponse", + "locationName":"instanceMetadataOptions" + } + } + }, "ModifyInstancePlacementRequest":{ "type":"structure", "required":["InstanceId"], @@ -21188,7 +21280,8 @@ "LicenseSpecifications":{ "shape":"LicenseSpecificationListRequest", "locationName":"LicenseSpecification" - } + }, + "MetadataOptions":{"shape":"InstanceMetadataOptionsRequest"} } }, "RunScheduledInstancesRequest":{ diff --git a/models/apis/ec2/2016-11-15/docs-2.json b/models/apis/ec2/2016-11-15/docs-2.json index 4aefe2c59cf..f75791884c4 100755 --- a/models/apis/ec2/2016-11-15/docs-2.json +++ b/models/apis/ec2/2016-11-15/docs-2.json @@ -44,7 +44,7 @@ "CreateCapacityReservation": "Creates a new Capacity Reservation with the specified attributes.
Capacity Reservations enable you to reserve capacity for your Amazon EC2 instances in a specific Availability Zone for any duration. This gives you the flexibility to selectively add capacity reservations and still get the Regional RI discounts for that usage. By creating Capacity Reservations, you ensure that you always have access to Amazon EC2 capacity when you need it, for as long as you need it. For more information, see Capacity Reservations in the Amazon Elastic Compute Cloud User Guide.
Your request to create a Capacity Reservation could fail if Amazon EC2 does not have sufficient capacity to fulfill the request. If your request fails due to Amazon EC2 capacity constraints, either try again at a later time, try in a different Availability Zone, or request a smaller capacity reservation. If your application is flexible across instance types and sizes, try to create a Capacity Reservation with different instance attributes.
Your request could also fail if the requested quantity exceeds your On-Demand Instance limit for the selected instance type. If your request fails due to limit constraints, increase your On-Demand Instance limit for the required instance type and try again. For more information about increasing your instance limits, see Amazon EC2 Service Limits in the Amazon Elastic Compute Cloud User Guide.
", "CreateClientVpnEndpoint": "Creates a Client VPN endpoint. A Client VPN endpoint is the resource you create and configure to enable and manage client VPN sessions. It is the destination endpoint at which all client VPN sessions are terminated.
", "CreateClientVpnRoute": "Adds a route to a network to a Client VPN endpoint. Each Client VPN endpoint has a route table that describes the available destination network routes. Each route in the route table specifies the path for traffic to specific resources or networks.
", - "CreateCustomerGateway": "Provides information to AWS about your VPN customer gateway device. The customer gateway is the appliance at your end of the VPN connection. (The device on the AWS side of the VPN connection is the virtual private gateway.) You must provide the Internet-routable IP address of the customer gateway's external interface. The IP address must be static and can be behind a device performing network address translation (NAT).
For devices that use Border Gateway Protocol (BGP), you can also provide the device's BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network. If you don't have an ASN already, you can use a private ASN (in the 64512 - 65534 range).
Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65534, with the exception of 7224, which is reserved in the us-east-1
Region, and 9059, which is reserved in the eu-west-1
Region.
For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide.
You cannot create more than one customer gateway with the same VPN type, IP address, and BGP ASN parameter values. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources.
Provides information to AWS about your VPN customer gateway device. The customer gateway is the appliance at your end of the VPN connection. (The device on the AWS side of the VPN connection is the virtual private gateway.) You must provide the Internet-routable IP address of the customer gateway's external interface. The IP address must be static and can be behind a device performing network address translation (NAT).
For devices that use Border Gateway Protocol (BGP), you can also provide the device's BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network. If you don't have an ASN already, you can use a private ASN (in the 64512 - 65534 range).
Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65534, with the exception of 7224, which is reserved in the us-east-1
Region, and 9059, which is reserved in the eu-west-1
Region.
For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide.
To create more than one customer gateway with the same VPN type, IP address, and BGP ASN, specify a unique device name for each customer gateway. Identical requests return information about the existing customer gateway and do not create new customer gateways.
Creates a default subnet with a size /20
IPv4 CIDR block in the specified Availability Zone in your default VPC. You can have only one default subnet per Availability Zone. For more information, see Creating a Default Subnet in the Amazon Virtual Private Cloud User Guide.
Creates a default VPC with a size /16
IPv4 CIDR block and a default subnet in each Availability Zone. For more information about the components of a default VPC, see Default VPC and Default Subnets in the Amazon Virtual Private Cloud User Guide. You cannot specify the components of the default VPC yourself.
If you deleted your previous default VPC, you can create a default VPC. You cannot have more than one default VPC per Region.
If your account supports EC2-Classic, you cannot use this action to create a default VPC in a Region that supports EC2-Classic. If you want a default VPC in a Region that supports EC2-Classic, see \"I really want a default VPC for my existing EC2 account. Is that possible?\" in the Default VPCs FAQ.
", "CreateDhcpOptions": "Creates a set of DHCP options for your VPC. After creating the set, you must associate it with the VPC, causing all existing and new instances that you launch in the VPC to use this set of DHCP options. The following are the individual DHCP options you can specify. For more information about the options, see RFC 2132.
domain-name-servers
- The IP addresses of up to four domain name servers, or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. If specifying more than one domain name server, specify the IP addresses in a single parameter, separated by commas. To have your instance receive a custom DNS hostname as specified in domain-name
, you must set domain-name-servers
to a custom DNS server.
domain-name
- If you're using AmazonProvidedDNS in us-east-1
, specify ec2.internal
. If you're using AmazonProvidedDNS in another Region, specify region.compute.internal
(for example, ap-northeast-1.compute.internal
). Otherwise, specify a domain name (for example, MyCompany.com
). This value is used to complete unqualified DNS hostnames. Important: Some Linux operating systems accept multiple domain names separated by spaces. However, Windows and other Linux operating systems treat the value as a single domain, which results in unexpected behavior. If your DHCP options set is associated with a VPC that has instances with multiple operating systems, specify only one domain name.
ntp-servers
- The IP addresses of up to four Network Time Protocol (NTP) servers.
netbios-name-servers
- The IP addresses of up to four NetBIOS name servers.
netbios-node-type
- The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported). For more information about these node types, see RFC 2132.
Your VPC automatically starts out with a set of DHCP options that includes only a DNS server that we provide (AmazonProvidedDNS). If you create a set of options, and if your VPC has an internet gateway, make sure to set the domain-name-servers
option either to AmazonProvidedDNS
or to a domain name server of your choice. For more information, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide.
Modifies the Capacity Reservation settings for a stopped instance. Use this action to configure an instance to target a specific Capacity Reservation, run in any open
Capacity Reservation with matching attributes, or run On-Demand Instance capacity.
Modifies the credit option for CPU usage on a running or stopped T2 or T3 instance. The credit options are standard
and unlimited
.
For more information, see Burstable Performance Instances in the Amazon Elastic Compute Cloud User Guide.
", "ModifyInstanceEventStartTime": "Modifies the start time for a scheduled Amazon EC2 instance event.
", + "ModifyInstanceMetadataOptions": "Modify the instance metadata parameters on a running or stopped instance. When you modify the parameters on a stopped instance, they are applied when the instance is started. When you modify the parameters on a running instance, the API responds with a state of “pending”. After the parameter modifications are successfully applied to the instance, the state of the modifications changes from “pending” to “applied” in subsequent describe-instances API calls. For more information, see Instance Metadata and User Data.
", "ModifyInstancePlacement": "Modifies the placement attributes for a specified instance. You can do the following:
Modify the affinity between an instance and a Dedicated Host. When affinity is set to host
and the instance is not associated with a specific Dedicated Host, the next time the instance is launched, it is automatically associated with the host on which it lands. If the instance is restarted or rebooted, this relationship persists.
Change the Dedicated Host with which an instance is associated.
Change the instance tenancy of an instance from host
to dedicated
, or from dedicated
to host
.
Move an instance to or from a placement group.
At least one attribute for affinity, host ID, tenancy, or placement group name must be specified in the request. Affinity and tenancy can be modified in the same request.
To modify the host ID, tenancy, placement group, or partition for an instance, the instance must be in the stopped
state.
Modifies a launch template. You can specify which version of the launch template to set as the default version. When launching an instance, the default version applies when a launch template version is not specified.
", "ModifyNetworkInterfaceAttribute": "Modifies the specified network interface attribute. You can specify only one attribute at a time. You can use this action to attach and detach security groups from an existing EC2 instance.
", @@ -1314,6 +1315,7 @@ "ModifyInstanceCapacityReservationAttributesResult$Return": "Returns true
if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Is true
if the request succeeds, and an error otherwise.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
The elastic inference accelerator associated with the instance.
" + "Instance$ElasticInferenceAcceleratorAssociations": "The elastic inference accelerator associated with the instance.
" } }, "ElasticInferenceAccelerators": { @@ -5165,7 +5167,7 @@ "DescribeImportSnapshotTasksRequest$Filters": "The filters.
", "DescribeInstanceCreditSpecificationsRequest$Filters": "The filters.
instance-id
- The ID of the instance.
The filters.
availability-zone
- The Availability Zone of the instance.
event.code
- The code for the scheduled event (instance-reboot
| system-reboot
| system-maintenance
| instance-retirement
| instance-stop
).
event.description
- A description of the event.
event.instance-event-id
- The ID of the event whose date and time you are modifying.
event.not-after
- The latest end time for the scheduled event (for example, 2014-09-15T17:15:20.000Z
).
event.not-before
- The earliest start time for the scheduled event (for example, 2014-09-15T17:15:20.000Z
).
event.not-before-deadline
- The deadline for starting the event (for example, 2014-09-15T17:15:20.000Z
).
instance-state-code
- The code for the instance state, as a 16-bit unsigned integer. The high byte is used for internal purposes and should be ignored. The low byte is set based on the state represented. The valid values are 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).
instance-state-name
- The state of the instance (pending
| running
| shutting-down
| terminated
| stopping
| stopped
).
instance-status.reachability
- Filters on instance status where the name is reachability
(passed
| failed
| initializing
| insufficient-data
).
instance-status.status
- The status of the instance (ok
| impaired
| initializing
| insufficient-data
| not-applicable
).
system-status.reachability
- Filters on system status where the name is reachability
(passed
| failed
| initializing
| insufficient-data
).
system-status.status
- The system status of the instance (ok
| impaired
| initializing
| insufficient-data
| not-applicable
).
The filters.
affinity
- The affinity setting for an instance running on a Dedicated Host (default
| host
).
architecture
- The instance architecture (i386
| x86_64
| arm64
).
availability-zone
- The Availability Zone of the instance.
block-device-mapping.attach-time
- The attach time for an EBS volume mapped to the instance, for example, 2010-09-15T17:15:20.000Z
.
block-device-mapping.delete-on-termination
- A Boolean that indicates whether the EBS volume is deleted on instance termination.
block-device-mapping.device-name
- The device name specified in the block device mapping (for example, /dev/sdh
or xvdh
).
block-device-mapping.status
- The status for the EBS volume (attaching
| attached
| detaching
| detached
).
block-device-mapping.volume-id
- The volume ID of the EBS volume.
client-token
- The idempotency token you provided when you launched the instance.
dns-name
- The public DNS name of the instance.
group-id
- The ID of the security group for the instance. EC2-Classic only.
group-name
- The name of the security group for the instance. EC2-Classic only.
hibernation-options.configured
- A Boolean that indicates whether the instance is enabled for hibernation. A value of true
means that the instance is enabled for hibernation.
host-id
- The ID of the Dedicated Host on which the instance is running, if applicable.
hypervisor
- The hypervisor type of the instance (ovm
| xen
).
iam-instance-profile.arn
- The instance profile associated with the instance. Specified as an ARN.
image-id
- The ID of the image used to launch the instance.
instance-id
- The ID of the instance.
instance-lifecycle
- Indicates whether this is a Spot Instance or a Scheduled Instance (spot
| scheduled
).
instance-state-code
- The state of the instance, as a 16-bit unsigned integer. The high byte is used for internal purposes and should be ignored. The low byte is set based on the state represented. The valid values are: 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).
instance-state-name
- The state of the instance (pending
| running
| shutting-down
| terminated
| stopping
| stopped
).
instance-type
- The type of instance (for example, t2.micro
).
instance.group-id
- The ID of the security group for the instance.
instance.group-name
- The name of the security group for the instance.
ip-address
- The public IPv4 address of the instance.
kernel-id
- The kernel ID.
key-name
- The name of the key pair used when the instance was launched.
launch-index
- When launching multiple instances, this is the index for the instance in the launch group (for example, 0, 1, 2, and so on).
launch-time
- The time when the instance was launched.
monitoring-state
- Indicates whether detailed monitoring is enabled (disabled
| enabled
).
network-interface.addresses.private-ip-address
- The private IPv4 address associated with the network interface.
network-interface.addresses.primary
- Specifies whether the IPv4 address of the network interface is the primary private IPv4 address.
network-interface.addresses.association.public-ip
- The ID of the association of an Elastic IP address (IPv4) with a network interface.
network-interface.addresses.association.ip-owner-id
- The owner ID of the private IPv4 address associated with the network interface.
network-interface.association.public-ip
- The address of the Elastic IP address (IPv4) bound to the network interface.
network-interface.association.ip-owner-id
- The owner of the Elastic IP address (IPv4) associated with the network interface.
network-interface.association.allocation-id
- The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.
network-interface.association.association-id
- The association ID returned when the network interface was associated with an IPv4 address.
network-interface.attachment.attachment-id
- The ID of the interface attachment.
network-interface.attachment.instance-id
- The ID of the instance to which the network interface is attached.
network-interface.attachment.instance-owner-id
- The owner ID of the instance to which the network interface is attached.
network-interface.attachment.device-index
- The device index to which the network interface is attached.
network-interface.attachment.status
- The status of the attachment (attaching
| attached
| detaching
| detached
).
network-interface.attachment.attach-time
- The time that the network interface was attached to an instance.
network-interface.attachment.delete-on-termination
- Specifies whether the attachment is deleted when an instance is terminated.
network-interface.availability-zone
- The Availability Zone for the network interface.
network-interface.description
- The description of the network interface.
network-interface.group-id
- The ID of a security group associated with the network interface.
network-interface.group-name
- The name of a security group associated with the network interface.
network-interface.ipv6-addresses.ipv6-address
- The IPv6 address associated with the network interface.
network-interface.mac-address
- The MAC address of the network interface.
network-interface.network-interface-id
- The ID of the network interface.
network-interface.owner-id
- The ID of the owner of the network interface.
network-interface.private-dns-name
- The private DNS name of the network interface.
network-interface.requester-id
- The requester ID for the network interface.
network-interface.requester-managed
- Indicates whether the network interface is being managed by AWS.
network-interface.status
- The status of the network interface (available
) | in-use
).
network-interface.source-dest-check
- Whether the network interface performs source/destination checking. A value of true
means that checking is enabled, and false
means that checking is disabled. The value must be false
for the network interface to perform network address translation (NAT) in your VPC.
network-interface.subnet-id
- The ID of the subnet for the network interface.
network-interface.vpc-id
- The ID of the VPC for the network interface.
owner-id
- The AWS account ID of the instance owner.
placement-group-name
- The name of the placement group for the instance.
placement-partition-number
- The partition in which the instance is located.
platform
- The platform. To list only Windows instances, use windows
.
private-dns-name
- The private IPv4 DNS name of the instance.
private-ip-address
- The private IPv4 address of the instance.
product-code
- The product code associated with the AMI used to launch the instance.
product-code.type
- The type of product code (devpay
| marketplace
).
ramdisk-id
- The RAM disk ID.
reason
- The reason for the current state of the instance (for example, shows \"User Initiated [date]\" when you stop or terminate the instance). Similar to the state-reason-code filter.
requester-id
- The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).
reservation-id
- The ID of the instance's reservation. A reservation ID is created any time you launch an instance. A reservation ID has a one-to-one relationship with an instance launch request, but can be associated with more than one instance if you launch multiple instances using the same launch request. For example, if you launch one instance, you get one reservation ID. If you launch ten instances using the same launch request, you also get one reservation ID.
root-device-name
- The device name of the root device volume (for example, /dev/sda1
).
root-device-type
- The type of the root device volume (ebs
| instance-store
).
source-dest-check
- Indicates whether the instance performs source/destination checking. A value of true
means that checking is enabled, and false
means that checking is disabled. The value must be false
for the instance to perform network address translation (NAT) in your VPC.
spot-instance-request-id
- The ID of the Spot Instance request.
state-reason-code
- The reason code for the state change.
state-reason-message
- A message that describes the state change.
subnet-id
- The ID of the subnet for the instance.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.
tenancy
- The tenancy of an instance (dedicated
| default
| host
).
virtualization-type
- The virtualization type of the instance (paravirtual
| hvm
).
vpc-id
- The ID of the VPC that the instance is running in.
The filters.
affinity
- The affinity setting for an instance running on a Dedicated Host (default
| host
).
architecture
- The instance architecture (i386
| x86_64
| arm64
).
availability-zone
- The Availability Zone of the instance.
block-device-mapping.attach-time
- The attach time for an EBS volume mapped to the instance, for example, 2010-09-15T17:15:20.000Z
.
block-device-mapping.delete-on-termination
- A Boolean that indicates whether the EBS volume is deleted on instance termination.
block-device-mapping.device-name
- The device name specified in the block device mapping (for example, /dev/sdh
or xvdh
).
block-device-mapping.status
- The status for the EBS volume (attaching
| attached
| detaching
| detached
).
block-device-mapping.volume-id
- The volume ID of the EBS volume.
client-token
- The idempotency token you provided when you launched the instance.
dns-name
- The public DNS name of the instance.
group-id
- The ID of the security group for the instance. EC2-Classic only.
group-name
- The name of the security group for the instance. EC2-Classic only.
hibernation-options.configured
- A Boolean that indicates whether the instance is enabled for hibernation. A value of true
means that the instance is enabled for hibernation.
host-id
- The ID of the Dedicated Host on which the instance is running, if applicable.
hypervisor
- The hypervisor type of the instance (ovm
| xen
).
iam-instance-profile.arn
- The instance profile associated with the instance. Specified as an ARN. image-id
- The ID of the image used to launch the instance.
instance-id
- The ID of the instance.
instance-lifecycle
- Indicates whether this is a Spot Instance or a Scheduled Instance (spot
| scheduled
).
instance-state-code
- The state of the instance, as a 16-bit unsigned integer. The high byte is used for internal purposes and should be ignored. The low byte is set based on the state represented. The valid values are: 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).
instance-state-name
- The state of the instance (pending
| running
| shutting-down
| terminated
| stopping
| stopped
).
instance-type
- The type of instance (for example, t2.micro
).
instance.group-id
- The ID of the security group for the instance.
instance.group-name
- The name of the security group for the instance.
ip-address
- The public IPv4 address of the instance.
kernel-id
- The kernel ID.
key-name
- The name of the key pair used when the instance was launched.
launch-index
- When launching multiple instances, this is the index for the instance in the launch group (for example, 0, 1, 2, and so on).
launch-time
- The time when the instance was launched.
metadata-http-tokens
- The metadata request authorization state (optional
| required
)
metadata-http-put-response-hop-limit
- The http metadata request put response hop limit (integer, possible values 1
to 64
)
metadata-http-endpoint
- Enable or disable metadata access on http endpoint (enabled
| disabled
)
monitoring-state
- Indicates whether detailed monitoring is enabled (disabled
| enabled
).
network-interface.addresses.private-ip-address
- The private IPv4 address associated with the network interface.
network-interface.addresses.primary
- Specifies whether the IPv4 address of the network interface is the primary private IPv4 address.
network-interface.addresses.association.public-ip
- The ID of the association of an Elastic IP address (IPv4) with a network interface.
network-interface.addresses.association.ip-owner-id
- The owner ID of the private IPv4 address associated with the network interface.
network-interface.association.public-ip
- The address of the Elastic IP address (IPv4) bound to the network interface.
network-interface.association.ip-owner-id
- The owner of the Elastic IP address (IPv4) associated with the network interface.
network-interface.association.allocation-id
- The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.
network-interface.association.association-id
- The association ID returned when the network interface was associated with an IPv4 address.
network-interface.attachment.attachment-id
- The ID of the interface attachment.
network-interface.attachment.instance-id
- The ID of the instance to which the network interface is attached.
network-interface.attachment.instance-owner-id
- The owner ID of the instance to which the network interface is attached.
network-interface.attachment.device-index
- The device index to which the network interface is attached.
network-interface.attachment.status
- The status of the attachment (attaching
| attached
| detaching
| detached
).
network-interface.attachment.attach-time
- The time that the network interface was attached to an instance.
network-interface.attachment.delete-on-termination
- Specifies whether the attachment is deleted when an instance is terminated.
network-interface.availability-zone
- The Availability Zone for the network interface.
network-interface.description
- The description of the network interface.
network-interface.group-id
- The ID of a security group associated with the network interface.
network-interface.group-name
- The name of a security group associated with the network interface.
network-interface.ipv6-addresses.ipv6-address
- The IPv6 address associated with the network interface.
network-interface.mac-address
- The MAC address of the network interface.
network-interface.network-interface-id
- The ID of the network interface.
network-interface.owner-id
- The ID of the owner of the network interface.
network-interface.private-dns-name
- The private DNS name of the network interface.
network-interface.requester-id
- The requester ID for the network interface.
network-interface.requester-managed
- Indicates whether the network interface is being managed by AWS.
network-interface.status
- The status of the network interface (available
) | in-use
).
network-interface.source-dest-check
- Whether the network interface performs source/destination checking. A value of true
means that checking is enabled, and false
means that checking is disabled. The value must be false
for the network interface to perform network address translation (NAT) in your VPC.
network-interface.subnet-id
- The ID of the subnet for the network interface.
network-interface.vpc-id
- The ID of the VPC for the network interface.
owner-id
- The AWS account ID of the instance owner.
placement-group-name
- The name of the placement group for the instance.
placement-partition-number
- The partition in which the instance is located.
platform
- The platform. To list only Windows instances, use windows
.
private-dns-name
- The private IPv4 DNS name of the instance.
private-ip-address
- The private IPv4 address of the instance.
product-code
- The product code associated with the AMI used to launch the instance.
product-code.type
- The type of product code (devpay
| marketplace
).
ramdisk-id
- The RAM disk ID.
reason
- The reason for the current state of the instance (for example, shows \"User Initiated [date]\" when you stop or terminate the instance). Similar to the state-reason-code filter.
requester-id
- The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).
reservation-id
- The ID of the instance's reservation. A reservation ID is created any time you launch an instance. A reservation ID has a one-to-one relationship with an instance launch request, but can be associated with more than one instance if you launch multiple instances using the same launch request. For example, if you launch one instance, you get one reservation ID. If you launch ten instances using the same launch request, you also get one reservation ID.
root-device-name
- The device name of the root device volume (for example, /dev/sda1
).
root-device-type
- The type of the root device volume (ebs
| instance-store
).
source-dest-check
- Indicates whether the instance performs source/destination checking. A value of true
means that checking is enabled, and false
means that checking is disabled. The value must be false
for the instance to perform network address translation (NAT) in your VPC.
spot-instance-request-id
- The ID of the Spot Instance request.
state-reason-code
- The reason code for the state change.
state-reason-message
- A message that describes the state change.
subnet-id
- The ID of the subnet for the instance.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.
tenancy
- The tenancy of an instance (dedicated
| default
| host
).
virtualization-type
- The virtualization type of the instance (paravirtual
| hvm
).
vpc-id
- The ID of the VPC that the instance is running in.
One or more filters.
attachment.state
- The current state of the attachment between the gateway and the VPC (available
). Present only if a VPC is attached.
attachment.vpc-id
- The ID of an attached VPC.
internet-gateway-id
- The ID of the Internet gateway.
owner-id
- The ID of the AWS account that owns the internet gateway.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
The filters.
fingerprint
- The fingerprint of the key pair.
key-name
- The name of the key pair.
One or more filters.
create-time
- The time the launch template version was created.
ebs-optimized
- A boolean that indicates whether the instance is optimized for Amazon EBS I/O.
iam-instance-profile
- The ARN of the IAM instance profile.
image-id
- The ID of the AMI.
instance-type
- The instance type.
is-default-version
- A boolean that indicates whether the launch template version is the default version.
kernel-id
- The kernel ID.
ram-disk-id
- The RAM disk ID.
One or more filters.
service-name
: The name of the service.
vpc-id
: The ID of the VPC in which the endpoint resides.
vpc-endpoint-id
: The ID of the endpoint.
vpc-endpoint-state
- The state of the endpoint (pendingAcceptance
| pending
| available
| deleting
| deleted
| rejected
| failed
).
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
accepter-vpc-info.cidr-block
- The IPv4 CIDR block of the accepter VPC.
accepter-vpc-info.owner-id
- The AWS account ID of the owner of the accepter VPC.
accepter-vpc-info.vpc-id
- The ID of the accepter VPC.
expiration-time
- The expiration date and time for the VPC peering connection.
requester-vpc-info.cidr-block
- The IPv4 CIDR block of the requester's VPC.
requester-vpc-info.owner-id
- The AWS account ID of the owner of the requester VPC.
requester-vpc-info.vpc-id
- The ID of the requester VPC.
status-code
- The status of the VPC peering connection (pending-acceptance
| failed
| expired
| provisioning
| active
| deleting
| deleted
| rejected
).
status-message
- A message that provides more information about the status of the VPC peering connection, if applicable.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-peering-connection-id
- The ID of the VPC peering connection.
One or more filters.
cidr
- The primary IPv4 CIDR block of the VPC. The CIDR block you specify must exactly match the VPC's CIDR block for information to be returned for the VPC. Must contain the slash followed by one or two digits (for example, /28
).
cidr-block-association.cidr-block
- An IPv4 CIDR block associated with the VPC.
cidr-block-association.association-id
- The association ID for an IPv4 CIDR block associated with the VPC.
cidr-block-association.state
- The state of an IPv4 CIDR block associated with the VPC.
dhcp-options-id
- The ID of a set of DHCP options.
ipv6-cidr-block-association.ipv6-cidr-block
- An IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.association-id
- The association ID for an IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.state
- The state of an IPv6 CIDR block associated with the VPC.
isDefault
- Indicates whether the VPC is the default VPC.
owner-id
- The ID of the AWS account that owns the VPC.
state
- The state of the VPC (pending
| available
).
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC.
One or more filters.
customer-gateway-configuration
- The configuration information for the customer gateway.
customer-gateway-id
- The ID of a customer gateway associated with the VPN connection.
state
- The state of the VPN connection (pending
| available
| deleting
| deleted
).
option.static-routes-only
- Indicates whether the connection has static routes only. Used for devices that do not support Border Gateway Protocol (BGP).
route.destination-cidr-block
- The destination CIDR block. This corresponds to the subnet used in a customer data center.
bgp-asn
- The BGP Autonomous System Number (ASN) associated with a BGP device.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
type
- The type of VPN connection. Currently the only supported type is ipsec.1
.
vpn-connection-id
- The ID of the VPN connection.
vpn-gateway-id
- The ID of a virtual private gateway associated with the VPN connection.
One or more filters.
customer-gateway-configuration
- The configuration information for the customer gateway.
customer-gateway-id
- The ID of a customer gateway associated with the VPN connection.
state
- The state of the VPN connection (pending
| available
| deleting
| deleted
).
option.static-routes-only
- Indicates whether the connection has static routes only. Used for devices that do not support Border Gateway Protocol (BGP).
route.destination-cidr-block
- The destination CIDR block. This corresponds to the subnet used in a customer data center.
bgp-asn
- The BGP Autonomous System Number (ASN) associated with a BGP device.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
type
- The type of VPN connection. Currently the only supported type is ipsec.1
.
vpn-connection-id
- The ID of the VPN connection.
vpn-gateway-id
- The ID of a virtual private gateway associated with the VPN connection.
transit-gateway-id
- The ID of a transit gateway associated with the VPN connection.
One or more filters.
amazon-side-asn
- The Autonomous System Number (ASN) for the Amazon side of the gateway.
attachment.state
- The current state of the attachment between the gateway and the VPC (attaching
| attached
| detaching
| detached
).
attachment.vpc-id
- The ID of an attached VPC.
availability-zone
- The Availability Zone for the virtual private gateway (if applicable).
state
- The state of the virtual private gateway (pending
| available
| deleting
| deleted
).
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
type
- The type of virtual private gateway. Currently the only supported type is ipsec.1
.
vpn-gateway-id
- The ID of the virtual private gateway.
One or more filters. The possible values are:
attachment.transit-gateway-attachment-id
- The id of the transit gateway attachment.
attachment.resource-id
- The resource id of the transit gateway attachment.
route-search.exact-match
- The exact match of the specified filter.
route-search.longest-prefix-match
- The longest prefix that matches the route.
route-search.subnet-of-match
- The routes with a subnet that match the specified CIDR filter.
route-search.supernet-of-match
- The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.
state
- The state of the attachment (available
| deleted
| deleting
| failed
| modifying
| pendingAcceptance
| pending
| rollingBack
| rejected
| rejecting
).
transit-gateway-route-destination-cidr-block
- The CIDR range.
type
- The type of route (active
| blackhole
).
One or more filters. The possible values are:
transit-gateway-route-table-id
- The ID of the transit gateway route table.
The tenancy for the instance.
" } }, + "HttpTokensState": { + "base": null, + "refs": { + "InstanceMetadataOptionsRequest$HttpTokens": "The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is optional
.
If the state is optional
, you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.
If the state is required
, you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.
The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is optional
.
If the state is optional
, you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.
If the state is required
, you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credential always returns the version 2.0 credentials; the version 1.0 credentials are not available.
The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is optional
.
If the state is optional
, you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.
If the state is required
, you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credential always returns the version 2.0 credentials; the version 1.0 credentials are not available.
Indicates the type of instance launches that the Capacity Reservation accepts. The options include:
open
- The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.
targeted
- The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.
Default: open
This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled
.
If you specify a value of disabled
, you will not be able to access your instance metadata.
This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled
.
If you specify a value of disabled
, you will not be able to access your instance metadata.
This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the existing state is maintained.
If you specify a value of disabled
, you will not be able to access your instance metadata.
The metadata options for the instance.
", + "refs": { + "RunInstancesRequest$MetadataOptions": "The metadata options for the instance. For more information, see Instance Metadata and User Data.
" + } + }, + "InstanceMetadataOptionsResponse": { + "base": "The metadata options for the instance.
", + "refs": { + "Instance$MetadataOptions": "The metadata options for the instance.
", + "ModifyInstanceMetadataOptionsResult$InstanceMetadataOptions": "The metadata options for the instance.
" + } + }, + "InstanceMetadataOptionsState": { + "base": null, + "refs": { + "InstanceMetadataOptionsResponse$State": "The state of the metadata option changes.
pending
- The metadata options are being updated and the instance is not ready to process metadata traffic with the new selection.
applied
- The metadata options have been successfully applied on the instance.
Describes the monitoring of an instance.
", "refs": { @@ -6527,6 +6564,8 @@ "InstanceCapacity$AvailableCapacity": "The number of instances that can still be launched onto the Dedicated Host.
", "InstanceCapacity$TotalCapacity": "The total number of instances that can be launched onto the Dedicated Host.
", "InstanceCount$InstanceCount": "The number of listed Reserved Instances in the state specified by the state
.
The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.
Default: 1
Possible values: Integers from 1 to 64
", + "InstanceMetadataOptionsResponse$HttpPutResponseHopLimit": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.
Default: 1
Possible values: Integers from 1 to 64
", "InstanceNetworkInterfaceAttachment$DeviceIndex": "The index of the device on the instance for the network interface attachment.
", "InstanceNetworkInterfaceSpecification$DeviceIndex": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.
If you specify a network interface when launching an instance, you must specify the device index.
", "InstanceNetworkInterfaceSpecification$Ipv6AddressCount": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.
", @@ -6552,6 +6591,7 @@ "LaunchTemplateSpotMarketOptions$BlockDurationMinutes": "The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
", "LaunchTemplateSpotMarketOptionsRequest$BlockDurationMinutes": "The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
", "ModifyCapacityReservationRequest$InstanceCount": "The number of instances for which to reserve capacity.
", + "ModifyInstanceMetadataOptionsRequest$HttpPutResponseHopLimit": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. If no parameter is specified, the existing state is maintained.
Possible values: Integers from 1 to 64
", "ModifyInstancePlacementRequest$PartitionNumber": "Reserved for future use.
", "ModifySpotFleetRequestRequest$TargetCapacity": "The size of the fleet.
", "ModifySpotFleetRequestRequest$OnDemandTargetCapacity": "The number of On-Demand Instances in the fleet.
", @@ -7437,6 +7477,16 @@ "refs": { } }, + "ModifyInstanceMetadataOptionsRequest": { + "base": null, + "refs": { + } + }, + "ModifyInstanceMetadataOptionsResult": { + "base": null, + "refs": { + } + }, "ModifyInstancePlacementRequest": { "base": null, "refs": { @@ -10033,6 +10083,7 @@ "CreateClientVpnRouteRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", "CreateCustomerGatewayRequest$PublicIp": "The Internet-routable IP address for the customer gateway's outside interface. The address must be static.
", "CreateCustomerGatewayRequest$CertificateArn": "The Amazon Resource Name (ARN) for the customer gateway certificate.
", + "CreateCustomerGatewayRequest$DeviceName": "A name for the customer gateway device.
Length Constraints: Up to 255 characters.
", "CreateDefaultSubnetRequest$AvailabilityZone": "The Availability Zone in which to create the default subnet.
", "CreateEgressOnlyInternetGatewayRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", "CreateEgressOnlyInternetGatewayResult$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
", @@ -10125,6 +10176,7 @@ "CustomerGateway$CertificateArn": "The Amazon Resource Name (ARN) for the customer gateway certificate.
", "CustomerGateway$State": "The current state of the customer gateway (pending | available | deleting | deleted
).
The type of VPN connection the customer gateway supports (ipsec.1
).
The name of customer gateway device.
", "CustomerGatewayIdStringList$member": null, "DeleteClientVpnRouteRequest$TargetVpcSubnetId": "The ID of the target subnet used by the route.
", "DeleteClientVpnRouteRequest$DestinationCidrBlock": "The IPv4 address range, in CIDR notation, of the route to be deleted.
", @@ -10690,6 +10742,8 @@ "ModifyInstanceAttributeRequest$Value": "A new value for the attribute. Use only with the kernel
, ramdisk
, userData
, disableApiTermination
, or instanceInitiatedShutdownBehavior
attribute.
A unique, case-sensitive token that you provide to ensure idempotency of your modification request. For more information, see Ensuring Idempotency.
", "ModifyInstanceEventStartTimeRequest$InstanceEventId": "The ID of the event whose date and time you are modifying.
", + "ModifyInstanceMetadataOptionsRequest$InstanceId": "The ID of the instance.
", + "ModifyInstanceMetadataOptionsResult$InstanceId": "The ID of the instance.
", "ModifyLaunchTemplateRequest$ClientToken": "Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.
Constraint: Maximum 128 ASCII characters.
", "ModifyLaunchTemplateRequest$DefaultVersion": "The version number of the launch template to set as the default version.
", "ModifyReservedInstancesRequest$ClientToken": "A unique, case-sensitive token you provide to ensure idempotency of your modification request. For more information, see Ensuring Idempotency.
", diff --git a/models/apis/elasticloadbalancingv2/2015-12-01/api-2.json b/models/apis/elasticloadbalancingv2/2015-12-01/api-2.json index c05766c4e4e..0254075cbe3 100644 --- a/models/apis/elasticloadbalancingv2/2015-12-01/api-2.json +++ b/models/apis/elasticloadbalancingv2/2015-12-01/api-2.json @@ -73,7 +73,8 @@ {"shape":"TooManyRegistrationsForTargetIdException"}, {"shape":"TooManyTargetsException"}, {"shape":"TooManyActionsException"}, - {"shape":"InvalidLoadBalancerActionException"} + {"shape":"InvalidLoadBalancerActionException"}, + {"shape":"TooManyUniqueTargetGroupsPerLoadBalancerException"} ] }, "CreateLoadBalancer":{ @@ -127,7 +128,8 @@ {"shape":"TooManyTargetsException"}, {"shape":"UnsupportedProtocolException"}, {"shape":"TooManyActionsException"}, - {"shape":"InvalidLoadBalancerActionException"} + {"shape":"InvalidLoadBalancerActionException"}, + {"shape":"TooManyUniqueTargetGroupsPerLoadBalancerException"} ] }, "CreateTargetGroup":{ @@ -424,7 +426,8 @@ {"shape":"TooManyRegistrationsForTargetIdException"}, {"shape":"TooManyTargetsException"}, {"shape":"TooManyActionsException"}, - {"shape":"InvalidLoadBalancerActionException"} + {"shape":"InvalidLoadBalancerActionException"}, + {"shape":"TooManyUniqueTargetGroupsPerLoadBalancerException"} ] }, "ModifyLoadBalancerAttributes":{ @@ -464,7 +467,8 @@ {"shape":"TargetGroupNotFoundException"}, {"shape":"UnsupportedProtocolException"}, {"shape":"TooManyActionsException"}, - {"shape":"InvalidLoadBalancerActionException"} + {"shape":"InvalidLoadBalancerActionException"}, + {"shape":"TooManyUniqueTargetGroupsPerLoadBalancerException"} ] }, "ModifyTargetGroup":{ @@ -635,7 +639,8 @@ "AuthenticateCognitoConfig":{"shape":"AuthenticateCognitoActionConfig"}, "Order":{"shape":"ActionOrder"}, "RedirectConfig":{"shape":"RedirectActionConfig"}, - "FixedResponseConfig":{"shape":"FixedResponseActionConfig"} + "FixedResponseConfig":{"shape":"FixedResponseActionConfig"}, + "ForwardConfig":{"shape":"ForwardActionConfig"} } }, "ActionOrder":{ @@ -1242,6 +1247,13 @@ "type":"string", "pattern":"^(2|4|5)\\d\\d$" }, + "ForwardActionConfig":{ + "type":"structure", + "members":{ + "TargetGroups":{"shape":"TargetGroupList"}, + "TargetGroupStickinessConfig":{"shape":"TargetGroupStickinessConfig"} + } + }, "HealthCheckEnabled":{"type":"boolean"}, "HealthCheckIntervalSeconds":{ "type":"integer", @@ -2106,6 +2118,10 @@ "type":"list", "member":{"shape":"TargetGroupAttribute"} }, + "TargetGroupList":{ + "type":"list", + "member":{"shape":"TargetGroupTuple"} + }, "TargetGroupName":{"type":"string"}, "TargetGroupNames":{ "type":"list", @@ -2122,6 +2138,23 @@ }, "exception":true }, + "TargetGroupStickinessConfig":{ + "type":"structure", + "members":{ + "Enabled":{"shape":"TargetGroupStickinessEnabled"}, + "DurationSeconds":{"shape":"TargetGroupStickinessDurationSeconds"} + } + }, + "TargetGroupStickinessDurationSeconds":{"type":"integer"}, + "TargetGroupStickinessEnabled":{"type":"boolean"}, + "TargetGroupTuple":{ + "type":"structure", + "members":{ + "TargetGroupArn":{"shape":"TargetGroupArn"}, + "Weight":{"shape":"TargetGroupWeight"} + } + }, + "TargetGroupWeight":{"type":"integer"}, "TargetGroups":{ "type":"list", "member":{"shape":"TargetGroup"} @@ -2282,6 +2315,17 @@ }, "exception":true }, + "TooManyUniqueTargetGroupsPerLoadBalancerException":{ + "type":"structure", + "members":{ + }, + "error":{ + "code":"TooManyUniqueTargetGroupsPerLoadBalancer", + "httpStatusCode":400, + "senderFault":true + }, + "exception":true + }, "UnsupportedProtocolException":{ "type":"structure", "members":{ diff --git a/models/apis/elasticloadbalancingv2/2015-12-01/docs-2.json b/models/apis/elasticloadbalancingv2/2015-12-01/docs-2.json index fa0e87b780f..8186e523977 100644 --- a/models/apis/elasticloadbalancingv2/2015-12-01/docs-2.json +++ b/models/apis/elasticloadbalancingv2/2015-12-01/docs-2.json @@ -24,9 +24,9 @@ "DescribeTargetGroupAttributes": "Describes the attributes for the specified target group.
For more information, see Target Group Attributes in the Application Load Balancers Guide or Target Group Attributes in the Network Load Balancers Guide.
", "DescribeTargetGroups": "Describes the specified target groups or all of your target groups. By default, all target groups are described. Alternatively, you can specify one of the following to filter the results: the ARN of the load balancer, the names of one or more target groups, or the ARNs of one or more target groups.
To describe the targets for a target group, use DescribeTargetHealth. To describe the attributes of a target group, use DescribeTargetGroupAttributes.
", "DescribeTargetHealth": "Describes the health of the specified targets or all of your targets.
", - "ModifyListener": "Modifies the specified properties of the specified listener.
Any properties that you do not specify retain their current values. However, changing the protocol from HTTPS to HTTP, or from TLS to TCP, removes the security policy and default certificate properties. If you change the protocol from HTTP to HTTPS, or from TCP to TLS, you must add the security policy and default certificate properties.
", + "ModifyListener": "Replaces the specified properties of the specified listener. Any properties that you do not specify remain unchanged.
Changing the protocol from HTTPS to HTTP, or from TLS to TCP, removes the security policy and default certificate properties. If you change the protocol from HTTP to HTTPS, or from TCP to TLS, you must add the security policy and default certificate properties.
To add an item to a list, remove an item from a list, or update an item in a list, you must provide the entire list. For example, to add an action, specify a list with the current actions plus the new action.
", "ModifyLoadBalancerAttributes": "Modifies the specified attributes of the specified Application Load Balancer or Network Load Balancer.
If any of the specified attributes can't be modified as requested, the call fails. Any existing attributes that you do not modify retain their current values.
", - "ModifyRule": "Modifies the specified rule.
Any existing properties that you do not modify retain their current values.
To modify the actions for the default rule, use ModifyListener.
", + "ModifyRule": "Replaces the specified properties of the specified rule. Any properties that you do not specify are unchanged.
To add an item to a list, remove an item from a list, or update an item in a list, you must provide the entire list. For example, to add an action, specify a list with the current actions plus the new action.
To modify the actions for the default rule, use ModifyListener.
", "ModifyTargetGroup": "Modifies the health checks used when evaluating the health state of the targets in the specified target group.
To monitor the health of the targets, use DescribeTargetHealth.
", "ModifyTargetGroupAttributes": "Modifies the specified attributes of the specified target group.
", "RegisterTargets": "Registers the specified targets with the specified target group.
If the target is an EC2 instance, it must be in the running
state when you register it.
By default, the load balancer routes requests to registered targets using the protocol and port for the target group. Alternatively, you can override the port for a target when you register it. You can register each EC2 instance or IP address with the same target group multiple times using different ports.
With a Network Load Balancer, you cannot register instances by instance ID if they have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1. You can register instances of these types by IP address.
To remove a target from a target group, use DeregisterTargets.
", @@ -59,11 +59,11 @@ "Actions": { "base": null, "refs": { - "CreateListenerInput$DefaultActions": "The actions for the default rule. The rule must include one forward action or one or more fixed-response actions.
If the action type is forward
, you specify a target group. The protocol of the target group must be HTTP or HTTPS for an Application Load Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a Network Load Balancer.
[HTTPS listeners] If the action type is authenticate-oidc
, you authenticate users through an identity provider that is OpenID Connect (OIDC) compliant.
[HTTPS listeners] If the action type is authenticate-cognito
, you authenticate users through the user pools supported by Amazon Cognito.
[Application Load Balancer] If the action type is redirect
, you redirect specified client requests from one URL to another.
[Application Load Balancer] If the action type is fixed-response
, you drop specified client requests and return a custom HTTP response.
The actions. Each rule must include exactly one of the following types of actions: forward
, fixed-response
, or redirect
, and it must be the last action to be performed.
If the action type is forward
, you specify a target group. The protocol of the target group must be HTTP or HTTPS for an Application Load Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a Network Load Balancer.
[HTTPS listeners] If the action type is authenticate-oidc
, you authenticate users through an identity provider that is OpenID Connect (OIDC) compliant.
[HTTPS listeners] If the action type is authenticate-cognito
, you authenticate users through the user pools supported by Amazon Cognito.
[Application Load Balancer] If the action type is redirect
, you redirect specified client requests from one URL to another.
[Application Load Balancer] If the action type is fixed-response
, you drop specified client requests and return a custom HTTP response.
The actions for the default rule. The rule must include one forward action or one or more fixed-response actions.
If the action type is forward
, you specify one or more target groups. The protocol of the target group must be HTTP or HTTPS for an Application Load Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a Network Load Balancer.
[HTTPS listeners] If the action type is authenticate-oidc
, you authenticate users through an identity provider that is OpenID Connect (OIDC) compliant.
[HTTPS listeners] If the action type is authenticate-cognito
, you authenticate users through the user pools supported by Amazon Cognito.
[Application Load Balancer] If the action type is redirect
, you redirect specified client requests from one URL to another.
[Application Load Balancer] If the action type is fixed-response
, you drop specified client requests and return a custom HTTP response.
The actions. Each rule must include exactly one of the following types of actions: forward
, fixed-response
, or redirect
, and it must be the last action to be performed.
If the action type is forward
, you specify one or more target groups. The protocol of the target group must be HTTP or HTTPS for an Application Load Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a Network Load Balancer.
[HTTPS listeners] If the action type is authenticate-oidc
, you authenticate users through an identity provider that is OpenID Connect (OIDC) compliant.
[HTTPS listeners] If the action type is authenticate-cognito
, you authenticate users through the user pools supported by Amazon Cognito.
[Application Load Balancer] If the action type is redirect
, you redirect specified client requests from one URL to another.
[Application Load Balancer] If the action type is fixed-response
, you drop specified client requests and return a custom HTTP response.
The default actions for the listener.
", - "ModifyListenerInput$DefaultActions": "The actions for the default rule. The rule must include one forward action or one or more fixed-response actions.
If the action type is forward
, you specify a target group. The protocol of the target group must be HTTP or HTTPS for an Application Load Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a Network Load Balancer.
[HTTPS listeners] If the action type is authenticate-oidc
, you authenticate users through an identity provider that is OpenID Connect (OIDC) compliant.
[HTTPS listeners] If the action type is authenticate-cognito
, you authenticate users through the user pools supported by Amazon Cognito.
[Application Load Balancer] If the action type is redirect
, you redirect specified client requests from one URL to another.
[Application Load Balancer] If the action type is fixed-response
, you drop specified client requests and return a custom HTTP response.
The actions. Each rule must include exactly one of the following types of actions: forward
, fixed-response
, or redirect
, and it must be the last action to be performed.
If the action type is forward
, you specify a target group. The protocol of the target group must be HTTP or HTTPS for an Application Load Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a Network Load Balancer.
[HTTPS listeners] If the action type is authenticate-oidc
, you authenticate users through an identity provider that is OpenID Connect (OIDC) compliant.
[HTTPS listeners] If the action type is authenticate-cognito
, you authenticate users through the user pools supported by Amazon Cognito.
[Application Load Balancer] If the action type is redirect
, you redirect specified client requests from one URL to another.
[Application Load Balancer] If the action type is fixed-response
, you drop specified client requests and return a custom HTTP response.
The actions for the default rule. The rule must include one forward action or one or more fixed-response actions.
If the action type is forward
, you specify one or more target groups. The protocol of the target group must be HTTP or HTTPS for an Application Load Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a Network Load Balancer.
[HTTPS listeners] If the action type is authenticate-oidc
, you authenticate users through an identity provider that is OpenID Connect (OIDC) compliant.
[HTTPS listeners] If the action type is authenticate-cognito
, you authenticate users through the user pools supported by Amazon Cognito.
[Application Load Balancer] If the action type is redirect
, you redirect specified client requests from one URL to another.
[Application Load Balancer] If the action type is fixed-response
, you drop specified client requests and return a custom HTTP response.
The actions. Each rule must include exactly one of the following types of actions: forward
, fixed-response
, or redirect
, and it must be the last action to be performed.
If the action type is forward
, you specify one or more target groups. The protocol of the target group must be HTTP or HTTPS for an Application Load Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a Network Load Balancer.
[HTTPS listeners] If the action type is authenticate-oidc
, you authenticate users through an identity provider that is OpenID Connect (OIDC) compliant.
[HTTPS listeners] If the action type is authenticate-cognito
, you authenticate users through the user pools supported by Amazon Cognito.
[Application Load Balancer] If the action type is redirect
, you redirect specified client requests from one URL to another.
[Application Load Balancer] If the action type is fixed-response
, you drop specified client requests and return a custom HTTP response.
The actions. Each rule must include exactly one of the following types of actions: forward
, redirect
, or fixed-response
, and it must be the last action to be performed.
The HTTP response code (2XX, 4XX, or 5XX).
" } }, + "ForwardActionConfig": { + "base": "Information about a forward action.
", + "refs": { + "Action$ForwardConfig": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when Type
is forward
. If you specify both ForwardConfig
and TargetGroupArn
, you can specify only one target group using ForwardConfig
and it must be the same target group specified in TargetGroupArn
.
The name of the limit. The possible values are:
application-load-balancers
listeners-per-application-load-balancer
listeners-per-network-load-balancer
network-load-balancers
rules-per-application-load-balancer
target-groups
targets-per-application-load-balancer
targets-per-availability-zone-per-network-load-balancer
targets-per-network-load-balancer
The name of the limit. The possible values are:
application-load-balancers
listeners-per-application-load-balancer
listeners-per-network-load-balancer
network-load-balancers
rules-per-application-load-balancer
target-groups
target-groups-per-action-on-application-load-balancer
target-groups-per-action-on-network-load-balancer
target-groups-per-application-load-balancer
targets-per-application-load-balancer
targets-per-availability-zone-per-network-load-balancer
targets-per-network-load-balancer
The Amazon Resource Name (ARN) of the target group. Specify only when Type
is forward
.
The Amazon Resource Name (ARN) of the target group. Specify only when Type
is forward
and you want to route to a single target group. To route to one or more target groups, use ForwardConfig
instead.
The Amazon Resource Name (ARN) of the target group.
", "DeregisterTargetsInput$TargetGroupArn": "The Amazon Resource Name (ARN) of the target group.
", "DescribeTargetGroupAttributesInput$TargetGroupArn": "The Amazon Resource Name (ARN) of the target group.
", @@ -1488,7 +1494,8 @@ "ModifyTargetGroupInput$TargetGroupArn": "The Amazon Resource Name (ARN) of the target group.
", "RegisterTargetsInput$TargetGroupArn": "The Amazon Resource Name (ARN) of the target group.
", "TargetGroup$TargetGroupArn": "The Amazon Resource Name (ARN) of the target group.
", - "TargetGroupArns$member": null + "TargetGroupArns$member": null, + "TargetGroupTuple$TargetGroupArn": "The Amazon Resource Name (ARN) of the target group.
" } }, "TargetGroupArns": { @@ -1528,6 +1535,12 @@ "ModifyTargetGroupAttributesOutput$Attributes": "Information about the attributes.
" } }, + "TargetGroupList": { + "base": null, + "refs": { + "ForwardActionConfig$TargetGroups": "One or more target groups. For Network Load Balancers, you can specify a single target group.
" + } + }, "TargetGroupName": { "base": null, "refs": { @@ -1547,6 +1560,36 @@ "refs": { } }, + "TargetGroupStickinessConfig": { + "base": "Information about the target group stickiness for a rule.
", + "refs": { + "ForwardActionConfig$TargetGroupStickinessConfig": "The target group stickiness for the rule.
" + } + }, + "TargetGroupStickinessDurationSeconds": { + "base": null, + "refs": { + "TargetGroupStickinessConfig$DurationSeconds": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).
" + } + }, + "TargetGroupStickinessEnabled": { + "base": null, + "refs": { + "TargetGroupStickinessConfig$Enabled": "Indicates whether target group stickiness is enabled.
" + } + }, + "TargetGroupTuple": { + "base": "Information about how traffic will be distributed between multiple target groups in a forward rule.
", + "refs": { + "TargetGroupList$member": null + } + }, + "TargetGroupWeight": { + "base": null, + "refs": { + "TargetGroupTuple$Weight": "The weight. The range is 0 to 999.
" + } + }, "TargetGroups": { "base": null, "refs": { @@ -1643,6 +1686,11 @@ "refs": { } }, + "TooManyUniqueTargetGroupsPerLoadBalancerException": { + "base": "You've reached the limit on the number of unique target groups per load balancer across all listeners. If a target group is used by multiple actions for a load balancer, it is counted as only one use.
", + "refs": { + } + }, "UnsupportedProtocolException": { "base": "The specified protocol is not supported.
", "refs": { diff --git a/models/apis/iam/2010-05-08/api-2.json b/models/apis/iam/2010-05-08/api-2.json index a1def8d9103..05eeccc5444 100644 --- a/models/apis/iam/2010-05-08/api-2.json +++ b/models/apis/iam/2010-05-08/api-2.json @@ -4588,7 +4588,8 @@ "Description":{"shape":"roleDescriptionType"}, "MaxSessionDuration":{"shape":"roleMaxSessionDurationType"}, "PermissionsBoundary":{"shape":"AttachedPermissionsBoundary"}, - "Tags":{"shape":"tagListType"} + "Tags":{"shape":"tagListType"}, + "RoleLastUsed":{"shape":"RoleLastUsed"} } }, "RoleDetail":{ @@ -4604,7 +4605,15 @@ "RolePolicyList":{"shape":"policyDetailListType"}, "AttachedManagedPolicies":{"shape":"attachedPoliciesListType"}, "PermissionsBoundary":{"shape":"AttachedPermissionsBoundary"}, - "Tags":{"shape":"tagListType"} + "Tags":{"shape":"tagListType"}, + "RoleLastUsed":{"shape":"RoleLastUsed"} + } + }, + "RoleLastUsed":{ + "type":"structure", + "members":{ + "LastUsedDate":{"shape":"dateType"}, + "Region":{"shape":"stringType"} } }, "RoleUsageListType":{ diff --git a/models/apis/iam/2010-05-08/docs-2.json b/models/apis/iam/2010-05-08/docs-2.json index e6f5ac271bc..6bbc6cad38c 100644 --- a/models/apis/iam/2010-05-08/docs-2.json +++ b/models/apis/iam/2010-05-08/docs-2.json @@ -234,7 +234,7 @@ } }, "AttachedPolicy": { - "base": "Contains information about an attached policy.
An attached policy is a managed policy that has been attached to a user, group, or role. This data type is used as a response element in the ListAttachedGroupPolicies, ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails operations.
For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide.
", + "base": "Contains information about an attached policy.
An attached policy is a managed policy that has been attached to a user, group, or role. This data type is used as a response element in the ListAttachedGroupPolicies, ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails operations.
For more information about managed policies, refer to Managed Policies and Inline Policies in the IAM User Guide.
", "refs": { "attachedPoliciesListType$member": null } @@ -1328,7 +1328,7 @@ } }, "ManagedPolicyDetail": { - "base": "Contains information about a managed policy, including the policy's ARN, versions, and the number of principal entities (users, groups, and roles) that the policy is attached to.
This data type is used as a response element in the GetAccountAuthorizationDetails operation.
For more information about managed policies, see Managed Policies and Inline Policies in the Using IAM guide.
", + "base": "Contains information about a managed policy, including the policy's ARN, versions, and the number of principal entities (users, groups, and roles) that the policy is attached to.
This data type is used as a response element in the GetAccountAuthorizationDetails operation.
For more information about managed policies, see Managed Policies and Inline Policies in the IAM User Guide.
", "refs": { "ManagedPolicyDetailListType$member": null } @@ -1387,7 +1387,7 @@ } }, "Policy": { - "base": "Contains information about a managed policy.
This data type is used as a response element in the CreatePolicy, GetPolicy, and ListPolicies operations.
For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide.
", + "base": "Contains information about a managed policy.
This data type is used as a response element in the CreatePolicy, GetPolicy, and ListPolicies operations.
For more information about managed policies, refer to Managed Policies and Inline Policies in the IAM User Guide.
", "refs": { "CreatePolicyResponse$Policy": "A structure containing details about the new policy.
", "GetPolicyResponse$Policy": "A structure containing details about the policy.
", @@ -1420,7 +1420,7 @@ } }, "PolicyGroup": { - "base": "Contains information about a group that a managed policy is attached to.
This data type is used as a response element in the ListEntitiesForPolicy operation.
For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide.
", + "base": "Contains information about a group that a managed policy is attached to.
This data type is used as a response element in the ListEntitiesForPolicy operation.
For more information about managed policies, refer to Managed Policies and Inline Policies in the IAM User Guide.
", "refs": { "PolicyGroupListType$member": null } @@ -1443,7 +1443,7 @@ } }, "PolicyRole": { - "base": "Contains information about a role that a managed policy is attached to.
This data type is used as a response element in the ListEntitiesForPolicy operation.
For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide.
", + "base": "Contains information about a role that a managed policy is attached to.
This data type is used as a response element in the ListEntitiesForPolicy operation.
For more information about managed policies, refer to Managed Policies and Inline Policies in the IAM User Guide.
", "refs": { "PolicyRoleListType$member": null } @@ -1468,7 +1468,7 @@ } }, "PolicyUser": { - "base": "Contains information about a user that a managed policy is attached to.
This data type is used as a response element in the ListEntitiesForPolicy operation.
For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide.
", + "base": "Contains information about a user that a managed policy is attached to.
This data type is used as a response element in the ListEntitiesForPolicy operation.
For more information about managed policies, refer to Managed Policies and Inline Policies in the IAM User Guide.
", "refs": { "PolicyUserListType$member": null } @@ -1480,7 +1480,7 @@ } }, "PolicyVersion": { - "base": "Contains information about a version of a managed policy.
This data type is used as a response element in the CreatePolicyVersion, GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails operations.
For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide.
", + "base": "Contains information about a version of a managed policy.
This data type is used as a response element in the CreatePolicyVersion, GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails operations.
For more information about managed policies, refer to Managed Policies and Inline Policies in the IAM User Guide.
", "refs": { "CreatePolicyVersionResponse$PolicyVersion": "A structure containing details about the new policy version.
", "GetPolicyVersionResponse$PolicyVersion": "A structure containing details about the policy version.
", @@ -1644,6 +1644,13 @@ "roleDetailListType$member": null } }, + "RoleLastUsed": { + "base": "Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions Where Data Is Tracked in the IAM User Guide.
This data type is returned as a response element in the GetRole and GetAccountAuthorizationDetails operations.
", + "refs": { + "Role$RoleLastUsed": "Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions Where Data Is Tracked in the IAM User Guide.
", + "RoleDetail$RoleLastUsed": "Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions Where Data Is Tracked in the IAM User Guide.
" + } + }, "RoleUsageListType": { "base": null, "refs": { @@ -2048,9 +2055,9 @@ "GetPolicyRequest$PolicyArn": "The Amazon Resource Name (ARN) of the managed policy that you want information about.
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", "GetPolicyVersionRequest$PolicyArn": "The Amazon Resource Name (ARN) of the managed policy that you want information about.
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", "GetSAMLProviderRequest$SAMLProviderArn": "The Amazon Resource Name (ARN) of the SAML provider resource object in IAM to get information about.
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", - "Group$Arn": "The Amazon Resource Name (ARN) specifying the group. For more information about ARNs and how to use them in policies, see IAM Identifiers in the Using IAM guide.
", + "Group$Arn": "The Amazon Resource Name (ARN) specifying the group. For more information about ARNs and how to use them in policies, see IAM Identifiers in the IAM User Guide.
", "GroupDetail$Arn": null, - "InstanceProfile$Arn": "The Amazon Resource Name (ARN) specifying the instance profile. For more information about ARNs and how to use them in policies, see IAM Identifiers in the Using IAM guide.
", + "InstanceProfile$Arn": "The Amazon Resource Name (ARN) specifying the instance profile. For more information about ARNs and how to use them in policies, see IAM Identifiers in the IAM User Guide.
", "ListEntitiesForPolicyRequest$PolicyArn": "The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", "ListPoliciesGrantingServiceAccessRequest$Arn": "The ARN of the IAM identity (user, group, or role) whose policies you want to list.
", "ListPolicyVersionsRequest$PolicyArn": "The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", @@ -2064,14 +2071,14 @@ "Role$Arn": "The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how to use them in policies, see IAM Identifiers in the IAM User Guide guide.
", "RoleDetail$Arn": null, "SAMLProviderListEntry$Arn": "The Amazon Resource Name (ARN) of the SAML provider.
", - "ServerCertificateMetadata$Arn": "The Amazon Resource Name (ARN) specifying the server certificate. For more information about ARNs and how to use them in policies, see IAM Identifiers in the Using IAM guide.
", + "ServerCertificateMetadata$Arn": "The Amazon Resource Name (ARN) specifying the server certificate. For more information about ARNs and how to use them in policies, see IAM Identifiers in the IAM User Guide.
", "ServiceLastAccessed$LastAuthenticatedEntity": "The ARN of the authenticated entity (user or role) that last attempted to access the service. AWS does not report unauthenticated requests.
This field is null if no IAM entities attempted to access the service within the reporting period.
", "SetDefaultPolicyVersionRequest$PolicyArn": "The Amazon Resource Name (ARN) of the IAM policy whose default version you want to set.
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", "SimulatePrincipalPolicyRequest$PolicySourceArn": "The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", "UpdateOpenIDConnectProviderThumbprintRequest$OpenIDConnectProviderArn": "The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for which you want to update the thumbprint. You can get a list of OIDC provider ARNs by using the ListOpenIDConnectProviders operation.
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", "UpdateSAMLProviderRequest$SAMLProviderArn": "The Amazon Resource Name (ARN) of the SAML provider to update.
For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", "UpdateSAMLProviderResponse$SAMLProviderArn": "The Amazon Resource Name (ARN) of the SAML provider that was updated.
", - "User$Arn": "The Amazon Resource Name (ARN) that identifies the user. For more information about ARNs and how to use ARNs in policies, see IAM Identifiers in the Using IAM guide.
", + "User$Arn": "The Amazon Resource Name (ARN) that identifies the user. For more information about ARNs and how to use ARNs in policies, see IAM Identifiers in the IAM User Guide.
", "UserDetail$Arn": null } }, @@ -2272,6 +2279,7 @@ "PolicyVersion$CreateDate": "The date and time, in ISO 8601 date-time format, when the policy version was created.
", "Role$CreateDate": "The date and time, in ISO 8601 date-time format, when the role was created.
", "RoleDetail$CreateDate": "The date and time, in ISO 8601 date-time format, when the role was created.
", + "RoleLastUsed$LastUsedDate": "The date and time, in ISO 8601 date-time format that the role was last used.
This field is null if the role has not been used within the IAM tracking period. For more information about the tracking period, see Regions Where Data Is Tracked in the IAM User Guide.
", "SAMLProviderListEntry$ValidUntil": "The expiration date and time for the SAML provider.
", "SAMLProviderListEntry$CreateDate": "The date and time when the SAML provider was created.
", "SSHPublicKey$UploadDate": "The date and time, in ISO 8601 date-time format, when the SSH public key was uploaded.
", @@ -2283,7 +2291,7 @@ "ServiceSpecificCredentialMetadata$CreateDate": "The date and time, in ISO 8601 date-time format, when the service-specific credential were created.
", "SigningCertificate$UploadDate": "The date when the signing certificate was uploaded.
", "User$CreateDate": "The date and time, in ISO 8601 date-time format, when the user was created.
", - "User$PasswordLastUsed": "The date and time, in ISO 8601 date-time format, when the user's password was last used to sign in to an AWS website. For a list of AWS websites that capture a user's last sign-in time, see the Credential Reports topic in the Using IAM guide. If a password is used more than once in a five-minute span, only the first use is returned in this field. If the field is null (no value), then it indicates that they never signed in with a password. This can be because:
The user never had a password.
A password exists but has not been used since IAM started tracking this information on October 20, 2014.
A null value does not mean that the user never had a password. Also, if the user does not currently have a password, but had one in the past, then this field contains the date and time the most recent password was used.
This value is returned only in the GetUser and ListUsers operations.
", + "User$PasswordLastUsed": "The date and time, in ISO 8601 date-time format, when the user's password was last used to sign in to an AWS website. For a list of AWS websites that capture a user's last sign-in time, see the Credential Reports topic in the IAM User Guide. If a password is used more than once in a five-minute span, only the first use is returned in this field. If the field is null (no value), then it indicates that they never signed in with a password. This can be because:
The user never had a password.
A password exists but has not been used since IAM started tracking this information on October 20, 2014.
A null value does not mean that the user never had a password. Also, if the user does not currently have a password but had one in the past, then this field contains the date and time the most recent password was used.
This value is returned only in the GetUser and ListUsers operations.
", "UserDetail$CreateDate": "The date and time, in ISO 8601 date-time format, when the user was created.
", "VirtualMFADevice$EnableDate": "The date and time on which the virtual MFA device was enabled.
" } @@ -2428,19 +2436,19 @@ "base": null, "refs": { "EntityInfo$Id": "The identifier of the entity (user or role).
", - "Group$GroupId": "The stable and unique string identifying the group. For more information about IDs, see IAM Identifiers in the Using IAM guide.
", - "GroupDetail$GroupId": "The stable and unique string identifying the group. For more information about IDs, see IAM Identifiers in the Using IAM guide.
", - "InstanceProfile$InstanceProfileId": "The stable and unique string identifying the instance profile. For more information about IDs, see IAM Identifiers in the Using IAM guide.
", - "ManagedPolicyDetail$PolicyId": "The stable and unique string identifying the policy.
For more information about IDs, see IAM Identifiers in the Using IAM guide.
", - "Policy$PolicyId": "The stable and unique string identifying the policy.
For more information about IDs, see IAM Identifiers in the Using IAM guide.
", + "Group$GroupId": "The stable and unique string identifying the group. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", + "GroupDetail$GroupId": "The stable and unique string identifying the group. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", + "InstanceProfile$InstanceProfileId": "The stable and unique string identifying the instance profile. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", + "ManagedPolicyDetail$PolicyId": "The stable and unique string identifying the policy.
For more information about IDs, see IAM Identifiers in the IAM User Guide.
", + "Policy$PolicyId": "The stable and unique string identifying the policy.
For more information about IDs, see IAM Identifiers in the IAM User Guide.
", "PolicyGroup$GroupId": "The stable and unique string identifying the group. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", "PolicyRole$RoleId": "The stable and unique string identifying the role. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", "PolicyUser$UserId": "The stable and unique string identifying the user. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", - "Role$RoleId": "The stable and unique string identifying the role. For more information about IDs, see IAM Identifiers in the Using IAM guide.
", - "RoleDetail$RoleId": "The stable and unique string identifying the role. For more information about IDs, see IAM Identifiers in the Using IAM guide.
", - "ServerCertificateMetadata$ServerCertificateId": "The stable and unique string identifying the server certificate. For more information about IDs, see IAM Identifiers in the Using IAM guide.
", - "User$UserId": "The stable and unique string identifying the user. For more information about IDs, see IAM Identifiers in the Using IAM guide.
", - "UserDetail$UserId": "The stable and unique string identifying the user. For more information about IDs, see IAM Identifiers in the Using IAM guide.
" + "Role$RoleId": "The stable and unique string identifying the role. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", + "RoleDetail$RoleId": "The stable and unique string identifying the role. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", + "ServerCertificateMetadata$ServerCertificateId": "The stable and unique string identifying the server certificate. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", + "User$UserId": "The stable and unique string identifying the user. For more information about IDs, see IAM Identifiers in the IAM User Guide.
", + "UserDetail$UserId": "The stable and unique string identifying the user. For more information about IDs, see IAM Identifiers in the IAM User Guide.
" } }, "instanceProfileListType": { @@ -2702,20 +2710,20 @@ "CreateRoleRequest$Path": "The path to the role. For more information about paths, see IAM Identifiers in the IAM User Guide.
This parameter is optional. If it is not included, it defaults to a slash (/).
This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", "CreateUserRequest$Path": "The path for the user name. For more information about paths, see IAM Identifiers in the IAM User Guide.
This parameter is optional. If it is not included, it defaults to a slash (/).
This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", "CreateVirtualMFADeviceRequest$Path": "The path for the virtual MFA device. For more information about paths, see IAM Identifiers in the IAM User Guide.
This parameter is optional. If it is not included, it defaults to a slash (/).
This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", - "EntityInfo$Path": "The path to the entity (user or role). For more information about paths, see IAM Identifiers in the Using IAM guide.
", - "Group$Path": "The path to the group. For more information about paths, see IAM Identifiers in the Using IAM guide.
", - "GroupDetail$Path": "The path to the group. For more information about paths, see IAM Identifiers in the Using IAM guide.
", - "InstanceProfile$Path": "The path to the instance profile. For more information about paths, see IAM Identifiers in the Using IAM guide.
", + "EntityInfo$Path": "The path to the entity (user or role). For more information about paths, see IAM Identifiers in the IAM User Guide.
", + "Group$Path": "The path to the group. For more information about paths, see IAM Identifiers in the IAM User Guide.
", + "GroupDetail$Path": "The path to the group. For more information about paths, see IAM Identifiers in the IAM User Guide.
", + "InstanceProfile$Path": "The path to the instance profile. For more information about paths, see IAM Identifiers in the IAM User Guide.
", "ListEntitiesForPolicyRequest$PathPrefix": "The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all entities.
This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", - "Role$Path": "The path to the role. For more information about paths, see IAM Identifiers in the Using IAM guide.
", - "RoleDetail$Path": "The path to the role. For more information about paths, see IAM Identifiers in the Using IAM guide.
", - "ServerCertificateMetadata$Path": "The path to the server certificate. For more information about paths, see IAM Identifiers in the Using IAM guide.
", + "Role$Path": "The path to the role. For more information about paths, see IAM Identifiers in the IAM User Guide.
", + "RoleDetail$Path": "The path to the role. For more information about paths, see IAM Identifiers in the IAM User Guide.
", + "ServerCertificateMetadata$Path": "The path to the server certificate. For more information about paths, see IAM Identifiers in the IAM User Guide.
", "UpdateGroupRequest$NewPath": "New path for the IAM group. Only include this if changing the group's path.
This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", "UpdateServerCertificateRequest$NewPath": "The new path for the server certificate. Include this only if you are updating the server certificate's path.
This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", "UpdateUserRequest$NewPath": "New path for the IAM user. Include this parameter only if you're changing the user's path.
This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", "UploadServerCertificateRequest$Path": "The path for the server certificate. For more information about paths, see IAM Identifiers in the IAM User Guide.
This parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the path
parameter. The path must begin with /cloudfront
and must include a trailing slash (for example, /cloudfront/test/
).
The path to the user. For more information about paths, see IAM Identifiers in the Using IAM guide.
", - "UserDetail$Path": "The path to the user. For more information about paths, see IAM Identifiers in the Using IAM guide.
" + "User$Path": "The path to the user. For more information about paths, see IAM Identifiers in the IAM User Guide.
", + "UserDetail$Path": "The path to the user. For more information about paths, see IAM Identifiers in the IAM User Guide.
" } }, "policyDescriptionType": { @@ -2834,8 +2842,8 @@ "ListAttachedRolePoliciesRequest$PathPrefix": "The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.
This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", "ListAttachedUserPoliciesRequest$PathPrefix": "The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.
This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", "ListPoliciesRequest$PathPrefix": "The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies. This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\\u0021) through the DEL character (\\u007F), including most punctuation characters, digits, and upper and lowercased letters.
", - "ManagedPolicyDetail$Path": "The path to the policy.
For more information about paths, see IAM Identifiers in the Using IAM guide.
", - "Policy$Path": "The path to the policy.
For more information about paths, see IAM Identifiers in the Using IAM guide.
" + "ManagedPolicyDetail$Path": "The path to the policy.
For more information about paths, see IAM Identifiers in the IAM User Guide.
", + "Policy$Path": "The path to the policy.
For more information about paths, see IAM Identifiers in the IAM User Guide.
" } }, "policyScopeType": { @@ -2855,7 +2863,7 @@ "refs": { "DeletePolicyVersionRequest$VersionId": "The policy version to delete.
This parameter allows (through its regex pattern) a string of characters that consists of the lowercase letter 'v' followed by one or two digits, and optionally followed by a period '.' and a string of letters and digits.
For more information about managed policy versions, see Versioning for Managed Policies in the IAM User Guide.
", "GetPolicyVersionRequest$VersionId": "Identifies the policy version to retrieve.
This parameter allows (through its regex pattern) a string of characters that consists of the lowercase letter 'v' followed by one or two digits, and optionally followed by a period '.' and a string of letters and digits.
", - "ManagedPolicyDetail$DefaultVersionId": "The identifier for the version of the policy that is set as the default (operative) version.
For more information about policy versions, see Versioning for Managed Policies in the Using IAM guide.
", + "ManagedPolicyDetail$DefaultVersionId": "The identifier for the version of the policy that is set as the default (operative) version.
For more information about policy versions, see Versioning for Managed Policies in the IAM User Guide.
", "Policy$DefaultVersionId": "The identifier for the version of the policy that is set as the default version.
", "PolicyVersion$VersionId": "The identifier for the policy version.
Policy version identifiers always begin with v
(always lowercase). When a policy is created, the first policy version is v1
.
The version of the policy to set as the default (operative) version.
For more information about managed policy versions, see Versioning for Managed Policies in the IAM User Guide.
" @@ -3117,7 +3125,8 @@ "AccessKeyLastUsed$ServiceName": "The name of the AWS service with which this access key was most recently used. The value of this field is \"N/A\" in the following situations:
The user does not have an access key.
An access key exists but has not been used since IAM started tracking this information.
There is no sign-in data associated with the user.
The AWS Region where this access key was most recently used. The value for this field is \"N/A\" in the following situations:
The user does not have an access key.
An access key exists but has not been used since IAM began tracking this information.
There is no sign-in data associated with the user.
For more information about AWS Regions, see Regions and Endpoints in the Amazon Web Services General Reference.
", "ErrorDetails$Message": "Detailed information about the reason that the operation failed.
", - "ErrorDetails$Code": "The error code associated with the operation failure.
" + "ErrorDetails$Code": "The error code associated with the operation failure.
", + "RoleLastUsed$Region": "The name of the AWS Region in which the role was last used.
" } }, "summaryKeyType": { @@ -3182,7 +3191,7 @@ } }, "thumbprintType": { - "base": "Contains a thumbprint for an identity provider's server certificate.
The identity provider's server certificate thumbprint is the hex-encoded SHA-1 hash value of the self-signed X.509 certificate used by the domain where the OpenID Connect provider makes its keys available. It is always a 40-character string.
", + "base": "Contains a thumbprint for an identity provider's server certificate.
The identity provider's server certificate thumbprint is the hex-encoded SHA-1 hash value of the self-signed X.509 certificate. This thumbprint is used by the domain where the OpenID Connect provider makes its keys available. The thumbprint is always a 40-character string.
", "refs": { "thumbprintListType$member": null } diff --git a/models/apis/iam/2010-05-08/examples-1.json b/models/apis/iam/2010-05-08/examples-1.json index 928dc2132a0..cd3a94aa608 100644 --- a/models/apis/iam/2010-05-08/examples-1.json +++ b/models/apis/iam/2010-05-08/examples-1.json @@ -733,8 +733,13 @@ "Arn": "arn:aws:iam::123456789012:role/Test-Role", "AssumeRolePolicyDocument": "Cancels a job.
", "CancelJobExecution": "Cancels the execution of a job for a given thing.
", "ClearDefaultAuthorizer": "Clears the default authorizer.
", + "ConfirmTopicRuleDestination": "Confirms a topic rule destination. When you create a rule requiring a destination, AWS IoT sends a confirmation message to the endpoint or base address you specify. The message includes a token which you pass back when calling ConfirmTopicRuleDestination
to confirm that you own or have access to the endpoint.
Creates an authorizer.
", "CreateBillingGroup": "Creates a billing group.
", "CreateCertificateFromCsr": "Creates an X.509 certificate using the specified certificate signing request.
Note: The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256 or NIST P-384 curves.
Note: Reusing the same certificate signing request (CSR) results in a distinct certificate.
You can create multiple certificates in a batch by creating a directory, copying multiple .csr files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs.
Assuming a set of CSRs are located inside of the directory my-csr-directory:
On Linux and OS X, the command is:
$ ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}
This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the aws iot create-certificate-from-csr AWS CLI command to create a certificate for the corresponding CSR.
The aws iot create-certificate-from-csr part of the command can also be run in parallel to speed up the certificate creation process:
$ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}
On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is:
> ls -Name my-csr-directory | %{aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/$_}
On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is:
> forfiles /p my-csr-directory /c \"cmd /c aws iot create-certificate-from-csr --certificate-signing-request file://@path\"
", @@ -34,6 +35,7 @@ "CreateThingGroup": "Create a thing group.
This is a control plane operation. See Authorization for information about authorizing control plane actions.
Creates a new thing type.
", "CreateTopicRule": "Creates a rule. Creating rules is an administrator-level action. Any user who has permission to create rules will be able to access data processed by the rule.
", + "CreateTopicRuleDestination": "Creates a topic rule destination. The destination must be confirmed prior to use.
", "DeleteAccountAuditConfiguration": "Restores the default settings for Device Defender audits for this account. Any configuration data you entered is deleted and all audit checks are reset to disabled.
", "DeleteAuthorizer": "Deletes an authorizer.
", "DeleteBillingGroup": "Deletes the billing group.
", @@ -55,6 +57,7 @@ "DeleteThingGroup": "Deletes a thing group.
", "DeleteThingType": "Deletes the specified thing type. You cannot delete a thing type if it has things associated with it. To delete a thing type, first mark it as deprecated by calling DeprecateThingType, then remove any associated things by calling UpdateThing to change the thing type on any associated thing, and finally use DeleteThingType to delete the thing type.
", "DeleteTopicRule": "Deletes the rule.
", + "DeleteTopicRuleDestination": "Deletes a topic rule destination.
", "DeleteV2LoggingLevel": "Deletes a logging level.
", "DeprecateThingType": "Deprecates a thing type. You can not associate new things with deprecated thing type.
", "DescribeAccountAuditConfiguration": "Gets information about the Device Defender audit settings for this account. Settings include how audit notifications are sent and which audit checks are enabled or disabled.
", @@ -86,18 +89,19 @@ "DetachThingPrincipal": "Detaches the specified principal from the specified thing. A principal can be X.509 certificates, IAM users, groups, and roles, Amazon Cognito identities or federated identities.
This call is asynchronous. It might take several seconds for the detachment to propagate.
Disables the rule.
", "EnableTopicRule": "Enables the rule.
", - "GetCardinality": "Returns the number of things with distinct values for the aggregation field.
", + "GetCardinality": "Returns the approximate count of unique values that match the query.
", "GetEffectivePolicies": "Gets a list of the policies that have an effect on the authorization behavior of the specified device when it connects to the AWS IoT device gateway.
", "GetIndexingConfiguration": "Gets the search configuration.
", "GetJobDocument": "Gets a job document.
", "GetLoggingOptions": "Gets the logging options.
NOTE: use of this command is not recommended. Use GetV2LoggingOptions
instead.
Gets an OTA update.
", - "GetPercentiles": "Returns the percentile values for the aggregation field. The results from GetPercentiles is an approximation. The default percentile groupings are: 1,5,25,50,75,95,99. You can specify custom percentile grouping using the percents argument to the GetPercentiles API.
", + "GetPercentiles": "Groups the aggregated values that match the query into percentile groupings. The default percentile groupings are: 1,5,25,50,75,95,99, although you can specify your own when you call GetPercentiles
. This function returns a value for each percentile group specified (or the default percentile groupings). The percentile group \"1\" contains the aggregated field value that occurs in approximately one percent of the values that match the query. The percentile group \"5\" contains the aggregated field value that occurs in approximately five percent of the values that match the query, and so on. The result is an approximation, the more values that match the query, the more accurate the percentile values.
Gets information about the specified policy with the policy document of the default version.
", "GetPolicyVersion": "Gets information about the specified policy version.
", "GetRegistrationCode": "Gets a registration code used to register a CA certificate with AWS IoT.
", - "GetStatistics": "Gets statistics returns the count, average, sum, minimum, maximum, sumOfSquares, variance, and standard deviation for the specified aggregated field. If the aggregation field is of type String, only the count statistic is returned.
", + "GetStatistics": "Gets statistics about things that match the specified query.
", "GetTopicRule": "Gets information about the rule.
", + "GetTopicRuleDestination": "Gets information about a topic rule destination.
", "GetV2LoggingOptions": "Gets the fine grained logging options.
", "ListActiveViolations": "Lists the active violations for a given Device Defender security profile.
", "ListAttachedPolicies": "Lists the policies attached to the specified thing group.
", @@ -139,12 +143,13 @@ "ListThings": "Lists your things. Use the attributeName and attributeValue parameters to filter your things. For example, calling ListThings
with attributeName=Color and attributeValue=Red retrieves all things in the registry that contain an attribute Color with the value Red.
Lists the things you have added to the given billing group.
", "ListThingsInThingGroup": "Lists the things in the specified group.
", + "ListTopicRuleDestinations": "Lists all the topic rule destinations in your AWS account.
", "ListTopicRules": "Lists the rules for the specific topic.
", "ListV2LoggingLevels": "Lists logging levels.
", "ListViolationEvents": "Lists the Device Defender security profile violations discovered during the given time period. You can use filters to limit the results to those alerts issued for a particular security profile, behavior, or thing (device).
", "RegisterCACertificate": "Registers a CA certificate with AWS IoT. This CA certificate can then be used to sign device certificates, which can be then registered with AWS IoT. You can register up to 10 CA certificates per AWS account that have the same subject field. This enables you to have up to 10 certificate authorities sign your device certificates. If you have more than one CA certificate registered, make sure you pass the CA certificate when you register your device certificates with the RegisterCertificate API.
", "RegisterCertificate": "Registers a device certificate with AWS IoT. If you have more than one CA certificate that has the same subject field, you must specify the CA certificate that was used to sign the device certificate being registered.
", - "RegisterThing": "Provisions a thing in the device registry. RegisterThing calls other AWS IoT control plane APIs. These calls might exceed your account level AWS IoT Throttling Limits and cause throttle errors. Please contact AWS Customer Support to raise your throttling limits if necessary.
", + "RegisterThing": "Provisions a thing.
", "RejectCertificateTransfer": "Rejects a pending certificate transfer. After AWS IoT rejects a certificate transfer, the certificate status changes from PENDING_TRANSFER to INACTIVE.
To check for pending certificate transfers, call ListCertificates to enumerate your certificates.
This operation can only be called by the transfer destination. After it is called, the certificate will be returned to the source's account in the INACTIVE state.
", "RemoveThingFromBillingGroup": "Removes the given thing from the billing group.
", "RemoveThingFromThingGroup": "Remove the specified thing from the specified group.
", @@ -181,6 +186,7 @@ "UpdateThing": "Updates the data for a thing.
", "UpdateThingGroup": "Update a thing group.
", "UpdateThingGroupsForThing": "Updates the groups to which the thing belongs.
", + "UpdateTopicRuleDestination": "Updates a topic rule destination. You use this to change the status, endpoint URL, or confirmation URL of the destination.
", "ValidateSecurityProfileBehaviors": "Validates a Device Defender security profile behaviors specification.
" }, "shapes": { @@ -301,7 +307,7 @@ "refs": { "GetCardinalityRequest$aggregationField": "The field to aggregate.
", "GetPercentilesRequest$aggregationField": "The field to aggregate.
", - "GetStatisticsRequest$aggregationField": "The aggregation field name.
" + "GetStatisticsRequest$aggregationField": "The aggregation field name. Currently not supported.
" } }, "AlarmName": { @@ -768,7 +774,7 @@ "Average": { "base": null, "refs": { - "Statistics$average": "The average of the aggregated field values.
" + "Statistics$average": "The average of the aggregated fields. If the field data type is String this value is indeterminate.
" } }, "AwsAccountId": { @@ -788,11 +794,13 @@ "refs": { "CloudwatchAlarmAction$roleArn": "The IAM role that allows access to the CloudWatch alarm.
", "CloudwatchMetricAction$roleArn": "The IAM role that allows access to the CloudWatch metric.
", + "DeleteTopicRuleDestinationRequest$arn": "The ARN of the topic rule destination to delete.
", "DynamoDBAction$roleArn": "The ARN of the IAM role that grants access to the DynamoDB table.
", "DynamoDBv2Action$roleArn": "The ARN of the IAM role that grants access to the DynamoDB table.
", "ElasticsearchAction$roleArn": "The IAM role ARN that has access to Elasticsearch.
", "FirehoseAction$roleArn": "The IAM role that grants access to the Amazon Kinesis Firehose stream.
", "GetLoggingOptionsResponse$roleArn": "The ARN of the IAM role that grants access.
", + "GetTopicRuleDestinationRequest$arn": "The ARN of the topic rule destination.
", "GetV2LoggingOptionsResponse$roleArn": "The IAM role ARN AWS IoT uses to write to your CloudWatch logs.
", "IotAnalyticsAction$channelArn": "(deprecated) The ARN of the IoT Analytics channel to which message data will be sent.
", "IotAnalyticsAction$roleArn": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).
", @@ -802,10 +810,14 @@ "RepublishAction$roleArn": "The ARN of the IAM role that grants access.
", "S3Action$roleArn": "The ARN of the IAM role that grants access.
", "SetV2LoggingOptionsRequest$roleArn": "The ARN of the role that allows IoT to write to Cloudwatch logs.
", + "SigV4Authorization$roleArn": "The ARN of the signing role.
", "SnsAction$targetArn": "The ARN of the SNS topic.
", "SnsAction$roleArn": "The ARN of the IAM role that grants access.
", "SqsAction$roleArn": "The ARN of the IAM role that grants access.
", - "StepFunctionsAction$roleArn": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").
" + "StepFunctionsAction$roleArn": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").
", + "TopicRuleDestination$arn": "The topic rule destination URL.
", + "TopicRuleDestinationSummary$arn": "The topic rule destination ARN.
", + "UpdateTopicRuleDestinationRequest$arn": "The ARN of the topic rule destination.
" } }, "AwsIotJobArn": { @@ -1285,6 +1297,22 @@ "EventConfigurations$value": null } }, + "ConfirmTopicRuleDestinationRequest": { + "base": null, + "refs": { + } + }, + "ConfirmTopicRuleDestinationResponse": { + "base": null, + "refs": { + } + }, + "ConfirmationToken": { + "base": null, + "refs": { + "ConfirmTopicRuleDestinationRequest$confirmationToken": "The token used to confirm ownership or access to the topic rule confirmation URL.
" + } + }, "ConflictingResourceUpdateException": { "base": "A conflicting resource update exception. This exception is thrown when two pending updates cause a conflict.
", "refs": { @@ -1313,7 +1341,7 @@ "refs": { "DescribeThingRegistrationTaskResponse$successCount": "The number of things successfully provisioned.
", "DescribeThingRegistrationTaskResponse$failureCount": "The number of things that failed to be provisioned.
", - "GetCardinalityResponse$cardinality": "The number of things that match the query.
", + "GetCardinalityResponse$cardinality": "The approximate count of unique values that match the query.
", "Statistics$count": "The count of things that match the query.
" } }, @@ -1487,6 +1515,16 @@ "refs": { } }, + "CreateTopicRuleDestinationRequest": { + "base": null, + "refs": { + } + }, + "CreateTopicRuleDestinationResponse": { + "base": null, + "refs": { + } + }, "CreateTopicRuleRequest": { "base": "The input for the CreateTopicRule operation.
", "refs": { @@ -1545,8 +1583,8 @@ "CertificateValidity$notAfter": "The certificate is not valid after this date.
", "GetPolicyResponse$creationDate": "The date the policy was created.
", "GetPolicyResponse$lastModifiedDate": "The date the policy was last modified.
", - "GetPolicyVersionResponse$creationDate": "The date the policy was created.
", - "GetPolicyVersionResponse$lastModifiedDate": "The date the policy was last modified.
", + "GetPolicyVersionResponse$creationDate": "The date the policy version was created.
", + "GetPolicyVersionResponse$lastModifiedDate": "The date the policy version was last modified.
", "Job$createdAt": "The time, in seconds since the epoch, when the job was created.
", "Job$lastUpdatedAt": "The time, in seconds since the epoch, when the job was last updated.
", "Job$completedAt": "The time, in seconds since the epoch, when the job was completed.
", @@ -1802,6 +1840,16 @@ "refs": { } }, + "DeleteTopicRuleDestinationRequest": { + "base": null, + "refs": { + } + }, + "DeleteTopicRuleDestinationResponse": { + "base": null, + "refs": { + } + }, "DeleteTopicRuleRequest": { "base": "The input for the DeleteTopicRule operation.
", "refs": { @@ -2368,7 +2416,7 @@ } }, "Field": { - "base": "Describes the name and data type at a field.
", + "base": "The field to aggregate.
", "refs": { "Fields$member": null } @@ -2382,16 +2430,16 @@ "FieldType": { "base": null, "refs": { - "Field$type": "The datatype of the field.
" + "Field$type": "The data type of the field.
" } }, "Fields": { "base": null, "refs": { - "ThingGroupIndexingConfiguration$managedFields": "Contains fields that are indexed and whose types are already known by the Fleet Indexing service.
", - "ThingGroupIndexingConfiguration$customFields": "Contains custom field names and their data type.
", - "ThingIndexingConfiguration$managedFields": "Contains fields that are indexed and whose types are already known by the Fleet Indexing service.
", - "ThingIndexingConfiguration$customFields": "Contains custom field names and their data type.
" + "ThingGroupIndexingConfiguration$managedFields": "A list of automatically indexed thing group fields.
", + "ThingGroupIndexingConfiguration$customFields": "A list of thing group fields to index. This list cannot contain any managed fields. Use the GetIndexingConfiguration API to get a list of managed fields.
", + "ThingIndexingConfiguration$managedFields": "A list of automatically indexed thing fields.
", + "ThingIndexingConfiguration$customFields": "A list of thing fields to index. This list cannot contain any managed fields. Use the GetIndexingConfiguration API to get a list of managed fields.
" } }, "FileId": { @@ -2482,12 +2530,6 @@ "LambdaAction$functionArn": "The ARN of the Lambda function.
" } }, - "GEMaxResults": { - "base": null, - "refs": { - "ListTopicRulesRequest$maxResults": "The maximum number of results to return.
" - } - }, "GenerationId": { "base": null, "refs": { @@ -2607,6 +2649,16 @@ "refs": { } }, + "GetTopicRuleDestinationRequest": { + "base": null, + "refs": { + } + }, + "GetTopicRuleDestinationResponse": { + "base": null, + "refs": { + } + }, "GetTopicRuleRequest": { "base": "The input for the GetTopicRule operation.
", "refs": { @@ -2652,6 +2704,60 @@ "DynamoDBAction$hashKeyValue": "The hash key value.
" } }, + "HeaderKey": { + "base": null, + "refs": { + "HttpActionHeader$key": "The HTTP header key.
" + } + }, + "HeaderList": { + "base": null, + "refs": { + "HttpAction$headers": "The HTTP headers to send with the message data.
" + } + }, + "HeaderValue": { + "base": null, + "refs": { + "HttpActionHeader$value": "The HTTP header value. Substitution templates are supported.
" + } + }, + "HttpAction": { + "base": "Send data to an HTTPS endpoint.
", + "refs": { + "Action$http": "Send data to an HTTPS endpoint.
" + } + }, + "HttpActionHeader": { + "base": "The HTTP action header.
", + "refs": { + "HeaderList$member": null + } + }, + "HttpAuthorization": { + "base": "The authorization method used to send messages.
", + "refs": { + "HttpAction$auth": "The authentication method to use when sending data to an HTTPS endpoint.
" + } + }, + "HttpUrlDestinationConfiguration": { + "base": "HTTP URL destination configuration used by the topic rule's HTTP action.
", + "refs": { + "TopicRuleDestinationConfiguration$httpUrlConfiguration": "Configuration of the HTTP URL.
" + } + }, + "HttpUrlDestinationProperties": { + "base": "HTTP URL destination properties.
", + "refs": { + "TopicRuleDestination$httpUrlProperties": "Properties of the HTTP URL.
" + } + }, + "HttpUrlDestinationSummary": { + "base": "Information about an HTTP URL destination.
", + "refs": { + "TopicRuleDestinationSummary$httpUrlSummary": "Information about the HTTP URL.
" + } + }, "ImplicitDeny": { "base": "Information that implicitly denies authorization. When policy doesn't explicitly deny or allow an action on a resource it is considered an implicit deny.
", "refs": { @@ -3429,6 +3535,16 @@ "refs": { } }, + "ListTopicRuleDestinationsRequest": { + "base": null, + "refs": { + } + }, + "ListTopicRuleDestinationsResponse": { + "base": null, + "refs": { + } + }, "ListTopicRulesRequest": { "base": "The input for the ListTopicRules operation.
", "refs": { @@ -3570,7 +3686,7 @@ "Maximum": { "base": null, "refs": { - "Statistics$maximum": "The maximum aggregated field value.
" + "Statistics$maximum": "The maximum value of the aggregated fields. If the field data type is String this value is indeterminate.
" } }, "MaximumPerMinute": { @@ -3612,7 +3728,7 @@ "Minimum": { "base": null, "refs": { - "Statistics$minimum": "The minimum aggregated field value.
" + "Statistics$minimum": "The minimum value of the aggregated fields. If the field data type is String this value is indeterminate.
" } }, "MinimumNumberOfExecutedThings": { @@ -3769,6 +3885,8 @@ "ListThingsInThingGroupResponse$nextToken": "The token used to get the next set of results, or null if there are no additional results.
", "ListThingsRequest$nextToken": "The token to retrieve the next set of results.
", "ListThingsResponse$nextToken": "The token used to get the next set of results, or null if there are no additional results.
", + "ListTopicRuleDestinationsRequest$nextToken": "The token to retrieve the next set of results.
", + "ListTopicRuleDestinationsResponse$nextToken": "The token to retrieve the next set of results.
", "ListTopicRulesRequest$nextToken": "A token used to retrieve the next value.
", "ListTopicRulesResponse$nextToken": "A token used to retrieve the next value.
", "ListV2LoggingLevelsRequest$nextToken": "The token used to get the next set of results, or null if there are no additional results.
", @@ -3983,7 +4101,7 @@ "PercentValue": { "base": null, "refs": { - "PercentPair$value": "The value.
" + "PercentPair$value": "The value of the percentile.
" } }, "Percentage": { @@ -4874,6 +4992,12 @@ "ListTargetsForSecurityProfileResponse$securityProfileTargets": "The thing groups to which the security profile is attached.
" } }, + "ServiceName": { + "base": null, + "refs": { + "SigV4Authorization$serviceName": "The service name to use while signing with Sig V4.
" + } + }, "ServiceUnavailableException": { "base": "The service is temporarily unavailable.
", "refs": { @@ -4930,6 +5054,12 @@ "refs": { } }, + "SigV4Authorization": { + "base": "Use Sig V4 authorization.
", + "refs": { + "HttpAuthorization$sigv4": "Use Sig V4 authorization. For more information, see Signature Version 4 Signing Process.
" + } + }, "Signature": { "base": null, "refs": { @@ -4960,6 +5090,12 @@ "StartSigningJobParameter$signingProfileParameter": "Describes the code-signing profile.
" } }, + "SigningRegion": { + "base": null, + "refs": { + "SigV4Authorization$signingRegion": "The signing region.
" + } + }, "SkippedFindingsCount": { "base": null, "refs": { @@ -5071,7 +5207,7 @@ "StdDeviation": { "base": null, "refs": { - "Statistics$stdDeviation": "The standard deviation of the aggregated field valuesl
" + "Statistics$stdDeviation": "The standard deviation of the aggregated field values.
" } }, "StepFunctionsAction": { @@ -5187,7 +5323,9 @@ "CloudwatchMetricAction$metricTimestamp": "An optional Unix timestamp.
", "CreateTopicRuleRequest$tags": "Metadata which can be used to manage the topic rule.
For URI Request parameters use format: ...key1=value1&key2=value2...
For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"
For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"
Additional details or reason why the topic rule destination is in the current status.
", + "TopicRuleDestinationSummary$statusReason": "The reason the topic rule destination is in the current status.
" } }, "StringMap": { @@ -5212,7 +5350,7 @@ "Sum": { "base": null, "refs": { - "Statistics$sum": "The sum of the aggregated field values.
" + "Statistics$sum": "The sum of the aggregated fields. If the field data type is String this value is indeterminate.
" } }, "SumOfSquares": { @@ -5772,6 +5910,45 @@ "GetTopicRuleResponse$rule": "The rule.
" } }, + "TopicRuleDestination": { + "base": "A topic rule destination.
", + "refs": { + "CreateTopicRuleDestinationResponse$topicRuleDestination": "The topic rule destination.
", + "GetTopicRuleDestinationResponse$topicRuleDestination": "The topic rule destination.
" + } + }, + "TopicRuleDestinationConfiguration": { + "base": "Configuration of the topic rule destination.
", + "refs": { + "CreateTopicRuleDestinationRequest$destinationConfiguration": "The topic rule destination configuration.
" + } + }, + "TopicRuleDestinationMaxResults": { + "base": null, + "refs": { + "ListTopicRuleDestinationsRequest$maxResults": "The maximum number of results to return at one time.
" + } + }, + "TopicRuleDestinationStatus": { + "base": null, + "refs": { + "TopicRuleDestination$status": "The status of the topic rule destination. Valid values are:
A topic rule destination was created but has not been confirmed. You can set status
to IN_PROGRESS
by calling UpdateTopicRuleDestination
. Calling UpdateTopicRuleDestination
causes a new confirmation challenge to be sent to your confirmation endpoint.
Confirmation was completed, and traffic to this destination is allowed. You can set status
to DISABLED
by calling UpdateTopicRuleDestination
.
Confirmation was completed, and traffic to this destination is not allowed. You can set status
to ENABLED
by calling UpdateTopicRuleDestination
.
Confirmation could not be completed, for example if the confirmation timed out. You can call GetTopicRuleDestination
for details about the error. You can set status
to IN_PROGRESS
by calling UpdateTopicRuleDestination
. Calling UpdateTopicRuleDestination
causes a new confirmation challenge to be sent to your confirmation endpoint.
The status of the topic rule destination. Valid values are:
A topic rule destination was created but has not been confirmed. You can set status
to IN_PROGRESS
by calling UpdateTopicRuleDestination
. Calling UpdateTopicRuleDestination
causes a new confirmation challenge to be sent to your confirmation endpoint.
Confirmation was completed, and traffic to this destination is allowed. You can set status
to DISABLED
by calling UpdateTopicRuleDestination
.
Confirmation was completed, and traffic to this destination is not allowed. You can set status
to ENABLED
by calling UpdateTopicRuleDestination
.
Confirmation could not be completed, for example if the confirmation timed out. You can call GetTopicRuleDestination
for details about the error. You can set status
to IN_PROGRESS
by calling UpdateTopicRuleDestination
. Calling UpdateTopicRuleDestination
causes a new confirmation challenge to be sent to your confirmation endpoint.
The status of the topic rule destination. Valid values are:
A topic rule destination was created but has not been confirmed. You can set status
to IN_PROGRESS
by calling UpdateTopicRuleDestination
. Calling UpdateTopicRuleDestination
causes a new confirmation challenge to be sent to your confirmation endpoint.
Confirmation was completed, and traffic to this destination is allowed. You can set status
to DISABLED
by calling UpdateTopicRuleDestination
.
Confirmation was completed, and traffic to this destination is not allowed. You can set status
to ENABLED
by calling UpdateTopicRuleDestination
.
Confirmation could not be completed, for example if the confirmation timed out. You can call GetTopicRuleDestination
for details about the error. You can set status
to IN_PROGRESS
by calling UpdateTopicRuleDestination
. Calling UpdateTopicRuleDestination
causes a new confirmation challenge to be sent to your confirmation endpoint.
Information about a topic rule destination.
" + } + }, + "TopicRuleDestinationSummary": { + "base": "Information about the topic rule destination.
", + "refs": { + "TopicRuleDestinationSummaries$member": null + } + }, "TopicRuleList": { "base": null, "refs": { @@ -5784,6 +5961,12 @@ "TopicRuleList$member": null } }, + "TopicRuleMaxResults": { + "base": null, + "refs": { + "ListTopicRulesRequest$maxResults": "The maximum number of results to return.
" + } + }, "TopicRulePayload": { "base": "Describes a rule.
", "refs": { @@ -6029,6 +6212,26 @@ "refs": { } }, + "UpdateTopicRuleDestinationRequest": { + "base": null, + "refs": { + } + }, + "UpdateTopicRuleDestinationResponse": { + "base": null, + "refs": { + } + }, + "Url": { + "base": null, + "refs": { + "HttpAction$url": "The endpoint URL. If substitution templates are used in the URL, you must also specify a confirmationUrl
. If this is a new destination, a new TopicRuleDestination
is created if possible.
The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substituion template before traffic is allowed to your endpoint URL.
", + "HttpUrlDestinationConfiguration$confirmationUrl": "The URL AWS IoT uses to confirm ownership of or access to the topic rule destination URL.
", + "HttpUrlDestinationProperties$confirmationUrl": "The URL used to confirm the HTTP topic rule destination URL.
", + "HttpUrlDestinationSummary$confirmationUrl": "The URL used to confirm ownership of or access to the HTTP topic rule destination URL.
" + } + }, "UseBase64": { "base": null, "refs": { diff --git a/models/apis/lambda/2015-03-31/api-2.json b/models/apis/lambda/2015-03-31/api-2.json index 0621a198e42..70ab245b1c6 100644 --- a/models/apis/lambda/2015-03-31/api-2.json +++ b/models/apis/lambda/2015-03-31/api-2.json @@ -2061,10 +2061,13 @@ "nodejs6.10", "nodejs8.10", "nodejs10.x", + "nodejs12.x", "java8", + "java11", "python2.7", "python3.6", "python3.7", + "python3.8", "dotnetcore1.0", "dotnetcore2.0", "dotnetcore2.1", diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 2df37979d86..47afed048f2 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -2651,6 +2651,10 @@ "qldb" : { "endpoints" : { "ap-northeast-1" : { }, + "ap-northeast-2" : { }, + "ap-southeast-1" : { }, + "ap-southeast-2" : { }, + "eu-central-1" : { }, "eu-west-1" : { }, "us-east-1" : { }, "us-east-2" : { }, @@ -3326,6 +3330,10 @@ "session.qldb" : { "endpoints" : { "ap-northeast-1" : { }, + "ap-northeast-2" : { }, + "ap-southeast-1" : { }, + "ap-southeast-2" : { }, + "eu-central-1" : { }, "eu-west-1" : { }, "us-east-1" : { }, "us-east-2" : { }, diff --git a/service/autoscaling/api.go b/service/autoscaling/api.go index 87b84c1a8f2..cfa9204ebdd 100644 --- a/service/autoscaling/api.go +++ b/service/autoscaling/api.go @@ -3925,6 +3925,15 @@ func (c *AutoScaling) EnterStandbyRequest(input *EnterStandbyInput) (req *reques // // Moves the specified instances into the standby state. // +// If you choose to decrement the desired capacity of the Auto Scaling group, +// the instances can enter standby as long as the desired capacity of the Auto +// Scaling group after the instances are placed into standby is equal to or +// greater than the minimum capacity of the group. +// +// If you choose not to decrement the desired capacity of the Auto Scaling group, +// the Auto Scaling group launches new instances to replace the instances on +// standby. +// // For more information, see Temporarily Removing Instances from Your Auto Scaling // Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-enter-exit-standby.html) // in the Amazon EC2 Auto Scaling User Guide. @@ -4094,6 +4103,8 @@ func (c *AutoScaling) ExitStandbyRequest(input *ExitStandbyInput) (req *request. // // Moves the specified instances out of the standby state. // +// After you put the instances back in service, the desired capacity is incremented. +// // For more information, see Temporarily Removing Instances from Your Auto Scaling // Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-enter-exit-standby.html) // in the Amazon EC2 Auto Scaling User Guide. @@ -5225,8 +5236,7 @@ func (c *AutoScaling) UpdateAutoScalingGroupRequest(input *UpdateAutoScalingGrou // To update an Auto Scaling group, specify the name of the group and the parameter // that you want to change. Any parameters that you don't specify are not changed // by this update request. The new settings take effect on any scaling activities -// after this call returns. Scaling activities that are currently in progress -// aren't affected. +// after this call returns. // // If you associate a new launch configuration or template with an Auto Scaling // group, all new instances will get the updated configuration. Existing instances @@ -6136,6 +6146,11 @@ type CreateAutoScalingGroupInput struct { // in the Amazon EC2 Auto Scaling User Guide. LoadBalancerNames []*string `type:"list"` + // The maximum amount of time, in seconds, that an instance can be in service. + // + // Valid Range: Minimum value of 604800. + MaxInstanceLifetime *int64 `type:"integer"` + // The maximum size of the group. // // MaxSize is a required field @@ -6370,6 +6385,12 @@ func (s *CreateAutoScalingGroupInput) SetLoadBalancerNames(v []*string) *CreateA return s } +// SetMaxInstanceLifetime sets the MaxInstanceLifetime field's value. +func (s *CreateAutoScalingGroupInput) SetMaxInstanceLifetime(v int64) *CreateAutoScalingGroupInput { + s.MaxInstanceLifetime = &v + return s +} + // SetMaxSize sets the MaxSize field's value. func (s *CreateAutoScalingGroupInput) SetMaxSize(v int64) *CreateAutoScalingGroupInput { s.MaxSize = &v @@ -6578,7 +6599,7 @@ type CreateLaunchConfigurationInput struct { // For more information, see Instance Placement Tenancy (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html#as-vpc-tenancy) // in the Amazon EC2 Auto Scaling User Guide. // - // Valid values: default | dedicated + // Valid Values: default | dedicated PlacementTenancy *string `min:"1" type:"string"` // The ID of the RAM disk to select. @@ -6598,17 +6619,13 @@ type CreateLaunchConfigurationInput struct { // The maximum hourly price to be paid for any Spot Instance launched to fulfill // the request. Spot Instances are launched when the price you specify exceeds - // the current Spot market price. For more information, see Launching Spot Instances + // the current Spot price. For more information, see Launching Spot Instances // in Your Auto Scaling Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-launch-spot-instances.html) // in the Amazon EC2 Auto Scaling User Guide. // - // If a Spot price is set, then the Auto Scaling group will only launch instances - // when the Spot price has been met, regardless of the setting in the Auto Scaling - // group's DesiredCapacity. - // - // When you change your Spot price by creating a new launch configuration, running - // instances will continue to run as long as the Spot price for those running - // instances is higher than the current Spot market price. + // When you change your maximum price by creating a new launch configuration, + // running instances will continue to run as long as the maximum price for those + // running instances is higher than the current Spot price. SpotPrice *string `min:"1" type:"string"` // The Base64-encoded user data to make available to the launched EC2 instances. @@ -9133,7 +9150,7 @@ type Ebs struct { // or sc1 for Cold HDD. For more information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon EC2 User Guide for Linux Instances. // - // Valid values: standard | io1 | gp2 | st1 | sc1 + // Valid Values: standard | io1 | gp2 | st1 | sc1 VolumeType *string `min:"1" type:"string"` } @@ -9765,6 +9782,11 @@ type Group struct { // One or more load balancers associated with the group. LoadBalancerNames []*string `type:"list"` + // The maximum amount of time, in seconds, that an instance can be in service. + // + // Valid Range: Minimum value of 604800. + MaxInstanceLifetime *int64 `type:"integer"` + // The maximum size of the group. // // MaxSize is a required field @@ -9896,6 +9918,12 @@ func (s *Group) SetLoadBalancerNames(v []*string) *Group { return s } +// SetMaxInstanceLifetime sets the MaxInstanceLifetime field's value. +func (s *Group) SetMaxInstanceLifetime(v int64) *Group { + s.MaxInstanceLifetime = &v + return s +} + // SetMaxSize sets the MaxSize field's value. func (s *Group) SetMaxSize(v int64) *Group { s.MaxSize = &v @@ -9990,6 +10018,9 @@ type Instance struct { // InstanceId is a required field InstanceId *string `min:"1" type:"string" required:"true"` + // The instance type of the EC2 instance. + InstanceType *string `min:"1" type:"string"` + // The launch configuration associated with the instance. LaunchConfigurationName *string `min:"1" type:"string"` @@ -10007,6 +10038,12 @@ type Instance struct { // // ProtectedFromScaleIn is a required field ProtectedFromScaleIn *bool `type:"boolean" required:"true"` + + // The number of capacity units contributed by the instance based on its instance + // type. + // + // Valid Range: Minimum value of 1. Maximum value of 999. + WeightedCapacity *string `min:"1" type:"string"` } // String returns the string representation @@ -10037,6 +10074,12 @@ func (s *Instance) SetInstanceId(v string) *Instance { return s } +// SetInstanceType sets the InstanceType field's value. +func (s *Instance) SetInstanceType(v string) *Instance { + s.InstanceType = &v + return s +} + // SetLaunchConfigurationName sets the LaunchConfigurationName field's value. func (s *Instance) SetLaunchConfigurationName(v string) *Instance { s.LaunchConfigurationName = &v @@ -10061,6 +10104,12 @@ func (s *Instance) SetProtectedFromScaleIn(v bool) *Instance { return s } +// SetWeightedCapacity sets the WeightedCapacity field's value. +func (s *Instance) SetWeightedCapacity(v string) *Instance { + s.WeightedCapacity = &v + return s +} + // Describes an EC2 instance associated with an Auto Scaling group. type InstanceDetails struct { _ struct{} `type:"structure"` @@ -10088,6 +10137,9 @@ type InstanceDetails struct { // InstanceId is a required field InstanceId *string `min:"1" type:"string" required:"true"` + // The instance type of the EC2 instance. + InstanceType *string `min:"1" type:"string"` + // The launch configuration used to launch the instance. This value is not available // if you attached the instance to the Auto Scaling group. LaunchConfigurationName *string `min:"1" type:"string"` @@ -10105,6 +10157,12 @@ type InstanceDetails struct { // // ProtectedFromScaleIn is a required field ProtectedFromScaleIn *bool `type:"boolean" required:"true"` + + // The number of capacity units contributed by the instance based on its instance + // type. + // + // Valid Range: Minimum value of 1. Maximum value of 999. + WeightedCapacity *string `min:"1" type:"string"` } // String returns the string representation @@ -10141,6 +10199,12 @@ func (s *InstanceDetails) SetInstanceId(v string) *InstanceDetails { return s } +// SetInstanceType sets the InstanceType field's value. +func (s *InstanceDetails) SetInstanceType(v string) *InstanceDetails { + s.InstanceType = &v + return s +} + // SetLaunchConfigurationName sets the LaunchConfigurationName field's value. func (s *InstanceDetails) SetLaunchConfigurationName(v string) *InstanceDetails { s.LaunchConfigurationName = &v @@ -10165,6 +10229,12 @@ func (s *InstanceDetails) SetProtectedFromScaleIn(v bool) *InstanceDetails { return s } +// SetWeightedCapacity sets the WeightedCapacity field's value. +func (s *InstanceDetails) SetWeightedCapacity(v string) *InstanceDetails { + s.WeightedCapacity = &v + return s +} + // Describes whether detailed monitoring is enabled for the Auto Scaling instances. type InstanceMonitoring struct { _ struct{} `type:"structure"` @@ -10195,6 +10265,14 @@ func (s *InstanceMonitoring) SetEnabled(v bool) *InstanceMonitoring { // and Spot Instances, the maximum price to pay for Spot Instances, and how // the Auto Scaling group allocates instance types to fulfill On-Demand and // Spot capacity. +// +// When you update SpotAllocationStrategy, SpotInstancePools, or SpotMaxPrice, +// this update action does not deploy any changes across the running Amazon +// EC2 instances in the group. Your existing Spot Instances continue to run +// as long as the maximum price for those instances is higher than the current +// Spot price. When scale out occurs, Amazon EC2 Auto Scaling launches instances +// based on the new settings. When scale in occurs, Amazon EC2 Auto Scaling +// terminates instances according to the group's termination policies. type InstancesDistribution struct { _ struct{} `type:"structure"` @@ -10213,16 +10291,28 @@ type InstancesDistribution struct { // by On-Demand Instances. This base portion is provisioned first as your group // scales. // - // The default value is 0. If you leave this parameter set to 0, On-Demand Instances - // are launched as a percentage of the Auto Scaling group's desired capacity, - // per the OnDemandPercentageAboveBaseCapacity setting. + // Default if not set is 0. If you leave it set to 0, On-Demand Instances are + // launched as a percentage of the Auto Scaling group's desired capacity, per + // the OnDemandPercentageAboveBaseCapacity setting. + // + // An update to this setting means a gradual replacement of instances to maintain + // the specified number of On-Demand Instances for your base capacity. When + // replacing instances, Amazon EC2 Auto Scaling launches new instances before + // terminating the old ones. OnDemandBaseCapacity *int64 `type:"integer"` // Controls the percentages of On-Demand Instances and Spot Instances for your - // additional capacity beyond OnDemandBaseCapacity. The range is 0–100. + // additional capacity beyond OnDemandBaseCapacity. + // + // Default if not set is 100. If you leave it set to 100, the percentages are + // 100% for On-Demand Instances and 0% for Spot Instances. + // + // An update to this setting means a gradual replacement of instances to maintain + // the percentage of On-Demand Instances for your additional capacity above + // the base capacity. When replacing instances, Amazon EC2 Auto Scaling launches + // new instances before terminating the old ones. // - // The default value is 100. If you leave this parameter set to 100, the percentages - // are 100% for On-Demand Instances and 0% for Spot Instances. + // Valid Range: Minimum value of 0. Maximum value of 100. OnDemandPercentageAboveBaseCapacity *int64 `type:"integer"` // Indicates how to allocate instances across Spot Instance pools. @@ -10242,9 +10332,11 @@ type InstancesDistribution struct { // The number of Spot Instance pools across which to allocate your Spot Instances. // The Spot pools are determined from the different instance types in the Overrides - // array of LaunchTemplate. The range is 1–20. The default value is 2. + // array of LaunchTemplate. Default if not set is 2. // - // Valid only when the Spot allocation strategy is lowest-price. + // Used only when the Spot allocation strategy is lowest-price. + // + // Valid Range: Minimum value of 1. Maximum value of 20. SpotInstancePools *int64 `type:"integer"` // The maximum price per unit hour that you are willing to pay for a Spot Instance. @@ -10418,7 +10510,7 @@ type LaunchConfiguration struct { // The maximum hourly price to be paid for any Spot Instance launched to fulfill // the request. Spot Instances are launched when the price you specify exceeds - // the current Spot market price. + // the current Spot price. // // For more information, see Launching Spot Instances in Your Auto Scaling Group // (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-launch-spot-instances.html) @@ -10561,6 +10653,11 @@ func (s *LaunchConfiguration) SetUserData(v string) *LaunchConfiguration { // The overrides are used to override the instance type specified by the launch // template with multiple instance types that can be used to launch On-Demand // Instances and Spot Instances. +// +// When you update the launch template or overrides, existing Amazon EC2 instances +// continue to run. When scale out occurs, Amazon EC2 Auto Scaling launches +// instances to match the new settings. When scale in occurs, Amazon EC2 Auto +// Scaling terminates instances according to the group's termination policies. type LaunchTemplate struct { _ struct{} `type:"structure"` @@ -10568,9 +10665,9 @@ type LaunchTemplate struct { // or launch template name in the request. LaunchTemplateSpecification *LaunchTemplateSpecification `type:"structure"` - // Any parameters that you specify override the same parameters in the launch - // template. Currently, the only supported override is instance type. You must - // specify between 2 and 20 overrides. + // An optional setting. Any parameters that you specify override the same parameters + // in the launch template. Currently, the only supported override is instance + // type. You can specify between 1 and 20 instance types. Overrides []*LaunchTemplateOverrides `type:"list"` } @@ -10631,6 +10728,15 @@ type LaunchTemplateOverrides struct { // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#AvailableInstanceTypes) // in the Amazon Elastic Compute Cloud User Guide. InstanceType *string `min:"1" type:"string"` + + // The number of capacity units, which gives the instance type a proportional + // weight to other instance types. For example, larger instance types are generally + // weighted more than smaller instance types. These are the same units that + // you chose to set the desired capacity in terms of instances, or a performance + // attribute such as vCPUs, memory, or I/O. + // + // Valid Range: Minimum value of 1. Maximum value of 999. + WeightedCapacity *string `min:"1" type:"string"` } // String returns the string representation @@ -10649,6 +10755,9 @@ func (s *LaunchTemplateOverrides) Validate() error { if s.InstanceType != nil && len(*s.InstanceType) < 1 { invalidParams.Add(request.NewErrParamMinLen("InstanceType", 1)) } + if s.WeightedCapacity != nil && len(*s.WeightedCapacity) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WeightedCapacity", 1)) + } if invalidParams.Len() > 0 { return invalidParams @@ -10662,6 +10771,12 @@ func (s *LaunchTemplateOverrides) SetInstanceType(v string) *LaunchTemplateOverr return s } +// SetWeightedCapacity sets the WeightedCapacity field's value. +func (s *LaunchTemplateOverrides) SetWeightedCapacity(v string) *LaunchTemplateOverrides { + s.WeightedCapacity = &v + return s +} + // Describes a launch template and the launch template version. // // The launch template that is specified must be configured for use with an @@ -11250,8 +11365,8 @@ type MixedInstancesPolicy struct { // The instances distribution to use. // - // If you leave this parameter unspecified when creating a mixed instances policy, - // the default values are used. + // If you leave this parameter unspecified, the value for each parameter in + // InstancesDistribution uses a default value. InstancesDistribution *InstancesDistribution `type:"structure"` // The launch template and instance types (overrides). @@ -11355,13 +11470,7 @@ func (s *NotificationConfiguration) SetTopicARN(v string) *NotificationConfigura type PredefinedMetricSpecification struct { _ struct{} `type:"structure"` - // The metric type. - // - // PredefinedMetricType is a required field - PredefinedMetricType *string `type:"string" required:"true" enum:"MetricType"` - - // Identifies the resource associated with the metric type. The following predefined - // metrics are available: + // The metric type. The following predefined metrics are available: // // * ASGAverageCPUUtilization - Average CPU utilization of the Auto Scaling // group. @@ -11375,15 +11484,21 @@ type PredefinedMetricSpecification struct { // * ALBRequestCountPerTarget - Number of requests completed per target in // an Application Load Balancer target group. // - // For predefined metric types ASGAverageCPUUtilization, ASGAverageNetworkIn, - // and ASGAverageNetworkOut, the parameter must not be specified as the resource - // associated with the metric type is the Auto Scaling group. For predefined - // metric type ALBRequestCountPerTarget, the parameter must be specified in - // the format: app/load-balancer-name/load-balancer-id/targetgroup/target-group-name/target-group-id - // , where app/load-balancer-name/load-balancer-id is the final portion of the - // load balancer ARN, and targetgroup/target-group-name/target-group-id is the - // final portion of the target group ARN. The target group must be attached - // to the Auto Scaling group. + // PredefinedMetricType is a required field + PredefinedMetricType *string `type:"string" required:"true" enum:"MetricType"` + + // Identifies the resource associated with the metric type. You can't specify + // a resource label unless the metric type is ALBRequestCountPerTarget and there + // is a target group attached to the Auto Scaling group. + // + // The format is app/load-balancer-name/load-balancer-id/targetgroup/target-group-name/target-group-id + // , where + // + // * app/load-balancer-name/load-balancer-id is the final portion of the + // load balancer ARN, and + // + // * targetgroup/target-group-name/target-group-id is the final portion of + // the target group ARN. ResourceLabel *string `min:"1" type:"string"` } @@ -13435,11 +13550,6 @@ type UpdateAutoScalingGroupInput struct { // The name of the launch configuration. If you specify LaunchConfigurationName // in your update request, you can't specify LaunchTemplate or MixedInstancesPolicy. - // - // To update an Auto Scaling group with a launch configuration with InstanceMonitoring - // set to false, you must first disable the collection of group metrics. Otherwise, - // you get an error. If you have previously enabled the collection of group - // metrics, you can disable it using DisableMetricsCollection. LaunchConfigurationName *string `min:"1" type:"string"` // The launch template and version to use to specify the updates. If you specify @@ -13450,6 +13560,11 @@ type UpdateAutoScalingGroupInput struct { // in the Amazon EC2 Auto Scaling API Reference. LaunchTemplate *LaunchTemplateSpecification `type:"structure"` + // The maximum amount of time, in seconds, that an instance can be in service. + // + // Valid Range: Minimum value of 604800. + MaxInstanceLifetime *int64 `type:"integer"` + // The maximum size of the Auto Scaling group. MaxSize *int64 `type:"integer"` @@ -13606,6 +13721,12 @@ func (s *UpdateAutoScalingGroupInput) SetLaunchTemplate(v *LaunchTemplateSpecifi return s } +// SetMaxInstanceLifetime sets the MaxInstanceLifetime field's value. +func (s *UpdateAutoScalingGroupInput) SetMaxInstanceLifetime(v int64) *UpdateAutoScalingGroupInput { + s.MaxInstanceLifetime = &v + return s +} + // SetMaxSize sets the MaxSize field's value. func (s *UpdateAutoScalingGroupInput) SetMaxSize(v int64) *UpdateAutoScalingGroupInput { s.MaxSize = &v diff --git a/service/cloudformation/api.go b/service/cloudformation/api.go index 91ff187aaca..4b5eb738aee 100644 --- a/service/cloudformation/api.go +++ b/service/cloudformation/api.go @@ -2458,6 +2458,124 @@ func (c *CloudFormation) DetectStackResourceDriftWithContext(ctx aws.Context, in return out, req.Send() } +const opDetectStackSetDrift = "DetectStackSetDrift" + +// DetectStackSetDriftRequest generates a "aws/request.Request" representing the +// client's request for the DetectStackSetDrift operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DetectStackSetDrift for more information on using the DetectStackSetDrift +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DetectStackSetDriftRequest method. +// req, resp := client.DetectStackSetDriftRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudformation-2010-05-15/DetectStackSetDrift +func (c *CloudFormation) DetectStackSetDriftRequest(input *DetectStackSetDriftInput) (req *request.Request, output *DetectStackSetDriftOutput) { + op := &request.Operation{ + Name: opDetectStackSetDrift, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DetectStackSetDriftInput{} + } + + output = &DetectStackSetDriftOutput{} + req = c.newRequest(op, input, output) + return +} + +// DetectStackSetDrift API operation for AWS CloudFormation. +// +// Detect drift on a stack set. When CloudFormation performs drift detection +// on a stack set, it performs drift detection on the stack associated with +// each stack instance in the stack set. For more information, see How CloudFormation +// Performs Drift Detection on a Stack Set (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-drift.html). +// +// DetectStackSetDrift returns the OperationId of the stack set drift detection +// operation. Use this operation id with DescribeStackSetOperation to monitor +// the progress of the drift detection operation. The drift detection operation +// may take some time, depending on the number of stack instances included in +// the stack set, as well as the number of resources included in each stack. +// +// Once the operation has completed, use the following actions to return drift +// information: +// +// * Use DescribeStackSet to return detailed informaiton about the stack +// set, including detailed information about the last completed drift operation +// performed on the stack set. (Information about drift operations that are +// in progress is not included.) +// +// * Use ListStackInstances to return a list of stack instances belonging +// to the stack set, including the drift status and last drift time checked +// of each instance. +// +// * Use DescribeStackInstance to return detailed information about a specific +// stack instance, including its drift status and last drift time checked. +// +// For more information on performing a drift detection operation on a stack +// set, see Detecting Unmanaged Changes in Stack Sets (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-drift.html). +// +// You can only run a single drift detection operation on a given stack set +// at one time. +// +// To stop a drift detection stack set operation, use StopStackSetOperation . +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS CloudFormation's +// API operation DetectStackSetDrift for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInvalidOperationException "InvalidOperationException" +// The specified operation isn't valid. +// +// * ErrCodeOperationInProgressException "OperationInProgressException" +// Another operation is currently in progress for this stack set. Only one operation +// can be performed for a stack set at a given time. +// +// * ErrCodeStackSetNotFoundException "StackSetNotFoundException" +// The specified stack set doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudformation-2010-05-15/DetectStackSetDrift +func (c *CloudFormation) DetectStackSetDrift(input *DetectStackSetDriftInput) (*DetectStackSetDriftOutput, error) { + req, out := c.DetectStackSetDriftRequest(input) + return out, req.Send() +} + +// DetectStackSetDriftWithContext is the same as DetectStackSetDrift with the addition of +// the ability to pass a context and additional request options. +// +// See DetectStackSetDrift for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudFormation) DetectStackSetDriftWithContext(ctx aws.Context, input *DetectStackSetDriftInput, opts ...request.Option) (*DetectStackSetDriftOutput, error) { + req, out := c.DetectStackSetDriftRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opEstimateTemplateCost = "EstimateTemplateCost" // EstimateTemplateCostRequest generates a "aws/request.Request" representing the @@ -9014,6 +9132,100 @@ func (s *DetectStackResourceDriftOutput) SetStackResourceDrift(v *StackResourceD return s } +type DetectStackSetDriftInput struct { + _ struct{} `type:"structure"` + + // The ID of the stack set operation. + OperationId *string `min:"1" type:"string" idempotencyToken:"true"` + + // The user-specified preferences for how AWS CloudFormation performs a stack + // set operation. + // + // For more information on maximum concurrent accounts and failure tolerance, + // see Stack set operation options (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html#stackset-ops-options). + OperationPreferences *StackSetOperationPreferences `type:"structure"` + + // The name of the stack set on which to perform the drift detection operation. + // + // StackSetName is a required field + StackSetName *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DetectStackSetDriftInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DetectStackSetDriftInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DetectStackSetDriftInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DetectStackSetDriftInput"} + if s.OperationId != nil && len(*s.OperationId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("OperationId", 1)) + } + if s.StackSetName == nil { + invalidParams.Add(request.NewErrParamRequired("StackSetName")) + } + if s.OperationPreferences != nil { + if err := s.OperationPreferences.Validate(); err != nil { + invalidParams.AddNested("OperationPreferences", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetOperationId sets the OperationId field's value. +func (s *DetectStackSetDriftInput) SetOperationId(v string) *DetectStackSetDriftInput { + s.OperationId = &v + return s +} + +// SetOperationPreferences sets the OperationPreferences field's value. +func (s *DetectStackSetDriftInput) SetOperationPreferences(v *StackSetOperationPreferences) *DetectStackSetDriftInput { + s.OperationPreferences = v + return s +} + +// SetStackSetName sets the StackSetName field's value. +func (s *DetectStackSetDriftInput) SetStackSetName(v string) *DetectStackSetDriftInput { + s.StackSetName = &v + return s +} + +type DetectStackSetDriftOutput struct { + _ struct{} `type:"structure"` + + // The ID of the drift detection stack set operation. + // + // you can use this operation id with DescribeStackSetOperation to monitor the + // progress of the drift detection operation. + OperationId *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s DetectStackSetDriftOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DetectStackSetDriftOutput) GoString() string { + return s.String() +} + +// SetOperationId sets the OperationId field's value. +func (s *DetectStackSetDriftOutput) SetOperationId(v string) *DetectStackSetDriftOutput { + s.OperationId = &v + return s +} + // The input for an EstimateTemplateCost action. type EstimateTemplateCostInput struct { _ struct{} `type:"structure"` @@ -12884,6 +13096,28 @@ type StackInstance struct { // The name of the AWS account that the stack instance is associated with. Account *string `type:"string"` + // Status of the stack instance's actual configuration compared to the expected + // template and parameter configuration of the stack set to which it belongs. + // + // * DRIFTED: The stack differs from the expected template and parameter + // configuration of the stack set to which it belongs. A stack instance is + // considered to have drifted if one or more of the resources in the associated + // stack have drifted. + // + // * NOT_CHECKED: AWS CloudFormation has not checked if the stack instance + // differs from its expected stack set configuration. + // + // * IN_SYNC: The stack instance's actual configuration matches its expected + // stack set configuration. + // + // * UNKNOWN: This value is reserved for future use. + DriftStatus *string `type:"string" enum:"StackDriftStatus"` + + // Most recent time when CloudFormation performed a drift detection operation + // on the stack instance. This value will be NULL for any stack instance on + // which drift detection has not yet been performed. + LastDriftCheckTimestamp *time.Time `type:"timestamp"` + // A list of parameters from the stack set template whose values have been overridden // in this stack instance. ParameterOverrides []*Parameter `type:"list"` @@ -12936,6 +13170,18 @@ func (s *StackInstance) SetAccount(v string) *StackInstance { return s } +// SetDriftStatus sets the DriftStatus field's value. +func (s *StackInstance) SetDriftStatus(v string) *StackInstance { + s.DriftStatus = &v + return s +} + +// SetLastDriftCheckTimestamp sets the LastDriftCheckTimestamp field's value. +func (s *StackInstance) SetLastDriftCheckTimestamp(v time.Time) *StackInstance { + s.LastDriftCheckTimestamp = &v + return s +} + // SetParameterOverrides sets the ParameterOverrides field's value. func (s *StackInstance) SetParameterOverrides(v []*Parameter) *StackInstance { s.ParameterOverrides = v @@ -12979,6 +13225,28 @@ type StackInstanceSummary struct { // The name of the AWS account that the stack instance is associated with. Account *string `type:"string"` + // Status of the stack instance's actual configuration compared to the expected + // template and parameter configuration of the stack set to which it belongs. + // + // * DRIFTED: The stack differs from the expected template and parameter + // configuration of the stack set to which it belongs. A stack instance is + // considered to have drifted if one or more of the resources in the associated + // stack have drifted. + // + // * NOT_CHECKED: AWS CloudFormation has not checked if the stack instance + // differs from its expected stack set configuration. + // + // * IN_SYNC: The stack instance's actual configuration matches its expected + // stack set configuration. + // + // * UNKNOWN: This value is reserved for future use. + DriftStatus *string `type:"string" enum:"StackDriftStatus"` + + // Most recent time when CloudFormation performed a drift detection operation + // on the stack instance. This value will be NULL for any stack instance on + // which drift detection has not yet been performed. + LastDriftCheckTimestamp *time.Time `type:"timestamp"` + // The name of the AWS region that the stack instance is associated with. Region *string `type:"string"` @@ -13026,6 +13294,18 @@ func (s *StackInstanceSummary) SetAccount(v string) *StackInstanceSummary { return s } +// SetDriftStatus sets the DriftStatus field's value. +func (s *StackInstanceSummary) SetDriftStatus(v string) *StackInstanceSummary { + s.DriftStatus = &v + return s +} + +// SetLastDriftCheckTimestamp sets the LastDriftCheckTimestamp field's value. +func (s *StackInstanceSummary) SetLastDriftCheckTimestamp(v time.Time) *StackInstanceSummary { + s.LastDriftCheckTimestamp = &v + return s +} + // SetRegion sets the Region field's value. func (s *StackInstanceSummary) SetRegion(v string) *StackInstanceSummary { s.Region = &v @@ -13692,6 +13972,13 @@ type StackSet struct { // The Amazon Resource Number (ARN) of the stack set. StackSetARN *string `type:"string"` + // Detailed information about the drift status of the stack set. + // + // For stack sets, contains information about the last completed drift operation + // performed on the stack set. Information about drift operations currently + // in progress is not included. + StackSetDriftDetectionDetails *StackSetDriftDetectionDetails `type:"structure"` + // The ID of the stack set. StackSetId *string `type:"string"` @@ -13756,6 +14043,12 @@ func (s *StackSet) SetStackSetARN(v string) *StackSet { return s } +// SetStackSetDriftDetectionDetails sets the StackSetDriftDetectionDetails field's value. +func (s *StackSet) SetStackSetDriftDetectionDetails(v *StackSetDriftDetectionDetails) *StackSet { + s.StackSetDriftDetectionDetails = v + return s +} + // SetStackSetId sets the StackSetId field's value. func (s *StackSet) SetStackSetId(v string) *StackSet { s.StackSetId = &v @@ -13786,6 +14079,145 @@ func (s *StackSet) SetTemplateBody(v string) *StackSet { return s } +// Detailed information about the drift status of the stack set. +// +// For stack sets, contains information about the last completed drift operation +// performed on the stack set. Information about drift operations in-progress +// is not included. +// +// For stack set operations, includes information about drift operations currently +// being performed on the stack set. +// +// For more information, see Detecting Unmanaged Changes in Stack Sets (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-drift.html) +// in the AWS CloudFormation User Guide. +type StackSetDriftDetectionDetails struct { + _ struct{} `type:"structure"` + + // The status of the stack set drift detection operation. + // + // * COMPLETED: The drift detection operation completed without failing on + // any stack instances. + // + // * FAILED: The drift detection operation exceeded the specified failure + // tolerance. + // + // * PARTIAL_SUCCESS: The drift detection operation completed without exceeding + // the failure tolerance for the operation. + // + // * IN_PROGRESS: The drift detection operation is currently being performed. + // + // * STOPPED: The user has cancelled the drift detection operation. + DriftDetectionStatus *string `type:"string" enum:"StackSetDriftDetectionStatus"` + + // Status of the stack set's actual configuration compared to its expected template + // and parameter configuration. A stack set is considered to have drifted if + // one or more of its stack instances have drifted from their expected template + // and parameter configuration. + // + // * DRIFTED: One or more of the stack instances belonging to the stack set + // stack differs from the expected template and parameter configuration. + // A stack instance is considered to have drifted if one or more of the resources + // in the associated stack have drifted. + // + // * NOT_CHECKED: AWS CloudFormation has not checked the stack set for drift. + // + // * IN_SYNC: All of the stack instances belonging to the stack set stack + // match from the expected template and parameter configuration. + DriftStatus *string `type:"string" enum:"StackSetDriftStatus"` + + // The number of stack instances that have drifted from the expected template + // and parameter configuration of the stack set. A stack instance is considered + // to have drifted if one or more of the resources in the associated stack do + // not match their expected configuration. + DriftedStackInstancesCount *int64 `type:"integer"` + + // The number of stack instances for which the drift detection operation failed. + FailedStackInstancesCount *int64 `type:"integer"` + + // The number of stack instances that are currently being checked for drift. + InProgressStackInstancesCount *int64 `type:"integer"` + + // The number of stack instances which match the expected template and parameter + // configuration of the stack set. + InSyncStackInstancesCount *int64 `type:"integer"` + + // Most recent time when CloudFormation performed a drift detection operation + // on the stack set. This value will be NULL for any stack set on which drift + // detection has not yet been performed. + LastDriftCheckTimestamp *time.Time `type:"timestamp"` + + // The total number of stack instances belonging to this stack set. + // + // The total number of stack instances is equal to the total of: + // + // * Stack instances that match the stack set configuration. + // + // * Stack instances that have drifted from the stack set configuration. + // + // * Stack instances where the drift detection operation has failed. + // + // * Stack instances currently being checked for drift. + TotalStackInstancesCount *int64 `type:"integer"` +} + +// String returns the string representation +func (s StackSetDriftDetectionDetails) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StackSetDriftDetectionDetails) GoString() string { + return s.String() +} + +// SetDriftDetectionStatus sets the DriftDetectionStatus field's value. +func (s *StackSetDriftDetectionDetails) SetDriftDetectionStatus(v string) *StackSetDriftDetectionDetails { + s.DriftDetectionStatus = &v + return s +} + +// SetDriftStatus sets the DriftStatus field's value. +func (s *StackSetDriftDetectionDetails) SetDriftStatus(v string) *StackSetDriftDetectionDetails { + s.DriftStatus = &v + return s +} + +// SetDriftedStackInstancesCount sets the DriftedStackInstancesCount field's value. +func (s *StackSetDriftDetectionDetails) SetDriftedStackInstancesCount(v int64) *StackSetDriftDetectionDetails { + s.DriftedStackInstancesCount = &v + return s +} + +// SetFailedStackInstancesCount sets the FailedStackInstancesCount field's value. +func (s *StackSetDriftDetectionDetails) SetFailedStackInstancesCount(v int64) *StackSetDriftDetectionDetails { + s.FailedStackInstancesCount = &v + return s +} + +// SetInProgressStackInstancesCount sets the InProgressStackInstancesCount field's value. +func (s *StackSetDriftDetectionDetails) SetInProgressStackInstancesCount(v int64) *StackSetDriftDetectionDetails { + s.InProgressStackInstancesCount = &v + return s +} + +// SetInSyncStackInstancesCount sets the InSyncStackInstancesCount field's value. +func (s *StackSetDriftDetectionDetails) SetInSyncStackInstancesCount(v int64) *StackSetDriftDetectionDetails { + s.InSyncStackInstancesCount = &v + return s +} + +// SetLastDriftCheckTimestamp sets the LastDriftCheckTimestamp field's value. +func (s *StackSetDriftDetectionDetails) SetLastDriftCheckTimestamp(v time.Time) *StackSetDriftDetectionDetails { + s.LastDriftCheckTimestamp = &v + return s +} + +// SetTotalStackInstancesCount sets the TotalStackInstancesCount field's value. +func (s *StackSetDriftDetectionDetails) SetTotalStackInstancesCount(v int64) *StackSetDriftDetectionDetails { + s.TotalStackInstancesCount = &v + return s +} + // The structure that contains information about a stack set operation. type StackSetOperation struct { _ struct{} `type:"structure"` @@ -13835,6 +14267,17 @@ type StackSetOperation struct { // stack to a new stack set. RetainStacks *bool `type:"boolean"` + // Detailed information about the drift status of the stack set. This includes + // information about drift operations currently being performed on the stack + // set. + // + // this information will only be present for stack set operations whose Action + // type is DETECT_DRIFT. + // + // For more information, see Detecting Unmanaged Changes in Stack Sets (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-drift.html) + // in the AWS CloudFormation User Guide. + StackSetDriftDetectionDetails *StackSetDriftDetectionDetails `type:"structure"` + // The ID of the stack set. StackSetId *string `type:"string"` @@ -13917,6 +14360,12 @@ func (s *StackSetOperation) SetRetainStacks(v bool) *StackSetOperation { return s } +// SetStackSetDriftDetectionDetails sets the StackSetDriftDetectionDetails field's value. +func (s *StackSetOperation) SetStackSetDriftDetectionDetails(v *StackSetDriftDetectionDetails) *StackSetOperation { + s.StackSetDriftDetectionDetails = v + return s +} + // SetStackSetId sets the StackSetId field's value. func (s *StackSetOperation) SetStackSetId(v string) *StackSetOperation { s.StackSetId = &v @@ -14221,6 +14670,29 @@ type StackSetSummary struct { // or updated. Description *string `min:"1" type:"string"` + // Status of the stack set's actual configuration compared to its expected template + // and parameter configuration. A stack set is considered to have drifted if + // one or more of its stack instances have drifted from their expected template + // and parameter configuration. + // + // * DRIFTED: One or more of the stack instances belonging to the stack set + // stack differs from the expected template and parameter configuration. + // A stack instance is considered to have drifted if one or more of the resources + // in the associated stack have drifted. + // + // * NOT_CHECKED: AWS CloudFormation has not checked the stack set for drift. + // + // * IN_SYNC: All of the stack instances belonging to the stack set stack + // match from the expected template and parameter configuration. + // + // * UNKNOWN: This value is reserved for future use. + DriftStatus *string `type:"string" enum:"StackDriftStatus"` + + // Most recent time when CloudFormation performed a drift detection operation + // on the stack set. This value will be NULL for any stack set on which drift + // detection has not yet been performed. + LastDriftCheckTimestamp *time.Time `type:"timestamp"` + // The ID of the stack set. StackSetId *string `type:"string"` @@ -14247,6 +14719,18 @@ func (s *StackSetSummary) SetDescription(v string) *StackSetSummary { return s } +// SetDriftStatus sets the DriftStatus field's value. +func (s *StackSetSummary) SetDriftStatus(v string) *StackSetSummary { + s.DriftStatus = &v + return s +} + +// SetLastDriftCheckTimestamp sets the LastDriftCheckTimestamp field's value. +func (s *StackSetSummary) SetLastDriftCheckTimestamp(v time.Time) *StackSetSummary { + s.LastDriftCheckTimestamp = &v + return s +} + // SetStackSetId sets the StackSetId field's value. func (s *StackSetSummary) SetStackSetId(v string) *StackSetSummary { s.StackSetId = &v @@ -16193,6 +16677,34 @@ const ( StackResourceDriftStatusNotChecked = "NOT_CHECKED" ) +const ( + // StackSetDriftDetectionStatusCompleted is a StackSetDriftDetectionStatus enum value + StackSetDriftDetectionStatusCompleted = "COMPLETED" + + // StackSetDriftDetectionStatusFailed is a StackSetDriftDetectionStatus enum value + StackSetDriftDetectionStatusFailed = "FAILED" + + // StackSetDriftDetectionStatusPartialSuccess is a StackSetDriftDetectionStatus enum value + StackSetDriftDetectionStatusPartialSuccess = "PARTIAL_SUCCESS" + + // StackSetDriftDetectionStatusInProgress is a StackSetDriftDetectionStatus enum value + StackSetDriftDetectionStatusInProgress = "IN_PROGRESS" + + // StackSetDriftDetectionStatusStopped is a StackSetDriftDetectionStatus enum value + StackSetDriftDetectionStatusStopped = "STOPPED" +) + +const ( + // StackSetDriftStatusDrifted is a StackSetDriftStatus enum value + StackSetDriftStatusDrifted = "DRIFTED" + + // StackSetDriftStatusInSync is a StackSetDriftStatus enum value + StackSetDriftStatusInSync = "IN_SYNC" + + // StackSetDriftStatusNotChecked is a StackSetDriftStatus enum value + StackSetDriftStatusNotChecked = "NOT_CHECKED" +) + const ( // StackSetOperationActionCreate is a StackSetOperationAction enum value StackSetOperationActionCreate = "CREATE" @@ -16202,6 +16714,9 @@ const ( // StackSetOperationActionDelete is a StackSetOperationAction enum value StackSetOperationActionDelete = "DELETE" + + // StackSetOperationActionDetectDrift is a StackSetOperationAction enum value + StackSetOperationActionDetectDrift = "DETECT_DRIFT" ) const ( diff --git a/service/cloudformation/cloudformationiface/interface.go b/service/cloudformation/cloudformationiface/interface.go index cd047b26088..f2953c38a84 100644 --- a/service/cloudformation/cloudformationiface/interface.go +++ b/service/cloudformation/cloudformationiface/interface.go @@ -173,6 +173,10 @@ type CloudFormationAPI interface { DetectStackResourceDriftWithContext(aws.Context, *cloudformation.DetectStackResourceDriftInput, ...request.Option) (*cloudformation.DetectStackResourceDriftOutput, error) DetectStackResourceDriftRequest(*cloudformation.DetectStackResourceDriftInput) (*request.Request, *cloudformation.DetectStackResourceDriftOutput) + DetectStackSetDrift(*cloudformation.DetectStackSetDriftInput) (*cloudformation.DetectStackSetDriftOutput, error) + DetectStackSetDriftWithContext(aws.Context, *cloudformation.DetectStackSetDriftInput, ...request.Option) (*cloudformation.DetectStackSetDriftOutput, error) + DetectStackSetDriftRequest(*cloudformation.DetectStackSetDriftInput) (*request.Request, *cloudformation.DetectStackSetDriftOutput) + EstimateTemplateCost(*cloudformation.EstimateTemplateCostInput) (*cloudformation.EstimateTemplateCostOutput, error) EstimateTemplateCostWithContext(aws.Context, *cloudformation.EstimateTemplateCostInput, ...request.Option) (*cloudformation.EstimateTemplateCostOutput, error) EstimateTemplateCostRequest(*cloudformation.EstimateTemplateCostInput) (*request.Request, *cloudformation.EstimateTemplateCostOutput) diff --git a/service/codebuild/api.go b/service/codebuild/api.go index 1b2174a993f..2f1afa6b367 100644 --- a/service/codebuild/api.go +++ b/service/codebuild/api.go @@ -136,7 +136,7 @@ func (c *CodeBuild) BatchGetBuildsRequest(input *BatchGetBuildsInput) (req *requ // BatchGetBuilds API operation for AWS CodeBuild. // -// Gets information about builds. +// Gets information about one or more builds. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -215,7 +215,7 @@ func (c *CodeBuild) BatchGetProjectsRequest(input *BatchGetProjectsInput) (req * // BatchGetProjects API operation for AWS CodeBuild. // -// Gets information about build projects. +// Gets information about one or more build projects. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4653,7 +4653,23 @@ type ProjectEnvironment struct { // // * BUILD_GENERAL1_MEDIUM: Use up to 7 GB memory and 4 vCPUs for builds. // - // * BUILD_GENERAL1_LARGE: Use up to 15 GB memory and 8 vCPUs for builds. + // * BUILD_GENERAL1_LARGE: Use up to 16 GB memory and 8 vCPUs for builds, + // depending on your environment type. + // + // * BUILD_GENERAL1_2XLARGE: Use up to 145 GB memory, 72 vCPUs, and 824 GB + // of SSD storage for builds. This compute type supports Docker images up + // to 100 GB uncompressed. + // + // If you use BUILD_GENERAL1_LARGE: + // + // * For environment type LINUX_CONTAINER, you can use up to 15 GB memory + // and 8 vCPUs for builds. + // + // * For environment type LINUX_GPU_CONTAINER, you can use up to 255 GB memory, + // 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. + // + // * For environment type ARM_CONTAINER, you can use up to 16 GB memory and + // 8 vCPUs on ARM-based processors for builds. // // For more information, see Build Environment Compute Types (https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) // in the AWS CodeBuild User Guide. @@ -4723,6 +4739,22 @@ type ProjectEnvironment struct { // The type of build environment to use for related builds. // + // * The environment type ARM_CONTAINER is available only in regions US East + // (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific + // (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). + // + // * The environment type LINUX_CONTAINER with compute type build.general1.2xlarge + // is available only in regions US East (N. Virginia), US East (N. Virginia), + // US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), + // Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), + // Asia Pacific (Sydney), China (Beijing), and China (Ningxia). + // + // * The environment type LINUX_GPU_CONTAINER is available only in regions + // US East (N. Virginia), US East (N. Virginia), US West (Oregon), Canada + // (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), + // Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) + // , China (Beijing), and China (Ningxia). + // // Type is a required field Type *string `locationName:"type" type:"string" required:"true" enum:"EnvironmentType"` } @@ -6674,6 +6706,9 @@ const ( // ComputeTypeBuildGeneral1Large is a ComputeType enum value ComputeTypeBuildGeneral1Large = "BUILD_GENERAL1_LARGE" + + // ComputeTypeBuildGeneral12xlarge is a ComputeType enum value + ComputeTypeBuildGeneral12xlarge = "BUILD_GENERAL1_2XLARGE" ) const ( @@ -6687,6 +6722,12 @@ const ( // EnvironmentTypeLinuxContainer is a EnvironmentType enum value EnvironmentTypeLinuxContainer = "LINUX_CONTAINER" + + // EnvironmentTypeLinuxGpuContainer is a EnvironmentType enum value + EnvironmentTypeLinuxGpuContainer = "LINUX_GPU_CONTAINER" + + // EnvironmentTypeArmContainer is a EnvironmentType enum value + EnvironmentTypeArmContainer = "ARM_CONTAINER" ) const ( diff --git a/service/codebuild/doc.go b/service/codebuild/doc.go index 880ee966667..c9e77dc3ed7 100644 --- a/service/codebuild/doc.go +++ b/service/codebuild/doc.go @@ -18,6 +18,8 @@ // // * BatchDeleteBuilds: Deletes one or more builds. // +// * BatchGetBuilds: Gets information about one or more builds. +// // * BatchGetProjects: Gets information about one or more build projects. // A build project defines how AWS CodeBuild runs a build. This includes // information such as where to get the source code to build, the build environment @@ -33,21 +35,21 @@ // CodeBuild to start rebuilding the source code every time a code change // is pushed to the repository. // -// * UpdateWebhook: Changes the settings of an existing webhook. -// // * DeleteProject: Deletes a build project. // +// * DeleteSourceCredentials: Deletes a set of GitHub, GitHub Enterprise, +// or Bitbucket source credentials. +// // * DeleteWebhook: For an existing AWS CodeBuild build project that has // its source code stored in a GitHub or Bitbucket repository, stops AWS // CodeBuild from rebuilding the source code every time a code change is // pushed to the repository. // -// * ListProjects: Gets a list of build project names, with each build project -// name representing a single build project. -// -// * UpdateProject: Changes the settings of an existing build project. +// * ImportSourceCredentials: Imports the source repository credentials for +// an AWS CodeBuild project that has its source code stored in a GitHub, +// GitHub Enterprise, or Bitbucket repository. // -// * BatchGetBuilds: Gets information about one or more builds. +// * InvalidateProjectCache: Resets the cache for a project. // // * ListBuilds: Gets a list of build IDs, with each build ID representing // a single build. @@ -55,24 +57,24 @@ // * ListBuildsForProject: Gets a list of build IDs for the specified build // project, with each build ID representing a single build. // -// * StartBuild: Starts running a build. -// -// * StopBuild: Attempts to stop running a build. -// // * ListCuratedEnvironmentImages: Gets information about Docker images that // are managed by AWS CodeBuild. // -// * DeleteSourceCredentials: Deletes a set of GitHub, GitHub Enterprise, -// or Bitbucket source credentials. -// -// * ImportSourceCredentials: Imports the source repository credentials for -// an AWS CodeBuild project that has its source code stored in a GitHub, -// GitHub Enterprise, or Bitbucket repository. +// * ListProjects: Gets a list of build project names, with each build project +// name representing a single build project. // // * ListSourceCredentials: Returns a list of SourceCredentialsInfo objects. // Each SourceCredentialsInfo object includes the authentication type, token // ARN, and type of source provider for one set of credentials. // +// * StartBuild: Starts running a build. +// +// * StopBuild: Attempts to stop running a build. +// +// * UpdateProject: Changes the settings of an existing build project. +// +// * UpdateWebhook: Changes the settings of an existing webhook. +// // See https://docs.aws.amazon.com/goto/WebAPI/codebuild-2016-10-06 for more information on this service. // // See codebuild package documentation for more information. diff --git a/service/configservice/api.go b/service/configservice/api.go index 8d209237b92..27240a47ef2 100644 --- a/service/configservice/api.go +++ b/service/configservice/api.go @@ -344,14 +344,14 @@ func (c *ConfigService) DeleteConfigRuleRequest(input *DeleteConfigRuleInput) (r // * ErrCodeResourceInUseException "ResourceInUseException" // You see this exception in the following cases: // -// * For DeleteConfigRule API, AWS Config is deleting this rule. Try your -// request again later. +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. // -// * For DeleteConfigRule API, the rule is deleting your evaluation results. +// * For DeleteConfigRule, the rule is deleting your evaluation results. // Try your request again later. // -// * For DeleteConfigRule API, a remediation action is associated with the -// rule and AWS Config cannot delete this rule. Delete the remediation action +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action // associated with the rule before deleting the rule and try your request // again later. // @@ -361,6 +361,13 @@ func (c *ConfigService) DeleteConfigRuleRequest(input *DeleteConfigRuleInput) (r // * For DeleteOrganizationConfigRule, organization config rule creation // is in progress. Try your request again later. // +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DeleteConfigRule func (c *ConfigService) DeleteConfigRule(input *DeleteConfigRuleInput) (*DeleteConfigRuleOutput, error) { req, out := c.DeleteConfigRuleRequest(input) @@ -553,6 +560,117 @@ func (c *ConfigService) DeleteConfigurationRecorderWithContext(ctx aws.Context, return out, req.Send() } +const opDeleteConformancePack = "DeleteConformancePack" + +// DeleteConformancePackRequest generates a "aws/request.Request" representing the +// client's request for the DeleteConformancePack operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteConformancePack for more information on using the DeleteConformancePack +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteConformancePackRequest method. +// req, resp := client.DeleteConformancePackRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DeleteConformancePack +func (c *ConfigService) DeleteConformancePackRequest(input *DeleteConformancePackInput) (req *request.Request, output *DeleteConformancePackOutput) { + op := &request.Operation{ + Name: opDeleteConformancePack, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteConformancePackInput{} + } + + output = &DeleteConformancePackOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteConformancePack API operation for AWS Config. +// +// Deletes the specified conformance pack and all the AWS Config rules and all +// evaluation results within that conformance pack. +// +// AWS Config sets the conformance pack to DELETE_IN_PROGRESS until the deletion +// is complete. You cannot update a conformance pack while it is in this state. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation DeleteConformancePack for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchConformancePackException "NoSuchConformancePackException" +// You specified one or more conformance packs that do not exist. +// +// * ErrCodeResourceInUseException "ResourceInUseException" +// You see this exception in the following cases: +// +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. +// +// * For DeleteConfigRule, the rule is deleting your evaluation results. +// Try your request again later. +// +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action +// associated with the rule before deleting the rule and try your request +// again later. +// +// * For PutConfigOrganizationRule, organization config rule deletion is +// in progress. Try your request again later. +// +// * For DeleteOrganizationConfigRule, organization config rule creation +// is in progress. Try your request again later. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DeleteConformancePack +func (c *ConfigService) DeleteConformancePack(input *DeleteConformancePackInput) (*DeleteConformancePackOutput, error) { + req, out := c.DeleteConformancePackRequest(input) + return out, req.Send() +} + +// DeleteConformancePackWithContext is the same as DeleteConformancePack with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteConformancePack for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) DeleteConformancePackWithContext(ctx aws.Context, input *DeleteConformancePackInput, opts ...request.Option) (*DeleteConformancePackOutput, error) { + req, out := c.DeleteConformancePackRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteDeliveryChannel = "DeleteDeliveryChannel" // DeleteDeliveryChannelRequest generates a "aws/request.Request" representing the @@ -705,14 +823,14 @@ func (c *ConfigService) DeleteEvaluationResultsRequest(input *DeleteEvaluationRe // * ErrCodeResourceInUseException "ResourceInUseException" // You see this exception in the following cases: // -// * For DeleteConfigRule API, AWS Config is deleting this rule. Try your -// request again later. +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. // -// * For DeleteConfigRule API, the rule is deleting your evaluation results. +// * For DeleteConfigRule, the rule is deleting your evaluation results. // Try your request again later. // -// * For DeleteConfigRule API, a remediation action is associated with the -// rule and AWS Config cannot delete this rule. Delete the remediation action +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action // associated with the rule before deleting the rule and try your request // again later. // @@ -722,6 +840,13 @@ func (c *ConfigService) DeleteEvaluationResultsRequest(input *DeleteEvaluationRe // * For DeleteOrganizationConfigRule, organization config rule creation // is in progress. Try your request again later. // +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DeleteEvaluationResults func (c *ConfigService) DeleteEvaluationResults(input *DeleteEvaluationResultsInput) (*DeleteEvaluationResultsOutput, error) { req, out := c.DeleteEvaluationResultsRequest(input) @@ -810,14 +935,14 @@ func (c *ConfigService) DeleteOrganizationConfigRuleRequest(input *DeleteOrganiz // * ErrCodeResourceInUseException "ResourceInUseException" // You see this exception in the following cases: // -// * For DeleteConfigRule API, AWS Config is deleting this rule. Try your -// request again later. +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. // -// * For DeleteConfigRule API, the rule is deleting your evaluation results. +// * For DeleteConfigRule, the rule is deleting your evaluation results. // Try your request again later. // -// * For DeleteConfigRule API, a remediation action is associated with the -// rule and AWS Config cannot delete this rule. Delete the remediation action +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action // associated with the rule before deleting the rule and try your request // again later. // @@ -827,13 +952,20 @@ func (c *ConfigService) DeleteOrganizationConfigRuleRequest(input *DeleteOrganiz // * For DeleteOrganizationConfigRule, organization config rule creation // is in progress. Try your request again later. // +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// // * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" // For PutConfigAggregator API, no permission to call EnableAWSServiceAccess // API. // -// For all OrganizationConfigRule APIs, AWS Config throws an exception if APIs -// are called from member accounts. All APIs must be called from organization -// master account. +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. // // See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DeleteOrganizationConfigRule func (c *ConfigService) DeleteOrganizationConfigRule(input *DeleteOrganizationConfigRuleInput) (*DeleteOrganizationConfigRuleOutput, error) { @@ -857,6 +989,131 @@ func (c *ConfigService) DeleteOrganizationConfigRuleWithContext(ctx aws.Context, return out, req.Send() } +const opDeleteOrganizationConformancePack = "DeleteOrganizationConformancePack" + +// DeleteOrganizationConformancePackRequest generates a "aws/request.Request" representing the +// client's request for the DeleteOrganizationConformancePack operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteOrganizationConformancePack for more information on using the DeleteOrganizationConformancePack +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteOrganizationConformancePackRequest method. +// req, resp := client.DeleteOrganizationConformancePackRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DeleteOrganizationConformancePack +func (c *ConfigService) DeleteOrganizationConformancePackRequest(input *DeleteOrganizationConformancePackInput) (req *request.Request, output *DeleteOrganizationConformancePackOutput) { + op := &request.Operation{ + Name: opDeleteOrganizationConformancePack, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteOrganizationConformancePackInput{} + } + + output = &DeleteOrganizationConformancePackOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteOrganizationConformancePack API operation for AWS Config. +// +// Deletes the specified organization conformance pack and all of the config +// rules and remediation actions from all member accounts in that organization. +// Only a master account can delete an organization conformance pack. +// +// AWS Config sets the state of a conformance pack to DELETE_IN_PROGRESS until +// the deletion is complete. You cannot update a conformance pack while it is +// in this state. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation DeleteOrganizationConformancePack for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchOrganizationConformancePackException "NoSuchOrganizationConformancePackException" +// AWS Config organization conformance pack that you passed in the filter does +// not exist. +// +// For DeleteOrganizationConformancePack, you tried to delete an organization +// conformance pack that does not exist. +// +// * ErrCodeResourceInUseException "ResourceInUseException" +// You see this exception in the following cases: +// +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. +// +// * For DeleteConfigRule, the rule is deleting your evaluation results. +// Try your request again later. +// +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action +// associated with the rule before deleting the rule and try your request +// again later. +// +// * For PutConfigOrganizationRule, organization config rule deletion is +// in progress. Try your request again later. +// +// * For DeleteOrganizationConfigRule, organization config rule creation +// is in progress. Try your request again later. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// +// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" +// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess +// API. +// +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DeleteOrganizationConformancePack +func (c *ConfigService) DeleteOrganizationConformancePack(input *DeleteOrganizationConformancePackInput) (*DeleteOrganizationConformancePackOutput, error) { + req, out := c.DeleteOrganizationConformancePackRequest(input) + return out, req.Send() +} + +// DeleteOrganizationConformancePackWithContext is the same as DeleteOrganizationConformancePack with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteOrganizationConformancePack for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) DeleteOrganizationConformancePackWithContext(ctx aws.Context, input *DeleteOrganizationConformancePackInput, opts ...request.Option) (*DeleteOrganizationConformancePackOutput, error) { + req, out := c.DeleteOrganizationConformancePackRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeletePendingAggregationRequest = "DeletePendingAggregationRequest" // DeletePendingAggregationRequestRequest generates a "aws/request.Request" representing the @@ -2209,239 +2466,241 @@ func (c *ConfigService) DescribeConfigurationRecordersWithContext(ctx aws.Contex return out, req.Send() } -const opDescribeDeliveryChannelStatus = "DescribeDeliveryChannelStatus" +const opDescribeConformancePackCompliance = "DescribeConformancePackCompliance" -// DescribeDeliveryChannelStatusRequest generates a "aws/request.Request" representing the -// client's request for the DescribeDeliveryChannelStatus operation. The "output" return +// DescribeConformancePackComplianceRequest generates a "aws/request.Request" representing the +// client's request for the DescribeConformancePackCompliance operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeDeliveryChannelStatus for more information on using the DescribeDeliveryChannelStatus +// See DescribeConformancePackCompliance for more information on using the DescribeConformancePackCompliance // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribeDeliveryChannelStatusRequest method. -// req, resp := client.DescribeDeliveryChannelStatusRequest(params) +// // Example sending a request using the DescribeConformancePackComplianceRequest method. +// req, resp := client.DescribeConformancePackComplianceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeDeliveryChannelStatus -func (c *ConfigService) DescribeDeliveryChannelStatusRequest(input *DescribeDeliveryChannelStatusInput) (req *request.Request, output *DescribeDeliveryChannelStatusOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeConformancePackCompliance +func (c *ConfigService) DescribeConformancePackComplianceRequest(input *DescribeConformancePackComplianceInput) (req *request.Request, output *DescribeConformancePackComplianceOutput) { op := &request.Operation{ - Name: opDescribeDeliveryChannelStatus, + Name: opDescribeConformancePackCompliance, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribeDeliveryChannelStatusInput{} + input = &DescribeConformancePackComplianceInput{} } - output = &DescribeDeliveryChannelStatusOutput{} + output = &DescribeConformancePackComplianceOutput{} req = c.newRequest(op, input, output) return } -// DescribeDeliveryChannelStatus API operation for AWS Config. +// DescribeConformancePackCompliance API operation for AWS Config. // -// Returns the current status of the specified delivery channel. If a delivery -// channel is not specified, this action returns the current status of all delivery -// channels associated with the account. +// Returns compliance information for each rule in that conformance pack. // -// Currently, you can specify only one delivery channel per region in your account. +// You must provide exact rule names otherwise AWS Config cannot return evaluation +// results due to insufficient data. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation DescribeDeliveryChannelStatus for usage and error information. +// API operation DescribeConformancePackCompliance for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchDeliveryChannelException "NoSuchDeliveryChannelException" -// You have specified a delivery channel that does not exist. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeDeliveryChannelStatus -func (c *ConfigService) DescribeDeliveryChannelStatus(input *DescribeDeliveryChannelStatusInput) (*DescribeDeliveryChannelStatusOutput, error) { - req, out := c.DescribeDeliveryChannelStatusRequest(input) +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. +// +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. +// +// * ErrCodeNoSuchConfigRuleInConformancePackException "NoSuchConfigRuleInConformancePackException" +// AWS Config rule that you passed in the filter does not exist. +// +// * ErrCodeNoSuchConformancePackException "NoSuchConformancePackException" +// You specified one or more conformance packs that do not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeConformancePackCompliance +func (c *ConfigService) DescribeConformancePackCompliance(input *DescribeConformancePackComplianceInput) (*DescribeConformancePackComplianceOutput, error) { + req, out := c.DescribeConformancePackComplianceRequest(input) return out, req.Send() } -// DescribeDeliveryChannelStatusWithContext is the same as DescribeDeliveryChannelStatus with the addition of +// DescribeConformancePackComplianceWithContext is the same as DescribeConformancePackCompliance with the addition of // the ability to pass a context and additional request options. // -// See DescribeDeliveryChannelStatus for details on how to use this API operation. +// See DescribeConformancePackCompliance for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) DescribeDeliveryChannelStatusWithContext(ctx aws.Context, input *DescribeDeliveryChannelStatusInput, opts ...request.Option) (*DescribeDeliveryChannelStatusOutput, error) { - req, out := c.DescribeDeliveryChannelStatusRequest(input) +func (c *ConfigService) DescribeConformancePackComplianceWithContext(ctx aws.Context, input *DescribeConformancePackComplianceInput, opts ...request.Option) (*DescribeConformancePackComplianceOutput, error) { + req, out := c.DescribeConformancePackComplianceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeDeliveryChannels = "DescribeDeliveryChannels" +const opDescribeConformancePackStatus = "DescribeConformancePackStatus" -// DescribeDeliveryChannelsRequest generates a "aws/request.Request" representing the -// client's request for the DescribeDeliveryChannels operation. The "output" return +// DescribeConformancePackStatusRequest generates a "aws/request.Request" representing the +// client's request for the DescribeConformancePackStatus operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeDeliveryChannels for more information on using the DescribeDeliveryChannels +// See DescribeConformancePackStatus for more information on using the DescribeConformancePackStatus // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribeDeliveryChannelsRequest method. -// req, resp := client.DescribeDeliveryChannelsRequest(params) +// // Example sending a request using the DescribeConformancePackStatusRequest method. +// req, resp := client.DescribeConformancePackStatusRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeDeliveryChannels -func (c *ConfigService) DescribeDeliveryChannelsRequest(input *DescribeDeliveryChannelsInput) (req *request.Request, output *DescribeDeliveryChannelsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeConformancePackStatus +func (c *ConfigService) DescribeConformancePackStatusRequest(input *DescribeConformancePackStatusInput) (req *request.Request, output *DescribeConformancePackStatusOutput) { op := &request.Operation{ - Name: opDescribeDeliveryChannels, + Name: opDescribeConformancePackStatus, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribeDeliveryChannelsInput{} + input = &DescribeConformancePackStatusInput{} } - output = &DescribeDeliveryChannelsOutput{} + output = &DescribeConformancePackStatusOutput{} req = c.newRequest(op, input, output) return } -// DescribeDeliveryChannels API operation for AWS Config. -// -// Returns details about the specified delivery channel. If a delivery channel -// is not specified, this action returns the details of all delivery channels -// associated with the account. +// DescribeConformancePackStatus API operation for AWS Config. // -// Currently, you can specify only one delivery channel per region in your account. +// Provides one or more conformance packs deployment status. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation DescribeDeliveryChannels for usage and error information. +// API operation DescribeConformancePackStatus for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchDeliveryChannelException "NoSuchDeliveryChannelException" -// You have specified a delivery channel that does not exist. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeDeliveryChannels -func (c *ConfigService) DescribeDeliveryChannels(input *DescribeDeliveryChannelsInput) (*DescribeDeliveryChannelsOutput, error) { - req, out := c.DescribeDeliveryChannelsRequest(input) +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeConformancePackStatus +func (c *ConfigService) DescribeConformancePackStatus(input *DescribeConformancePackStatusInput) (*DescribeConformancePackStatusOutput, error) { + req, out := c.DescribeConformancePackStatusRequest(input) return out, req.Send() } -// DescribeDeliveryChannelsWithContext is the same as DescribeDeliveryChannels with the addition of +// DescribeConformancePackStatusWithContext is the same as DescribeConformancePackStatus with the addition of // the ability to pass a context and additional request options. // -// See DescribeDeliveryChannels for details on how to use this API operation. +// See DescribeConformancePackStatus for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) DescribeDeliveryChannelsWithContext(ctx aws.Context, input *DescribeDeliveryChannelsInput, opts ...request.Option) (*DescribeDeliveryChannelsOutput, error) { - req, out := c.DescribeDeliveryChannelsRequest(input) +func (c *ConfigService) DescribeConformancePackStatusWithContext(ctx aws.Context, input *DescribeConformancePackStatusInput, opts ...request.Option) (*DescribeConformancePackStatusOutput, error) { + req, out := c.DescribeConformancePackStatusRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeOrganizationConfigRuleStatuses = "DescribeOrganizationConfigRuleStatuses" +const opDescribeConformancePacks = "DescribeConformancePacks" -// DescribeOrganizationConfigRuleStatusesRequest generates a "aws/request.Request" representing the -// client's request for the DescribeOrganizationConfigRuleStatuses operation. The "output" return +// DescribeConformancePacksRequest generates a "aws/request.Request" representing the +// client's request for the DescribeConformancePacks operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeOrganizationConfigRuleStatuses for more information on using the DescribeOrganizationConfigRuleStatuses +// See DescribeConformancePacks for more information on using the DescribeConformancePacks // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribeOrganizationConfigRuleStatusesRequest method. -// req, resp := client.DescribeOrganizationConfigRuleStatusesRequest(params) +// // Example sending a request using the DescribeConformancePacksRequest method. +// req, resp := client.DescribeConformancePacksRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConfigRuleStatuses -func (c *ConfigService) DescribeOrganizationConfigRuleStatusesRequest(input *DescribeOrganizationConfigRuleStatusesInput) (req *request.Request, output *DescribeOrganizationConfigRuleStatusesOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeConformancePacks +func (c *ConfigService) DescribeConformancePacksRequest(input *DescribeConformancePacksInput) (req *request.Request, output *DescribeConformancePacksOutput) { op := &request.Operation{ - Name: opDescribeOrganizationConfigRuleStatuses, + Name: opDescribeConformancePacks, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribeOrganizationConfigRuleStatusesInput{} + input = &DescribeConformancePacksInput{} } - output = &DescribeOrganizationConfigRuleStatusesOutput{} + output = &DescribeConformancePacksOutput{} req = c.newRequest(op, input, output) return } -// DescribeOrganizationConfigRuleStatuses API operation for AWS Config. -// -// Provides organization config rule deployment status for an organization. +// DescribeConformancePacks API operation for AWS Config. // -// The status is not considered successful until organization config rule is -// successfully deployed in all the member accounts with an exception of excluded -// accounts. -// -// When you specify the limit and the next token, you receive a paginated response. -// Limit and next token are not applicable if you specify organization config -// rule names. It is only applicable, when you request all the organization -// config rules. -// -// Only a master account can call this API. +// Returns a list of one or more conformance packs. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation DescribeOrganizationConfigRuleStatuses for usage and error information. +// API operation DescribeConformancePacks for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchOrganizationConfigRuleException "NoSuchOrganizationConfigRuleException" -// You specified one or more organization config rules that do not exist. +// * ErrCodeNoSuchConformancePackException "NoSuchConformancePackException" +// You specified one or more conformance packs that do not exist. // // * ErrCodeInvalidLimitException "InvalidLimitException" // The specified limit is outside the allowable range. @@ -2450,4115 +2709,5577 @@ func (c *ConfigService) DescribeOrganizationConfigRuleStatusesRequest(input *Des // The specified next token is invalid. Specify the nextToken string that was // returned in the previous response to get the next page of results. // -// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" -// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess -// API. -// -// For all OrganizationConfigRule APIs, AWS Config throws an exception if APIs -// are called from member accounts. All APIs must be called from organization -// master account. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConfigRuleStatuses -func (c *ConfigService) DescribeOrganizationConfigRuleStatuses(input *DescribeOrganizationConfigRuleStatusesInput) (*DescribeOrganizationConfigRuleStatusesOutput, error) { - req, out := c.DescribeOrganizationConfigRuleStatusesRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeConformancePacks +func (c *ConfigService) DescribeConformancePacks(input *DescribeConformancePacksInput) (*DescribeConformancePacksOutput, error) { + req, out := c.DescribeConformancePacksRequest(input) return out, req.Send() } -// DescribeOrganizationConfigRuleStatusesWithContext is the same as DescribeOrganizationConfigRuleStatuses with the addition of +// DescribeConformancePacksWithContext is the same as DescribeConformancePacks with the addition of // the ability to pass a context and additional request options. // -// See DescribeOrganizationConfigRuleStatuses for details on how to use this API operation. +// See DescribeConformancePacks for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) DescribeOrganizationConfigRuleStatusesWithContext(ctx aws.Context, input *DescribeOrganizationConfigRuleStatusesInput, opts ...request.Option) (*DescribeOrganizationConfigRuleStatusesOutput, error) { - req, out := c.DescribeOrganizationConfigRuleStatusesRequest(input) +func (c *ConfigService) DescribeConformancePacksWithContext(ctx aws.Context, input *DescribeConformancePacksInput, opts ...request.Option) (*DescribeConformancePacksOutput, error) { + req, out := c.DescribeConformancePacksRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeOrganizationConfigRules = "DescribeOrganizationConfigRules" +const opDescribeDeliveryChannelStatus = "DescribeDeliveryChannelStatus" -// DescribeOrganizationConfigRulesRequest generates a "aws/request.Request" representing the -// client's request for the DescribeOrganizationConfigRules operation. The "output" return +// DescribeDeliveryChannelStatusRequest generates a "aws/request.Request" representing the +// client's request for the DescribeDeliveryChannelStatus operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeOrganizationConfigRules for more information on using the DescribeOrganizationConfigRules +// See DescribeDeliveryChannelStatus for more information on using the DescribeDeliveryChannelStatus // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribeOrganizationConfigRulesRequest method. -// req, resp := client.DescribeOrganizationConfigRulesRequest(params) +// // Example sending a request using the DescribeDeliveryChannelStatusRequest method. +// req, resp := client.DescribeDeliveryChannelStatusRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConfigRules -func (c *ConfigService) DescribeOrganizationConfigRulesRequest(input *DescribeOrganizationConfigRulesInput) (req *request.Request, output *DescribeOrganizationConfigRulesOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeDeliveryChannelStatus +func (c *ConfigService) DescribeDeliveryChannelStatusRequest(input *DescribeDeliveryChannelStatusInput) (req *request.Request, output *DescribeDeliveryChannelStatusOutput) { op := &request.Operation{ - Name: opDescribeOrganizationConfigRules, + Name: opDescribeDeliveryChannelStatus, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribeOrganizationConfigRulesInput{} + input = &DescribeDeliveryChannelStatusInput{} } - output = &DescribeOrganizationConfigRulesOutput{} + output = &DescribeDeliveryChannelStatusOutput{} req = c.newRequest(op, input, output) return } -// DescribeOrganizationConfigRules API operation for AWS Config. -// -// Returns a list of organization config rules. +// DescribeDeliveryChannelStatus API operation for AWS Config. // -// When you specify the limit and the next token, you receive a paginated response. -// Limit and next token are not applicable if you specify organization config -// rule names. It is only applicable, when you request all the organization -// config rules. +// Returns the current status of the specified delivery channel. If a delivery +// channel is not specified, this action returns the current status of all delivery +// channels associated with the account. // -// Only a master account can call this API. +// Currently, you can specify only one delivery channel per region in your account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation DescribeOrganizationConfigRules for usage and error information. +// API operation DescribeDeliveryChannelStatus for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchOrganizationConfigRuleException "NoSuchOrganizationConfigRuleException" -// You specified one or more organization config rules that do not exist. -// -// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" -// The specified next token is invalid. Specify the nextToken string that was -// returned in the previous response to get the next page of results. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. -// -// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" -// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess -// API. -// -// For all OrganizationConfigRule APIs, AWS Config throws an exception if APIs -// are called from member accounts. All APIs must be called from organization -// master account. +// * ErrCodeNoSuchDeliveryChannelException "NoSuchDeliveryChannelException" +// You have specified a delivery channel that does not exist. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConfigRules -func (c *ConfigService) DescribeOrganizationConfigRules(input *DescribeOrganizationConfigRulesInput) (*DescribeOrganizationConfigRulesOutput, error) { - req, out := c.DescribeOrganizationConfigRulesRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeDeliveryChannelStatus +func (c *ConfigService) DescribeDeliveryChannelStatus(input *DescribeDeliveryChannelStatusInput) (*DescribeDeliveryChannelStatusOutput, error) { + req, out := c.DescribeDeliveryChannelStatusRequest(input) return out, req.Send() } -// DescribeOrganizationConfigRulesWithContext is the same as DescribeOrganizationConfigRules with the addition of +// DescribeDeliveryChannelStatusWithContext is the same as DescribeDeliveryChannelStatus with the addition of // the ability to pass a context and additional request options. // -// See DescribeOrganizationConfigRules for details on how to use this API operation. +// See DescribeDeliveryChannelStatus for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) DescribeOrganizationConfigRulesWithContext(ctx aws.Context, input *DescribeOrganizationConfigRulesInput, opts ...request.Option) (*DescribeOrganizationConfigRulesOutput, error) { - req, out := c.DescribeOrganizationConfigRulesRequest(input) +func (c *ConfigService) DescribeDeliveryChannelStatusWithContext(ctx aws.Context, input *DescribeDeliveryChannelStatusInput, opts ...request.Option) (*DescribeDeliveryChannelStatusOutput, error) { + req, out := c.DescribeDeliveryChannelStatusRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribePendingAggregationRequests = "DescribePendingAggregationRequests" +const opDescribeDeliveryChannels = "DescribeDeliveryChannels" -// DescribePendingAggregationRequestsRequest generates a "aws/request.Request" representing the -// client's request for the DescribePendingAggregationRequests operation. The "output" return +// DescribeDeliveryChannelsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeDeliveryChannels operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribePendingAggregationRequests for more information on using the DescribePendingAggregationRequests +// See DescribeDeliveryChannels for more information on using the DescribeDeliveryChannels // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribePendingAggregationRequestsRequest method. -// req, resp := client.DescribePendingAggregationRequestsRequest(params) +// // Example sending a request using the DescribeDeliveryChannelsRequest method. +// req, resp := client.DescribeDeliveryChannelsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribePendingAggregationRequests -func (c *ConfigService) DescribePendingAggregationRequestsRequest(input *DescribePendingAggregationRequestsInput) (req *request.Request, output *DescribePendingAggregationRequestsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeDeliveryChannels +func (c *ConfigService) DescribeDeliveryChannelsRequest(input *DescribeDeliveryChannelsInput) (req *request.Request, output *DescribeDeliveryChannelsOutput) { op := &request.Operation{ - Name: opDescribePendingAggregationRequests, + Name: opDescribeDeliveryChannels, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribePendingAggregationRequestsInput{} + input = &DescribeDeliveryChannelsInput{} } - output = &DescribePendingAggregationRequestsOutput{} + output = &DescribeDeliveryChannelsOutput{} req = c.newRequest(op, input, output) return } -// DescribePendingAggregationRequests API operation for AWS Config. +// DescribeDeliveryChannels API operation for AWS Config. // -// Returns a list of all pending aggregation requests. +// Returns details about the specified delivery channel. If a delivery channel +// is not specified, this action returns the details of all delivery channels +// associated with the account. +// +// Currently, you can specify only one delivery channel per region in your account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation DescribePendingAggregationRequests for usage and error information. +// API operation DescribeDeliveryChannels for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. -// -// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" -// The specified next token is invalid. Specify the nextToken string that was -// returned in the previous response to get the next page of results. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. +// * ErrCodeNoSuchDeliveryChannelException "NoSuchDeliveryChannelException" +// You have specified a delivery channel that does not exist. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribePendingAggregationRequests -func (c *ConfigService) DescribePendingAggregationRequests(input *DescribePendingAggregationRequestsInput) (*DescribePendingAggregationRequestsOutput, error) { - req, out := c.DescribePendingAggregationRequestsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeDeliveryChannels +func (c *ConfigService) DescribeDeliveryChannels(input *DescribeDeliveryChannelsInput) (*DescribeDeliveryChannelsOutput, error) { + req, out := c.DescribeDeliveryChannelsRequest(input) return out, req.Send() } -// DescribePendingAggregationRequestsWithContext is the same as DescribePendingAggregationRequests with the addition of +// DescribeDeliveryChannelsWithContext is the same as DescribeDeliveryChannels with the addition of // the ability to pass a context and additional request options. // -// See DescribePendingAggregationRequests for details on how to use this API operation. +// See DescribeDeliveryChannels for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) DescribePendingAggregationRequestsWithContext(ctx aws.Context, input *DescribePendingAggregationRequestsInput, opts ...request.Option) (*DescribePendingAggregationRequestsOutput, error) { - req, out := c.DescribePendingAggregationRequestsRequest(input) +func (c *ConfigService) DescribeDeliveryChannelsWithContext(ctx aws.Context, input *DescribeDeliveryChannelsInput, opts ...request.Option) (*DescribeDeliveryChannelsOutput, error) { + req, out := c.DescribeDeliveryChannelsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeRemediationConfigurations = "DescribeRemediationConfigurations" +const opDescribeOrganizationConfigRuleStatuses = "DescribeOrganizationConfigRuleStatuses" -// DescribeRemediationConfigurationsRequest generates a "aws/request.Request" representing the -// client's request for the DescribeRemediationConfigurations operation. The "output" return +// DescribeOrganizationConfigRuleStatusesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeOrganizationConfigRuleStatuses operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeRemediationConfigurations for more information on using the DescribeRemediationConfigurations +// See DescribeOrganizationConfigRuleStatuses for more information on using the DescribeOrganizationConfigRuleStatuses // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribeRemediationConfigurationsRequest method. -// req, resp := client.DescribeRemediationConfigurationsRequest(params) +// // Example sending a request using the DescribeOrganizationConfigRuleStatusesRequest method. +// req, resp := client.DescribeOrganizationConfigRuleStatusesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationConfigurations -func (c *ConfigService) DescribeRemediationConfigurationsRequest(input *DescribeRemediationConfigurationsInput) (req *request.Request, output *DescribeRemediationConfigurationsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConfigRuleStatuses +func (c *ConfigService) DescribeOrganizationConfigRuleStatusesRequest(input *DescribeOrganizationConfigRuleStatusesInput) (req *request.Request, output *DescribeOrganizationConfigRuleStatusesOutput) { op := &request.Operation{ - Name: opDescribeRemediationConfigurations, + Name: opDescribeOrganizationConfigRuleStatuses, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribeRemediationConfigurationsInput{} + input = &DescribeOrganizationConfigRuleStatusesInput{} } - output = &DescribeRemediationConfigurationsOutput{} + output = &DescribeOrganizationConfigRuleStatusesOutput{} req = c.newRequest(op, input, output) return } -// DescribeRemediationConfigurations API operation for AWS Config. +// DescribeOrganizationConfigRuleStatuses API operation for AWS Config. // -// Returns the details of one or more remediation configurations. +// Provides organization config rule deployment status for an organization. +// +// The status is not considered successful until organization config rule is +// successfully deployed in all the member accounts with an exception of excluded +// accounts. +// +// When you specify the limit and the next token, you receive a paginated response. +// Limit and next token are not applicable if you specify organization config +// rule names. It is only applicable, when you request all the organization +// config rules. +// +// Only a master account can call this API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation DescribeRemediationConfigurations for usage and error information. -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationConfigurations -func (c *ConfigService) DescribeRemediationConfigurations(input *DescribeRemediationConfigurationsInput) (*DescribeRemediationConfigurationsOutput, error) { - req, out := c.DescribeRemediationConfigurationsRequest(input) +// API operation DescribeOrganizationConfigRuleStatuses for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchOrganizationConfigRuleException "NoSuchOrganizationConfigRuleException" +// You specified one or more organization config rules that do not exist. +// +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. +// +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. +// +// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" +// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess +// API. +// +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConfigRuleStatuses +func (c *ConfigService) DescribeOrganizationConfigRuleStatuses(input *DescribeOrganizationConfigRuleStatusesInput) (*DescribeOrganizationConfigRuleStatusesOutput, error) { + req, out := c.DescribeOrganizationConfigRuleStatusesRequest(input) return out, req.Send() } -// DescribeRemediationConfigurationsWithContext is the same as DescribeRemediationConfigurations with the addition of +// DescribeOrganizationConfigRuleStatusesWithContext is the same as DescribeOrganizationConfigRuleStatuses with the addition of // the ability to pass a context and additional request options. // -// See DescribeRemediationConfigurations for details on how to use this API operation. +// See DescribeOrganizationConfigRuleStatuses for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) DescribeRemediationConfigurationsWithContext(ctx aws.Context, input *DescribeRemediationConfigurationsInput, opts ...request.Option) (*DescribeRemediationConfigurationsOutput, error) { - req, out := c.DescribeRemediationConfigurationsRequest(input) +func (c *ConfigService) DescribeOrganizationConfigRuleStatusesWithContext(ctx aws.Context, input *DescribeOrganizationConfigRuleStatusesInput, opts ...request.Option) (*DescribeOrganizationConfigRuleStatusesOutput, error) { + req, out := c.DescribeOrganizationConfigRuleStatusesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeRemediationExceptions = "DescribeRemediationExceptions" +const opDescribeOrganizationConfigRules = "DescribeOrganizationConfigRules" -// DescribeRemediationExceptionsRequest generates a "aws/request.Request" representing the -// client's request for the DescribeRemediationExceptions operation. The "output" return +// DescribeOrganizationConfigRulesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeOrganizationConfigRules operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeRemediationExceptions for more information on using the DescribeRemediationExceptions +// See DescribeOrganizationConfigRules for more information on using the DescribeOrganizationConfigRules // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribeRemediationExceptionsRequest method. -// req, resp := client.DescribeRemediationExceptionsRequest(params) +// // Example sending a request using the DescribeOrganizationConfigRulesRequest method. +// req, resp := client.DescribeOrganizationConfigRulesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationExceptions -func (c *ConfigService) DescribeRemediationExceptionsRequest(input *DescribeRemediationExceptionsInput) (req *request.Request, output *DescribeRemediationExceptionsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConfigRules +func (c *ConfigService) DescribeOrganizationConfigRulesRequest(input *DescribeOrganizationConfigRulesInput) (req *request.Request, output *DescribeOrganizationConfigRulesOutput) { op := &request.Operation{ - Name: opDescribeRemediationExceptions, + Name: opDescribeOrganizationConfigRules, HTTPMethod: "POST", HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"NextToken"}, - OutputTokens: []string{"NextToken"}, - LimitToken: "Limit", - TruncationToken: "", - }, } if input == nil { - input = &DescribeRemediationExceptionsInput{} + input = &DescribeOrganizationConfigRulesInput{} } - output = &DescribeRemediationExceptionsOutput{} + output = &DescribeOrganizationConfigRulesOutput{} req = c.newRequest(op, input, output) return } -// DescribeRemediationExceptions API operation for AWS Config. +// DescribeOrganizationConfigRules API operation for AWS Config. // -// Returns the details of one or more remediation exceptions. A detailed view -// of a remediation exception for a set of resources that includes an explanation -// of an exception and the time when the exception will be deleted. When you -// specify the limit and the next token, you receive a paginated response. +// Returns a list of organization config rules. // // When you specify the limit and the next token, you receive a paginated response. +// Limit and next token are not applicable if you specify organization config +// rule names. It is only applicable, when you request all the organization +// config rules. // -// Limit and next token are not applicable if you request resources in batch. -// It is only applicable, when you request all resources. +// Only a master account can call this API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation DescribeRemediationExceptions for usage and error information. +// API operation DescribeOrganizationConfigRules for usage and error information. // // Returned Error Codes: +// * ErrCodeNoSuchOrganizationConfigRuleException "NoSuchOrganizationConfigRuleException" +// You specified one or more organization config rules that do not exist. +// // * ErrCodeInvalidNextTokenException "InvalidNextTokenException" // The specified next token is invalid. Specify the nextToken string that was // returned in the previous response to get the next page of results. // -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationExceptions -func (c *ConfigService) DescribeRemediationExceptions(input *DescribeRemediationExceptionsInput) (*DescribeRemediationExceptionsOutput, error) { - req, out := c.DescribeRemediationExceptionsRequest(input) +// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" +// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess +// API. +// +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConfigRules +func (c *ConfigService) DescribeOrganizationConfigRules(input *DescribeOrganizationConfigRulesInput) (*DescribeOrganizationConfigRulesOutput, error) { + req, out := c.DescribeOrganizationConfigRulesRequest(input) return out, req.Send() } -// DescribeRemediationExceptionsWithContext is the same as DescribeRemediationExceptions with the addition of +// DescribeOrganizationConfigRulesWithContext is the same as DescribeOrganizationConfigRules with the addition of // the ability to pass a context and additional request options. // -// See DescribeRemediationExceptions for details on how to use this API operation. +// See DescribeOrganizationConfigRules for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) DescribeRemediationExceptionsWithContext(ctx aws.Context, input *DescribeRemediationExceptionsInput, opts ...request.Option) (*DescribeRemediationExceptionsOutput, error) { - req, out := c.DescribeRemediationExceptionsRequest(input) +func (c *ConfigService) DescribeOrganizationConfigRulesWithContext(ctx aws.Context, input *DescribeOrganizationConfigRulesInput, opts ...request.Option) (*DescribeOrganizationConfigRulesOutput, error) { + req, out := c.DescribeOrganizationConfigRulesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// DescribeRemediationExceptionsPages iterates over the pages of a DescribeRemediationExceptions operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See DescribeRemediationExceptions method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a DescribeRemediationExceptions operation. -// pageNum := 0 -// err := client.DescribeRemediationExceptionsPages(params, -// func(page *configservice.DescribeRemediationExceptionsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -// -func (c *ConfigService) DescribeRemediationExceptionsPages(input *DescribeRemediationExceptionsInput, fn func(*DescribeRemediationExceptionsOutput, bool) bool) error { - return c.DescribeRemediationExceptionsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// DescribeRemediationExceptionsPagesWithContext same as DescribeRemediationExceptionsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *ConfigService) DescribeRemediationExceptionsPagesWithContext(ctx aws.Context, input *DescribeRemediationExceptionsInput, fn func(*DescribeRemediationExceptionsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *DescribeRemediationExceptionsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.DescribeRemediationExceptionsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*DescribeRemediationExceptionsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opDescribeRemediationExecutionStatus = "DescribeRemediationExecutionStatus" +const opDescribeOrganizationConformancePackStatuses = "DescribeOrganizationConformancePackStatuses" -// DescribeRemediationExecutionStatusRequest generates a "aws/request.Request" representing the -// client's request for the DescribeRemediationExecutionStatus operation. The "output" return +// DescribeOrganizationConformancePackStatusesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeOrganizationConformancePackStatuses operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeRemediationExecutionStatus for more information on using the DescribeRemediationExecutionStatus +// See DescribeOrganizationConformancePackStatuses for more information on using the DescribeOrganizationConformancePackStatuses // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribeRemediationExecutionStatusRequest method. -// req, resp := client.DescribeRemediationExecutionStatusRequest(params) +// // Example sending a request using the DescribeOrganizationConformancePackStatusesRequest method. +// req, resp := client.DescribeOrganizationConformancePackStatusesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationExecutionStatus -func (c *ConfigService) DescribeRemediationExecutionStatusRequest(input *DescribeRemediationExecutionStatusInput) (req *request.Request, output *DescribeRemediationExecutionStatusOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConformancePackStatuses +func (c *ConfigService) DescribeOrganizationConformancePackStatusesRequest(input *DescribeOrganizationConformancePackStatusesInput) (req *request.Request, output *DescribeOrganizationConformancePackStatusesOutput) { op := &request.Operation{ - Name: opDescribeRemediationExecutionStatus, + Name: opDescribeOrganizationConformancePackStatuses, HTTPMethod: "POST", HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"NextToken"}, - OutputTokens: []string{"NextToken"}, - LimitToken: "Limit", - TruncationToken: "", - }, } if input == nil { - input = &DescribeRemediationExecutionStatusInput{} + input = &DescribeOrganizationConformancePackStatusesInput{} } - output = &DescribeRemediationExecutionStatusOutput{} + output = &DescribeOrganizationConformancePackStatusesOutput{} req = c.newRequest(op, input, output) return } -// DescribeRemediationExecutionStatus API operation for AWS Config. +// DescribeOrganizationConformancePackStatuses API operation for AWS Config. // -// Provides a detailed view of a Remediation Execution for a set of resources -// including state, timestamps for when steps for the remediation execution -// occur, and any error messages for steps that have failed. When you specify -// the limit and the next token, you receive a paginated response. +// Provides organization conformance pack deployment status for an organization. +// +// The status is not considered successful until organization conformance pack +// is successfully deployed in all the member accounts with an exception of +// excluded accounts. +// +// When you specify the limit and the next token, you receive a paginated response. +// Limit and next token are not applicable if you specify organization conformance +// pack names. They are only applicable, when you request all the organization +// conformance packs. +// +// Only a master account can call this API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation DescribeRemediationExecutionStatus for usage and error information. +// API operation DescribeOrganizationConformancePackStatuses for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchRemediationConfigurationException "NoSuchRemediationConfigurationException" -// You specified an AWS Config rule without a remediation configuration. +// * ErrCodeNoSuchOrganizationConformancePackException "NoSuchOrganizationConformancePackException" +// AWS Config organization conformance pack that you passed in the filter does +// not exist. +// +// For DeleteOrganizationConformancePack, you tried to delete an organization +// conformance pack that does not exist. +// +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // // * ErrCodeInvalidNextTokenException "InvalidNextTokenException" // The specified next token is invalid. Specify the nextToken string that was // returned in the previous response to get the next page of results. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationExecutionStatus -func (c *ConfigService) DescribeRemediationExecutionStatus(input *DescribeRemediationExecutionStatusInput) (*DescribeRemediationExecutionStatusOutput, error) { - req, out := c.DescribeRemediationExecutionStatusRequest(input) +// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" +// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess +// API. +// +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConformancePackStatuses +func (c *ConfigService) DescribeOrganizationConformancePackStatuses(input *DescribeOrganizationConformancePackStatusesInput) (*DescribeOrganizationConformancePackStatusesOutput, error) { + req, out := c.DescribeOrganizationConformancePackStatusesRequest(input) return out, req.Send() } -// DescribeRemediationExecutionStatusWithContext is the same as DescribeRemediationExecutionStatus with the addition of +// DescribeOrganizationConformancePackStatusesWithContext is the same as DescribeOrganizationConformancePackStatuses with the addition of // the ability to pass a context and additional request options. // -// See DescribeRemediationExecutionStatus for details on how to use this API operation. +// See DescribeOrganizationConformancePackStatuses for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) DescribeRemediationExecutionStatusWithContext(ctx aws.Context, input *DescribeRemediationExecutionStatusInput, opts ...request.Option) (*DescribeRemediationExecutionStatusOutput, error) { - req, out := c.DescribeRemediationExecutionStatusRequest(input) +func (c *ConfigService) DescribeOrganizationConformancePackStatusesWithContext(ctx aws.Context, input *DescribeOrganizationConformancePackStatusesInput, opts ...request.Option) (*DescribeOrganizationConformancePackStatusesOutput, error) { + req, out := c.DescribeOrganizationConformancePackStatusesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// DescribeRemediationExecutionStatusPages iterates over the pages of a DescribeRemediationExecutionStatus operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See DescribeRemediationExecutionStatus method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a DescribeRemediationExecutionStatus operation. -// pageNum := 0 -// err := client.DescribeRemediationExecutionStatusPages(params, -// func(page *configservice.DescribeRemediationExecutionStatusOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -// -func (c *ConfigService) DescribeRemediationExecutionStatusPages(input *DescribeRemediationExecutionStatusInput, fn func(*DescribeRemediationExecutionStatusOutput, bool) bool) error { - return c.DescribeRemediationExecutionStatusPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// DescribeRemediationExecutionStatusPagesWithContext same as DescribeRemediationExecutionStatusPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *ConfigService) DescribeRemediationExecutionStatusPagesWithContext(ctx aws.Context, input *DescribeRemediationExecutionStatusInput, fn func(*DescribeRemediationExecutionStatusOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *DescribeRemediationExecutionStatusInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.DescribeRemediationExecutionStatusRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*DescribeRemediationExecutionStatusOutput), !p.HasNextPage()) { - break - } - } +const opDescribeOrganizationConformancePacks = "DescribeOrganizationConformancePacks" - return p.Err() -} - -const opDescribeRetentionConfigurations = "DescribeRetentionConfigurations" - -// DescribeRetentionConfigurationsRequest generates a "aws/request.Request" representing the -// client's request for the DescribeRetentionConfigurations operation. The "output" return +// DescribeOrganizationConformancePacksRequest generates a "aws/request.Request" representing the +// client's request for the DescribeOrganizationConformancePacks operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeRetentionConfigurations for more information on using the DescribeRetentionConfigurations +// See DescribeOrganizationConformancePacks for more information on using the DescribeOrganizationConformancePacks // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the DescribeRetentionConfigurationsRequest method. -// req, resp := client.DescribeRetentionConfigurationsRequest(params) +// // Example sending a request using the DescribeOrganizationConformancePacksRequest method. +// req, resp := client.DescribeOrganizationConformancePacksRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRetentionConfigurations -func (c *ConfigService) DescribeRetentionConfigurationsRequest(input *DescribeRetentionConfigurationsInput) (req *request.Request, output *DescribeRetentionConfigurationsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConformancePacks +func (c *ConfigService) DescribeOrganizationConformancePacksRequest(input *DescribeOrganizationConformancePacksInput) (req *request.Request, output *DescribeOrganizationConformancePacksOutput) { op := &request.Operation{ - Name: opDescribeRetentionConfigurations, + Name: opDescribeOrganizationConformancePacks, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribeRetentionConfigurationsInput{} + input = &DescribeOrganizationConformancePacksInput{} } - output = &DescribeRetentionConfigurationsOutput{} + output = &DescribeOrganizationConformancePacksOutput{} req = c.newRequest(op, input, output) return } -// DescribeRetentionConfigurations API operation for AWS Config. +// DescribeOrganizationConformancePacks API operation for AWS Config. // -// Returns the details of one or more retention configurations. If the retention -// configuration name is not specified, this action returns the details for -// all the retention configurations for that account. +// Returns a list of organization conformance packs. // -// Currently, AWS Config supports only one retention configuration per region -// in your account. +// When you specify the limit and the next token, you receive a paginated response. +// Limit and next token are not applicable if you specify organization conformance +// packs names. They are only applicable, when you request all the organization +// conformance packs. Only a master account can call this API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation DescribeRetentionConfigurations for usage and error information. +// API operation DescribeOrganizationConformancePacks for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. +// * ErrCodeNoSuchOrganizationConformancePackException "NoSuchOrganizationConformancePackException" +// AWS Config organization conformance pack that you passed in the filter does +// not exist. // -// * ErrCodeNoSuchRetentionConfigurationException "NoSuchRetentionConfigurationException" -// You have specified a retention configuration that does not exist. +// For DeleteOrganizationConformancePack, you tried to delete an organization +// conformance pack that does not exist. // // * ErrCodeInvalidNextTokenException "InvalidNextTokenException" // The specified next token is invalid. Specify the nextToken string that was // returned in the previous response to get the next page of results. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRetentionConfigurations -func (c *ConfigService) DescribeRetentionConfigurations(input *DescribeRetentionConfigurationsInput) (*DescribeRetentionConfigurationsOutput, error) { - req, out := c.DescribeRetentionConfigurationsRequest(input) +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. +// +// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" +// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess +// API. +// +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeOrganizationConformancePacks +func (c *ConfigService) DescribeOrganizationConformancePacks(input *DescribeOrganizationConformancePacksInput) (*DescribeOrganizationConformancePacksOutput, error) { + req, out := c.DescribeOrganizationConformancePacksRequest(input) return out, req.Send() } -// DescribeRetentionConfigurationsWithContext is the same as DescribeRetentionConfigurations with the addition of +// DescribeOrganizationConformancePacksWithContext is the same as DescribeOrganizationConformancePacks with the addition of // the ability to pass a context and additional request options. // -// See DescribeRetentionConfigurations for details on how to use this API operation. +// See DescribeOrganizationConformancePacks for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) DescribeRetentionConfigurationsWithContext(ctx aws.Context, input *DescribeRetentionConfigurationsInput, opts ...request.Option) (*DescribeRetentionConfigurationsOutput, error) { - req, out := c.DescribeRetentionConfigurationsRequest(input) +func (c *ConfigService) DescribeOrganizationConformancePacksWithContext(ctx aws.Context, input *DescribeOrganizationConformancePacksInput, opts ...request.Option) (*DescribeOrganizationConformancePacksOutput, error) { + req, out := c.DescribeOrganizationConformancePacksRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetAggregateComplianceDetailsByConfigRule = "GetAggregateComplianceDetailsByConfigRule" +const opDescribePendingAggregationRequests = "DescribePendingAggregationRequests" -// GetAggregateComplianceDetailsByConfigRuleRequest generates a "aws/request.Request" representing the -// client's request for the GetAggregateComplianceDetailsByConfigRule operation. The "output" return +// DescribePendingAggregationRequestsRequest generates a "aws/request.Request" representing the +// client's request for the DescribePendingAggregationRequests operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetAggregateComplianceDetailsByConfigRule for more information on using the GetAggregateComplianceDetailsByConfigRule +// See DescribePendingAggregationRequests for more information on using the DescribePendingAggregationRequests // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetAggregateComplianceDetailsByConfigRuleRequest method. -// req, resp := client.GetAggregateComplianceDetailsByConfigRuleRequest(params) +// // Example sending a request using the DescribePendingAggregationRequestsRequest method. +// req, resp := client.DescribePendingAggregationRequestsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateComplianceDetailsByConfigRule -func (c *ConfigService) GetAggregateComplianceDetailsByConfigRuleRequest(input *GetAggregateComplianceDetailsByConfigRuleInput) (req *request.Request, output *GetAggregateComplianceDetailsByConfigRuleOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribePendingAggregationRequests +func (c *ConfigService) DescribePendingAggregationRequestsRequest(input *DescribePendingAggregationRequestsInput) (req *request.Request, output *DescribePendingAggregationRequestsOutput) { op := &request.Operation{ - Name: opGetAggregateComplianceDetailsByConfigRule, + Name: opDescribePendingAggregationRequests, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &GetAggregateComplianceDetailsByConfigRuleInput{} + input = &DescribePendingAggregationRequestsInput{} } - output = &GetAggregateComplianceDetailsByConfigRuleOutput{} + output = &DescribePendingAggregationRequestsOutput{} req = c.newRequest(op, input, output) return } -// GetAggregateComplianceDetailsByConfigRule API operation for AWS Config. -// -// Returns the evaluation results for the specified AWS Config rule for a specific -// resource in a rule. The results indicate which AWS resources were evaluated -// by the rule, when each resource was last evaluated, and whether each resource -// complies with the rule. +// DescribePendingAggregationRequests API operation for AWS Config. // -// The results can return an empty result page. But if you have a nextToken, -// the results are displayed on the next page. +// Returns a list of all pending aggregation requests. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetAggregateComplianceDetailsByConfigRule for usage and error information. +// API operation DescribePendingAggregationRequests for usage and error information. // // Returned Error Codes: -// * ErrCodeValidationException "ValidationException" -// The requested action is not valid. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. // // * ErrCodeInvalidNextTokenException "InvalidNextTokenException" // The specified next token is invalid. Specify the nextToken string that was // returned in the previous response to get the next page of results. // -// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" -// You have specified a configuration aggregator that does not exist. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateComplianceDetailsByConfigRule -func (c *ConfigService) GetAggregateComplianceDetailsByConfigRule(input *GetAggregateComplianceDetailsByConfigRuleInput) (*GetAggregateComplianceDetailsByConfigRuleOutput, error) { - req, out := c.GetAggregateComplianceDetailsByConfigRuleRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribePendingAggregationRequests +func (c *ConfigService) DescribePendingAggregationRequests(input *DescribePendingAggregationRequestsInput) (*DescribePendingAggregationRequestsOutput, error) { + req, out := c.DescribePendingAggregationRequestsRequest(input) return out, req.Send() } -// GetAggregateComplianceDetailsByConfigRuleWithContext is the same as GetAggregateComplianceDetailsByConfigRule with the addition of +// DescribePendingAggregationRequestsWithContext is the same as DescribePendingAggregationRequests with the addition of // the ability to pass a context and additional request options. // -// See GetAggregateComplianceDetailsByConfigRule for details on how to use this API operation. +// See DescribePendingAggregationRequests for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetAggregateComplianceDetailsByConfigRuleWithContext(ctx aws.Context, input *GetAggregateComplianceDetailsByConfigRuleInput, opts ...request.Option) (*GetAggregateComplianceDetailsByConfigRuleOutput, error) { - req, out := c.GetAggregateComplianceDetailsByConfigRuleRequest(input) +func (c *ConfigService) DescribePendingAggregationRequestsWithContext(ctx aws.Context, input *DescribePendingAggregationRequestsInput, opts ...request.Option) (*DescribePendingAggregationRequestsOutput, error) { + req, out := c.DescribePendingAggregationRequestsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetAggregateConfigRuleComplianceSummary = "GetAggregateConfigRuleComplianceSummary" +const opDescribeRemediationConfigurations = "DescribeRemediationConfigurations" -// GetAggregateConfigRuleComplianceSummaryRequest generates a "aws/request.Request" representing the -// client's request for the GetAggregateConfigRuleComplianceSummary operation. The "output" return +// DescribeRemediationConfigurationsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeRemediationConfigurations operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetAggregateConfigRuleComplianceSummary for more information on using the GetAggregateConfigRuleComplianceSummary +// See DescribeRemediationConfigurations for more information on using the DescribeRemediationConfigurations // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetAggregateConfigRuleComplianceSummaryRequest method. -// req, resp := client.GetAggregateConfigRuleComplianceSummaryRequest(params) +// // Example sending a request using the DescribeRemediationConfigurationsRequest method. +// req, resp := client.DescribeRemediationConfigurationsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateConfigRuleComplianceSummary -func (c *ConfigService) GetAggregateConfigRuleComplianceSummaryRequest(input *GetAggregateConfigRuleComplianceSummaryInput) (req *request.Request, output *GetAggregateConfigRuleComplianceSummaryOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationConfigurations +func (c *ConfigService) DescribeRemediationConfigurationsRequest(input *DescribeRemediationConfigurationsInput) (req *request.Request, output *DescribeRemediationConfigurationsOutput) { op := &request.Operation{ - Name: opGetAggregateConfigRuleComplianceSummary, + Name: opDescribeRemediationConfigurations, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &GetAggregateConfigRuleComplianceSummaryInput{} + input = &DescribeRemediationConfigurationsInput{} } - output = &GetAggregateConfigRuleComplianceSummaryOutput{} + output = &DescribeRemediationConfigurationsOutput{} req = c.newRequest(op, input, output) return } -// GetAggregateConfigRuleComplianceSummary API operation for AWS Config. -// -// Returns the number of compliant and noncompliant rules for one or more accounts -// and regions in an aggregator. +// DescribeRemediationConfigurations API operation for AWS Config. // -// The results can return an empty result page, but if you have a nextToken, -// the results are displayed on the next page. +// Returns the details of one or more remediation configurations. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetAggregateConfigRuleComplianceSummary for usage and error information. -// -// Returned Error Codes: -// * ErrCodeValidationException "ValidationException" -// The requested action is not valid. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. -// -// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" -// The specified next token is invalid. Specify the nextToken string that was -// returned in the previous response to get the next page of results. -// -// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" -// You have specified a configuration aggregator that does not exist. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateConfigRuleComplianceSummary -func (c *ConfigService) GetAggregateConfigRuleComplianceSummary(input *GetAggregateConfigRuleComplianceSummaryInput) (*GetAggregateConfigRuleComplianceSummaryOutput, error) { - req, out := c.GetAggregateConfigRuleComplianceSummaryRequest(input) +// API operation DescribeRemediationConfigurations for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationConfigurations +func (c *ConfigService) DescribeRemediationConfigurations(input *DescribeRemediationConfigurationsInput) (*DescribeRemediationConfigurationsOutput, error) { + req, out := c.DescribeRemediationConfigurationsRequest(input) return out, req.Send() } -// GetAggregateConfigRuleComplianceSummaryWithContext is the same as GetAggregateConfigRuleComplianceSummary with the addition of +// DescribeRemediationConfigurationsWithContext is the same as DescribeRemediationConfigurations with the addition of // the ability to pass a context and additional request options. // -// See GetAggregateConfigRuleComplianceSummary for details on how to use this API operation. +// See DescribeRemediationConfigurations for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetAggregateConfigRuleComplianceSummaryWithContext(ctx aws.Context, input *GetAggregateConfigRuleComplianceSummaryInput, opts ...request.Option) (*GetAggregateConfigRuleComplianceSummaryOutput, error) { - req, out := c.GetAggregateConfigRuleComplianceSummaryRequest(input) +func (c *ConfigService) DescribeRemediationConfigurationsWithContext(ctx aws.Context, input *DescribeRemediationConfigurationsInput, opts ...request.Option) (*DescribeRemediationConfigurationsOutput, error) { + req, out := c.DescribeRemediationConfigurationsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetAggregateDiscoveredResourceCounts = "GetAggregateDiscoveredResourceCounts" +const opDescribeRemediationExceptions = "DescribeRemediationExceptions" -// GetAggregateDiscoveredResourceCountsRequest generates a "aws/request.Request" representing the -// client's request for the GetAggregateDiscoveredResourceCounts operation. The "output" return +// DescribeRemediationExceptionsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeRemediationExceptions operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetAggregateDiscoveredResourceCounts for more information on using the GetAggregateDiscoveredResourceCounts +// See DescribeRemediationExceptions for more information on using the DescribeRemediationExceptions // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetAggregateDiscoveredResourceCountsRequest method. -// req, resp := client.GetAggregateDiscoveredResourceCountsRequest(params) +// // Example sending a request using the DescribeRemediationExceptionsRequest method. +// req, resp := client.DescribeRemediationExceptionsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateDiscoveredResourceCounts -func (c *ConfigService) GetAggregateDiscoveredResourceCountsRequest(input *GetAggregateDiscoveredResourceCountsInput) (req *request.Request, output *GetAggregateDiscoveredResourceCountsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationExceptions +func (c *ConfigService) DescribeRemediationExceptionsRequest(input *DescribeRemediationExceptionsInput) (req *request.Request, output *DescribeRemediationExceptionsOutput) { op := &request.Operation{ - Name: opGetAggregateDiscoveredResourceCounts, + Name: opDescribeRemediationExceptions, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "Limit", + TruncationToken: "", + }, } if input == nil { - input = &GetAggregateDiscoveredResourceCountsInput{} + input = &DescribeRemediationExceptionsInput{} } - output = &GetAggregateDiscoveredResourceCountsOutput{} + output = &DescribeRemediationExceptionsOutput{} req = c.newRequest(op, input, output) return } -// GetAggregateDiscoveredResourceCounts API operation for AWS Config. +// DescribeRemediationExceptions API operation for AWS Config. // -// Returns the resource counts across accounts and regions that are present -// in your AWS Config aggregator. You can request the resource counts by providing -// filters and GroupByKey. +// Returns the details of one or more remediation exceptions. A detailed view +// of a remediation exception for a set of resources that includes an explanation +// of an exception and the time when the exception will be deleted. When you +// specify the limit and the next token, you receive a paginated response. // -// For example, if the input contains accountID 12345678910 and region us-east-1 -// in filters, the API returns the count of resources in account ID 12345678910 -// and region us-east-1. If the input contains ACCOUNT_ID as a GroupByKey, the -// API returns resource counts for all source accounts that are present in your -// aggregator. +// When you specify the limit and the next token, you receive a paginated response. +// +// Limit and next token are not applicable if you request resources in batch. +// It is only applicable, when you request all resources. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetAggregateDiscoveredResourceCounts for usage and error information. +// API operation DescribeRemediationExceptions for usage and error information. // // Returned Error Codes: -// * ErrCodeValidationException "ValidationException" -// The requested action is not valid. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. -// // * ErrCodeInvalidNextTokenException "InvalidNextTokenException" // The specified next token is invalid. Specify the nextToken string that was // returned in the previous response to get the next page of results. // -// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" -// You have specified a configuration aggregator that does not exist. +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateDiscoveredResourceCounts -func (c *ConfigService) GetAggregateDiscoveredResourceCounts(input *GetAggregateDiscoveredResourceCountsInput) (*GetAggregateDiscoveredResourceCountsOutput, error) { - req, out := c.GetAggregateDiscoveredResourceCountsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationExceptions +func (c *ConfigService) DescribeRemediationExceptions(input *DescribeRemediationExceptionsInput) (*DescribeRemediationExceptionsOutput, error) { + req, out := c.DescribeRemediationExceptionsRequest(input) return out, req.Send() } -// GetAggregateDiscoveredResourceCountsWithContext is the same as GetAggregateDiscoveredResourceCounts with the addition of +// DescribeRemediationExceptionsWithContext is the same as DescribeRemediationExceptions with the addition of // the ability to pass a context and additional request options. // -// See GetAggregateDiscoveredResourceCounts for details on how to use this API operation. +// See DescribeRemediationExceptions for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetAggregateDiscoveredResourceCountsWithContext(ctx aws.Context, input *GetAggregateDiscoveredResourceCountsInput, opts ...request.Option) (*GetAggregateDiscoveredResourceCountsOutput, error) { - req, out := c.GetAggregateDiscoveredResourceCountsRequest(input) +func (c *ConfigService) DescribeRemediationExceptionsWithContext(ctx aws.Context, input *DescribeRemediationExceptionsInput, opts ...request.Option) (*DescribeRemediationExceptionsOutput, error) { + req, out := c.DescribeRemediationExceptionsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetAggregateResourceConfig = "GetAggregateResourceConfig" +// DescribeRemediationExceptionsPages iterates over the pages of a DescribeRemediationExceptions operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeRemediationExceptions method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeRemediationExceptions operation. +// pageNum := 0 +// err := client.DescribeRemediationExceptionsPages(params, +// func(page *configservice.DescribeRemediationExceptionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *ConfigService) DescribeRemediationExceptionsPages(input *DescribeRemediationExceptionsInput, fn func(*DescribeRemediationExceptionsOutput, bool) bool) error { + return c.DescribeRemediationExceptionsPagesWithContext(aws.BackgroundContext(), input, fn) +} -// GetAggregateResourceConfigRequest generates a "aws/request.Request" representing the -// client's request for the GetAggregateResourceConfig operation. The "output" return +// DescribeRemediationExceptionsPagesWithContext same as DescribeRemediationExceptionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) DescribeRemediationExceptionsPagesWithContext(ctx aws.Context, input *DescribeRemediationExceptionsInput, fn func(*DescribeRemediationExceptionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeRemediationExceptionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeRemediationExceptionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeRemediationExceptionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeRemediationExecutionStatus = "DescribeRemediationExecutionStatus" + +// DescribeRemediationExecutionStatusRequest generates a "aws/request.Request" representing the +// client's request for the DescribeRemediationExecutionStatus operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetAggregateResourceConfig for more information on using the GetAggregateResourceConfig +// See DescribeRemediationExecutionStatus for more information on using the DescribeRemediationExecutionStatus // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetAggregateResourceConfigRequest method. -// req, resp := client.GetAggregateResourceConfigRequest(params) +// // Example sending a request using the DescribeRemediationExecutionStatusRequest method. +// req, resp := client.DescribeRemediationExecutionStatusRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateResourceConfig -func (c *ConfigService) GetAggregateResourceConfigRequest(input *GetAggregateResourceConfigInput) (req *request.Request, output *GetAggregateResourceConfigOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationExecutionStatus +func (c *ConfigService) DescribeRemediationExecutionStatusRequest(input *DescribeRemediationExecutionStatusInput) (req *request.Request, output *DescribeRemediationExecutionStatusOutput) { op := &request.Operation{ - Name: opGetAggregateResourceConfig, + Name: opDescribeRemediationExecutionStatus, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "Limit", + TruncationToken: "", + }, } if input == nil { - input = &GetAggregateResourceConfigInput{} + input = &DescribeRemediationExecutionStatusInput{} } - output = &GetAggregateResourceConfigOutput{} + output = &DescribeRemediationExecutionStatusOutput{} req = c.newRequest(op, input, output) return } -// GetAggregateResourceConfig API operation for AWS Config. +// DescribeRemediationExecutionStatus API operation for AWS Config. // -// Returns configuration item that is aggregated for your specific resource -// in a specific source account and region. +// Provides a detailed view of a Remediation Execution for a set of resources +// including state, timestamps for when steps for the remediation execution +// occur, and any error messages for steps that have failed. When you specify +// the limit and the next token, you receive a paginated response. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetAggregateResourceConfig for usage and error information. +// API operation DescribeRemediationExecutionStatus for usage and error information. // // Returned Error Codes: -// * ErrCodeValidationException "ValidationException" -// The requested action is not valid. +// * ErrCodeNoSuchRemediationConfigurationException "NoSuchRemediationConfigurationException" +// You specified an AWS Config rule without a remediation configuration. // -// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" -// You have specified a configuration aggregator that does not exist. +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. // -// * ErrCodeOversizedConfigurationItemException "OversizedConfigurationItemException" -// The configuration item size is outside the allowable range. -// -// * ErrCodeResourceNotDiscoveredException "ResourceNotDiscoveredException" -// You have specified a resource that is either unknown or has not been discovered. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateResourceConfig -func (c *ConfigService) GetAggregateResourceConfig(input *GetAggregateResourceConfigInput) (*GetAggregateResourceConfigOutput, error) { - req, out := c.GetAggregateResourceConfigRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRemediationExecutionStatus +func (c *ConfigService) DescribeRemediationExecutionStatus(input *DescribeRemediationExecutionStatusInput) (*DescribeRemediationExecutionStatusOutput, error) { + req, out := c.DescribeRemediationExecutionStatusRequest(input) return out, req.Send() } -// GetAggregateResourceConfigWithContext is the same as GetAggregateResourceConfig with the addition of +// DescribeRemediationExecutionStatusWithContext is the same as DescribeRemediationExecutionStatus with the addition of // the ability to pass a context and additional request options. // -// See GetAggregateResourceConfig for details on how to use this API operation. +// See DescribeRemediationExecutionStatus for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetAggregateResourceConfigWithContext(ctx aws.Context, input *GetAggregateResourceConfigInput, opts ...request.Option) (*GetAggregateResourceConfigOutput, error) { - req, out := c.GetAggregateResourceConfigRequest(input) +func (c *ConfigService) DescribeRemediationExecutionStatusWithContext(ctx aws.Context, input *DescribeRemediationExecutionStatusInput, opts ...request.Option) (*DescribeRemediationExecutionStatusOutput, error) { + req, out := c.DescribeRemediationExecutionStatusRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetComplianceDetailsByConfigRule = "GetComplianceDetailsByConfigRule" +// DescribeRemediationExecutionStatusPages iterates over the pages of a DescribeRemediationExecutionStatus operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeRemediationExecutionStatus method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeRemediationExecutionStatus operation. +// pageNum := 0 +// err := client.DescribeRemediationExecutionStatusPages(params, +// func(page *configservice.DescribeRemediationExecutionStatusOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *ConfigService) DescribeRemediationExecutionStatusPages(input *DescribeRemediationExecutionStatusInput, fn func(*DescribeRemediationExecutionStatusOutput, bool) bool) error { + return c.DescribeRemediationExecutionStatusPagesWithContext(aws.BackgroundContext(), input, fn) +} -// GetComplianceDetailsByConfigRuleRequest generates a "aws/request.Request" representing the -// client's request for the GetComplianceDetailsByConfigRule operation. The "output" return +// DescribeRemediationExecutionStatusPagesWithContext same as DescribeRemediationExecutionStatusPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) DescribeRemediationExecutionStatusPagesWithContext(ctx aws.Context, input *DescribeRemediationExecutionStatusInput, fn func(*DescribeRemediationExecutionStatusOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeRemediationExecutionStatusInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeRemediationExecutionStatusRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeRemediationExecutionStatusOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeRetentionConfigurations = "DescribeRetentionConfigurations" + +// DescribeRetentionConfigurationsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeRetentionConfigurations operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetComplianceDetailsByConfigRule for more information on using the GetComplianceDetailsByConfigRule +// See DescribeRetentionConfigurations for more information on using the DescribeRetentionConfigurations // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetComplianceDetailsByConfigRuleRequest method. -// req, resp := client.GetComplianceDetailsByConfigRuleRequest(params) +// // Example sending a request using the DescribeRetentionConfigurationsRequest method. +// req, resp := client.DescribeRetentionConfigurationsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceDetailsByConfigRule -func (c *ConfigService) GetComplianceDetailsByConfigRuleRequest(input *GetComplianceDetailsByConfigRuleInput) (req *request.Request, output *GetComplianceDetailsByConfigRuleOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRetentionConfigurations +func (c *ConfigService) DescribeRetentionConfigurationsRequest(input *DescribeRetentionConfigurationsInput) (req *request.Request, output *DescribeRetentionConfigurationsOutput) { op := &request.Operation{ - Name: opGetComplianceDetailsByConfigRule, + Name: opDescribeRetentionConfigurations, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &GetComplianceDetailsByConfigRuleInput{} + input = &DescribeRetentionConfigurationsInput{} } - output = &GetComplianceDetailsByConfigRuleOutput{} + output = &DescribeRetentionConfigurationsOutput{} req = c.newRequest(op, input, output) return } -// GetComplianceDetailsByConfigRule API operation for AWS Config. +// DescribeRetentionConfigurations API operation for AWS Config. // -// Returns the evaluation results for the specified AWS Config rule. The results -// indicate which AWS resources were evaluated by the rule, when each resource -// was last evaluated, and whether each resource complies with the rule. +// Returns the details of one or more retention configurations. If the retention +// configuration name is not specified, this action returns the details for +// all the retention configurations for that account. +// +// Currently, AWS Config supports only one retention configuration per region +// in your account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetComplianceDetailsByConfigRule for usage and error information. +// API operation DescribeRetentionConfigurations for usage and error information. // // Returned Error Codes: // * ErrCodeInvalidParameterValueException "InvalidParameterValueException" // One or more of the specified parameters are invalid. Verify that your parameters // are valid and try again. // +// * ErrCodeNoSuchRetentionConfigurationException "NoSuchRetentionConfigurationException" +// You have specified a retention configuration that does not exist. +// // * ErrCodeInvalidNextTokenException "InvalidNextTokenException" // The specified next token is invalid. Specify the nextToken string that was // returned in the previous response to get the next page of results. // -// * ErrCodeNoSuchConfigRuleException "NoSuchConfigRuleException" -// One or more AWS Config rules in the request are invalid. Verify that the -// rule names are correct and try again. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceDetailsByConfigRule -func (c *ConfigService) GetComplianceDetailsByConfigRule(input *GetComplianceDetailsByConfigRuleInput) (*GetComplianceDetailsByConfigRuleOutput, error) { - req, out := c.GetComplianceDetailsByConfigRuleRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/DescribeRetentionConfigurations +func (c *ConfigService) DescribeRetentionConfigurations(input *DescribeRetentionConfigurationsInput) (*DescribeRetentionConfigurationsOutput, error) { + req, out := c.DescribeRetentionConfigurationsRequest(input) return out, req.Send() } -// GetComplianceDetailsByConfigRuleWithContext is the same as GetComplianceDetailsByConfigRule with the addition of +// DescribeRetentionConfigurationsWithContext is the same as DescribeRetentionConfigurations with the addition of // the ability to pass a context and additional request options. // -// See GetComplianceDetailsByConfigRule for details on how to use this API operation. +// See DescribeRetentionConfigurations for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetComplianceDetailsByConfigRuleWithContext(ctx aws.Context, input *GetComplianceDetailsByConfigRuleInput, opts ...request.Option) (*GetComplianceDetailsByConfigRuleOutput, error) { - req, out := c.GetComplianceDetailsByConfigRuleRequest(input) +func (c *ConfigService) DescribeRetentionConfigurationsWithContext(ctx aws.Context, input *DescribeRetentionConfigurationsInput, opts ...request.Option) (*DescribeRetentionConfigurationsOutput, error) { + req, out := c.DescribeRetentionConfigurationsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetComplianceDetailsByResource = "GetComplianceDetailsByResource" +const opGetAggregateComplianceDetailsByConfigRule = "GetAggregateComplianceDetailsByConfigRule" -// GetComplianceDetailsByResourceRequest generates a "aws/request.Request" representing the -// client's request for the GetComplianceDetailsByResource operation. The "output" return +// GetAggregateComplianceDetailsByConfigRuleRequest generates a "aws/request.Request" representing the +// client's request for the GetAggregateComplianceDetailsByConfigRule operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetComplianceDetailsByResource for more information on using the GetComplianceDetailsByResource +// See GetAggregateComplianceDetailsByConfigRule for more information on using the GetAggregateComplianceDetailsByConfigRule // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetComplianceDetailsByResourceRequest method. -// req, resp := client.GetComplianceDetailsByResourceRequest(params) +// // Example sending a request using the GetAggregateComplianceDetailsByConfigRuleRequest method. +// req, resp := client.GetAggregateComplianceDetailsByConfigRuleRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceDetailsByResource -func (c *ConfigService) GetComplianceDetailsByResourceRequest(input *GetComplianceDetailsByResourceInput) (req *request.Request, output *GetComplianceDetailsByResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateComplianceDetailsByConfigRule +func (c *ConfigService) GetAggregateComplianceDetailsByConfigRuleRequest(input *GetAggregateComplianceDetailsByConfigRuleInput) (req *request.Request, output *GetAggregateComplianceDetailsByConfigRuleOutput) { op := &request.Operation{ - Name: opGetComplianceDetailsByResource, + Name: opGetAggregateComplianceDetailsByConfigRule, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &GetComplianceDetailsByResourceInput{} + input = &GetAggregateComplianceDetailsByConfigRuleInput{} } - output = &GetComplianceDetailsByResourceOutput{} + output = &GetAggregateComplianceDetailsByConfigRuleOutput{} req = c.newRequest(op, input, output) return } -// GetComplianceDetailsByResource API operation for AWS Config. +// GetAggregateComplianceDetailsByConfigRule API operation for AWS Config. // -// Returns the evaluation results for the specified AWS resource. The results -// indicate which AWS Config rules were used to evaluate the resource, when -// each rule was last used, and whether the resource complies with each rule. +// Returns the evaluation results for the specified AWS Config rule for a specific +// resource in a rule. The results indicate which AWS resources were evaluated +// by the rule, when each resource was last evaluated, and whether each resource +// complies with the rule. +// +// The results can return an empty result page. But if you have a nextToken, +// the results are displayed on the next page. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetComplianceDetailsByResource for usage and error information. +// API operation GetAggregateComplianceDetailsByConfigRule for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. +// * ErrCodeValidationException "ValidationException" +// The requested action is not valid. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceDetailsByResource -func (c *ConfigService) GetComplianceDetailsByResource(input *GetComplianceDetailsByResourceInput) (*GetComplianceDetailsByResourceOutput, error) { - req, out := c.GetComplianceDetailsByResourceRequest(input) +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. +// +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. +// +// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" +// You have specified a configuration aggregator that does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateComplianceDetailsByConfigRule +func (c *ConfigService) GetAggregateComplianceDetailsByConfigRule(input *GetAggregateComplianceDetailsByConfigRuleInput) (*GetAggregateComplianceDetailsByConfigRuleOutput, error) { + req, out := c.GetAggregateComplianceDetailsByConfigRuleRequest(input) return out, req.Send() } -// GetComplianceDetailsByResourceWithContext is the same as GetComplianceDetailsByResource with the addition of +// GetAggregateComplianceDetailsByConfigRuleWithContext is the same as GetAggregateComplianceDetailsByConfigRule with the addition of // the ability to pass a context and additional request options. // -// See GetComplianceDetailsByResource for details on how to use this API operation. +// See GetAggregateComplianceDetailsByConfigRule for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetComplianceDetailsByResourceWithContext(ctx aws.Context, input *GetComplianceDetailsByResourceInput, opts ...request.Option) (*GetComplianceDetailsByResourceOutput, error) { - req, out := c.GetComplianceDetailsByResourceRequest(input) +func (c *ConfigService) GetAggregateComplianceDetailsByConfigRuleWithContext(ctx aws.Context, input *GetAggregateComplianceDetailsByConfigRuleInput, opts ...request.Option) (*GetAggregateComplianceDetailsByConfigRuleOutput, error) { + req, out := c.GetAggregateComplianceDetailsByConfigRuleRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetComplianceSummaryByConfigRule = "GetComplianceSummaryByConfigRule" +const opGetAggregateConfigRuleComplianceSummary = "GetAggregateConfigRuleComplianceSummary" -// GetComplianceSummaryByConfigRuleRequest generates a "aws/request.Request" representing the -// client's request for the GetComplianceSummaryByConfigRule operation. The "output" return +// GetAggregateConfigRuleComplianceSummaryRequest generates a "aws/request.Request" representing the +// client's request for the GetAggregateConfigRuleComplianceSummary operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetComplianceSummaryByConfigRule for more information on using the GetComplianceSummaryByConfigRule +// See GetAggregateConfigRuleComplianceSummary for more information on using the GetAggregateConfigRuleComplianceSummary // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetComplianceSummaryByConfigRuleRequest method. -// req, resp := client.GetComplianceSummaryByConfigRuleRequest(params) +// // Example sending a request using the GetAggregateConfigRuleComplianceSummaryRequest method. +// req, resp := client.GetAggregateConfigRuleComplianceSummaryRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceSummaryByConfigRule -func (c *ConfigService) GetComplianceSummaryByConfigRuleRequest(input *GetComplianceSummaryByConfigRuleInput) (req *request.Request, output *GetComplianceSummaryByConfigRuleOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateConfigRuleComplianceSummary +func (c *ConfigService) GetAggregateConfigRuleComplianceSummaryRequest(input *GetAggregateConfigRuleComplianceSummaryInput) (req *request.Request, output *GetAggregateConfigRuleComplianceSummaryOutput) { op := &request.Operation{ - Name: opGetComplianceSummaryByConfigRule, + Name: opGetAggregateConfigRuleComplianceSummary, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &GetComplianceSummaryByConfigRuleInput{} + input = &GetAggregateConfigRuleComplianceSummaryInput{} } - output = &GetComplianceSummaryByConfigRuleOutput{} + output = &GetAggregateConfigRuleComplianceSummaryOutput{} req = c.newRequest(op, input, output) return } -// GetComplianceSummaryByConfigRule API operation for AWS Config. +// GetAggregateConfigRuleComplianceSummary API operation for AWS Config. // -// Returns the number of AWS Config rules that are compliant and noncompliant, -// up to a maximum of 25 for each. +// Returns the number of compliant and noncompliant rules for one or more accounts +// and regions in an aggregator. +// +// The results can return an empty result page, but if you have a nextToken, +// the results are displayed on the next page. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetComplianceSummaryByConfigRule for usage and error information. -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceSummaryByConfigRule -func (c *ConfigService) GetComplianceSummaryByConfigRule(input *GetComplianceSummaryByConfigRuleInput) (*GetComplianceSummaryByConfigRuleOutput, error) { - req, out := c.GetComplianceSummaryByConfigRuleRequest(input) +// API operation GetAggregateConfigRuleComplianceSummary for usage and error information. +// +// Returned Error Codes: +// * ErrCodeValidationException "ValidationException" +// The requested action is not valid. +// +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. +// +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. +// +// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" +// You have specified a configuration aggregator that does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateConfigRuleComplianceSummary +func (c *ConfigService) GetAggregateConfigRuleComplianceSummary(input *GetAggregateConfigRuleComplianceSummaryInput) (*GetAggregateConfigRuleComplianceSummaryOutput, error) { + req, out := c.GetAggregateConfigRuleComplianceSummaryRequest(input) return out, req.Send() } -// GetComplianceSummaryByConfigRuleWithContext is the same as GetComplianceSummaryByConfigRule with the addition of +// GetAggregateConfigRuleComplianceSummaryWithContext is the same as GetAggregateConfigRuleComplianceSummary with the addition of // the ability to pass a context and additional request options. // -// See GetComplianceSummaryByConfigRule for details on how to use this API operation. +// See GetAggregateConfigRuleComplianceSummary for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetComplianceSummaryByConfigRuleWithContext(ctx aws.Context, input *GetComplianceSummaryByConfigRuleInput, opts ...request.Option) (*GetComplianceSummaryByConfigRuleOutput, error) { - req, out := c.GetComplianceSummaryByConfigRuleRequest(input) +func (c *ConfigService) GetAggregateConfigRuleComplianceSummaryWithContext(ctx aws.Context, input *GetAggregateConfigRuleComplianceSummaryInput, opts ...request.Option) (*GetAggregateConfigRuleComplianceSummaryOutput, error) { + req, out := c.GetAggregateConfigRuleComplianceSummaryRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetComplianceSummaryByResourceType = "GetComplianceSummaryByResourceType" +const opGetAggregateDiscoveredResourceCounts = "GetAggregateDiscoveredResourceCounts" -// GetComplianceSummaryByResourceTypeRequest generates a "aws/request.Request" representing the -// client's request for the GetComplianceSummaryByResourceType operation. The "output" return +// GetAggregateDiscoveredResourceCountsRequest generates a "aws/request.Request" representing the +// client's request for the GetAggregateDiscoveredResourceCounts operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetComplianceSummaryByResourceType for more information on using the GetComplianceSummaryByResourceType +// See GetAggregateDiscoveredResourceCounts for more information on using the GetAggregateDiscoveredResourceCounts // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetComplianceSummaryByResourceTypeRequest method. -// req, resp := client.GetComplianceSummaryByResourceTypeRequest(params) +// // Example sending a request using the GetAggregateDiscoveredResourceCountsRequest method. +// req, resp := client.GetAggregateDiscoveredResourceCountsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceSummaryByResourceType -func (c *ConfigService) GetComplianceSummaryByResourceTypeRequest(input *GetComplianceSummaryByResourceTypeInput) (req *request.Request, output *GetComplianceSummaryByResourceTypeOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateDiscoveredResourceCounts +func (c *ConfigService) GetAggregateDiscoveredResourceCountsRequest(input *GetAggregateDiscoveredResourceCountsInput) (req *request.Request, output *GetAggregateDiscoveredResourceCountsOutput) { op := &request.Operation{ - Name: opGetComplianceSummaryByResourceType, + Name: opGetAggregateDiscoveredResourceCounts, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &GetComplianceSummaryByResourceTypeInput{} + input = &GetAggregateDiscoveredResourceCountsInput{} } - output = &GetComplianceSummaryByResourceTypeOutput{} + output = &GetAggregateDiscoveredResourceCountsOutput{} req = c.newRequest(op, input, output) return } -// GetComplianceSummaryByResourceType API operation for AWS Config. +// GetAggregateDiscoveredResourceCounts API operation for AWS Config. // -// Returns the number of resources that are compliant and the number that are -// noncompliant. You can specify one or more resource types to get these numbers -// for each resource type. The maximum number returned is 100. +// Returns the resource counts across accounts and regions that are present +// in your AWS Config aggregator. You can request the resource counts by providing +// filters and GroupByKey. +// +// For example, if the input contains accountID 12345678910 and region us-east-1 +// in filters, the API returns the count of resources in account ID 12345678910 +// and region us-east-1. If the input contains ACCOUNT_ID as a GroupByKey, the +// API returns resource counts for all source accounts that are present in your +// aggregator. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetComplianceSummaryByResourceType for usage and error information. +// API operation GetAggregateDiscoveredResourceCounts for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. +// * ErrCodeValidationException "ValidationException" +// The requested action is not valid. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceSummaryByResourceType -func (c *ConfigService) GetComplianceSummaryByResourceType(input *GetComplianceSummaryByResourceTypeInput) (*GetComplianceSummaryByResourceTypeOutput, error) { - req, out := c.GetComplianceSummaryByResourceTypeRequest(input) +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. +// +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. +// +// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" +// You have specified a configuration aggregator that does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateDiscoveredResourceCounts +func (c *ConfigService) GetAggregateDiscoveredResourceCounts(input *GetAggregateDiscoveredResourceCountsInput) (*GetAggregateDiscoveredResourceCountsOutput, error) { + req, out := c.GetAggregateDiscoveredResourceCountsRequest(input) return out, req.Send() } -// GetComplianceSummaryByResourceTypeWithContext is the same as GetComplianceSummaryByResourceType with the addition of +// GetAggregateDiscoveredResourceCountsWithContext is the same as GetAggregateDiscoveredResourceCounts with the addition of // the ability to pass a context and additional request options. // -// See GetComplianceSummaryByResourceType for details on how to use this API operation. +// See GetAggregateDiscoveredResourceCounts for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetComplianceSummaryByResourceTypeWithContext(ctx aws.Context, input *GetComplianceSummaryByResourceTypeInput, opts ...request.Option) (*GetComplianceSummaryByResourceTypeOutput, error) { - req, out := c.GetComplianceSummaryByResourceTypeRequest(input) +func (c *ConfigService) GetAggregateDiscoveredResourceCountsWithContext(ctx aws.Context, input *GetAggregateDiscoveredResourceCountsInput, opts ...request.Option) (*GetAggregateDiscoveredResourceCountsOutput, error) { + req, out := c.GetAggregateDiscoveredResourceCountsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetDiscoveredResourceCounts = "GetDiscoveredResourceCounts" +const opGetAggregateResourceConfig = "GetAggregateResourceConfig" -// GetDiscoveredResourceCountsRequest generates a "aws/request.Request" representing the -// client's request for the GetDiscoveredResourceCounts operation. The "output" return +// GetAggregateResourceConfigRequest generates a "aws/request.Request" representing the +// client's request for the GetAggregateResourceConfig operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetDiscoveredResourceCounts for more information on using the GetDiscoveredResourceCounts +// See GetAggregateResourceConfig for more information on using the GetAggregateResourceConfig // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetDiscoveredResourceCountsRequest method. -// req, resp := client.GetDiscoveredResourceCountsRequest(params) +// // Example sending a request using the GetAggregateResourceConfigRequest method. +// req, resp := client.GetAggregateResourceConfigRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetDiscoveredResourceCounts -func (c *ConfigService) GetDiscoveredResourceCountsRequest(input *GetDiscoveredResourceCountsInput) (req *request.Request, output *GetDiscoveredResourceCountsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateResourceConfig +func (c *ConfigService) GetAggregateResourceConfigRequest(input *GetAggregateResourceConfigInput) (req *request.Request, output *GetAggregateResourceConfigOutput) { op := &request.Operation{ - Name: opGetDiscoveredResourceCounts, + Name: opGetAggregateResourceConfig, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &GetDiscoveredResourceCountsInput{} + input = &GetAggregateResourceConfigInput{} } - output = &GetDiscoveredResourceCountsOutput{} + output = &GetAggregateResourceConfigOutput{} req = c.newRequest(op, input, output) return } -// GetDiscoveredResourceCounts API operation for AWS Config. -// -// Returns the resource types, the number of each resource type, and the total -// number of resources that AWS Config is recording in this region for your -// AWS account. -// -// Example -// -// AWS Config is recording three resource types in the US East (Ohio) Region -// for your account: 25 EC2 instances, 20 IAM users, and 15 S3 buckets. -// -// You make a call to the GetDiscoveredResourceCounts action and specify that -// you want all resource types. -// -// AWS Config returns the following: -// -// * The resource types (EC2 instances, IAM users, and S3 buckets). -// -// * The number of each resource type (25, 20, and 15). -// -// * The total number of all resources (60). -// -// The response is paginated. By default, AWS Config lists 100 ResourceCount -// objects on each page. You can customize this number with the limit parameter. -// The response includes a nextToken string. To get the next page of results, -// run the request again and specify the string for the nextToken parameter. -// -// If you make a call to the GetDiscoveredResourceCounts action, you might not -// immediately receive resource counts in the following situations: -// -// * You are a new AWS Config customer. -// -// * You just enabled resource recording. +// GetAggregateResourceConfig API operation for AWS Config. // -// It might take a few minutes for AWS Config to record and count your resources. -// Wait a few minutes and then retry the GetDiscoveredResourceCounts action. +// Returns configuration item that is aggregated for your specific resource +// in a specific source account and region. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetDiscoveredResourceCounts for usage and error information. +// API operation GetAggregateResourceConfig for usage and error information. // // Returned Error Codes: // * ErrCodeValidationException "ValidationException" // The requested action is not valid. // -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. +// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" +// You have specified a configuration aggregator that does not exist. // -// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" -// The specified next token is invalid. Specify the nextToken string that was -// returned in the previous response to get the next page of results. +// * ErrCodeOversizedConfigurationItemException "OversizedConfigurationItemException" +// The configuration item size is outside the allowable range. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetDiscoveredResourceCounts -func (c *ConfigService) GetDiscoveredResourceCounts(input *GetDiscoveredResourceCountsInput) (*GetDiscoveredResourceCountsOutput, error) { - req, out := c.GetDiscoveredResourceCountsRequest(input) +// * ErrCodeResourceNotDiscoveredException "ResourceNotDiscoveredException" +// You have specified a resource that is either unknown or has not been discovered. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetAggregateResourceConfig +func (c *ConfigService) GetAggregateResourceConfig(input *GetAggregateResourceConfigInput) (*GetAggregateResourceConfigOutput, error) { + req, out := c.GetAggregateResourceConfigRequest(input) return out, req.Send() } -// GetDiscoveredResourceCountsWithContext is the same as GetDiscoveredResourceCounts with the addition of +// GetAggregateResourceConfigWithContext is the same as GetAggregateResourceConfig with the addition of // the ability to pass a context and additional request options. // -// See GetDiscoveredResourceCounts for details on how to use this API operation. +// See GetAggregateResourceConfig for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetDiscoveredResourceCountsWithContext(ctx aws.Context, input *GetDiscoveredResourceCountsInput, opts ...request.Option) (*GetDiscoveredResourceCountsOutput, error) { - req, out := c.GetDiscoveredResourceCountsRequest(input) +func (c *ConfigService) GetAggregateResourceConfigWithContext(ctx aws.Context, input *GetAggregateResourceConfigInput, opts ...request.Option) (*GetAggregateResourceConfigOutput, error) { + req, out := c.GetAggregateResourceConfigRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetOrganizationConfigRuleDetailedStatus = "GetOrganizationConfigRuleDetailedStatus" +const opGetComplianceDetailsByConfigRule = "GetComplianceDetailsByConfigRule" -// GetOrganizationConfigRuleDetailedStatusRequest generates a "aws/request.Request" representing the -// client's request for the GetOrganizationConfigRuleDetailedStatus operation. The "output" return +// GetComplianceDetailsByConfigRuleRequest generates a "aws/request.Request" representing the +// client's request for the GetComplianceDetailsByConfigRule operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetOrganizationConfigRuleDetailedStatus for more information on using the GetOrganizationConfigRuleDetailedStatus +// See GetComplianceDetailsByConfigRule for more information on using the GetComplianceDetailsByConfigRule // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetOrganizationConfigRuleDetailedStatusRequest method. -// req, resp := client.GetOrganizationConfigRuleDetailedStatusRequest(params) +// // Example sending a request using the GetComplianceDetailsByConfigRuleRequest method. +// req, resp := client.GetComplianceDetailsByConfigRuleRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetOrganizationConfigRuleDetailedStatus -func (c *ConfigService) GetOrganizationConfigRuleDetailedStatusRequest(input *GetOrganizationConfigRuleDetailedStatusInput) (req *request.Request, output *GetOrganizationConfigRuleDetailedStatusOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceDetailsByConfigRule +func (c *ConfigService) GetComplianceDetailsByConfigRuleRequest(input *GetComplianceDetailsByConfigRuleInput) (req *request.Request, output *GetComplianceDetailsByConfigRuleOutput) { op := &request.Operation{ - Name: opGetOrganizationConfigRuleDetailedStatus, + Name: opGetComplianceDetailsByConfigRule, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &GetOrganizationConfigRuleDetailedStatusInput{} + input = &GetComplianceDetailsByConfigRuleInput{} } - output = &GetOrganizationConfigRuleDetailedStatusOutput{} + output = &GetComplianceDetailsByConfigRuleOutput{} req = c.newRequest(op, input, output) return } -// GetOrganizationConfigRuleDetailedStatus API operation for AWS Config. -// -// Returns detailed status for each member account within an organization for -// a given organization config rule. +// GetComplianceDetailsByConfigRule API operation for AWS Config. // -// Only a master account can call this API. +// Returns the evaluation results for the specified AWS Config rule. The results +// indicate which AWS resources were evaluated by the rule, when each resource +// was last evaluated, and whether each resource complies with the rule. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetOrganizationConfigRuleDetailedStatus for usage and error information. +// API operation GetComplianceDetailsByConfigRule for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchOrganizationConfigRuleException "NoSuchOrganizationConfigRuleException" -// You specified one or more organization config rules that do not exist. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. // // * ErrCodeInvalidNextTokenException "InvalidNextTokenException" // The specified next token is invalid. Specify the nextToken string that was // returned in the previous response to get the next page of results. // -// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" -// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess -// API. -// -// For all OrganizationConfigRule APIs, AWS Config throws an exception if APIs -// are called from member accounts. All APIs must be called from organization -// master account. +// * ErrCodeNoSuchConfigRuleException "NoSuchConfigRuleException" +// One or more AWS Config rules in the request are invalid. Verify that the +// rule names are correct and try again. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetOrganizationConfigRuleDetailedStatus -func (c *ConfigService) GetOrganizationConfigRuleDetailedStatus(input *GetOrganizationConfigRuleDetailedStatusInput) (*GetOrganizationConfigRuleDetailedStatusOutput, error) { - req, out := c.GetOrganizationConfigRuleDetailedStatusRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceDetailsByConfigRule +func (c *ConfigService) GetComplianceDetailsByConfigRule(input *GetComplianceDetailsByConfigRuleInput) (*GetComplianceDetailsByConfigRuleOutput, error) { + req, out := c.GetComplianceDetailsByConfigRuleRequest(input) return out, req.Send() } -// GetOrganizationConfigRuleDetailedStatusWithContext is the same as GetOrganizationConfigRuleDetailedStatus with the addition of +// GetComplianceDetailsByConfigRuleWithContext is the same as GetComplianceDetailsByConfigRule with the addition of // the ability to pass a context and additional request options. // -// See GetOrganizationConfigRuleDetailedStatus for details on how to use this API operation. +// See GetComplianceDetailsByConfigRule for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetOrganizationConfigRuleDetailedStatusWithContext(ctx aws.Context, input *GetOrganizationConfigRuleDetailedStatusInput, opts ...request.Option) (*GetOrganizationConfigRuleDetailedStatusOutput, error) { - req, out := c.GetOrganizationConfigRuleDetailedStatusRequest(input) +func (c *ConfigService) GetComplianceDetailsByConfigRuleWithContext(ctx aws.Context, input *GetComplianceDetailsByConfigRuleInput, opts ...request.Option) (*GetComplianceDetailsByConfigRuleOutput, error) { + req, out := c.GetComplianceDetailsByConfigRuleRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetResourceConfigHistory = "GetResourceConfigHistory" +const opGetComplianceDetailsByResource = "GetComplianceDetailsByResource" -// GetResourceConfigHistoryRequest generates a "aws/request.Request" representing the -// client's request for the GetResourceConfigHistory operation. The "output" return +// GetComplianceDetailsByResourceRequest generates a "aws/request.Request" representing the +// client's request for the GetComplianceDetailsByResource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetResourceConfigHistory for more information on using the GetResourceConfigHistory +// See GetComplianceDetailsByResource for more information on using the GetComplianceDetailsByResource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the GetResourceConfigHistoryRequest method. -// req, resp := client.GetResourceConfigHistoryRequest(params) +// // Example sending a request using the GetComplianceDetailsByResourceRequest method. +// req, resp := client.GetComplianceDetailsByResourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetResourceConfigHistory -func (c *ConfigService) GetResourceConfigHistoryRequest(input *GetResourceConfigHistoryInput) (req *request.Request, output *GetResourceConfigHistoryOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceDetailsByResource +func (c *ConfigService) GetComplianceDetailsByResourceRequest(input *GetComplianceDetailsByResourceInput) (req *request.Request, output *GetComplianceDetailsByResourceOutput) { op := &request.Operation{ - Name: opGetResourceConfigHistory, + Name: opGetComplianceDetailsByResource, HTTPMethod: "POST", HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "limit", - TruncationToken: "", - }, } if input == nil { - input = &GetResourceConfigHistoryInput{} + input = &GetComplianceDetailsByResourceInput{} } - output = &GetResourceConfigHistoryOutput{} + output = &GetComplianceDetailsByResourceOutput{} req = c.newRequest(op, input, output) return } -// GetResourceConfigHistory API operation for AWS Config. +// GetComplianceDetailsByResource API operation for AWS Config. // -// Returns a list of configuration items for the specified resource. The list -// contains details about each state of the resource during the specified time -// interval. If you specified a retention period to retain your ConfigurationItems -// between a minimum of 30 days and a maximum of 7 years (2557 days), AWS Config -// returns the ConfigurationItems for the specified retention period. -// -// The response is paginated. By default, AWS Config returns a limit of 10 configuration -// items per page. You can customize this number with the limit parameter. The -// response includes a nextToken string. To get the next page of results, run -// the request again and specify the string for the nextToken parameter. -// -// Each call to the API is limited to span a duration of seven days. It is likely -// that the number of records returned is smaller than the specified limit. -// In such cases, you can make another call, using the nextToken. +// Returns the evaluation results for the specified AWS resource. The results +// indicate which AWS Config rules were used to evaluate the resource, when +// each rule was last used, and whether the resource complies with each rule. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation GetResourceConfigHistory for usage and error information. +// API operation GetComplianceDetailsByResource for usage and error information. // // Returned Error Codes: -// * ErrCodeValidationException "ValidationException" -// The requested action is not valid. -// -// * ErrCodeInvalidTimeRangeException "InvalidTimeRangeException" -// The specified time range is not valid. The earlier time is not chronologically -// before the later time. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. -// -// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" -// The specified next token is invalid. Specify the nextToken string that was -// returned in the previous response to get the next page of results. -// -// * ErrCodeNoAvailableConfigurationRecorderException "NoAvailableConfigurationRecorderException" -// There are no configuration recorders available to provide the role needed -// to describe your resources. Create a configuration recorder. -// -// * ErrCodeResourceNotDiscoveredException "ResourceNotDiscoveredException" -// You have specified a resource that is either unknown or has not been discovered. +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetResourceConfigHistory -func (c *ConfigService) GetResourceConfigHistory(input *GetResourceConfigHistoryInput) (*GetResourceConfigHistoryOutput, error) { - req, out := c.GetResourceConfigHistoryRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceDetailsByResource +func (c *ConfigService) GetComplianceDetailsByResource(input *GetComplianceDetailsByResourceInput) (*GetComplianceDetailsByResourceOutput, error) { + req, out := c.GetComplianceDetailsByResourceRequest(input) return out, req.Send() } -// GetResourceConfigHistoryWithContext is the same as GetResourceConfigHistory with the addition of +// GetComplianceDetailsByResourceWithContext is the same as GetComplianceDetailsByResource with the addition of // the ability to pass a context and additional request options. // -// See GetResourceConfigHistory for details on how to use this API operation. +// See GetComplianceDetailsByResource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) GetResourceConfigHistoryWithContext(ctx aws.Context, input *GetResourceConfigHistoryInput, opts ...request.Option) (*GetResourceConfigHistoryOutput, error) { - req, out := c.GetResourceConfigHistoryRequest(input) +func (c *ConfigService) GetComplianceDetailsByResourceWithContext(ctx aws.Context, input *GetComplianceDetailsByResourceInput, opts ...request.Option) (*GetComplianceDetailsByResourceOutput, error) { + req, out := c.GetComplianceDetailsByResourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// GetResourceConfigHistoryPages iterates over the pages of a GetResourceConfigHistory operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See GetResourceConfigHistory method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a GetResourceConfigHistory operation. -// pageNum := 0 -// err := client.GetResourceConfigHistoryPages(params, -// func(page *configservice.GetResourceConfigHistoryOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -// -func (c *ConfigService) GetResourceConfigHistoryPages(input *GetResourceConfigHistoryInput, fn func(*GetResourceConfigHistoryOutput, bool) bool) error { - return c.GetResourceConfigHistoryPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// GetResourceConfigHistoryPagesWithContext same as GetResourceConfigHistoryPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *ConfigService) GetResourceConfigHistoryPagesWithContext(ctx aws.Context, input *GetResourceConfigHistoryInput, fn func(*GetResourceConfigHistoryOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *GetResourceConfigHistoryInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.GetResourceConfigHistoryRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*GetResourceConfigHistoryOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListAggregateDiscoveredResources = "ListAggregateDiscoveredResources" +const opGetComplianceSummaryByConfigRule = "GetComplianceSummaryByConfigRule" -// ListAggregateDiscoveredResourcesRequest generates a "aws/request.Request" representing the -// client's request for the ListAggregateDiscoveredResources operation. The "output" return +// GetComplianceSummaryByConfigRuleRequest generates a "aws/request.Request" representing the +// client's request for the GetComplianceSummaryByConfigRule operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListAggregateDiscoveredResources for more information on using the ListAggregateDiscoveredResources +// See GetComplianceSummaryByConfigRule for more information on using the GetComplianceSummaryByConfigRule // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the ListAggregateDiscoveredResourcesRequest method. -// req, resp := client.ListAggregateDiscoveredResourcesRequest(params) +// // Example sending a request using the GetComplianceSummaryByConfigRuleRequest method. +// req, resp := client.GetComplianceSummaryByConfigRuleRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListAggregateDiscoveredResources -func (c *ConfigService) ListAggregateDiscoveredResourcesRequest(input *ListAggregateDiscoveredResourcesInput) (req *request.Request, output *ListAggregateDiscoveredResourcesOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceSummaryByConfigRule +func (c *ConfigService) GetComplianceSummaryByConfigRuleRequest(input *GetComplianceSummaryByConfigRuleInput) (req *request.Request, output *GetComplianceSummaryByConfigRuleOutput) { op := &request.Operation{ - Name: opListAggregateDiscoveredResources, + Name: opGetComplianceSummaryByConfigRule, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &ListAggregateDiscoveredResourcesInput{} + input = &GetComplianceSummaryByConfigRuleInput{} } - output = &ListAggregateDiscoveredResourcesOutput{} + output = &GetComplianceSummaryByConfigRuleOutput{} req = c.newRequest(op, input, output) return } -// ListAggregateDiscoveredResources API operation for AWS Config. -// -// Accepts a resource type and returns a list of resource identifiers that are -// aggregated for a specific resource type across accounts and regions. A resource -// identifier includes the resource type, ID, (if available) the custom resource -// name, source account, and source region. You can narrow the results to include -// only resources that have specific resource IDs, or a resource name, or source -// account ID, or source region. +// GetComplianceSummaryByConfigRule API operation for AWS Config. // -// For example, if the input consists of accountID 12345678910 and the region -// is us-east-1 for resource type AWS::EC2::Instance then the API returns all -// the EC2 instance identifiers of accountID 12345678910 and region us-east-1. +// Returns the number of AWS Config rules that are compliant and noncompliant, +// up to a maximum of 25 for each. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation ListAggregateDiscoveredResources for usage and error information. -// -// Returned Error Codes: -// * ErrCodeValidationException "ValidationException" -// The requested action is not valid. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. -// -// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" -// The specified next token is invalid. Specify the nextToken string that was -// returned in the previous response to get the next page of results. -// -// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" -// You have specified a configuration aggregator that does not exist. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListAggregateDiscoveredResources -func (c *ConfigService) ListAggregateDiscoveredResources(input *ListAggregateDiscoveredResourcesInput) (*ListAggregateDiscoveredResourcesOutput, error) { - req, out := c.ListAggregateDiscoveredResourcesRequest(input) +// API operation GetComplianceSummaryByConfigRule for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceSummaryByConfigRule +func (c *ConfigService) GetComplianceSummaryByConfigRule(input *GetComplianceSummaryByConfigRuleInput) (*GetComplianceSummaryByConfigRuleOutput, error) { + req, out := c.GetComplianceSummaryByConfigRuleRequest(input) return out, req.Send() } -// ListAggregateDiscoveredResourcesWithContext is the same as ListAggregateDiscoveredResources with the addition of +// GetComplianceSummaryByConfigRuleWithContext is the same as GetComplianceSummaryByConfigRule with the addition of // the ability to pass a context and additional request options. // -// See ListAggregateDiscoveredResources for details on how to use this API operation. +// See GetComplianceSummaryByConfigRule for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) ListAggregateDiscoveredResourcesWithContext(ctx aws.Context, input *ListAggregateDiscoveredResourcesInput, opts ...request.Option) (*ListAggregateDiscoveredResourcesOutput, error) { - req, out := c.ListAggregateDiscoveredResourcesRequest(input) +func (c *ConfigService) GetComplianceSummaryByConfigRuleWithContext(ctx aws.Context, input *GetComplianceSummaryByConfigRuleInput, opts ...request.Option) (*GetComplianceSummaryByConfigRuleOutput, error) { + req, out := c.GetComplianceSummaryByConfigRuleRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opListDiscoveredResources = "ListDiscoveredResources" +const opGetComplianceSummaryByResourceType = "GetComplianceSummaryByResourceType" -// ListDiscoveredResourcesRequest generates a "aws/request.Request" representing the -// client's request for the ListDiscoveredResources operation. The "output" return +// GetComplianceSummaryByResourceTypeRequest generates a "aws/request.Request" representing the +// client's request for the GetComplianceSummaryByResourceType operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListDiscoveredResources for more information on using the ListDiscoveredResources +// See GetComplianceSummaryByResourceType for more information on using the GetComplianceSummaryByResourceType // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the ListDiscoveredResourcesRequest method. -// req, resp := client.ListDiscoveredResourcesRequest(params) +// // Example sending a request using the GetComplianceSummaryByResourceTypeRequest method. +// req, resp := client.GetComplianceSummaryByResourceTypeRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListDiscoveredResources -func (c *ConfigService) ListDiscoveredResourcesRequest(input *ListDiscoveredResourcesInput) (req *request.Request, output *ListDiscoveredResourcesOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceSummaryByResourceType +func (c *ConfigService) GetComplianceSummaryByResourceTypeRequest(input *GetComplianceSummaryByResourceTypeInput) (req *request.Request, output *GetComplianceSummaryByResourceTypeOutput) { op := &request.Operation{ - Name: opListDiscoveredResources, + Name: opGetComplianceSummaryByResourceType, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &ListDiscoveredResourcesInput{} + input = &GetComplianceSummaryByResourceTypeInput{} } - output = &ListDiscoveredResourcesOutput{} + output = &GetComplianceSummaryByResourceTypeOutput{} req = c.newRequest(op, input, output) return } -// ListDiscoveredResources API operation for AWS Config. -// -// Accepts a resource type and returns a list of resource identifiers for the -// resources of that type. A resource identifier includes the resource type, -// ID, and (if available) the custom resource name. The results consist of resources -// that AWS Config has discovered, including those that AWS Config is not currently -// recording. You can narrow the results to include only resources that have -// specific resource IDs or a resource name. -// -// You can specify either resource IDs or a resource name, but not both, in -// the same request. +// GetComplianceSummaryByResourceType API operation for AWS Config. // -// The response is paginated. By default, AWS Config lists 100 resource identifiers -// on each page. You can customize this number with the limit parameter. The -// response includes a nextToken string. To get the next page of results, run -// the request again and specify the string for the nextToken parameter. +// Returns the number of resources that are compliant and the number that are +// noncompliant. You can specify one or more resource types to get these numbers +// for each resource type. The maximum number returned is 100. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation ListDiscoveredResources for usage and error information. +// API operation GetComplianceSummaryByResourceType for usage and error information. // // Returned Error Codes: -// * ErrCodeValidationException "ValidationException" -// The requested action is not valid. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. -// -// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" -// The specified next token is invalid. Specify the nextToken string that was -// returned in the previous response to get the next page of results. -// -// * ErrCodeNoAvailableConfigurationRecorderException "NoAvailableConfigurationRecorderException" -// There are no configuration recorders available to provide the role needed -// to describe your resources. Create a configuration recorder. +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListDiscoveredResources -func (c *ConfigService) ListDiscoveredResources(input *ListDiscoveredResourcesInput) (*ListDiscoveredResourcesOutput, error) { - req, out := c.ListDiscoveredResourcesRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetComplianceSummaryByResourceType +func (c *ConfigService) GetComplianceSummaryByResourceType(input *GetComplianceSummaryByResourceTypeInput) (*GetComplianceSummaryByResourceTypeOutput, error) { + req, out := c.GetComplianceSummaryByResourceTypeRequest(input) return out, req.Send() } -// ListDiscoveredResourcesWithContext is the same as ListDiscoveredResources with the addition of +// GetComplianceSummaryByResourceTypeWithContext is the same as GetComplianceSummaryByResourceType with the addition of // the ability to pass a context and additional request options. // -// See ListDiscoveredResources for details on how to use this API operation. +// See GetComplianceSummaryByResourceType for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) ListDiscoveredResourcesWithContext(ctx aws.Context, input *ListDiscoveredResourcesInput, opts ...request.Option) (*ListDiscoveredResourcesOutput, error) { - req, out := c.ListDiscoveredResourcesRequest(input) +func (c *ConfigService) GetComplianceSummaryByResourceTypeWithContext(ctx aws.Context, input *GetComplianceSummaryByResourceTypeInput, opts ...request.Option) (*GetComplianceSummaryByResourceTypeOutput, error) { + req, out := c.GetComplianceSummaryByResourceTypeRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opListTagsForResource = "ListTagsForResource" +const opGetConformancePackComplianceDetails = "GetConformancePackComplianceDetails" -// ListTagsForResourceRequest generates a "aws/request.Request" representing the -// client's request for the ListTagsForResource operation. The "output" return +// GetConformancePackComplianceDetailsRequest generates a "aws/request.Request" representing the +// client's request for the GetConformancePackComplianceDetails operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListTagsForResource for more information on using the ListTagsForResource +// See GetConformancePackComplianceDetails for more information on using the GetConformancePackComplianceDetails // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the ListTagsForResourceRequest method. -// req, resp := client.ListTagsForResourceRequest(params) +// // Example sending a request using the GetConformancePackComplianceDetailsRequest method. +// req, resp := client.GetConformancePackComplianceDetailsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListTagsForResource -func (c *ConfigService) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetConformancePackComplianceDetails +func (c *ConfigService) GetConformancePackComplianceDetailsRequest(input *GetConformancePackComplianceDetailsInput) (req *request.Request, output *GetConformancePackComplianceDetailsOutput) { op := &request.Operation{ - Name: opListTagsForResource, + Name: opGetConformancePackComplianceDetails, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &ListTagsForResourceInput{} + input = &GetConformancePackComplianceDetailsInput{} } - output = &ListTagsForResourceOutput{} + output = &GetConformancePackComplianceDetailsOutput{} req = c.newRequest(op, input, output) return } -// ListTagsForResource API operation for AWS Config. +// GetConformancePackComplianceDetails API operation for AWS Config. // -// List the tags for AWS Config resource. +// Returns compliance details of a conformance pack for all AWS resources that +// are monitered by conformance pack. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation ListTagsForResource for usage and error information. +// API operation GetConformancePackComplianceDetails for usage and error information. // // Returned Error Codes: -// * ErrCodeResourceNotFoundException "ResourceNotFoundException" -// You have specified a resource that does not exist. -// -// * ErrCodeValidationException "ValidationException" -// The requested action is not valid. -// -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // // * ErrCodeInvalidNextTokenException "InvalidNextTokenException" // The specified next token is invalid. Specify the nextToken string that was // returned in the previous response to get the next page of results. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListTagsForResource -func (c *ConfigService) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +// * ErrCodeNoSuchConformancePackException "NoSuchConformancePackException" +// You specified one or more conformance packs that do not exist. +// +// * ErrCodeNoSuchConfigRuleInConformancePackException "NoSuchConfigRuleInConformancePackException" +// AWS Config rule that you passed in the filter does not exist. +// +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetConformancePackComplianceDetails +func (c *ConfigService) GetConformancePackComplianceDetails(input *GetConformancePackComplianceDetailsInput) (*GetConformancePackComplianceDetailsOutput, error) { + req, out := c.GetConformancePackComplianceDetailsRequest(input) return out, req.Send() } -// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of +// GetConformancePackComplianceDetailsWithContext is the same as GetConformancePackComplianceDetails with the addition of // the ability to pass a context and additional request options. // -// See ListTagsForResource for details on how to use this API operation. +// See GetConformancePackComplianceDetails for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +func (c *ConfigService) GetConformancePackComplianceDetailsWithContext(ctx aws.Context, input *GetConformancePackComplianceDetailsInput, opts ...request.Option) (*GetConformancePackComplianceDetailsOutput, error) { + req, out := c.GetConformancePackComplianceDetailsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutAggregationAuthorization = "PutAggregationAuthorization" +const opGetConformancePackComplianceSummary = "GetConformancePackComplianceSummary" -// PutAggregationAuthorizationRequest generates a "aws/request.Request" representing the -// client's request for the PutAggregationAuthorization operation. The "output" return +// GetConformancePackComplianceSummaryRequest generates a "aws/request.Request" representing the +// client's request for the GetConformancePackComplianceSummary operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutAggregationAuthorization for more information on using the PutAggregationAuthorization +// See GetConformancePackComplianceSummary for more information on using the GetConformancePackComplianceSummary // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutAggregationAuthorizationRequest method. -// req, resp := client.PutAggregationAuthorizationRequest(params) +// // Example sending a request using the GetConformancePackComplianceSummaryRequest method. +// req, resp := client.GetConformancePackComplianceSummaryRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutAggregationAuthorization -func (c *ConfigService) PutAggregationAuthorizationRequest(input *PutAggregationAuthorizationInput) (req *request.Request, output *PutAggregationAuthorizationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetConformancePackComplianceSummary +func (c *ConfigService) GetConformancePackComplianceSummaryRequest(input *GetConformancePackComplianceSummaryInput) (req *request.Request, output *GetConformancePackComplianceSummaryOutput) { op := &request.Operation{ - Name: opPutAggregationAuthorization, + Name: opGetConformancePackComplianceSummary, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutAggregationAuthorizationInput{} + input = &GetConformancePackComplianceSummaryInput{} } - output = &PutAggregationAuthorizationOutput{} + output = &GetConformancePackComplianceSummaryOutput{} req = c.newRequest(op, input, output) return } -// PutAggregationAuthorization API operation for AWS Config. -// -// Authorizes the aggregator account and region to collect data from the source -// account and region. +// GetConformancePackComplianceSummary API operation for AWS Config. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutAggregationAuthorization for usage and error information. +// API operation GetConformancePackComplianceSummary for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. +// * ErrCodeNoSuchConformancePackException "NoSuchConformancePackException" +// You specified one or more conformance packs that do not exist. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutAggregationAuthorization -func (c *ConfigService) PutAggregationAuthorization(input *PutAggregationAuthorizationInput) (*PutAggregationAuthorizationOutput, error) { - req, out := c.PutAggregationAuthorizationRequest(input) +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. +// +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetConformancePackComplianceSummary +func (c *ConfigService) GetConformancePackComplianceSummary(input *GetConformancePackComplianceSummaryInput) (*GetConformancePackComplianceSummaryOutput, error) { + req, out := c.GetConformancePackComplianceSummaryRequest(input) return out, req.Send() } -// PutAggregationAuthorizationWithContext is the same as PutAggregationAuthorization with the addition of +// GetConformancePackComplianceSummaryWithContext is the same as GetConformancePackComplianceSummary with the addition of // the ability to pass a context and additional request options. // -// See PutAggregationAuthorization for details on how to use this API operation. +// See GetConformancePackComplianceSummary for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutAggregationAuthorizationWithContext(ctx aws.Context, input *PutAggregationAuthorizationInput, opts ...request.Option) (*PutAggregationAuthorizationOutput, error) { - req, out := c.PutAggregationAuthorizationRequest(input) +func (c *ConfigService) GetConformancePackComplianceSummaryWithContext(ctx aws.Context, input *GetConformancePackComplianceSummaryInput, opts ...request.Option) (*GetConformancePackComplianceSummaryOutput, error) { + req, out := c.GetConformancePackComplianceSummaryRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutConfigRule = "PutConfigRule" +const opGetDiscoveredResourceCounts = "GetDiscoveredResourceCounts" -// PutConfigRuleRequest generates a "aws/request.Request" representing the -// client's request for the PutConfigRule operation. The "output" return +// GetDiscoveredResourceCountsRequest generates a "aws/request.Request" representing the +// client's request for the GetDiscoveredResourceCounts operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutConfigRule for more information on using the PutConfigRule +// See GetDiscoveredResourceCounts for more information on using the GetDiscoveredResourceCounts // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutConfigRuleRequest method. -// req, resp := client.PutConfigRuleRequest(params) +// // Example sending a request using the GetDiscoveredResourceCountsRequest method. +// req, resp := client.GetDiscoveredResourceCountsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigRule -func (c *ConfigService) PutConfigRuleRequest(input *PutConfigRuleInput) (req *request.Request, output *PutConfigRuleOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetDiscoveredResourceCounts +func (c *ConfigService) GetDiscoveredResourceCountsRequest(input *GetDiscoveredResourceCountsInput) (req *request.Request, output *GetDiscoveredResourceCountsOutput) { op := &request.Operation{ - Name: opPutConfigRule, + Name: opGetDiscoveredResourceCounts, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutConfigRuleInput{} + input = &GetDiscoveredResourceCountsInput{} } - output = &PutConfigRuleOutput{} + output = &GetDiscoveredResourceCountsOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// PutConfigRule API operation for AWS Config. +// GetDiscoveredResourceCounts API operation for AWS Config. // -// Adds or updates an AWS Config rule for evaluating whether your AWS resources -// comply with your desired configurations. +// Returns the resource types, the number of each resource type, and the total +// number of resources that AWS Config is recording in this region for your +// AWS account. // -// You can use this action for custom AWS Config rules and AWS managed Config -// rules. A custom AWS Config rule is a rule that you develop and maintain. -// An AWS managed Config rule is a customizable, predefined rule that AWS Config -// provides. +// Example // -// If you are adding a new custom AWS Config rule, you must first create the -// AWS Lambda function that the rule invokes to evaluate your resources. When -// you use the PutConfigRule action to add the rule to AWS Config, you must -// specify the Amazon Resource Name (ARN) that AWS Lambda assigns to the function. -// Specify the ARN for the SourceIdentifier key. This key is part of the Source -// object, which is part of the ConfigRule object. +// AWS Config is recording three resource types in the US East (Ohio) Region +// for your account: 25 EC2 instances, 20 IAM users, and 15 S3 buckets. // -// If you are adding an AWS managed Config rule, specify the rule's identifier -// for the SourceIdentifier key. To reference AWS managed Config rule identifiers, -// see About AWS Managed Config Rules (https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). +// You make a call to the GetDiscoveredResourceCounts action and specify that +// you want all resource types. // -// For any new rule that you add, specify the ConfigRuleName in the ConfigRule -// object. Do not specify the ConfigRuleArn or the ConfigRuleId. These values -// are generated by AWS Config for new rules. +// AWS Config returns the following: // -// If you are updating a rule that you added previously, you can specify the -// rule by ConfigRuleName, ConfigRuleId, or ConfigRuleArn in the ConfigRule -// data type that you use in this request. +// * The resource types (EC2 instances, IAM users, and S3 buckets). // -// The maximum number of rules that AWS Config supports is 150. +// * The number of each resource type (25, 20, and 15). // -// For information about requesting a rule limit increase, see AWS Config Limits -// (http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_config) -// in the AWS General Reference Guide. +// * The total number of all resources (60). // -// For more information about developing and using AWS Config rules, see Evaluating -// AWS Resource Configurations with AWS Config (https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html) -// in the AWS Config Developer Guide. +// The response is paginated. By default, AWS Config lists 100 ResourceCount +// objects on each page. You can customize this number with the limit parameter. +// The response includes a nextToken string. To get the next page of results, +// run the request again and specify the string for the nextToken parameter. +// +// If you make a call to the GetDiscoveredResourceCounts action, you might not +// immediately receive resource counts in the following situations: +// +// * You are a new AWS Config customer. +// +// * You just enabled resource recording. +// +// It might take a few minutes for AWS Config to record and count your resources. +// Wait a few minutes and then retry the GetDiscoveredResourceCounts action. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutConfigRule for usage and error information. +// API operation GetDiscoveredResourceCounts for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. -// -// * ErrCodeMaxNumberOfConfigRulesExceededException "MaxNumberOfConfigRulesExceededException" -// Failed to add the AWS Config rule because the account already contains the -// maximum number of 150 rules. Consider deleting any deactivated rules before -// you add new rules. -// -// * ErrCodeResourceInUseException "ResourceInUseException" -// You see this exception in the following cases: -// -// * For DeleteConfigRule API, AWS Config is deleting this rule. Try your -// request again later. -// -// * For DeleteConfigRule API, the rule is deleting your evaluation results. -// Try your request again later. -// -// * For DeleteConfigRule API, a remediation action is associated with the -// rule and AWS Config cannot delete this rule. Delete the remediation action -// associated with the rule before deleting the rule and try your request -// again later. -// -// * For PutConfigOrganizationRule, organization config rule deletion is -// in progress. Try your request again later. -// -// * For DeleteOrganizationConfigRule, organization config rule creation -// is in progress. Try your request again later. -// -// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" -// Indicates one of the following errors: -// -// * For PutConfigRule, the rule cannot be created because the IAM role assigned -// to AWS Config lacks permissions to perform the config:Put* action. -// -// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check -// the function ARN, and check the function's permissions. +// * ErrCodeValidationException "ValidationException" +// The requested action is not valid. // -// * For OrganizationConfigRule, organization config rule cannot be created -// because you do not have permissions to call IAM GetRole action or create -// service linked role. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// * ErrCodeNoAvailableConfigurationRecorderException "NoAvailableConfigurationRecorderException" -// There are no configuration recorders available to provide the role needed -// to describe your resources. Create a configuration recorder. +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigRule -func (c *ConfigService) PutConfigRule(input *PutConfigRuleInput) (*PutConfigRuleOutput, error) { - req, out := c.PutConfigRuleRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetDiscoveredResourceCounts +func (c *ConfigService) GetDiscoveredResourceCounts(input *GetDiscoveredResourceCountsInput) (*GetDiscoveredResourceCountsOutput, error) { + req, out := c.GetDiscoveredResourceCountsRequest(input) return out, req.Send() } -// PutConfigRuleWithContext is the same as PutConfigRule with the addition of +// GetDiscoveredResourceCountsWithContext is the same as GetDiscoveredResourceCounts with the addition of // the ability to pass a context and additional request options. // -// See PutConfigRule for details on how to use this API operation. +// See GetDiscoveredResourceCounts for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutConfigRuleWithContext(ctx aws.Context, input *PutConfigRuleInput, opts ...request.Option) (*PutConfigRuleOutput, error) { - req, out := c.PutConfigRuleRequest(input) +func (c *ConfigService) GetDiscoveredResourceCountsWithContext(ctx aws.Context, input *GetDiscoveredResourceCountsInput, opts ...request.Option) (*GetDiscoveredResourceCountsOutput, error) { + req, out := c.GetDiscoveredResourceCountsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutConfigurationAggregator = "PutConfigurationAggregator" +const opGetOrganizationConfigRuleDetailedStatus = "GetOrganizationConfigRuleDetailedStatus" -// PutConfigurationAggregatorRequest generates a "aws/request.Request" representing the -// client's request for the PutConfigurationAggregator operation. The "output" return +// GetOrganizationConfigRuleDetailedStatusRequest generates a "aws/request.Request" representing the +// client's request for the GetOrganizationConfigRuleDetailedStatus operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutConfigurationAggregator for more information on using the PutConfigurationAggregator +// See GetOrganizationConfigRuleDetailedStatus for more information on using the GetOrganizationConfigRuleDetailedStatus // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutConfigurationAggregatorRequest method. -// req, resp := client.PutConfigurationAggregatorRequest(params) +// // Example sending a request using the GetOrganizationConfigRuleDetailedStatusRequest method. +// req, resp := client.GetOrganizationConfigRuleDetailedStatusRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigurationAggregator -func (c *ConfigService) PutConfigurationAggregatorRequest(input *PutConfigurationAggregatorInput) (req *request.Request, output *PutConfigurationAggregatorOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetOrganizationConfigRuleDetailedStatus +func (c *ConfigService) GetOrganizationConfigRuleDetailedStatusRequest(input *GetOrganizationConfigRuleDetailedStatusInput) (req *request.Request, output *GetOrganizationConfigRuleDetailedStatusOutput) { op := &request.Operation{ - Name: opPutConfigurationAggregator, + Name: opGetOrganizationConfigRuleDetailedStatus, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutConfigurationAggregatorInput{} + input = &GetOrganizationConfigRuleDetailedStatusInput{} } - output = &PutConfigurationAggregatorOutput{} + output = &GetOrganizationConfigRuleDetailedStatusOutput{} req = c.newRequest(op, input, output) return } -// PutConfigurationAggregator API operation for AWS Config. -// -// Creates and updates the configuration aggregator with the selected source -// accounts and regions. The source account can be individual account(s) or -// an organization. +// GetOrganizationConfigRuleDetailedStatus API operation for AWS Config. // -// AWS Config should be enabled in source accounts and regions you want to aggregate. +// Returns detailed status for each member account within an organization for +// a given organization config rule. // -// If your source type is an organization, you must be signed in to the master -// account and all features must be enabled in your organization. AWS Config -// calls EnableAwsServiceAccess API to enable integration between AWS Config -// and AWS Organizations. +// Only a master account can call this API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutConfigurationAggregator for usage and error information. +// API operation GetOrganizationConfigRuleDetailedStatus for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. -// -// * ErrCodeLimitExceededException "LimitExceededException" -// For StartConfigRulesEvaluation API, this exception is thrown if an evaluation -// is in progress or if you call the StartConfigRulesEvaluation API more than -// once per minute. +// * ErrCodeNoSuchOrganizationConfigRuleException "NoSuchOrganizationConfigRuleException" +// You specified one or more organization config rules that do not exist. // -// For PutConfigurationAggregator API, this exception is thrown if the number -// of accounts and aggregators exceeds the limit. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// * ErrCodeInvalidRoleException "InvalidRoleException" -// You have provided a null or empty role ARN. +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. // // * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" // For PutConfigAggregator API, no permission to call EnableAWSServiceAccess // API. // -// For all OrganizationConfigRule APIs, AWS Config throws an exception if APIs -// are called from member accounts. All APIs must be called from organization -// master account. -// -// * ErrCodeNoAvailableOrganizationException "NoAvailableOrganizationException" -// Organization is no longer available. -// -// * ErrCodeOrganizationAllFeaturesNotEnabledException "OrganizationAllFeaturesNotEnabledException" -// AWS Config resource cannot be created because your organization does not -// have all features enabled. +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigurationAggregator -func (c *ConfigService) PutConfigurationAggregator(input *PutConfigurationAggregatorInput) (*PutConfigurationAggregatorOutput, error) { - req, out := c.PutConfigurationAggregatorRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetOrganizationConfigRuleDetailedStatus +func (c *ConfigService) GetOrganizationConfigRuleDetailedStatus(input *GetOrganizationConfigRuleDetailedStatusInput) (*GetOrganizationConfigRuleDetailedStatusOutput, error) { + req, out := c.GetOrganizationConfigRuleDetailedStatusRequest(input) return out, req.Send() } -// PutConfigurationAggregatorWithContext is the same as PutConfigurationAggregator with the addition of +// GetOrganizationConfigRuleDetailedStatusWithContext is the same as GetOrganizationConfigRuleDetailedStatus with the addition of // the ability to pass a context and additional request options. // -// See PutConfigurationAggregator for details on how to use this API operation. +// See GetOrganizationConfigRuleDetailedStatus for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutConfigurationAggregatorWithContext(ctx aws.Context, input *PutConfigurationAggregatorInput, opts ...request.Option) (*PutConfigurationAggregatorOutput, error) { - req, out := c.PutConfigurationAggregatorRequest(input) +func (c *ConfigService) GetOrganizationConfigRuleDetailedStatusWithContext(ctx aws.Context, input *GetOrganizationConfigRuleDetailedStatusInput, opts ...request.Option) (*GetOrganizationConfigRuleDetailedStatusOutput, error) { + req, out := c.GetOrganizationConfigRuleDetailedStatusRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutConfigurationRecorder = "PutConfigurationRecorder" +const opGetOrganizationConformancePackDetailedStatus = "GetOrganizationConformancePackDetailedStatus" -// PutConfigurationRecorderRequest generates a "aws/request.Request" representing the -// client's request for the PutConfigurationRecorder operation. The "output" return +// GetOrganizationConformancePackDetailedStatusRequest generates a "aws/request.Request" representing the +// client's request for the GetOrganizationConformancePackDetailedStatus operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutConfigurationRecorder for more information on using the PutConfigurationRecorder +// See GetOrganizationConformancePackDetailedStatus for more information on using the GetOrganizationConformancePackDetailedStatus // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutConfigurationRecorderRequest method. -// req, resp := client.PutConfigurationRecorderRequest(params) +// // Example sending a request using the GetOrganizationConformancePackDetailedStatusRequest method. +// req, resp := client.GetOrganizationConformancePackDetailedStatusRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigurationRecorder -func (c *ConfigService) PutConfigurationRecorderRequest(input *PutConfigurationRecorderInput) (req *request.Request, output *PutConfigurationRecorderOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetOrganizationConformancePackDetailedStatus +func (c *ConfigService) GetOrganizationConformancePackDetailedStatusRequest(input *GetOrganizationConformancePackDetailedStatusInput) (req *request.Request, output *GetOrganizationConformancePackDetailedStatusOutput) { op := &request.Operation{ - Name: opPutConfigurationRecorder, + Name: opGetOrganizationConformancePackDetailedStatus, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutConfigurationRecorderInput{} + input = &GetOrganizationConformancePackDetailedStatusInput{} } - output = &PutConfigurationRecorderOutput{} + output = &GetOrganizationConformancePackDetailedStatusOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// PutConfigurationRecorder API operation for AWS Config. -// -// Creates a new configuration recorder to record the selected resource configurations. -// -// You can use this action to change the role roleARN or the recordingGroup -// of an existing recorder. To change the role, call the action on the existing -// configuration recorder and specify a role. +// GetOrganizationConformancePackDetailedStatus API operation for AWS Config. // -// Currently, you can specify only one configuration recorder per region in -// your account. +// Returns detailed status for each member account within an organization for +// a given organization conformance pack. // -// If ConfigurationRecorder does not have the recordingGroup parameter specified, -// the default is to record all supported resource types. +// Only a master account can call this API. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutConfigurationRecorder for usage and error information. +// API operation GetOrganizationConformancePackDetailedStatus for usage and error information. // // Returned Error Codes: -// * ErrCodeMaxNumberOfConfigurationRecordersExceededException "MaxNumberOfConfigurationRecordersExceededException" -// You have reached the limit of the number of recorders you can create. +// * ErrCodeNoSuchOrganizationConformancePackException "NoSuchOrganizationConformancePackException" +// AWS Config organization conformance pack that you passed in the filter does +// not exist. // -// * ErrCodeInvalidConfigurationRecorderNameException "InvalidConfigurationRecorderNameException" -// You have provided a configuration recorder name that is not valid. +// For DeleteOrganizationConformancePack, you tried to delete an organization +// conformance pack that does not exist. // -// * ErrCodeInvalidRoleException "InvalidRoleException" -// You have provided a null or empty role ARN. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// * ErrCodeInvalidRecordingGroupException "InvalidRecordingGroupException" -// AWS Config throws an exception if the recording group does not contain a -// valid list of resource types. Invalid values might also be incorrectly formatted. +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigurationRecorder -func (c *ConfigService) PutConfigurationRecorder(input *PutConfigurationRecorderInput) (*PutConfigurationRecorderOutput, error) { - req, out := c.PutConfigurationRecorderRequest(input) +// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" +// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess +// API. +// +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetOrganizationConformancePackDetailedStatus +func (c *ConfigService) GetOrganizationConformancePackDetailedStatus(input *GetOrganizationConformancePackDetailedStatusInput) (*GetOrganizationConformancePackDetailedStatusOutput, error) { + req, out := c.GetOrganizationConformancePackDetailedStatusRequest(input) return out, req.Send() } -// PutConfigurationRecorderWithContext is the same as PutConfigurationRecorder with the addition of +// GetOrganizationConformancePackDetailedStatusWithContext is the same as GetOrganizationConformancePackDetailedStatus with the addition of // the ability to pass a context and additional request options. // -// See PutConfigurationRecorder for details on how to use this API operation. +// See GetOrganizationConformancePackDetailedStatus for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutConfigurationRecorderWithContext(ctx aws.Context, input *PutConfigurationRecorderInput, opts ...request.Option) (*PutConfigurationRecorderOutput, error) { - req, out := c.PutConfigurationRecorderRequest(input) +func (c *ConfigService) GetOrganizationConformancePackDetailedStatusWithContext(ctx aws.Context, input *GetOrganizationConformancePackDetailedStatusInput, opts ...request.Option) (*GetOrganizationConformancePackDetailedStatusOutput, error) { + req, out := c.GetOrganizationConformancePackDetailedStatusRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutDeliveryChannel = "PutDeliveryChannel" +const opGetResourceConfigHistory = "GetResourceConfigHistory" -// PutDeliveryChannelRequest generates a "aws/request.Request" representing the -// client's request for the PutDeliveryChannel operation. The "output" return +// GetResourceConfigHistoryRequest generates a "aws/request.Request" representing the +// client's request for the GetResourceConfigHistory operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutDeliveryChannel for more information on using the PutDeliveryChannel +// See GetResourceConfigHistory for more information on using the GetResourceConfigHistory // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutDeliveryChannelRequest method. -// req, resp := client.PutDeliveryChannelRequest(params) +// // Example sending a request using the GetResourceConfigHistoryRequest method. +// req, resp := client.GetResourceConfigHistoryRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutDeliveryChannel -func (c *ConfigService) PutDeliveryChannelRequest(input *PutDeliveryChannelInput) (req *request.Request, output *PutDeliveryChannelOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetResourceConfigHistory +func (c *ConfigService) GetResourceConfigHistoryRequest(input *GetResourceConfigHistoryInput) (req *request.Request, output *GetResourceConfigHistoryOutput) { op := &request.Operation{ - Name: opPutDeliveryChannel, + Name: opGetResourceConfigHistory, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "limit", + TruncationToken: "", + }, } if input == nil { - input = &PutDeliveryChannelInput{} + input = &GetResourceConfigHistoryInput{} } - output = &PutDeliveryChannelOutput{} + output = &GetResourceConfigHistoryOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// PutDeliveryChannel API operation for AWS Config. -// -// Creates a delivery channel object to deliver configuration information to -// an Amazon S3 bucket and Amazon SNS topic. +// GetResourceConfigHistory API operation for AWS Config. // -// Before you can create a delivery channel, you must create a configuration -// recorder. +// Returns a list of configuration items for the specified resource. The list +// contains details about each state of the resource during the specified time +// interval. If you specified a retention period to retain your ConfigurationItems +// between a minimum of 30 days and a maximum of 7 years (2557 days), AWS Config +// returns the ConfigurationItems for the specified retention period. // -// You can use this action to change the Amazon S3 bucket or an Amazon SNS topic -// of the existing delivery channel. To change the Amazon S3 bucket or an Amazon -// SNS topic, call this action and specify the changed values for the S3 bucket -// and the SNS topic. If you specify a different value for either the S3 bucket -// or the SNS topic, this action will keep the existing value for the parameter -// that is not changed. +// The response is paginated. By default, AWS Config returns a limit of 10 configuration +// items per page. You can customize this number with the limit parameter. The +// response includes a nextToken string. To get the next page of results, run +// the request again and specify the string for the nextToken parameter. // -// You can have only one delivery channel per region in your account. +// Each call to the API is limited to span a duration of seven days. It is likely +// that the number of records returned is smaller than the specified limit. +// In such cases, you can make another call, using the nextToken. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutDeliveryChannel for usage and error information. +// API operation GetResourceConfigHistory for usage and error information. // // Returned Error Codes: -// * ErrCodeMaxNumberOfDeliveryChannelsExceededException "MaxNumberOfDeliveryChannelsExceededException" -// You have reached the limit of the number of delivery channels you can create. -// -// * ErrCodeNoAvailableConfigurationRecorderException "NoAvailableConfigurationRecorderException" -// There are no configuration recorders available to provide the role needed -// to describe your resources. Create a configuration recorder. +// * ErrCodeValidationException "ValidationException" +// The requested action is not valid. // -// * ErrCodeInvalidDeliveryChannelNameException "InvalidDeliveryChannelNameException" -// The specified delivery channel name is not valid. +// * ErrCodeInvalidTimeRangeException "InvalidTimeRangeException" +// The specified time range is not valid. The earlier time is not chronologically +// before the later time. // -// * ErrCodeNoSuchBucketException "NoSuchBucketException" -// The specified Amazon S3 bucket does not exist. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// * ErrCodeInvalidS3KeyPrefixException "InvalidS3KeyPrefixException" -// The specified Amazon S3 key prefix is not valid. +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. // -// * ErrCodeInvalidSNSTopicARNException "InvalidSNSTopicARNException" -// The specified Amazon SNS topic does not exist. +// * ErrCodeNoAvailableConfigurationRecorderException "NoAvailableConfigurationRecorderException" +// There are no configuration recorders available to provide the role needed +// to describe your resources. Create a configuration recorder. // -// * ErrCodeInsufficientDeliveryPolicyException "InsufficientDeliveryPolicyException" -// Your Amazon S3 bucket policy does not permit AWS Config to write to it. +// * ErrCodeResourceNotDiscoveredException "ResourceNotDiscoveredException" +// You have specified a resource that is either unknown or has not been discovered. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutDeliveryChannel -func (c *ConfigService) PutDeliveryChannel(input *PutDeliveryChannelInput) (*PutDeliveryChannelOutput, error) { - req, out := c.PutDeliveryChannelRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/GetResourceConfigHistory +func (c *ConfigService) GetResourceConfigHistory(input *GetResourceConfigHistoryInput) (*GetResourceConfigHistoryOutput, error) { + req, out := c.GetResourceConfigHistoryRequest(input) return out, req.Send() } -// PutDeliveryChannelWithContext is the same as PutDeliveryChannel with the addition of +// GetResourceConfigHistoryWithContext is the same as GetResourceConfigHistory with the addition of // the ability to pass a context and additional request options. // -// See PutDeliveryChannel for details on how to use this API operation. +// See GetResourceConfigHistory for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutDeliveryChannelWithContext(ctx aws.Context, input *PutDeliveryChannelInput, opts ...request.Option) (*PutDeliveryChannelOutput, error) { - req, out := c.PutDeliveryChannelRequest(input) +func (c *ConfigService) GetResourceConfigHistoryWithContext(ctx aws.Context, input *GetResourceConfigHistoryInput, opts ...request.Option) (*GetResourceConfigHistoryOutput, error) { + req, out := c.GetResourceConfigHistoryRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutEvaluations = "PutEvaluations" +// GetResourceConfigHistoryPages iterates over the pages of a GetResourceConfigHistory operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetResourceConfigHistory method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetResourceConfigHistory operation. +// pageNum := 0 +// err := client.GetResourceConfigHistoryPages(params, +// func(page *configservice.GetResourceConfigHistoryOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *ConfigService) GetResourceConfigHistoryPages(input *GetResourceConfigHistoryInput, fn func(*GetResourceConfigHistoryOutput, bool) bool) error { + return c.GetResourceConfigHistoryPagesWithContext(aws.BackgroundContext(), input, fn) +} -// PutEvaluationsRequest generates a "aws/request.Request" representing the -// client's request for the PutEvaluations operation. The "output" return +// GetResourceConfigHistoryPagesWithContext same as GetResourceConfigHistoryPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) GetResourceConfigHistoryPagesWithContext(ctx aws.Context, input *GetResourceConfigHistoryInput, fn func(*GetResourceConfigHistoryOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetResourceConfigHistoryInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetResourceConfigHistoryRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetResourceConfigHistoryOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListAggregateDiscoveredResources = "ListAggregateDiscoveredResources" + +// ListAggregateDiscoveredResourcesRequest generates a "aws/request.Request" representing the +// client's request for the ListAggregateDiscoveredResources operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutEvaluations for more information on using the PutEvaluations +// See ListAggregateDiscoveredResources for more information on using the ListAggregateDiscoveredResources // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutEvaluationsRequest method. -// req, resp := client.PutEvaluationsRequest(params) +// // Example sending a request using the ListAggregateDiscoveredResourcesRequest method. +// req, resp := client.ListAggregateDiscoveredResourcesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutEvaluations -func (c *ConfigService) PutEvaluationsRequest(input *PutEvaluationsInput) (req *request.Request, output *PutEvaluationsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListAggregateDiscoveredResources +func (c *ConfigService) ListAggregateDiscoveredResourcesRequest(input *ListAggregateDiscoveredResourcesInput) (req *request.Request, output *ListAggregateDiscoveredResourcesOutput) { op := &request.Operation{ - Name: opPutEvaluations, + Name: opListAggregateDiscoveredResources, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutEvaluationsInput{} + input = &ListAggregateDiscoveredResourcesInput{} } - output = &PutEvaluationsOutput{} + output = &ListAggregateDiscoveredResourcesOutput{} req = c.newRequest(op, input, output) return } -// PutEvaluations API operation for AWS Config. +// ListAggregateDiscoveredResources API operation for AWS Config. // -// Used by an AWS Lambda function to deliver evaluation results to AWS Config. -// This action is required in every AWS Lambda function that is invoked by an -// AWS Config rule. +// Accepts a resource type and returns a list of resource identifiers that are +// aggregated for a specific resource type across accounts and regions. A resource +// identifier includes the resource type, ID, (if available) the custom resource +// name, source account, and source region. You can narrow the results to include +// only resources that have specific resource IDs, or a resource name, or source +// account ID, or source region. +// +// For example, if the input consists of accountID 12345678910 and the region +// is us-east-1 for resource type AWS::EC2::Instance then the API returns all +// the EC2 instance identifiers of accountID 12345678910 and region us-east-1. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutEvaluations for usage and error information. +// API operation ListAggregateDiscoveredResources for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. +// * ErrCodeValidationException "ValidationException" +// The requested action is not valid. // -// * ErrCodeInvalidResultTokenException "InvalidResultTokenException" -// The specified ResultToken is invalid. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// * ErrCodeNoSuchConfigRuleException "NoSuchConfigRuleException" -// One or more AWS Config rules in the request are invalid. Verify that the -// rule names are correct and try again. +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutEvaluations -func (c *ConfigService) PutEvaluations(input *PutEvaluationsInput) (*PutEvaluationsOutput, error) { - req, out := c.PutEvaluationsRequest(input) +// * ErrCodeNoSuchConfigurationAggregatorException "NoSuchConfigurationAggregatorException" +// You have specified a configuration aggregator that does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListAggregateDiscoveredResources +func (c *ConfigService) ListAggregateDiscoveredResources(input *ListAggregateDiscoveredResourcesInput) (*ListAggregateDiscoveredResourcesOutput, error) { + req, out := c.ListAggregateDiscoveredResourcesRequest(input) return out, req.Send() } -// PutEvaluationsWithContext is the same as PutEvaluations with the addition of +// ListAggregateDiscoveredResourcesWithContext is the same as ListAggregateDiscoveredResources with the addition of // the ability to pass a context and additional request options. // -// See PutEvaluations for details on how to use this API operation. +// See ListAggregateDiscoveredResources for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutEvaluationsWithContext(ctx aws.Context, input *PutEvaluationsInput, opts ...request.Option) (*PutEvaluationsOutput, error) { - req, out := c.PutEvaluationsRequest(input) +func (c *ConfigService) ListAggregateDiscoveredResourcesWithContext(ctx aws.Context, input *ListAggregateDiscoveredResourcesInput, opts ...request.Option) (*ListAggregateDiscoveredResourcesOutput, error) { + req, out := c.ListAggregateDiscoveredResourcesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutOrganizationConfigRule = "PutOrganizationConfigRule" +const opListDiscoveredResources = "ListDiscoveredResources" -// PutOrganizationConfigRuleRequest generates a "aws/request.Request" representing the -// client's request for the PutOrganizationConfigRule operation. The "output" return +// ListDiscoveredResourcesRequest generates a "aws/request.Request" representing the +// client's request for the ListDiscoveredResources operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutOrganizationConfigRule for more information on using the PutOrganizationConfigRule +// See ListDiscoveredResources for more information on using the ListDiscoveredResources // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutOrganizationConfigRuleRequest method. -// req, resp := client.PutOrganizationConfigRuleRequest(params) +// // Example sending a request using the ListDiscoveredResourcesRequest method. +// req, resp := client.ListDiscoveredResourcesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutOrganizationConfigRule -func (c *ConfigService) PutOrganizationConfigRuleRequest(input *PutOrganizationConfigRuleInput) (req *request.Request, output *PutOrganizationConfigRuleOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListDiscoveredResources +func (c *ConfigService) ListDiscoveredResourcesRequest(input *ListDiscoveredResourcesInput) (req *request.Request, output *ListDiscoveredResourcesOutput) { op := &request.Operation{ - Name: opPutOrganizationConfigRule, + Name: opListDiscoveredResources, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutOrganizationConfigRuleInput{} + input = &ListDiscoveredResourcesInput{} } - output = &PutOrganizationConfigRuleOutput{} + output = &ListDiscoveredResourcesOutput{} req = c.newRequest(op, input, output) return } -// PutOrganizationConfigRule API operation for AWS Config. -// -// Adds or updates organization config rule for your entire organization evaluating -// whether your AWS resources comply with your desired configurations. Only -// a master account can create or update an organization config rule. -// -// This API enables organization service access through the EnableAWSServiceAccess -// action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup -// in the master account of your organization. The service linked role is created -// only when the role does not exist in the master account. AWS Config verifies -// the existence of role with GetRole action. +// ListDiscoveredResources API operation for AWS Config. // -// You can use this action to create both custom AWS Config rules and AWS managed -// Config rules. If you are adding a new custom AWS Config rule, you must first -// create AWS Lambda function in the master account that the rule invokes to -// evaluate your resources. When you use the PutOrganizationConfigRule action -// to add the rule to AWS Config, you must specify the Amazon Resource Name -// (ARN) that AWS Lambda assigns to the function. If you are adding an AWS managed -// Config rule, specify the rule's identifier for the RuleIdentifier key. +// Accepts a resource type and returns a list of resource identifiers for the +// resources of that type. A resource identifier includes the resource type, +// ID, and (if available) the custom resource name. The results consist of resources +// that AWS Config has discovered, including those that AWS Config is not currently +// recording. You can narrow the results to include only resources that have +// specific resource IDs or a resource name. // -// The maximum number of organization config rules that AWS Config supports -// is 150. +// You can specify either resource IDs or a resource name, but not both, in +// the same request. // -// Specify either OrganizationCustomRuleMetadata or OrganizationManagedRuleMetadata. +// The response is paginated. By default, AWS Config lists 100 resource identifiers +// on each page. You can customize this number with the limit parameter. The +// response includes a nextToken string. To get the next page of results, run +// the request again and specify the string for the nextToken parameter. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutOrganizationConfigRule for usage and error information. +// API operation ListDiscoveredResources for usage and error information. // // Returned Error Codes: -// * ErrCodeMaxNumberOfOrganizationConfigRulesExceededException "MaxNumberOfOrganizationConfigRulesExceededException" -// You have reached the limit of the number of organization config rules you -// can create. -// -// * ErrCodeResourceInUseException "ResourceInUseException" -// You see this exception in the following cases: -// -// * For DeleteConfigRule API, AWS Config is deleting this rule. Try your -// request again later. -// -// * For DeleteConfigRule API, the rule is deleting your evaluation results. -// Try your request again later. -// -// * For DeleteConfigRule API, a remediation action is associated with the -// rule and AWS Config cannot delete this rule. Delete the remediation action -// associated with the rule before deleting the rule and try your request -// again later. -// -// * For PutConfigOrganizationRule, organization config rule deletion is -// in progress. Try your request again later. -// -// * For DeleteOrganizationConfigRule, organization config rule creation -// is in progress. Try your request again later. -// -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. -// // * ErrCodeValidationException "ValidationException" // The requested action is not valid. // -// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" -// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess -// API. -// -// For all OrganizationConfigRule APIs, AWS Config throws an exception if APIs -// are called from member accounts. All APIs must be called from organization -// master account. -// -// * ErrCodeNoAvailableOrganizationException "NoAvailableOrganizationException" -// Organization is no longer available. -// -// * ErrCodeOrganizationAllFeaturesNotEnabledException "OrganizationAllFeaturesNotEnabledException" -// AWS Config resource cannot be created because your organization does not -// have all features enabled. -// -// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" -// Indicates one of the following errors: -// -// * For PutConfigRule, the rule cannot be created because the IAM role assigned -// to AWS Config lacks permissions to perform the config:Put* action. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check -// the function ARN, and check the function's permissions. +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. // -// * For OrganizationConfigRule, organization config rule cannot be created -// because you do not have permissions to call IAM GetRole action or create -// service linked role. +// * ErrCodeNoAvailableConfigurationRecorderException "NoAvailableConfigurationRecorderException" +// There are no configuration recorders available to provide the role needed +// to describe your resources. Create a configuration recorder. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutOrganizationConfigRule -func (c *ConfigService) PutOrganizationConfigRule(input *PutOrganizationConfigRuleInput) (*PutOrganizationConfigRuleOutput, error) { - req, out := c.PutOrganizationConfigRuleRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListDiscoveredResources +func (c *ConfigService) ListDiscoveredResources(input *ListDiscoveredResourcesInput) (*ListDiscoveredResourcesOutput, error) { + req, out := c.ListDiscoveredResourcesRequest(input) return out, req.Send() } -// PutOrganizationConfigRuleWithContext is the same as PutOrganizationConfigRule with the addition of +// ListDiscoveredResourcesWithContext is the same as ListDiscoveredResources with the addition of // the ability to pass a context and additional request options. // -// See PutOrganizationConfigRule for details on how to use this API operation. +// See ListDiscoveredResources for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutOrganizationConfigRuleWithContext(ctx aws.Context, input *PutOrganizationConfigRuleInput, opts ...request.Option) (*PutOrganizationConfigRuleOutput, error) { - req, out := c.PutOrganizationConfigRuleRequest(input) +func (c *ConfigService) ListDiscoveredResourcesWithContext(ctx aws.Context, input *ListDiscoveredResourcesInput, opts ...request.Option) (*ListDiscoveredResourcesOutput, error) { + req, out := c.ListDiscoveredResourcesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutRemediationConfigurations = "PutRemediationConfigurations" +const opListTagsForResource = "ListTagsForResource" -// PutRemediationConfigurationsRequest generates a "aws/request.Request" representing the -// client's request for the PutRemediationConfigurations operation. The "output" return +// ListTagsForResourceRequest generates a "aws/request.Request" representing the +// client's request for the ListTagsForResource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutRemediationConfigurations for more information on using the PutRemediationConfigurations +// See ListTagsForResource for more information on using the ListTagsForResource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutRemediationConfigurationsRequest method. -// req, resp := client.PutRemediationConfigurationsRequest(params) +// // Example sending a request using the ListTagsForResourceRequest method. +// req, resp := client.ListTagsForResourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRemediationConfigurations -func (c *ConfigService) PutRemediationConfigurationsRequest(input *PutRemediationConfigurationsInput) (req *request.Request, output *PutRemediationConfigurationsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListTagsForResource +func (c *ConfigService) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { op := &request.Operation{ - Name: opPutRemediationConfigurations, + Name: opListTagsForResource, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutRemediationConfigurationsInput{} + input = &ListTagsForResourceInput{} } - output = &PutRemediationConfigurationsOutput{} + output = &ListTagsForResourceOutput{} req = c.newRequest(op, input, output) return } -// PutRemediationConfigurations API operation for AWS Config. +// ListTagsForResource API operation for AWS Config. // -// Adds or updates the remediation configuration with a specific AWS Config -// rule with the selected target or action. The API creates the RemediationConfiguration -// object for the AWS Config rule. The AWS Config rule must already exist for -// you to add a remediation configuration. The target (SSM document) must exist -// and have permissions to use the target. +// List the tags for AWS Config resource. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutRemediationConfigurations for usage and error information. +// API operation ListTagsForResource for usage and error information. // // Returned Error Codes: -// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" -// Indicates one of the following errors: -// -// * For PutConfigRule, the rule cannot be created because the IAM role assigned -// to AWS Config lacks permissions to perform the config:Put* action. +// * ErrCodeResourceNotFoundException "ResourceNotFoundException" +// You have specified a resource that does not exist. // -// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check -// the function ARN, and check the function's permissions. +// * ErrCodeValidationException "ValidationException" +// The requested action is not valid. // -// * For OrganizationConfigRule, organization config rule cannot be created -// because you do not have permissions to call IAM GetRole action or create -// service linked role. +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. // -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRemediationConfigurations -func (c *ConfigService) PutRemediationConfigurations(input *PutRemediationConfigurationsInput) (*PutRemediationConfigurationsOutput, error) { - req, out := c.PutRemediationConfigurationsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ListTagsForResource +func (c *ConfigService) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) return out, req.Send() } -// PutRemediationConfigurationsWithContext is the same as PutRemediationConfigurations with the addition of +// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of // the ability to pass a context and additional request options. // -// See PutRemediationConfigurations for details on how to use this API operation. +// See ListTagsForResource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutRemediationConfigurationsWithContext(ctx aws.Context, input *PutRemediationConfigurationsInput, opts ...request.Option) (*PutRemediationConfigurationsOutput, error) { - req, out := c.PutRemediationConfigurationsRequest(input) +func (c *ConfigService) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutRemediationExceptions = "PutRemediationExceptions" +const opPutAggregationAuthorization = "PutAggregationAuthorization" -// PutRemediationExceptionsRequest generates a "aws/request.Request" representing the -// client's request for the PutRemediationExceptions operation. The "output" return +// PutAggregationAuthorizationRequest generates a "aws/request.Request" representing the +// client's request for the PutAggregationAuthorization operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutRemediationExceptions for more information on using the PutRemediationExceptions +// See PutAggregationAuthorization for more information on using the PutAggregationAuthorization // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutRemediationExceptionsRequest method. -// req, resp := client.PutRemediationExceptionsRequest(params) +// // Example sending a request using the PutAggregationAuthorizationRequest method. +// req, resp := client.PutAggregationAuthorizationRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRemediationExceptions -func (c *ConfigService) PutRemediationExceptionsRequest(input *PutRemediationExceptionsInput) (req *request.Request, output *PutRemediationExceptionsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutAggregationAuthorization +func (c *ConfigService) PutAggregationAuthorizationRequest(input *PutAggregationAuthorizationInput) (req *request.Request, output *PutAggregationAuthorizationOutput) { op := &request.Operation{ - Name: opPutRemediationExceptions, + Name: opPutAggregationAuthorization, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutRemediationExceptionsInput{} + input = &PutAggregationAuthorizationInput{} } - output = &PutRemediationExceptionsOutput{} + output = &PutAggregationAuthorizationOutput{} req = c.newRequest(op, input, output) return } -// PutRemediationExceptions API operation for AWS Config. +// PutAggregationAuthorization API operation for AWS Config. // -// A remediation exception is when a specific resource is no longer considered -// for auto-remediation. This API adds a new exception or updates an exisiting -// exception for a specific resource with a specific AWS Config rule. +// Authorizes the aggregator account and region to collect data from the source +// account and region. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutRemediationExceptions for usage and error information. +// API operation PutAggregationAuthorization for usage and error information. // // Returned Error Codes: // * ErrCodeInvalidParameterValueException "InvalidParameterValueException" // One or more of the specified parameters are invalid. Verify that your parameters // are valid and try again. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRemediationExceptions -func (c *ConfigService) PutRemediationExceptions(input *PutRemediationExceptionsInput) (*PutRemediationExceptionsOutput, error) { - req, out := c.PutRemediationExceptionsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutAggregationAuthorization +func (c *ConfigService) PutAggregationAuthorization(input *PutAggregationAuthorizationInput) (*PutAggregationAuthorizationOutput, error) { + req, out := c.PutAggregationAuthorizationRequest(input) return out, req.Send() } -// PutRemediationExceptionsWithContext is the same as PutRemediationExceptions with the addition of +// PutAggregationAuthorizationWithContext is the same as PutAggregationAuthorization with the addition of // the ability to pass a context and additional request options. // -// See PutRemediationExceptions for details on how to use this API operation. +// See PutAggregationAuthorization for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutRemediationExceptionsWithContext(ctx aws.Context, input *PutRemediationExceptionsInput, opts ...request.Option) (*PutRemediationExceptionsOutput, error) { - req, out := c.PutRemediationExceptionsRequest(input) +func (c *ConfigService) PutAggregationAuthorizationWithContext(ctx aws.Context, input *PutAggregationAuthorizationInput, opts ...request.Option) (*PutAggregationAuthorizationOutput, error) { + req, out := c.PutAggregationAuthorizationRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutRetentionConfiguration = "PutRetentionConfiguration" +const opPutConfigRule = "PutConfigRule" -// PutRetentionConfigurationRequest generates a "aws/request.Request" representing the -// client's request for the PutRetentionConfiguration operation. The "output" return +// PutConfigRuleRequest generates a "aws/request.Request" representing the +// client's request for the PutConfigRule operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutRetentionConfiguration for more information on using the PutRetentionConfiguration +// See PutConfigRule for more information on using the PutConfigRule // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the PutRetentionConfigurationRequest method. -// req, resp := client.PutRetentionConfigurationRequest(params) +// // Example sending a request using the PutConfigRuleRequest method. +// req, resp := client.PutConfigRuleRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRetentionConfiguration -func (c *ConfigService) PutRetentionConfigurationRequest(input *PutRetentionConfigurationInput) (req *request.Request, output *PutRetentionConfigurationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigRule +func (c *ConfigService) PutConfigRuleRequest(input *PutConfigRuleInput) (req *request.Request, output *PutConfigRuleOutput) { op := &request.Operation{ - Name: opPutRetentionConfiguration, + Name: opPutConfigRule, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutRetentionConfigurationInput{} + input = &PutConfigRuleInput{} } - output = &PutRetentionConfigurationOutput{} + output = &PutConfigRuleOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// PutRetentionConfiguration API operation for AWS Config. +// PutConfigRule API operation for AWS Config. // -// Creates and updates the retention configuration with details about retention -// period (number of days) that AWS Config stores your historical information. -// The API creates the RetentionConfiguration object and names the object as -// default. When you have a RetentionConfiguration object named default, calling -// the API modifies the default object. +// Adds or updates an AWS Config rule for evaluating whether your AWS resources +// comply with your desired configurations. // -// Currently, AWS Config supports only one retention configuration per region -// in your account. +// You can use this action for custom AWS Config rules and AWS managed Config +// rules. A custom AWS Config rule is a rule that you develop and maintain. +// An AWS managed Config rule is a customizable, predefined rule that AWS Config +// provides. +// +// If you are adding a new custom AWS Config rule, you must first create the +// AWS Lambda function that the rule invokes to evaluate your resources. When +// you use the PutConfigRule action to add the rule to AWS Config, you must +// specify the Amazon Resource Name (ARN) that AWS Lambda assigns to the function. +// Specify the ARN for the SourceIdentifier key. This key is part of the Source +// object, which is part of the ConfigRule object. +// +// If you are adding an AWS managed Config rule, specify the rule's identifier +// for the SourceIdentifier key. To reference AWS managed Config rule identifiers, +// see About AWS Managed Config Rules (https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). +// +// For any new rule that you add, specify the ConfigRuleName in the ConfigRule +// object. Do not specify the ConfigRuleArn or the ConfigRuleId. These values +// are generated by AWS Config for new rules. +// +// If you are updating a rule that you added previously, you can specify the +// rule by ConfigRuleName, ConfigRuleId, or ConfigRuleArn in the ConfigRule +// data type that you use in this request. +// +// The maximum number of rules that AWS Config supports is 150. +// +// For information about requesting a rule limit increase, see AWS Config Limits +// (http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_config) +// in the AWS General Reference Guide. +// +// For more information about developing and using AWS Config rules, see Evaluating +// AWS Resource Configurations with AWS Config (https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html) +// in the AWS Config Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation PutRetentionConfiguration for usage and error information. +// API operation PutConfigRule for usage and error information. // // Returned Error Codes: // * ErrCodeInvalidParameterValueException "InvalidParameterValueException" // One or more of the specified parameters are invalid. Verify that your parameters // are valid and try again. // -// * ErrCodeMaxNumberOfRetentionConfigurationsExceededException "MaxNumberOfRetentionConfigurationsExceededException" -// Failed to add the retention configuration because a retention configuration -// with that name already exists. +// * ErrCodeMaxNumberOfConfigRulesExceededException "MaxNumberOfConfigRulesExceededException" +// Failed to add the AWS Config rule because the account already contains the +// maximum number of 150 rules. Consider deleting any deactivated rules before +// you add new rules. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRetentionConfiguration -func (c *ConfigService) PutRetentionConfiguration(input *PutRetentionConfigurationInput) (*PutRetentionConfigurationOutput, error) { - req, out := c.PutRetentionConfigurationRequest(input) +// * ErrCodeResourceInUseException "ResourceInUseException" +// You see this exception in the following cases: +// +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. +// +// * For DeleteConfigRule, the rule is deleting your evaluation results. +// Try your request again later. +// +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action +// associated with the rule before deleting the rule and try your request +// again later. +// +// * For PutConfigOrganizationRule, organization config rule deletion is +// in progress. Try your request again later. +// +// * For DeleteOrganizationConfigRule, organization config rule creation +// is in progress. Try your request again later. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// +// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" +// Indicates one of the following errors: +// +// * For PutConfigRule, the rule cannot be created because the IAM role assigned +// to AWS Config lacks permissions to perform the config:Put* action. +// +// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check +// the function ARN, and check the function's permissions. +// +// * For PutOrganizationConfigRule, organization config rule cannot be created +// because you do not have permissions to call IAM GetRole action or create +// a service linked role. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack cannot be created becuase you do not have permissions: To call IAM +// GetRole action or create a service linked role. To read Amazon S3 bucket. +// To create a rule and a stack. +// +// * ErrCodeNoAvailableConfigurationRecorderException "NoAvailableConfigurationRecorderException" +// There are no configuration recorders available to provide the role needed +// to describe your resources. Create a configuration recorder. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigRule +func (c *ConfigService) PutConfigRule(input *PutConfigRuleInput) (*PutConfigRuleOutput, error) { + req, out := c.PutConfigRuleRequest(input) return out, req.Send() } -// PutRetentionConfigurationWithContext is the same as PutRetentionConfiguration with the addition of +// PutConfigRuleWithContext is the same as PutConfigRule with the addition of // the ability to pass a context and additional request options. // -// See PutRetentionConfiguration for details on how to use this API operation. +// See PutConfigRule for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) PutRetentionConfigurationWithContext(ctx aws.Context, input *PutRetentionConfigurationInput, opts ...request.Option) (*PutRetentionConfigurationOutput, error) { - req, out := c.PutRetentionConfigurationRequest(input) +func (c *ConfigService) PutConfigRuleWithContext(ctx aws.Context, input *PutConfigRuleInput, opts ...request.Option) (*PutConfigRuleOutput, error) { + req, out := c.PutConfigRuleRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opSelectResourceConfig = "SelectResourceConfig" +const opPutConfigurationAggregator = "PutConfigurationAggregator" -// SelectResourceConfigRequest generates a "aws/request.Request" representing the -// client's request for the SelectResourceConfig operation. The "output" return +// PutConfigurationAggregatorRequest generates a "aws/request.Request" representing the +// client's request for the PutConfigurationAggregator operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See SelectResourceConfig for more information on using the SelectResourceConfig +// See PutConfigurationAggregator for more information on using the PutConfigurationAggregator // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the SelectResourceConfigRequest method. -// req, resp := client.SelectResourceConfigRequest(params) +// // Example sending a request using the PutConfigurationAggregatorRequest method. +// req, resp := client.PutConfigurationAggregatorRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/SelectResourceConfig -func (c *ConfigService) SelectResourceConfigRequest(input *SelectResourceConfigInput) (req *request.Request, output *SelectResourceConfigOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigurationAggregator +func (c *ConfigService) PutConfigurationAggregatorRequest(input *PutConfigurationAggregatorInput) (req *request.Request, output *PutConfigurationAggregatorOutput) { op := &request.Operation{ - Name: opSelectResourceConfig, + Name: opPutConfigurationAggregator, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &SelectResourceConfigInput{} + input = &PutConfigurationAggregatorInput{} } - output = &SelectResourceConfigOutput{} + output = &PutConfigurationAggregatorOutput{} req = c.newRequest(op, input, output) return } -// SelectResourceConfig API operation for AWS Config. +// PutConfigurationAggregator API operation for AWS Config. // -// Accepts a structured query language (SQL) SELECT command, performs the corresponding -// search, and returns resource configurations matching the properties. +// Creates and updates the configuration aggregator with the selected source +// accounts and regions. The source account can be individual account(s) or +// an organization. // -// For more information about query components, see the Query Components (https://docs.aws.amazon.com/config/latest/developerguide/query-components.html) -// section in the AWS Config Developer Guide. +// AWS Config should be enabled in source accounts and regions you want to aggregate. +// +// If your source type is an organization, you must be signed in to the master +// account and all features must be enabled in your organization. AWS Config +// calls EnableAwsServiceAccess API to enable integration between AWS Config +// and AWS Organizations. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation SelectResourceConfig for usage and error information. +// API operation PutConfigurationAggregator for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidExpressionException "InvalidExpressionException" -// The syntax of the query is incorrect. +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. // -// * ErrCodeInvalidLimitException "InvalidLimitException" -// The specified limit is outside the allowable range. +// * ErrCodeLimitExceededException "LimitExceededException" +// For StartConfigRulesEvaluation API, this exception is thrown if an evaluation +// is in progress or if you call the StartConfigRulesEvaluation API more than +// once per minute. // -// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" -// The specified next token is invalid. Specify the nextToken string that was -// returned in the previous response to get the next page of results. +// For PutConfigurationAggregator API, this exception is thrown if the number +// of accounts and aggregators exceeds the limit. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/SelectResourceConfig -func (c *ConfigService) SelectResourceConfig(input *SelectResourceConfigInput) (*SelectResourceConfigOutput, error) { - req, out := c.SelectResourceConfigRequest(input) +// * ErrCodeInvalidRoleException "InvalidRoleException" +// You have provided a null or empty role ARN. +// +// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" +// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess +// API. +// +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. +// +// * ErrCodeNoAvailableOrganizationException "NoAvailableOrganizationException" +// Organization is no longer available. +// +// * ErrCodeOrganizationAllFeaturesNotEnabledException "OrganizationAllFeaturesNotEnabledException" +// AWS Config resource cannot be created because your organization does not +// have all features enabled. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigurationAggregator +func (c *ConfigService) PutConfigurationAggregator(input *PutConfigurationAggregatorInput) (*PutConfigurationAggregatorOutput, error) { + req, out := c.PutConfigurationAggregatorRequest(input) return out, req.Send() } -// SelectResourceConfigWithContext is the same as SelectResourceConfig with the addition of +// PutConfigurationAggregatorWithContext is the same as PutConfigurationAggregator with the addition of // the ability to pass a context and additional request options. // -// See SelectResourceConfig for details on how to use this API operation. +// See PutConfigurationAggregator for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) SelectResourceConfigWithContext(ctx aws.Context, input *SelectResourceConfigInput, opts ...request.Option) (*SelectResourceConfigOutput, error) { - req, out := c.SelectResourceConfigRequest(input) +func (c *ConfigService) PutConfigurationAggregatorWithContext(ctx aws.Context, input *PutConfigurationAggregatorInput, opts ...request.Option) (*PutConfigurationAggregatorOutput, error) { + req, out := c.PutConfigurationAggregatorRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opStartConfigRulesEvaluation = "StartConfigRulesEvaluation" +const opPutConfigurationRecorder = "PutConfigurationRecorder" -// StartConfigRulesEvaluationRequest generates a "aws/request.Request" representing the -// client's request for the StartConfigRulesEvaluation operation. The "output" return +// PutConfigurationRecorderRequest generates a "aws/request.Request" representing the +// client's request for the PutConfigurationRecorder operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See StartConfigRulesEvaluation for more information on using the StartConfigRulesEvaluation +// See PutConfigurationRecorder for more information on using the PutConfigurationRecorder // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the StartConfigRulesEvaluationRequest method. -// req, resp := client.StartConfigRulesEvaluationRequest(params) +// // Example sending a request using the PutConfigurationRecorderRequest method. +// req, resp := client.PutConfigurationRecorderRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartConfigRulesEvaluation -func (c *ConfigService) StartConfigRulesEvaluationRequest(input *StartConfigRulesEvaluationInput) (req *request.Request, output *StartConfigRulesEvaluationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigurationRecorder +func (c *ConfigService) PutConfigurationRecorderRequest(input *PutConfigurationRecorderInput) (req *request.Request, output *PutConfigurationRecorderOutput) { op := &request.Operation{ - Name: opStartConfigRulesEvaluation, + Name: opPutConfigurationRecorder, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &StartConfigRulesEvaluationInput{} + input = &PutConfigurationRecorderInput{} } - output = &StartConfigRulesEvaluationOutput{} + output = &PutConfigurationRecorderOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// StartConfigRulesEvaluation API operation for AWS Config. +// PutConfigurationRecorder API operation for AWS Config. // -// Runs an on-demand evaluation for the specified AWS Config rules against the -// last known configuration state of the resources. Use StartConfigRulesEvaluation -// when you want to test that a rule you updated is working as expected. StartConfigRulesEvaluation -// does not re-record the latest configuration state for your resources. It -// re-runs an evaluation against the last known state of your resources. +// Creates a new configuration recorder to record the selected resource configurations. // -// You can specify up to 25 AWS Config rules per request. +// You can use this action to change the role roleARN or the recordingGroup +// of an existing recorder. To change the role, call the action on the existing +// configuration recorder and specify a role. // -// An existing StartConfigRulesEvaluation call for the specified rules must -// complete before you can call the API again. If you chose to have AWS Config -// stream to an Amazon SNS topic, you will receive a ConfigRuleEvaluationStarted -// notification when the evaluation starts. -// -// You don't need to call the StartConfigRulesEvaluation API to run an evaluation -// for a new rule. When you create a rule, AWS Config evaluates your resources -// against the rule automatically. -// -// The StartConfigRulesEvaluation API is useful if you want to run on-demand -// evaluations, such as the following example: -// -// You have a custom rule that evaluates your IAM resources every 24 hours. -// -// You update your Lambda function to add additional conditions to your rule. -// -// Instead of waiting for the next periodic evaluation, you call the StartConfigRulesEvaluation -// API. -// -// AWS Config invokes your Lambda function and evaluates your IAM resources. +// Currently, you can specify only one configuration recorder per region in +// your account. // -// Your custom rule will still run periodic evaluations every 24 hours. +// If ConfigurationRecorder does not have the recordingGroup parameter specified, +// the default is to record all supported resource types. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation StartConfigRulesEvaluation for usage and error information. +// API operation PutConfigurationRecorder for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchConfigRuleException "NoSuchConfigRuleException" -// One or more AWS Config rules in the request are invalid. Verify that the -// rule names are correct and try again. -// -// * ErrCodeLimitExceededException "LimitExceededException" -// For StartConfigRulesEvaluation API, this exception is thrown if an evaluation -// is in progress or if you call the StartConfigRulesEvaluation API more than -// once per minute. -// -// For PutConfigurationAggregator API, this exception is thrown if the number -// of accounts and aggregators exceeds the limit. -// -// * ErrCodeResourceInUseException "ResourceInUseException" -// You see this exception in the following cases: -// -// * For DeleteConfigRule API, AWS Config is deleting this rule. Try your -// request again later. -// -// * For DeleteConfigRule API, the rule is deleting your evaluation results. -// Try your request again later. -// -// * For DeleteConfigRule API, a remediation action is associated with the -// rule and AWS Config cannot delete this rule. Delete the remediation action -// associated with the rule before deleting the rule and try your request -// again later. +// * ErrCodeMaxNumberOfConfigurationRecordersExceededException "MaxNumberOfConfigurationRecordersExceededException" +// You have reached the limit of the number of recorders you can create. // -// * For PutConfigOrganizationRule, organization config rule deletion is -// in progress. Try your request again later. +// * ErrCodeInvalidConfigurationRecorderNameException "InvalidConfigurationRecorderNameException" +// You have provided a configuration recorder name that is not valid. // -// * For DeleteOrganizationConfigRule, organization config rule creation -// is in progress. Try your request again later. +// * ErrCodeInvalidRoleException "InvalidRoleException" +// You have provided a null or empty role ARN. // -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. +// * ErrCodeInvalidRecordingGroupException "InvalidRecordingGroupException" +// AWS Config throws an exception if the recording group does not contain a +// valid list of resource types. Invalid values might also be incorrectly formatted. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartConfigRulesEvaluation -func (c *ConfigService) StartConfigRulesEvaluation(input *StartConfigRulesEvaluationInput) (*StartConfigRulesEvaluationOutput, error) { - req, out := c.StartConfigRulesEvaluationRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConfigurationRecorder +func (c *ConfigService) PutConfigurationRecorder(input *PutConfigurationRecorderInput) (*PutConfigurationRecorderOutput, error) { + req, out := c.PutConfigurationRecorderRequest(input) return out, req.Send() } -// StartConfigRulesEvaluationWithContext is the same as StartConfigRulesEvaluation with the addition of +// PutConfigurationRecorderWithContext is the same as PutConfigurationRecorder with the addition of // the ability to pass a context and additional request options. // -// See StartConfigRulesEvaluation for details on how to use this API operation. +// See PutConfigurationRecorder for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) StartConfigRulesEvaluationWithContext(ctx aws.Context, input *StartConfigRulesEvaluationInput, opts ...request.Option) (*StartConfigRulesEvaluationOutput, error) { - req, out := c.StartConfigRulesEvaluationRequest(input) +func (c *ConfigService) PutConfigurationRecorderWithContext(ctx aws.Context, input *PutConfigurationRecorderInput, opts ...request.Option) (*PutConfigurationRecorderOutput, error) { + req, out := c.PutConfigurationRecorderRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opStartConfigurationRecorder = "StartConfigurationRecorder" +const opPutConformancePack = "PutConformancePack" -// StartConfigurationRecorderRequest generates a "aws/request.Request" representing the -// client's request for the StartConfigurationRecorder operation. The "output" return +// PutConformancePackRequest generates a "aws/request.Request" representing the +// client's request for the PutConformancePack operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See StartConfigurationRecorder for more information on using the StartConfigurationRecorder +// See PutConformancePack for more information on using the PutConformancePack // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the StartConfigurationRecorderRequest method. -// req, resp := client.StartConfigurationRecorderRequest(params) +// // Example sending a request using the PutConformancePackRequest method. +// req, resp := client.PutConformancePackRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartConfigurationRecorder -func (c *ConfigService) StartConfigurationRecorderRequest(input *StartConfigurationRecorderInput) (req *request.Request, output *StartConfigurationRecorderOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConformancePack +func (c *ConfigService) PutConformancePackRequest(input *PutConformancePackInput) (req *request.Request, output *PutConformancePackOutput) { op := &request.Operation{ - Name: opStartConfigurationRecorder, + Name: opPutConformancePack, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &StartConfigurationRecorderInput{} + input = &PutConformancePackInput{} } - output = &StartConfigurationRecorderOutput{} + output = &PutConformancePackOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// StartConfigurationRecorder API operation for AWS Config. +// PutConformancePack API operation for AWS Config. // -// Starts recording configurations of the AWS resources you have selected to -// record in your AWS account. +// Creates or updates a conformance pack. A conformance pack is a collection +// of AWS Config rules that can be easily deployed in an account and a region. // -// You must have created at least one delivery channel to successfully start -// the configuration recorder. +// This API creates a service linked role AWSServiceRoleForConfigConforms in +// your account. The service linked role is created only when the role does +// not exist in your account. AWS Config verifies the existence of role with +// GetRole action. +// +// You must specify either the TemplateS3Uri or the TemplateBody parameter, +// but not both. If you provide both AWS Config uses the TemplateS3Uri parameter +// and ignores the TemplateBody parameter. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation StartConfigurationRecorder for usage and error information. +// API operation PutConformancePack for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchConfigurationRecorderException "NoSuchConfigurationRecorderException" -// You have specified a configuration recorder that does not exist. +// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" +// Indicates one of the following errors: // -// * ErrCodeNoAvailableDeliveryChannelException "NoAvailableDeliveryChannelException" -// There is no delivery channel available to record configurations. +// * For PutConfigRule, the rule cannot be created because the IAM role assigned +// to AWS Config lacks permissions to perform the config:Put* action. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartConfigurationRecorder -func (c *ConfigService) StartConfigurationRecorder(input *StartConfigurationRecorderInput) (*StartConfigurationRecorderOutput, error) { - req, out := c.StartConfigurationRecorderRequest(input) +// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check +// the function ARN, and check the function's permissions. +// +// * For PutOrganizationConfigRule, organization config rule cannot be created +// because you do not have permissions to call IAM GetRole action or create +// a service linked role. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack cannot be created becuase you do not have permissions: To call IAM +// GetRole action or create a service linked role. To read Amazon S3 bucket. +// To create a rule and a stack. +// +// * ErrCodeConformancePackTemplateValidationException "ConformancePackTemplateValidationException" +// You have specified a template that is not valid or supported. +// +// * ErrCodeResourceInUseException "ResourceInUseException" +// You see this exception in the following cases: +// +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. +// +// * For DeleteConfigRule, the rule is deleting your evaluation results. +// Try your request again later. +// +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action +// associated with the rule before deleting the rule and try your request +// again later. +// +// * For PutConfigOrganizationRule, organization config rule deletion is +// in progress. Try your request again later. +// +// * For DeleteOrganizationConfigRule, organization config rule creation +// is in progress. Try your request again later. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. +// +// * ErrCodeMaxNumberOfConformancePacksExceededException "MaxNumberOfConformancePacksExceededException" +// You have reached the limit (20) of the number of conformance packs in an +// account. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutConformancePack +func (c *ConfigService) PutConformancePack(input *PutConformancePackInput) (*PutConformancePackOutput, error) { + req, out := c.PutConformancePackRequest(input) return out, req.Send() } -// StartConfigurationRecorderWithContext is the same as StartConfigurationRecorder with the addition of +// PutConformancePackWithContext is the same as PutConformancePack with the addition of // the ability to pass a context and additional request options. // -// See StartConfigurationRecorder for details on how to use this API operation. +// See PutConformancePack for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) StartConfigurationRecorderWithContext(ctx aws.Context, input *StartConfigurationRecorderInput, opts ...request.Option) (*StartConfigurationRecorderOutput, error) { - req, out := c.StartConfigurationRecorderRequest(input) +func (c *ConfigService) PutConformancePackWithContext(ctx aws.Context, input *PutConformancePackInput, opts ...request.Option) (*PutConformancePackOutput, error) { + req, out := c.PutConformancePackRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opStartRemediationExecution = "StartRemediationExecution" +const opPutDeliveryChannel = "PutDeliveryChannel" -// StartRemediationExecutionRequest generates a "aws/request.Request" representing the -// client's request for the StartRemediationExecution operation. The "output" return +// PutDeliveryChannelRequest generates a "aws/request.Request" representing the +// client's request for the PutDeliveryChannel operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See StartRemediationExecution for more information on using the StartRemediationExecution +// See PutDeliveryChannel for more information on using the PutDeliveryChannel // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the StartRemediationExecutionRequest method. -// req, resp := client.StartRemediationExecutionRequest(params) +// // Example sending a request using the PutDeliveryChannelRequest method. +// req, resp := client.PutDeliveryChannelRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartRemediationExecution -func (c *ConfigService) StartRemediationExecutionRequest(input *StartRemediationExecutionInput) (req *request.Request, output *StartRemediationExecutionOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutDeliveryChannel +func (c *ConfigService) PutDeliveryChannelRequest(input *PutDeliveryChannelInput) (req *request.Request, output *PutDeliveryChannelOutput) { op := &request.Operation{ - Name: opStartRemediationExecution, + Name: opPutDeliveryChannel, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &StartRemediationExecutionInput{} + input = &PutDeliveryChannelInput{} } - output = &StartRemediationExecutionOutput{} + output = &PutDeliveryChannelOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// StartRemediationExecution API operation for AWS Config. +// PutDeliveryChannel API operation for AWS Config. // -// Runs an on-demand remediation for the specified AWS Config rules against -// the last known remediation configuration. It runs an execution against the -// current state of your resources. Remediation execution is asynchronous. +// Creates a delivery channel object to deliver configuration information to +// an Amazon S3 bucket and Amazon SNS topic. // -// You can specify up to 100 resource keys per request. An existing StartRemediationExecution -// call for the specified resource keys must complete before you can call the -// API again. +// Before you can create a delivery channel, you must create a configuration +// recorder. +// +// You can use this action to change the Amazon S3 bucket or an Amazon SNS topic +// of the existing delivery channel. To change the Amazon S3 bucket or an Amazon +// SNS topic, call this action and specify the changed values for the S3 bucket +// and the SNS topic. If you specify a different value for either the S3 bucket +// or the SNS topic, this action will keep the existing value for the parameter +// that is not changed. +// +// You can have only one delivery channel per region in your account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation StartRemediationExecution for usage and error information. +// API operation PutDeliveryChannel for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" -// One or more of the specified parameters are invalid. Verify that your parameters -// are valid and try again. +// * ErrCodeMaxNumberOfDeliveryChannelsExceededException "MaxNumberOfDeliveryChannelsExceededException" +// You have reached the limit of the number of delivery channels you can create. // -// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" -// Indicates one of the following errors: +// * ErrCodeNoAvailableConfigurationRecorderException "NoAvailableConfigurationRecorderException" +// There are no configuration recorders available to provide the role needed +// to describe your resources. Create a configuration recorder. // -// * For PutConfigRule, the rule cannot be created because the IAM role assigned -// to AWS Config lacks permissions to perform the config:Put* action. +// * ErrCodeInvalidDeliveryChannelNameException "InvalidDeliveryChannelNameException" +// The specified delivery channel name is not valid. // -// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check -// the function ARN, and check the function's permissions. +// * ErrCodeNoSuchBucketException "NoSuchBucketException" +// The specified Amazon S3 bucket does not exist. // -// * For OrganizationConfigRule, organization config rule cannot be created -// because you do not have permissions to call IAM GetRole action or create -// service linked role. +// * ErrCodeInvalidS3KeyPrefixException "InvalidS3KeyPrefixException" +// The specified Amazon S3 key prefix is not valid. // -// * ErrCodeNoSuchRemediationConfigurationException "NoSuchRemediationConfigurationException" -// You specified an AWS Config rule without a remediation configuration. +// * ErrCodeInvalidSNSTopicARNException "InvalidSNSTopicARNException" +// The specified Amazon SNS topic does not exist. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartRemediationExecution -func (c *ConfigService) StartRemediationExecution(input *StartRemediationExecutionInput) (*StartRemediationExecutionOutput, error) { - req, out := c.StartRemediationExecutionRequest(input) +// * ErrCodeInsufficientDeliveryPolicyException "InsufficientDeliveryPolicyException" +// Your Amazon S3 bucket policy does not permit AWS Config to write to it. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutDeliveryChannel +func (c *ConfigService) PutDeliveryChannel(input *PutDeliveryChannelInput) (*PutDeliveryChannelOutput, error) { + req, out := c.PutDeliveryChannelRequest(input) return out, req.Send() } -// StartRemediationExecutionWithContext is the same as StartRemediationExecution with the addition of +// PutDeliveryChannelWithContext is the same as PutDeliveryChannel with the addition of // the ability to pass a context and additional request options. // -// See StartRemediationExecution for details on how to use this API operation. +// See PutDeliveryChannel for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) StartRemediationExecutionWithContext(ctx aws.Context, input *StartRemediationExecutionInput, opts ...request.Option) (*StartRemediationExecutionOutput, error) { - req, out := c.StartRemediationExecutionRequest(input) +func (c *ConfigService) PutDeliveryChannelWithContext(ctx aws.Context, input *PutDeliveryChannelInput, opts ...request.Option) (*PutDeliveryChannelOutput, error) { + req, out := c.PutDeliveryChannelRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opStopConfigurationRecorder = "StopConfigurationRecorder" +const opPutEvaluations = "PutEvaluations" -// StopConfigurationRecorderRequest generates a "aws/request.Request" representing the -// client's request for the StopConfigurationRecorder operation. The "output" return +// PutEvaluationsRequest generates a "aws/request.Request" representing the +// client's request for the PutEvaluations operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See StopConfigurationRecorder for more information on using the StopConfigurationRecorder +// See PutEvaluations for more information on using the PutEvaluations // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the StopConfigurationRecorderRequest method. -// req, resp := client.StopConfigurationRecorderRequest(params) +// // Example sending a request using the PutEvaluationsRequest method. +// req, resp := client.PutEvaluationsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StopConfigurationRecorder -func (c *ConfigService) StopConfigurationRecorderRequest(input *StopConfigurationRecorderInput) (req *request.Request, output *StopConfigurationRecorderOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutEvaluations +func (c *ConfigService) PutEvaluationsRequest(input *PutEvaluationsInput) (req *request.Request, output *PutEvaluationsOutput) { op := &request.Operation{ - Name: opStopConfigurationRecorder, + Name: opPutEvaluations, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &StopConfigurationRecorderInput{} + input = &PutEvaluationsInput{} } - output = &StopConfigurationRecorderOutput{} + output = &PutEvaluationsOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// StopConfigurationRecorder API operation for AWS Config. +// PutEvaluations API operation for AWS Config. // -// Stops recording configurations of the AWS resources you have selected to -// record in your AWS account. +// Used by an AWS Lambda function to deliver evaluation results to AWS Config. +// This action is required in every AWS Lambda function that is invoked by an +// AWS Config rule. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation StopConfigurationRecorder for usage and error information. +// API operation PutEvaluations for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchConfigurationRecorderException "NoSuchConfigurationRecorderException" -// You have specified a configuration recorder that does not exist. +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StopConfigurationRecorder -func (c *ConfigService) StopConfigurationRecorder(input *StopConfigurationRecorderInput) (*StopConfigurationRecorderOutput, error) { - req, out := c.StopConfigurationRecorderRequest(input) +// * ErrCodeInvalidResultTokenException "InvalidResultTokenException" +// The specified ResultToken is invalid. +// +// * ErrCodeNoSuchConfigRuleException "NoSuchConfigRuleException" +// One or more AWS Config rules in the request are invalid. Verify that the +// rule names are correct and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutEvaluations +func (c *ConfigService) PutEvaluations(input *PutEvaluationsInput) (*PutEvaluationsOutput, error) { + req, out := c.PutEvaluationsRequest(input) return out, req.Send() } -// StopConfigurationRecorderWithContext is the same as StopConfigurationRecorder with the addition of +// PutEvaluationsWithContext is the same as PutEvaluations with the addition of // the ability to pass a context and additional request options. // -// See StopConfigurationRecorder for details on how to use this API operation. +// See PutEvaluations for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) StopConfigurationRecorderWithContext(ctx aws.Context, input *StopConfigurationRecorderInput, opts ...request.Option) (*StopConfigurationRecorderOutput, error) { - req, out := c.StopConfigurationRecorderRequest(input) +func (c *ConfigService) PutEvaluationsWithContext(ctx aws.Context, input *PutEvaluationsInput, opts ...request.Option) (*PutEvaluationsOutput, error) { + req, out := c.PutEvaluationsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opTagResource = "TagResource" +const opPutOrganizationConfigRule = "PutOrganizationConfigRule" -// TagResourceRequest generates a "aws/request.Request" representing the -// client's request for the TagResource operation. The "output" return +// PutOrganizationConfigRuleRequest generates a "aws/request.Request" representing the +// client's request for the PutOrganizationConfigRule operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See TagResource for more information on using the TagResource +// See PutOrganizationConfigRule for more information on using the PutOrganizationConfigRule // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the TagResourceRequest method. -// req, resp := client.TagResourceRequest(params) +// // Example sending a request using the PutOrganizationConfigRuleRequest method. +// req, resp := client.PutOrganizationConfigRuleRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/TagResource -func (c *ConfigService) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutOrganizationConfigRule +func (c *ConfigService) PutOrganizationConfigRuleRequest(input *PutOrganizationConfigRuleInput) (req *request.Request, output *PutOrganizationConfigRuleOutput) { op := &request.Operation{ - Name: opTagResource, + Name: opPutOrganizationConfigRule, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &TagResourceInput{} + input = &PutOrganizationConfigRuleInput{} } - output = &TagResourceOutput{} + output = &PutOrganizationConfigRuleOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// TagResource API operation for AWS Config. +// PutOrganizationConfigRule API operation for AWS Config. // -// Associates the specified tags to a resource with the specified resourceArn. -// If existing tags on a resource are not specified in the request parameters, -// they are not changed. When a resource is deleted, the tags associated with -// that resource are deleted as well. +// Adds or updates organization config rule for your entire organization evaluating +// whether your AWS resources comply with your desired configurations. Only +// a master account can create or update an organization config rule. +// +// This API enables organization service access through the EnableAWSServiceAccess +// action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup +// in the master account of your organization. The service linked role is created +// only when the role does not exist in the master account. AWS Config verifies +// the existence of role with GetRole action. +// +// You can use this action to create both custom AWS Config rules and AWS managed +// Config rules. If you are adding a new custom AWS Config rule, you must first +// create AWS Lambda function in the master account that the rule invokes to +// evaluate your resources. When you use the PutOrganizationConfigRule action +// to add the rule to AWS Config, you must specify the Amazon Resource Name +// (ARN) that AWS Lambda assigns to the function. If you are adding an AWS managed +// Config rule, specify the rule's identifier for the RuleIdentifier key. +// +// The maximum number of organization config rules that AWS Config supports +// is 150. +// +// Specify either OrganizationCustomRuleMetadata or OrganizationManagedRuleMetadata. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation TagResource for usage and error information. +// API operation PutOrganizationConfigRule for usage and error information. // // Returned Error Codes: +// * ErrCodeMaxNumberOfOrganizationConfigRulesExceededException "MaxNumberOfOrganizationConfigRulesExceededException" +// You have reached the limit of the number of organization config rules you +// can create. +// +// * ErrCodeResourceInUseException "ResourceInUseException" +// You see this exception in the following cases: +// +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. +// +// * For DeleteConfigRule, the rule is deleting your evaluation results. +// Try your request again later. +// +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action +// associated with the rule before deleting the rule and try your request +// again later. +// +// * For PutConfigOrganizationRule, organization config rule deletion is +// in progress. Try your request again later. +// +// * For DeleteOrganizationConfigRule, organization config rule creation +// is in progress. Try your request again later. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. +// // * ErrCodeValidationException "ValidationException" // The requested action is not valid. // -// * ErrCodeResourceNotFoundException "ResourceNotFoundException" -// You have specified a resource that does not exist. +// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" +// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess +// API. // -// * ErrCodeTooManyTagsException "TooManyTagsException" -// You have reached the limit of the number of tags you can use. You have more -// than 50 tags. +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/TagResource -func (c *ConfigService) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { - req, out := c.TagResourceRequest(input) +// * ErrCodeNoAvailableOrganizationException "NoAvailableOrganizationException" +// Organization is no longer available. +// +// * ErrCodeOrganizationAllFeaturesNotEnabledException "OrganizationAllFeaturesNotEnabledException" +// AWS Config resource cannot be created because your organization does not +// have all features enabled. +// +// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" +// Indicates one of the following errors: +// +// * For PutConfigRule, the rule cannot be created because the IAM role assigned +// to AWS Config lacks permissions to perform the config:Put* action. +// +// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check +// the function ARN, and check the function's permissions. +// +// * For PutOrganizationConfigRule, organization config rule cannot be created +// because you do not have permissions to call IAM GetRole action or create +// a service linked role. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack cannot be created becuase you do not have permissions: To call IAM +// GetRole action or create a service linked role. To read Amazon S3 bucket. +// To create a rule and a stack. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutOrganizationConfigRule +func (c *ConfigService) PutOrganizationConfigRule(input *PutOrganizationConfigRuleInput) (*PutOrganizationConfigRuleOutput, error) { + req, out := c.PutOrganizationConfigRuleRequest(input) return out, req.Send() } -// TagResourceWithContext is the same as TagResource with the addition of +// PutOrganizationConfigRuleWithContext is the same as PutOrganizationConfigRule with the addition of // the ability to pass a context and additional request options. // -// See TagResource for details on how to use this API operation. +// See PutOrganizationConfigRule for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { - req, out := c.TagResourceRequest(input) +func (c *ConfigService) PutOrganizationConfigRuleWithContext(ctx aws.Context, input *PutOrganizationConfigRuleInput, opts ...request.Option) (*PutOrganizationConfigRuleOutput, error) { + req, out := c.PutOrganizationConfigRuleRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUntagResource = "UntagResource" +const opPutOrganizationConformancePack = "PutOrganizationConformancePack" -// UntagResourceRequest generates a "aws/request.Request" representing the -// client's request for the UntagResource operation. The "output" return +// PutOrganizationConformancePackRequest generates a "aws/request.Request" representing the +// client's request for the PutOrganizationConformancePack operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UntagResource for more information on using the UntagResource +// See PutOrganizationConformancePack for more information on using the PutOrganizationConformancePack // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the UntagResourceRequest method. -// req, resp := client.UntagResourceRequest(params) +// // Example sending a request using the PutOrganizationConformancePackRequest method. +// req, resp := client.PutOrganizationConformancePackRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/UntagResource -func (c *ConfigService) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutOrganizationConformancePack +func (c *ConfigService) PutOrganizationConformancePackRequest(input *PutOrganizationConformancePackInput) (req *request.Request, output *PutOrganizationConformancePackOutput) { op := &request.Operation{ - Name: opUntagResource, + Name: opPutOrganizationConformancePack, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &UntagResourceInput{} + input = &PutOrganizationConformancePackInput{} } - output = &UntagResourceOutput{} + output = &PutOrganizationConformancePackOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UntagResource API operation for AWS Config. +// PutOrganizationConformancePack API operation for AWS Config. // -// Deletes specified tags from a resource. +// Deploys conformance packs across member accounts in an AWS Organization. +// +// This API enables organization service access through the EnableAWSServiceAccess +// action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup +// in the master account of your organization. The service linked role is created +// only when the role does not exist in the master account. AWS Config verifies +// the existence of role with GetRole action. +// +// The SPN is config-multiaccountsetup.amazonaws.com. +// +// You must specify either the TemplateS3Uri or the TemplateBody parameter, +// but not both. If you provide both AWS Config uses the TemplateS3Uri parameter +// and ignores the TemplateBody parameter. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for AWS Config's -// API operation UntagResource for usage and error information. +// API operation PutOrganizationConformancePack for usage and error information. // // Returned Error Codes: +// * ErrCodeMaxNumberOfOrganizationConformancePacksExceededException "MaxNumberOfOrganizationConformancePacksExceededException" +// You have reached the limit (10) of the number of organization conformance +// packs in an account. +// +// * ErrCodeResourceInUseException "ResourceInUseException" +// You see this exception in the following cases: +// +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. +// +// * For DeleteConfigRule, the rule is deleting your evaluation results. +// Try your request again later. +// +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action +// associated with the rule before deleting the rule and try your request +// again later. +// +// * For PutConfigOrganizationRule, organization config rule deletion is +// in progress. Try your request again later. +// +// * For DeleteOrganizationConfigRule, organization config rule creation +// is in progress. Try your request again later. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// // * ErrCodeValidationException "ValidationException" // The requested action is not valid. // -// * ErrCodeResourceNotFoundException "ResourceNotFoundException" -// You have specified a resource that does not exist. +// * ErrCodeOrganizationAccessDeniedException "OrganizationAccessDeniedException" +// For PutConfigAggregator API, no permission to call EnableAWSServiceAccess +// API. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/UntagResource -func (c *ConfigService) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { - req, out := c.UntagResourceRequest(input) +// For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS +// Config throws an exception if APIs are called from member accounts. All APIs +// must be called from organization master account. +// +// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" +// Indicates one of the following errors: +// +// * For PutConfigRule, the rule cannot be created because the IAM role assigned +// to AWS Config lacks permissions to perform the config:Put* action. +// +// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check +// the function ARN, and check the function's permissions. +// +// * For PutOrganizationConfigRule, organization config rule cannot be created +// because you do not have permissions to call IAM GetRole action or create +// a service linked role. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack cannot be created becuase you do not have permissions: To call IAM +// GetRole action or create a service linked role. To read Amazon S3 bucket. +// To create a rule and a stack. +// +// * ErrCodeOrganizationConformancePackTemplateValidationException "OrganizationConformancePackTemplateValidationException" +// You have specified a template that is not valid or supported. +// +// * ErrCodeOrganizationAllFeaturesNotEnabledException "OrganizationAllFeaturesNotEnabledException" +// AWS Config resource cannot be created because your organization does not +// have all features enabled. +// +// * ErrCodeNoAvailableOrganizationException "NoAvailableOrganizationException" +// Organization is no longer available. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutOrganizationConformancePack +func (c *ConfigService) PutOrganizationConformancePack(input *PutOrganizationConformancePackInput) (*PutOrganizationConformancePackOutput, error) { + req, out := c.PutOrganizationConformancePackRequest(input) return out, req.Send() } -// UntagResourceWithContext is the same as UntagResource with the addition of +// PutOrganizationConformancePackWithContext is the same as PutOrganizationConformancePack with the addition of // the ability to pass a context and additional request options. // -// See UntagResource for details on how to use this API operation. +// See PutOrganizationConformancePack for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ConfigService) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { - req, out := c.UntagResourceRequest(input) +func (c *ConfigService) PutOrganizationConformancePackWithContext(ctx aws.Context, input *PutOrganizationConformancePackInput, opts ...request.Option) (*PutOrganizationConformancePackOutput, error) { + req, out := c.PutOrganizationConformancePackRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// A collection of accounts and regions. -type AccountAggregationSource struct { - _ struct{} `type:"structure"` - - // The 12-digit account ID of the account being aggregated. - // - // AccountIds is a required field - AccountIds []*string `min:"1" type:"list" required:"true"` - - // If true, aggregate existing AWS Config regions and future regions. - AllAwsRegions *bool `type:"boolean"` - - // The source regions being aggregated. - AwsRegions []*string `min:"1" type:"list"` -} - -// String returns the string representation -func (s AccountAggregationSource) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AccountAggregationSource) GoString() string { - return s.String() -} +const opPutRemediationConfigurations = "PutRemediationConfigurations" -// Validate inspects the fields of the type to determine if they are valid. -func (s *AccountAggregationSource) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AccountAggregationSource"} - if s.AccountIds == nil { - invalidParams.Add(request.NewErrParamRequired("AccountIds")) - } - if s.AccountIds != nil && len(s.AccountIds) < 1 { +// PutRemediationConfigurationsRequest generates a "aws/request.Request" representing the +// client's request for the PutRemediationConfigurations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutRemediationConfigurations for more information on using the PutRemediationConfigurations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the PutRemediationConfigurationsRequest method. +// req, resp := client.PutRemediationConfigurationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRemediationConfigurations +func (c *ConfigService) PutRemediationConfigurationsRequest(input *PutRemediationConfigurationsInput) (req *request.Request, output *PutRemediationConfigurationsOutput) { + op := &request.Operation{ + Name: opPutRemediationConfigurations, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutRemediationConfigurationsInput{} + } + + output = &PutRemediationConfigurationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutRemediationConfigurations API operation for AWS Config. +// +// Adds or updates the remediation configuration with a specific AWS Config +// rule with the selected target or action. The API creates the RemediationConfiguration +// object for the AWS Config rule. The AWS Config rule must already exist for +// you to add a remediation configuration. The target (SSM document) must exist +// and have permissions to use the target. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation PutRemediationConfigurations for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" +// Indicates one of the following errors: +// +// * For PutConfigRule, the rule cannot be created because the IAM role assigned +// to AWS Config lacks permissions to perform the config:Put* action. +// +// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check +// the function ARN, and check the function's permissions. +// +// * For PutOrganizationConfigRule, organization config rule cannot be created +// because you do not have permissions to call IAM GetRole action or create +// a service linked role. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack cannot be created becuase you do not have permissions: To call IAM +// GetRole action or create a service linked role. To read Amazon S3 bucket. +// To create a rule and a stack. +// +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRemediationConfigurations +func (c *ConfigService) PutRemediationConfigurations(input *PutRemediationConfigurationsInput) (*PutRemediationConfigurationsOutput, error) { + req, out := c.PutRemediationConfigurationsRequest(input) + return out, req.Send() +} + +// PutRemediationConfigurationsWithContext is the same as PutRemediationConfigurations with the addition of +// the ability to pass a context and additional request options. +// +// See PutRemediationConfigurations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) PutRemediationConfigurationsWithContext(ctx aws.Context, input *PutRemediationConfigurationsInput, opts ...request.Option) (*PutRemediationConfigurationsOutput, error) { + req, out := c.PutRemediationConfigurationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutRemediationExceptions = "PutRemediationExceptions" + +// PutRemediationExceptionsRequest generates a "aws/request.Request" representing the +// client's request for the PutRemediationExceptions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutRemediationExceptions for more information on using the PutRemediationExceptions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the PutRemediationExceptionsRequest method. +// req, resp := client.PutRemediationExceptionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRemediationExceptions +func (c *ConfigService) PutRemediationExceptionsRequest(input *PutRemediationExceptionsInput) (req *request.Request, output *PutRemediationExceptionsOutput) { + op := &request.Operation{ + Name: opPutRemediationExceptions, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutRemediationExceptionsInput{} + } + + output = &PutRemediationExceptionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutRemediationExceptions API operation for AWS Config. +// +// A remediation exception is when a specific resource is no longer considered +// for auto-remediation. This API adds a new exception or updates an exisiting +// exception for a specific resource with a specific AWS Config rule. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation PutRemediationExceptions for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRemediationExceptions +func (c *ConfigService) PutRemediationExceptions(input *PutRemediationExceptionsInput) (*PutRemediationExceptionsOutput, error) { + req, out := c.PutRemediationExceptionsRequest(input) + return out, req.Send() +} + +// PutRemediationExceptionsWithContext is the same as PutRemediationExceptions with the addition of +// the ability to pass a context and additional request options. +// +// See PutRemediationExceptions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) PutRemediationExceptionsWithContext(ctx aws.Context, input *PutRemediationExceptionsInput, opts ...request.Option) (*PutRemediationExceptionsOutput, error) { + req, out := c.PutRemediationExceptionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutRetentionConfiguration = "PutRetentionConfiguration" + +// PutRetentionConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the PutRetentionConfiguration operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutRetentionConfiguration for more information on using the PutRetentionConfiguration +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the PutRetentionConfigurationRequest method. +// req, resp := client.PutRetentionConfigurationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRetentionConfiguration +func (c *ConfigService) PutRetentionConfigurationRequest(input *PutRetentionConfigurationInput) (req *request.Request, output *PutRetentionConfigurationOutput) { + op := &request.Operation{ + Name: opPutRetentionConfiguration, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutRetentionConfigurationInput{} + } + + output = &PutRetentionConfigurationOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutRetentionConfiguration API operation for AWS Config. +// +// Creates and updates the retention configuration with details about retention +// period (number of days) that AWS Config stores your historical information. +// The API creates the RetentionConfiguration object and names the object as +// default. When you have a RetentionConfiguration object named default, calling +// the API modifies the default object. +// +// Currently, AWS Config supports only one retention configuration per region +// in your account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation PutRetentionConfiguration for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. +// +// * ErrCodeMaxNumberOfRetentionConfigurationsExceededException "MaxNumberOfRetentionConfigurationsExceededException" +// Failed to add the retention configuration because a retention configuration +// with that name already exists. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/PutRetentionConfiguration +func (c *ConfigService) PutRetentionConfiguration(input *PutRetentionConfigurationInput) (*PutRetentionConfigurationOutput, error) { + req, out := c.PutRetentionConfigurationRequest(input) + return out, req.Send() +} + +// PutRetentionConfigurationWithContext is the same as PutRetentionConfiguration with the addition of +// the ability to pass a context and additional request options. +// +// See PutRetentionConfiguration for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) PutRetentionConfigurationWithContext(ctx aws.Context, input *PutRetentionConfigurationInput, opts ...request.Option) (*PutRetentionConfigurationOutput, error) { + req, out := c.PutRetentionConfigurationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opSelectResourceConfig = "SelectResourceConfig" + +// SelectResourceConfigRequest generates a "aws/request.Request" representing the +// client's request for the SelectResourceConfig operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See SelectResourceConfig for more information on using the SelectResourceConfig +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the SelectResourceConfigRequest method. +// req, resp := client.SelectResourceConfigRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/SelectResourceConfig +func (c *ConfigService) SelectResourceConfigRequest(input *SelectResourceConfigInput) (req *request.Request, output *SelectResourceConfigOutput) { + op := &request.Operation{ + Name: opSelectResourceConfig, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &SelectResourceConfigInput{} + } + + output = &SelectResourceConfigOutput{} + req = c.newRequest(op, input, output) + return +} + +// SelectResourceConfig API operation for AWS Config. +// +// Accepts a structured query language (SQL) SELECT command, performs the corresponding +// search, and returns resource configurations matching the properties. +// +// For more information about query components, see the Query Components (https://docs.aws.amazon.com/config/latest/developerguide/query-components.html) +// section in the AWS Config Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation SelectResourceConfig for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInvalidExpressionException "InvalidExpressionException" +// The syntax of the query is incorrect. +// +// * ErrCodeInvalidLimitException "InvalidLimitException" +// The specified limit is outside the allowable range. +// +// * ErrCodeInvalidNextTokenException "InvalidNextTokenException" +// The specified next token is invalid. Specify the nextToken string that was +// returned in the previous response to get the next page of results. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/SelectResourceConfig +func (c *ConfigService) SelectResourceConfig(input *SelectResourceConfigInput) (*SelectResourceConfigOutput, error) { + req, out := c.SelectResourceConfigRequest(input) + return out, req.Send() +} + +// SelectResourceConfigWithContext is the same as SelectResourceConfig with the addition of +// the ability to pass a context and additional request options. +// +// See SelectResourceConfig for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) SelectResourceConfigWithContext(ctx aws.Context, input *SelectResourceConfigInput, opts ...request.Option) (*SelectResourceConfigOutput, error) { + req, out := c.SelectResourceConfigRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStartConfigRulesEvaluation = "StartConfigRulesEvaluation" + +// StartConfigRulesEvaluationRequest generates a "aws/request.Request" representing the +// client's request for the StartConfigRulesEvaluation operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartConfigRulesEvaluation for more information on using the StartConfigRulesEvaluation +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartConfigRulesEvaluationRequest method. +// req, resp := client.StartConfigRulesEvaluationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartConfigRulesEvaluation +func (c *ConfigService) StartConfigRulesEvaluationRequest(input *StartConfigRulesEvaluationInput) (req *request.Request, output *StartConfigRulesEvaluationOutput) { + op := &request.Operation{ + Name: opStartConfigRulesEvaluation, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartConfigRulesEvaluationInput{} + } + + output = &StartConfigRulesEvaluationOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// StartConfigRulesEvaluation API operation for AWS Config. +// +// Runs an on-demand evaluation for the specified AWS Config rules against the +// last known configuration state of the resources. Use StartConfigRulesEvaluation +// when you want to test that a rule you updated is working as expected. StartConfigRulesEvaluation +// does not re-record the latest configuration state for your resources. It +// re-runs an evaluation against the last known state of your resources. +// +// You can specify up to 25 AWS Config rules per request. +// +// An existing StartConfigRulesEvaluation call for the specified rules must +// complete before you can call the API again. If you chose to have AWS Config +// stream to an Amazon SNS topic, you will receive a ConfigRuleEvaluationStarted +// notification when the evaluation starts. +// +// You don't need to call the StartConfigRulesEvaluation API to run an evaluation +// for a new rule. When you create a rule, AWS Config evaluates your resources +// against the rule automatically. +// +// The StartConfigRulesEvaluation API is useful if you want to run on-demand +// evaluations, such as the following example: +// +// You have a custom rule that evaluates your IAM resources every 24 hours. +// +// You update your Lambda function to add additional conditions to your rule. +// +// Instead of waiting for the next periodic evaluation, you call the StartConfigRulesEvaluation +// API. +// +// AWS Config invokes your Lambda function and evaluates your IAM resources. +// +// Your custom rule will still run periodic evaluations every 24 hours. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation StartConfigRulesEvaluation for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchConfigRuleException "NoSuchConfigRuleException" +// One or more AWS Config rules in the request are invalid. Verify that the +// rule names are correct and try again. +// +// * ErrCodeLimitExceededException "LimitExceededException" +// For StartConfigRulesEvaluation API, this exception is thrown if an evaluation +// is in progress or if you call the StartConfigRulesEvaluation API more than +// once per minute. +// +// For PutConfigurationAggregator API, this exception is thrown if the number +// of accounts and aggregators exceeds the limit. +// +// * ErrCodeResourceInUseException "ResourceInUseException" +// You see this exception in the following cases: +// +// * For DeleteConfigRule, AWS Config is deleting this rule. Try your request +// again later. +// +// * For DeleteConfigRule, the rule is deleting your evaluation results. +// Try your request again later. +// +// * For DeleteConfigRule, a remediation action is associated with the rule +// and AWS Config cannot delete this rule. Delete the remediation action +// associated with the rule before deleting the rule and try your request +// again later. +// +// * For PutConfigOrganizationRule, organization config rule deletion is +// in progress. Try your request again later. +// +// * For DeleteOrganizationConfigRule, organization config rule creation +// is in progress. Try your request again later. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack creation, update, and deletion is in progress. Try your request again +// later. +// +// * For DeleteConformancePack, a conformance pack creation, update, and +// deletion is in progress. Try your request again later. +// +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartConfigRulesEvaluation +func (c *ConfigService) StartConfigRulesEvaluation(input *StartConfigRulesEvaluationInput) (*StartConfigRulesEvaluationOutput, error) { + req, out := c.StartConfigRulesEvaluationRequest(input) + return out, req.Send() +} + +// StartConfigRulesEvaluationWithContext is the same as StartConfigRulesEvaluation with the addition of +// the ability to pass a context and additional request options. +// +// See StartConfigRulesEvaluation for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) StartConfigRulesEvaluationWithContext(ctx aws.Context, input *StartConfigRulesEvaluationInput, opts ...request.Option) (*StartConfigRulesEvaluationOutput, error) { + req, out := c.StartConfigRulesEvaluationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStartConfigurationRecorder = "StartConfigurationRecorder" + +// StartConfigurationRecorderRequest generates a "aws/request.Request" representing the +// client's request for the StartConfigurationRecorder operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartConfigurationRecorder for more information on using the StartConfigurationRecorder +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartConfigurationRecorderRequest method. +// req, resp := client.StartConfigurationRecorderRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartConfigurationRecorder +func (c *ConfigService) StartConfigurationRecorderRequest(input *StartConfigurationRecorderInput) (req *request.Request, output *StartConfigurationRecorderOutput) { + op := &request.Operation{ + Name: opStartConfigurationRecorder, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartConfigurationRecorderInput{} + } + + output = &StartConfigurationRecorderOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// StartConfigurationRecorder API operation for AWS Config. +// +// Starts recording configurations of the AWS resources you have selected to +// record in your AWS account. +// +// You must have created at least one delivery channel to successfully start +// the configuration recorder. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation StartConfigurationRecorder for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchConfigurationRecorderException "NoSuchConfigurationRecorderException" +// You have specified a configuration recorder that does not exist. +// +// * ErrCodeNoAvailableDeliveryChannelException "NoAvailableDeliveryChannelException" +// There is no delivery channel available to record configurations. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartConfigurationRecorder +func (c *ConfigService) StartConfigurationRecorder(input *StartConfigurationRecorderInput) (*StartConfigurationRecorderOutput, error) { + req, out := c.StartConfigurationRecorderRequest(input) + return out, req.Send() +} + +// StartConfigurationRecorderWithContext is the same as StartConfigurationRecorder with the addition of +// the ability to pass a context and additional request options. +// +// See StartConfigurationRecorder for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) StartConfigurationRecorderWithContext(ctx aws.Context, input *StartConfigurationRecorderInput, opts ...request.Option) (*StartConfigurationRecorderOutput, error) { + req, out := c.StartConfigurationRecorderRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStartRemediationExecution = "StartRemediationExecution" + +// StartRemediationExecutionRequest generates a "aws/request.Request" representing the +// client's request for the StartRemediationExecution operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartRemediationExecution for more information on using the StartRemediationExecution +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartRemediationExecutionRequest method. +// req, resp := client.StartRemediationExecutionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartRemediationExecution +func (c *ConfigService) StartRemediationExecutionRequest(input *StartRemediationExecutionInput) (req *request.Request, output *StartRemediationExecutionOutput) { + op := &request.Operation{ + Name: opStartRemediationExecution, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartRemediationExecutionInput{} + } + + output = &StartRemediationExecutionOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartRemediationExecution API operation for AWS Config. +// +// Runs an on-demand remediation for the specified AWS Config rules against +// the last known remediation configuration. It runs an execution against the +// current state of your resources. Remediation execution is asynchronous. +// +// You can specify up to 100 resource keys per request. An existing StartRemediationExecution +// call for the specified resource keys must complete before you can call the +// API again. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation StartRemediationExecution for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInvalidParameterValueException "InvalidParameterValueException" +// One or more of the specified parameters are invalid. Verify that your parameters +// are valid and try again. +// +// * ErrCodeInsufficientPermissionsException "InsufficientPermissionsException" +// Indicates one of the following errors: +// +// * For PutConfigRule, the rule cannot be created because the IAM role assigned +// to AWS Config lacks permissions to perform the config:Put* action. +// +// * For PutConfigRule, the AWS Lambda function cannot be invoked. Check +// the function ARN, and check the function's permissions. +// +// * For PutOrganizationConfigRule, organization config rule cannot be created +// because you do not have permissions to call IAM GetRole action or create +// a service linked role. +// +// * For PutConformancePack and PutOrganizationConformancePack, a conformance +// pack cannot be created becuase you do not have permissions: To call IAM +// GetRole action or create a service linked role. To read Amazon S3 bucket. +// To create a rule and a stack. +// +// * ErrCodeNoSuchRemediationConfigurationException "NoSuchRemediationConfigurationException" +// You specified an AWS Config rule without a remediation configuration. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StartRemediationExecution +func (c *ConfigService) StartRemediationExecution(input *StartRemediationExecutionInput) (*StartRemediationExecutionOutput, error) { + req, out := c.StartRemediationExecutionRequest(input) + return out, req.Send() +} + +// StartRemediationExecutionWithContext is the same as StartRemediationExecution with the addition of +// the ability to pass a context and additional request options. +// +// See StartRemediationExecution for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) StartRemediationExecutionWithContext(ctx aws.Context, input *StartRemediationExecutionInput, opts ...request.Option) (*StartRemediationExecutionOutput, error) { + req, out := c.StartRemediationExecutionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStopConfigurationRecorder = "StopConfigurationRecorder" + +// StopConfigurationRecorderRequest generates a "aws/request.Request" representing the +// client's request for the StopConfigurationRecorder operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StopConfigurationRecorder for more information on using the StopConfigurationRecorder +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StopConfigurationRecorderRequest method. +// req, resp := client.StopConfigurationRecorderRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StopConfigurationRecorder +func (c *ConfigService) StopConfigurationRecorderRequest(input *StopConfigurationRecorderInput) (req *request.Request, output *StopConfigurationRecorderOutput) { + op := &request.Operation{ + Name: opStopConfigurationRecorder, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StopConfigurationRecorderInput{} + } + + output = &StopConfigurationRecorderOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// StopConfigurationRecorder API operation for AWS Config. +// +// Stops recording configurations of the AWS resources you have selected to +// record in your AWS account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation StopConfigurationRecorder for usage and error information. +// +// Returned Error Codes: +// * ErrCodeNoSuchConfigurationRecorderException "NoSuchConfigurationRecorderException" +// You have specified a configuration recorder that does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/StopConfigurationRecorder +func (c *ConfigService) StopConfigurationRecorder(input *StopConfigurationRecorderInput) (*StopConfigurationRecorderOutput, error) { + req, out := c.StopConfigurationRecorderRequest(input) + return out, req.Send() +} + +// StopConfigurationRecorderWithContext is the same as StopConfigurationRecorder with the addition of +// the ability to pass a context and additional request options. +// +// See StopConfigurationRecorder for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) StopConfigurationRecorderWithContext(ctx aws.Context, input *StopConfigurationRecorderInput, opts ...request.Option) (*StopConfigurationRecorderOutput, error) { + req, out := c.StopConfigurationRecorderRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagResource = "TagResource" + +// TagResourceRequest generates a "aws/request.Request" representing the +// client's request for the TagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagResource for more information on using the TagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the TagResourceRequest method. +// req, resp := client.TagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/TagResource +func (c *ConfigService) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { + op := &request.Operation{ + Name: opTagResource, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TagResourceInput{} + } + + output = &TagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagResource API operation for AWS Config. +// +// Associates the specified tags to a resource with the specified resourceArn. +// If existing tags on a resource are not specified in the request parameters, +// they are not changed. When a resource is deleted, the tags associated with +// that resource are deleted as well. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation TagResource for usage and error information. +// +// Returned Error Codes: +// * ErrCodeValidationException "ValidationException" +// The requested action is not valid. +// +// * ErrCodeResourceNotFoundException "ResourceNotFoundException" +// You have specified a resource that does not exist. +// +// * ErrCodeTooManyTagsException "TooManyTagsException" +// You have reached the limit of the number of tags you can use. You have more +// than 50 tags. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/TagResource +func (c *ConfigService) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + return out, req.Send() +} + +// TagResourceWithContext is the same as TagResource with the addition of +// the ability to pass a context and additional request options. +// +// See TagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagResource = "UntagResource" + +// UntagResourceRequest generates a "aws/request.Request" representing the +// client's request for the UntagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagResource for more information on using the UntagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UntagResourceRequest method. +// req, resp := client.UntagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/UntagResource +func (c *ConfigService) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { + op := &request.Operation{ + Name: opUntagResource, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UntagResourceInput{} + } + + output = &UntagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagResource API operation for AWS Config. +// +// Deletes specified tags from a resource. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Config's +// API operation UntagResource for usage and error information. +// +// Returned Error Codes: +// * ErrCodeValidationException "ValidationException" +// The requested action is not valid. +// +// * ErrCodeResourceNotFoundException "ResourceNotFoundException" +// You have specified a resource that does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/UntagResource +func (c *ConfigService) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + return out, req.Send() +} + +// UntagResourceWithContext is the same as UntagResource with the addition of +// the ability to pass a context and additional request options. +// +// See UntagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ConfigService) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// A collection of accounts and regions. +type AccountAggregationSource struct { + _ struct{} `type:"structure"` + + // The 12-digit account ID of the account being aggregated. + // + // AccountIds is a required field + AccountIds []*string `min:"1" type:"list" required:"true"` + + // If true, aggregate existing AWS Config regions and future regions. + AllAwsRegions *bool `type:"boolean"` + + // The source regions being aggregated. + AwsRegions []*string `min:"1" type:"list"` +} + +// String returns the string representation +func (s AccountAggregationSource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AccountAggregationSource) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AccountAggregationSource) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AccountAggregationSource"} + if s.AccountIds == nil { + invalidParams.Add(request.NewErrParamRequired("AccountIds")) + } + if s.AccountIds != nil && len(s.AccountIds) < 1 { invalidParams.Add(request.NewErrParamMinLen("AccountIds", 1)) } - if s.AwsRegions != nil && len(s.AwsRegions) < 1 { - invalidParams.Add(request.NewErrParamMinLen("AwsRegions", 1)) + if s.AwsRegions != nil && len(s.AwsRegions) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AwsRegions", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccountIds sets the AccountIds field's value. +func (s *AccountAggregationSource) SetAccountIds(v []*string) *AccountAggregationSource { + s.AccountIds = v + return s +} + +// SetAllAwsRegions sets the AllAwsRegions field's value. +func (s *AccountAggregationSource) SetAllAwsRegions(v bool) *AccountAggregationSource { + s.AllAwsRegions = &v + return s +} + +// SetAwsRegions sets the AwsRegions field's value. +func (s *AccountAggregationSource) SetAwsRegions(v []*string) *AccountAggregationSource { + s.AwsRegions = v + return s +} + +// Indicates whether an AWS Config rule is compliant based on account ID, region, +// compliance, and rule name. +// +// A rule is compliant if all of the resources that the rule evaluated comply +// with it. It is noncompliant if any of these resources do not comply. +type AggregateComplianceByConfigRule struct { + _ struct{} `type:"structure"` + + // The 12-digit account ID of the source account. + AccountId *string `type:"string"` + + // The source region from where the data is aggregated. + AwsRegion *string `min:"1" type:"string"` + + // Indicates whether an AWS resource or AWS Config rule is compliant and provides + // the number of contributors that affect the compliance. + Compliance *Compliance `type:"structure"` + + // The name of the AWS Config rule. + ConfigRuleName *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s AggregateComplianceByConfigRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AggregateComplianceByConfigRule) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *AggregateComplianceByConfigRule) SetAccountId(v string) *AggregateComplianceByConfigRule { + s.AccountId = &v + return s +} + +// SetAwsRegion sets the AwsRegion field's value. +func (s *AggregateComplianceByConfigRule) SetAwsRegion(v string) *AggregateComplianceByConfigRule { + s.AwsRegion = &v + return s +} + +// SetCompliance sets the Compliance field's value. +func (s *AggregateComplianceByConfigRule) SetCompliance(v *Compliance) *AggregateComplianceByConfigRule { + s.Compliance = v + return s +} + +// SetConfigRuleName sets the ConfigRuleName field's value. +func (s *AggregateComplianceByConfigRule) SetConfigRuleName(v string) *AggregateComplianceByConfigRule { + s.ConfigRuleName = &v + return s +} + +// Returns the number of compliant and noncompliant rules for one or more accounts +// and regions in an aggregator. +type AggregateComplianceCount struct { + _ struct{} `type:"structure"` + + // The number of compliant and noncompliant AWS Config rules. + ComplianceSummary *ComplianceSummary `type:"structure"` + + // The 12-digit account ID or region based on the GroupByKey value. + GroupName *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s AggregateComplianceCount) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AggregateComplianceCount) GoString() string { + return s.String() +} + +// SetComplianceSummary sets the ComplianceSummary field's value. +func (s *AggregateComplianceCount) SetComplianceSummary(v *ComplianceSummary) *AggregateComplianceCount { + s.ComplianceSummary = v + return s +} + +// SetGroupName sets the GroupName field's value. +func (s *AggregateComplianceCount) SetGroupName(v string) *AggregateComplianceCount { + s.GroupName = &v + return s +} + +// The details of an AWS Config evaluation for an account ID and region in an +// aggregator. Provides the AWS resource that was evaluated, the compliance +// of the resource, related time stamps, and supplementary information. +type AggregateEvaluationResult struct { + _ struct{} `type:"structure"` + + // The 12-digit account ID of the source account. + AccountId *string `type:"string"` + + // Supplementary information about how the agrregate evaluation determined the + // compliance. + Annotation *string `min:"1" type:"string"` + + // The source region from where the data is aggregated. + AwsRegion *string `min:"1" type:"string"` + + // The resource compliance status. + // + // For the AggregationEvaluationResult data type, AWS Config supports only the + // COMPLIANT and NON_COMPLIANT. AWS Config does not support the NOT_APPLICABLE + // and INSUFFICIENT_DATA value. + ComplianceType *string `type:"string" enum:"ComplianceType"` + + // The time when the AWS Config rule evaluated the AWS resource. + ConfigRuleInvokedTime *time.Time `type:"timestamp"` + + // Uniquely identifies the evaluation result. + EvaluationResultIdentifier *EvaluationResultIdentifier `type:"structure"` + + // The time when AWS Config recorded the aggregate evaluation result. + ResultRecordedTime *time.Time `type:"timestamp"` +} + +// String returns the string representation +func (s AggregateEvaluationResult) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AggregateEvaluationResult) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *AggregateEvaluationResult) SetAccountId(v string) *AggregateEvaluationResult { + s.AccountId = &v + return s +} + +// SetAnnotation sets the Annotation field's value. +func (s *AggregateEvaluationResult) SetAnnotation(v string) *AggregateEvaluationResult { + s.Annotation = &v + return s +} + +// SetAwsRegion sets the AwsRegion field's value. +func (s *AggregateEvaluationResult) SetAwsRegion(v string) *AggregateEvaluationResult { + s.AwsRegion = &v + return s +} + +// SetComplianceType sets the ComplianceType field's value. +func (s *AggregateEvaluationResult) SetComplianceType(v string) *AggregateEvaluationResult { + s.ComplianceType = &v + return s +} + +// SetConfigRuleInvokedTime sets the ConfigRuleInvokedTime field's value. +func (s *AggregateEvaluationResult) SetConfigRuleInvokedTime(v time.Time) *AggregateEvaluationResult { + s.ConfigRuleInvokedTime = &v + return s +} + +// SetEvaluationResultIdentifier sets the EvaluationResultIdentifier field's value. +func (s *AggregateEvaluationResult) SetEvaluationResultIdentifier(v *EvaluationResultIdentifier) *AggregateEvaluationResult { + s.EvaluationResultIdentifier = v + return s +} + +// SetResultRecordedTime sets the ResultRecordedTime field's value. +func (s *AggregateEvaluationResult) SetResultRecordedTime(v time.Time) *AggregateEvaluationResult { + s.ResultRecordedTime = &v + return s +} + +// The details that identify a resource that is collected by AWS Config aggregator, +// including the resource type, ID, (if available) the custom resource name, +// the source account, and source region. +type AggregateResourceIdentifier struct { + _ struct{} `type:"structure"` + + // The ID of the AWS resource. + // + // ResourceId is a required field + ResourceId *string `min:"1" type:"string" required:"true"` + + // The name of the AWS resource. + ResourceName *string `type:"string"` + + // The type of the AWS resource. + // + // ResourceType is a required field + ResourceType *string `type:"string" required:"true" enum:"ResourceType"` + + // The 12-digit account ID of the source account. + // + // SourceAccountId is a required field + SourceAccountId *string `type:"string" required:"true"` + + // The source region where data is aggregated. + // + // SourceRegion is a required field + SourceRegion *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s AggregateResourceIdentifier) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AggregateResourceIdentifier) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AggregateResourceIdentifier) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AggregateResourceIdentifier"} + if s.ResourceId == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceId")) + } + if s.ResourceId != nil && len(*s.ResourceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceId", 1)) + } + if s.ResourceType == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceType")) + } + if s.SourceAccountId == nil { + invalidParams.Add(request.NewErrParamRequired("SourceAccountId")) + } + if s.SourceRegion == nil { + invalidParams.Add(request.NewErrParamRequired("SourceRegion")) + } + if s.SourceRegion != nil && len(*s.SourceRegion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SourceRegion", 1)) } - if invalidParams.Len() > 0 { - return invalidParams - } - return nil + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceId sets the ResourceId field's value. +func (s *AggregateResourceIdentifier) SetResourceId(v string) *AggregateResourceIdentifier { + s.ResourceId = &v + return s +} + +// SetResourceName sets the ResourceName field's value. +func (s *AggregateResourceIdentifier) SetResourceName(v string) *AggregateResourceIdentifier { + s.ResourceName = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *AggregateResourceIdentifier) SetResourceType(v string) *AggregateResourceIdentifier { + s.ResourceType = &v + return s +} + +// SetSourceAccountId sets the SourceAccountId field's value. +func (s *AggregateResourceIdentifier) SetSourceAccountId(v string) *AggregateResourceIdentifier { + s.SourceAccountId = &v + return s +} + +// SetSourceRegion sets the SourceRegion field's value. +func (s *AggregateResourceIdentifier) SetSourceRegion(v string) *AggregateResourceIdentifier { + s.SourceRegion = &v + return s +} + +// The current sync status between the source and the aggregator account. +type AggregatedSourceStatus struct { + _ struct{} `type:"structure"` + + // The region authorized to collect aggregated data. + AwsRegion *string `min:"1" type:"string"` + + // The error code that AWS Config returned when the source account aggregation + // last failed. + LastErrorCode *string `type:"string"` + + // The message indicating that the source account aggregation failed due to + // an error. + LastErrorMessage *string `type:"string"` + + // Filters the last updated status type. + // + // * Valid value FAILED indicates errors while moving data. + // + // * Valid value SUCCEEDED indicates the data was successfully moved. + // + // * Valid value OUTDATED indicates the data is not the most recent. + LastUpdateStatus *string `type:"string" enum:"AggregatedSourceStatusType"` + + // The time of the last update. + LastUpdateTime *time.Time `type:"timestamp"` + + // The source account ID or an organization. + SourceId *string `type:"string"` + + // The source account or an organization. + SourceType *string `type:"string" enum:"AggregatedSourceType"` +} + +// String returns the string representation +func (s AggregatedSourceStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AggregatedSourceStatus) GoString() string { + return s.String() } -// SetAccountIds sets the AccountIds field's value. -func (s *AccountAggregationSource) SetAccountIds(v []*string) *AccountAggregationSource { - s.AccountIds = v +// SetAwsRegion sets the AwsRegion field's value. +func (s *AggregatedSourceStatus) SetAwsRegion(v string) *AggregatedSourceStatus { + s.AwsRegion = &v return s } -// SetAllAwsRegions sets the AllAwsRegions field's value. -func (s *AccountAggregationSource) SetAllAwsRegions(v bool) *AccountAggregationSource { - s.AllAwsRegions = &v +// SetLastErrorCode sets the LastErrorCode field's value. +func (s *AggregatedSourceStatus) SetLastErrorCode(v string) *AggregatedSourceStatus { + s.LastErrorCode = &v return s } -// SetAwsRegions sets the AwsRegions field's value. -func (s *AccountAggregationSource) SetAwsRegions(v []*string) *AccountAggregationSource { - s.AwsRegions = v +// SetLastErrorMessage sets the LastErrorMessage field's value. +func (s *AggregatedSourceStatus) SetLastErrorMessage(v string) *AggregatedSourceStatus { + s.LastErrorMessage = &v return s } -// Indicates whether an AWS Config rule is compliant based on account ID, region, -// compliance, and rule name. -// -// A rule is compliant if all of the resources that the rule evaluated comply -// with it. It is noncompliant if any of these resources do not comply. -type AggregateComplianceByConfigRule struct { +// SetLastUpdateStatus sets the LastUpdateStatus field's value. +func (s *AggregatedSourceStatus) SetLastUpdateStatus(v string) *AggregatedSourceStatus { + s.LastUpdateStatus = &v + return s +} + +// SetLastUpdateTime sets the LastUpdateTime field's value. +func (s *AggregatedSourceStatus) SetLastUpdateTime(v time.Time) *AggregatedSourceStatus { + s.LastUpdateTime = &v + return s +} + +// SetSourceId sets the SourceId field's value. +func (s *AggregatedSourceStatus) SetSourceId(v string) *AggregatedSourceStatus { + s.SourceId = &v + return s +} + +// SetSourceType sets the SourceType field's value. +func (s *AggregatedSourceStatus) SetSourceType(v string) *AggregatedSourceStatus { + s.SourceType = &v + return s +} + +// An object that represents the authorizations granted to aggregator accounts +// and regions. +type AggregationAuthorization struct { _ struct{} `type:"structure"` - // The 12-digit account ID of the source account. - AccountId *string `type:"string"` + // The Amazon Resource Name (ARN) of the aggregation object. + AggregationAuthorizationArn *string `type:"string"` - // The source region from where the data is aggregated. - AwsRegion *string `min:"1" type:"string"` + // The 12-digit account ID of the account authorized to aggregate data. + AuthorizedAccountId *string `type:"string"` - // Indicates whether an AWS resource or AWS Config rule is compliant and provides - // the number of contributors that affect the compliance. - Compliance *Compliance `type:"structure"` + // The region authorized to collect aggregated data. + AuthorizedAwsRegion *string `min:"1" type:"string"` - // The name of the AWS Config rule. - ConfigRuleName *string `min:"1" type:"string"` + // The time stamp when the aggregation authorization was created. + CreationTime *time.Time `type:"timestamp"` } // String returns the string representation -func (s AggregateComplianceByConfigRule) String() string { +func (s AggregationAuthorization) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s AggregateComplianceByConfigRule) GoString() string { +func (s AggregationAuthorization) GoString() string { return s.String() } -// SetAccountId sets the AccountId field's value. -func (s *AggregateComplianceByConfigRule) SetAccountId(v string) *AggregateComplianceByConfigRule { - s.AccountId = &v +// SetAggregationAuthorizationArn sets the AggregationAuthorizationArn field's value. +func (s *AggregationAuthorization) SetAggregationAuthorizationArn(v string) *AggregationAuthorization { + s.AggregationAuthorizationArn = &v return s } -// SetAwsRegion sets the AwsRegion field's value. -func (s *AggregateComplianceByConfigRule) SetAwsRegion(v string) *AggregateComplianceByConfigRule { - s.AwsRegion = &v +// SetAuthorizedAccountId sets the AuthorizedAccountId field's value. +func (s *AggregationAuthorization) SetAuthorizedAccountId(v string) *AggregationAuthorization { + s.AuthorizedAccountId = &v return s } -// SetCompliance sets the Compliance field's value. -func (s *AggregateComplianceByConfigRule) SetCompliance(v *Compliance) *AggregateComplianceByConfigRule { - s.Compliance = v +// SetAuthorizedAwsRegion sets the AuthorizedAwsRegion field's value. +func (s *AggregationAuthorization) SetAuthorizedAwsRegion(v string) *AggregationAuthorization { + s.AuthorizedAwsRegion = &v return s } -// SetConfigRuleName sets the ConfigRuleName field's value. -func (s *AggregateComplianceByConfigRule) SetConfigRuleName(v string) *AggregateComplianceByConfigRule { - s.ConfigRuleName = &v +// SetCreationTime sets the CreationTime field's value. +func (s *AggregationAuthorization) SetCreationTime(v time.Time) *AggregationAuthorization { + s.CreationTime = &v return s } -// Returns the number of compliant and noncompliant rules for one or more accounts -// and regions in an aggregator. -type AggregateComplianceCount struct { +// The detailed configuration of a specified resource. +type BaseConfigurationItem struct { _ struct{} `type:"structure"` - // The number of compliant and noncompliant AWS Config rules. - ComplianceSummary *ComplianceSummary `type:"structure"` + // The 12-digit AWS account ID associated with the resource. + AccountId *string `locationName:"accountId" type:"string"` - // The 12-digit account ID or region based on the GroupByKey value. - GroupName *string `min:"1" type:"string"` -} + // The Amazon Resource Name (ARN) of the resource. + Arn *string `locationName:"arn" type:"string"` -// String returns the string representation -func (s AggregateComplianceCount) String() string { - return awsutil.Prettify(s) -} + // The Availability Zone associated with the resource. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` -// GoString returns the string representation -func (s AggregateComplianceCount) GoString() string { - return s.String() -} + // The region where the resource resides. + AwsRegion *string `locationName:"awsRegion" min:"1" type:"string"` -// SetComplianceSummary sets the ComplianceSummary field's value. -func (s *AggregateComplianceCount) SetComplianceSummary(v *ComplianceSummary) *AggregateComplianceCount { - s.ComplianceSummary = v - return s -} + // The description of the resource configuration. + Configuration *string `locationName:"configuration" type:"string"` -// SetGroupName sets the GroupName field's value. -func (s *AggregateComplianceCount) SetGroupName(v string) *AggregateComplianceCount { - s.GroupName = &v - return s -} + // The time when the configuration recording was initiated. + ConfigurationItemCaptureTime *time.Time `locationName:"configurationItemCaptureTime" type:"timestamp"` -// The details of an AWS Config evaluation for an account ID and region in an -// aggregator. Provides the AWS resource that was evaluated, the compliance -// of the resource, related time stamps, and supplementary information. -type AggregateEvaluationResult struct { - _ struct{} `type:"structure"` + // The configuration item status. + ConfigurationItemStatus *string `locationName:"configurationItemStatus" type:"string" enum:"ConfigurationItemStatus"` - // The 12-digit account ID of the source account. - AccountId *string `type:"string"` + // An identifier that indicates the ordering of the configuration items of a + // resource. + ConfigurationStateId *string `locationName:"configurationStateId" type:"string"` - // Supplementary information about how the agrregate evaluation determined the - // compliance. - Annotation *string `min:"1" type:"string"` + // The time stamp when the resource was created. + ResourceCreationTime *time.Time `locationName:"resourceCreationTime" type:"timestamp"` - // The source region from where the data is aggregated. - AwsRegion *string `min:"1" type:"string"` + // The ID of the resource (for example., sg-xxxxxx). + ResourceId *string `locationName:"resourceId" min:"1" type:"string"` - // The resource compliance status. - // - // For the AggregationEvaluationResult data type, AWS Config supports only the - // COMPLIANT and NON_COMPLIANT. AWS Config does not support the NOT_APPLICABLE - // and INSUFFICIENT_DATA value. - ComplianceType *string `type:"string" enum:"ComplianceType"` + // The custom name of the resource, if available. + ResourceName *string `locationName:"resourceName" type:"string"` - // The time when the AWS Config rule evaluated the AWS resource. - ConfigRuleInvokedTime *time.Time `type:"timestamp"` + // The type of AWS resource. + ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"` - // Uniquely identifies the evaluation result. - EvaluationResultIdentifier *EvaluationResultIdentifier `type:"structure"` + // Configuration attributes that AWS Config returns for certain resource types + // to supplement the information returned for the configuration parameter. + SupplementaryConfiguration map[string]*string `locationName:"supplementaryConfiguration" type:"map"` - // The time when AWS Config recorded the aggregate evaluation result. - ResultRecordedTime *time.Time `type:"timestamp"` + // The version number of the resource configuration. + Version *string `locationName:"version" type:"string"` } // String returns the string representation -func (s AggregateEvaluationResult) String() string { +func (s BaseConfigurationItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s AggregateEvaluationResult) GoString() string { +func (s BaseConfigurationItem) GoString() string { return s.String() } // SetAccountId sets the AccountId field's value. -func (s *AggregateEvaluationResult) SetAccountId(v string) *AggregateEvaluationResult { +func (s *BaseConfigurationItem) SetAccountId(v string) *BaseConfigurationItem { s.AccountId = &v return s } -// SetAnnotation sets the Annotation field's value. -func (s *AggregateEvaluationResult) SetAnnotation(v string) *AggregateEvaluationResult { - s.Annotation = &v +// SetArn sets the Arn field's value. +func (s *BaseConfigurationItem) SetArn(v string) *BaseConfigurationItem { + s.Arn = &v + return s +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *BaseConfigurationItem) SetAvailabilityZone(v string) *BaseConfigurationItem { + s.AvailabilityZone = &v return s } // SetAwsRegion sets the AwsRegion field's value. -func (s *AggregateEvaluationResult) SetAwsRegion(v string) *AggregateEvaluationResult { +func (s *BaseConfigurationItem) SetAwsRegion(v string) *BaseConfigurationItem { s.AwsRegion = &v return s } -// SetComplianceType sets the ComplianceType field's value. -func (s *AggregateEvaluationResult) SetComplianceType(v string) *AggregateEvaluationResult { - s.ComplianceType = &v +// SetConfiguration sets the Configuration field's value. +func (s *BaseConfigurationItem) SetConfiguration(v string) *BaseConfigurationItem { + s.Configuration = &v return s } -// SetConfigRuleInvokedTime sets the ConfigRuleInvokedTime field's value. -func (s *AggregateEvaluationResult) SetConfigRuleInvokedTime(v time.Time) *AggregateEvaluationResult { - s.ConfigRuleInvokedTime = &v +// SetConfigurationItemCaptureTime sets the ConfigurationItemCaptureTime field's value. +func (s *BaseConfigurationItem) SetConfigurationItemCaptureTime(v time.Time) *BaseConfigurationItem { + s.ConfigurationItemCaptureTime = &v + return s +} + +// SetConfigurationItemStatus sets the ConfigurationItemStatus field's value. +func (s *BaseConfigurationItem) SetConfigurationItemStatus(v string) *BaseConfigurationItem { + s.ConfigurationItemStatus = &v + return s +} + +// SetConfigurationStateId sets the ConfigurationStateId field's value. +func (s *BaseConfigurationItem) SetConfigurationStateId(v string) *BaseConfigurationItem { + s.ConfigurationStateId = &v + return s +} + +// SetResourceCreationTime sets the ResourceCreationTime field's value. +func (s *BaseConfigurationItem) SetResourceCreationTime(v time.Time) *BaseConfigurationItem { + s.ResourceCreationTime = &v + return s +} + +// SetResourceId sets the ResourceId field's value. +func (s *BaseConfigurationItem) SetResourceId(v string) *BaseConfigurationItem { + s.ResourceId = &v + return s +} + +// SetResourceName sets the ResourceName field's value. +func (s *BaseConfigurationItem) SetResourceName(v string) *BaseConfigurationItem { + s.ResourceName = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *BaseConfigurationItem) SetResourceType(v string) *BaseConfigurationItem { + s.ResourceType = &v return s } -// SetEvaluationResultIdentifier sets the EvaluationResultIdentifier field's value. -func (s *AggregateEvaluationResult) SetEvaluationResultIdentifier(v *EvaluationResultIdentifier) *AggregateEvaluationResult { - s.EvaluationResultIdentifier = v +// SetSupplementaryConfiguration sets the SupplementaryConfiguration field's value. +func (s *BaseConfigurationItem) SetSupplementaryConfiguration(v map[string]*string) *BaseConfigurationItem { + s.SupplementaryConfiguration = v return s } -// SetResultRecordedTime sets the ResultRecordedTime field's value. -func (s *AggregateEvaluationResult) SetResultRecordedTime(v time.Time) *AggregateEvaluationResult { - s.ResultRecordedTime = &v +// SetVersion sets the Version field's value. +func (s *BaseConfigurationItem) SetVersion(v string) *BaseConfigurationItem { + s.Version = &v return s } -// The details that identify a resource that is collected by AWS Config aggregator, -// including the resource type, ID, (if available) the custom resource name, -// the source account, and source region. -type AggregateResourceIdentifier struct { +type BatchGetAggregateResourceConfigInput struct { _ struct{} `type:"structure"` - // The ID of the AWS resource. - // - // ResourceId is a required field - ResourceId *string `min:"1" type:"string" required:"true"` - - // The name of the AWS resource. - ResourceName *string `type:"string"` - - // The type of the AWS resource. - // - // ResourceType is a required field - ResourceType *string `type:"string" required:"true" enum:"ResourceType"` - - // The 12-digit account ID of the source account. + // The name of the configuration aggregator. // - // SourceAccountId is a required field - SourceAccountId *string `type:"string" required:"true"` + // ConfigurationAggregatorName is a required field + ConfigurationAggregatorName *string `min:"1" type:"string" required:"true"` - // The source region where data is aggregated. + // A list of aggregate ResourceIdentifiers objects. // - // SourceRegion is a required field - SourceRegion *string `min:"1" type:"string" required:"true"` + // ResourceIdentifiers is a required field + ResourceIdentifiers []*AggregateResourceIdentifier `min:"1" type:"list" required:"true"` } // String returns the string representation -func (s AggregateResourceIdentifier) String() string { +func (s BatchGetAggregateResourceConfigInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s AggregateResourceIdentifier) GoString() string { +func (s BatchGetAggregateResourceConfigInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *AggregateResourceIdentifier) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AggregateResourceIdentifier"} - if s.ResourceId == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceId")) - } - if s.ResourceId != nil && len(*s.ResourceId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceId", 1)) +func (s *BatchGetAggregateResourceConfigInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "BatchGetAggregateResourceConfigInput"} + if s.ConfigurationAggregatorName == nil { + invalidParams.Add(request.NewErrParamRequired("ConfigurationAggregatorName")) } - if s.ResourceType == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceType")) + if s.ConfigurationAggregatorName != nil && len(*s.ConfigurationAggregatorName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConfigurationAggregatorName", 1)) } - if s.SourceAccountId == nil { - invalidParams.Add(request.NewErrParamRequired("SourceAccountId")) + if s.ResourceIdentifiers == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceIdentifiers")) } - if s.SourceRegion == nil { - invalidParams.Add(request.NewErrParamRequired("SourceRegion")) + if s.ResourceIdentifiers != nil && len(s.ResourceIdentifiers) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceIdentifiers", 1)) } - if s.SourceRegion != nil && len(*s.SourceRegion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("SourceRegion", 1)) + if s.ResourceIdentifiers != nil { + for i, v := range s.ResourceIdentifiers { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ResourceIdentifiers", i), err.(request.ErrInvalidParams)) + } + } } if invalidParams.Len() > 0 { @@ -6567,1663 +8288,1746 @@ func (s *AggregateResourceIdentifier) Validate() error { return nil } -// SetResourceId sets the ResourceId field's value. -func (s *AggregateResourceIdentifier) SetResourceId(v string) *AggregateResourceIdentifier { - s.ResourceId = &v +// SetConfigurationAggregatorName sets the ConfigurationAggregatorName field's value. +func (s *BatchGetAggregateResourceConfigInput) SetConfigurationAggregatorName(v string) *BatchGetAggregateResourceConfigInput { + s.ConfigurationAggregatorName = &v return s } -// SetResourceName sets the ResourceName field's value. -func (s *AggregateResourceIdentifier) SetResourceName(v string) *AggregateResourceIdentifier { - s.ResourceName = &v +// SetResourceIdentifiers sets the ResourceIdentifiers field's value. +func (s *BatchGetAggregateResourceConfigInput) SetResourceIdentifiers(v []*AggregateResourceIdentifier) *BatchGetAggregateResourceConfigInput { + s.ResourceIdentifiers = v return s } -// SetResourceType sets the ResourceType field's value. -func (s *AggregateResourceIdentifier) SetResourceType(v string) *AggregateResourceIdentifier { - s.ResourceType = &v - return s +type BatchGetAggregateResourceConfigOutput struct { + _ struct{} `type:"structure"` + + // A list that contains the current configuration of one or more resources. + BaseConfigurationItems []*BaseConfigurationItem `type:"list"` + + // A list of resource identifiers that were not processed with current scope. + // The list is empty if all the resources are processed. + UnprocessedResourceIdentifiers []*AggregateResourceIdentifier `type:"list"` } -// SetSourceAccountId sets the SourceAccountId field's value. -func (s *AggregateResourceIdentifier) SetSourceAccountId(v string) *AggregateResourceIdentifier { - s.SourceAccountId = &v +// String returns the string representation +func (s BatchGetAggregateResourceConfigOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s BatchGetAggregateResourceConfigOutput) GoString() string { + return s.String() +} + +// SetBaseConfigurationItems sets the BaseConfigurationItems field's value. +func (s *BatchGetAggregateResourceConfigOutput) SetBaseConfigurationItems(v []*BaseConfigurationItem) *BatchGetAggregateResourceConfigOutput { + s.BaseConfigurationItems = v return s } -// SetSourceRegion sets the SourceRegion field's value. -func (s *AggregateResourceIdentifier) SetSourceRegion(v string) *AggregateResourceIdentifier { - s.SourceRegion = &v +// SetUnprocessedResourceIdentifiers sets the UnprocessedResourceIdentifiers field's value. +func (s *BatchGetAggregateResourceConfigOutput) SetUnprocessedResourceIdentifiers(v []*AggregateResourceIdentifier) *BatchGetAggregateResourceConfigOutput { + s.UnprocessedResourceIdentifiers = v return s } -// The current sync status between the source and the aggregator account. -type AggregatedSourceStatus struct { +type BatchGetResourceConfigInput struct { _ struct{} `type:"structure"` - // The region authorized to collect aggregated data. - AwsRegion *string `min:"1" type:"string"` - - // The error code that AWS Config returned when the source account aggregation - // last failed. - LastErrorCode *string `type:"string"` - - // The message indicating that the source account aggregation failed due to - // an error. - LastErrorMessage *string `type:"string"` - - // Filters the last updated status type. - // - // * Valid value FAILED indicates errors while moving data. - // - // * Valid value SUCCEEDED indicates the data was successfully moved. + // A list of resource keys to be processed with the current request. Each element + // in the list consists of the resource type and resource ID. // - // * Valid value OUTDATED indicates the data is not the most recent. - LastUpdateStatus *string `type:"string" enum:"AggregatedSourceStatusType"` - - // The time of the last update. - LastUpdateTime *time.Time `type:"timestamp"` - - // The source account ID or an organization. - SourceId *string `type:"string"` - - // The source account or an organization. - SourceType *string `type:"string" enum:"AggregatedSourceType"` + // ResourceKeys is a required field + ResourceKeys []*ResourceKey `locationName:"resourceKeys" min:"1" type:"list" required:"true"` } // String returns the string representation -func (s AggregatedSourceStatus) String() string { +func (s BatchGetResourceConfigInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s AggregatedSourceStatus) GoString() string { +func (s BatchGetResourceConfigInput) GoString() string { return s.String() } -// SetAwsRegion sets the AwsRegion field's value. -func (s *AggregatedSourceStatus) SetAwsRegion(v string) *AggregatedSourceStatus { - s.AwsRegion = &v - return s +// Validate inspects the fields of the type to determine if they are valid. +func (s *BatchGetResourceConfigInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "BatchGetResourceConfigInput"} + if s.ResourceKeys == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceKeys")) + } + if s.ResourceKeys != nil && len(s.ResourceKeys) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceKeys", 1)) + } + if s.ResourceKeys != nil { + for i, v := range s.ResourceKeys { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ResourceKeys", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetLastErrorCode sets the LastErrorCode field's value. -func (s *AggregatedSourceStatus) SetLastErrorCode(v string) *AggregatedSourceStatus { - s.LastErrorCode = &v +// SetResourceKeys sets the ResourceKeys field's value. +func (s *BatchGetResourceConfigInput) SetResourceKeys(v []*ResourceKey) *BatchGetResourceConfigInput { + s.ResourceKeys = v return s } -// SetLastErrorMessage sets the LastErrorMessage field's value. -func (s *AggregatedSourceStatus) SetLastErrorMessage(v string) *AggregatedSourceStatus { - s.LastErrorMessage = &v - return s +type BatchGetResourceConfigOutput struct { + _ struct{} `type:"structure"` + + // A list that contains the current configuration of one or more resources. + BaseConfigurationItems []*BaseConfigurationItem `locationName:"baseConfigurationItems" type:"list"` + + // A list of resource keys that were not processed with the current response. + // The unprocessesResourceKeys value is in the same form as ResourceKeys, so + // the value can be directly provided to a subsequent BatchGetResourceConfig + // operation. If there are no unprocessed resource keys, the response contains + // an empty unprocessedResourceKeys list. + UnprocessedResourceKeys []*ResourceKey `locationName:"unprocessedResourceKeys" min:"1" type:"list"` } -// SetLastUpdateStatus sets the LastUpdateStatus field's value. -func (s *AggregatedSourceStatus) SetLastUpdateStatus(v string) *AggregatedSourceStatus { - s.LastUpdateStatus = &v - return s +// String returns the string representation +func (s BatchGetResourceConfigOutput) String() string { + return awsutil.Prettify(s) } -// SetLastUpdateTime sets the LastUpdateTime field's value. -func (s *AggregatedSourceStatus) SetLastUpdateTime(v time.Time) *AggregatedSourceStatus { - s.LastUpdateTime = &v - return s +// GoString returns the string representation +func (s BatchGetResourceConfigOutput) GoString() string { + return s.String() } -// SetSourceId sets the SourceId field's value. -func (s *AggregatedSourceStatus) SetSourceId(v string) *AggregatedSourceStatus { - s.SourceId = &v +// SetBaseConfigurationItems sets the BaseConfigurationItems field's value. +func (s *BatchGetResourceConfigOutput) SetBaseConfigurationItems(v []*BaseConfigurationItem) *BatchGetResourceConfigOutput { + s.BaseConfigurationItems = v return s } -// SetSourceType sets the SourceType field's value. -func (s *AggregatedSourceStatus) SetSourceType(v string) *AggregatedSourceStatus { - s.SourceType = &v +// SetUnprocessedResourceKeys sets the UnprocessedResourceKeys field's value. +func (s *BatchGetResourceConfigOutput) SetUnprocessedResourceKeys(v []*ResourceKey) *BatchGetResourceConfigOutput { + s.UnprocessedResourceKeys = v return s } -// An object that represents the authorizations granted to aggregator accounts -// and regions. -type AggregationAuthorization struct { +// Indicates whether an AWS resource or AWS Config rule is compliant and provides +// the number of contributors that affect the compliance. +type Compliance struct { _ struct{} `type:"structure"` - // The Amazon Resource Name (ARN) of the aggregation object. - AggregationAuthorizationArn *string `type:"string"` - - // The 12-digit account ID of the account authorized to aggregate data. - AuthorizedAccountId *string `type:"string"` - - // The region authorized to collect aggregated data. - AuthorizedAwsRegion *string `min:"1" type:"string"` - - // The time stamp when the aggregation authorization was created. - CreationTime *time.Time `type:"timestamp"` + // The number of AWS resources or AWS Config rules that cause a result of NON_COMPLIANT, + // up to a maximum number. + ComplianceContributorCount *ComplianceContributorCount `type:"structure"` + + // Indicates whether an AWS resource or AWS Config rule is compliant. + // + // A resource is compliant if it complies with all of the AWS Config rules that + // evaluate it. A resource is noncompliant if it does not comply with one or + // more of these rules. + // + // A rule is compliant if all of the resources that the rule evaluates comply + // with it. A rule is noncompliant if any of these resources do not comply. + // + // AWS Config returns the INSUFFICIENT_DATA value when no evaluation results + // are available for the AWS resource or AWS Config rule. + // + // For the Compliance data type, AWS Config supports only COMPLIANT, NON_COMPLIANT, + // and INSUFFICIENT_DATA values. AWS Config does not support the NOT_APPLICABLE + // value for the Compliance data type. + ComplianceType *string `type:"string" enum:"ComplianceType"` } // String returns the string representation -func (s AggregationAuthorization) String() string { +func (s Compliance) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s AggregationAuthorization) GoString() string { +func (s Compliance) GoString() string { return s.String() } -// SetAggregationAuthorizationArn sets the AggregationAuthorizationArn field's value. -func (s *AggregationAuthorization) SetAggregationAuthorizationArn(v string) *AggregationAuthorization { - s.AggregationAuthorizationArn = &v - return s -} - -// SetAuthorizedAccountId sets the AuthorizedAccountId field's value. -func (s *AggregationAuthorization) SetAuthorizedAccountId(v string) *AggregationAuthorization { - s.AuthorizedAccountId = &v - return s -} - -// SetAuthorizedAwsRegion sets the AuthorizedAwsRegion field's value. -func (s *AggregationAuthorization) SetAuthorizedAwsRegion(v string) *AggregationAuthorization { - s.AuthorizedAwsRegion = &v +// SetComplianceContributorCount sets the ComplianceContributorCount field's value. +func (s *Compliance) SetComplianceContributorCount(v *ComplianceContributorCount) *Compliance { + s.ComplianceContributorCount = v return s } -// SetCreationTime sets the CreationTime field's value. -func (s *AggregationAuthorization) SetCreationTime(v time.Time) *AggregationAuthorization { - s.CreationTime = &v +// SetComplianceType sets the ComplianceType field's value. +func (s *Compliance) SetComplianceType(v string) *Compliance { + s.ComplianceType = &v return s } -// The detailed configuration of a specified resource. -type BaseConfigurationItem struct { +// Indicates whether an AWS Config rule is compliant. A rule is compliant if +// all of the resources that the rule evaluated comply with it. A rule is noncompliant +// if any of these resources do not comply. +type ComplianceByConfigRule struct { _ struct{} `type:"structure"` - // The 12-digit AWS account ID associated with the resource. - AccountId *string `locationName:"accountId" type:"string"` - - // The Amazon Resource Name (ARN) of the resource. - Arn *string `locationName:"arn" type:"string"` - - // The Availability Zone associated with the resource. - AvailabilityZone *string `locationName:"availabilityZone" type:"string"` - - // The region where the resource resides. - AwsRegion *string `locationName:"awsRegion" min:"1" type:"string"` - - // The description of the resource configuration. - Configuration *string `locationName:"configuration" type:"string"` - - // The time when the configuration recording was initiated. - ConfigurationItemCaptureTime *time.Time `locationName:"configurationItemCaptureTime" type:"timestamp"` - - // The configuration item status. - ConfigurationItemStatus *string `locationName:"configurationItemStatus" type:"string" enum:"ConfigurationItemStatus"` - - // An identifier that indicates the ordering of the configuration items of a - // resource. - ConfigurationStateId *string `locationName:"configurationStateId" type:"string"` - - // The time stamp when the resource was created. - ResourceCreationTime *time.Time `locationName:"resourceCreationTime" type:"timestamp"` - - // The ID of the resource (for example., sg-xxxxxx). - ResourceId *string `locationName:"resourceId" min:"1" type:"string"` - - // The custom name of the resource, if available. - ResourceName *string `locationName:"resourceName" type:"string"` - - // The type of AWS resource. - ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"` - - // Configuration attributes that AWS Config returns for certain resource types - // to supplement the information returned for the configuration parameter. - SupplementaryConfiguration map[string]*string `locationName:"supplementaryConfiguration" type:"map"` + // Indicates whether the AWS Config rule is compliant. + Compliance *Compliance `type:"structure"` - // The version number of the resource configuration. - Version *string `locationName:"version" type:"string"` + // The name of the AWS Config rule. + ConfigRuleName *string `min:"1" type:"string"` } // String returns the string representation -func (s BaseConfigurationItem) String() string { +func (s ComplianceByConfigRule) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s BaseConfigurationItem) GoString() string { +func (s ComplianceByConfigRule) GoString() string { return s.String() } -// SetAccountId sets the AccountId field's value. -func (s *BaseConfigurationItem) SetAccountId(v string) *BaseConfigurationItem { - s.AccountId = &v +// SetCompliance sets the Compliance field's value. +func (s *ComplianceByConfigRule) SetCompliance(v *Compliance) *ComplianceByConfigRule { + s.Compliance = v return s } -// SetArn sets the Arn field's value. -func (s *BaseConfigurationItem) SetArn(v string) *BaseConfigurationItem { - s.Arn = &v +// SetConfigRuleName sets the ConfigRuleName field's value. +func (s *ComplianceByConfigRule) SetConfigRuleName(v string) *ComplianceByConfigRule { + s.ConfigRuleName = &v return s } -// SetAvailabilityZone sets the AvailabilityZone field's value. -func (s *BaseConfigurationItem) SetAvailabilityZone(v string) *BaseConfigurationItem { - s.AvailabilityZone = &v - return s -} +// Indicates whether an AWS resource that is evaluated according to one or more +// AWS Config rules is compliant. A resource is compliant if it complies with +// all of the rules that evaluate it. A resource is noncompliant if it does +// not comply with one or more of these rules. +type ComplianceByResource struct { + _ struct{} `type:"structure"` -// SetAwsRegion sets the AwsRegion field's value. -func (s *BaseConfigurationItem) SetAwsRegion(v string) *BaseConfigurationItem { - s.AwsRegion = &v - return s -} + // Indicates whether the AWS resource complies with all of the AWS Config rules + // that evaluated it. + Compliance *Compliance `type:"structure"` -// SetConfiguration sets the Configuration field's value. -func (s *BaseConfigurationItem) SetConfiguration(v string) *BaseConfigurationItem { - s.Configuration = &v - return s -} + // The ID of the AWS resource that was evaluated. + ResourceId *string `min:"1" type:"string"` -// SetConfigurationItemCaptureTime sets the ConfigurationItemCaptureTime field's value. -func (s *BaseConfigurationItem) SetConfigurationItemCaptureTime(v time.Time) *BaseConfigurationItem { - s.ConfigurationItemCaptureTime = &v - return s + // The type of the AWS resource that was evaluated. + ResourceType *string `min:"1" type:"string"` } -// SetConfigurationItemStatus sets the ConfigurationItemStatus field's value. -func (s *BaseConfigurationItem) SetConfigurationItemStatus(v string) *BaseConfigurationItem { - s.ConfigurationItemStatus = &v - return s +// String returns the string representation +func (s ComplianceByResource) String() string { + return awsutil.Prettify(s) } -// SetConfigurationStateId sets the ConfigurationStateId field's value. -func (s *BaseConfigurationItem) SetConfigurationStateId(v string) *BaseConfigurationItem { - s.ConfigurationStateId = &v - return s +// GoString returns the string representation +func (s ComplianceByResource) GoString() string { + return s.String() } -// SetResourceCreationTime sets the ResourceCreationTime field's value. -func (s *BaseConfigurationItem) SetResourceCreationTime(v time.Time) *BaseConfigurationItem { - s.ResourceCreationTime = &v +// SetCompliance sets the Compliance field's value. +func (s *ComplianceByResource) SetCompliance(v *Compliance) *ComplianceByResource { + s.Compliance = v return s } // SetResourceId sets the ResourceId field's value. -func (s *BaseConfigurationItem) SetResourceId(v string) *BaseConfigurationItem { +func (s *ComplianceByResource) SetResourceId(v string) *ComplianceByResource { s.ResourceId = &v return s } -// SetResourceName sets the ResourceName field's value. -func (s *BaseConfigurationItem) SetResourceName(v string) *BaseConfigurationItem { - s.ResourceName = &v - return s -} - // SetResourceType sets the ResourceType field's value. -func (s *BaseConfigurationItem) SetResourceType(v string) *BaseConfigurationItem { +func (s *ComplianceByResource) SetResourceType(v string) *ComplianceByResource { s.ResourceType = &v return s } -// SetSupplementaryConfiguration sets the SupplementaryConfiguration field's value. -func (s *BaseConfigurationItem) SetSupplementaryConfiguration(v map[string]*string) *BaseConfigurationItem { - s.SupplementaryConfiguration = v - return s -} - -// SetVersion sets the Version field's value. -func (s *BaseConfigurationItem) SetVersion(v string) *BaseConfigurationItem { - s.Version = &v - return s -} - -type BatchGetAggregateResourceConfigInput struct { +// The number of AWS resources or AWS Config rules responsible for the current +// compliance of the item, up to a maximum number. +type ComplianceContributorCount struct { _ struct{} `type:"structure"` - // The name of the configuration aggregator. - // - // ConfigurationAggregatorName is a required field - ConfigurationAggregatorName *string `min:"1" type:"string" required:"true"` + // Indicates whether the maximum count is reached. + CapExceeded *bool `type:"boolean"` - // A list of aggregate ResourceIdentifiers objects. - // - // ResourceIdentifiers is a required field - ResourceIdentifiers []*AggregateResourceIdentifier `min:"1" type:"list" required:"true"` + // The number of AWS resources or AWS Config rules responsible for the current + // compliance of the item. + CappedCount *int64 `type:"integer"` } // String returns the string representation -func (s BatchGetAggregateResourceConfigInput) String() string { +func (s ComplianceContributorCount) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s BatchGetAggregateResourceConfigInput) GoString() string { +func (s ComplianceContributorCount) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *BatchGetAggregateResourceConfigInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "BatchGetAggregateResourceConfigInput"} - if s.ConfigurationAggregatorName == nil { - invalidParams.Add(request.NewErrParamRequired("ConfigurationAggregatorName")) - } - if s.ConfigurationAggregatorName != nil && len(*s.ConfigurationAggregatorName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ConfigurationAggregatorName", 1)) - } - if s.ResourceIdentifiers == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceIdentifiers")) - } - if s.ResourceIdentifiers != nil && len(s.ResourceIdentifiers) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceIdentifiers", 1)) - } - if s.ResourceIdentifiers != nil { - for i, v := range s.ResourceIdentifiers { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ResourceIdentifiers", i), err.(request.ErrInvalidParams)) - } - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetConfigurationAggregatorName sets the ConfigurationAggregatorName field's value. -func (s *BatchGetAggregateResourceConfigInput) SetConfigurationAggregatorName(v string) *BatchGetAggregateResourceConfigInput { - s.ConfigurationAggregatorName = &v +// SetCapExceeded sets the CapExceeded field's value. +func (s *ComplianceContributorCount) SetCapExceeded(v bool) *ComplianceContributorCount { + s.CapExceeded = &v return s } -// SetResourceIdentifiers sets the ResourceIdentifiers field's value. -func (s *BatchGetAggregateResourceConfigInput) SetResourceIdentifiers(v []*AggregateResourceIdentifier) *BatchGetAggregateResourceConfigInput { - s.ResourceIdentifiers = v +// SetCappedCount sets the CappedCount field's value. +func (s *ComplianceContributorCount) SetCappedCount(v int64) *ComplianceContributorCount { + s.CappedCount = &v return s } -type BatchGetAggregateResourceConfigOutput struct { +// The number of AWS Config rules or AWS resources that are compliant and noncompliant. +type ComplianceSummary struct { _ struct{} `type:"structure"` - // A list that contains the current configuration of one or more resources. - BaseConfigurationItems []*BaseConfigurationItem `type:"list"` + // The time that AWS Config created the compliance summary. + ComplianceSummaryTimestamp *time.Time `type:"timestamp"` - // A list of resource identifiers that were not processed with current scope. - // The list is empty if all the resources are processed. - UnprocessedResourceIdentifiers []*AggregateResourceIdentifier `type:"list"` + // The number of AWS Config rules or AWS resources that are compliant, up to + // a maximum of 25 for rules and 100 for resources. + CompliantResourceCount *ComplianceContributorCount `type:"structure"` + + // The number of AWS Config rules or AWS resources that are noncompliant, up + // to a maximum of 25 for rules and 100 for resources. + NonCompliantResourceCount *ComplianceContributorCount `type:"structure"` } // String returns the string representation -func (s BatchGetAggregateResourceConfigOutput) String() string { +func (s ComplianceSummary) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s BatchGetAggregateResourceConfigOutput) GoString() string { +func (s ComplianceSummary) GoString() string { return s.String() } -// SetBaseConfigurationItems sets the BaseConfigurationItems field's value. -func (s *BatchGetAggregateResourceConfigOutput) SetBaseConfigurationItems(v []*BaseConfigurationItem) *BatchGetAggregateResourceConfigOutput { - s.BaseConfigurationItems = v +// SetComplianceSummaryTimestamp sets the ComplianceSummaryTimestamp field's value. +func (s *ComplianceSummary) SetComplianceSummaryTimestamp(v time.Time) *ComplianceSummary { + s.ComplianceSummaryTimestamp = &v return s } -// SetUnprocessedResourceIdentifiers sets the UnprocessedResourceIdentifiers field's value. -func (s *BatchGetAggregateResourceConfigOutput) SetUnprocessedResourceIdentifiers(v []*AggregateResourceIdentifier) *BatchGetAggregateResourceConfigOutput { - s.UnprocessedResourceIdentifiers = v +// SetCompliantResourceCount sets the CompliantResourceCount field's value. +func (s *ComplianceSummary) SetCompliantResourceCount(v *ComplianceContributorCount) *ComplianceSummary { + s.CompliantResourceCount = v return s } -type BatchGetResourceConfigInput struct { +// SetNonCompliantResourceCount sets the NonCompliantResourceCount field's value. +func (s *ComplianceSummary) SetNonCompliantResourceCount(v *ComplianceContributorCount) *ComplianceSummary { + s.NonCompliantResourceCount = v + return s +} + +// The number of AWS resources of a specific type that are compliant or noncompliant, +// up to a maximum of 100 for each. +type ComplianceSummaryByResourceType struct { _ struct{} `type:"structure"` - // A list of resource keys to be processed with the current request. Each element - // in the list consists of the resource type and resource ID. - // - // ResourceKeys is a required field - ResourceKeys []*ResourceKey `locationName:"resourceKeys" min:"1" type:"list" required:"true"` + // The number of AWS resources that are compliant or noncompliant, up to a maximum + // of 100 for each. + ComplianceSummary *ComplianceSummary `type:"structure"` + + // The type of AWS resource. + ResourceType *string `min:"1" type:"string"` } // String returns the string representation -func (s BatchGetResourceConfigInput) String() string { +func (s ComplianceSummaryByResourceType) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s BatchGetResourceConfigInput) GoString() string { +func (s ComplianceSummaryByResourceType) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *BatchGetResourceConfigInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "BatchGetResourceConfigInput"} - if s.ResourceKeys == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceKeys")) - } - if s.ResourceKeys != nil && len(s.ResourceKeys) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceKeys", 1)) - } - if s.ResourceKeys != nil { - for i, v := range s.ResourceKeys { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ResourceKeys", i), err.(request.ErrInvalidParams)) - } - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetComplianceSummary sets the ComplianceSummary field's value. +func (s *ComplianceSummaryByResourceType) SetComplianceSummary(v *ComplianceSummary) *ComplianceSummaryByResourceType { + s.ComplianceSummary = v + return s } -// SetResourceKeys sets the ResourceKeys field's value. -func (s *BatchGetResourceConfigInput) SetResourceKeys(v []*ResourceKey) *BatchGetResourceConfigInput { - s.ResourceKeys = v +// SetResourceType sets the ResourceType field's value. +func (s *ComplianceSummaryByResourceType) SetResourceType(v string) *ComplianceSummaryByResourceType { + s.ResourceType = &v return s } -type BatchGetResourceConfigOutput struct { +// Provides status of the delivery of the snapshot or the configuration history +// to the specified Amazon S3 bucket. Also provides the status of notifications +// about the Amazon S3 delivery to the specified Amazon SNS topic. +type ConfigExportDeliveryInfo struct { _ struct{} `type:"structure"` - // A list that contains the current configuration of one or more resources. - BaseConfigurationItems []*BaseConfigurationItem `locationName:"baseConfigurationItems" type:"list"` + // The time of the last attempted delivery. + LastAttemptTime *time.Time `locationName:"lastAttemptTime" type:"timestamp"` - // A list of resource keys that were not processed with the current response. - // The unprocessesResourceKeys value is in the same form as ResourceKeys, so - // the value can be directly provided to a subsequent BatchGetResourceConfig - // operation. If there are no unprocessed resource keys, the response contains - // an empty unprocessedResourceKeys list. - UnprocessedResourceKeys []*ResourceKey `locationName:"unprocessedResourceKeys" min:"1" type:"list"` + // The error code from the last attempted delivery. + LastErrorCode *string `locationName:"lastErrorCode" type:"string"` + + // The error message from the last attempted delivery. + LastErrorMessage *string `locationName:"lastErrorMessage" type:"string"` + + // Status of the last attempted delivery. + LastStatus *string `locationName:"lastStatus" type:"string" enum:"DeliveryStatus"` + + // The time of the last successful delivery. + LastSuccessfulTime *time.Time `locationName:"lastSuccessfulTime" type:"timestamp"` + + // The time that the next delivery occurs. + NextDeliveryTime *time.Time `locationName:"nextDeliveryTime" type:"timestamp"` } // String returns the string representation -func (s BatchGetResourceConfigOutput) String() string { +func (s ConfigExportDeliveryInfo) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s BatchGetResourceConfigOutput) GoString() string { +func (s ConfigExportDeliveryInfo) GoString() string { return s.String() } -// SetBaseConfigurationItems sets the BaseConfigurationItems field's value. -func (s *BatchGetResourceConfigOutput) SetBaseConfigurationItems(v []*BaseConfigurationItem) *BatchGetResourceConfigOutput { - s.BaseConfigurationItems = v +// SetLastAttemptTime sets the LastAttemptTime field's value. +func (s *ConfigExportDeliveryInfo) SetLastAttemptTime(v time.Time) *ConfigExportDeliveryInfo { + s.LastAttemptTime = &v return s } -// SetUnprocessedResourceKeys sets the UnprocessedResourceKeys field's value. -func (s *BatchGetResourceConfigOutput) SetUnprocessedResourceKeys(v []*ResourceKey) *BatchGetResourceConfigOutput { - s.UnprocessedResourceKeys = v +// SetLastErrorCode sets the LastErrorCode field's value. +func (s *ConfigExportDeliveryInfo) SetLastErrorCode(v string) *ConfigExportDeliveryInfo { + s.LastErrorCode = &v return s } -// Indicates whether an AWS resource or AWS Config rule is compliant and provides -// the number of contributors that affect the compliance. -type Compliance struct { +// SetLastErrorMessage sets the LastErrorMessage field's value. +func (s *ConfigExportDeliveryInfo) SetLastErrorMessage(v string) *ConfigExportDeliveryInfo { + s.LastErrorMessage = &v + return s +} + +// SetLastStatus sets the LastStatus field's value. +func (s *ConfigExportDeliveryInfo) SetLastStatus(v string) *ConfigExportDeliveryInfo { + s.LastStatus = &v + return s +} + +// SetLastSuccessfulTime sets the LastSuccessfulTime field's value. +func (s *ConfigExportDeliveryInfo) SetLastSuccessfulTime(v time.Time) *ConfigExportDeliveryInfo { + s.LastSuccessfulTime = &v + return s +} + +// SetNextDeliveryTime sets the NextDeliveryTime field's value. +func (s *ConfigExportDeliveryInfo) SetNextDeliveryTime(v time.Time) *ConfigExportDeliveryInfo { + s.NextDeliveryTime = &v + return s +} + +// An AWS Config rule represents an AWS Lambda function that you create for +// a custom rule or a predefined function for an AWS managed rule. The function +// evaluates configuration items to assess whether your AWS resources comply +// with your desired configurations. This function can run when AWS Config detects +// a configuration change to an AWS resource and at a periodic frequency that +// you choose (for example, every 24 hours). +// +// You can use the AWS CLI and AWS SDKs if you want to create a rule that triggers +// evaluations for your resources when AWS Config delivers the configuration +// snapshot. For more information, see ConfigSnapshotDeliveryProperties. +// +// For more information about developing and using AWS Config rules, see Evaluating +// AWS Resource Configurations with AWS Config (https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html) +// in the AWS Config Developer Guide. +type ConfigRule struct { _ struct{} `type:"structure"` - // The number of AWS resources or AWS Config rules that cause a result of NON_COMPLIANT, - // up to a maximum number. - ComplianceContributorCount *ComplianceContributorCount `type:"structure"` + // The Amazon Resource Name (ARN) of the AWS Config rule. + ConfigRuleArn *string `type:"string"` - // Indicates whether an AWS resource or AWS Config rule is compliant. + // The ID of the AWS Config rule. + ConfigRuleId *string `type:"string"` + + // The name that you assign to the AWS Config rule. The name is required if + // you are adding a new rule. + ConfigRuleName *string `min:"1" type:"string"` + + // Indicates whether the AWS Config rule is active or is currently being deleted + // by AWS Config. It can also indicate the evaluation status for the AWS Config + // rule. // - // A resource is compliant if it complies with all of the AWS Config rules that - // evaluate it. A resource is noncompliant if it does not comply with one or - // more of these rules. + // AWS Config sets the state of the rule to EVALUATING temporarily after you + // use the StartConfigRulesEvaluation request to evaluate your resources against + // the AWS Config rule. // - // A rule is compliant if all of the resources that the rule evaluates comply - // with it. A rule is noncompliant if any of these resources do not comply. + // AWS Config sets the state of the rule to DELETING_RESULTS temporarily after + // you use the DeleteEvaluationResults request to delete the current evaluation + // results for the AWS Config rule. // - // AWS Config returns the INSUFFICIENT_DATA value when no evaluation results - // are available for the AWS resource or AWS Config rule. + // AWS Config temporarily sets the state of a rule to DELETING after you use + // the DeleteConfigRule request to delete the rule. After AWS Config deletes + // the rule, the rule and all of its evaluations are erased and are no longer + // available. + ConfigRuleState *string `type:"string" enum:"ConfigRuleState"` + + // Service principal name of the service that created the rule. // - // For the Compliance data type, AWS Config supports only COMPLIANT, NON_COMPLIANT, - // and INSUFFICIENT_DATA values. AWS Config does not support the NOT_APPLICABLE - // value for the Compliance data type. - ComplianceType *string `type:"string" enum:"ComplianceType"` + // The field is populated only if the service linked rule is created by a service. + // The field is empty if you create your own rule. + CreatedBy *string `min:"1" type:"string"` + + // The description that you provide for the AWS Config rule. + Description *string `type:"string"` + + // A string, in JSON format, that is passed to the AWS Config rule Lambda function. + InputParameters *string `min:"1" type:"string"` + + // The maximum frequency with which AWS Config runs evaluations for a rule. + // You can specify a value for MaximumExecutionFrequency when: + // + // * You are using an AWS managed rule that is triggered at a periodic frequency. + // + // * Your custom rule is triggered when AWS Config delivers the configuration + // snapshot. For more information, see ConfigSnapshotDeliveryProperties. + // + // By default, rules with a periodic trigger are evaluated every 24 hours. To + // change the frequency, specify a valid value for the MaximumExecutionFrequency + // parameter. + MaximumExecutionFrequency *string `type:"string" enum:"MaximumExecutionFrequency"` + + // Defines which resources can trigger an evaluation for the rule. The scope + // can include one or more resource types, a combination of one resource type + // and one resource ID, or a combination of a tag key and value. Specify a scope + // to constrain the resources that can trigger an evaluation for the rule. If + // you do not specify a scope, evaluations are triggered when any resource in + // the recording group changes. + Scope *Scope `type:"structure"` + + // Provides the rule owner (AWS or customer), the rule identifier, and the notifications + // that cause the function to evaluate your AWS resources. + // + // Source is a required field + Source *Source `type:"structure" required:"true"` } // String returns the string representation -func (s Compliance) String() string { +func (s ConfigRule) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s Compliance) GoString() string { +func (s ConfigRule) GoString() string { return s.String() } -// SetComplianceContributorCount sets the ComplianceContributorCount field's value. -func (s *Compliance) SetComplianceContributorCount(v *ComplianceContributorCount) *Compliance { - s.ComplianceContributorCount = v - return s -} - -// SetComplianceType sets the ComplianceType field's value. -func (s *Compliance) SetComplianceType(v string) *Compliance { - s.ComplianceType = &v - return s -} - -// Indicates whether an AWS Config rule is compliant. A rule is compliant if -// all of the resources that the rule evaluated comply with it. A rule is noncompliant -// if any of these resources do not comply. -type ComplianceByConfigRule struct { - _ struct{} `type:"structure"` - - // Indicates whether the AWS Config rule is compliant. - Compliance *Compliance `type:"structure"` - - // The name of the AWS Config rule. - ConfigRuleName *string `min:"1" type:"string"` -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *ConfigRule) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ConfigRule"} + if s.ConfigRuleName != nil && len(*s.ConfigRuleName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConfigRuleName", 1)) + } + if s.CreatedBy != nil && len(*s.CreatedBy) < 1 { + invalidParams.Add(request.NewErrParamMinLen("CreatedBy", 1)) + } + if s.InputParameters != nil && len(*s.InputParameters) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InputParameters", 1)) + } + if s.Source == nil { + invalidParams.Add(request.NewErrParamRequired("Source")) + } + if s.Scope != nil { + if err := s.Scope.Validate(); err != nil { + invalidParams.AddNested("Scope", err.(request.ErrInvalidParams)) + } + } + if s.Source != nil { + if err := s.Source.Validate(); err != nil { + invalidParams.AddNested("Source", err.(request.ErrInvalidParams)) + } + } -// String returns the string representation -func (s ComplianceByConfigRule) String() string { - return awsutil.Prettify(s) + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// GoString returns the string representation -func (s ComplianceByConfigRule) GoString() string { - return s.String() +// SetConfigRuleArn sets the ConfigRuleArn field's value. +func (s *ConfigRule) SetConfigRuleArn(v string) *ConfigRule { + s.ConfigRuleArn = &v + return s } -// SetCompliance sets the Compliance field's value. -func (s *ComplianceByConfigRule) SetCompliance(v *Compliance) *ComplianceByConfigRule { - s.Compliance = v +// SetConfigRuleId sets the ConfigRuleId field's value. +func (s *ConfigRule) SetConfigRuleId(v string) *ConfigRule { + s.ConfigRuleId = &v return s } // SetConfigRuleName sets the ConfigRuleName field's value. -func (s *ComplianceByConfigRule) SetConfigRuleName(v string) *ComplianceByConfigRule { +func (s *ConfigRule) SetConfigRuleName(v string) *ConfigRule { s.ConfigRuleName = &v return s } -// Indicates whether an AWS resource that is evaluated according to one or more -// AWS Config rules is compliant. A resource is compliant if it complies with -// all of the rules that evaluate it. A resource is noncompliant if it does -// not comply with one or more of these rules. -type ComplianceByResource struct { - _ struct{} `type:"structure"` - - // Indicates whether the AWS resource complies with all of the AWS Config rules - // that evaluated it. - Compliance *Compliance `type:"structure"` - - // The ID of the AWS resource that was evaluated. - ResourceId *string `min:"1" type:"string"` +// SetConfigRuleState sets the ConfigRuleState field's value. +func (s *ConfigRule) SetConfigRuleState(v string) *ConfigRule { + s.ConfigRuleState = &v + return s +} - // The type of the AWS resource that was evaluated. - ResourceType *string `min:"1" type:"string"` +// SetCreatedBy sets the CreatedBy field's value. +func (s *ConfigRule) SetCreatedBy(v string) *ConfigRule { + s.CreatedBy = &v + return s } -// String returns the string representation -func (s ComplianceByResource) String() string { - return awsutil.Prettify(s) +// SetDescription sets the Description field's value. +func (s *ConfigRule) SetDescription(v string) *ConfigRule { + s.Description = &v + return s } -// GoString returns the string representation -func (s ComplianceByResource) GoString() string { - return s.String() +// SetInputParameters sets the InputParameters field's value. +func (s *ConfigRule) SetInputParameters(v string) *ConfigRule { + s.InputParameters = &v + return s } -// SetCompliance sets the Compliance field's value. -func (s *ComplianceByResource) SetCompliance(v *Compliance) *ComplianceByResource { - s.Compliance = v +// SetMaximumExecutionFrequency sets the MaximumExecutionFrequency field's value. +func (s *ConfigRule) SetMaximumExecutionFrequency(v string) *ConfigRule { + s.MaximumExecutionFrequency = &v return s } -// SetResourceId sets the ResourceId field's value. -func (s *ComplianceByResource) SetResourceId(v string) *ComplianceByResource { - s.ResourceId = &v +// SetScope sets the Scope field's value. +func (s *ConfigRule) SetScope(v *Scope) *ConfigRule { + s.Scope = v return s } -// SetResourceType sets the ResourceType field's value. -func (s *ComplianceByResource) SetResourceType(v string) *ComplianceByResource { - s.ResourceType = &v +// SetSource sets the Source field's value. +func (s *ConfigRule) SetSource(v *Source) *ConfigRule { + s.Source = v return s } -// The number of AWS resources or AWS Config rules responsible for the current -// compliance of the item, up to a maximum number. -type ComplianceContributorCount struct { +// Filters the compliance results based on account ID, region, compliance type, +// and rule name. +type ConfigRuleComplianceFilters struct { _ struct{} `type:"structure"` - // Indicates whether the maximum count is reached. - CapExceeded *bool `type:"boolean"` + // The 12-digit account ID of the source account. + AccountId *string `type:"string"` - // The number of AWS resources or AWS Config rules responsible for the current - // compliance of the item. - CappedCount *int64 `type:"integer"` + // The source region where the data is aggregated. + AwsRegion *string `min:"1" type:"string"` + + // The rule compliance status. + // + // For the ConfigRuleComplianceFilters data type, AWS Config supports only COMPLIANT + // and NON_COMPLIANT. AWS Config does not support the NOT_APPLICABLE and the + // INSUFFICIENT_DATA values. + ComplianceType *string `type:"string" enum:"ComplianceType"` + + // The name of the AWS Config rule. + ConfigRuleName *string `min:"1" type:"string"` } // String returns the string representation -func (s ComplianceContributorCount) String() string { +func (s ConfigRuleComplianceFilters) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ComplianceContributorCount) GoString() string { +func (s ConfigRuleComplianceFilters) GoString() string { return s.String() } -// SetCapExceeded sets the CapExceeded field's value. -func (s *ComplianceContributorCount) SetCapExceeded(v bool) *ComplianceContributorCount { - s.CapExceeded = &v - return s -} - -// SetCappedCount sets the CappedCount field's value. -func (s *ComplianceContributorCount) SetCappedCount(v int64) *ComplianceContributorCount { - s.CappedCount = &v - return s -} - -// The number of AWS Config rules or AWS resources that are compliant and noncompliant. -type ComplianceSummary struct { - _ struct{} `type:"structure"` - - // The time that AWS Config created the compliance summary. - ComplianceSummaryTimestamp *time.Time `type:"timestamp"` - - // The number of AWS Config rules or AWS resources that are compliant, up to - // a maximum of 25 for rules and 100 for resources. - CompliantResourceCount *ComplianceContributorCount `type:"structure"` - - // The number of AWS Config rules or AWS resources that are noncompliant, up - // to a maximum of 25 for rules and 100 for resources. - NonCompliantResourceCount *ComplianceContributorCount `type:"structure"` -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *ConfigRuleComplianceFilters) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ConfigRuleComplianceFilters"} + if s.AwsRegion != nil && len(*s.AwsRegion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AwsRegion", 1)) + } + if s.ConfigRuleName != nil && len(*s.ConfigRuleName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConfigRuleName", 1)) + } -// String returns the string representation -func (s ComplianceSummary) String() string { - return awsutil.Prettify(s) + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// GoString returns the string representation -func (s ComplianceSummary) GoString() string { - return s.String() +// SetAccountId sets the AccountId field's value. +func (s *ConfigRuleComplianceFilters) SetAccountId(v string) *ConfigRuleComplianceFilters { + s.AccountId = &v + return s } -// SetComplianceSummaryTimestamp sets the ComplianceSummaryTimestamp field's value. -func (s *ComplianceSummary) SetComplianceSummaryTimestamp(v time.Time) *ComplianceSummary { - s.ComplianceSummaryTimestamp = &v +// SetAwsRegion sets the AwsRegion field's value. +func (s *ConfigRuleComplianceFilters) SetAwsRegion(v string) *ConfigRuleComplianceFilters { + s.AwsRegion = &v return s } -// SetCompliantResourceCount sets the CompliantResourceCount field's value. -func (s *ComplianceSummary) SetCompliantResourceCount(v *ComplianceContributorCount) *ComplianceSummary { - s.CompliantResourceCount = v +// SetComplianceType sets the ComplianceType field's value. +func (s *ConfigRuleComplianceFilters) SetComplianceType(v string) *ConfigRuleComplianceFilters { + s.ComplianceType = &v return s } -// SetNonCompliantResourceCount sets the NonCompliantResourceCount field's value. -func (s *ComplianceSummary) SetNonCompliantResourceCount(v *ComplianceContributorCount) *ComplianceSummary { - s.NonCompliantResourceCount = v +// SetConfigRuleName sets the ConfigRuleName field's value. +func (s *ConfigRuleComplianceFilters) SetConfigRuleName(v string) *ConfigRuleComplianceFilters { + s.ConfigRuleName = &v return s } -// The number of AWS resources of a specific type that are compliant or noncompliant, -// up to a maximum of 100 for each. -type ComplianceSummaryByResourceType struct { +// Filters the results based on the account IDs and regions. +type ConfigRuleComplianceSummaryFilters struct { _ struct{} `type:"structure"` - // The number of AWS resources that are compliant or noncompliant, up to a maximum - // of 100 for each. - ComplianceSummary *ComplianceSummary `type:"structure"` + // The 12-digit account ID of the source account. + AccountId *string `type:"string"` - // The type of AWS resource. - ResourceType *string `min:"1" type:"string"` + // The source region where the data is aggregated. + AwsRegion *string `min:"1" type:"string"` } // String returns the string representation -func (s ComplianceSummaryByResourceType) String() string { +func (s ConfigRuleComplianceSummaryFilters) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation -func (s ComplianceSummaryByResourceType) GoString() string { - return s.String() +// GoString returns the string representation +func (s ConfigRuleComplianceSummaryFilters) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ConfigRuleComplianceSummaryFilters) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ConfigRuleComplianceSummaryFilters"} + if s.AwsRegion != nil && len(*s.AwsRegion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AwsRegion", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetComplianceSummary sets the ComplianceSummary field's value. -func (s *ComplianceSummaryByResourceType) SetComplianceSummary(v *ComplianceSummary) *ComplianceSummaryByResourceType { - s.ComplianceSummary = v +// SetAccountId sets the AccountId field's value. +func (s *ConfigRuleComplianceSummaryFilters) SetAccountId(v string) *ConfigRuleComplianceSummaryFilters { + s.AccountId = &v return s } -// SetResourceType sets the ResourceType field's value. -func (s *ComplianceSummaryByResourceType) SetResourceType(v string) *ComplianceSummaryByResourceType { - s.ResourceType = &v +// SetAwsRegion sets the AwsRegion field's value. +func (s *ConfigRuleComplianceSummaryFilters) SetAwsRegion(v string) *ConfigRuleComplianceSummaryFilters { + s.AwsRegion = &v return s } -// Provides status of the delivery of the snapshot or the configuration history -// to the specified Amazon S3 bucket. Also provides the status of notifications -// about the Amazon S3 delivery to the specified Amazon SNS topic. -type ConfigExportDeliveryInfo struct { +// Status information for your AWS managed Config rules. The status includes +// information such as the last time the rule ran, the last time it failed, +// and the related error for the last failure. +// +// This action does not return status information about custom AWS Config rules. +type ConfigRuleEvaluationStatus struct { _ struct{} `type:"structure"` - // The time of the last attempted delivery. - LastAttemptTime *time.Time `locationName:"lastAttemptTime" type:"timestamp"` + // The Amazon Resource Name (ARN) of the AWS Config rule. + ConfigRuleArn *string `type:"string"` - // The error code from the last attempted delivery. - LastErrorCode *string `locationName:"lastErrorCode" type:"string"` + // The ID of the AWS Config rule. + ConfigRuleId *string `type:"string"` - // The error message from the last attempted delivery. - LastErrorMessage *string `locationName:"lastErrorMessage" type:"string"` + // The name of the AWS Config rule. + ConfigRuleName *string `min:"1" type:"string"` - // Status of the last attempted delivery. - LastStatus *string `locationName:"lastStatus" type:"string" enum:"DeliveryStatus"` + // The time that you first activated the AWS Config rule. + FirstActivatedTime *time.Time `type:"timestamp"` - // The time of the last successful delivery. - LastSuccessfulTime *time.Time `locationName:"lastSuccessfulTime" type:"timestamp"` + // Indicates whether AWS Config has evaluated your resources against the rule + // at least once. + // + // * true - AWS Config has evaluated your AWS resources against the rule + // at least once. + // + // * false - AWS Config has not once finished evaluating your AWS resources + // against the rule. + FirstEvaluationStarted *bool `type:"boolean"` - // The time that the next delivery occurs. - NextDeliveryTime *time.Time `locationName:"nextDeliveryTime" type:"timestamp"` + // The error code that AWS Config returned when the rule last failed. + LastErrorCode *string `type:"string"` + + // The error message that AWS Config returned when the rule last failed. + LastErrorMessage *string `type:"string"` + + // The time that AWS Config last failed to evaluate your AWS resources against + // the rule. + LastFailedEvaluationTime *time.Time `type:"timestamp"` + + // The time that AWS Config last failed to invoke the AWS Config rule to evaluate + // your AWS resources. + LastFailedInvocationTime *time.Time `type:"timestamp"` + + // The time that AWS Config last successfully evaluated your AWS resources against + // the rule. + LastSuccessfulEvaluationTime *time.Time `type:"timestamp"` + + // The time that AWS Config last successfully invoked the AWS Config rule to + // evaluate your AWS resources. + LastSuccessfulInvocationTime *time.Time `type:"timestamp"` } // String returns the string representation -func (s ConfigExportDeliveryInfo) String() string { +func (s ConfigRuleEvaluationStatus) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigExportDeliveryInfo) GoString() string { +func (s ConfigRuleEvaluationStatus) GoString() string { return s.String() } -// SetLastAttemptTime sets the LastAttemptTime field's value. -func (s *ConfigExportDeliveryInfo) SetLastAttemptTime(v time.Time) *ConfigExportDeliveryInfo { - s.LastAttemptTime = &v +// SetConfigRuleArn sets the ConfigRuleArn field's value. +func (s *ConfigRuleEvaluationStatus) SetConfigRuleArn(v string) *ConfigRuleEvaluationStatus { + s.ConfigRuleArn = &v + return s +} + +// SetConfigRuleId sets the ConfigRuleId field's value. +func (s *ConfigRuleEvaluationStatus) SetConfigRuleId(v string) *ConfigRuleEvaluationStatus { + s.ConfigRuleId = &v + return s +} + +// SetConfigRuleName sets the ConfigRuleName field's value. +func (s *ConfigRuleEvaluationStatus) SetConfigRuleName(v string) *ConfigRuleEvaluationStatus { + s.ConfigRuleName = &v + return s +} + +// SetFirstActivatedTime sets the FirstActivatedTime field's value. +func (s *ConfigRuleEvaluationStatus) SetFirstActivatedTime(v time.Time) *ConfigRuleEvaluationStatus { + s.FirstActivatedTime = &v + return s +} + +// SetFirstEvaluationStarted sets the FirstEvaluationStarted field's value. +func (s *ConfigRuleEvaluationStatus) SetFirstEvaluationStarted(v bool) *ConfigRuleEvaluationStatus { + s.FirstEvaluationStarted = &v return s } // SetLastErrorCode sets the LastErrorCode field's value. -func (s *ConfigExportDeliveryInfo) SetLastErrorCode(v string) *ConfigExportDeliveryInfo { +func (s *ConfigRuleEvaluationStatus) SetLastErrorCode(v string) *ConfigRuleEvaluationStatus { s.LastErrorCode = &v return s } // SetLastErrorMessage sets the LastErrorMessage field's value. -func (s *ConfigExportDeliveryInfo) SetLastErrorMessage(v string) *ConfigExportDeliveryInfo { +func (s *ConfigRuleEvaluationStatus) SetLastErrorMessage(v string) *ConfigRuleEvaluationStatus { s.LastErrorMessage = &v return s } -// SetLastStatus sets the LastStatus field's value. -func (s *ConfigExportDeliveryInfo) SetLastStatus(v string) *ConfigExportDeliveryInfo { - s.LastStatus = &v +// SetLastFailedEvaluationTime sets the LastFailedEvaluationTime field's value. +func (s *ConfigRuleEvaluationStatus) SetLastFailedEvaluationTime(v time.Time) *ConfigRuleEvaluationStatus { + s.LastFailedEvaluationTime = &v return s } -// SetLastSuccessfulTime sets the LastSuccessfulTime field's value. -func (s *ConfigExportDeliveryInfo) SetLastSuccessfulTime(v time.Time) *ConfigExportDeliveryInfo { - s.LastSuccessfulTime = &v +// SetLastFailedInvocationTime sets the LastFailedInvocationTime field's value. +func (s *ConfigRuleEvaluationStatus) SetLastFailedInvocationTime(v time.Time) *ConfigRuleEvaluationStatus { + s.LastFailedInvocationTime = &v return s } -// SetNextDeliveryTime sets the NextDeliveryTime field's value. -func (s *ConfigExportDeliveryInfo) SetNextDeliveryTime(v time.Time) *ConfigExportDeliveryInfo { - s.NextDeliveryTime = &v +// SetLastSuccessfulEvaluationTime sets the LastSuccessfulEvaluationTime field's value. +func (s *ConfigRuleEvaluationStatus) SetLastSuccessfulEvaluationTime(v time.Time) *ConfigRuleEvaluationStatus { + s.LastSuccessfulEvaluationTime = &v return s } -// An AWS Config rule represents an AWS Lambda function that you create for -// a custom rule or a predefined function for an AWS managed rule. The function -// evaluates configuration items to assess whether your AWS resources comply -// with your desired configurations. This function can run when AWS Config detects -// a configuration change to an AWS resource and at a periodic frequency that -// you choose (for example, every 24 hours). +// SetLastSuccessfulInvocationTime sets the LastSuccessfulInvocationTime field's value. +func (s *ConfigRuleEvaluationStatus) SetLastSuccessfulInvocationTime(v time.Time) *ConfigRuleEvaluationStatus { + s.LastSuccessfulInvocationTime = &v + return s +} + +// Provides options for how often AWS Config delivers configuration snapshots +// to the Amazon S3 bucket in your delivery channel. // -// You can use the AWS CLI and AWS SDKs if you want to create a rule that triggers -// evaluations for your resources when AWS Config delivers the configuration -// snapshot. For more information, see ConfigSnapshotDeliveryProperties. +// The frequency for a rule that triggers evaluations for your resources when +// AWS Config delivers the configuration snapshot is set by one of two values, +// depending on which is less frequent: // -// For more information about developing and using AWS Config rules, see Evaluating -// AWS Resource Configurations with AWS Config (https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html) -// in the AWS Config Developer Guide. -type ConfigRule struct { +// * The value for the deliveryFrequency parameter within the delivery channel +// configuration, which sets how often AWS Config delivers configuration +// snapshots. This value also sets how often AWS Config invokes evaluations +// for AWS Config rules. +// +// * The value for the MaximumExecutionFrequency parameter, which sets the +// maximum frequency with which AWS Config invokes evaluations for the rule. +// For more information, see ConfigRule. +// +// If the deliveryFrequency value is less frequent than the MaximumExecutionFrequency +// value for a rule, AWS Config invokes the rule only as often as the deliveryFrequency +// value. +// +// For example, you want your rule to run evaluations when AWS Config delivers +// the configuration snapshot. +// +// You specify the MaximumExecutionFrequency value for Six_Hours. +// +// You then specify the delivery channel deliveryFrequency value for TwentyFour_Hours. +// +// Because the value for deliveryFrequency is less frequent than MaximumExecutionFrequency, +// AWS Config invokes evaluations for the rule every 24 hours. +// +// You should set the MaximumExecutionFrequency value to be at least as frequent +// as the deliveryFrequency value. You can view the deliveryFrequency value +// by using the DescribeDeliveryChannnels action. +// +// To update the deliveryFrequency with which AWS Config delivers your configuration +// snapshots, use the PutDeliveryChannel action. +type ConfigSnapshotDeliveryProperties struct { _ struct{} `type:"structure"` - // The Amazon Resource Name (ARN) of the AWS Config rule. - ConfigRuleArn *string `type:"string"` - - // The ID of the AWS Config rule. - ConfigRuleId *string `type:"string"` - - // The name that you assign to the AWS Config rule. The name is required if - // you are adding a new rule. - ConfigRuleName *string `min:"1" type:"string"` - - // Indicates whether the AWS Config rule is active or is currently being deleted - // by AWS Config. It can also indicate the evaluation status for the AWS Config - // rule. - // - // AWS Config sets the state of the rule to EVALUATING temporarily after you - // use the StartConfigRulesEvaluation request to evaluate your resources against - // the AWS Config rule. - // - // AWS Config sets the state of the rule to DELETING_RESULTS temporarily after - // you use the DeleteEvaluationResults request to delete the current evaluation - // results for the AWS Config rule. - // - // AWS Config temporarily sets the state of a rule to DELETING after you use - // the DeleteConfigRule request to delete the rule. After AWS Config deletes - // the rule, the rule and all of its evaluations are erased and are no longer - // available. - ConfigRuleState *string `type:"string" enum:"ConfigRuleState"` - - // Service principal name of the service that created the rule. - // - // The field is populated only if the service linked rule is created by a service. - // The field is empty if you create your own rule. - CreatedBy *string `min:"1" type:"string"` - - // The description that you provide for the AWS Config rule. - Description *string `type:"string"` - - // A string, in JSON format, that is passed to the AWS Config rule Lambda function. - InputParameters *string `min:"1" type:"string"` - - // The maximum frequency with which AWS Config runs evaluations for a rule. - // You can specify a value for MaximumExecutionFrequency when: - // - // * You are using an AWS managed rule that is triggered at a periodic frequency. - // - // * Your custom rule is triggered when AWS Config delivers the configuration - // snapshot. For more information, see ConfigSnapshotDeliveryProperties. - // - // By default, rules with a periodic trigger are evaluated every 24 hours. To - // change the frequency, specify a valid value for the MaximumExecutionFrequency - // parameter. - MaximumExecutionFrequency *string `type:"string" enum:"MaximumExecutionFrequency"` - - // Defines which resources can trigger an evaluation for the rule. The scope - // can include one or more resource types, a combination of one resource type - // and one resource ID, or a combination of a tag key and value. Specify a scope - // to constrain the resources that can trigger an evaluation for the rule. If - // you do not specify a scope, evaluations are triggered when any resource in - // the recording group changes. - Scope *Scope `type:"structure"` - - // Provides the rule owner (AWS or customer), the rule identifier, and the notifications - // that cause the function to evaluate your AWS resources. - // - // Source is a required field - Source *Source `type:"structure" required:"true"` + // The frequency with which AWS Config delivers configuration snapshots. + DeliveryFrequency *string `locationName:"deliveryFrequency" type:"string" enum:"MaximumExecutionFrequency"` } // String returns the string representation -func (s ConfigRule) String() string { +func (s ConfigSnapshotDeliveryProperties) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigRule) GoString() string { +func (s ConfigSnapshotDeliveryProperties) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *ConfigRule) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ConfigRule"} - if s.ConfigRuleName != nil && len(*s.ConfigRuleName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ConfigRuleName", 1)) - } - if s.CreatedBy != nil && len(*s.CreatedBy) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CreatedBy", 1)) - } - if s.InputParameters != nil && len(*s.InputParameters) < 1 { - invalidParams.Add(request.NewErrParamMinLen("InputParameters", 1)) - } - if s.Source == nil { - invalidParams.Add(request.NewErrParamRequired("Source")) - } - if s.Scope != nil { - if err := s.Scope.Validate(); err != nil { - invalidParams.AddNested("Scope", err.(request.ErrInvalidParams)) - } - } - if s.Source != nil { - if err := s.Source.Validate(); err != nil { - invalidParams.AddNested("Source", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetConfigRuleArn sets the ConfigRuleArn field's value. -func (s *ConfigRule) SetConfigRuleArn(v string) *ConfigRule { - s.ConfigRuleArn = &v +// SetDeliveryFrequency sets the DeliveryFrequency field's value. +func (s *ConfigSnapshotDeliveryProperties) SetDeliveryFrequency(v string) *ConfigSnapshotDeliveryProperties { + s.DeliveryFrequency = &v return s } -// SetConfigRuleId sets the ConfigRuleId field's value. -func (s *ConfigRule) SetConfigRuleId(v string) *ConfigRule { - s.ConfigRuleId = &v - return s -} +// A list that contains the status of the delivery of the configuration stream +// notification to the Amazon SNS topic. +type ConfigStreamDeliveryInfo struct { + _ struct{} `type:"structure"` -// SetConfigRuleName sets the ConfigRuleName field's value. -func (s *ConfigRule) SetConfigRuleName(v string) *ConfigRule { - s.ConfigRuleName = &v - return s -} + // The error code from the last attempted delivery. + LastErrorCode *string `locationName:"lastErrorCode" type:"string"` -// SetConfigRuleState sets the ConfigRuleState field's value. -func (s *ConfigRule) SetConfigRuleState(v string) *ConfigRule { - s.ConfigRuleState = &v - return s + // The error message from the last attempted delivery. + LastErrorMessage *string `locationName:"lastErrorMessage" type:"string"` + + // Status of the last attempted delivery. + // + // Note Providing an SNS topic on a DeliveryChannel (https://docs.aws.amazon.com/config/latest/APIReference/API_DeliveryChannel.html) + // for AWS Config is optional. If the SNS delivery is turned off, the last status + // will be Not_Applicable. + LastStatus *string `locationName:"lastStatus" type:"string" enum:"DeliveryStatus"` + + // The time from the last status change. + LastStatusChangeTime *time.Time `locationName:"lastStatusChangeTime" type:"timestamp"` } -// SetCreatedBy sets the CreatedBy field's value. -func (s *ConfigRule) SetCreatedBy(v string) *ConfigRule { - s.CreatedBy = &v - return s +// String returns the string representation +func (s ConfigStreamDeliveryInfo) String() string { + return awsutil.Prettify(s) } -// SetDescription sets the Description field's value. -func (s *ConfigRule) SetDescription(v string) *ConfigRule { - s.Description = &v - return s +// GoString returns the string representation +func (s ConfigStreamDeliveryInfo) GoString() string { + return s.String() } -// SetInputParameters sets the InputParameters field's value. -func (s *ConfigRule) SetInputParameters(v string) *ConfigRule { - s.InputParameters = &v +// SetLastErrorCode sets the LastErrorCode field's value. +func (s *ConfigStreamDeliveryInfo) SetLastErrorCode(v string) *ConfigStreamDeliveryInfo { + s.LastErrorCode = &v return s } -// SetMaximumExecutionFrequency sets the MaximumExecutionFrequency field's value. -func (s *ConfigRule) SetMaximumExecutionFrequency(v string) *ConfigRule { - s.MaximumExecutionFrequency = &v +// SetLastErrorMessage sets the LastErrorMessage field's value. +func (s *ConfigStreamDeliveryInfo) SetLastErrorMessage(v string) *ConfigStreamDeliveryInfo { + s.LastErrorMessage = &v return s } -// SetScope sets the Scope field's value. -func (s *ConfigRule) SetScope(v *Scope) *ConfigRule { - s.Scope = v +// SetLastStatus sets the LastStatus field's value. +func (s *ConfigStreamDeliveryInfo) SetLastStatus(v string) *ConfigStreamDeliveryInfo { + s.LastStatus = &v return s } -// SetSource sets the Source field's value. -func (s *ConfigRule) SetSource(v *Source) *ConfigRule { - s.Source = v +// SetLastStatusChangeTime sets the LastStatusChangeTime field's value. +func (s *ConfigStreamDeliveryInfo) SetLastStatusChangeTime(v time.Time) *ConfigStreamDeliveryInfo { + s.LastStatusChangeTime = &v return s } -// Filters the compliance results based on account ID, region, compliance type, -// and rule name. -type ConfigRuleComplianceFilters struct { +// The details about the configuration aggregator, including information about +// source accounts, regions, and metadata of the aggregator. +type ConfigurationAggregator struct { _ struct{} `type:"structure"` - // The 12-digit account ID of the source account. - AccountId *string `type:"string"` + // Provides a list of source accounts and regions to be aggregated. + AccountAggregationSources []*AccountAggregationSource `type:"list"` - // The source region where the data is aggregated. - AwsRegion *string `min:"1" type:"string"` + // The Amazon Resource Name (ARN) of the aggregator. + ConfigurationAggregatorArn *string `type:"string"` - // The rule compliance status. - // - // For the ConfigRuleComplianceFilters data type, AWS Config supports only COMPLIANT - // and NON_COMPLIANT. AWS Config does not support the NOT_APPLICABLE and the - // INSUFFICIENT_DATA values. - ComplianceType *string `type:"string" enum:"ComplianceType"` + // The name of the aggregator. + ConfigurationAggregatorName *string `min:"1" type:"string"` - // The name of the AWS Config rule. - ConfigRuleName *string `min:"1" type:"string"` + // The time stamp when the configuration aggregator was created. + CreationTime *time.Time `type:"timestamp"` + + // The time of the last update. + LastUpdatedTime *time.Time `type:"timestamp"` + + // Provides an organization and list of regions to be aggregated. + OrganizationAggregationSource *OrganizationAggregationSource `type:"structure"` } // String returns the string representation -func (s ConfigRuleComplianceFilters) String() string { +func (s ConfigurationAggregator) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigRuleComplianceFilters) GoString() string { +func (s ConfigurationAggregator) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *ConfigRuleComplianceFilters) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ConfigRuleComplianceFilters"} - if s.AwsRegion != nil && len(*s.AwsRegion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("AwsRegion", 1)) - } - if s.ConfigRuleName != nil && len(*s.ConfigRuleName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ConfigRuleName", 1)) - } +// SetAccountAggregationSources sets the AccountAggregationSources field's value. +func (s *ConfigurationAggregator) SetAccountAggregationSources(v []*AccountAggregationSource) *ConfigurationAggregator { + s.AccountAggregationSources = v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetConfigurationAggregatorArn sets the ConfigurationAggregatorArn field's value. +func (s *ConfigurationAggregator) SetConfigurationAggregatorArn(v string) *ConfigurationAggregator { + s.ConfigurationAggregatorArn = &v + return s } -// SetAccountId sets the AccountId field's value. -func (s *ConfigRuleComplianceFilters) SetAccountId(v string) *ConfigRuleComplianceFilters { - s.AccountId = &v +// SetConfigurationAggregatorName sets the ConfigurationAggregatorName field's value. +func (s *ConfigurationAggregator) SetConfigurationAggregatorName(v string) *ConfigurationAggregator { + s.ConfigurationAggregatorName = &v return s } -// SetAwsRegion sets the AwsRegion field's value. -func (s *ConfigRuleComplianceFilters) SetAwsRegion(v string) *ConfigRuleComplianceFilters { - s.AwsRegion = &v +// SetCreationTime sets the CreationTime field's value. +func (s *ConfigurationAggregator) SetCreationTime(v time.Time) *ConfigurationAggregator { + s.CreationTime = &v return s } -// SetComplianceType sets the ComplianceType field's value. -func (s *ConfigRuleComplianceFilters) SetComplianceType(v string) *ConfigRuleComplianceFilters { - s.ComplianceType = &v +// SetLastUpdatedTime sets the LastUpdatedTime field's value. +func (s *ConfigurationAggregator) SetLastUpdatedTime(v time.Time) *ConfigurationAggregator { + s.LastUpdatedTime = &v return s } -// SetConfigRuleName sets the ConfigRuleName field's value. -func (s *ConfigRuleComplianceFilters) SetConfigRuleName(v string) *ConfigRuleComplianceFilters { - s.ConfigRuleName = &v +// SetOrganizationAggregationSource sets the OrganizationAggregationSource field's value. +func (s *ConfigurationAggregator) SetOrganizationAggregationSource(v *OrganizationAggregationSource) *ConfigurationAggregator { + s.OrganizationAggregationSource = v return s } -// Filters the results based on the account IDs and regions. -type ConfigRuleComplianceSummaryFilters struct { +// A list that contains detailed configurations of a specified resource. +type ConfigurationItem struct { _ struct{} `type:"structure"` - // The 12-digit account ID of the source account. - AccountId *string `type:"string"` + // The 12-digit AWS account ID associated with the resource. + AccountId *string `locationName:"accountId" type:"string"` + + // accoun + Arn *string `locationName:"arn" type:"string"` + + // The Availability Zone associated with the resource. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The region where the resource resides. + AwsRegion *string `locationName:"awsRegion" min:"1" type:"string"` + + // The description of the resource configuration. + Configuration *string `locationName:"configuration" type:"string"` + + // The time when the configuration recording was initiated. + ConfigurationItemCaptureTime *time.Time `locationName:"configurationItemCaptureTime" type:"timestamp"` + + // Unique MD5 hash that represents the configuration item's state. + // + // You can use MD5 hash to compare the states of two or more configuration items + // that are associated with the same resource. + ConfigurationItemMD5Hash *string `locationName:"configurationItemMD5Hash" type:"string"` + + // The configuration item status. + ConfigurationItemStatus *string `locationName:"configurationItemStatus" type:"string" enum:"ConfigurationItemStatus"` + + // An identifier that indicates the ordering of the configuration items of a + // resource. + ConfigurationStateId *string `locationName:"configurationStateId" type:"string"` + + // A list of CloudTrail event IDs. + // + // A populated field indicates that the current configuration was initiated + // by the events recorded in the CloudTrail log. For more information about + // CloudTrail, see What Is AWS CloudTrail (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html). + // + // An empty field indicates that the current configuration was not initiated + // by any event. + RelatedEvents []*string `locationName:"relatedEvents" type:"list"` + + // A list of related AWS resources. + Relationships []*Relationship `locationName:"relationships" type:"list"` + + // The time stamp when the resource was created. + ResourceCreationTime *time.Time `locationName:"resourceCreationTime" type:"timestamp"` + + // The ID of the resource (for example, sg-xxxxxx). + ResourceId *string `locationName:"resourceId" min:"1" type:"string"` + + // The custom name of the resource, if available. + ResourceName *string `locationName:"resourceName" type:"string"` + + // The type of AWS resource. + ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"` + + // Configuration attributes that AWS Config returns for certain resource types + // to supplement the information returned for the configuration parameter. + SupplementaryConfiguration map[string]*string `locationName:"supplementaryConfiguration" type:"map"` + + // A mapping of key value tags associated with the resource. + Tags map[string]*string `locationName:"tags" type:"map"` - // The source region where the data is aggregated. - AwsRegion *string `min:"1" type:"string"` + // The version number of the resource configuration. + Version *string `locationName:"version" type:"string"` } // String returns the string representation -func (s ConfigRuleComplianceSummaryFilters) String() string { +func (s ConfigurationItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigRuleComplianceSummaryFilters) GoString() string { +func (s ConfigurationItem) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *ConfigRuleComplianceSummaryFilters) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ConfigRuleComplianceSummaryFilters"} - if s.AwsRegion != nil && len(*s.AwsRegion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("AwsRegion", 1)) - } +// SetAccountId sets the AccountId field's value. +func (s *ConfigurationItem) SetAccountId(v string) *ConfigurationItem { + s.AccountId = &v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetArn sets the Arn field's value. +func (s *ConfigurationItem) SetArn(v string) *ConfigurationItem { + s.Arn = &v + return s } -// SetAccountId sets the AccountId field's value. -func (s *ConfigRuleComplianceSummaryFilters) SetAccountId(v string) *ConfigRuleComplianceSummaryFilters { - s.AccountId = &v +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *ConfigurationItem) SetAvailabilityZone(v string) *ConfigurationItem { + s.AvailabilityZone = &v return s } // SetAwsRegion sets the AwsRegion field's value. -func (s *ConfigRuleComplianceSummaryFilters) SetAwsRegion(v string) *ConfigRuleComplianceSummaryFilters { +func (s *ConfigurationItem) SetAwsRegion(v string) *ConfigurationItem { s.AwsRegion = &v return s } -// Status information for your AWS managed Config rules. The status includes -// information such as the last time the rule ran, the last time it failed, -// and the related error for the last failure. -// -// This action does not return status information about custom AWS Config rules. -type ConfigRuleEvaluationStatus struct { - _ struct{} `type:"structure"` - - // The Amazon Resource Name (ARN) of the AWS Config rule. - ConfigRuleArn *string `type:"string"` - - // The ID of the AWS Config rule. - ConfigRuleId *string `type:"string"` - - // The name of the AWS Config rule. - ConfigRuleName *string `min:"1" type:"string"` - - // The time that you first activated the AWS Config rule. - FirstActivatedTime *time.Time `type:"timestamp"` - - // Indicates whether AWS Config has evaluated your resources against the rule - // at least once. - // - // * true - AWS Config has evaluated your AWS resources against the rule - // at least once. - // - // * false - AWS Config has not once finished evaluating your AWS resources - // against the rule. - FirstEvaluationStarted *bool `type:"boolean"` - - // The error code that AWS Config returned when the rule last failed. - LastErrorCode *string `type:"string"` - - // The error message that AWS Config returned when the rule last failed. - LastErrorMessage *string `type:"string"` - - // The time that AWS Config last failed to evaluate your AWS resources against - // the rule. - LastFailedEvaluationTime *time.Time `type:"timestamp"` - - // The time that AWS Config last failed to invoke the AWS Config rule to evaluate - // your AWS resources. - LastFailedInvocationTime *time.Time `type:"timestamp"` - - // The time that AWS Config last successfully evaluated your AWS resources against - // the rule. - LastSuccessfulEvaluationTime *time.Time `type:"timestamp"` - - // The time that AWS Config last successfully invoked the AWS Config rule to - // evaluate your AWS resources. - LastSuccessfulInvocationTime *time.Time `type:"timestamp"` +// SetConfiguration sets the Configuration field's value. +func (s *ConfigurationItem) SetConfiguration(v string) *ConfigurationItem { + s.Configuration = &v + return s } -// String returns the string representation -func (s ConfigRuleEvaluationStatus) String() string { - return awsutil.Prettify(s) +// SetConfigurationItemCaptureTime sets the ConfigurationItemCaptureTime field's value. +func (s *ConfigurationItem) SetConfigurationItemCaptureTime(v time.Time) *ConfigurationItem { + s.ConfigurationItemCaptureTime = &v + return s } -// GoString returns the string representation -func (s ConfigRuleEvaluationStatus) GoString() string { - return s.String() +// SetConfigurationItemMD5Hash sets the ConfigurationItemMD5Hash field's value. +func (s *ConfigurationItem) SetConfigurationItemMD5Hash(v string) *ConfigurationItem { + s.ConfigurationItemMD5Hash = &v + return s } -// SetConfigRuleArn sets the ConfigRuleArn field's value. -func (s *ConfigRuleEvaluationStatus) SetConfigRuleArn(v string) *ConfigRuleEvaluationStatus { - s.ConfigRuleArn = &v +// SetConfigurationItemStatus sets the ConfigurationItemStatus field's value. +func (s *ConfigurationItem) SetConfigurationItemStatus(v string) *ConfigurationItem { + s.ConfigurationItemStatus = &v return s } -// SetConfigRuleId sets the ConfigRuleId field's value. -func (s *ConfigRuleEvaluationStatus) SetConfigRuleId(v string) *ConfigRuleEvaluationStatus { - s.ConfigRuleId = &v +// SetConfigurationStateId sets the ConfigurationStateId field's value. +func (s *ConfigurationItem) SetConfigurationStateId(v string) *ConfigurationItem { + s.ConfigurationStateId = &v return s } -// SetConfigRuleName sets the ConfigRuleName field's value. -func (s *ConfigRuleEvaluationStatus) SetConfigRuleName(v string) *ConfigRuleEvaluationStatus { - s.ConfigRuleName = &v +// SetRelatedEvents sets the RelatedEvents field's value. +func (s *ConfigurationItem) SetRelatedEvents(v []*string) *ConfigurationItem { + s.RelatedEvents = v return s } -// SetFirstActivatedTime sets the FirstActivatedTime field's value. -func (s *ConfigRuleEvaluationStatus) SetFirstActivatedTime(v time.Time) *ConfigRuleEvaluationStatus { - s.FirstActivatedTime = &v +// SetRelationships sets the Relationships field's value. +func (s *ConfigurationItem) SetRelationships(v []*Relationship) *ConfigurationItem { + s.Relationships = v return s } -// SetFirstEvaluationStarted sets the FirstEvaluationStarted field's value. -func (s *ConfigRuleEvaluationStatus) SetFirstEvaluationStarted(v bool) *ConfigRuleEvaluationStatus { - s.FirstEvaluationStarted = &v +// SetResourceCreationTime sets the ResourceCreationTime field's value. +func (s *ConfigurationItem) SetResourceCreationTime(v time.Time) *ConfigurationItem { + s.ResourceCreationTime = &v return s } -// SetLastErrorCode sets the LastErrorCode field's value. -func (s *ConfigRuleEvaluationStatus) SetLastErrorCode(v string) *ConfigRuleEvaluationStatus { - s.LastErrorCode = &v +// SetResourceId sets the ResourceId field's value. +func (s *ConfigurationItem) SetResourceId(v string) *ConfigurationItem { + s.ResourceId = &v return s } -// SetLastErrorMessage sets the LastErrorMessage field's value. -func (s *ConfigRuleEvaluationStatus) SetLastErrorMessage(v string) *ConfigRuleEvaluationStatus { - s.LastErrorMessage = &v +// SetResourceName sets the ResourceName field's value. +func (s *ConfigurationItem) SetResourceName(v string) *ConfigurationItem { + s.ResourceName = &v return s } -// SetLastFailedEvaluationTime sets the LastFailedEvaluationTime field's value. -func (s *ConfigRuleEvaluationStatus) SetLastFailedEvaluationTime(v time.Time) *ConfigRuleEvaluationStatus { - s.LastFailedEvaluationTime = &v +// SetResourceType sets the ResourceType field's value. +func (s *ConfigurationItem) SetResourceType(v string) *ConfigurationItem { + s.ResourceType = &v return s } -// SetLastFailedInvocationTime sets the LastFailedInvocationTime field's value. -func (s *ConfigRuleEvaluationStatus) SetLastFailedInvocationTime(v time.Time) *ConfigRuleEvaluationStatus { - s.LastFailedInvocationTime = &v +// SetSupplementaryConfiguration sets the SupplementaryConfiguration field's value. +func (s *ConfigurationItem) SetSupplementaryConfiguration(v map[string]*string) *ConfigurationItem { + s.SupplementaryConfiguration = v return s } -// SetLastSuccessfulEvaluationTime sets the LastSuccessfulEvaluationTime field's value. -func (s *ConfigRuleEvaluationStatus) SetLastSuccessfulEvaluationTime(v time.Time) *ConfigRuleEvaluationStatus { - s.LastSuccessfulEvaluationTime = &v +// SetTags sets the Tags field's value. +func (s *ConfigurationItem) SetTags(v map[string]*string) *ConfigurationItem { + s.Tags = v return s } -// SetLastSuccessfulInvocationTime sets the LastSuccessfulInvocationTime field's value. -func (s *ConfigRuleEvaluationStatus) SetLastSuccessfulInvocationTime(v time.Time) *ConfigRuleEvaluationStatus { - s.LastSuccessfulInvocationTime = &v +// SetVersion sets the Version field's value. +func (s *ConfigurationItem) SetVersion(v string) *ConfigurationItem { + s.Version = &v return s } -// Provides options for how often AWS Config delivers configuration snapshots -// to the Amazon S3 bucket in your delivery channel. -// -// The frequency for a rule that triggers evaluations for your resources when -// AWS Config delivers the configuration snapshot is set by one of two values, -// depending on which is less frequent: -// -// * The value for the deliveryFrequency parameter within the delivery channel -// configuration, which sets how often AWS Config delivers configuration -// snapshots. This value also sets how often AWS Config invokes evaluations -// for AWS Config rules. -// -// * The value for the MaximumExecutionFrequency parameter, which sets the -// maximum frequency with which AWS Config invokes evaluations for the rule. -// For more information, see ConfigRule. -// -// If the deliveryFrequency value is less frequent than the MaximumExecutionFrequency -// value for a rule, AWS Config invokes the rule only as often as the deliveryFrequency -// value. -// -// For example, you want your rule to run evaluations when AWS Config delivers -// the configuration snapshot. -// -// You specify the MaximumExecutionFrequency value for Six_Hours. -// -// You then specify the delivery channel deliveryFrequency value for TwentyFour_Hours. -// -// Because the value for deliveryFrequency is less frequent than MaximumExecutionFrequency, -// AWS Config invokes evaluations for the rule every 24 hours. -// -// You should set the MaximumExecutionFrequency value to be at least as frequent -// as the deliveryFrequency value. You can view the deliveryFrequency value -// by using the DescribeDeliveryChannnels action. -// -// To update the deliveryFrequency with which AWS Config delivers your configuration -// snapshots, use the PutDeliveryChannel action. -type ConfigSnapshotDeliveryProperties struct { +// An object that represents the recording of configuration changes of an AWS +// resource. +type ConfigurationRecorder struct { _ struct{} `type:"structure"` - // The frequency with which AWS Config delivers configuration snapshots. - DeliveryFrequency *string `locationName:"deliveryFrequency" type:"string" enum:"MaximumExecutionFrequency"` + // The name of the recorder. By default, AWS Config automatically assigns the + // name "default" when creating the configuration recorder. You cannot change + // the assigned name. + Name *string `locationName:"name" min:"1" type:"string"` + + // Specifies the types of AWS resources for which AWS Config records configuration + // changes. + RecordingGroup *RecordingGroup `locationName:"recordingGroup" type:"structure"` + + // Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources + // associated with the account. + RoleARN *string `locationName:"roleARN" type:"string"` } // String returns the string representation -func (s ConfigSnapshotDeliveryProperties) String() string { +func (s ConfigurationRecorder) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigSnapshotDeliveryProperties) GoString() string { +func (s ConfigurationRecorder) GoString() string { return s.String() } -// SetDeliveryFrequency sets the DeliveryFrequency field's value. -func (s *ConfigSnapshotDeliveryProperties) SetDeliveryFrequency(v string) *ConfigSnapshotDeliveryProperties { - s.DeliveryFrequency = &v +// Validate inspects the fields of the type to determine if they are valid. +func (s *ConfigurationRecorder) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ConfigurationRecorder"} + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetName sets the Name field's value. +func (s *ConfigurationRecorder) SetName(v string) *ConfigurationRecorder { + s.Name = &v + return s +} + +// SetRecordingGroup sets the RecordingGroup field's value. +func (s *ConfigurationRecorder) SetRecordingGroup(v *RecordingGroup) *ConfigurationRecorder { + s.RecordingGroup = v + return s +} + +// SetRoleARN sets the RoleARN field's value. +func (s *ConfigurationRecorder) SetRoleARN(v string) *ConfigurationRecorder { + s.RoleARN = &v return s } -// A list that contains the status of the delivery of the configuration stream -// notification to the Amazon SNS topic. -type ConfigStreamDeliveryInfo struct { +// The current status of the configuration recorder. +type ConfigurationRecorderStatus struct { _ struct{} `type:"structure"` - // The error code from the last attempted delivery. + // The error code indicating that the recording failed. LastErrorCode *string `locationName:"lastErrorCode" type:"string"` - // The error message from the last attempted delivery. + // The message indicating that the recording failed due to an error. LastErrorMessage *string `locationName:"lastErrorMessage" type:"string"` - // Status of the last attempted delivery. - // - // Note Providing an SNS topic on a DeliveryChannel (https://docs.aws.amazon.com/config/latest/APIReference/API_DeliveryChannel.html) - // for AWS Config is optional. If the SNS delivery is turned off, the last status - // will be Not_Applicable. - LastStatus *string `locationName:"lastStatus" type:"string" enum:"DeliveryStatus"` + // The time the recorder was last started. + LastStartTime *time.Time `locationName:"lastStartTime" type:"timestamp"` - // The time from the last status change. + // The last (previous) status of the recorder. + LastStatus *string `locationName:"lastStatus" type:"string" enum:"RecorderStatus"` + + // The time when the status was last changed. LastStatusChangeTime *time.Time `locationName:"lastStatusChangeTime" type:"timestamp"` + + // The time the recorder was last stopped. + LastStopTime *time.Time `locationName:"lastStopTime" type:"timestamp"` + + // The name of the configuration recorder. + Name *string `locationName:"name" type:"string"` + + // Specifies whether or not the recorder is currently recording. + Recording *bool `locationName:"recording" type:"boolean"` } // String returns the string representation -func (s ConfigStreamDeliveryInfo) String() string { +func (s ConfigurationRecorderStatus) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigStreamDeliveryInfo) GoString() string { +func (s ConfigurationRecorderStatus) GoString() string { return s.String() } // SetLastErrorCode sets the LastErrorCode field's value. -func (s *ConfigStreamDeliveryInfo) SetLastErrorCode(v string) *ConfigStreamDeliveryInfo { +func (s *ConfigurationRecorderStatus) SetLastErrorCode(v string) *ConfigurationRecorderStatus { s.LastErrorCode = &v return s } // SetLastErrorMessage sets the LastErrorMessage field's value. -func (s *ConfigStreamDeliveryInfo) SetLastErrorMessage(v string) *ConfigStreamDeliveryInfo { +func (s *ConfigurationRecorderStatus) SetLastErrorMessage(v string) *ConfigurationRecorderStatus { s.LastErrorMessage = &v return s } +// SetLastStartTime sets the LastStartTime field's value. +func (s *ConfigurationRecorderStatus) SetLastStartTime(v time.Time) *ConfigurationRecorderStatus { + s.LastStartTime = &v + return s +} + // SetLastStatus sets the LastStatus field's value. -func (s *ConfigStreamDeliveryInfo) SetLastStatus(v string) *ConfigStreamDeliveryInfo { +func (s *ConfigurationRecorderStatus) SetLastStatus(v string) *ConfigurationRecorderStatus { s.LastStatus = &v return s } // SetLastStatusChangeTime sets the LastStatusChangeTime field's value. -func (s *ConfigStreamDeliveryInfo) SetLastStatusChangeTime(v time.Time) *ConfigStreamDeliveryInfo { +func (s *ConfigurationRecorderStatus) SetLastStatusChangeTime(v time.Time) *ConfigurationRecorderStatus { s.LastStatusChangeTime = &v return s } -// The details about the configuration aggregator, including information about -// source accounts, regions, and metadata of the aggregator. -type ConfigurationAggregator struct { - _ struct{} `type:"structure"` - - // Provides a list of source accounts and regions to be aggregated. - AccountAggregationSources []*AccountAggregationSource `type:"list"` +// SetLastStopTime sets the LastStopTime field's value. +func (s *ConfigurationRecorderStatus) SetLastStopTime(v time.Time) *ConfigurationRecorderStatus { + s.LastStopTime = &v + return s +} - // The Amazon Resource Name (ARN) of the aggregator. - ConfigurationAggregatorArn *string `type:"string"` +// SetName sets the Name field's value. +func (s *ConfigurationRecorderStatus) SetName(v string) *ConfigurationRecorderStatus { + s.Name = &v + return s +} - // The name of the aggregator. - ConfigurationAggregatorName *string `min:"1" type:"string"` +// SetRecording sets the Recording field's value. +func (s *ConfigurationRecorderStatus) SetRecording(v bool) *ConfigurationRecorderStatus { + s.Recording = &v + return s +} - // The time stamp when the configuration aggregator was created. - CreationTime *time.Time `type:"timestamp"` +// Filters the conformance pack by compliance types and AWS Config rule names. +type ConformancePackComplianceFilters struct { + _ struct{} `type:"structure"` - // The time of the last update. - LastUpdatedTime *time.Time `type:"timestamp"` + // Filters the results by compliance. + // + // The allowed values are COMPLIANT and NON_COMPLIANT. + ComplianceType *string `type:"string" enum:"ConformancePackComplianceType"` - // Provides an organization and list of regions to be aggregated. - OrganizationAggregationSource *OrganizationAggregationSource `type:"structure"` + // Filters the results by AWS Config rule names. + ConfigRuleNames []*string `type:"list"` } // String returns the string representation -func (s ConfigurationAggregator) String() string { +func (s ConformancePackComplianceFilters) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigurationAggregator) GoString() string { +func (s ConformancePackComplianceFilters) GoString() string { return s.String() } -// SetAccountAggregationSources sets the AccountAggregationSources field's value. -func (s *ConfigurationAggregator) SetAccountAggregationSources(v []*AccountAggregationSource) *ConfigurationAggregator { - s.AccountAggregationSources = v +// SetComplianceType sets the ComplianceType field's value. +func (s *ConformancePackComplianceFilters) SetComplianceType(v string) *ConformancePackComplianceFilters { + s.ComplianceType = &v return s } -// SetConfigurationAggregatorArn sets the ConfigurationAggregatorArn field's value. -func (s *ConfigurationAggregator) SetConfigurationAggregatorArn(v string) *ConfigurationAggregator { - s.ConfigurationAggregatorArn = &v +// SetConfigRuleNames sets the ConfigRuleNames field's value. +func (s *ConformancePackComplianceFilters) SetConfigRuleNames(v []*string) *ConformancePackComplianceFilters { + s.ConfigRuleNames = v return s } -// SetConfigurationAggregatorName sets the ConfigurationAggregatorName field's value. -func (s *ConfigurationAggregator) SetConfigurationAggregatorName(v string) *ConfigurationAggregator { - s.ConfigurationAggregatorName = &v - return s +type ConformancePackComplianceSummary struct { + _ struct{} `type:"structure"` + + // ConformancePackComplianceStatus is a required field + ConformancePackComplianceStatus *string `type:"string" required:"true" enum:"ConformancePackComplianceType"` + + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` } -// SetCreationTime sets the CreationTime field's value. -func (s *ConfigurationAggregator) SetCreationTime(v time.Time) *ConfigurationAggregator { - s.CreationTime = &v - return s +// String returns the string representation +func (s ConformancePackComplianceSummary) String() string { + return awsutil.Prettify(s) } -// SetLastUpdatedTime sets the LastUpdatedTime field's value. -func (s *ConfigurationAggregator) SetLastUpdatedTime(v time.Time) *ConfigurationAggregator { - s.LastUpdatedTime = &v +// GoString returns the string representation +func (s ConformancePackComplianceSummary) GoString() string { + return s.String() +} + +// SetConformancePackComplianceStatus sets the ConformancePackComplianceStatus field's value. +func (s *ConformancePackComplianceSummary) SetConformancePackComplianceStatus(v string) *ConformancePackComplianceSummary { + s.ConformancePackComplianceStatus = &v return s } -// SetOrganizationAggregationSource sets the OrganizationAggregationSource field's value. -func (s *ConfigurationAggregator) SetOrganizationAggregationSource(v *OrganizationAggregationSource) *ConfigurationAggregator { - s.OrganizationAggregationSource = v +// SetConformancePackName sets the ConformancePackName field's value. +func (s *ConformancePackComplianceSummary) SetConformancePackName(v string) *ConformancePackComplianceSummary { + s.ConformancePackName = &v return s } -// A list that contains detailed configurations of a specified resource. -type ConfigurationItem struct { +// Returns details of a conformance pack. A conformance pack is a collection +// of AWS Config rules that can be easily deployed in an account and a region. +type ConformancePackDetail struct { _ struct{} `type:"structure"` - // The 12-digit AWS account ID associated with the resource. - AccountId *string `locationName:"accountId" type:"string"` - - // accoun - Arn *string `locationName:"arn" type:"string"` - - // The Availability Zone associated with the resource. - AvailabilityZone *string `locationName:"availabilityZone" type:"string"` - - // The region where the resource resides. - AwsRegion *string `locationName:"awsRegion" min:"1" type:"string"` - - // The description of the resource configuration. - Configuration *string `locationName:"configuration" type:"string"` - - // The time when the configuration recording was initiated. - ConfigurationItemCaptureTime *time.Time `locationName:"configurationItemCaptureTime" type:"timestamp"` - - // Unique MD5 hash that represents the configuration item's state. + // Amazon Resource Name (ARN) of the conformance pack. // - // You can use MD5 hash to compare the states of two or more configuration items - // that are associated with the same resource. - ConfigurationItemMD5Hash *string `locationName:"configurationItemMD5Hash" type:"string"` - - // The configuration item status. - ConfigurationItemStatus *string `locationName:"configurationItemStatus" type:"string" enum:"ConfigurationItemStatus"` - - // An identifier that indicates the ordering of the configuration items of a - // resource. - ConfigurationStateId *string `locationName:"configurationStateId" type:"string"` + // ConformancePackArn is a required field + ConformancePackArn *string `min:"1" type:"string" required:"true"` - // A list of CloudTrail event IDs. - // - // A populated field indicates that the current configuration was initiated - // by the events recorded in the CloudTrail log. For more information about - // CloudTrail, see What Is AWS CloudTrail (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html). + // ID of the conformance pack. // - // An empty field indicates that the current configuration was not initiated - // by any event. - RelatedEvents []*string `locationName:"relatedEvents" type:"list"` - - // A list of related AWS resources. - Relationships []*Relationship `locationName:"relationships" type:"list"` - - // The time stamp when the resource was created. - ResourceCreationTime *time.Time `locationName:"resourceCreationTime" type:"timestamp"` + // ConformancePackId is a required field + ConformancePackId *string `min:"1" type:"string" required:"true"` - // The ID of the resource (for example, sg-xxxxxx). - ResourceId *string `locationName:"resourceId" min:"1" type:"string"` + // A list of ConformancePackInputParameter objects. + ConformancePackInputParameters []*ConformancePackInputParameter `type:"list"` - // The custom name of the resource, if available. - ResourceName *string `locationName:"resourceName" type:"string"` + // Name of the conformance pack. + // + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` - // The type of AWS resource. - ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"` + CreatedBy *string `min:"1" type:"string"` - // Configuration attributes that AWS Config returns for certain resource types - // to supplement the information returned for the configuration parameter. - SupplementaryConfiguration map[string]*string `locationName:"supplementaryConfiguration" type:"map"` + // Location of an Amazon S3 bucket where AWS Config can deliver evaluation results + // and conformance pack template that is used to create a pack. + // + // DeliveryS3Bucket is a required field + DeliveryS3Bucket *string `min:"3" type:"string" required:"true"` - // A mapping of key value tags associated with the resource. - Tags map[string]*string `locationName:"tags" type:"map"` + // Any folder structure you want to add to an Amazon S3 bucket. + DeliveryS3KeyPrefix *string `min:"1" type:"string"` - // The version number of the resource configuration. - Version *string `locationName:"version" type:"string"` + // Last time when conformation pack update was requested. + LastUpdateRequestedTime *time.Time `type:"timestamp"` } // String returns the string representation -func (s ConfigurationItem) String() string { +func (s ConformancePackDetail) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigurationItem) GoString() string { +func (s ConformancePackDetail) GoString() string { return s.String() } -// SetAccountId sets the AccountId field's value. -func (s *ConfigurationItem) SetAccountId(v string) *ConfigurationItem { - s.AccountId = &v +// SetConformancePackArn sets the ConformancePackArn field's value. +func (s *ConformancePackDetail) SetConformancePackArn(v string) *ConformancePackDetail { + s.ConformancePackArn = &v return s } -// SetArn sets the Arn field's value. -func (s *ConfigurationItem) SetArn(v string) *ConfigurationItem { - s.Arn = &v +// SetConformancePackId sets the ConformancePackId field's value. +func (s *ConformancePackDetail) SetConformancePackId(v string) *ConformancePackDetail { + s.ConformancePackId = &v return s } -// SetAvailabilityZone sets the AvailabilityZone field's value. -func (s *ConfigurationItem) SetAvailabilityZone(v string) *ConfigurationItem { - s.AvailabilityZone = &v +// SetConformancePackInputParameters sets the ConformancePackInputParameters field's value. +func (s *ConformancePackDetail) SetConformancePackInputParameters(v []*ConformancePackInputParameter) *ConformancePackDetail { + s.ConformancePackInputParameters = v return s } -// SetAwsRegion sets the AwsRegion field's value. -func (s *ConfigurationItem) SetAwsRegion(v string) *ConfigurationItem { - s.AwsRegion = &v +// SetConformancePackName sets the ConformancePackName field's value. +func (s *ConformancePackDetail) SetConformancePackName(v string) *ConformancePackDetail { + s.ConformancePackName = &v return s } -// SetConfiguration sets the Configuration field's value. -func (s *ConfigurationItem) SetConfiguration(v string) *ConfigurationItem { - s.Configuration = &v +// SetCreatedBy sets the CreatedBy field's value. +func (s *ConformancePackDetail) SetCreatedBy(v string) *ConformancePackDetail { + s.CreatedBy = &v return s } -// SetConfigurationItemCaptureTime sets the ConfigurationItemCaptureTime field's value. -func (s *ConfigurationItem) SetConfigurationItemCaptureTime(v time.Time) *ConfigurationItem { - s.ConfigurationItemCaptureTime = &v +// SetDeliveryS3Bucket sets the DeliveryS3Bucket field's value. +func (s *ConformancePackDetail) SetDeliveryS3Bucket(v string) *ConformancePackDetail { + s.DeliveryS3Bucket = &v return s } -// SetConfigurationItemMD5Hash sets the ConfigurationItemMD5Hash field's value. -func (s *ConfigurationItem) SetConfigurationItemMD5Hash(v string) *ConfigurationItem { - s.ConfigurationItemMD5Hash = &v +// SetDeliveryS3KeyPrefix sets the DeliveryS3KeyPrefix field's value. +func (s *ConformancePackDetail) SetDeliveryS3KeyPrefix(v string) *ConformancePackDetail { + s.DeliveryS3KeyPrefix = &v return s } -// SetConfigurationItemStatus sets the ConfigurationItemStatus field's value. -func (s *ConfigurationItem) SetConfigurationItemStatus(v string) *ConfigurationItem { - s.ConfigurationItemStatus = &v +// SetLastUpdateRequestedTime sets the LastUpdateRequestedTime field's value. +func (s *ConformancePackDetail) SetLastUpdateRequestedTime(v time.Time) *ConformancePackDetail { + s.LastUpdateRequestedTime = &v + return s +} + +// Filters a conformance pack by AWS Config rule names, compliance types, AWS +// resource types, and resource IDs. +type ConformancePackEvaluationFilters struct { + _ struct{} `type:"structure"` + + // Filters the results by compliance. + // + // The allowed values are COMPLIANT and NON_COMPLIANT. + ComplianceType *string `type:"string" enum:"ConformancePackComplianceType"` + + // Filters the results by AWS Config rule names. + ConfigRuleNames []*string `type:"list"` + + // Filters the results by resource IDs. + ResourceIds []*string `type:"list"` + + // Filters the results by the resource type (for example, "AWS::EC2::Instance"). + ResourceType *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s ConformancePackEvaluationFilters) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ConformancePackEvaluationFilters) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ConformancePackEvaluationFilters) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ConformancePackEvaluationFilters"} + if s.ResourceType != nil && len(*s.ResourceType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetComplianceType sets the ComplianceType field's value. +func (s *ConformancePackEvaluationFilters) SetComplianceType(v string) *ConformancePackEvaluationFilters { + s.ComplianceType = &v return s } -// SetConfigurationStateId sets the ConfigurationStateId field's value. -func (s *ConfigurationItem) SetConfigurationStateId(v string) *ConfigurationItem { - s.ConfigurationStateId = &v +// SetConfigRuleNames sets the ConfigRuleNames field's value. +func (s *ConformancePackEvaluationFilters) SetConfigRuleNames(v []*string) *ConformancePackEvaluationFilters { + s.ConfigRuleNames = v return s } -// SetRelatedEvents sets the RelatedEvents field's value. -func (s *ConfigurationItem) SetRelatedEvents(v []*string) *ConfigurationItem { - s.RelatedEvents = v +// SetResourceIds sets the ResourceIds field's value. +func (s *ConformancePackEvaluationFilters) SetResourceIds(v []*string) *ConformancePackEvaluationFilters { + s.ResourceIds = v return s } -// SetRelationships sets the Relationships field's value. -func (s *ConfigurationItem) SetRelationships(v []*Relationship) *ConfigurationItem { - s.Relationships = v +// SetResourceType sets the ResourceType field's value. +func (s *ConformancePackEvaluationFilters) SetResourceType(v string) *ConformancePackEvaluationFilters { + s.ResourceType = &v return s } -// SetResourceCreationTime sets the ResourceCreationTime field's value. -func (s *ConfigurationItem) SetResourceCreationTime(v time.Time) *ConfigurationItem { - s.ResourceCreationTime = &v - return s +// The details of a conformance pack evaluation. Provides AWS Config rule and +// AWS resource type that was evaluated, the compliance of the conformance pack, +// related time stamps, and supplementary information. +type ConformancePackEvaluationResult struct { + _ struct{} `type:"structure"` + + // Supplementary information about how the evaluation determined the compliance. + Annotation *string `type:"string"` + + // Filters the results by compliance. + // + // The allowed values are COMPLIANT and NON_COMPLIANT. + // + // ComplianceType is a required field + ComplianceType *string `type:"string" required:"true" enum:"ConformancePackComplianceType"` + + // The time when AWS Config rule evaluated AWS resource. + // + // ConfigRuleInvokedTime is a required field + ConfigRuleInvokedTime *time.Time `type:"timestamp" required:"true"` + + // Uniquely identifies an evaluation result. + // + // EvaluationResultIdentifier is a required field + EvaluationResultIdentifier *EvaluationResultIdentifier `type:"structure" required:"true"` + + // The time when AWS Config recorded the evaluation result. + // + // ResultRecordedTime is a required field + ResultRecordedTime *time.Time `type:"timestamp" required:"true"` } -// SetResourceId sets the ResourceId field's value. -func (s *ConfigurationItem) SetResourceId(v string) *ConfigurationItem { - s.ResourceId = &v - return s +// String returns the string representation +func (s ConformancePackEvaluationResult) String() string { + return awsutil.Prettify(s) } -// SetResourceName sets the ResourceName field's value. -func (s *ConfigurationItem) SetResourceName(v string) *ConfigurationItem { - s.ResourceName = &v +// GoString returns the string representation +func (s ConformancePackEvaluationResult) GoString() string { + return s.String() +} + +// SetAnnotation sets the Annotation field's value. +func (s *ConformancePackEvaluationResult) SetAnnotation(v string) *ConformancePackEvaluationResult { + s.Annotation = &v return s } -// SetResourceType sets the ResourceType field's value. -func (s *ConfigurationItem) SetResourceType(v string) *ConfigurationItem { - s.ResourceType = &v +// SetComplianceType sets the ComplianceType field's value. +func (s *ConformancePackEvaluationResult) SetComplianceType(v string) *ConformancePackEvaluationResult { + s.ComplianceType = &v return s } -// SetSupplementaryConfiguration sets the SupplementaryConfiguration field's value. -func (s *ConfigurationItem) SetSupplementaryConfiguration(v map[string]*string) *ConfigurationItem { - s.SupplementaryConfiguration = v +// SetConfigRuleInvokedTime sets the ConfigRuleInvokedTime field's value. +func (s *ConformancePackEvaluationResult) SetConfigRuleInvokedTime(v time.Time) *ConformancePackEvaluationResult { + s.ConfigRuleInvokedTime = &v return s } -// SetTags sets the Tags field's value. -func (s *ConfigurationItem) SetTags(v map[string]*string) *ConfigurationItem { - s.Tags = v +// SetEvaluationResultIdentifier sets the EvaluationResultIdentifier field's value. +func (s *ConformancePackEvaluationResult) SetEvaluationResultIdentifier(v *EvaluationResultIdentifier) *ConformancePackEvaluationResult { + s.EvaluationResultIdentifier = v return s } -// SetVersion sets the Version field's value. -func (s *ConfigurationItem) SetVersion(v string) *ConfigurationItem { - s.Version = &v +// SetResultRecordedTime sets the ResultRecordedTime field's value. +func (s *ConformancePackEvaluationResult) SetResultRecordedTime(v time.Time) *ConformancePackEvaluationResult { + s.ResultRecordedTime = &v return s } -// An object that represents the recording of configuration changes of an AWS -// resource. -type ConfigurationRecorder struct { +// Input parameters in the form of key-value pairs for the conformance pack, +// both of which you define. Keys can have a maximum character length of 128 +// characters, and values can have a maximum length of 256 characters. +type ConformancePackInputParameter struct { _ struct{} `type:"structure"` - // The name of the recorder. By default, AWS Config automatically assigns the - // name "default" when creating the configuration recorder. You cannot change - // the assigned name. - Name *string `locationName:"name" min:"1" type:"string"` - - // Specifies the types of AWS resources for which AWS Config records configuration - // changes. - RecordingGroup *RecordingGroup `locationName:"recordingGroup" type:"structure"` + // One part of a key-value pair. + // + // ParameterName is a required field + ParameterName *string `type:"string" required:"true"` - // Amazon Resource Name (ARN) of the IAM role used to describe the AWS resources - // associated with the account. - RoleARN *string `locationName:"roleARN" type:"string"` + // Another part of the key-value pair. + // + // ParameterValue is a required field + ParameterValue *string `type:"string" required:"true"` } // String returns the string representation -func (s ConfigurationRecorder) String() string { +func (s ConformancePackInputParameter) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigurationRecorder) GoString() string { +func (s ConformancePackInputParameter) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ConfigurationRecorder) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ConfigurationRecorder"} - if s.Name != nil && len(*s.Name) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Name", 1)) +func (s *ConformancePackInputParameter) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ConformancePackInputParameter"} + if s.ParameterName == nil { + invalidParams.Add(request.NewErrParamRequired("ParameterName")) + } + if s.ParameterValue == nil { + invalidParams.Add(request.NewErrParamRequired("ParameterValue")) } if invalidParams.Len() > 0 { @@ -8232,108 +10036,164 @@ func (s *ConfigurationRecorder) Validate() error { return nil } -// SetName sets the Name field's value. -func (s *ConfigurationRecorder) SetName(v string) *ConfigurationRecorder { - s.Name = &v +// SetParameterName sets the ParameterName field's value. +func (s *ConformancePackInputParameter) SetParameterName(v string) *ConformancePackInputParameter { + s.ParameterName = &v return s } -// SetRecordingGroup sets the RecordingGroup field's value. -func (s *ConfigurationRecorder) SetRecordingGroup(v *RecordingGroup) *ConfigurationRecorder { - s.RecordingGroup = v +// SetParameterValue sets the ParameterValue field's value. +func (s *ConformancePackInputParameter) SetParameterValue(v string) *ConformancePackInputParameter { + s.ParameterValue = &v return s } -// SetRoleARN sets the RoleARN field's value. -func (s *ConfigurationRecorder) SetRoleARN(v string) *ConfigurationRecorder { - s.RoleARN = &v +// Compliance information of one or more AWS Config rules within a conformance +// pack. You can filter using AWS Config rule names and compliance types. +type ConformancePackRuleCompliance struct { + _ struct{} `type:"structure"` + + // Filters the results by compliance. + // + // The allowed values are COMPLIANT and NON_COMPLIANT. + ComplianceType *string `type:"string" enum:"ConformancePackComplianceType"` + + // Filters the results by AWS Config rule name. + ConfigRuleName *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s ConformancePackRuleCompliance) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ConformancePackRuleCompliance) GoString() string { + return s.String() +} + +// SetComplianceType sets the ComplianceType field's value. +func (s *ConformancePackRuleCompliance) SetComplianceType(v string) *ConformancePackRuleCompliance { + s.ComplianceType = &v return s } -// The current status of the configuration recorder. -type ConfigurationRecorderStatus struct { +// SetConfigRuleName sets the ConfigRuleName field's value. +func (s *ConformancePackRuleCompliance) SetConfigRuleName(v string) *ConformancePackRuleCompliance { + s.ConfigRuleName = &v + return s +} + +// Status details of a conformance pack. +type ConformancePackStatusDetail struct { _ struct{} `type:"structure"` - // The error code indicating that the recording failed. - LastErrorCode *string `locationName:"lastErrorCode" type:"string"` + // Amazon Resource Name (ARN) of comformance pack. + // + // ConformancePackArn is a required field + ConformancePackArn *string `min:"1" type:"string" required:"true"` - // The message indicating that the recording failed due to an error. - LastErrorMessage *string `locationName:"lastErrorMessage" type:"string"` + // ID of the conformance pack. + // + // ConformancePackId is a required field + ConformancePackId *string `min:"1" type:"string" required:"true"` - // The time the recorder was last started. - LastStartTime *time.Time `locationName:"lastStartTime" type:"timestamp"` + // Name of the conformance pack. + // + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` - // The last (previous) status of the recorder. - LastStatus *string `locationName:"lastStatus" type:"string" enum:"RecorderStatus"` + // Indicates deployment status of conformance pack. + // + // AWS Config sets the state of the conformance pack to: + // + // * CREATE_IN_PROGRESS when a conformance pack creation is in progress for + // an account. + // + // * CREATE_COMPLETE when a conformance pack has been successfully created + // in your account. + // + // * CREATE_FAILED when a conformance pack creation failed in your account. + // + // * DELETE_IN_PROGRESS when a conformance pack deletion is in progress. + // + // * DELETE_FAILED when a conformance pack deletion failed from your account. + // + // ConformancePackState is a required field + ConformancePackState *string `type:"string" required:"true" enum:"ConformancePackState"` - // The time when the status was last changed. - LastStatusChangeTime *time.Time `locationName:"lastStatusChangeTime" type:"timestamp"` + // The reason of conformance pack creation failure. + ConformancePackStatusReason *string `type:"string"` - // The time the recorder was last stopped. - LastStopTime *time.Time `locationName:"lastStopTime" type:"timestamp"` + // Last time when conformation pack creation and update was successful. + LastUpdateCompletedTime *time.Time `type:"timestamp"` - // The name of the configuration recorder. - Name *string `locationName:"name" type:"string"` + // Last time when conformation pack creation and update was requested. + // + // LastUpdateRequestedTime is a required field + LastUpdateRequestedTime *time.Time `type:"timestamp" required:"true"` - // Specifies whether or not the recorder is currently recording. - Recording *bool `locationName:"recording" type:"boolean"` + // Amazon Resource Name (ARN) of AWS CloudFormation stack. + // + // StackArn is a required field + StackArn *string `min:"1" type:"string" required:"true"` } // String returns the string representation -func (s ConfigurationRecorderStatus) String() string { +func (s ConformancePackStatusDetail) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s ConfigurationRecorderStatus) GoString() string { +func (s ConformancePackStatusDetail) GoString() string { return s.String() } -// SetLastErrorCode sets the LastErrorCode field's value. -func (s *ConfigurationRecorderStatus) SetLastErrorCode(v string) *ConfigurationRecorderStatus { - s.LastErrorCode = &v +// SetConformancePackArn sets the ConformancePackArn field's value. +func (s *ConformancePackStatusDetail) SetConformancePackArn(v string) *ConformancePackStatusDetail { + s.ConformancePackArn = &v return s } -// SetLastErrorMessage sets the LastErrorMessage field's value. -func (s *ConfigurationRecorderStatus) SetLastErrorMessage(v string) *ConfigurationRecorderStatus { - s.LastErrorMessage = &v +// SetConformancePackId sets the ConformancePackId field's value. +func (s *ConformancePackStatusDetail) SetConformancePackId(v string) *ConformancePackStatusDetail { + s.ConformancePackId = &v return s } -// SetLastStartTime sets the LastStartTime field's value. -func (s *ConfigurationRecorderStatus) SetLastStartTime(v time.Time) *ConfigurationRecorderStatus { - s.LastStartTime = &v +// SetConformancePackName sets the ConformancePackName field's value. +func (s *ConformancePackStatusDetail) SetConformancePackName(v string) *ConformancePackStatusDetail { + s.ConformancePackName = &v return s } -// SetLastStatus sets the LastStatus field's value. -func (s *ConfigurationRecorderStatus) SetLastStatus(v string) *ConfigurationRecorderStatus { - s.LastStatus = &v +// SetConformancePackState sets the ConformancePackState field's value. +func (s *ConformancePackStatusDetail) SetConformancePackState(v string) *ConformancePackStatusDetail { + s.ConformancePackState = &v return s } -// SetLastStatusChangeTime sets the LastStatusChangeTime field's value. -func (s *ConfigurationRecorderStatus) SetLastStatusChangeTime(v time.Time) *ConfigurationRecorderStatus { - s.LastStatusChangeTime = &v +// SetConformancePackStatusReason sets the ConformancePackStatusReason field's value. +func (s *ConformancePackStatusDetail) SetConformancePackStatusReason(v string) *ConformancePackStatusDetail { + s.ConformancePackStatusReason = &v return s } -// SetLastStopTime sets the LastStopTime field's value. -func (s *ConfigurationRecorderStatus) SetLastStopTime(v time.Time) *ConfigurationRecorderStatus { - s.LastStopTime = &v +// SetLastUpdateCompletedTime sets the LastUpdateCompletedTime field's value. +func (s *ConformancePackStatusDetail) SetLastUpdateCompletedTime(v time.Time) *ConformancePackStatusDetail { + s.LastUpdateCompletedTime = &v return s } -// SetName sets the Name field's value. -func (s *ConfigurationRecorderStatus) SetName(v string) *ConfigurationRecorderStatus { - s.Name = &v +// SetLastUpdateRequestedTime sets the LastUpdateRequestedTime field's value. +func (s *ConformancePackStatusDetail) SetLastUpdateRequestedTime(v time.Time) *ConformancePackStatusDetail { + s.LastUpdateRequestedTime = &v return s } -// SetRecording sets the Recording field's value. -func (s *ConfigurationRecorderStatus) SetRecording(v bool) *ConfigurationRecorderStatus { - s.Recording = &v +// SetStackArn sets the StackArn field's value. +func (s *ConformancePackStatusDetail) SetStackArn(v string) *ConformancePackStatusDetail { + s.StackArn = &v return s } @@ -8574,6 +10434,61 @@ func (s DeleteConfigurationRecorderOutput) GoString() string { return s.String() } +type DeleteConformancePackInput struct { + _ struct{} `type:"structure"` + + // Name of the conformance pack you want to delete. + // + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteConformancePackInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteConformancePackInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteConformancePackInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteConformancePackInput"} + if s.ConformancePackName == nil { + invalidParams.Add(request.NewErrParamRequired("ConformancePackName")) + } + if s.ConformancePackName != nil && len(*s.ConformancePackName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConformancePackName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConformancePackName sets the ConformancePackName field's value. +func (s *DeleteConformancePackInput) SetConformancePackName(v string) *DeleteConformancePackInput { + s.ConformancePackName = &v + return s +} + +type DeleteConformancePackOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s DeleteConformancePackOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteConformancePackOutput) GoString() string { + return s.String() +} + // The input for the DeleteDeliveryChannel action. The action accepts the following // data, in JSON format. type DeleteDeliveryChannelInput struct { @@ -8744,6 +10659,61 @@ func (s DeleteOrganizationConfigRuleOutput) GoString() string { return s.String() } +type DeleteOrganizationConformancePackInput struct { + _ struct{} `type:"structure"` + + // The name of organization conformance pack that you want to delete. + // + // OrganizationConformancePackName is a required field + OrganizationConformancePackName *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteOrganizationConformancePackInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteOrganizationConformancePackInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteOrganizationConformancePackInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteOrganizationConformancePackInput"} + if s.OrganizationConformancePackName == nil { + invalidParams.Add(request.NewErrParamRequired("OrganizationConformancePackName")) + } + if s.OrganizationConformancePackName != nil && len(*s.OrganizationConformancePackName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("OrganizationConformancePackName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetOrganizationConformancePackName sets the OrganizationConformancePackName field's value. +func (s *DeleteOrganizationConformancePackInput) SetOrganizationConformancePackName(v string) *DeleteOrganizationConformancePackInput { + s.OrganizationConformancePackName = &v + return s +} + +type DeleteOrganizationConformancePackOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s DeleteOrganizationConformancePackOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteOrganizationConformancePackOutput) GoString() string { + return s.String() +} + type DeletePendingAggregationRequestInput struct { _ struct{} `type:"structure"` @@ -9523,23 +11493,293 @@ type DescribeComplianceByResourceInput struct { } // String returns the string representation -func (s DescribeComplianceByResourceInput) String() string { +func (s DescribeComplianceByResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeComplianceByResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeComplianceByResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeComplianceByResourceInput"} + if s.ResourceId != nil && len(*s.ResourceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceId", 1)) + } + if s.ResourceType != nil && len(*s.ResourceType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetComplianceTypes sets the ComplianceTypes field's value. +func (s *DescribeComplianceByResourceInput) SetComplianceTypes(v []*string) *DescribeComplianceByResourceInput { + s.ComplianceTypes = v + return s +} + +// SetLimit sets the Limit field's value. +func (s *DescribeComplianceByResourceInput) SetLimit(v int64) *DescribeComplianceByResourceInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeComplianceByResourceInput) SetNextToken(v string) *DescribeComplianceByResourceInput { + s.NextToken = &v + return s +} + +// SetResourceId sets the ResourceId field's value. +func (s *DescribeComplianceByResourceInput) SetResourceId(v string) *DescribeComplianceByResourceInput { + s.ResourceId = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *DescribeComplianceByResourceInput) SetResourceType(v string) *DescribeComplianceByResourceInput { + s.ResourceType = &v + return s +} + +type DescribeComplianceByResourceOutput struct { + _ struct{} `type:"structure"` + + // Indicates whether the specified AWS resource complies with all of the AWS + // Config rules that evaluate it. + ComplianceByResources []*ComplianceByResource `type:"list"` + + // The string that you use in a subsequent request to get the next page of results + // in a paginated response. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeComplianceByResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeComplianceByResourceOutput) GoString() string { + return s.String() +} + +// SetComplianceByResources sets the ComplianceByResources field's value. +func (s *DescribeComplianceByResourceOutput) SetComplianceByResources(v []*ComplianceByResource) *DescribeComplianceByResourceOutput { + s.ComplianceByResources = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeComplianceByResourceOutput) SetNextToken(v string) *DescribeComplianceByResourceOutput { + s.NextToken = &v + return s +} + +type DescribeConfigRuleEvaluationStatusInput struct { + _ struct{} `type:"structure"` + + // The name of the AWS managed Config rules for which you want status information. + // If you do not specify any names, AWS Config returns status information for + // all AWS managed Config rules that you use. + ConfigRuleNames []*string `type:"list"` + + // The number of rule evaluation results that you want returned. + // + // This parameter is required if the rule limit for your account is more than + // the default of 150 rules. + // + // For information about requesting a rule limit increase, see AWS Config Limits + // (http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_config) + // in the AWS General Reference Guide. + Limit *int64 `type:"integer"` + + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeConfigRuleEvaluationStatusInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeConfigRuleEvaluationStatusInput) GoString() string { + return s.String() +} + +// SetConfigRuleNames sets the ConfigRuleNames field's value. +func (s *DescribeConfigRuleEvaluationStatusInput) SetConfigRuleNames(v []*string) *DescribeConfigRuleEvaluationStatusInput { + s.ConfigRuleNames = v + return s +} + +// SetLimit sets the Limit field's value. +func (s *DescribeConfigRuleEvaluationStatusInput) SetLimit(v int64) *DescribeConfigRuleEvaluationStatusInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeConfigRuleEvaluationStatusInput) SetNextToken(v string) *DescribeConfigRuleEvaluationStatusInput { + s.NextToken = &v + return s +} + +type DescribeConfigRuleEvaluationStatusOutput struct { + _ struct{} `type:"structure"` + + // Status information about your AWS managed Config rules. + ConfigRulesEvaluationStatus []*ConfigRuleEvaluationStatus `type:"list"` + + // The string that you use in a subsequent request to get the next page of results + // in a paginated response. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeConfigRuleEvaluationStatusOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeConfigRuleEvaluationStatusOutput) GoString() string { + return s.String() +} + +// SetConfigRulesEvaluationStatus sets the ConfigRulesEvaluationStatus field's value. +func (s *DescribeConfigRuleEvaluationStatusOutput) SetConfigRulesEvaluationStatus(v []*ConfigRuleEvaluationStatus) *DescribeConfigRuleEvaluationStatusOutput { + s.ConfigRulesEvaluationStatus = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeConfigRuleEvaluationStatusOutput) SetNextToken(v string) *DescribeConfigRuleEvaluationStatusOutput { + s.NextToken = &v + return s +} + +type DescribeConfigRulesInput struct { + _ struct{} `type:"structure"` + + // The names of the AWS Config rules for which you want details. If you do not + // specify any names, AWS Config returns details for all your rules. + ConfigRuleNames []*string `type:"list"` + + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeConfigRulesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeConfigRulesInput) GoString() string { + return s.String() +} + +// SetConfigRuleNames sets the ConfigRuleNames field's value. +func (s *DescribeConfigRulesInput) SetConfigRuleNames(v []*string) *DescribeConfigRulesInput { + s.ConfigRuleNames = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeConfigRulesInput) SetNextToken(v string) *DescribeConfigRulesInput { + s.NextToken = &v + return s +} + +type DescribeConfigRulesOutput struct { + _ struct{} `type:"structure"` + + // The details about your AWS Config rules. + ConfigRules []*ConfigRule `type:"list"` + + // The string that you use in a subsequent request to get the next page of results + // in a paginated response. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeConfigRulesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeConfigRulesOutput) GoString() string { + return s.String() +} + +// SetConfigRules sets the ConfigRules field's value. +func (s *DescribeConfigRulesOutput) SetConfigRules(v []*ConfigRule) *DescribeConfigRulesOutput { + s.ConfigRules = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeConfigRulesOutput) SetNextToken(v string) *DescribeConfigRulesOutput { + s.NextToken = &v + return s +} + +type DescribeConfigurationAggregatorSourcesStatusInput struct { + _ struct{} `type:"structure"` + + // The name of the configuration aggregator. + // + // ConfigurationAggregatorName is a required field + ConfigurationAggregatorName *string `min:"1" type:"string" required:"true"` + + // The maximum number of AggregatorSourceStatus returned on each page. The default + // is maximum. If you specify 0, AWS Config uses the default. + Limit *int64 `type:"integer"` + + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. + NextToken *string `type:"string"` + + // Filters the status type. + // + // * Valid value FAILED indicates errors while moving data. + // + // * Valid value SUCCEEDED indicates the data was successfully moved. + // + // * Valid value OUTDATED indicates the data is not the most recent. + UpdateStatus []*string `min:"1" type:"list"` +} + +// String returns the string representation +func (s DescribeConfigurationAggregatorSourcesStatusInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeComplianceByResourceInput) GoString() string { +func (s DescribeConfigurationAggregatorSourcesStatusInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeComplianceByResourceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeComplianceByResourceInput"} - if s.ResourceId != nil && len(*s.ResourceId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceId", 1)) +func (s *DescribeConfigurationAggregatorSourcesStatusInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeConfigurationAggregatorSourcesStatusInput"} + if s.ConfigurationAggregatorName == nil { + invalidParams.Add(request.NewErrParamRequired("ConfigurationAggregatorName")) } - if s.ResourceType != nil && len(*s.ResourceType) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1)) + if s.ConfigurationAggregatorName != nil && len(*s.ConfigurationAggregatorName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConfigurationAggregatorName", 1)) + } + if s.UpdateStatus != nil && len(s.UpdateStatus) < 1 { + invalidParams.Add(request.NewErrParamMinLen("UpdateStatus", 1)) } if invalidParams.Len() > 0 { @@ -9548,86 +11788,71 @@ func (s *DescribeComplianceByResourceInput) Validate() error { return nil } -// SetComplianceTypes sets the ComplianceTypes field's value. -func (s *DescribeComplianceByResourceInput) SetComplianceTypes(v []*string) *DescribeComplianceByResourceInput { - s.ComplianceTypes = v +// SetConfigurationAggregatorName sets the ConfigurationAggregatorName field's value. +func (s *DescribeConfigurationAggregatorSourcesStatusInput) SetConfigurationAggregatorName(v string) *DescribeConfigurationAggregatorSourcesStatusInput { + s.ConfigurationAggregatorName = &v return s } // SetLimit sets the Limit field's value. -func (s *DescribeComplianceByResourceInput) SetLimit(v int64) *DescribeComplianceByResourceInput { +func (s *DescribeConfigurationAggregatorSourcesStatusInput) SetLimit(v int64) *DescribeConfigurationAggregatorSourcesStatusInput { s.Limit = &v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeComplianceByResourceInput) SetNextToken(v string) *DescribeComplianceByResourceInput { +func (s *DescribeConfigurationAggregatorSourcesStatusInput) SetNextToken(v string) *DescribeConfigurationAggregatorSourcesStatusInput { s.NextToken = &v return s } -// SetResourceId sets the ResourceId field's value. -func (s *DescribeComplianceByResourceInput) SetResourceId(v string) *DescribeComplianceByResourceInput { - s.ResourceId = &v - return s -} - -// SetResourceType sets the ResourceType field's value. -func (s *DescribeComplianceByResourceInput) SetResourceType(v string) *DescribeComplianceByResourceInput { - s.ResourceType = &v +// SetUpdateStatus sets the UpdateStatus field's value. +func (s *DescribeConfigurationAggregatorSourcesStatusInput) SetUpdateStatus(v []*string) *DescribeConfigurationAggregatorSourcesStatusInput { + s.UpdateStatus = v return s } -type DescribeComplianceByResourceOutput struct { +type DescribeConfigurationAggregatorSourcesStatusOutput struct { _ struct{} `type:"structure"` - // Indicates whether the specified AWS resource complies with all of the AWS - // Config rules that evaluate it. - ComplianceByResources []*ComplianceByResource `type:"list"` + // Returns an AggregatedSourceStatus object. + AggregatedSourceStatusList []*AggregatedSourceStatus `type:"list"` - // The string that you use in a subsequent request to get the next page of results - // in a paginated response. + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. NextToken *string `type:"string"` } // String returns the string representation -func (s DescribeComplianceByResourceOutput) String() string { +func (s DescribeConfigurationAggregatorSourcesStatusOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeComplianceByResourceOutput) GoString() string { +func (s DescribeConfigurationAggregatorSourcesStatusOutput) GoString() string { return s.String() } -// SetComplianceByResources sets the ComplianceByResources field's value. -func (s *DescribeComplianceByResourceOutput) SetComplianceByResources(v []*ComplianceByResource) *DescribeComplianceByResourceOutput { - s.ComplianceByResources = v +// SetAggregatedSourceStatusList sets the AggregatedSourceStatusList field's value. +func (s *DescribeConfigurationAggregatorSourcesStatusOutput) SetAggregatedSourceStatusList(v []*AggregatedSourceStatus) *DescribeConfigurationAggregatorSourcesStatusOutput { + s.AggregatedSourceStatusList = v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeComplianceByResourceOutput) SetNextToken(v string) *DescribeComplianceByResourceOutput { +func (s *DescribeConfigurationAggregatorSourcesStatusOutput) SetNextToken(v string) *DescribeConfigurationAggregatorSourcesStatusOutput { s.NextToken = &v return s } -type DescribeConfigRuleEvaluationStatusInput struct { +type DescribeConfigurationAggregatorsInput struct { _ struct{} `type:"structure"` - // The name of the AWS managed Config rules for which you want status information. - // If you do not specify any names, AWS Config returns status information for - // all AWS managed Config rules that you use. - ConfigRuleNames []*string `type:"list"` + // The name of the configuration aggregators. + ConfigurationAggregatorNames []*string `type:"list"` - // The number of rule evaluation results that you want returned. - // - // This parameter is required if the rule limit for your account is more than - // the default of 150 rules. - // - // For information about requesting a rule limit increase, see AWS Config Limits - // (http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_config) - // in the AWS General Reference Guide. + // The maximum number of configuration aggregators returned on each page. The + // default is maximum. If you specify 0, AWS Config uses the default. Limit *int64 `type:"integer"` // The nextToken string returned on a previous page that you use to get the @@ -9636,180 +11861,202 @@ type DescribeConfigRuleEvaluationStatusInput struct { } // String returns the string representation -func (s DescribeConfigRuleEvaluationStatusInput) String() string { +func (s DescribeConfigurationAggregatorsInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigRuleEvaluationStatusInput) GoString() string { +func (s DescribeConfigurationAggregatorsInput) GoString() string { return s.String() } -// SetConfigRuleNames sets the ConfigRuleNames field's value. -func (s *DescribeConfigRuleEvaluationStatusInput) SetConfigRuleNames(v []*string) *DescribeConfigRuleEvaluationStatusInput { - s.ConfigRuleNames = v +// SetConfigurationAggregatorNames sets the ConfigurationAggregatorNames field's value. +func (s *DescribeConfigurationAggregatorsInput) SetConfigurationAggregatorNames(v []*string) *DescribeConfigurationAggregatorsInput { + s.ConfigurationAggregatorNames = v return s } // SetLimit sets the Limit field's value. -func (s *DescribeConfigRuleEvaluationStatusInput) SetLimit(v int64) *DescribeConfigRuleEvaluationStatusInput { +func (s *DescribeConfigurationAggregatorsInput) SetLimit(v int64) *DescribeConfigurationAggregatorsInput { s.Limit = &v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeConfigRuleEvaluationStatusInput) SetNextToken(v string) *DescribeConfigRuleEvaluationStatusInput { +func (s *DescribeConfigurationAggregatorsInput) SetNextToken(v string) *DescribeConfigurationAggregatorsInput { s.NextToken = &v return s } -type DescribeConfigRuleEvaluationStatusOutput struct { +type DescribeConfigurationAggregatorsOutput struct { _ struct{} `type:"structure"` - // Status information about your AWS managed Config rules. - ConfigRulesEvaluationStatus []*ConfigRuleEvaluationStatus `type:"list"` + // Returns a ConfigurationAggregators object. + ConfigurationAggregators []*ConfigurationAggregator `type:"list"` - // The string that you use in a subsequent request to get the next page of results - // in a paginated response. + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. NextToken *string `type:"string"` } // String returns the string representation -func (s DescribeConfigRuleEvaluationStatusOutput) String() string { +func (s DescribeConfigurationAggregatorsOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigRuleEvaluationStatusOutput) GoString() string { +func (s DescribeConfigurationAggregatorsOutput) GoString() string { return s.String() } -// SetConfigRulesEvaluationStatus sets the ConfigRulesEvaluationStatus field's value. -func (s *DescribeConfigRuleEvaluationStatusOutput) SetConfigRulesEvaluationStatus(v []*ConfigRuleEvaluationStatus) *DescribeConfigRuleEvaluationStatusOutput { - s.ConfigRulesEvaluationStatus = v +// SetConfigurationAggregators sets the ConfigurationAggregators field's value. +func (s *DescribeConfigurationAggregatorsOutput) SetConfigurationAggregators(v []*ConfigurationAggregator) *DescribeConfigurationAggregatorsOutput { + s.ConfigurationAggregators = v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeConfigRuleEvaluationStatusOutput) SetNextToken(v string) *DescribeConfigRuleEvaluationStatusOutput { +func (s *DescribeConfigurationAggregatorsOutput) SetNextToken(v string) *DescribeConfigurationAggregatorsOutput { s.NextToken = &v return s } -type DescribeConfigRulesInput struct { +// The input for the DescribeConfigurationRecorderStatus action. +type DescribeConfigurationRecorderStatusInput struct { _ struct{} `type:"structure"` - // The names of the AWS Config rules for which you want details. If you do not - // specify any names, AWS Config returns details for all your rules. - ConfigRuleNames []*string `type:"list"` - - // The nextToken string returned on a previous page that you use to get the - // next page of results in a paginated response. - NextToken *string `type:"string"` + // The name(s) of the configuration recorder. If the name is not specified, + // the action returns the current status of all the configuration recorders + // associated with the account. + ConfigurationRecorderNames []*string `type:"list"` } // String returns the string representation -func (s DescribeConfigRulesInput) String() string { +func (s DescribeConfigurationRecorderStatusInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigRulesInput) GoString() string { +func (s DescribeConfigurationRecorderStatusInput) GoString() string { return s.String() } -// SetConfigRuleNames sets the ConfigRuleNames field's value. -func (s *DescribeConfigRulesInput) SetConfigRuleNames(v []*string) *DescribeConfigRulesInput { - s.ConfigRuleNames = v +// SetConfigurationRecorderNames sets the ConfigurationRecorderNames field's value. +func (s *DescribeConfigurationRecorderStatusInput) SetConfigurationRecorderNames(v []*string) *DescribeConfigurationRecorderStatusInput { + s.ConfigurationRecorderNames = v return s } -// SetNextToken sets the NextToken field's value. -func (s *DescribeConfigRulesInput) SetNextToken(v string) *DescribeConfigRulesInput { - s.NextToken = &v +// The output for the DescribeConfigurationRecorderStatus action, in JSON format. +type DescribeConfigurationRecorderStatusOutput struct { + _ struct{} `type:"structure"` + + // A list that contains status of the specified recorders. + ConfigurationRecordersStatus []*ConfigurationRecorderStatus `type:"list"` +} + +// String returns the string representation +func (s DescribeConfigurationRecorderStatusOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeConfigurationRecorderStatusOutput) GoString() string { + return s.String() +} + +// SetConfigurationRecordersStatus sets the ConfigurationRecordersStatus field's value. +func (s *DescribeConfigurationRecorderStatusOutput) SetConfigurationRecordersStatus(v []*ConfigurationRecorderStatus) *DescribeConfigurationRecorderStatusOutput { + s.ConfigurationRecordersStatus = v return s } -type DescribeConfigRulesOutput struct { +// The input for the DescribeConfigurationRecorders action. +type DescribeConfigurationRecordersInput struct { _ struct{} `type:"structure"` - // The details about your AWS Config rules. - ConfigRules []*ConfigRule `type:"list"` - - // The string that you use in a subsequent request to get the next page of results - // in a paginated response. - NextToken *string `type:"string"` + // A list of configuration recorder names. + ConfigurationRecorderNames []*string `type:"list"` } // String returns the string representation -func (s DescribeConfigRulesOutput) String() string { +func (s DescribeConfigurationRecordersInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigRulesOutput) GoString() string { +func (s DescribeConfigurationRecordersInput) GoString() string { return s.String() } -// SetConfigRules sets the ConfigRules field's value. -func (s *DescribeConfigRulesOutput) SetConfigRules(v []*ConfigRule) *DescribeConfigRulesOutput { - s.ConfigRules = v +// SetConfigurationRecorderNames sets the ConfigurationRecorderNames field's value. +func (s *DescribeConfigurationRecordersInput) SetConfigurationRecorderNames(v []*string) *DescribeConfigurationRecordersInput { + s.ConfigurationRecorderNames = v return s } -// SetNextToken sets the NextToken field's value. -func (s *DescribeConfigRulesOutput) SetNextToken(v string) *DescribeConfigRulesOutput { - s.NextToken = &v +// The output for the DescribeConfigurationRecorders action. +type DescribeConfigurationRecordersOutput struct { + _ struct{} `type:"structure"` + + // A list that contains the descriptions of the specified configuration recorders. + ConfigurationRecorders []*ConfigurationRecorder `type:"list"` +} + +// String returns the string representation +func (s DescribeConfigurationRecordersOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeConfigurationRecordersOutput) GoString() string { + return s.String() +} + +// SetConfigurationRecorders sets the ConfigurationRecorders field's value. +func (s *DescribeConfigurationRecordersOutput) SetConfigurationRecorders(v []*ConfigurationRecorder) *DescribeConfigurationRecordersOutput { + s.ConfigurationRecorders = v return s } -type DescribeConfigurationAggregatorSourcesStatusInput struct { +type DescribeConformancePackComplianceInput struct { _ struct{} `type:"structure"` - // The name of the configuration aggregator. + // Name of the conformance pack. // - // ConfigurationAggregatorName is a required field - ConfigurationAggregatorName *string `min:"1" type:"string" required:"true"` + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` - // The maximum number of AggregatorSourceStatus returned on each page. The default - // is maximum. If you specify 0, AWS Config uses the default. + // A ConformancePackComplianceFilters object. + Filters *ConformancePackComplianceFilters `type:"structure"` + + // The maximum number of AWS Config rules within a conformance pack are returned + // on each page. Limit *int64 `type:"integer"` - // The nextToken string returned on a previous page that you use to get the - // next page of results in a paginated response. + // The nextToken string returned in a previous request that you use to request + // the next page of results in a paginated response. NextToken *string `type:"string"` - - // Filters the status type. - // - // * Valid value FAILED indicates errors while moving data. - // - // * Valid value SUCCEEDED indicates the data was successfully moved. - // - // * Valid value OUTDATED indicates the data is not the most recent. - UpdateStatus []*string `min:"1" type:"list"` } // String returns the string representation -func (s DescribeConfigurationAggregatorSourcesStatusInput) String() string { +func (s DescribeConformancePackComplianceInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigurationAggregatorSourcesStatusInput) GoString() string { +func (s DescribeConformancePackComplianceInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeConfigurationAggregatorSourcesStatusInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeConfigurationAggregatorSourcesStatusInput"} - if s.ConfigurationAggregatorName == nil { - invalidParams.Add(request.NewErrParamRequired("ConfigurationAggregatorName")) +func (s *DescribeConformancePackComplianceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeConformancePackComplianceInput"} + if s.ConformancePackName == nil { + invalidParams.Add(request.NewErrParamRequired("ConformancePackName")) } - if s.ConfigurationAggregatorName != nil && len(*s.ConfigurationAggregatorName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ConfigurationAggregatorName", 1)) - } - if s.UpdateStatus != nil && len(s.UpdateStatus) < 1 { - invalidParams.Add(request.NewErrParamMinLen("UpdateStatus", 1)) + if s.ConformancePackName != nil && len(*s.ConformancePackName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConformancePackName", 1)) } if invalidParams.Len() > 0 { @@ -9818,234 +12065,225 @@ func (s *DescribeConfigurationAggregatorSourcesStatusInput) Validate() error { return nil } -// SetConfigurationAggregatorName sets the ConfigurationAggregatorName field's value. -func (s *DescribeConfigurationAggregatorSourcesStatusInput) SetConfigurationAggregatorName(v string) *DescribeConfigurationAggregatorSourcesStatusInput { - s.ConfigurationAggregatorName = &v +// SetConformancePackName sets the ConformancePackName field's value. +func (s *DescribeConformancePackComplianceInput) SetConformancePackName(v string) *DescribeConformancePackComplianceInput { + s.ConformancePackName = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeConformancePackComplianceInput) SetFilters(v *ConformancePackComplianceFilters) *DescribeConformancePackComplianceInput { + s.Filters = v return s } // SetLimit sets the Limit field's value. -func (s *DescribeConfigurationAggregatorSourcesStatusInput) SetLimit(v int64) *DescribeConfigurationAggregatorSourcesStatusInput { +func (s *DescribeConformancePackComplianceInput) SetLimit(v int64) *DescribeConformancePackComplianceInput { s.Limit = &v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeConfigurationAggregatorSourcesStatusInput) SetNextToken(v string) *DescribeConfigurationAggregatorSourcesStatusInput { +func (s *DescribeConformancePackComplianceInput) SetNextToken(v string) *DescribeConformancePackComplianceInput { s.NextToken = &v return s } -// SetUpdateStatus sets the UpdateStatus field's value. -func (s *DescribeConfigurationAggregatorSourcesStatusInput) SetUpdateStatus(v []*string) *DescribeConfigurationAggregatorSourcesStatusInput { - s.UpdateStatus = v - return s -} - -type DescribeConfigurationAggregatorSourcesStatusOutput struct { +type DescribeConformancePackComplianceOutput struct { _ struct{} `type:"structure"` - // Returns an AggregatedSourceStatus object. - AggregatedSourceStatusList []*AggregatedSourceStatus `type:"list"` + // Name of the conformance pack. + // + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` - // The nextToken string returned on a previous page that you use to get the - // next page of results in a paginated response. + // Returns a list of ConformancePackRuleCompliance objects. + // + // ConformancePackRuleComplianceList is a required field + ConformancePackRuleComplianceList []*ConformancePackRuleCompliance `type:"list" required:"true"` + + // The nextToken string returned in a previous request that you use to request + // the next page of results in a paginated response. NextToken *string `type:"string"` } // String returns the string representation -func (s DescribeConfigurationAggregatorSourcesStatusOutput) String() string { +func (s DescribeConformancePackComplianceOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigurationAggregatorSourcesStatusOutput) GoString() string { +func (s DescribeConformancePackComplianceOutput) GoString() string { return s.String() } -// SetAggregatedSourceStatusList sets the AggregatedSourceStatusList field's value. -func (s *DescribeConfigurationAggregatorSourcesStatusOutput) SetAggregatedSourceStatusList(v []*AggregatedSourceStatus) *DescribeConfigurationAggregatorSourcesStatusOutput { - s.AggregatedSourceStatusList = v +// SetConformancePackName sets the ConformancePackName field's value. +func (s *DescribeConformancePackComplianceOutput) SetConformancePackName(v string) *DescribeConformancePackComplianceOutput { + s.ConformancePackName = &v + return s +} + +// SetConformancePackRuleComplianceList sets the ConformancePackRuleComplianceList field's value. +func (s *DescribeConformancePackComplianceOutput) SetConformancePackRuleComplianceList(v []*ConformancePackRuleCompliance) *DescribeConformancePackComplianceOutput { + s.ConformancePackRuleComplianceList = v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeConfigurationAggregatorSourcesStatusOutput) SetNextToken(v string) *DescribeConfigurationAggregatorSourcesStatusOutput { +func (s *DescribeConformancePackComplianceOutput) SetNextToken(v string) *DescribeConformancePackComplianceOutput { s.NextToken = &v return s } -type DescribeConfigurationAggregatorsInput struct { +type DescribeConformancePackStatusInput struct { _ struct{} `type:"structure"` - // The name of the configuration aggregators. - ConfigurationAggregatorNames []*string `type:"list"` + // Comma-separated list of conformance pack names. + ConformancePackNames []*string `type:"list"` - // The maximum number of configuration aggregators returned on each page. The - // default is maximum. If you specify 0, AWS Config uses the default. + // The maximum number of conformance packs returned on each page. Limit *int64 `type:"integer"` - // The nextToken string returned on a previous page that you use to get the - // next page of results in a paginated response. + // The nextToken string returned in a previous request that you use to request + // the next page of results in a paginated response. NextToken *string `type:"string"` } // String returns the string representation -func (s DescribeConfigurationAggregatorsInput) String() string { +func (s DescribeConformancePackStatusInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigurationAggregatorsInput) GoString() string { +func (s DescribeConformancePackStatusInput) GoString() string { return s.String() } -// SetConfigurationAggregatorNames sets the ConfigurationAggregatorNames field's value. -func (s *DescribeConfigurationAggregatorsInput) SetConfigurationAggregatorNames(v []*string) *DescribeConfigurationAggregatorsInput { - s.ConfigurationAggregatorNames = v +// SetConformancePackNames sets the ConformancePackNames field's value. +func (s *DescribeConformancePackStatusInput) SetConformancePackNames(v []*string) *DescribeConformancePackStatusInput { + s.ConformancePackNames = v return s } // SetLimit sets the Limit field's value. -func (s *DescribeConfigurationAggregatorsInput) SetLimit(v int64) *DescribeConfigurationAggregatorsInput { +func (s *DescribeConformancePackStatusInput) SetLimit(v int64) *DescribeConformancePackStatusInput { s.Limit = &v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeConfigurationAggregatorsInput) SetNextToken(v string) *DescribeConfigurationAggregatorsInput { +func (s *DescribeConformancePackStatusInput) SetNextToken(v string) *DescribeConformancePackStatusInput { s.NextToken = &v return s } -type DescribeConfigurationAggregatorsOutput struct { +type DescribeConformancePackStatusOutput struct { _ struct{} `type:"structure"` - // Returns a ConfigurationAggregators object. - ConfigurationAggregators []*ConfigurationAggregator `type:"list"` + // A list of ConformancePackStatusDetail objects. + ConformancePackStatusDetails []*ConformancePackStatusDetail `type:"list"` - // The nextToken string returned on a previous page that you use to get the - // next page of results in a paginated response. + // The nextToken string returned in a previous request that you use to request + // the next page of results in a paginated response. NextToken *string `type:"string"` } // String returns the string representation -func (s DescribeConfigurationAggregatorsOutput) String() string { +func (s DescribeConformancePackStatusOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigurationAggregatorsOutput) GoString() string { +func (s DescribeConformancePackStatusOutput) GoString() string { return s.String() } -// SetConfigurationAggregators sets the ConfigurationAggregators field's value. -func (s *DescribeConfigurationAggregatorsOutput) SetConfigurationAggregators(v []*ConfigurationAggregator) *DescribeConfigurationAggregatorsOutput { - s.ConfigurationAggregators = v +// SetConformancePackStatusDetails sets the ConformancePackStatusDetails field's value. +func (s *DescribeConformancePackStatusOutput) SetConformancePackStatusDetails(v []*ConformancePackStatusDetail) *DescribeConformancePackStatusOutput { + s.ConformancePackStatusDetails = v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeConfigurationAggregatorsOutput) SetNextToken(v string) *DescribeConfigurationAggregatorsOutput { +func (s *DescribeConformancePackStatusOutput) SetNextToken(v string) *DescribeConformancePackStatusOutput { s.NextToken = &v return s } -// The input for the DescribeConfigurationRecorderStatus action. -type DescribeConfigurationRecorderStatusInput struct { +type DescribeConformancePacksInput struct { _ struct{} `type:"structure"` - // The name(s) of the configuration recorder. If the name is not specified, - // the action returns the current status of all the configuration recorders - // associated with the account. - ConfigurationRecorderNames []*string `type:"list"` + // Comma-separated list of conformance pack names for which you want details. + // If you do not specify any names, AWS Config returns details for all your + // conformance packs. + ConformancePackNames []*string `type:"list"` + + // The maximum number of conformance packs returned on each page. + Limit *int64 `type:"integer"` + + // The nextToken string returned in a previous request that you use to request + // the next page of results in a paginated response. + NextToken *string `type:"string"` } // String returns the string representation -func (s DescribeConfigurationRecorderStatusInput) String() string { +func (s DescribeConformancePacksInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigurationRecorderStatusInput) GoString() string { +func (s DescribeConformancePacksInput) GoString() string { return s.String() } -// SetConfigurationRecorderNames sets the ConfigurationRecorderNames field's value. -func (s *DescribeConfigurationRecorderStatusInput) SetConfigurationRecorderNames(v []*string) *DescribeConfigurationRecorderStatusInput { - s.ConfigurationRecorderNames = v +// SetConformancePackNames sets the ConformancePackNames field's value. +func (s *DescribeConformancePacksInput) SetConformancePackNames(v []*string) *DescribeConformancePacksInput { + s.ConformancePackNames = v return s } -// The output for the DescribeConfigurationRecorderStatus action, in JSON format. -type DescribeConfigurationRecorderStatusOutput struct { - _ struct{} `type:"structure"` - - // A list that contains status of the specified recorders. - ConfigurationRecordersStatus []*ConfigurationRecorderStatus `type:"list"` -} - -// String returns the string representation -func (s DescribeConfigurationRecorderStatusOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DescribeConfigurationRecorderStatusOutput) GoString() string { - return s.String() +// SetLimit sets the Limit field's value. +func (s *DescribeConformancePacksInput) SetLimit(v int64) *DescribeConformancePacksInput { + s.Limit = &v + return s } -// SetConfigurationRecordersStatus sets the ConfigurationRecordersStatus field's value. -func (s *DescribeConfigurationRecorderStatusOutput) SetConfigurationRecordersStatus(v []*ConfigurationRecorderStatus) *DescribeConfigurationRecorderStatusOutput { - s.ConfigurationRecordersStatus = v +// SetNextToken sets the NextToken field's value. +func (s *DescribeConformancePacksInput) SetNextToken(v string) *DescribeConformancePacksInput { + s.NextToken = &v return s } -// The input for the DescribeConfigurationRecorders action. -type DescribeConfigurationRecordersInput struct { +type DescribeConformancePacksOutput struct { _ struct{} `type:"structure"` - // A list of configuration recorder names. - ConfigurationRecorderNames []*string `type:"list"` + // Returns a list of ConformancePackDetail objects. + ConformancePackDetails []*ConformancePackDetail `type:"list"` + + // The nextToken string returned in a previous request that you use to request + // the next page of results in a paginated response. + NextToken *string `type:"string"` } // String returns the string representation -func (s DescribeConfigurationRecordersInput) String() string { +func (s DescribeConformancePacksOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s DescribeConfigurationRecordersInput) GoString() string { +func (s DescribeConformancePacksOutput) GoString() string { return s.String() } -// SetConfigurationRecorderNames sets the ConfigurationRecorderNames field's value. -func (s *DescribeConfigurationRecordersInput) SetConfigurationRecorderNames(v []*string) *DescribeConfigurationRecordersInput { - s.ConfigurationRecorderNames = v +// SetConformancePackDetails sets the ConformancePackDetails field's value. +func (s *DescribeConformancePacksOutput) SetConformancePackDetails(v []*ConformancePackDetail) *DescribeConformancePacksOutput { + s.ConformancePackDetails = v return s } -// The output for the DescribeConfigurationRecorders action. -type DescribeConfigurationRecordersOutput struct { - _ struct{} `type:"structure"` - - // A list that contains the descriptions of the specified configuration recorders. - ConfigurationRecorders []*ConfigurationRecorder `type:"list"` -} - -// String returns the string representation -func (s DescribeConfigurationRecordersOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DescribeConfigurationRecordersOutput) GoString() string { - return s.String() -} - -// SetConfigurationRecorders sets the ConfigurationRecorders field's value. -func (s *DescribeConfigurationRecordersOutput) SetConfigurationRecorders(v []*ConfigurationRecorder) *DescribeConfigurationRecordersOutput { - s.ConfigurationRecorders = v +// SetNextToken sets the NextToken field's value. +func (s *DescribeConformancePacksOutput) SetNextToken(v string) *DescribeConformancePacksOutput { + s.NextToken = &v return s } @@ -10276,7 +12514,7 @@ type DescribeOrganizationConfigRulesOutput struct { // next page of results in a paginated response. NextToken *string `type:"string"` - // Retuns a list OrganizationConfigRule objects. + // Returns a list of OrganizationConfigRule objects. OrganizationConfigRules []*OrganizationConfigRule `type:"list"` } @@ -10291,14 +12529,169 @@ func (s DescribeOrganizationConfigRulesOutput) GoString() string { } // SetNextToken sets the NextToken field's value. -func (s *DescribeOrganizationConfigRulesOutput) SetNextToken(v string) *DescribeOrganizationConfigRulesOutput { +func (s *DescribeOrganizationConfigRulesOutput) SetNextToken(v string) *DescribeOrganizationConfigRulesOutput { + s.NextToken = &v + return s +} + +// SetOrganizationConfigRules sets the OrganizationConfigRules field's value. +func (s *DescribeOrganizationConfigRulesOutput) SetOrganizationConfigRules(v []*OrganizationConfigRule) *DescribeOrganizationConfigRulesOutput { + s.OrganizationConfigRules = v + return s +} + +type DescribeOrganizationConformancePackStatusesInput struct { + _ struct{} `type:"structure"` + + // The maximum number of OrganizationConformancePackStatuses returned on each + // page. If you do no specify a number, AWS Config uses the default. The default + // is 100. + Limit *int64 `type:"integer"` + + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. + NextToken *string `type:"string"` + + // The names of organization conformance packs for which you want status details. + // If you do not specify any names, AWS Config returns details for all your + // organization conformance packs. + OrganizationConformancePackNames []*string `type:"list"` +} + +// String returns the string representation +func (s DescribeOrganizationConformancePackStatusesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeOrganizationConformancePackStatusesInput) GoString() string { + return s.String() +} + +// SetLimit sets the Limit field's value. +func (s *DescribeOrganizationConformancePackStatusesInput) SetLimit(v int64) *DescribeOrganizationConformancePackStatusesInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeOrganizationConformancePackStatusesInput) SetNextToken(v string) *DescribeOrganizationConformancePackStatusesInput { + s.NextToken = &v + return s +} + +// SetOrganizationConformancePackNames sets the OrganizationConformancePackNames field's value. +func (s *DescribeOrganizationConformancePackStatusesInput) SetOrganizationConformancePackNames(v []*string) *DescribeOrganizationConformancePackStatusesInput { + s.OrganizationConformancePackNames = v + return s +} + +type DescribeOrganizationConformancePackStatusesOutput struct { + _ struct{} `type:"structure"` + + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. + NextToken *string `type:"string"` + + // A list of OrganizationConformancePackStatus objects. + OrganizationConformancePackStatuses []*OrganizationConformancePackStatus `type:"list"` +} + +// String returns the string representation +func (s DescribeOrganizationConformancePackStatusesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeOrganizationConformancePackStatusesOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeOrganizationConformancePackStatusesOutput) SetNextToken(v string) *DescribeOrganizationConformancePackStatusesOutput { + s.NextToken = &v + return s +} + +// SetOrganizationConformancePackStatuses sets the OrganizationConformancePackStatuses field's value. +func (s *DescribeOrganizationConformancePackStatusesOutput) SetOrganizationConformancePackStatuses(v []*OrganizationConformancePackStatus) *DescribeOrganizationConformancePackStatusesOutput { + s.OrganizationConformancePackStatuses = v + return s +} + +type DescribeOrganizationConformancePacksInput struct { + _ struct{} `type:"structure"` + + // The maximum number of organization config packs returned on each page. If + // you do no specify a number, AWS Config uses the default. The default is 100. + Limit *int64 `type:"integer"` + + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. + NextToken *string `type:"string"` + + // The name that you assign to an organization conformance pack. + OrganizationConformancePackNames []*string `type:"list"` +} + +// String returns the string representation +func (s DescribeOrganizationConformancePacksInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeOrganizationConformancePacksInput) GoString() string { + return s.String() +} + +// SetLimit sets the Limit field's value. +func (s *DescribeOrganizationConformancePacksInput) SetLimit(v int64) *DescribeOrganizationConformancePacksInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeOrganizationConformancePacksInput) SetNextToken(v string) *DescribeOrganizationConformancePacksInput { + s.NextToken = &v + return s +} + +// SetOrganizationConformancePackNames sets the OrganizationConformancePackNames field's value. +func (s *DescribeOrganizationConformancePacksInput) SetOrganizationConformancePackNames(v []*string) *DescribeOrganizationConformancePacksInput { + s.OrganizationConformancePackNames = v + return s +} + +type DescribeOrganizationConformancePacksOutput struct { + _ struct{} `type:"structure"` + + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. + NextToken *string `type:"string"` + + // Returns a list of OrganizationConformancePacks objects. + OrganizationConformancePacks []*OrganizationConformancePack `type:"list"` +} + +// String returns the string representation +func (s DescribeOrganizationConformancePacksOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeOrganizationConformancePacksOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeOrganizationConformancePacksOutput) SetNextToken(v string) *DescribeOrganizationConformancePacksOutput { s.NextToken = &v return s } -// SetOrganizationConfigRules sets the OrganizationConfigRules field's value. -func (s *DescribeOrganizationConfigRulesOutput) SetOrganizationConfigRules(v []*OrganizationConfigRule) *DescribeOrganizationConfigRulesOutput { - s.OrganizationConfigRules = v +// SetOrganizationConformancePacks sets the OrganizationConformancePacks field's value. +func (s *DescribeOrganizationConformancePacksOutput) SetOrganizationConformancePacks(v []*OrganizationConformancePack) *DescribeOrganizationConformancePacksOutput { + s.OrganizationConformancePacks = v return s } @@ -11987,6 +14380,210 @@ func (s *GetComplianceSummaryByResourceTypeOutput) SetComplianceSummariesByResou return s } +type GetConformancePackComplianceDetailsInput struct { + _ struct{} `type:"structure"` + + // Name of the conformance pack. + // + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` + + // A ConformancePackEvaluationFilters object. + Filters *ConformancePackEvaluationFilters `type:"structure"` + + // The maximum number of evaluation results returned on each page. If you do + // no specify a number, AWS Config uses the default. The default is 100. + Limit *int64 `type:"integer"` + + // The nextToken string returned in a previous request that you use to request + // the next page of results in a paginated response. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetConformancePackComplianceDetailsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetConformancePackComplianceDetailsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetConformancePackComplianceDetailsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetConformancePackComplianceDetailsInput"} + if s.ConformancePackName == nil { + invalidParams.Add(request.NewErrParamRequired("ConformancePackName")) + } + if s.ConformancePackName != nil && len(*s.ConformancePackName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConformancePackName", 1)) + } + if s.Filters != nil { + if err := s.Filters.Validate(); err != nil { + invalidParams.AddNested("Filters", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConformancePackName sets the ConformancePackName field's value. +func (s *GetConformancePackComplianceDetailsInput) SetConformancePackName(v string) *GetConformancePackComplianceDetailsInput { + s.ConformancePackName = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetConformancePackComplianceDetailsInput) SetFilters(v *ConformancePackEvaluationFilters) *GetConformancePackComplianceDetailsInput { + s.Filters = v + return s +} + +// SetLimit sets the Limit field's value. +func (s *GetConformancePackComplianceDetailsInput) SetLimit(v int64) *GetConformancePackComplianceDetailsInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetConformancePackComplianceDetailsInput) SetNextToken(v string) *GetConformancePackComplianceDetailsInput { + s.NextToken = &v + return s +} + +type GetConformancePackComplianceDetailsOutput struct { + _ struct{} `type:"structure"` + + // Name of the conformance pack. + // + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` + + // Returns a list of ConformancePackEvaluationResult objects. + ConformancePackRuleEvaluationResults []*ConformancePackEvaluationResult `type:"list"` + + // The nextToken string returned in a previous request that you use to request + // the next page of results in a paginated response. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetConformancePackComplianceDetailsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetConformancePackComplianceDetailsOutput) GoString() string { + return s.String() +} + +// SetConformancePackName sets the ConformancePackName field's value. +func (s *GetConformancePackComplianceDetailsOutput) SetConformancePackName(v string) *GetConformancePackComplianceDetailsOutput { + s.ConformancePackName = &v + return s +} + +// SetConformancePackRuleEvaluationResults sets the ConformancePackRuleEvaluationResults field's value. +func (s *GetConformancePackComplianceDetailsOutput) SetConformancePackRuleEvaluationResults(v []*ConformancePackEvaluationResult) *GetConformancePackComplianceDetailsOutput { + s.ConformancePackRuleEvaluationResults = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetConformancePackComplianceDetailsOutput) SetNextToken(v string) *GetConformancePackComplianceDetailsOutput { + s.NextToken = &v + return s +} + +type GetConformancePackComplianceSummaryInput struct { + _ struct{} `type:"structure"` + + // ConformancePackNames is a required field + ConformancePackNames []*string `min:"1" type:"list" required:"true"` + + Limit *int64 `type:"integer"` + + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetConformancePackComplianceSummaryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetConformancePackComplianceSummaryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetConformancePackComplianceSummaryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetConformancePackComplianceSummaryInput"} + if s.ConformancePackNames == nil { + invalidParams.Add(request.NewErrParamRequired("ConformancePackNames")) + } + if s.ConformancePackNames != nil && len(s.ConformancePackNames) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConformancePackNames", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConformancePackNames sets the ConformancePackNames field's value. +func (s *GetConformancePackComplianceSummaryInput) SetConformancePackNames(v []*string) *GetConformancePackComplianceSummaryInput { + s.ConformancePackNames = v + return s +} + +// SetLimit sets the Limit field's value. +func (s *GetConformancePackComplianceSummaryInput) SetLimit(v int64) *GetConformancePackComplianceSummaryInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetConformancePackComplianceSummaryInput) SetNextToken(v string) *GetConformancePackComplianceSummaryInput { + s.NextToken = &v + return s +} + +type GetConformancePackComplianceSummaryOutput struct { + _ struct{} `type:"structure"` + + ConformancePackComplianceSummaryList []*ConformancePackComplianceSummary `min:"1" type:"list"` + + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetConformancePackComplianceSummaryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetConformancePackComplianceSummaryOutput) GoString() string { + return s.String() +} + +// SetConformancePackComplianceSummaryList sets the ConformancePackComplianceSummaryList field's value. +func (s *GetConformancePackComplianceSummaryOutput) SetConformancePackComplianceSummaryList(v []*ConformancePackComplianceSummary) *GetConformancePackComplianceSummaryOutput { + s.ConformancePackComplianceSummaryList = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetConformancePackComplianceSummaryOutput) SetNextToken(v string) *GetConformancePackComplianceSummaryOutput { + s.NextToken = &v + return s +} + type GetDiscoveredResourceCountsInput struct { _ struct{} `type:"structure"` @@ -12069,73 +14666,178 @@ type GetDiscoveredResourceCountsOutput struct { } // String returns the string representation -func (s GetDiscoveredResourceCountsOutput) String() string { +func (s GetDiscoveredResourceCountsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetDiscoveredResourceCountsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *GetDiscoveredResourceCountsOutput) SetNextToken(v string) *GetDiscoveredResourceCountsOutput { + s.NextToken = &v + return s +} + +// SetResourceCounts sets the ResourceCounts field's value. +func (s *GetDiscoveredResourceCountsOutput) SetResourceCounts(v []*ResourceCount) *GetDiscoveredResourceCountsOutput { + s.ResourceCounts = v + return s +} + +// SetTotalDiscoveredResources sets the TotalDiscoveredResources field's value. +func (s *GetDiscoveredResourceCountsOutput) SetTotalDiscoveredResources(v int64) *GetDiscoveredResourceCountsOutput { + s.TotalDiscoveredResources = &v + return s +} + +type GetOrganizationConfigRuleDetailedStatusInput struct { + _ struct{} `type:"structure"` + + // A StatusDetailFilters object. + Filters *StatusDetailFilters `type:"structure"` + + // The maximum number of OrganizationConfigRuleDetailedStatus returned on each + // page. If you do not specify a number, AWS Config uses the default. The default + // is 100. + Limit *int64 `type:"integer"` + + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. + NextToken *string `type:"string"` + + // The name of organization config rule for which you want status details for + // member accounts. + // + // OrganizationConfigRuleName is a required field + OrganizationConfigRuleName *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s GetOrganizationConfigRuleDetailedStatusInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetOrganizationConfigRuleDetailedStatusInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetOrganizationConfigRuleDetailedStatusInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetOrganizationConfigRuleDetailedStatusInput"} + if s.OrganizationConfigRuleName == nil { + invalidParams.Add(request.NewErrParamRequired("OrganizationConfigRuleName")) + } + if s.OrganizationConfigRuleName != nil && len(*s.OrganizationConfigRuleName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("OrganizationConfigRuleName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilters sets the Filters field's value. +func (s *GetOrganizationConfigRuleDetailedStatusInput) SetFilters(v *StatusDetailFilters) *GetOrganizationConfigRuleDetailedStatusInput { + s.Filters = v + return s +} + +// SetLimit sets the Limit field's value. +func (s *GetOrganizationConfigRuleDetailedStatusInput) SetLimit(v int64) *GetOrganizationConfigRuleDetailedStatusInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetOrganizationConfigRuleDetailedStatusInput) SetNextToken(v string) *GetOrganizationConfigRuleDetailedStatusInput { + s.NextToken = &v + return s +} + +// SetOrganizationConfigRuleName sets the OrganizationConfigRuleName field's value. +func (s *GetOrganizationConfigRuleDetailedStatusInput) SetOrganizationConfigRuleName(v string) *GetOrganizationConfigRuleDetailedStatusInput { + s.OrganizationConfigRuleName = &v + return s +} + +type GetOrganizationConfigRuleDetailedStatusOutput struct { + _ struct{} `type:"structure"` + + // The nextToken string returned on a previous page that you use to get the + // next page of results in a paginated response. + NextToken *string `type:"string"` + + // A list of MemberAccountStatus objects. + OrganizationConfigRuleDetailedStatus []*MemberAccountStatus `type:"list"` +} + +// String returns the string representation +func (s GetOrganizationConfigRuleDetailedStatusOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s GetDiscoveredResourceCountsOutput) GoString() string { +func (s GetOrganizationConfigRuleDetailedStatusOutput) GoString() string { return s.String() } // SetNextToken sets the NextToken field's value. -func (s *GetDiscoveredResourceCountsOutput) SetNextToken(v string) *GetDiscoveredResourceCountsOutput { +func (s *GetOrganizationConfigRuleDetailedStatusOutput) SetNextToken(v string) *GetOrganizationConfigRuleDetailedStatusOutput { s.NextToken = &v return s } -// SetResourceCounts sets the ResourceCounts field's value. -func (s *GetDiscoveredResourceCountsOutput) SetResourceCounts(v []*ResourceCount) *GetDiscoveredResourceCountsOutput { - s.ResourceCounts = v - return s -} - -// SetTotalDiscoveredResources sets the TotalDiscoveredResources field's value. -func (s *GetDiscoveredResourceCountsOutput) SetTotalDiscoveredResources(v int64) *GetDiscoveredResourceCountsOutput { - s.TotalDiscoveredResources = &v +// SetOrganizationConfigRuleDetailedStatus sets the OrganizationConfigRuleDetailedStatus field's value. +func (s *GetOrganizationConfigRuleDetailedStatusOutput) SetOrganizationConfigRuleDetailedStatus(v []*MemberAccountStatus) *GetOrganizationConfigRuleDetailedStatusOutput { + s.OrganizationConfigRuleDetailedStatus = v return s } -type GetOrganizationConfigRuleDetailedStatusInput struct { +type GetOrganizationConformancePackDetailedStatusInput struct { _ struct{} `type:"structure"` - // A StatusDetailFilters object. - Filters *StatusDetailFilters `type:"structure"` + // An OrganizationResourceDetailedStatusFilters object. + Filters *OrganizationResourceDetailedStatusFilters `type:"structure"` - // The maximum number of OrganizationConfigRuleDetailedStatus returned on each - // page. If you do not specify a number, AWS Config uses the default. The default - // is 100. + // The maximum number of OrganizationConformancePackDetailedStatuses returned + // on each page. If you do not specify a number, AWS Config uses the default. + // The default is 100. Limit *int64 `type:"integer"` // The nextToken string returned on a previous page that you use to get the // next page of results in a paginated response. NextToken *string `type:"string"` - // The name of organization config rule for which you want status details for - // member accounts. + // The name of organization conformance pack for which you want status details + // for member accounts. // - // OrganizationConfigRuleName is a required field - OrganizationConfigRuleName *string `min:"1" type:"string" required:"true"` + // OrganizationConformancePackName is a required field + OrganizationConformancePackName *string `min:"1" type:"string" required:"true"` } // String returns the string representation -func (s GetOrganizationConfigRuleDetailedStatusInput) String() string { +func (s GetOrganizationConformancePackDetailedStatusInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s GetOrganizationConfigRuleDetailedStatusInput) GoString() string { +func (s GetOrganizationConformancePackDetailedStatusInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *GetOrganizationConfigRuleDetailedStatusInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetOrganizationConfigRuleDetailedStatusInput"} - if s.OrganizationConfigRuleName == nil { - invalidParams.Add(request.NewErrParamRequired("OrganizationConfigRuleName")) +func (s *GetOrganizationConformancePackDetailedStatusInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetOrganizationConformancePackDetailedStatusInput"} + if s.OrganizationConformancePackName == nil { + invalidParams.Add(request.NewErrParamRequired("OrganizationConformancePackName")) } - if s.OrganizationConfigRuleName != nil && len(*s.OrganizationConfigRuleName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("OrganizationConfigRuleName", 1)) + if s.OrganizationConformancePackName != nil && len(*s.OrganizationConformancePackName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("OrganizationConformancePackName", 1)) } if invalidParams.Len() > 0 { @@ -12145,59 +14847,59 @@ func (s *GetOrganizationConfigRuleDetailedStatusInput) Validate() error { } // SetFilters sets the Filters field's value. -func (s *GetOrganizationConfigRuleDetailedStatusInput) SetFilters(v *StatusDetailFilters) *GetOrganizationConfigRuleDetailedStatusInput { +func (s *GetOrganizationConformancePackDetailedStatusInput) SetFilters(v *OrganizationResourceDetailedStatusFilters) *GetOrganizationConformancePackDetailedStatusInput { s.Filters = v return s } // SetLimit sets the Limit field's value. -func (s *GetOrganizationConfigRuleDetailedStatusInput) SetLimit(v int64) *GetOrganizationConfigRuleDetailedStatusInput { +func (s *GetOrganizationConformancePackDetailedStatusInput) SetLimit(v int64) *GetOrganizationConformancePackDetailedStatusInput { s.Limit = &v return s } // SetNextToken sets the NextToken field's value. -func (s *GetOrganizationConfigRuleDetailedStatusInput) SetNextToken(v string) *GetOrganizationConfigRuleDetailedStatusInput { +func (s *GetOrganizationConformancePackDetailedStatusInput) SetNextToken(v string) *GetOrganizationConformancePackDetailedStatusInput { s.NextToken = &v return s } -// SetOrganizationConfigRuleName sets the OrganizationConfigRuleName field's value. -func (s *GetOrganizationConfigRuleDetailedStatusInput) SetOrganizationConfigRuleName(v string) *GetOrganizationConfigRuleDetailedStatusInput { - s.OrganizationConfigRuleName = &v +// SetOrganizationConformancePackName sets the OrganizationConformancePackName field's value. +func (s *GetOrganizationConformancePackDetailedStatusInput) SetOrganizationConformancePackName(v string) *GetOrganizationConformancePackDetailedStatusInput { + s.OrganizationConformancePackName = &v return s } -type GetOrganizationConfigRuleDetailedStatusOutput struct { +type GetOrganizationConformancePackDetailedStatusOutput struct { _ struct{} `type:"structure"` // The nextToken string returned on a previous page that you use to get the // next page of results in a paginated response. NextToken *string `type:"string"` - // A list of MemberAccountStatus objects. - OrganizationConfigRuleDetailedStatus []*MemberAccountStatus `type:"list"` + // A list of OrganizationConformancePackDetailedStatus objects. + OrganizationConformancePackDetailedStatuses []*OrganizationConformancePackDetailedStatus `type:"list"` } // String returns the string representation -func (s GetOrganizationConfigRuleDetailedStatusOutput) String() string { +func (s GetOrganizationConformancePackDetailedStatusOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation -func (s GetOrganizationConfigRuleDetailedStatusOutput) GoString() string { +func (s GetOrganizationConformancePackDetailedStatusOutput) GoString() string { return s.String() } // SetNextToken sets the NextToken field's value. -func (s *GetOrganizationConfigRuleDetailedStatusOutput) SetNextToken(v string) *GetOrganizationConfigRuleDetailedStatusOutput { +func (s *GetOrganizationConformancePackDetailedStatusOutput) SetNextToken(v string) *GetOrganizationConformancePackDetailedStatusOutput { s.NextToken = &v return s } -// SetOrganizationConfigRuleDetailedStatus sets the OrganizationConfigRuleDetailedStatus field's value. -func (s *GetOrganizationConfigRuleDetailedStatusOutput) SetOrganizationConfigRuleDetailedStatus(v []*MemberAccountStatus) *GetOrganizationConfigRuleDetailedStatusOutput { - s.OrganizationConfigRuleDetailedStatus = v +// SetOrganizationConformancePackDetailedStatuses sets the OrganizationConformancePackDetailedStatuses field's value. +func (s *GetOrganizationConformancePackDetailedStatusOutput) SetOrganizationConformancePackDetailedStatuses(v []*OrganizationConformancePackDetailedStatus) *GetOrganizationConformancePackDetailedStatusOutput { + s.OrganizationConformancePackDetailedStatuses = v return s } @@ -12903,7 +15605,7 @@ type OrganizationConfigRule struct { // The timestamp of the last update. LastUpdateTime *time.Time `type:"timestamp"` - // The Amazon Resource Name (ARN) of organization config rule. + // Amazon Resource Name (ARN) of organization config rule. // // OrganizationConfigRuleArn is a required field OrganizationConfigRuleArn *string `min:"1" type:"string" required:"true"` @@ -13065,6 +15767,311 @@ func (s *OrganizationConfigRuleStatus) SetOrganizationRuleStatus(v string) *Orga return s } +// An organization conformance pack that has information about conformance packs +// that AWS Config creates in member accounts. +type OrganizationConformancePack struct { + _ struct{} `type:"structure"` + + // A list of ConformancePackInputParameter objects. + ConformancePackInputParameters []*ConformancePackInputParameter `type:"list"` + + // Location of an Amazon S3 bucket where AWS Config can deliver evaluation results + // and conformance pack template that is used to create a pack. + // + // DeliveryS3Bucket is a required field + DeliveryS3Bucket *string `min:"3" type:"string" required:"true"` + + // Any folder structure you want to add to an Amazon S3 bucket. + DeliveryS3KeyPrefix *string `min:"1" type:"string"` + + // A comma-separated list of accounts excluded from organization conformance + // pack. + ExcludedAccounts []*string `type:"list"` + + // Last time when organization conformation pack was updated. + // + // LastUpdateTime is a required field + LastUpdateTime *time.Time `type:"timestamp" required:"true"` + + // Amazon Resource Name (ARN) of organization conformance pack. + // + // OrganizationConformancePackArn is a required field + OrganizationConformancePackArn *string `min:"1" type:"string" required:"true"` + + // The name you assign to an organization conformance pack. + // + // OrganizationConformancePackName is a required field + OrganizationConformancePackName *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s OrganizationConformancePack) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OrganizationConformancePack) GoString() string { + return s.String() +} + +// SetConformancePackInputParameters sets the ConformancePackInputParameters field's value. +func (s *OrganizationConformancePack) SetConformancePackInputParameters(v []*ConformancePackInputParameter) *OrganizationConformancePack { + s.ConformancePackInputParameters = v + return s +} + +// SetDeliveryS3Bucket sets the DeliveryS3Bucket field's value. +func (s *OrganizationConformancePack) SetDeliveryS3Bucket(v string) *OrganizationConformancePack { + s.DeliveryS3Bucket = &v + return s +} + +// SetDeliveryS3KeyPrefix sets the DeliveryS3KeyPrefix field's value. +func (s *OrganizationConformancePack) SetDeliveryS3KeyPrefix(v string) *OrganizationConformancePack { + s.DeliveryS3KeyPrefix = &v + return s +} + +// SetExcludedAccounts sets the ExcludedAccounts field's value. +func (s *OrganizationConformancePack) SetExcludedAccounts(v []*string) *OrganizationConformancePack { + s.ExcludedAccounts = v + return s +} + +// SetLastUpdateTime sets the LastUpdateTime field's value. +func (s *OrganizationConformancePack) SetLastUpdateTime(v time.Time) *OrganizationConformancePack { + s.LastUpdateTime = &v + return s +} + +// SetOrganizationConformancePackArn sets the OrganizationConformancePackArn field's value. +func (s *OrganizationConformancePack) SetOrganizationConformancePackArn(v string) *OrganizationConformancePack { + s.OrganizationConformancePackArn = &v + return s +} + +// SetOrganizationConformancePackName sets the OrganizationConformancePackName field's value. +func (s *OrganizationConformancePack) SetOrganizationConformancePackName(v string) *OrganizationConformancePack { + s.OrganizationConformancePackName = &v + return s +} + +// Organization conformance pack creation or deletion status in each member +// account. This includes the name of the conformance pack, the status, error +// code and error message when the conformance pack creation or deletion failed. +type OrganizationConformancePackDetailedStatus struct { + _ struct{} `type:"structure"` + + // The 12-digit account ID of a member account. + // + // AccountId is a required field + AccountId *string `type:"string" required:"true"` + + // The name of conformance pack deployed in the member account. + // + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` + + // An error code that is returned when conformance pack creation or deletion + // failed in the member account. + ErrorCode *string `type:"string"` + + // An error message indicating that conformance pack account creation or deletion + // has failed due to an error in the member account. + ErrorMessage *string `type:"string"` + + // The timestamp of the last status update. + LastUpdateTime *time.Time `type:"timestamp"` + + // Indicates deployment status for conformance pack in a member account. When + // master account calls PutOrganizationConformancePack action for the first + // time, conformance pack status is created in the member account. When master + // account calls PutOrganizationConformancePack action for the second time, + // conformance pack status is updated in the member account. Conformance pack + // status is deleted when the master account deletes OrganizationConformancePack + // and disables service access for config-multiaccountsetup.amazonaws.com. + // + // AWS Config sets the state of the conformance pack to: + // + // * CREATE_SUCCESSFUL when conformance pack has been created in the member + // account. + // + // * CREATE_IN_PROGRESS when conformance pack is being created in the member + // account. + // + // * CREATE_FAILED when conformance pack creation has failed in the member + // account. + // + // * DELETE_FAILED when conformance pack deletion has failed in the member + // account. + // + // * DELETE_IN_PROGRESS when conformance pack is being deleted in the member + // account. + // + // * DELETE_SUCCESSFUL when conformance pack has been deleted in the member + // account. + // + // * UPDATE_SUCCESSFUL when conformance pack has been updated in the member + // account. + // + // * UPDATE_IN_PROGRESS when conformance pack is being updated in the member + // account. + // + // * UPDATE_FAILED when conformance pack deletion has failed in the member + // account. + // + // Status is a required field + Status *string `type:"string" required:"true" enum:"OrganizationResourceDetailedStatus"` +} + +// String returns the string representation +func (s OrganizationConformancePackDetailedStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OrganizationConformancePackDetailedStatus) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *OrganizationConformancePackDetailedStatus) SetAccountId(v string) *OrganizationConformancePackDetailedStatus { + s.AccountId = &v + return s +} + +// SetConformancePackName sets the ConformancePackName field's value. +func (s *OrganizationConformancePackDetailedStatus) SetConformancePackName(v string) *OrganizationConformancePackDetailedStatus { + s.ConformancePackName = &v + return s +} + +// SetErrorCode sets the ErrorCode field's value. +func (s *OrganizationConformancePackDetailedStatus) SetErrorCode(v string) *OrganizationConformancePackDetailedStatus { + s.ErrorCode = &v + return s +} + +// SetErrorMessage sets the ErrorMessage field's value. +func (s *OrganizationConformancePackDetailedStatus) SetErrorMessage(v string) *OrganizationConformancePackDetailedStatus { + s.ErrorMessage = &v + return s +} + +// SetLastUpdateTime sets the LastUpdateTime field's value. +func (s *OrganizationConformancePackDetailedStatus) SetLastUpdateTime(v time.Time) *OrganizationConformancePackDetailedStatus { + s.LastUpdateTime = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *OrganizationConformancePackDetailedStatus) SetStatus(v string) *OrganizationConformancePackDetailedStatus { + s.Status = &v + return s +} + +// Returns the status for an organization conformance pack in an organization. +type OrganizationConformancePackStatus struct { + _ struct{} `type:"structure"` + + // An error code that is returned when organization conformance pack creation + // or deletion has failed in the member account. + ErrorCode *string `type:"string"` + + // An error message indicating that organization conformance pack creation or + // deletion failed due to an error. + ErrorMessage *string `type:"string"` + + // The timestamp of the last update. + LastUpdateTime *time.Time `type:"timestamp"` + + // The name that you assign to organization conformance pack. + // + // OrganizationConformancePackName is a required field + OrganizationConformancePackName *string `min:"1" type:"string" required:"true"` + + // Indicates deployment status of an organization conformance pack. When master + // account calls PutOrganizationConformancePack for the first time, conformance + // pack status is created in all the member accounts. When master account calls + // PutOrganizationConformancePack for the second time, conformance pack status + // is updated in all the member accounts. Additionally, conformance pack status + // is updated when one or more member accounts join or leave an organization. + // Conformance pack status is deleted when the master account deletes OrganizationConformancePack + // in all the member accounts and disables service access for config-multiaccountsetup.amazonaws.com. + // + // AWS Config sets the state of the conformance pack to: + // + // * CREATE_SUCCESSFUL when an organization conformance pack has been successfully + // created in all the member accounts. + // + // * CREATE_IN_PROGRESS when an organization conformance pack creation is + // in progress. + // + // * CREATE_FAILED when an organization conformance pack creation failed + // in one or more member accounts within that organization. + // + // * DELETE_FAILED when an organization conformance pack deletion failed + // in one or more member accounts within that organization. + // + // * DELETE_IN_PROGRESS when an organization conformance pack deletion is + // in progress. + // + // * DELETE_SUCCESSFUL when an organization conformance pack has been successfully + // deleted from all the member accounts. + // + // * UPDATE_SUCCESSFUL when an organization conformance pack has been successfully + // updated in all the member accounts. + // + // * UPDATE_IN_PROGRESS when an organization conformance pack update is in + // progress. + // + // * UPDATE_FAILED when an organization conformance pack update failed in + // one or more member accounts within that organization. + // + // Status is a required field + Status *string `type:"string" required:"true" enum:"OrganizationResourceStatus"` +} + +// String returns the string representation +func (s OrganizationConformancePackStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OrganizationConformancePackStatus) GoString() string { + return s.String() +} + +// SetErrorCode sets the ErrorCode field's value. +func (s *OrganizationConformancePackStatus) SetErrorCode(v string) *OrganizationConformancePackStatus { + s.ErrorCode = &v + return s +} + +// SetErrorMessage sets the ErrorMessage field's value. +func (s *OrganizationConformancePackStatus) SetErrorMessage(v string) *OrganizationConformancePackStatus { + s.ErrorMessage = &v + return s +} + +// SetLastUpdateTime sets the LastUpdateTime field's value. +func (s *OrganizationConformancePackStatus) SetLastUpdateTime(v time.Time) *OrganizationConformancePackStatus { + s.LastUpdateTime = &v + return s +} + +// SetOrganizationConformancePackName sets the OrganizationConformancePackName field's value. +func (s *OrganizationConformancePackStatus) SetOrganizationConformancePackName(v string) *OrganizationConformancePackStatus { + s.OrganizationConformancePackName = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *OrganizationConformancePackStatus) SetStatus(v string) *OrganizationConformancePackStatus { + s.Status = &v + return s +} + // An object that specifies organization custom rule metadata such as resource // type, resource ID of AWS resource, Lamdba function ARN, and organization // trigger types that trigger AWS Config to evaluate your AWS resources against @@ -13327,27 +16334,96 @@ func (s *OrganizationManagedRuleMetadata) SetResourceIdScope(v string) *Organiza return s } -// SetResourceTypesScope sets the ResourceTypesScope field's value. -func (s *OrganizationManagedRuleMetadata) SetResourceTypesScope(v []*string) *OrganizationManagedRuleMetadata { - s.ResourceTypesScope = v - return s +// SetResourceTypesScope sets the ResourceTypesScope field's value. +func (s *OrganizationManagedRuleMetadata) SetResourceTypesScope(v []*string) *OrganizationManagedRuleMetadata { + s.ResourceTypesScope = v + return s +} + +// SetRuleIdentifier sets the RuleIdentifier field's value. +func (s *OrganizationManagedRuleMetadata) SetRuleIdentifier(v string) *OrganizationManagedRuleMetadata { + s.RuleIdentifier = &v + return s +} + +// SetTagKeyScope sets the TagKeyScope field's value. +func (s *OrganizationManagedRuleMetadata) SetTagKeyScope(v string) *OrganizationManagedRuleMetadata { + s.TagKeyScope = &v + return s +} + +// SetTagValueScope sets the TagValueScope field's value. +func (s *OrganizationManagedRuleMetadata) SetTagValueScope(v string) *OrganizationManagedRuleMetadata { + s.TagValueScope = &v + return s +} + +// Status filter object to filter results based on specific member account ID +// or status type for an organization conformance pack. +type OrganizationResourceDetailedStatusFilters struct { + _ struct{} `type:"structure"` + + // The 12-digit account ID of the member account within an organization. + AccountId *string `type:"string"` + + // Indicates deployment status for conformance pack in a member account. When + // master account calls PutOrganizationConformancePack action for the first + // time, conformance pack status is created in the member account. When master + // account calls PutOrganizationConformancePack action for the second time, + // conformance pack status is updated in the member account. Conformance pack + // status is deleted when the master account deletes OrganizationConformancePack + // and disables service access for config-multiaccountsetup.amazonaws.com. + // + // AWS Config sets the state of the conformance pack to: + // + // * CREATE_SUCCESSFUL when conformance pack has been created in the member + // account. + // + // * CREATE_IN_PROGRESS when conformance pack is being created in the member + // account. + // + // * CREATE_FAILED when conformance pack creation has failed in the member + // account. + // + // * DELETE_FAILED when conformance pack deletion has failed in the member + // account. + // + // * DELETE_IN_PROGRESS when conformance pack is being deleted in the member + // account. + // + // * DELETE_SUCCESSFUL when conformance pack has been deleted in the member + // account. + // + // * UPDATE_SUCCESSFUL when conformance pack has been updated in the member + // account. + // + // * UPDATE_IN_PROGRESS when conformance pack is being updated in the member + // account. + // + // * UPDATE_FAILED when conformance pack deletion has failed in the member + // account. + Status *string `type:"string" enum:"OrganizationResourceDetailedStatus"` +} + +// String returns the string representation +func (s OrganizationResourceDetailedStatusFilters) String() string { + return awsutil.Prettify(s) } -// SetRuleIdentifier sets the RuleIdentifier field's value. -func (s *OrganizationManagedRuleMetadata) SetRuleIdentifier(v string) *OrganizationManagedRuleMetadata { - s.RuleIdentifier = &v - return s +// GoString returns the string representation +func (s OrganizationResourceDetailedStatusFilters) GoString() string { + return s.String() } -// SetTagKeyScope sets the TagKeyScope field's value. -func (s *OrganizationManagedRuleMetadata) SetTagKeyScope(v string) *OrganizationManagedRuleMetadata { - s.TagKeyScope = &v +// SetAccountId sets the AccountId field's value. +func (s *OrganizationResourceDetailedStatusFilters) SetAccountId(v string) *OrganizationResourceDetailedStatusFilters { + s.AccountId = &v return s } -// SetTagValueScope sets the TagValueScope field's value. -func (s *OrganizationManagedRuleMetadata) SetTagValueScope(v string) *OrganizationManagedRuleMetadata { - s.TagValueScope = &v +// SetStatus sets the Status field's value. +func (s *OrganizationResourceDetailedStatusFilters) SetStatus(v string) *OrganizationResourceDetailedStatusFilters { + s.Status = &v return s } @@ -13733,6 +16809,152 @@ func (s PutConfigurationRecorderOutput) GoString() string { return s.String() } +type PutConformancePackInput struct { + _ struct{} `type:"structure"` + + // A list of ConformancePackInputParameter objects. + ConformancePackInputParameters []*ConformancePackInputParameter `type:"list"` + + // Name of the conformance pack you want to create. + // + // ConformancePackName is a required field + ConformancePackName *string `min:"1" type:"string" required:"true"` + + // Location of an Amazon S3 bucket where AWS Config can deliver evaluation results. + // AWS Config stores intermediate files while processing conformance pack template. + // + // DeliveryS3Bucket is a required field + DeliveryS3Bucket *string `min:"3" type:"string" required:"true"` + + // The prefix for the Amazon S3 bucket. + DeliveryS3KeyPrefix *string `min:"1" type:"string"` + + // A string containing full conformance pack template body. Structure containing + // the template body with a minimum length of 1 byte and a maximum length of + // 51,200 bytes. + // + // You can only use a YAML template with one resource type, that is, config + // rule. + TemplateBody *string `min:"1" type:"string"` + + // Location of file containing the template body. The uri must point to the + // conformance pack template (max size: 300,000 bytes) that is located in an + // Amazon S3 bucket in the same region as the conformance pack. + // + // You must have access to read Amazon S3 bucket. + TemplateS3Uri *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s PutConformancePackInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutConformancePackInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutConformancePackInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutConformancePackInput"} + if s.ConformancePackName == nil { + invalidParams.Add(request.NewErrParamRequired("ConformancePackName")) + } + if s.ConformancePackName != nil && len(*s.ConformancePackName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConformancePackName", 1)) + } + if s.DeliveryS3Bucket == nil { + invalidParams.Add(request.NewErrParamRequired("DeliveryS3Bucket")) + } + if s.DeliveryS3Bucket != nil && len(*s.DeliveryS3Bucket) < 3 { + invalidParams.Add(request.NewErrParamMinLen("DeliveryS3Bucket", 3)) + } + if s.DeliveryS3KeyPrefix != nil && len(*s.DeliveryS3KeyPrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DeliveryS3KeyPrefix", 1)) + } + if s.TemplateBody != nil && len(*s.TemplateBody) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TemplateBody", 1)) + } + if s.TemplateS3Uri != nil && len(*s.TemplateS3Uri) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TemplateS3Uri", 1)) + } + if s.ConformancePackInputParameters != nil { + for i, v := range s.ConformancePackInputParameters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ConformancePackInputParameters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConformancePackInputParameters sets the ConformancePackInputParameters field's value. +func (s *PutConformancePackInput) SetConformancePackInputParameters(v []*ConformancePackInputParameter) *PutConformancePackInput { + s.ConformancePackInputParameters = v + return s +} + +// SetConformancePackName sets the ConformancePackName field's value. +func (s *PutConformancePackInput) SetConformancePackName(v string) *PutConformancePackInput { + s.ConformancePackName = &v + return s +} + +// SetDeliveryS3Bucket sets the DeliveryS3Bucket field's value. +func (s *PutConformancePackInput) SetDeliveryS3Bucket(v string) *PutConformancePackInput { + s.DeliveryS3Bucket = &v + return s +} + +// SetDeliveryS3KeyPrefix sets the DeliveryS3KeyPrefix field's value. +func (s *PutConformancePackInput) SetDeliveryS3KeyPrefix(v string) *PutConformancePackInput { + s.DeliveryS3KeyPrefix = &v + return s +} + +// SetTemplateBody sets the TemplateBody field's value. +func (s *PutConformancePackInput) SetTemplateBody(v string) *PutConformancePackInput { + s.TemplateBody = &v + return s +} + +// SetTemplateS3Uri sets the TemplateS3Uri field's value. +func (s *PutConformancePackInput) SetTemplateS3Uri(v string) *PutConformancePackInput { + s.TemplateS3Uri = &v + return s +} + +type PutConformancePackOutput struct { + _ struct{} `type:"structure"` + + // ARN of the conformance pack. + ConformancePackArn *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s PutConformancePackOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutConformancePackOutput) GoString() string { + return s.String() +} + +// SetConformancePackArn sets the ConformancePackArn field's value. +func (s *PutConformancePackOutput) SetConformancePackArn(v string) *PutConformancePackOutput { + s.ConformancePackArn = &v + return s +} + // The input for the PutDeliveryChannel action. type PutDeliveryChannelInput struct { _ struct{} `type:"structure"` @@ -13992,6 +17214,158 @@ func (s *PutOrganizationConfigRuleOutput) SetOrganizationConfigRuleArn(v string) return s } +type PutOrganizationConformancePackInput struct { + _ struct{} `type:"structure"` + + // A list of ConformancePackInputParameter objects. + ConformancePackInputParameters []*ConformancePackInputParameter `type:"list"` + + // Location of an Amazon S3 bucket where AWS Config can deliver evaluation results. + // AWS Config stores intermediate files while processing conformance pack template. + // + // DeliveryS3Bucket is a required field + DeliveryS3Bucket *string `min:"3" type:"string" required:"true"` + + // The prefix for the Amazon S3 bucket. + DeliveryS3KeyPrefix *string `min:"1" type:"string"` + + // A list of AWS accounts to be excluded from an organization conformance pack + // while deploying a conformance pack. + ExcludedAccounts []*string `type:"list"` + + // Name of the organization conformance pack you want to create. + // + // OrganizationConformancePackName is a required field + OrganizationConformancePackName *string `min:"1" type:"string" required:"true"` + + // A string containing full conformance pack template body. Structure containing + // the template body with a minimum length of 1 byte and a maximum length of + // 51,200 bytes. + TemplateBody *string `min:"1" type:"string"` + + // Location of file containing the template body. The uri must point to the + // conformance pack template (max size: 300,000 bytes). + // + // You must have access to read Amazon S3 bucket. + TemplateS3Uri *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s PutOrganizationConformancePackInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutOrganizationConformancePackInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutOrganizationConformancePackInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutOrganizationConformancePackInput"} + if s.DeliveryS3Bucket == nil { + invalidParams.Add(request.NewErrParamRequired("DeliveryS3Bucket")) + } + if s.DeliveryS3Bucket != nil && len(*s.DeliveryS3Bucket) < 3 { + invalidParams.Add(request.NewErrParamMinLen("DeliveryS3Bucket", 3)) + } + if s.DeliveryS3KeyPrefix != nil && len(*s.DeliveryS3KeyPrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DeliveryS3KeyPrefix", 1)) + } + if s.OrganizationConformancePackName == nil { + invalidParams.Add(request.NewErrParamRequired("OrganizationConformancePackName")) + } + if s.OrganizationConformancePackName != nil && len(*s.OrganizationConformancePackName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("OrganizationConformancePackName", 1)) + } + if s.TemplateBody != nil && len(*s.TemplateBody) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TemplateBody", 1)) + } + if s.TemplateS3Uri != nil && len(*s.TemplateS3Uri) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TemplateS3Uri", 1)) + } + if s.ConformancePackInputParameters != nil { + for i, v := range s.ConformancePackInputParameters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ConformancePackInputParameters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConformancePackInputParameters sets the ConformancePackInputParameters field's value. +func (s *PutOrganizationConformancePackInput) SetConformancePackInputParameters(v []*ConformancePackInputParameter) *PutOrganizationConformancePackInput { + s.ConformancePackInputParameters = v + return s +} + +// SetDeliveryS3Bucket sets the DeliveryS3Bucket field's value. +func (s *PutOrganizationConformancePackInput) SetDeliveryS3Bucket(v string) *PutOrganizationConformancePackInput { + s.DeliveryS3Bucket = &v + return s +} + +// SetDeliveryS3KeyPrefix sets the DeliveryS3KeyPrefix field's value. +func (s *PutOrganizationConformancePackInput) SetDeliveryS3KeyPrefix(v string) *PutOrganizationConformancePackInput { + s.DeliveryS3KeyPrefix = &v + return s +} + +// SetExcludedAccounts sets the ExcludedAccounts field's value. +func (s *PutOrganizationConformancePackInput) SetExcludedAccounts(v []*string) *PutOrganizationConformancePackInput { + s.ExcludedAccounts = v + return s +} + +// SetOrganizationConformancePackName sets the OrganizationConformancePackName field's value. +func (s *PutOrganizationConformancePackInput) SetOrganizationConformancePackName(v string) *PutOrganizationConformancePackInput { + s.OrganizationConformancePackName = &v + return s +} + +// SetTemplateBody sets the TemplateBody field's value. +func (s *PutOrganizationConformancePackInput) SetTemplateBody(v string) *PutOrganizationConformancePackInput { + s.TemplateBody = &v + return s +} + +// SetTemplateS3Uri sets the TemplateS3Uri field's value. +func (s *PutOrganizationConformancePackInput) SetTemplateS3Uri(v string) *PutOrganizationConformancePackInput { + s.TemplateS3Uri = &v + return s +} + +type PutOrganizationConformancePackOutput struct { + _ struct{} `type:"structure"` + + // ARN of the organization conformance pack. + OrganizationConformancePackArn *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s PutOrganizationConformancePackOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutOrganizationConformancePackOutput) GoString() string { + return s.String() +} + +// SetOrganizationConformancePackArn sets the OrganizationConformancePackArn field's value. +func (s *PutOrganizationConformancePackOutput) SetOrganizationConformancePackArn(v string) *PutOrganizationConformancePackOutput { + s.OrganizationConformancePackArn = &v + return s +} + type PutRemediationConfigurationsInput struct { _ struct{} `type:"structure"` @@ -16296,6 +19670,31 @@ const ( ConfigurationItemStatusResourceDeletedNotRecorded = "ResourceDeletedNotRecorded" ) +const ( + // ConformancePackComplianceTypeCompliant is a ConformancePackComplianceType enum value + ConformancePackComplianceTypeCompliant = "COMPLIANT" + + // ConformancePackComplianceTypeNonCompliant is a ConformancePackComplianceType enum value + ConformancePackComplianceTypeNonCompliant = "NON_COMPLIANT" +) + +const ( + // ConformancePackStateCreateInProgress is a ConformancePackState enum value + ConformancePackStateCreateInProgress = "CREATE_IN_PROGRESS" + + // ConformancePackStateCreateComplete is a ConformancePackState enum value + ConformancePackStateCreateComplete = "CREATE_COMPLETE" + + // ConformancePackStateCreateFailed is a ConformancePackState enum value + ConformancePackStateCreateFailed = "CREATE_FAILED" + + // ConformancePackStateDeleteInProgress is a ConformancePackState enum value + ConformancePackStateDeleteInProgress = "DELETE_IN_PROGRESS" + + // ConformancePackStateDeleteFailed is a ConformancePackState enum value + ConformancePackStateDeleteFailed = "DELETE_FAILED" +) + const ( // DeliveryStatusSuccess is a DeliveryStatus enum value DeliveryStatusSuccess = "Success" @@ -16339,15 +19738,6 @@ const ( // MemberAccountRuleStatusCreateFailed is a MemberAccountRuleStatus enum value MemberAccountRuleStatusCreateFailed = "CREATE_FAILED" - // MemberAccountRuleStatusUpdateSuccessful is a MemberAccountRuleStatus enum value - MemberAccountRuleStatusUpdateSuccessful = "UPDATE_SUCCESSFUL" - - // MemberAccountRuleStatusUpdateFailed is a MemberAccountRuleStatus enum value - MemberAccountRuleStatusUpdateFailed = "UPDATE_FAILED" - - // MemberAccountRuleStatusUpdateInProgress is a MemberAccountRuleStatus enum value - MemberAccountRuleStatusUpdateInProgress = "UPDATE_IN_PROGRESS" - // MemberAccountRuleStatusDeleteSuccessful is a MemberAccountRuleStatus enum value MemberAccountRuleStatusDeleteSuccessful = "DELETE_SUCCESSFUL" @@ -16356,6 +19746,15 @@ const ( // MemberAccountRuleStatusDeleteInProgress is a MemberAccountRuleStatus enum value MemberAccountRuleStatusDeleteInProgress = "DELETE_IN_PROGRESS" + + // MemberAccountRuleStatusUpdateSuccessful is a MemberAccountRuleStatus enum value + MemberAccountRuleStatusUpdateSuccessful = "UPDATE_SUCCESSFUL" + + // MemberAccountRuleStatusUpdateInProgress is a MemberAccountRuleStatus enum value + MemberAccountRuleStatusUpdateInProgress = "UPDATE_IN_PROGRESS" + + // MemberAccountRuleStatusUpdateFailed is a MemberAccountRuleStatus enum value + MemberAccountRuleStatusUpdateFailed = "UPDATE_FAILED" ) const ( @@ -16383,6 +19782,64 @@ const ( OrganizationConfigRuleTriggerTypeScheduledNotification = "ScheduledNotification" ) +const ( + // OrganizationResourceDetailedStatusCreateSuccessful is a OrganizationResourceDetailedStatus enum value + OrganizationResourceDetailedStatusCreateSuccessful = "CREATE_SUCCESSFUL" + + // OrganizationResourceDetailedStatusCreateInProgress is a OrganizationResourceDetailedStatus enum value + OrganizationResourceDetailedStatusCreateInProgress = "CREATE_IN_PROGRESS" + + // OrganizationResourceDetailedStatusCreateFailed is a OrganizationResourceDetailedStatus enum value + OrganizationResourceDetailedStatusCreateFailed = "CREATE_FAILED" + + // OrganizationResourceDetailedStatusDeleteSuccessful is a OrganizationResourceDetailedStatus enum value + OrganizationResourceDetailedStatusDeleteSuccessful = "DELETE_SUCCESSFUL" + + // OrganizationResourceDetailedStatusDeleteFailed is a OrganizationResourceDetailedStatus enum value + OrganizationResourceDetailedStatusDeleteFailed = "DELETE_FAILED" + + // OrganizationResourceDetailedStatusDeleteInProgress is a OrganizationResourceDetailedStatus enum value + OrganizationResourceDetailedStatusDeleteInProgress = "DELETE_IN_PROGRESS" + + // OrganizationResourceDetailedStatusUpdateSuccessful is a OrganizationResourceDetailedStatus enum value + OrganizationResourceDetailedStatusUpdateSuccessful = "UPDATE_SUCCESSFUL" + + // OrganizationResourceDetailedStatusUpdateInProgress is a OrganizationResourceDetailedStatus enum value + OrganizationResourceDetailedStatusUpdateInProgress = "UPDATE_IN_PROGRESS" + + // OrganizationResourceDetailedStatusUpdateFailed is a OrganizationResourceDetailedStatus enum value + OrganizationResourceDetailedStatusUpdateFailed = "UPDATE_FAILED" +) + +const ( + // OrganizationResourceStatusCreateSuccessful is a OrganizationResourceStatus enum value + OrganizationResourceStatusCreateSuccessful = "CREATE_SUCCESSFUL" + + // OrganizationResourceStatusCreateInProgress is a OrganizationResourceStatus enum value + OrganizationResourceStatusCreateInProgress = "CREATE_IN_PROGRESS" + + // OrganizationResourceStatusCreateFailed is a OrganizationResourceStatus enum value + OrganizationResourceStatusCreateFailed = "CREATE_FAILED" + + // OrganizationResourceStatusDeleteSuccessful is a OrganizationResourceStatus enum value + OrganizationResourceStatusDeleteSuccessful = "DELETE_SUCCESSFUL" + + // OrganizationResourceStatusDeleteFailed is a OrganizationResourceStatus enum value + OrganizationResourceStatusDeleteFailed = "DELETE_FAILED" + + // OrganizationResourceStatusDeleteInProgress is a OrganizationResourceStatus enum value + OrganizationResourceStatusDeleteInProgress = "DELETE_IN_PROGRESS" + + // OrganizationResourceStatusUpdateSuccessful is a OrganizationResourceStatus enum value + OrganizationResourceStatusUpdateSuccessful = "UPDATE_SUCCESSFUL" + + // OrganizationResourceStatusUpdateInProgress is a OrganizationResourceStatus enum value + OrganizationResourceStatusUpdateInProgress = "UPDATE_IN_PROGRESS" + + // OrganizationResourceStatusUpdateFailed is a OrganizationResourceStatus enum value + OrganizationResourceStatusUpdateFailed = "UPDATE_FAILED" +) + const ( // OrganizationRuleStatusCreateSuccessful is a OrganizationRuleStatus enum value OrganizationRuleStatusCreateSuccessful = "CREATE_SUCCESSFUL" @@ -16393,15 +19850,6 @@ const ( // OrganizationRuleStatusCreateFailed is a OrganizationRuleStatus enum value OrganizationRuleStatusCreateFailed = "CREATE_FAILED" - // OrganizationRuleStatusUpdateSuccessful is a OrganizationRuleStatus enum value - OrganizationRuleStatusUpdateSuccessful = "UPDATE_SUCCESSFUL" - - // OrganizationRuleStatusUpdateFailed is a OrganizationRuleStatus enum value - OrganizationRuleStatusUpdateFailed = "UPDATE_FAILED" - - // OrganizationRuleStatusUpdateInProgress is a OrganizationRuleStatus enum value - OrganizationRuleStatusUpdateInProgress = "UPDATE_IN_PROGRESS" - // OrganizationRuleStatusDeleteSuccessful is a OrganizationRuleStatus enum value OrganizationRuleStatusDeleteSuccessful = "DELETE_SUCCESSFUL" @@ -16410,6 +19858,15 @@ const ( // OrganizationRuleStatusDeleteInProgress is a OrganizationRuleStatus enum value OrganizationRuleStatusDeleteInProgress = "DELETE_IN_PROGRESS" + + // OrganizationRuleStatusUpdateSuccessful is a OrganizationRuleStatus enum value + OrganizationRuleStatusUpdateSuccessful = "UPDATE_SUCCESSFUL" + + // OrganizationRuleStatusUpdateInProgress is a OrganizationRuleStatus enum value + OrganizationRuleStatusUpdateInProgress = "UPDATE_IN_PROGRESS" + + // OrganizationRuleStatusUpdateFailed is a OrganizationRuleStatus enum value + OrganizationRuleStatusUpdateFailed = "UPDATE_FAILED" ) const ( diff --git a/service/configservice/configserviceiface/interface.go b/service/configservice/configserviceiface/interface.go index 13e79ce2812..ec8ebca19bb 100644 --- a/service/configservice/configserviceiface/interface.go +++ b/service/configservice/configserviceiface/interface.go @@ -84,6 +84,10 @@ type ConfigServiceAPI interface { DeleteConfigurationRecorderWithContext(aws.Context, *configservice.DeleteConfigurationRecorderInput, ...request.Option) (*configservice.DeleteConfigurationRecorderOutput, error) DeleteConfigurationRecorderRequest(*configservice.DeleteConfigurationRecorderInput) (*request.Request, *configservice.DeleteConfigurationRecorderOutput) + DeleteConformancePack(*configservice.DeleteConformancePackInput) (*configservice.DeleteConformancePackOutput, error) + DeleteConformancePackWithContext(aws.Context, *configservice.DeleteConformancePackInput, ...request.Option) (*configservice.DeleteConformancePackOutput, error) + DeleteConformancePackRequest(*configservice.DeleteConformancePackInput) (*request.Request, *configservice.DeleteConformancePackOutput) + DeleteDeliveryChannel(*configservice.DeleteDeliveryChannelInput) (*configservice.DeleteDeliveryChannelOutput, error) DeleteDeliveryChannelWithContext(aws.Context, *configservice.DeleteDeliveryChannelInput, ...request.Option) (*configservice.DeleteDeliveryChannelOutput, error) DeleteDeliveryChannelRequest(*configservice.DeleteDeliveryChannelInput) (*request.Request, *configservice.DeleteDeliveryChannelOutput) @@ -96,6 +100,10 @@ type ConfigServiceAPI interface { DeleteOrganizationConfigRuleWithContext(aws.Context, *configservice.DeleteOrganizationConfigRuleInput, ...request.Option) (*configservice.DeleteOrganizationConfigRuleOutput, error) DeleteOrganizationConfigRuleRequest(*configservice.DeleteOrganizationConfigRuleInput) (*request.Request, *configservice.DeleteOrganizationConfigRuleOutput) + DeleteOrganizationConformancePack(*configservice.DeleteOrganizationConformancePackInput) (*configservice.DeleteOrganizationConformancePackOutput, error) + DeleteOrganizationConformancePackWithContext(aws.Context, *configservice.DeleteOrganizationConformancePackInput, ...request.Option) (*configservice.DeleteOrganizationConformancePackOutput, error) + DeleteOrganizationConformancePackRequest(*configservice.DeleteOrganizationConformancePackInput) (*request.Request, *configservice.DeleteOrganizationConformancePackOutput) + DeletePendingAggregationRequest(*configservice.DeletePendingAggregationRequestInput) (*configservice.DeletePendingAggregationRequestOutput, error) DeletePendingAggregationRequestWithContext(aws.Context, *configservice.DeletePendingAggregationRequestInput, ...request.Option) (*configservice.DeletePendingAggregationRequestOutput, error) DeletePendingAggregationRequestRequest(*configservice.DeletePendingAggregationRequestInput) (*request.Request, *configservice.DeletePendingAggregationRequestOutput) @@ -156,6 +164,18 @@ type ConfigServiceAPI interface { DescribeConfigurationRecordersWithContext(aws.Context, *configservice.DescribeConfigurationRecordersInput, ...request.Option) (*configservice.DescribeConfigurationRecordersOutput, error) DescribeConfigurationRecordersRequest(*configservice.DescribeConfigurationRecordersInput) (*request.Request, *configservice.DescribeConfigurationRecordersOutput) + DescribeConformancePackCompliance(*configservice.DescribeConformancePackComplianceInput) (*configservice.DescribeConformancePackComplianceOutput, error) + DescribeConformancePackComplianceWithContext(aws.Context, *configservice.DescribeConformancePackComplianceInput, ...request.Option) (*configservice.DescribeConformancePackComplianceOutput, error) + DescribeConformancePackComplianceRequest(*configservice.DescribeConformancePackComplianceInput) (*request.Request, *configservice.DescribeConformancePackComplianceOutput) + + DescribeConformancePackStatus(*configservice.DescribeConformancePackStatusInput) (*configservice.DescribeConformancePackStatusOutput, error) + DescribeConformancePackStatusWithContext(aws.Context, *configservice.DescribeConformancePackStatusInput, ...request.Option) (*configservice.DescribeConformancePackStatusOutput, error) + DescribeConformancePackStatusRequest(*configservice.DescribeConformancePackStatusInput) (*request.Request, *configservice.DescribeConformancePackStatusOutput) + + DescribeConformancePacks(*configservice.DescribeConformancePacksInput) (*configservice.DescribeConformancePacksOutput, error) + DescribeConformancePacksWithContext(aws.Context, *configservice.DescribeConformancePacksInput, ...request.Option) (*configservice.DescribeConformancePacksOutput, error) + DescribeConformancePacksRequest(*configservice.DescribeConformancePacksInput) (*request.Request, *configservice.DescribeConformancePacksOutput) + DescribeDeliveryChannelStatus(*configservice.DescribeDeliveryChannelStatusInput) (*configservice.DescribeDeliveryChannelStatusOutput, error) DescribeDeliveryChannelStatusWithContext(aws.Context, *configservice.DescribeDeliveryChannelStatusInput, ...request.Option) (*configservice.DescribeDeliveryChannelStatusOutput, error) DescribeDeliveryChannelStatusRequest(*configservice.DescribeDeliveryChannelStatusInput) (*request.Request, *configservice.DescribeDeliveryChannelStatusOutput) @@ -172,6 +192,14 @@ type ConfigServiceAPI interface { DescribeOrganizationConfigRulesWithContext(aws.Context, *configservice.DescribeOrganizationConfigRulesInput, ...request.Option) (*configservice.DescribeOrganizationConfigRulesOutput, error) DescribeOrganizationConfigRulesRequest(*configservice.DescribeOrganizationConfigRulesInput) (*request.Request, *configservice.DescribeOrganizationConfigRulesOutput) + DescribeOrganizationConformancePackStatuses(*configservice.DescribeOrganizationConformancePackStatusesInput) (*configservice.DescribeOrganizationConformancePackStatusesOutput, error) + DescribeOrganizationConformancePackStatusesWithContext(aws.Context, *configservice.DescribeOrganizationConformancePackStatusesInput, ...request.Option) (*configservice.DescribeOrganizationConformancePackStatusesOutput, error) + DescribeOrganizationConformancePackStatusesRequest(*configservice.DescribeOrganizationConformancePackStatusesInput) (*request.Request, *configservice.DescribeOrganizationConformancePackStatusesOutput) + + DescribeOrganizationConformancePacks(*configservice.DescribeOrganizationConformancePacksInput) (*configservice.DescribeOrganizationConformancePacksOutput, error) + DescribeOrganizationConformancePacksWithContext(aws.Context, *configservice.DescribeOrganizationConformancePacksInput, ...request.Option) (*configservice.DescribeOrganizationConformancePacksOutput, error) + DescribeOrganizationConformancePacksRequest(*configservice.DescribeOrganizationConformancePacksInput) (*request.Request, *configservice.DescribeOrganizationConformancePacksOutput) + DescribePendingAggregationRequests(*configservice.DescribePendingAggregationRequestsInput) (*configservice.DescribePendingAggregationRequestsOutput, error) DescribePendingAggregationRequestsWithContext(aws.Context, *configservice.DescribePendingAggregationRequestsInput, ...request.Option) (*configservice.DescribePendingAggregationRequestsOutput, error) DescribePendingAggregationRequestsRequest(*configservice.DescribePendingAggregationRequestsInput) (*request.Request, *configservice.DescribePendingAggregationRequestsOutput) @@ -230,6 +258,14 @@ type ConfigServiceAPI interface { GetComplianceSummaryByResourceTypeWithContext(aws.Context, *configservice.GetComplianceSummaryByResourceTypeInput, ...request.Option) (*configservice.GetComplianceSummaryByResourceTypeOutput, error) GetComplianceSummaryByResourceTypeRequest(*configservice.GetComplianceSummaryByResourceTypeInput) (*request.Request, *configservice.GetComplianceSummaryByResourceTypeOutput) + GetConformancePackComplianceDetails(*configservice.GetConformancePackComplianceDetailsInput) (*configservice.GetConformancePackComplianceDetailsOutput, error) + GetConformancePackComplianceDetailsWithContext(aws.Context, *configservice.GetConformancePackComplianceDetailsInput, ...request.Option) (*configservice.GetConformancePackComplianceDetailsOutput, error) + GetConformancePackComplianceDetailsRequest(*configservice.GetConformancePackComplianceDetailsInput) (*request.Request, *configservice.GetConformancePackComplianceDetailsOutput) + + GetConformancePackComplianceSummary(*configservice.GetConformancePackComplianceSummaryInput) (*configservice.GetConformancePackComplianceSummaryOutput, error) + GetConformancePackComplianceSummaryWithContext(aws.Context, *configservice.GetConformancePackComplianceSummaryInput, ...request.Option) (*configservice.GetConformancePackComplianceSummaryOutput, error) + GetConformancePackComplianceSummaryRequest(*configservice.GetConformancePackComplianceSummaryInput) (*request.Request, *configservice.GetConformancePackComplianceSummaryOutput) + GetDiscoveredResourceCounts(*configservice.GetDiscoveredResourceCountsInput) (*configservice.GetDiscoveredResourceCountsOutput, error) GetDiscoveredResourceCountsWithContext(aws.Context, *configservice.GetDiscoveredResourceCountsInput, ...request.Option) (*configservice.GetDiscoveredResourceCountsOutput, error) GetDiscoveredResourceCountsRequest(*configservice.GetDiscoveredResourceCountsInput) (*request.Request, *configservice.GetDiscoveredResourceCountsOutput) @@ -238,6 +274,10 @@ type ConfigServiceAPI interface { GetOrganizationConfigRuleDetailedStatusWithContext(aws.Context, *configservice.GetOrganizationConfigRuleDetailedStatusInput, ...request.Option) (*configservice.GetOrganizationConfigRuleDetailedStatusOutput, error) GetOrganizationConfigRuleDetailedStatusRequest(*configservice.GetOrganizationConfigRuleDetailedStatusInput) (*request.Request, *configservice.GetOrganizationConfigRuleDetailedStatusOutput) + GetOrganizationConformancePackDetailedStatus(*configservice.GetOrganizationConformancePackDetailedStatusInput) (*configservice.GetOrganizationConformancePackDetailedStatusOutput, error) + GetOrganizationConformancePackDetailedStatusWithContext(aws.Context, *configservice.GetOrganizationConformancePackDetailedStatusInput, ...request.Option) (*configservice.GetOrganizationConformancePackDetailedStatusOutput, error) + GetOrganizationConformancePackDetailedStatusRequest(*configservice.GetOrganizationConformancePackDetailedStatusInput) (*request.Request, *configservice.GetOrganizationConformancePackDetailedStatusOutput) + GetResourceConfigHistory(*configservice.GetResourceConfigHistoryInput) (*configservice.GetResourceConfigHistoryOutput, error) GetResourceConfigHistoryWithContext(aws.Context, *configservice.GetResourceConfigHistoryInput, ...request.Option) (*configservice.GetResourceConfigHistoryOutput, error) GetResourceConfigHistoryRequest(*configservice.GetResourceConfigHistoryInput) (*request.Request, *configservice.GetResourceConfigHistoryOutput) @@ -273,6 +313,10 @@ type ConfigServiceAPI interface { PutConfigurationRecorderWithContext(aws.Context, *configservice.PutConfigurationRecorderInput, ...request.Option) (*configservice.PutConfigurationRecorderOutput, error) PutConfigurationRecorderRequest(*configservice.PutConfigurationRecorderInput) (*request.Request, *configservice.PutConfigurationRecorderOutput) + PutConformancePack(*configservice.PutConformancePackInput) (*configservice.PutConformancePackOutput, error) + PutConformancePackWithContext(aws.Context, *configservice.PutConformancePackInput, ...request.Option) (*configservice.PutConformancePackOutput, error) + PutConformancePackRequest(*configservice.PutConformancePackInput) (*request.Request, *configservice.PutConformancePackOutput) + PutDeliveryChannel(*configservice.PutDeliveryChannelInput) (*configservice.PutDeliveryChannelOutput, error) PutDeliveryChannelWithContext(aws.Context, *configservice.PutDeliveryChannelInput, ...request.Option) (*configservice.PutDeliveryChannelOutput, error) PutDeliveryChannelRequest(*configservice.PutDeliveryChannelInput) (*request.Request, *configservice.PutDeliveryChannelOutput) @@ -285,6 +329,10 @@ type ConfigServiceAPI interface { PutOrganizationConfigRuleWithContext(aws.Context, *configservice.PutOrganizationConfigRuleInput, ...request.Option) (*configservice.PutOrganizationConfigRuleOutput, error) PutOrganizationConfigRuleRequest(*configservice.PutOrganizationConfigRuleInput) (*request.Request, *configservice.PutOrganizationConfigRuleOutput) + PutOrganizationConformancePack(*configservice.PutOrganizationConformancePackInput) (*configservice.PutOrganizationConformancePackOutput, error) + PutOrganizationConformancePackWithContext(aws.Context, *configservice.PutOrganizationConformancePackInput, ...request.Option) (*configservice.PutOrganizationConformancePackOutput, error) + PutOrganizationConformancePackRequest(*configservice.PutOrganizationConformancePackInput) (*request.Request, *configservice.PutOrganizationConformancePackOutput) + PutRemediationConfigurations(*configservice.PutRemediationConfigurationsInput) (*configservice.PutRemediationConfigurationsOutput, error) PutRemediationConfigurationsWithContext(aws.Context, *configservice.PutRemediationConfigurationsInput, ...request.Option) (*configservice.PutRemediationConfigurationsOutput, error) PutRemediationConfigurationsRequest(*configservice.PutRemediationConfigurationsInput) (*request.Request, *configservice.PutRemediationConfigurationsOutput) diff --git a/service/configservice/errors.go b/service/configservice/errors.go index 7ecd56b1bd9..82989cc735b 100644 --- a/service/configservice/errors.go +++ b/service/configservice/errors.go @@ -4,6 +4,12 @@ package configservice const ( + // ErrCodeConformancePackTemplateValidationException for service response error code + // "ConformancePackTemplateValidationException". + // + // You have specified a template that is not valid or supported. + ErrCodeConformancePackTemplateValidationException = "ConformancePackTemplateValidationException" + // ErrCodeInsufficientDeliveryPolicyException for service response error code // "InsufficientDeliveryPolicyException". // @@ -21,9 +27,14 @@ const ( // * For PutConfigRule, the AWS Lambda function cannot be invoked. Check // the function ARN, and check the function's permissions. // - // * For OrganizationConfigRule, organization config rule cannot be created + // * For PutOrganizationConfigRule, organization config rule cannot be created // because you do not have permissions to call IAM GetRole action or create - // service linked role. + // a service linked role. + // + // * For PutConformancePack and PutOrganizationConformancePack, a conformance + // pack cannot be created becuase you do not have permissions: To call IAM + // GetRole action or create a service linked role. To read Amazon S3 bucket. + // To create a rule and a stack. ErrCodeInsufficientPermissionsException = "InsufficientPermissionsException" // ErrCodeInvalidConfigurationRecorderNameException for service response error code @@ -134,6 +145,13 @@ const ( // You have reached the limit of the number of recorders you can create. ErrCodeMaxNumberOfConfigurationRecordersExceededException = "MaxNumberOfConfigurationRecordersExceededException" + // ErrCodeMaxNumberOfConformancePacksExceededException for service response error code + // "MaxNumberOfConformancePacksExceededException". + // + // You have reached the limit (20) of the number of conformance packs in an + // account. + ErrCodeMaxNumberOfConformancePacksExceededException = "MaxNumberOfConformancePacksExceededException" + // ErrCodeMaxNumberOfDeliveryChannelsExceededException for service response error code // "MaxNumberOfDeliveryChannelsExceededException". // @@ -147,6 +165,13 @@ const ( // can create. ErrCodeMaxNumberOfOrganizationConfigRulesExceededException = "MaxNumberOfOrganizationConfigRulesExceededException" + // ErrCodeMaxNumberOfOrganizationConformancePacksExceededException for service response error code + // "MaxNumberOfOrganizationConformancePacksExceededException". + // + // You have reached the limit (10) of the number of organization conformance + // packs in an account. + ErrCodeMaxNumberOfOrganizationConformancePacksExceededException = "MaxNumberOfOrganizationConformancePacksExceededException" + // ErrCodeMaxNumberOfRetentionConfigurationsExceededException for service response error code // "MaxNumberOfRetentionConfigurationsExceededException". // @@ -192,6 +217,12 @@ const ( // rule names are correct and try again. ErrCodeNoSuchConfigRuleException = "NoSuchConfigRuleException" + // ErrCodeNoSuchConfigRuleInConformancePackException for service response error code + // "NoSuchConfigRuleInConformancePackException". + // + // AWS Config rule that you passed in the filter does not exist. + ErrCodeNoSuchConfigRuleInConformancePackException = "NoSuchConfigRuleInConformancePackException" + // ErrCodeNoSuchConfigurationAggregatorException for service response error code // "NoSuchConfigurationAggregatorException". // @@ -204,6 +235,12 @@ const ( // You have specified a configuration recorder that does not exist. ErrCodeNoSuchConfigurationRecorderException = "NoSuchConfigurationRecorderException" + // ErrCodeNoSuchConformancePackException for service response error code + // "NoSuchConformancePackException". + // + // You specified one or more conformance packs that do not exist. + ErrCodeNoSuchConformancePackException = "NoSuchConformancePackException" + // ErrCodeNoSuchDeliveryChannelException for service response error code // "NoSuchDeliveryChannelException". // @@ -216,6 +253,16 @@ const ( // You specified one or more organization config rules that do not exist. ErrCodeNoSuchOrganizationConfigRuleException = "NoSuchOrganizationConfigRuleException" + // ErrCodeNoSuchOrganizationConformancePackException for service response error code + // "NoSuchOrganizationConformancePackException". + // + // AWS Config organization conformance pack that you passed in the filter does + // not exist. + // + // For DeleteOrganizationConformancePack, you tried to delete an organization + // conformance pack that does not exist. + ErrCodeNoSuchOrganizationConformancePackException = "NoSuchOrganizationConformancePackException" + // ErrCodeNoSuchRemediationConfigurationException for service response error code // "NoSuchRemediationConfigurationException". // @@ -240,9 +287,9 @@ const ( // For PutConfigAggregator API, no permission to call EnableAWSServiceAccess // API. // - // For all OrganizationConfigRule APIs, AWS Config throws an exception if APIs - // are called from member accounts. All APIs must be called from organization - // master account. + // For all OrganizationConfigRule and OrganizationConformancePack APIs, AWS + // Config throws an exception if APIs are called from member accounts. All APIs + // must be called from organization master account. ErrCodeOrganizationAccessDeniedException = "OrganizationAccessDeniedException" // ErrCodeOrganizationAllFeaturesNotEnabledException for service response error code @@ -252,6 +299,12 @@ const ( // have all features enabled. ErrCodeOrganizationAllFeaturesNotEnabledException = "OrganizationAllFeaturesNotEnabledException" + // ErrCodeOrganizationConformancePackTemplateValidationException for service response error code + // "OrganizationConformancePackTemplateValidationException". + // + // You have specified a template that is not valid or supported. + ErrCodeOrganizationConformancePackTemplateValidationException = "OrganizationConformancePackTemplateValidationException" + // ErrCodeOversizedConfigurationItemException for service response error code // "OversizedConfigurationItemException". // @@ -270,14 +323,14 @@ const ( // // You see this exception in the following cases: // - // * For DeleteConfigRule API, AWS Config is deleting this rule. Try your - // request again later. + // * For DeleteConfigRule, AWS Config is deleting this rule. Try your request + // again later. // - // * For DeleteConfigRule API, the rule is deleting your evaluation results. + // * For DeleteConfigRule, the rule is deleting your evaluation results. // Try your request again later. // - // * For DeleteConfigRule API, a remediation action is associated with the - // rule and AWS Config cannot delete this rule. Delete the remediation action + // * For DeleteConfigRule, a remediation action is associated with the rule + // and AWS Config cannot delete this rule. Delete the remediation action // associated with the rule before deleting the rule and try your request // again later. // @@ -286,6 +339,13 @@ const ( // // * For DeleteOrganizationConfigRule, organization config rule creation // is in progress. Try your request again later. + // + // * For PutConformancePack and PutOrganizationConformancePack, a conformance + // pack creation, update, and deletion is in progress. Try your request again + // later. + // + // * For DeleteConformancePack, a conformance pack creation, update, and + // deletion is in progress. Try your request again later. ErrCodeResourceInUseException = "ResourceInUseException" // ErrCodeResourceNotDiscoveredException for service response error code diff --git a/service/ec2/api.go b/service/ec2/api.go index 5b501e81794..fb036c0801c 100644 --- a/service/ec2/api.go +++ b/service/ec2/api.go @@ -3493,11 +3493,10 @@ func (c *EC2) CreateCustomerGatewayRequest(input *CreateCustomerGatewayInput) (r // For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) // in the AWS Site-to-Site VPN User Guide. // -// You cannot create more than one customer gateway with the same VPN type, -// IP address, and BGP ASN parameter values. If you run an identical request -// more than one time, the first request creates the customer gateway, and subsequent -// requests return information about the existing customer gateway. The subsequent -// requests do not create new customer gateway resources. +// To create more than one customer gateway with the same VPN type, IP address, +// and BGP ASN, specify a unique device name for each customer gateway. Identical +// requests return information about the existing customer gateway and do not +// create new customer gateways. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -27115,6 +27114,86 @@ func (c *EC2) ModifyInstanceEventStartTimeWithContext(ctx aws.Context, input *Mo return out, req.Send() } +const opModifyInstanceMetadataOptions = "ModifyInstanceMetadataOptions" + +// ModifyInstanceMetadataOptionsRequest generates a "aws/request.Request" representing the +// client's request for the ModifyInstanceMetadataOptions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyInstanceMetadataOptions for more information on using the ModifyInstanceMetadataOptions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyInstanceMetadataOptionsRequest method. +// req, resp := client.ModifyInstanceMetadataOptionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceMetadataOptions +func (c *EC2) ModifyInstanceMetadataOptionsRequest(input *ModifyInstanceMetadataOptionsInput) (req *request.Request, output *ModifyInstanceMetadataOptionsOutput) { + op := &request.Operation{ + Name: opModifyInstanceMetadataOptions, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyInstanceMetadataOptionsInput{} + } + + output = &ModifyInstanceMetadataOptionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyInstanceMetadataOptions API operation for Amazon Elastic Compute Cloud. +// +// Modify the instance metadata parameters on a running or stopped instance. +// When you modify the parameters on a stopped instance, they are applied when +// the instance is started. When you modify the parameters on a running instance, +// the API responds with a state of “pending”. After the parameter modifications +// are successfully applied to the instance, the state of the modifications +// changes from “pending” to “applied” in subsequent describe-instances +// API calls. For more information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyInstanceMetadataOptions for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceMetadataOptions +func (c *EC2) ModifyInstanceMetadataOptions(input *ModifyInstanceMetadataOptionsInput) (*ModifyInstanceMetadataOptionsOutput, error) { + req, out := c.ModifyInstanceMetadataOptionsRequest(input) + return out, req.Send() +} + +// ModifyInstanceMetadataOptionsWithContext is the same as ModifyInstanceMetadataOptions with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyInstanceMetadataOptions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyInstanceMetadataOptionsWithContext(ctx aws.Context, input *ModifyInstanceMetadataOptionsInput, opts ...request.Option) (*ModifyInstanceMetadataOptionsOutput, error) { + req, out := c.ModifyInstanceMetadataOptionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyInstancePlacement = "ModifyInstancePlacement" // ModifyInstancePlacementRequest generates a "aws/request.Request" representing the @@ -39950,6 +40029,11 @@ type CreateCustomerGatewayInput struct { // The Amazon Resource Name (ARN) for the customer gateway certificate. CertificateArn *string `type:"string"` + // A name for the customer gateway device. + // + // Length Constraints: Up to 255 characters. + DeviceName *string `type:"string"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -40004,6 +40088,12 @@ func (s *CreateCustomerGatewayInput) SetCertificateArn(v string) *CreateCustomer return s } +// SetDeviceName sets the DeviceName field's value. +func (s *CreateCustomerGatewayInput) SetDeviceName(v string) *CreateCustomerGatewayInput { + s.DeviceName = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateCustomerGatewayInput) SetDryRun(v bool) *CreateCustomerGatewayInput { s.DryRun = &v @@ -45425,6 +45515,9 @@ type CustomerGateway struct { // The ID of the customer gateway. CustomerGatewayId *string `locationName:"customerGatewayId" type:"string"` + // The name of customer gateway device. + DeviceName *string `locationName:"deviceName" type:"string"` + // The Internet-routable IP address of the customer gateway's outside interface. IpAddress *string `locationName:"ipAddress" type:"string"` @@ -45467,6 +45560,12 @@ func (s *CustomerGateway) SetCustomerGatewayId(v string) *CustomerGateway { return s } +// SetDeviceName sets the DeviceName field's value. +func (s *CustomerGateway) SetDeviceName(v string) *CustomerGateway { + s.DeviceName = &v + return s +} + // SetIpAddress sets the IpAddress field's value. func (s *CustomerGateway) SetIpAddress(v string) *CustomerGateway { s.IpAddress = &v @@ -53474,9 +53573,8 @@ type DescribeInstancesInput struct { // * hypervisor - The hypervisor type of the instance (ovm | xen). // // * iam-instance-profile.arn - The instance profile associated with the - // instance. Specified as an ARN. - // - // * image-id - The ID of the image used to launch the instance. + // instance. Specified as an ARN. image-id - The ID of the image used to + // launch the instance. // // * instance-id - The ID of the instance. // @@ -53509,6 +53607,15 @@ type DescribeInstancesInput struct { // // * launch-time - The time when the instance was launched. // + // * metadata-http-tokens - The metadata request authorization state (optional + // | required) + // + // * metadata-http-put-response-hop-limit - The http metadata request put + // response hop limit (integer, possible values 1 to 64) + // + // * metadata-http-endpoint - Enable or disable metadata access on http endpoint + // (enabled | disabled) + // // * monitoring-state - Indicates whether detailed monitoring is enabled // (disabled | enabled). // @@ -60959,6 +61066,9 @@ type DescribeVpnConnectionsInput struct { // // * vpn-gateway-id - The ID of a virtual private gateway associated with // the VPN connection. + // + // * transit-gateway-id - The ID of a transit gateway associated with the + // VPN connection. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // One or more VPN connection IDs. @@ -69612,6 +69722,9 @@ type Instance struct { // The license configurations. Licenses []*LicenseConfiguration `locationName:"licenseSet" locationNameList:"item" type:"list"` + // The metadata options for the instance. + MetadataOptions *InstanceMetadataOptionsResponse `locationName:"metadataOptions" type:"structure"` + // The monitoring for the instance. Monitoring *Monitoring `locationName:"monitoring" type:"structure"` @@ -69840,6 +69953,12 @@ func (s *Instance) SetLicenses(v []*LicenseConfiguration) *Instance { return s } +// SetMetadataOptions sets the MetadataOptions field's value. +func (s *Instance) SetMetadataOptions(v *InstanceMetadataOptionsResponse) *Instance { + s.MetadataOptions = v + return s +} + // SetMonitoring sets the Monitoring field's value. func (s *Instance) SetMonitoring(v *Monitoring) *Instance { s.Monitoring = v @@ -70321,6 +70440,146 @@ func (s *InstanceMarketOptionsRequest) SetSpotOptions(v *SpotMarketOptions) *Ins return s } +// The metadata options for the instance. +type InstanceMetadataOptionsRequest struct { + _ struct{} `type:"structure"` + + // This parameter enables or disables the HTTP metadata endpoint on your instances. + // If the parameter is not specified, the default state is enabled. + // + // If you specify a value of disabled, you will not be able to access your instance + // metadata. + HttpEndpoint *string `type:"string" enum:"InstanceMetadataEndpointState"` + + // The desired HTTP PUT response hop limit for instance metadata requests. The + // larger the number, the further instance metadata requests can travel. + // + // Default: 1 + // + // Possible values: Integers from 1 to 64 + HttpPutResponseHopLimit *int64 `type:"integer"` + + // The state of token usage for your instance metadata requests. If the parameter + // is not specified in the request, the default state is optional. + // + // If the state is optional, you can choose to retrieve instance metadata with + // or without a signed token header on your request. If you retrieve the IAM + // role credentials without a token, the version 1.0 role credentials are returned. + // If you retrieve the IAM role credentials using a valid signed token, the + // version 2.0 role credentials are returned. + // + // If the state is required, you must send a signed token header with any instance + // metadata retrieval requests. In this state, retrieving the IAM role credentials + // always returns the version 2.0 credentials; the version 1.0 credentials are + // not available. + HttpTokens *string `type:"string" enum:"HttpTokensState"` +} + +// String returns the string representation +func (s InstanceMetadataOptionsRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceMetadataOptionsRequest) GoString() string { + return s.String() +} + +// SetHttpEndpoint sets the HttpEndpoint field's value. +func (s *InstanceMetadataOptionsRequest) SetHttpEndpoint(v string) *InstanceMetadataOptionsRequest { + s.HttpEndpoint = &v + return s +} + +// SetHttpPutResponseHopLimit sets the HttpPutResponseHopLimit field's value. +func (s *InstanceMetadataOptionsRequest) SetHttpPutResponseHopLimit(v int64) *InstanceMetadataOptionsRequest { + s.HttpPutResponseHopLimit = &v + return s +} + +// SetHttpTokens sets the HttpTokens field's value. +func (s *InstanceMetadataOptionsRequest) SetHttpTokens(v string) *InstanceMetadataOptionsRequest { + s.HttpTokens = &v + return s +} + +// The metadata options for the instance. +type InstanceMetadataOptionsResponse struct { + _ struct{} `type:"structure"` + + // This parameter enables or disables the HTTP metadata endpoint on your instances. + // If the parameter is not specified, the default state is enabled. + // + // If you specify a value of disabled, you will not be able to access your instance + // metadata. + HttpEndpoint *string `locationName:"httpEndpoint" type:"string" enum:"InstanceMetadataEndpointState"` + + // The desired HTTP PUT response hop limit for instance metadata requests. The + // larger the number, the further instance metadata requests can travel. + // + // Default: 1 + // + // Possible values: Integers from 1 to 64 + HttpPutResponseHopLimit *int64 `locationName:"httpPutResponseHopLimit" type:"integer"` + + // The state of token usage for your instance metadata requests. If the parameter + // is not specified in the request, the default state is optional. + // + // If the state is optional, you can choose to retrieve instance metadata with + // or without a signed token header on your request. If you retrieve the IAM + // role credentials without a token, the version 1.0 role credentials are returned. + // If you retrieve the IAM role credentials using a valid signed token, the + // version 2.0 role credentials are returned. + // + // If the state is required, you must send a signed token header with any instance + // metadata retrieval requests. In this state, retrieving the IAM role credential + // always returns the version 2.0 credentials; the version 1.0 credentials are + // not available. + HttpTokens *string `locationName:"httpTokens" type:"string" enum:"HttpTokensState"` + + // The state of the metadata option changes. + // + // pending - The metadata options are being updated and the instance is not + // ready to process metadata traffic with the new selection. + // + // applied - The metadata options have been successfully applied on the instance. + State *string `locationName:"state" type:"string" enum:"InstanceMetadataOptionsState"` +} + +// String returns the string representation +func (s InstanceMetadataOptionsResponse) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceMetadataOptionsResponse) GoString() string { + return s.String() +} + +// SetHttpEndpoint sets the HttpEndpoint field's value. +func (s *InstanceMetadataOptionsResponse) SetHttpEndpoint(v string) *InstanceMetadataOptionsResponse { + s.HttpEndpoint = &v + return s +} + +// SetHttpPutResponseHopLimit sets the HttpPutResponseHopLimit field's value. +func (s *InstanceMetadataOptionsResponse) SetHttpPutResponseHopLimit(v int64) *InstanceMetadataOptionsResponse { + s.HttpPutResponseHopLimit = &v + return s +} + +// SetHttpTokens sets the HttpTokens field's value. +func (s *InstanceMetadataOptionsResponse) SetHttpTokens(v string) *InstanceMetadataOptionsResponse { + s.HttpTokens = &v + return s +} + +// SetState sets the State field's value. +func (s *InstanceMetadataOptionsResponse) SetState(v string) *InstanceMetadataOptionsResponse { + s.State = &v + return s +} + // Describes the monitoring of an instance. type InstanceMonitoring struct { _ struct{} `type:"structure"` @@ -75232,6 +75491,135 @@ func (s *ModifyInstanceEventStartTimeOutput) SetEvent(v *InstanceStatusEvent) *M return s } +type ModifyInstanceMetadataOptionsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // This parameter enables or disables the HTTP metadata endpoint on your instances. + // If the parameter is not specified, the existing state is maintained. + // + // If you specify a value of disabled, you will not be able to access your instance + // metadata. + HttpEndpoint *string `type:"string" enum:"InstanceMetadataEndpointState"` + + // The desired HTTP PUT response hop limit for instance metadata requests. The + // larger the number, the further instance metadata requests can travel. If + // no parameter is specified, the existing state is maintained. + // + // Possible values: Integers from 1 to 64 + HttpPutResponseHopLimit *int64 `type:"integer"` + + // The state of token usage for your instance metadata requests. If the parameter + // is not specified in the request, the default state is optional. + // + // If the state is optional, you can choose to retrieve instance metadata with + // or without a signed token header on your request. If you retrieve the IAM + // role credentials without a token, the version 1.0 role credentials are returned. + // If you retrieve the IAM role credentials using a valid signed token, the + // version 2.0 role credentials are returned. + // + // If the state is required, you must send a signed token header with any instance + // metadata retrieval requests. In this state, retrieving the IAM role credential + // always returns the version 2.0 credentials; the version 1.0 credentials are + // not available. + HttpTokens *string `type:"string" enum:"HttpTokensState"` + + // The ID of the instance. + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyInstanceMetadataOptionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyInstanceMetadataOptionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyInstanceMetadataOptionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyInstanceMetadataOptionsInput"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetDryRun(v bool) *ModifyInstanceMetadataOptionsInput { + s.DryRun = &v + return s +} + +// SetHttpEndpoint sets the HttpEndpoint field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetHttpEndpoint(v string) *ModifyInstanceMetadataOptionsInput { + s.HttpEndpoint = &v + return s +} + +// SetHttpPutResponseHopLimit sets the HttpPutResponseHopLimit field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetHttpPutResponseHopLimit(v int64) *ModifyInstanceMetadataOptionsInput { + s.HttpPutResponseHopLimit = &v + return s +} + +// SetHttpTokens sets the HttpTokens field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetHttpTokens(v string) *ModifyInstanceMetadataOptionsInput { + s.HttpTokens = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetInstanceId(v string) *ModifyInstanceMetadataOptionsInput { + s.InstanceId = &v + return s +} + +type ModifyInstanceMetadataOptionsOutput struct { + _ struct{} `type:"structure"` + + // The ID of the instance. + InstanceId *string `locationName:"instanceId" type:"string"` + + // The metadata options for the instance. + InstanceMetadataOptions *InstanceMetadataOptionsResponse `locationName:"instanceMetadataOptions" type:"structure"` +} + +// String returns the string representation +func (s ModifyInstanceMetadataOptionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyInstanceMetadataOptionsOutput) GoString() string { + return s.String() +} + +// SetInstanceId sets the InstanceId field's value. +func (s *ModifyInstanceMetadataOptionsOutput) SetInstanceId(v string) *ModifyInstanceMetadataOptionsOutput { + s.InstanceId = &v + return s +} + +// SetInstanceMetadataOptions sets the InstanceMetadataOptions field's value. +func (s *ModifyInstanceMetadataOptionsOutput) SetInstanceMetadataOptions(v *InstanceMetadataOptionsResponse) *ModifyInstanceMetadataOptionsOutput { + s.InstanceMetadataOptions = v + return s +} + type ModifyInstancePlacementInput struct { _ struct{} `type:"structure"` @@ -85732,6 +86120,10 @@ type RunInstancesInput struct { // MaxCount is a required field MaxCount *int64 `type:"integer" required:"true"` + // The metadata options for the instance. For more information, see Instance + // Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). + MetadataOptions *InstanceMetadataOptionsRequest `type:"structure"` + // The minimum number of instances to launch. If you specify a minimum that // is more instances than Amazon EC2 can launch in the target Availability Zone, // Amazon EC2 launches no instances. @@ -86014,6 +86406,12 @@ func (s *RunInstancesInput) SetMaxCount(v int64) *RunInstancesInput { return s } +// SetMetadataOptions sets the MetadataOptions field's value. +func (s *RunInstancesInput) SetMetadataOptions(v *InstanceMetadataOptionsRequest) *RunInstancesInput { + s.MetadataOptions = v + return s +} + // SetMinCount sets the MinCount field's value. func (s *RunInstancesInput) SetMinCount(v int64) *RunInstancesInput { s.MinCount = &v @@ -96473,6 +96871,14 @@ const ( HostTenancyHost = "host" ) +const ( + // HttpTokensStateOptional is a HttpTokensState enum value + HttpTokensStateOptional = "optional" + + // HttpTokensStateRequired is a HttpTokensState enum value + HttpTokensStateRequired = "required" +) + const ( // HypervisorTypeOvm is a HypervisorType enum value HypervisorTypeOvm = "ovm" @@ -96639,6 +97045,22 @@ const ( InstanceMatchCriteriaTargeted = "targeted" ) +const ( + // InstanceMetadataEndpointStateDisabled is a InstanceMetadataEndpointState enum value + InstanceMetadataEndpointStateDisabled = "disabled" + + // InstanceMetadataEndpointStateEnabled is a InstanceMetadataEndpointState enum value + InstanceMetadataEndpointStateEnabled = "enabled" +) + +const ( + // InstanceMetadataOptionsStatePending is a InstanceMetadataOptionsState enum value + InstanceMetadataOptionsStatePending = "pending" + + // InstanceMetadataOptionsStateApplied is a InstanceMetadataOptionsState enum value + InstanceMetadataOptionsStateApplied = "applied" +) + const ( // InstanceStateNamePending is a InstanceStateName enum value InstanceStateNamePending = "pending" diff --git a/service/ec2/ec2iface/interface.go b/service/ec2/ec2iface/interface.go index fc80e669c11..b0afb065b16 100644 --- a/service/ec2/ec2iface/interface.go +++ b/service/ec2/ec2iface/interface.go @@ -1421,6 +1421,10 @@ type EC2API interface { ModifyInstanceEventStartTimeWithContext(aws.Context, *ec2.ModifyInstanceEventStartTimeInput, ...request.Option) (*ec2.ModifyInstanceEventStartTimeOutput, error) ModifyInstanceEventStartTimeRequest(*ec2.ModifyInstanceEventStartTimeInput) (*request.Request, *ec2.ModifyInstanceEventStartTimeOutput) + ModifyInstanceMetadataOptions(*ec2.ModifyInstanceMetadataOptionsInput) (*ec2.ModifyInstanceMetadataOptionsOutput, error) + ModifyInstanceMetadataOptionsWithContext(aws.Context, *ec2.ModifyInstanceMetadataOptionsInput, ...request.Option) (*ec2.ModifyInstanceMetadataOptionsOutput, error) + ModifyInstanceMetadataOptionsRequest(*ec2.ModifyInstanceMetadataOptionsInput) (*request.Request, *ec2.ModifyInstanceMetadataOptionsOutput) + ModifyInstancePlacement(*ec2.ModifyInstancePlacementInput) (*ec2.ModifyInstancePlacementOutput, error) ModifyInstancePlacementWithContext(aws.Context, *ec2.ModifyInstancePlacementInput, ...request.Option) (*ec2.ModifyInstancePlacementOutput, error) ModifyInstancePlacementRequest(*ec2.ModifyInstancePlacementInput) (*request.Request, *ec2.ModifyInstancePlacementOutput) diff --git a/service/elbv2/api.go b/service/elbv2/api.go index 1a3207f85b9..10febdf4a22 100644 --- a/service/elbv2/api.go +++ b/service/elbv2/api.go @@ -320,6 +320,11 @@ func (c *ELBV2) CreateListenerRequest(input *CreateListenerInput) (req *request. // * ErrCodeInvalidLoadBalancerActionException "InvalidLoadBalancerAction" // The requested action is not valid. // +// * ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException "TooManyUniqueTargetGroupsPerLoadBalancer" +// You've reached the limit on the number of unique target groups per load balancer +// across all listeners. If a target group is used by multiple actions for a +// load balancer, it is counted as only one use. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateListener func (c *ELBV2) CreateListener(input *CreateListenerInput) (*CreateListenerOutput, error) { req, out := c.CreateListenerRequest(input) @@ -583,6 +588,11 @@ func (c *ELBV2) CreateRuleRequest(input *CreateRuleInput) (req *request.Request, // * ErrCodeInvalidLoadBalancerActionException "InvalidLoadBalancerAction" // The requested action is not valid. // +// * ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException "TooManyUniqueTargetGroupsPerLoadBalancer" +// You've reached the limit on the number of unique target groups per load balancer +// across all listeners. If a target group is used by multiple actions for a +// load balancer, it is counted as only one use. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateRule func (c *ELBV2) CreateRule(input *CreateRuleInput) (*CreateRuleOutput, error) { req, out := c.CreateRuleRequest(input) @@ -2297,14 +2307,18 @@ func (c *ELBV2) ModifyListenerRequest(input *ModifyListenerInput) (req *request. // ModifyListener API operation for Elastic Load Balancing. // -// Modifies the specified properties of the specified listener. +// Replaces the specified properties of the specified listener. Any properties +// that you do not specify remain unchanged. // -// Any properties that you do not specify retain their current values. However, -// changing the protocol from HTTPS to HTTP, or from TLS to TCP, removes the +// Changing the protocol from HTTPS to HTTP, or from TLS to TCP, removes the // security policy and default certificate properties. If you change the protocol // from HTTP to HTTPS, or from TCP to TLS, you must add the security policy // and default certificate properties. // +// To add an item to a list, remove an item from a list, or update an item in +// a list, you must provide the entire list. For example, to add an action, +// specify a list with the current actions plus the new action. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -2359,6 +2373,11 @@ func (c *ELBV2) ModifyListenerRequest(input *ModifyListenerInput) (req *request. // * ErrCodeInvalidLoadBalancerActionException "InvalidLoadBalancerAction" // The requested action is not valid. // +// * ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException "TooManyUniqueTargetGroupsPerLoadBalancer" +// You've reached the limit on the number of unique target groups per load balancer +// across all listeners. If a target group is used by multiple actions for a +// load balancer, it is counted as only one use. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/ModifyListener func (c *ELBV2) ModifyListener(input *ModifyListenerInput) (*ModifyListenerOutput, error) { req, out := c.ModifyListenerRequest(input) @@ -2512,9 +2531,12 @@ func (c *ELBV2) ModifyRuleRequest(input *ModifyRuleInput) (req *request.Request, // ModifyRule API operation for Elastic Load Balancing. // -// Modifies the specified rule. +// Replaces the specified properties of the specified rule. Any properties that +// you do not specify are unchanged. // -// Any existing properties that you do not modify retain their current values. +// To add an item to a list, remove an item from a list, or update an item in +// a list, you must provide the entire list. For example, to add an action, +// specify a list with the current actions plus the new action. // // To modify the actions for the default rule, use ModifyListener. // @@ -2557,6 +2579,11 @@ func (c *ELBV2) ModifyRuleRequest(input *ModifyRuleInput) (req *request.Request, // * ErrCodeInvalidLoadBalancerActionException "InvalidLoadBalancerAction" // The requested action is not valid. // +// * ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException "TooManyUniqueTargetGroupsPerLoadBalancer" +// You've reached the limit on the number of unique target groups per load balancer +// across all listeners. If a target group is used by multiple actions for a +// load balancer, it is counted as only one use. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/ModifyRule func (c *ELBV2) ModifyRule(input *ModifyRuleInput) (*ModifyRuleOutput, error) { req, out := c.ModifyRuleRequest(input) @@ -3413,6 +3440,13 @@ type Action struct { // a custom HTTP response. Specify only when Type is fixed-response. FixedResponseConfig *FixedResponseActionConfig `type:"structure"` + // Information for creating an action that distributes requests among one or + // more target groups. For Network Load Balancers, you can specify a single + // target group. Specify only when Type is forward. If you specify both ForwardConfig + // and TargetGroupArn, you can specify only one target group using ForwardConfig + // and it must be the same target group specified in TargetGroupArn. + ForwardConfig *ForwardActionConfig `type:"structure"` + // The order for the action. This value is required for rules with multiple // actions. The action with the lowest value for order is performed first. The // last action to be performed must be one of the following types of actions: @@ -3424,7 +3458,8 @@ type Action struct { RedirectConfig *RedirectActionConfig `type:"structure"` // The Amazon Resource Name (ARN) of the target group. Specify only when Type - // is forward. + // is forward and you want to route to a single target group. To route to one + // or more target groups, use ForwardConfig instead. TargetGroupArn *string `type:"string"` // The type of action. @@ -3497,6 +3532,12 @@ func (s *Action) SetFixedResponseConfig(v *FixedResponseActionConfig) *Action { return s } +// SetForwardConfig sets the ForwardConfig field's value. +func (s *Action) SetForwardConfig(v *ForwardActionConfig) *Action { + s.ForwardConfig = v + return s +} + // SetOrder sets the Order field's value. func (s *Action) SetOrder(v int64) *Action { s.Order = &v @@ -4110,10 +4151,10 @@ type CreateListenerInput struct { // The actions for the default rule. The rule must include one forward action // or one or more fixed-response actions. // - // If the action type is forward, you specify a target group. The protocol of - // the target group must be HTTP or HTTPS for an Application Load Balancer. - // The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a - // Network Load Balancer. + // If the action type is forward, you specify one or more target groups. The + // protocol of the target group must be HTTP or HTTPS for an Application Load + // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP + // for a Network Load Balancer. // // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate // users through an identity provider that is OpenID Connect (OIDC) compliant. @@ -4434,10 +4475,10 @@ type CreateRuleInput struct { // actions: forward, fixed-response, or redirect, and it must be the last action // to be performed. // - // If the action type is forward, you specify a target group. The protocol of - // the target group must be HTTP or HTTPS for an Application Load Balancer. - // The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a - // Network Load Balancer. + // If the action type is forward, you specify one or more target groups. The + // protocol of the target group must be HTTP or HTTPS for an Application Load + // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP + // for a Network Load Balancer. // // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate // users through an identity provider that is OpenID Connect (OIDC) compliant. @@ -6082,6 +6123,40 @@ func (s *FixedResponseActionConfig) SetStatusCode(v string) *FixedResponseAction return s } +// Information about a forward action. +type ForwardActionConfig struct { + _ struct{} `type:"structure"` + + // The target group stickiness for the rule. + TargetGroupStickinessConfig *TargetGroupStickinessConfig `type:"structure"` + + // One or more target groups. For Network Load Balancers, you can specify a + // single target group. + TargetGroups []*TargetGroupTuple `type:"list"` +} + +// String returns the string representation +func (s ForwardActionConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ForwardActionConfig) GoString() string { + return s.String() +} + +// SetTargetGroupStickinessConfig sets the TargetGroupStickinessConfig field's value. +func (s *ForwardActionConfig) SetTargetGroupStickinessConfig(v *TargetGroupStickinessConfig) *ForwardActionConfig { + s.TargetGroupStickinessConfig = v + return s +} + +// SetTargetGroups sets the TargetGroups field's value. +func (s *ForwardActionConfig) SetTargetGroups(v []*TargetGroupTuple) *ForwardActionConfig { + s.TargetGroups = v + return s +} + // Information about a host header condition. type HostHeaderConditionConfig struct { _ struct{} `type:"structure"` @@ -6219,6 +6294,12 @@ type Limit struct { // // * target-groups // + // * target-groups-per-action-on-application-load-balancer + // + // * target-groups-per-action-on-network-load-balancer + // + // * target-groups-per-application-load-balancer + // // * targets-per-application-load-balancer // // * targets-per-availability-zone-per-network-load-balancer @@ -6654,10 +6735,10 @@ type ModifyListenerInput struct { // The actions for the default rule. The rule must include one forward action // or one or more fixed-response actions. // - // If the action type is forward, you specify a target group. The protocol of - // the target group must be HTTP or HTTPS for an Application Load Balancer. - // The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a - // Network Load Balancer. + // If the action type is forward, you specify one or more target groups. The + // protocol of the target group must be HTTP or HTTPS for an Application Load + // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP + // for a Network Load Balancer. // // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate // users through an identity provider that is OpenID Connect (OIDC) compliant. @@ -6868,10 +6949,10 @@ type ModifyRuleInput struct { // actions: forward, fixed-response, or redirect, and it must be the last action // to be performed. // - // If the action type is forward, you specify a target group. The protocol of - // the target group must be HTTP or HTTPS for an Application Load Balancer. - // The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP for a - // Network Load Balancer. + // If the action type is forward, you specify one or more target groups. The + // protocol of the target group must be HTTP or HTTPS for an Application Load + // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP + // for a Network Load Balancer. // // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate // users through an identity provider that is OpenID Connect (OIDC) compliant. @@ -8720,6 +8801,74 @@ func (s *TargetGroupAttribute) SetValue(v string) *TargetGroupAttribute { return s } +// Information about the target group stickiness for a rule. +type TargetGroupStickinessConfig struct { + _ struct{} `type:"structure"` + + // The time period, in seconds, during which requests from a client should be + // routed to the same target group. The range is 1-604800 seconds (7 days). + DurationSeconds *int64 `type:"integer"` + + // Indicates whether target group stickiness is enabled. + Enabled *bool `type:"boolean"` +} + +// String returns the string representation +func (s TargetGroupStickinessConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TargetGroupStickinessConfig) GoString() string { + return s.String() +} + +// SetDurationSeconds sets the DurationSeconds field's value. +func (s *TargetGroupStickinessConfig) SetDurationSeconds(v int64) *TargetGroupStickinessConfig { + s.DurationSeconds = &v + return s +} + +// SetEnabled sets the Enabled field's value. +func (s *TargetGroupStickinessConfig) SetEnabled(v bool) *TargetGroupStickinessConfig { + s.Enabled = &v + return s +} + +// Information about how traffic will be distributed between multiple target +// groups in a forward rule. +type TargetGroupTuple struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the target group. + TargetGroupArn *string `type:"string"` + + // The weight. The range is 0 to 999. + Weight *int64 `type:"integer"` +} + +// String returns the string representation +func (s TargetGroupTuple) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TargetGroupTuple) GoString() string { + return s.String() +} + +// SetTargetGroupArn sets the TargetGroupArn field's value. +func (s *TargetGroupTuple) SetTargetGroupArn(v string) *TargetGroupTuple { + s.TargetGroupArn = &v + return s +} + +// SetWeight sets the Weight field's value. +func (s *TargetGroupTuple) SetWeight(v int64) *TargetGroupTuple { + s.Weight = &v + return s +} + // Information about the current health of a target. type TargetHealth struct { _ struct{} `type:"structure"` diff --git a/service/elbv2/errors.go b/service/elbv2/errors.go index b813ebeff7a..fa10830ff9c 100644 --- a/service/elbv2/errors.go +++ b/service/elbv2/errors.go @@ -211,6 +211,14 @@ const ( // You've reached the limit on the number of targets. ErrCodeTooManyTargetsException = "TooManyTargets" + // ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException for service response error code + // "TooManyUniqueTargetGroupsPerLoadBalancer". + // + // You've reached the limit on the number of unique target groups per load balancer + // across all listeners. If a target group is used by multiple actions for a + // load balancer, it is counted as only one use. + ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException = "TooManyUniqueTargetGroupsPerLoadBalancer" + // ErrCodeUnsupportedProtocolException for service response error code // "UnsupportedProtocol". // diff --git a/service/elbv2/examples_test.go b/service/elbv2/examples_test.go index 4810b427cbd..6a723708eaf 100644 --- a/service/elbv2/examples_test.go +++ b/service/elbv2/examples_test.go @@ -124,6 +124,8 @@ func ExampleELBV2_CreateListener_shared00() { fmt.Println(elbv2.ErrCodeTooManyActionsException, aerr.Error()) case elbv2.ErrCodeInvalidLoadBalancerActionException: fmt.Println(elbv2.ErrCodeInvalidLoadBalancerActionException, aerr.Error()) + case elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException: + fmt.Println(elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException, aerr.Error()) default: fmt.Println(aerr.Error()) } @@ -200,6 +202,8 @@ func ExampleELBV2_CreateListener_shared01() { fmt.Println(elbv2.ErrCodeTooManyActionsException, aerr.Error()) case elbv2.ErrCodeInvalidLoadBalancerActionException: fmt.Println(elbv2.ErrCodeInvalidLoadBalancerActionException, aerr.Error()) + case elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException: + fmt.Println(elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException, aerr.Error()) default: fmt.Println(aerr.Error()) } @@ -386,6 +390,8 @@ func ExampleELBV2_CreateRule_shared00() { fmt.Println(elbv2.ErrCodeTooManyActionsException, aerr.Error()) case elbv2.ErrCodeInvalidLoadBalancerActionException: fmt.Println(elbv2.ErrCodeInvalidLoadBalancerActionException, aerr.Error()) + case elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException: + fmt.Println(elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException, aerr.Error()) default: fmt.Println(aerr.Error()) } @@ -978,6 +984,8 @@ func ExampleELBV2_ModifyListener_shared00() { fmt.Println(elbv2.ErrCodeTooManyActionsException, aerr.Error()) case elbv2.ErrCodeInvalidLoadBalancerActionException: fmt.Println(elbv2.ErrCodeInvalidLoadBalancerActionException, aerr.Error()) + case elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException: + fmt.Println(elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException, aerr.Error()) default: fmt.Println(aerr.Error()) } @@ -1040,6 +1048,8 @@ func ExampleELBV2_ModifyListener_shared01() { fmt.Println(elbv2.ErrCodeTooManyActionsException, aerr.Error()) case elbv2.ErrCodeInvalidLoadBalancerActionException: fmt.Println(elbv2.ErrCodeInvalidLoadBalancerActionException, aerr.Error()) + case elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException: + fmt.Println(elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException, aerr.Error()) default: fmt.Println(aerr.Error()) } @@ -1216,6 +1226,8 @@ func ExampleELBV2_ModifyRule_shared00() { fmt.Println(elbv2.ErrCodeTooManyActionsException, aerr.Error()) case elbv2.ErrCodeInvalidLoadBalancerActionException: fmt.Println(elbv2.ErrCodeInvalidLoadBalancerActionException, aerr.Error()) + case elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException: + fmt.Println(elbv2.ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException, aerr.Error()) default: fmt.Println(aerr.Error()) } diff --git a/service/iam/api.go b/service/iam/api.go index 353421f0817..3da022c9e1c 100644 --- a/service/iam/api.go +++ b/service/iam/api.go @@ -16214,7 +16214,7 @@ func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryType(v string) *Atta // // For more information about managed policies, refer to Managed Policies and // Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. +// in the IAM User Guide. type AttachedPolicy struct { _ struct{} `type:"structure"` @@ -19981,7 +19981,7 @@ type EntityInfo struct { // The path to the entity (user or role). For more information about paths, // see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. Path *string `min:"1" type:"string"` // The type of entity (user or role). @@ -22884,7 +22884,7 @@ type Group struct { // The Amazon Resource Name (ARN) specifying the group. For more information // about ARNs and how to use them in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // Arn is a required field Arn *string `min:"20" type:"string" required:"true"` @@ -22897,7 +22897,7 @@ type Group struct { // The stable and unique string identifying the group. For more information // about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // GroupId is a required field GroupId *string `min:"16" type:"string" required:"true"` @@ -22909,7 +22909,7 @@ type Group struct { // The path to the group. For more information about paths, see IAM Identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // Path is a required field Path *string `min:"1" type:"string" required:"true"` @@ -22978,7 +22978,7 @@ type GroupDetail struct { // The stable and unique string identifying the group. For more information // about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. GroupId *string `min:"16" type:"string"` // The friendly name that identifies the group. @@ -22989,7 +22989,7 @@ type GroupDetail struct { // The path to the group. For more information about paths, see IAM Identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. Path *string `min:"1" type:"string"` } @@ -23062,7 +23062,7 @@ type InstanceProfile struct { // The Amazon Resource Name (ARN) specifying the instance profile. For more // information about ARNs and how to use them in policies, see IAM Identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // Arn is a required field Arn *string `min:"20" type:"string" required:"true"` @@ -23074,7 +23074,7 @@ type InstanceProfile struct { // The stable and unique string identifying the instance profile. For more information // about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // InstanceProfileId is a required field InstanceProfileId *string `min:"16" type:"string" required:"true"` @@ -23086,7 +23086,7 @@ type InstanceProfile struct { // The path to the instance profile. For more information about paths, see IAM // Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // Path is a required field Path *string `min:"1" type:"string" required:"true"` @@ -26821,7 +26821,7 @@ func (s *MFADevice) SetUserName(v string) *MFADevice { // // For more information about managed policies, see Managed Policies and Inline // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. +// in the IAM User Guide. type ManagedPolicyDetail struct { _ struct{} `type:"structure"` @@ -26845,7 +26845,7 @@ type ManagedPolicyDetail struct { // // For more information about policy versions, see Versioning for Managed Policies // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) - // in the Using IAM guide. + // in the IAM User Guide. DefaultVersionId *string `type:"string"` // A friendly description of the policy. @@ -26857,7 +26857,7 @@ type ManagedPolicyDetail struct { // The path to the policy. // // For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. Path *string `min:"1" type:"string"` // The number of entities (users and roles) for which the policy is used as @@ -26871,7 +26871,7 @@ type ManagedPolicyDetail struct { // The stable and unique string identifying the policy. // // For more information about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. PolicyId *string `min:"16" type:"string"` // The friendly name (not ARN) identifying the policy. @@ -27145,7 +27145,7 @@ func (s *PasswordPolicy) SetRequireUppercaseCharacters(v bool) *PasswordPolicy { // // For more information about managed policies, refer to Managed Policies and // Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. +// in the IAM User Guide. type Policy struct { _ struct{} `type:"structure"` @@ -27179,7 +27179,7 @@ type Policy struct { // The path to the policy. // // For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. Path *string `min:"1" type:"string"` // The number of entities (users and roles) for which the policy is used to @@ -27193,7 +27193,7 @@ type Policy struct { // The stable and unique string identifying the policy. // // For more information about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. PolicyId *string `min:"16" type:"string"` // The friendly name (not ARN) identifying the policy. @@ -27411,7 +27411,7 @@ func (s *PolicyGrantingServiceAccess) SetPolicyType(v string) *PolicyGrantingSer // // For more information about managed policies, refer to Managed Policies and // Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. +// in the IAM User Guide. type PolicyGroup struct { _ struct{} `type:"structure"` @@ -27453,7 +27453,7 @@ func (s *PolicyGroup) SetGroupName(v string) *PolicyGroup { // // For more information about managed policies, refer to Managed Policies and // Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. +// in the IAM User Guide. type PolicyRole struct { _ struct{} `type:"structure"` @@ -27495,7 +27495,7 @@ func (s *PolicyRole) SetRoleName(v string) *PolicyRole { // // For more information about managed policies, refer to Managed Policies and // Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. +// in the IAM User Guide. type PolicyUser struct { _ struct{} `type:"structure"` @@ -27538,7 +27538,7 @@ func (s *PolicyUser) SetUserName(v string) *PolicyUser { // // For more information about managed policies, refer to Managed Policies and // Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. +// in the IAM User Guide. type PolicyVersion struct { _ struct{} `type:"structure"` @@ -28691,7 +28691,7 @@ type Role struct { // The path to the role. For more information about paths, see IAM Identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // Path is a required field Path *string `min:"1" type:"string" required:"true"` @@ -28705,11 +28705,20 @@ type Role struct { // The stable and unique string identifying the role. For more information about // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // RoleId is a required field RoleId *string `min:"16" type:"string" required:"true"` + // Contains information about the last time that an IAM role was used. This + // includes the date and time and the Region in which the role was last used. + // Activity is only reported for the trailing 400 days. This period can be shorter + // if your Region began supporting these features within the last year. The + // role might have been used more than 400 days ago. For more information, see + // Regions Where Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) + // in the IAM User Guide. + RoleLastUsed *RoleLastUsed `type:"structure"` + // The friendly name that identifies the role. // // RoleName is a required field @@ -28779,6 +28788,12 @@ func (s *Role) SetRoleId(v string) *Role { return s } +// SetRoleLastUsed sets the RoleLastUsed field's value. +func (s *Role) SetRoleLastUsed(v *RoleLastUsed) *Role { + s.RoleLastUsed = v + return s +} + // SetRoleName sets the RoleName field's value. func (s *Role) SetRoleName(v string) *Role { s.RoleName = &v @@ -28821,7 +28836,7 @@ type RoleDetail struct { // The path to the role. For more information about paths, see IAM Identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. Path *string `min:"1" type:"string"` // The ARN of the policy used to set the permissions boundary for the role. @@ -28833,9 +28848,18 @@ type RoleDetail struct { // The stable and unique string identifying the role. For more information about // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. RoleId *string `min:"16" type:"string"` + // Contains information about the last time that an IAM role was used. This + // includes the date and time and the Region in which the role was last used. + // Activity is only reported for the trailing 400 days. This period can be shorter + // if your Region began supporting these features within the last year. The + // role might have been used more than 400 days ago. For more information, see + // Regions Where Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) + // in the IAM User Guide. + RoleLastUsed *RoleLastUsed `type:"structure"` + // The friendly name that identifies the role. RoleName *string `min:"1" type:"string"` @@ -28907,6 +28931,12 @@ func (s *RoleDetail) SetRoleId(v string) *RoleDetail { return s } +// SetRoleLastUsed sets the RoleLastUsed field's value. +func (s *RoleDetail) SetRoleLastUsed(v *RoleLastUsed) *RoleDetail { + s.RoleLastUsed = v + return s +} + // SetRoleName sets the RoleName field's value. func (s *RoleDetail) SetRoleName(v string) *RoleDetail { s.RoleName = &v @@ -28925,6 +28955,54 @@ func (s *RoleDetail) SetTags(v []*Tag) *RoleDetail { return s } +// Contains information about the last time that an IAM role was used. This +// includes the date and time and the Region in which the role was last used. +// Activity is only reported for the trailing 400 days. This period can be shorter +// if your Region began supporting these features within the last year. The +// role might have been used more than 400 days ago. For more information, see +// Regions Where Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) +// in the IAM User Guide. +// +// This data type is returned as a response element in the GetRole and GetAccountAuthorizationDetails +// operations. +type RoleLastUsed struct { + _ struct{} `type:"structure"` + + // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601) + // that the role was last used. + // + // This field is null if the role has not been used within the IAM tracking + // period. For more information about the tracking period, see Regions Where + // Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) + // in the IAM User Guide. + LastUsedDate *time.Time `type:"timestamp"` + + // The name of the AWS Region in which the role was last used. + Region *string `type:"string"` +} + +// String returns the string representation +func (s RoleLastUsed) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RoleLastUsed) GoString() string { + return s.String() +} + +// SetLastUsedDate sets the LastUsedDate field's value. +func (s *RoleLastUsed) SetLastUsedDate(v time.Time) *RoleLastUsed { + s.LastUsedDate = &v + return s +} + +// SetRegion sets the Region field's value. +func (s *RoleLastUsed) SetRegion(v string) *RoleLastUsed { + s.Region = &v + return s +} + // An object that contains details about how a service-linked role is used, // if that information is returned by the service. // @@ -29214,7 +29292,7 @@ type ServerCertificateMetadata struct { // The Amazon Resource Name (ARN) specifying the server certificate. For more // information about ARNs and how to use them in policies, see IAM Identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // Arn is a required field Arn *string `min:"20" type:"string" required:"true"` @@ -29224,14 +29302,14 @@ type ServerCertificateMetadata struct { // The path to the server certificate. For more information about paths, see // IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // Path is a required field Path *string `min:"1" type:"string" required:"true"` // The stable and unique string identifying the server certificate. For more // information about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // ServerCertificateId is a required field ServerCertificateId *string `min:"16" type:"string" required:"true"` @@ -32544,7 +32622,7 @@ type User struct { // The Amazon Resource Name (ARN) that identifies the user. For more information // about ARNs and how to use ARNs in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // Arn is a required field Arn *string `min:"20" type:"string" required:"true"` @@ -32559,7 +32637,7 @@ type User struct { // when the user's password was last used to sign in to an AWS website. For // a list of AWS websites that capture a user's last sign-in time, see the Credential // Reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) - // topic in the Using IAM guide. If a password is used more than once in a five-minute + // topic in the IAM User Guide. If a password is used more than once in a five-minute // span, only the first use is returned in this field. If the field is null // (no value), then it indicates that they never signed in with a password. // This can be because: @@ -32570,7 +32648,7 @@ type User struct { // information on October 20, 2014. // // A null value does not mean that the user never had a password. Also, if the - // user does not currently have a password, but had one in the past, then this + // user does not currently have a password but had one in the past, then this // field contains the date and time the most recent password was used. // // This value is returned only in the GetUser and ListUsers operations. @@ -32578,7 +32656,7 @@ type User struct { // The path to the user. For more information about paths, see IAM Identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // Path is a required field Path *string `min:"1" type:"string" required:"true"` @@ -32597,7 +32675,7 @@ type User struct { // The stable and unique string identifying the user. For more information about // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. // // UserId is a required field UserId *string `min:"16" type:"string" required:"true"` @@ -32693,7 +32771,7 @@ type UserDetail struct { // The path to the user. For more information about paths, see IAM Identifiers // (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. Path *string `min:"1" type:"string"` // The ARN of the policy used to set the permissions boundary for the user. @@ -32710,7 +32788,7 @@ type UserDetail struct { // The stable and unique string identifying the user. For more information about // IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. + // in the IAM User Guide. UserId *string `min:"16" type:"string"` // The friendly name identifying the user. diff --git a/service/iot/api.go b/service/iot/api.go index 1632b7b9cc8..bafe804d83b 100644 --- a/service/iot/api.go +++ b/service/iot/api.go @@ -1324,6 +1324,99 @@ func (c *IoT) ClearDefaultAuthorizerWithContext(ctx aws.Context, input *ClearDef return out, req.Send() } +const opConfirmTopicRuleDestination = "ConfirmTopicRuleDestination" + +// ConfirmTopicRuleDestinationRequest generates a "aws/request.Request" representing the +// client's request for the ConfirmTopicRuleDestination operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ConfirmTopicRuleDestination for more information on using the ConfirmTopicRuleDestination +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ConfirmTopicRuleDestinationRequest method. +// req, resp := client.ConfirmTopicRuleDestinationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +func (c *IoT) ConfirmTopicRuleDestinationRequest(input *ConfirmTopicRuleDestinationInput) (req *request.Request, output *ConfirmTopicRuleDestinationOutput) { + op := &request.Operation{ + Name: opConfirmTopicRuleDestination, + HTTPMethod: "GET", + HTTPPath: "/confirmdestination/{confirmationToken+}", + } + + if input == nil { + input = &ConfirmTopicRuleDestinationInput{} + } + + output = &ConfirmTopicRuleDestinationOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// ConfirmTopicRuleDestination API operation for AWS IoT. +// +// Confirms a topic rule destination. When you create a rule requiring a destination, +// AWS IoT sends a confirmation message to the endpoint or base address you +// specify. The message includes a token which you pass back when calling ConfirmTopicRuleDestination +// to confirm that you own or have access to the endpoint. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT's +// API operation ConfirmTopicRuleDestination for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalException "InternalException" +// An unexpected error has occurred. +// +// * ErrCodeInvalidRequestException "InvalidRequestException" +// The request is not valid. +// +// * ErrCodeServiceUnavailableException "ServiceUnavailableException" +// The service is temporarily unavailable. +// +// * ErrCodeUnauthorizedException "UnauthorizedException" +// You are not authorized to perform this operation. +// +// * ErrCodeConflictingResourceUpdateException "ConflictingResourceUpdateException" +// A conflicting resource update exception. This exception is thrown when two +// pending updates cause a conflict. +// +func (c *IoT) ConfirmTopicRuleDestination(input *ConfirmTopicRuleDestinationInput) (*ConfirmTopicRuleDestinationOutput, error) { + req, out := c.ConfirmTopicRuleDestinationRequest(input) + return out, req.Send() +} + +// ConfirmTopicRuleDestinationWithContext is the same as ConfirmTopicRuleDestination with the addition of +// the ability to pass a context and additional request options. +// +// See ConfirmTopicRuleDestination for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IoT) ConfirmTopicRuleDestinationWithContext(ctx aws.Context, input *ConfirmTopicRuleDestinationInput, opts ...request.Option) (*ConfirmTopicRuleDestinationOutput, error) { + req, out := c.ConfirmTopicRuleDestinationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateAuthorizer = "CreateAuthorizer" // CreateAuthorizerRequest generates a "aws/request.Request" representing the @@ -3037,6 +3130,96 @@ func (c *IoT) CreateTopicRuleWithContext(ctx aws.Context, input *CreateTopicRule return out, req.Send() } +const opCreateTopicRuleDestination = "CreateTopicRuleDestination" + +// CreateTopicRuleDestinationRequest generates a "aws/request.Request" representing the +// client's request for the CreateTopicRuleDestination operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTopicRuleDestination for more information on using the CreateTopicRuleDestination +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTopicRuleDestinationRequest method. +// req, resp := client.CreateTopicRuleDestinationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +func (c *IoT) CreateTopicRuleDestinationRequest(input *CreateTopicRuleDestinationInput) (req *request.Request, output *CreateTopicRuleDestinationOutput) { + op := &request.Operation{ + Name: opCreateTopicRuleDestination, + HTTPMethod: "POST", + HTTPPath: "/destinations", + } + + if input == nil { + input = &CreateTopicRuleDestinationInput{} + } + + output = &CreateTopicRuleDestinationOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTopicRuleDestination API operation for AWS IoT. +// +// Creates a topic rule destination. The destination must be confirmed prior +// to use. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT's +// API operation CreateTopicRuleDestination for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalException "InternalException" +// An unexpected error has occurred. +// +// * ErrCodeInvalidRequestException "InvalidRequestException" +// The request is not valid. +// +// * ErrCodeResourceAlreadyExistsException "ResourceAlreadyExistsException" +// The resource already exists. +// +// * ErrCodeServiceUnavailableException "ServiceUnavailableException" +// The service is temporarily unavailable. +// +// * ErrCodeConflictingResourceUpdateException "ConflictingResourceUpdateException" +// A conflicting resource update exception. This exception is thrown when two +// pending updates cause a conflict. +// +func (c *IoT) CreateTopicRuleDestination(input *CreateTopicRuleDestinationInput) (*CreateTopicRuleDestinationOutput, error) { + req, out := c.CreateTopicRuleDestinationRequest(input) + return out, req.Send() +} + +// CreateTopicRuleDestinationWithContext is the same as CreateTopicRuleDestination with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTopicRuleDestination for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IoT) CreateTopicRuleDestinationWithContext(ctx aws.Context, input *CreateTopicRuleDestinationInput, opts ...request.Option) (*CreateTopicRuleDestinationOutput, error) { + req, out := c.CreateTopicRuleDestinationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteAccountAuditConfiguration = "DeleteAccountAuditConfiguration" // DeleteAccountAuditConfigurationRequest generates a "aws/request.Request" representing the @@ -4990,6 +5173,96 @@ func (c *IoT) DeleteTopicRuleWithContext(ctx aws.Context, input *DeleteTopicRule return out, req.Send() } +const opDeleteTopicRuleDestination = "DeleteTopicRuleDestination" + +// DeleteTopicRuleDestinationRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTopicRuleDestination operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTopicRuleDestination for more information on using the DeleteTopicRuleDestination +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTopicRuleDestinationRequest method. +// req, resp := client.DeleteTopicRuleDestinationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +func (c *IoT) DeleteTopicRuleDestinationRequest(input *DeleteTopicRuleDestinationInput) (req *request.Request, output *DeleteTopicRuleDestinationOutput) { + op := &request.Operation{ + Name: opDeleteTopicRuleDestination, + HTTPMethod: "DELETE", + HTTPPath: "/destinations/{arn+}", + } + + if input == nil { + input = &DeleteTopicRuleDestinationInput{} + } + + output = &DeleteTopicRuleDestinationOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteTopicRuleDestination API operation for AWS IoT. +// +// Deletes a topic rule destination. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT's +// API operation DeleteTopicRuleDestination for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalException "InternalException" +// An unexpected error has occurred. +// +// * ErrCodeInvalidRequestException "InvalidRequestException" +// The request is not valid. +// +// * ErrCodeServiceUnavailableException "ServiceUnavailableException" +// The service is temporarily unavailable. +// +// * ErrCodeUnauthorizedException "UnauthorizedException" +// You are not authorized to perform this operation. +// +// * ErrCodeConflictingResourceUpdateException "ConflictingResourceUpdateException" +// A conflicting resource update exception. This exception is thrown when two +// pending updates cause a conflict. +// +func (c *IoT) DeleteTopicRuleDestination(input *DeleteTopicRuleDestinationInput) (*DeleteTopicRuleDestinationOutput, error) { + req, out := c.DeleteTopicRuleDestinationRequest(input) + return out, req.Send() +} + +// DeleteTopicRuleDestinationWithContext is the same as DeleteTopicRuleDestination with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTopicRuleDestination for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IoT) DeleteTopicRuleDestinationWithContext(ctx aws.Context, input *DeleteTopicRuleDestinationInput, opts ...request.Option) (*DeleteTopicRuleDestinationOutput, error) { + req, out := c.DeleteTopicRuleDestinationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteV2LoggingLevel = "DeleteV2LoggingLevel" // DeleteV2LoggingLevelRequest generates a "aws/request.Request" representing the @@ -7774,7 +8047,7 @@ func (c *IoT) GetCardinalityRequest(input *GetCardinalityInput) (req *request.Re // GetCardinality API operation for AWS IoT. // -// Returns the number of things with distinct values for the aggregation field. +// Returns the approximate count of unique values that match the query. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8317,10 +8590,16 @@ func (c *IoT) GetPercentilesRequest(input *GetPercentilesInput) (req *request.Re // GetPercentiles API operation for AWS IoT. // -// Returns the percentile values for the aggregation field. The results from -// GetPercentiles is an approximation. The default percentile groupings are: -// 1,5,25,50,75,95,99. You can specify custom percentile grouping using the -// percents argument to the GetPercentiles API. +// Groups the aggregated values that match the query into percentile groupings. +// The default percentile groupings are: 1,5,25,50,75,95,99, although you can +// specify your own when you call GetPercentiles. This function returns a value +// for each percentile group specified (or the default percentile groupings). +// The percentile group "1" contains the aggregated field value that occurs +// in approximately one percent of the values that match the query. The percentile +// group "5" contains the aggregated field value that occurs in approximately +// five percent of the values that match the query, and so on. The result is +// an approximation, the more values that match the query, the more accurate +// the percentile values. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8691,9 +8970,7 @@ func (c *IoT) GetStatisticsRequest(input *GetStatisticsInput) (req *request.Requ // GetStatistics API operation for AWS IoT. // -// Gets statistics returns the count, average, sum, minimum, maximum, sumOfSquares, -// variance, and standard deviation for the specified aggregated field. If the -// aggregation field is of type String, only the count statistic is returned. +// Gets statistics about things that match the specified query. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8836,6 +9113,91 @@ func (c *IoT) GetTopicRuleWithContext(ctx aws.Context, input *GetTopicRuleInput, return out, req.Send() } +const opGetTopicRuleDestination = "GetTopicRuleDestination" + +// GetTopicRuleDestinationRequest generates a "aws/request.Request" representing the +// client's request for the GetTopicRuleDestination operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetTopicRuleDestination for more information on using the GetTopicRuleDestination +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetTopicRuleDestinationRequest method. +// req, resp := client.GetTopicRuleDestinationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +func (c *IoT) GetTopicRuleDestinationRequest(input *GetTopicRuleDestinationInput) (req *request.Request, output *GetTopicRuleDestinationOutput) { + op := &request.Operation{ + Name: opGetTopicRuleDestination, + HTTPMethod: "GET", + HTTPPath: "/destinations/{arn+}", + } + + if input == nil { + input = &GetTopicRuleDestinationInput{} + } + + output = &GetTopicRuleDestinationOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetTopicRuleDestination API operation for AWS IoT. +// +// Gets information about a topic rule destination. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT's +// API operation GetTopicRuleDestination for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalException "InternalException" +// An unexpected error has occurred. +// +// * ErrCodeInvalidRequestException "InvalidRequestException" +// The request is not valid. +// +// * ErrCodeServiceUnavailableException "ServiceUnavailableException" +// The service is temporarily unavailable. +// +// * ErrCodeUnauthorizedException "UnauthorizedException" +// You are not authorized to perform this operation. +// +func (c *IoT) GetTopicRuleDestination(input *GetTopicRuleDestinationInput) (*GetTopicRuleDestinationOutput, error) { + req, out := c.GetTopicRuleDestinationRequest(input) + return out, req.Send() +} + +// GetTopicRuleDestinationWithContext is the same as GetTopicRuleDestination with the addition of +// the ability to pass a context and additional request options. +// +// See GetTopicRuleDestination for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IoT) GetTopicRuleDestinationWithContext(ctx aws.Context, input *GetTopicRuleDestinationInput, opts ...request.Option) (*GetTopicRuleDestinationOutput, error) { + req, out := c.GetTopicRuleDestinationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetV2LoggingOptions = "GetV2LoggingOptions" // GetV2LoggingOptionsRequest generates a "aws/request.Request" representing the @@ -12414,6 +12776,91 @@ func (c *IoT) ListThingsInThingGroupWithContext(ctx aws.Context, input *ListThin return out, req.Send() } +const opListTopicRuleDestinations = "ListTopicRuleDestinations" + +// ListTopicRuleDestinationsRequest generates a "aws/request.Request" representing the +// client's request for the ListTopicRuleDestinations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListTopicRuleDestinations for more information on using the ListTopicRuleDestinations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListTopicRuleDestinationsRequest method. +// req, resp := client.ListTopicRuleDestinationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +func (c *IoT) ListTopicRuleDestinationsRequest(input *ListTopicRuleDestinationsInput) (req *request.Request, output *ListTopicRuleDestinationsOutput) { + op := &request.Operation{ + Name: opListTopicRuleDestinations, + HTTPMethod: "GET", + HTTPPath: "/destinations", + } + + if input == nil { + input = &ListTopicRuleDestinationsInput{} + } + + output = &ListTopicRuleDestinationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListTopicRuleDestinations API operation for AWS IoT. +// +// Lists all the topic rule destinations in your AWS account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT's +// API operation ListTopicRuleDestinations for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalException "InternalException" +// An unexpected error has occurred. +// +// * ErrCodeInvalidRequestException "InvalidRequestException" +// The request is not valid. +// +// * ErrCodeServiceUnavailableException "ServiceUnavailableException" +// The service is temporarily unavailable. +// +// * ErrCodeUnauthorizedException "UnauthorizedException" +// You are not authorized to perform this operation. +// +func (c *IoT) ListTopicRuleDestinations(input *ListTopicRuleDestinationsInput) (*ListTopicRuleDestinationsOutput, error) { + req, out := c.ListTopicRuleDestinationsRequest(input) + return out, req.Send() +} + +// ListTopicRuleDestinationsWithContext is the same as ListTopicRuleDestinations with the addition of +// the ability to pass a context and additional request options. +// +// See ListTopicRuleDestinations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IoT) ListTopicRuleDestinationsWithContext(ctx aws.Context, input *ListTopicRuleDestinationsInput, opts ...request.Option) (*ListTopicRuleDestinationsOutput, error) { + req, out := c.ListTopicRuleDestinationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListTopicRules = "ListTopicRules" // ListTopicRulesRequest generates a "aws/request.Request" representing the @@ -12917,11 +13364,7 @@ func (c *IoT) RegisterThingRequest(input *RegisterThingInput) (req *request.Requ // RegisterThing API operation for AWS IoT. // -// Provisions a thing in the device registry. RegisterThing calls other AWS -// IoT control plane APIs. These calls might exceed your account level AWS IoT -// Throttling Limits (https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_iot) -// and cause throttle errors. Please contact AWS Customer Support (https://console.aws.amazon.com/support/home) -// to raise your throttling limits if necessary. +// Provisions a thing. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16235,6 +16678,97 @@ func (c *IoT) UpdateThingGroupsForThingWithContext(ctx aws.Context, input *Updat return out, req.Send() } +const opUpdateTopicRuleDestination = "UpdateTopicRuleDestination" + +// UpdateTopicRuleDestinationRequest generates a "aws/request.Request" representing the +// client's request for the UpdateTopicRuleDestination operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateTopicRuleDestination for more information on using the UpdateTopicRuleDestination +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateTopicRuleDestinationRequest method. +// req, resp := client.UpdateTopicRuleDestinationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +func (c *IoT) UpdateTopicRuleDestinationRequest(input *UpdateTopicRuleDestinationInput) (req *request.Request, output *UpdateTopicRuleDestinationOutput) { + op := &request.Operation{ + Name: opUpdateTopicRuleDestination, + HTTPMethod: "PATCH", + HTTPPath: "/destinations", + } + + if input == nil { + input = &UpdateTopicRuleDestinationInput{} + } + + output = &UpdateTopicRuleDestinationOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateTopicRuleDestination API operation for AWS IoT. +// +// Updates a topic rule destination. You use this to change the status, endpoint +// URL, or confirmation URL of the destination. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT's +// API operation UpdateTopicRuleDestination for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalException "InternalException" +// An unexpected error has occurred. +// +// * ErrCodeInvalidRequestException "InvalidRequestException" +// The request is not valid. +// +// * ErrCodeServiceUnavailableException "ServiceUnavailableException" +// The service is temporarily unavailable. +// +// * ErrCodeUnauthorizedException "UnauthorizedException" +// You are not authorized to perform this operation. +// +// * ErrCodeConflictingResourceUpdateException "ConflictingResourceUpdateException" +// A conflicting resource update exception. This exception is thrown when two +// pending updates cause a conflict. +// +func (c *IoT) UpdateTopicRuleDestination(input *UpdateTopicRuleDestinationInput) (*UpdateTopicRuleDestinationOutput, error) { + req, out := c.UpdateTopicRuleDestinationRequest(input) + return out, req.Send() +} + +// UpdateTopicRuleDestinationWithContext is the same as UpdateTopicRuleDestination with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateTopicRuleDestination for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *IoT) UpdateTopicRuleDestinationWithContext(ctx aws.Context, input *UpdateTopicRuleDestinationInput, opts ...request.Option) (*UpdateTopicRuleDestinationOutput, error) { + req, out := c.UpdateTopicRuleDestinationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opValidateSecurityProfileBehaviors = "ValidateSecurityProfileBehaviors" // ValidateSecurityProfileBehaviorsRequest generates a "aws/request.Request" representing the @@ -16547,6 +17081,9 @@ type Action struct { // Write to an Amazon Kinesis Firehose stream. Firehose *FirehoseAction `locationName:"firehose" type:"structure"` + // Send data to an HTTPS endpoint. + Http *HttpAction `locationName:"http" type:"structure"` + // Sends message data to an AWS IoT Analytics channel. IotAnalytics *IotAnalyticsAction `locationName:"iotAnalytics" type:"structure"` @@ -16621,6 +17158,11 @@ func (s *Action) Validate() error { invalidParams.AddNested("Firehose", err.(request.ErrInvalidParams)) } } + if s.Http != nil { + if err := s.Http.Validate(); err != nil { + invalidParams.AddNested("Http", err.(request.ErrInvalidParams)) + } + } if s.IotEvents != nil { if err := s.IotEvents.Validate(); err != nil { invalidParams.AddNested("IotEvents", err.(request.ErrInvalidParams)) @@ -16709,6 +17251,12 @@ func (s *Action) SetFirehose(v *FirehoseAction) *Action { return s } +// SetHttp sets the Http field's value. +func (s *Action) SetHttp(v *HttpAction) *Action { + s.Http = v + return s +} + // SetIotAnalytics sets the IotAnalytics field's value. func (s *Action) SetIotAnalytics(v *IotAnalyticsAction) *Action { s.IotAnalytics = v @@ -19694,6 +20242,62 @@ func (s *Configuration) SetEnabled(v bool) *Configuration { return s } +type ConfirmTopicRuleDestinationInput struct { + _ struct{} `type:"structure"` + + // The token used to confirm ownership or access to the topic rule confirmation + // URL. + // + // ConfirmationToken is a required field + ConfirmationToken *string `location:"uri" locationName:"confirmationToken" min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s ConfirmTopicRuleDestinationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ConfirmTopicRuleDestinationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ConfirmTopicRuleDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ConfirmTopicRuleDestinationInput"} + if s.ConfirmationToken == nil { + invalidParams.Add(request.NewErrParamRequired("ConfirmationToken")) + } + if s.ConfirmationToken != nil && len(*s.ConfirmationToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ConfirmationToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConfirmationToken sets the ConfirmationToken field's value. +func (s *ConfirmTopicRuleDestinationInput) SetConfirmationToken(v string) *ConfirmTopicRuleDestinationInput { + s.ConfirmationToken = &v + return s +} + +type ConfirmTopicRuleDestinationOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s ConfirmTopicRuleDestinationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ConfirmTopicRuleDestinationOutput) GoString() string { + return s.String() +} + type CreateAuthorizerInput struct { _ struct{} `type:"structure"` @@ -21909,6 +22513,72 @@ func (s *CreateThingTypeOutput) SetThingTypeName(v string) *CreateThingTypeOutpu return s } +type CreateTopicRuleDestinationInput struct { + _ struct{} `type:"structure"` + + // The topic rule destination configuration. + // + // DestinationConfiguration is a required field + DestinationConfiguration *TopicRuleDestinationConfiguration `locationName:"destinationConfiguration" type:"structure" required:"true"` +} + +// String returns the string representation +func (s CreateTopicRuleDestinationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTopicRuleDestinationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTopicRuleDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTopicRuleDestinationInput"} + if s.DestinationConfiguration == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationConfiguration")) + } + if s.DestinationConfiguration != nil { + if err := s.DestinationConfiguration.Validate(); err != nil { + invalidParams.AddNested("DestinationConfiguration", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDestinationConfiguration sets the DestinationConfiguration field's value. +func (s *CreateTopicRuleDestinationInput) SetDestinationConfiguration(v *TopicRuleDestinationConfiguration) *CreateTopicRuleDestinationInput { + s.DestinationConfiguration = v + return s +} + +type CreateTopicRuleDestinationOutput struct { + _ struct{} `type:"structure"` + + // The topic rule destination. + TopicRuleDestination *TopicRuleDestination `locationName:"topicRuleDestination" type:"structure"` +} + +// String returns the string representation +func (s CreateTopicRuleDestinationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTopicRuleDestinationOutput) GoString() string { + return s.String() +} + +// SetTopicRuleDestination sets the TopicRuleDestination field's value. +func (s *CreateTopicRuleDestinationOutput) SetTopicRuleDestination(v *TopicRuleDestination) *CreateTopicRuleDestinationOutput { + s.TopicRuleDestination = v + return s +} + // The input for the CreateTopicRule operation. type CreateTopicRuleInput struct { _ struct{} `type:"structure" payload:"TopicRulePayload"` @@ -23287,6 +23957,61 @@ func (s DeleteThingTypeOutput) GoString() string { return s.String() } +type DeleteTopicRuleDestinationInput struct { + _ struct{} `type:"structure"` + + // The ARN of the topic rule destination to delete. + // + // Arn is a required field + Arn *string `location:"uri" locationName:"arn" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTopicRuleDestinationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTopicRuleDestinationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTopicRuleDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTopicRuleDestinationInput"} + if s.Arn == nil { + invalidParams.Add(request.NewErrParamRequired("Arn")) + } + if s.Arn != nil && len(*s.Arn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Arn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetArn sets the Arn field's value. +func (s *DeleteTopicRuleDestinationInput) SetArn(v string) *DeleteTopicRuleDestinationInput { + s.Arn = &v + return s +} + +type DeleteTopicRuleDestinationOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s DeleteTopicRuleDestinationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTopicRuleDestinationOutput) GoString() string { + return s.String() +} + // The input for the DeleteTopicRule operation. type DeleteTopicRuleInput struct { _ struct{} `type:"structure"` @@ -26638,14 +27363,14 @@ func (s *ExponentialRolloutRate) SetRateIncreaseCriteria(v *RateIncreaseCriteria return s } -// Describes the name and data type at a field. +// The field to aggregate. type Field struct { _ struct{} `type:"structure"` // The name of the field. Name *string `locationName:"name" type:"string"` - // The datatype of the field. + // The data type of the field. Type *string `locationName:"type" type:"string" enum:"FieldType"` } @@ -26865,7 +27590,7 @@ func (s *GetCardinalityInput) SetQueryVersion(v string) *GetCardinalityInput { type GetCardinalityOutput struct { _ struct{} `type:"structure"` - // The number of things that match the query. + // The approximate count of unique values that match the query. Cardinality *int64 `locationName:"cardinality" type:"integer"` } @@ -27473,7 +28198,7 @@ func (s *GetPolicyVersionInput) SetPolicyVersionId(v string) *GetPolicyVersionIn type GetPolicyVersionOutput struct { _ struct{} `type:"structure"` - // The date the policy was created. + // The date the policy version was created. CreationDate *time.Time `locationName:"creationDate" type:"timestamp"` // The generation ID of the policy version. @@ -27482,7 +28207,7 @@ type GetPolicyVersionOutput struct { // Specifies whether the policy version is the default. IsDefaultVersion *bool `locationName:"isDefaultVersion" type:"boolean"` - // The date the policy was last modified. + // The date the policy version was last modified. LastModifiedDate *time.Time `locationName:"lastModifiedDate" type:"timestamp"` // The policy ARN. @@ -27598,7 +28323,7 @@ func (s *GetRegistrationCodeOutput) SetRegistrationCode(v string) *GetRegistrati type GetStatisticsInput struct { _ struct{} `type:"structure"` - // The aggregation field name. + // The aggregation field name. Currently not supported. AggregationField *string `locationName:"aggregationField" min:"1" type:"string"` // The name of the index to search. The default value is AWS_Things. @@ -27694,6 +28419,70 @@ func (s *GetStatisticsOutput) SetStatistics(v *Statistics) *GetStatisticsOutput return s } +type GetTopicRuleDestinationInput struct { + _ struct{} `type:"structure"` + + // The ARN of the topic rule destination. + // + // Arn is a required field + Arn *string `location:"uri" locationName:"arn" type:"string" required:"true"` +} + +// String returns the string representation +func (s GetTopicRuleDestinationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetTopicRuleDestinationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetTopicRuleDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetTopicRuleDestinationInput"} + if s.Arn == nil { + invalidParams.Add(request.NewErrParamRequired("Arn")) + } + if s.Arn != nil && len(*s.Arn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Arn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetArn sets the Arn field's value. +func (s *GetTopicRuleDestinationInput) SetArn(v string) *GetTopicRuleDestinationInput { + s.Arn = &v + return s +} + +type GetTopicRuleDestinationOutput struct { + _ struct{} `type:"structure"` + + // The topic rule destination. + TopicRuleDestination *TopicRuleDestination `locationName:"topicRuleDestination" type:"structure"` +} + +// String returns the string representation +func (s GetTopicRuleDestinationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetTopicRuleDestinationOutput) GoString() string { + return s.String() +} + +// SetTopicRuleDestination sets the TopicRuleDestination field's value. +func (s *GetTopicRuleDestinationOutput) SetTopicRuleDestination(v *TopicRuleDestination) *GetTopicRuleDestinationOutput { + s.TopicRuleDestination = v + return s +} + // The input for the GetTopicRule operation. type GetTopicRuleInput struct { _ struct{} `type:"structure"` @@ -27857,6 +28646,279 @@ func (s *GroupNameAndArn) SetGroupName(v string) *GroupNameAndArn { return s } +// Send data to an HTTPS endpoint. +type HttpAction struct { + _ struct{} `type:"structure"` + + // The authentication method to use when sending data to an HTTPS endpoint. + Auth *HttpAuthorization `locationName:"auth" type:"structure"` + + // The URL to which AWS IoT sends a confirmation message. The value of the confirmation + // URL must be a prefix of the endpoint URL. If you do not specify a confirmation + // URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution + // templates in the confirmationUrl, you must create and enable topic rule destinations + // that match each possible value of the substituion template before traffic + // is allowed to your endpoint URL. + ConfirmationUrl *string `locationName:"confirmationUrl" type:"string"` + + // The HTTP headers to send with the message data. + Headers []*HttpActionHeader `locationName:"headers" type:"list"` + + // The endpoint URL. If substitution templates are used in the URL, you must + // also specify a confirmationUrl. If this is a new destination, a new TopicRuleDestination + // is created if possible. + // + // Url is a required field + Url *string `locationName:"url" type:"string" required:"true"` +} + +// String returns the string representation +func (s HttpAction) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s HttpAction) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *HttpAction) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "HttpAction"} + if s.Url == nil { + invalidParams.Add(request.NewErrParamRequired("Url")) + } + if s.Auth != nil { + if err := s.Auth.Validate(); err != nil { + invalidParams.AddNested("Auth", err.(request.ErrInvalidParams)) + } + } + if s.Headers != nil { + for i, v := range s.Headers { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Headers", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAuth sets the Auth field's value. +func (s *HttpAction) SetAuth(v *HttpAuthorization) *HttpAction { + s.Auth = v + return s +} + +// SetConfirmationUrl sets the ConfirmationUrl field's value. +func (s *HttpAction) SetConfirmationUrl(v string) *HttpAction { + s.ConfirmationUrl = &v + return s +} + +// SetHeaders sets the Headers field's value. +func (s *HttpAction) SetHeaders(v []*HttpActionHeader) *HttpAction { + s.Headers = v + return s +} + +// SetUrl sets the Url field's value. +func (s *HttpAction) SetUrl(v string) *HttpAction { + s.Url = &v + return s +} + +// The HTTP action header. +type HttpActionHeader struct { + _ struct{} `type:"structure"` + + // The HTTP header key. + // + // Key is a required field + Key *string `locationName:"key" min:"1" type:"string" required:"true"` + + // The HTTP header value. Substitution templates are supported. + // + // Value is a required field + Value *string `locationName:"value" type:"string" required:"true"` +} + +// String returns the string representation +func (s HttpActionHeader) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s HttpActionHeader) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *HttpActionHeader) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "HttpActionHeader"} + if s.Key == nil { + invalidParams.Add(request.NewErrParamRequired("Key")) + } + if s.Key != nil && len(*s.Key) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Key", 1)) + } + if s.Value == nil { + invalidParams.Add(request.NewErrParamRequired("Value")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetKey sets the Key field's value. +func (s *HttpActionHeader) SetKey(v string) *HttpActionHeader { + s.Key = &v + return s +} + +// SetValue sets the Value field's value. +func (s *HttpActionHeader) SetValue(v string) *HttpActionHeader { + s.Value = &v + return s +} + +// The authorization method used to send messages. +type HttpAuthorization struct { + _ struct{} `type:"structure"` + + // Use Sig V4 authorization. For more information, see Signature Version 4 Signing + // Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). + Sigv4 *SigV4Authorization `locationName:"sigv4" type:"structure"` +} + +// String returns the string representation +func (s HttpAuthorization) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s HttpAuthorization) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *HttpAuthorization) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "HttpAuthorization"} + if s.Sigv4 != nil { + if err := s.Sigv4.Validate(); err != nil { + invalidParams.AddNested("Sigv4", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetSigv4 sets the Sigv4 field's value. +func (s *HttpAuthorization) SetSigv4(v *SigV4Authorization) *HttpAuthorization { + s.Sigv4 = v + return s +} + +// HTTP URL destination configuration used by the topic rule's HTTP action. +type HttpUrlDestinationConfiguration struct { + _ struct{} `type:"structure"` + + // The URL AWS IoT uses to confirm ownership of or access to the topic rule + // destination URL. + // + // ConfirmationUrl is a required field + ConfirmationUrl *string `locationName:"confirmationUrl" type:"string" required:"true"` +} + +// String returns the string representation +func (s HttpUrlDestinationConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s HttpUrlDestinationConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *HttpUrlDestinationConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "HttpUrlDestinationConfiguration"} + if s.ConfirmationUrl == nil { + invalidParams.Add(request.NewErrParamRequired("ConfirmationUrl")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConfirmationUrl sets the ConfirmationUrl field's value. +func (s *HttpUrlDestinationConfiguration) SetConfirmationUrl(v string) *HttpUrlDestinationConfiguration { + s.ConfirmationUrl = &v + return s +} + +// HTTP URL destination properties. +type HttpUrlDestinationProperties struct { + _ struct{} `type:"structure"` + + // The URL used to confirm the HTTP topic rule destination URL. + ConfirmationUrl *string `locationName:"confirmationUrl" type:"string"` +} + +// String returns the string representation +func (s HttpUrlDestinationProperties) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s HttpUrlDestinationProperties) GoString() string { + return s.String() +} + +// SetConfirmationUrl sets the ConfirmationUrl field's value. +func (s *HttpUrlDestinationProperties) SetConfirmationUrl(v string) *HttpUrlDestinationProperties { + s.ConfirmationUrl = &v + return s +} + +// Information about an HTTP URL destination. +type HttpUrlDestinationSummary struct { + _ struct{} `type:"structure"` + + // The URL used to confirm ownership of or access to the HTTP topic rule destination + // URL. + ConfirmationUrl *string `locationName:"confirmationUrl" type:"string"` +} + +// String returns the string representation +func (s HttpUrlDestinationSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s HttpUrlDestinationSummary) GoString() string { + return s.String() +} + +// SetConfirmationUrl sets the ConfirmationUrl field's value. +func (s *HttpUrlDestinationSummary) SetConfirmationUrl(v string) *HttpUrlDestinationSummary { + s.ConfirmationUrl = &v + return s +} + // Information that implicitly denies authorization. When policy doesn't explicitly // deny or allow an action on a resource it is considered an implicit deny. type ImplicitDeny struct { @@ -32746,6 +33808,83 @@ func (s *ListThingsOutput) SetThings(v []*ThingAttribute) *ListThingsOutput { return s } +type ListTopicRuleDestinationsInput struct { + _ struct{} `type:"structure"` + + // The maximum number of results to return at one time. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token to retrieve the next set of results. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s ListTopicRuleDestinationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListTopicRuleDestinationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListTopicRuleDestinationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListTopicRuleDestinationsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListTopicRuleDestinationsInput) SetMaxResults(v int64) *ListTopicRuleDestinationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListTopicRuleDestinationsInput) SetNextToken(v string) *ListTopicRuleDestinationsInput { + s.NextToken = &v + return s +} + +type ListTopicRuleDestinationsOutput struct { + _ struct{} `type:"structure"` + + // Information about a topic rule destination. + DestinationSummaries []*TopicRuleDestinationSummary `locationName:"destinationSummaries" type:"list"` + + // The token to retrieve the next set of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s ListTopicRuleDestinationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListTopicRuleDestinationsOutput) GoString() string { + return s.String() +} + +// SetDestinationSummaries sets the DestinationSummaries field's value. +func (s *ListTopicRuleDestinationsOutput) SetDestinationSummaries(v []*TopicRuleDestinationSummary) *ListTopicRuleDestinationsOutput { + s.DestinationSummaries = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListTopicRuleDestinationsOutput) SetNextToken(v string) *ListTopicRuleDestinationsOutput { + s.NextToken = &v + return s +} + // The input for the ListTopicRules operation. type ListTopicRulesInput struct { _ struct{} `type:"structure"` @@ -33837,7 +34976,7 @@ type PercentPair struct { // The percentile. Percent *float64 `locationName:"percent" type:"double"` - // The value. + // The value of the percentile. Value *float64 `locationName:"value" type:"double"` } @@ -36000,6 +37139,73 @@ func (s SetV2LoggingOptionsOutput) GoString() string { return s.String() } +// Use Sig V4 authorization. +type SigV4Authorization struct { + _ struct{} `type:"structure"` + + // The ARN of the signing role. + // + // RoleArn is a required field + RoleArn *string `locationName:"roleArn" type:"string" required:"true"` + + // The service name to use while signing with Sig V4. + // + // ServiceName is a required field + ServiceName *string `locationName:"serviceName" type:"string" required:"true"` + + // The signing region. + // + // SigningRegion is a required field + SigningRegion *string `locationName:"signingRegion" type:"string" required:"true"` +} + +// String returns the string representation +func (s SigV4Authorization) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SigV4Authorization) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *SigV4Authorization) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SigV4Authorization"} + if s.RoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RoleArn")) + } + if s.ServiceName == nil { + invalidParams.Add(request.NewErrParamRequired("ServiceName")) + } + if s.SigningRegion == nil { + invalidParams.Add(request.NewErrParamRequired("SigningRegion")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetRoleArn sets the RoleArn field's value. +func (s *SigV4Authorization) SetRoleArn(v string) *SigV4Authorization { + s.RoleArn = &v + return s +} + +// SetServiceName sets the ServiceName field's value. +func (s *SigV4Authorization) SetServiceName(v string) *SigV4Authorization { + s.ServiceName = &v + return s +} + +// SetSigningRegion sets the SigningRegion field's value. +func (s *SigV4Authorization) SetSigningRegion(v string) *SigV4Authorization { + s.SigningRegion = &v + return s +} + // Describes the code-signing profile. type SigningProfileParameter struct { _ struct{} `type:"structure"` @@ -36560,22 +37766,26 @@ func (s *StatisticalThreshold) SetStatistic(v string) *StatisticalThreshold { type Statistics struct { _ struct{} `type:"structure"` - // The average of the aggregated field values. + // The average of the aggregated fields. If the field data type is String this + // value is indeterminate. Average *float64 `locationName:"average" type:"double"` // The count of things that match the query. Count *int64 `locationName:"count" type:"integer"` - // The maximum aggregated field value. + // The maximum value of the aggregated fields. If the field data type is String + // this value is indeterminate. Maximum *float64 `locationName:"maximum" type:"double"` - // The minimum aggregated field value. + // The minimum value of the aggregated fields. If the field data type is String + // this value is indeterminate. Minimum *float64 `locationName:"minimum" type:"double"` - // The standard deviation of the aggregated field valuesl + // The standard deviation of the aggregated field values. StdDeviation *float64 `locationName:"stdDeviation" type:"double"` - // The sum of the aggregated field values. + // The sum of the aggregated fields. If the field data type is String this value + // is indeterminate. Sum *float64 `locationName:"sum" type:"double"` // The sum of the squares of the aggregated field values. @@ -37722,11 +38932,11 @@ func (s *ThingGroupDocument) SetThingGroupName(v string) *ThingGroupDocument { type ThingGroupIndexingConfiguration struct { _ struct{} `type:"structure"` - // Contains custom field names and their data type. + // A list of thing group fields to index. This list cannot contain any managed + // fields. Use the GetIndexingConfiguration API to get a list of managed fields. CustomFields []*Field `locationName:"customFields" type:"list"` - // Contains fields that are indexed and whose types are already known by the - // Fleet Indexing service. + // A list of automatically indexed thing group fields. ManagedFields []*Field `locationName:"managedFields" type:"list"` // Thing group indexing mode. @@ -37856,11 +39066,11 @@ func (s *ThingGroupProperties) SetThingGroupDescription(v string) *ThingGroupPro type ThingIndexingConfiguration struct { _ struct{} `type:"structure"` - // Contains custom field names and their data type. + // A list of thing fields to index. This list cannot contain any managed fields. + // Use the GetIndexingConfiguration API to get a list of managed fields. CustomFields []*Field `locationName:"customFields" type:"list"` - // Contains fields that are indexed and whose types are already known by the - // Fleet Indexing service. + // A list of automatically indexed thing fields. ManagedFields []*Field `locationName:"managedFields" type:"list"` // Thing connectivity indexing mode. Valid values are: @@ -38183,6 +39393,198 @@ func (s *TopicRule) SetSql(v string) *TopicRule { return s } +// A topic rule destination. +type TopicRuleDestination struct { + _ struct{} `type:"structure"` + + // The topic rule destination URL. + Arn *string `locationName:"arn" type:"string"` + + // Properties of the HTTP URL. + HttpUrlProperties *HttpUrlDestinationProperties `locationName:"httpUrlProperties" type:"structure"` + + // The status of the topic rule destination. Valid values are: + // + // IN_PROGRESS + // + // A topic rule destination was created but has not been confirmed. You can + // set status to IN_PROGRESS by calling UpdateTopicRuleDestination. Calling + // UpdateTopicRuleDestination causes a new confirmation challenge to be sent + // to your confirmation endpoint. + // + // ENABLED + // + // Confirmation was completed, and traffic to this destination is allowed. You + // can set status to DISABLED by calling UpdateTopicRuleDestination. + // + // DISABLED + // + // Confirmation was completed, and traffic to this destination is not allowed. + // You can set status to ENABLED by calling UpdateTopicRuleDestination. + // + // ERROR + // + // Confirmation could not be completed, for example if the confirmation timed + // out. You can call GetTopicRuleDestination for details about the error. You + // can set status to IN_PROGRESS by calling UpdateTopicRuleDestination. Calling + // UpdateTopicRuleDestination causes a new confirmation challenge to be sent + // to your confirmation endpoint. + Status *string `locationName:"status" type:"string" enum:"TopicRuleDestinationStatus"` + + // Additional details or reason why the topic rule destination is in the current + // status. + StatusReason *string `locationName:"statusReason" type:"string"` +} + +// String returns the string representation +func (s TopicRuleDestination) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TopicRuleDestination) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *TopicRuleDestination) SetArn(v string) *TopicRuleDestination { + s.Arn = &v + return s +} + +// SetHttpUrlProperties sets the HttpUrlProperties field's value. +func (s *TopicRuleDestination) SetHttpUrlProperties(v *HttpUrlDestinationProperties) *TopicRuleDestination { + s.HttpUrlProperties = v + return s +} + +// SetStatus sets the Status field's value. +func (s *TopicRuleDestination) SetStatus(v string) *TopicRuleDestination { + s.Status = &v + return s +} + +// SetStatusReason sets the StatusReason field's value. +func (s *TopicRuleDestination) SetStatusReason(v string) *TopicRuleDestination { + s.StatusReason = &v + return s +} + +// Configuration of the topic rule destination. +type TopicRuleDestinationConfiguration struct { + _ struct{} `type:"structure"` + + // Configuration of the HTTP URL. + HttpUrlConfiguration *HttpUrlDestinationConfiguration `locationName:"httpUrlConfiguration" type:"structure"` +} + +// String returns the string representation +func (s TopicRuleDestinationConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TopicRuleDestinationConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TopicRuleDestinationConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TopicRuleDestinationConfiguration"} + if s.HttpUrlConfiguration != nil { + if err := s.HttpUrlConfiguration.Validate(); err != nil { + invalidParams.AddNested("HttpUrlConfiguration", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetHttpUrlConfiguration sets the HttpUrlConfiguration field's value. +func (s *TopicRuleDestinationConfiguration) SetHttpUrlConfiguration(v *HttpUrlDestinationConfiguration) *TopicRuleDestinationConfiguration { + s.HttpUrlConfiguration = v + return s +} + +// Information about the topic rule destination. +type TopicRuleDestinationSummary struct { + _ struct{} `type:"structure"` + + // The topic rule destination ARN. + Arn *string `locationName:"arn" type:"string"` + + // Information about the HTTP URL. + HttpUrlSummary *HttpUrlDestinationSummary `locationName:"httpUrlSummary" type:"structure"` + + // The status of the topic rule destination. Valid values are: + // + // IN_PROGRESS + // + // A topic rule destination was created but has not been confirmed. You can + // set status to IN_PROGRESS by calling UpdateTopicRuleDestination. Calling + // UpdateTopicRuleDestination causes a new confirmation challenge to be sent + // to your confirmation endpoint. + // + // ENABLED + // + // Confirmation was completed, and traffic to this destination is allowed. You + // can set status to DISABLED by calling UpdateTopicRuleDestination. + // + // DISABLED + // + // Confirmation was completed, and traffic to this destination is not allowed. + // You can set status to ENABLED by calling UpdateTopicRuleDestination. + // + // ERROR + // + // Confirmation could not be completed, for example if the confirmation timed + // out. You can call GetTopicRuleDestination for details about the error. You + // can set status to IN_PROGRESS by calling UpdateTopicRuleDestination. Calling + // UpdateTopicRuleDestination causes a new confirmation challenge to be sent + // to your confirmation endpoint. + Status *string `locationName:"status" type:"string" enum:"TopicRuleDestinationStatus"` + + // The reason the topic rule destination is in the current status. + StatusReason *string `locationName:"statusReason" type:"string"` +} + +// String returns the string representation +func (s TopicRuleDestinationSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TopicRuleDestinationSummary) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *TopicRuleDestinationSummary) SetArn(v string) *TopicRuleDestinationSummary { + s.Arn = &v + return s +} + +// SetHttpUrlSummary sets the HttpUrlSummary field's value. +func (s *TopicRuleDestinationSummary) SetHttpUrlSummary(v *HttpUrlDestinationSummary) *TopicRuleDestinationSummary { + s.HttpUrlSummary = v + return s +} + +// SetStatus sets the Status field's value. +func (s *TopicRuleDestinationSummary) SetStatus(v string) *TopicRuleDestinationSummary { + s.Status = &v + return s +} + +// SetStatusReason sets the StatusReason field's value. +func (s *TopicRuleDestinationSummary) SetStatusReason(v string) *TopicRuleDestinationSummary { + s.StatusReason = &v + return s +} + // Describes a rule. type TopicRuleListItem struct { _ struct{} `type:"structure"` @@ -40423,6 +41825,97 @@ func (s UpdateThingOutput) GoString() string { return s.String() } +type UpdateTopicRuleDestinationInput struct { + _ struct{} `type:"structure"` + + // The ARN of the topic rule destination. + // + // Arn is a required field + Arn *string `locationName:"arn" type:"string" required:"true"` + + // The status of the topic rule destination. Valid values are: + // + // IN_PROGRESS + // + // A topic rule destination was created but has not been confirmed. You can + // set status to IN_PROGRESS by calling UpdateTopicRuleDestination. Calling + // UpdateTopicRuleDestination causes a new confirmation challenge to be sent + // to your confirmation endpoint. + // + // ENABLED + // + // Confirmation was completed, and traffic to this destination is allowed. You + // can set status to DISABLED by calling UpdateTopicRuleDestination. + // + // DISABLED + // + // Confirmation was completed, and traffic to this destination is not allowed. + // You can set status to ENABLED by calling UpdateTopicRuleDestination. + // + // ERROR + // + // Confirmation could not be completed, for example if the confirmation timed + // out. You can call GetTopicRuleDestination for details about the error. You + // can set status to IN_PROGRESS by calling UpdateTopicRuleDestination. Calling + // UpdateTopicRuleDestination causes a new confirmation challenge to be sent + // to your confirmation endpoint. + // + // Status is a required field + Status *string `locationName:"status" type:"string" required:"true" enum:"TopicRuleDestinationStatus"` +} + +// String returns the string representation +func (s UpdateTopicRuleDestinationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateTopicRuleDestinationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateTopicRuleDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateTopicRuleDestinationInput"} + if s.Arn == nil { + invalidParams.Add(request.NewErrParamRequired("Arn")) + } + if s.Status == nil { + invalidParams.Add(request.NewErrParamRequired("Status")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetArn sets the Arn field's value. +func (s *UpdateTopicRuleDestinationInput) SetArn(v string) *UpdateTopicRuleDestinationInput { + s.Arn = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *UpdateTopicRuleDestinationInput) SetStatus(v string) *UpdateTopicRuleDestinationInput { + s.Status = &v + return s +} + +type UpdateTopicRuleDestinationOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UpdateTopicRuleDestinationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateTopicRuleDestinationOutput) GoString() string { + return s.String() +} + type ValidateSecurityProfileBehaviorsInput struct { _ struct{} `type:"structure"` @@ -41162,6 +42655,20 @@ const ( ThingIndexingModeRegistryAndShadow = "REGISTRY_AND_SHADOW" ) +const ( + // TopicRuleDestinationStatusEnabled is a TopicRuleDestinationStatus enum value + TopicRuleDestinationStatusEnabled = "ENABLED" + + // TopicRuleDestinationStatusInProgress is a TopicRuleDestinationStatus enum value + TopicRuleDestinationStatusInProgress = "IN_PROGRESS" + + // TopicRuleDestinationStatusDisabled is a TopicRuleDestinationStatus enum value + TopicRuleDestinationStatusDisabled = "DISABLED" + + // TopicRuleDestinationStatusError is a TopicRuleDestinationStatus enum value + TopicRuleDestinationStatusError = "ERROR" +) + const ( // ViolationEventTypeInAlarm is a ViolationEventType enum value ViolationEventTypeInAlarm = "in-alarm" diff --git a/service/iot/iotiface/interface.go b/service/iot/iotiface/interface.go index 5f19f0be2d6..64e05e85520 100644 --- a/service/iot/iotiface/interface.go +++ b/service/iot/iotiface/interface.go @@ -116,6 +116,10 @@ type IoTAPI interface { ClearDefaultAuthorizerWithContext(aws.Context, *iot.ClearDefaultAuthorizerInput, ...request.Option) (*iot.ClearDefaultAuthorizerOutput, error) ClearDefaultAuthorizerRequest(*iot.ClearDefaultAuthorizerInput) (*request.Request, *iot.ClearDefaultAuthorizerOutput) + ConfirmTopicRuleDestination(*iot.ConfirmTopicRuleDestinationInput) (*iot.ConfirmTopicRuleDestinationOutput, error) + ConfirmTopicRuleDestinationWithContext(aws.Context, *iot.ConfirmTopicRuleDestinationInput, ...request.Option) (*iot.ConfirmTopicRuleDestinationOutput, error) + ConfirmTopicRuleDestinationRequest(*iot.ConfirmTopicRuleDestinationInput) (*request.Request, *iot.ConfirmTopicRuleDestinationOutput) + CreateAuthorizer(*iot.CreateAuthorizerInput) (*iot.CreateAuthorizerOutput, error) CreateAuthorizerWithContext(aws.Context, *iot.CreateAuthorizerInput, ...request.Option) (*iot.CreateAuthorizerOutput, error) CreateAuthorizerRequest(*iot.CreateAuthorizerInput) (*request.Request, *iot.CreateAuthorizerOutput) @@ -188,6 +192,10 @@ type IoTAPI interface { CreateTopicRuleWithContext(aws.Context, *iot.CreateTopicRuleInput, ...request.Option) (*iot.CreateTopicRuleOutput, error) CreateTopicRuleRequest(*iot.CreateTopicRuleInput) (*request.Request, *iot.CreateTopicRuleOutput) + CreateTopicRuleDestination(*iot.CreateTopicRuleDestinationInput) (*iot.CreateTopicRuleDestinationOutput, error) + CreateTopicRuleDestinationWithContext(aws.Context, *iot.CreateTopicRuleDestinationInput, ...request.Option) (*iot.CreateTopicRuleDestinationOutput, error) + CreateTopicRuleDestinationRequest(*iot.CreateTopicRuleDestinationInput) (*request.Request, *iot.CreateTopicRuleDestinationOutput) + DeleteAccountAuditConfiguration(*iot.DeleteAccountAuditConfigurationInput) (*iot.DeleteAccountAuditConfigurationOutput, error) DeleteAccountAuditConfigurationWithContext(aws.Context, *iot.DeleteAccountAuditConfigurationInput, ...request.Option) (*iot.DeleteAccountAuditConfigurationOutput, error) DeleteAccountAuditConfigurationRequest(*iot.DeleteAccountAuditConfigurationInput) (*request.Request, *iot.DeleteAccountAuditConfigurationOutput) @@ -272,6 +280,10 @@ type IoTAPI interface { DeleteTopicRuleWithContext(aws.Context, *iot.DeleteTopicRuleInput, ...request.Option) (*iot.DeleteTopicRuleOutput, error) DeleteTopicRuleRequest(*iot.DeleteTopicRuleInput) (*request.Request, *iot.DeleteTopicRuleOutput) + DeleteTopicRuleDestination(*iot.DeleteTopicRuleDestinationInput) (*iot.DeleteTopicRuleDestinationOutput, error) + DeleteTopicRuleDestinationWithContext(aws.Context, *iot.DeleteTopicRuleDestinationInput, ...request.Option) (*iot.DeleteTopicRuleDestinationOutput, error) + DeleteTopicRuleDestinationRequest(*iot.DeleteTopicRuleDestinationInput) (*request.Request, *iot.DeleteTopicRuleDestinationOutput) + DeleteV2LoggingLevel(*iot.DeleteV2LoggingLevelInput) (*iot.DeleteV2LoggingLevelOutput, error) DeleteV2LoggingLevelWithContext(aws.Context, *iot.DeleteV2LoggingLevelInput, ...request.Option) (*iot.DeleteV2LoggingLevelOutput, error) DeleteV2LoggingLevelRequest(*iot.DeleteV2LoggingLevelInput) (*request.Request, *iot.DeleteV2LoggingLevelOutput) @@ -444,6 +456,10 @@ type IoTAPI interface { GetTopicRuleWithContext(aws.Context, *iot.GetTopicRuleInput, ...request.Option) (*iot.GetTopicRuleOutput, error) GetTopicRuleRequest(*iot.GetTopicRuleInput) (*request.Request, *iot.GetTopicRuleOutput) + GetTopicRuleDestination(*iot.GetTopicRuleDestinationInput) (*iot.GetTopicRuleDestinationOutput, error) + GetTopicRuleDestinationWithContext(aws.Context, *iot.GetTopicRuleDestinationInput, ...request.Option) (*iot.GetTopicRuleDestinationOutput, error) + GetTopicRuleDestinationRequest(*iot.GetTopicRuleDestinationInput) (*request.Request, *iot.GetTopicRuleDestinationOutput) + GetV2LoggingOptions(*iot.GetV2LoggingOptionsInput) (*iot.GetV2LoggingOptionsOutput, error) GetV2LoggingOptionsWithContext(aws.Context, *iot.GetV2LoggingOptionsInput, ...request.Option) (*iot.GetV2LoggingOptionsOutput, error) GetV2LoggingOptionsRequest(*iot.GetV2LoggingOptionsInput) (*request.Request, *iot.GetV2LoggingOptionsOutput) @@ -608,6 +624,10 @@ type IoTAPI interface { ListThingsInThingGroupWithContext(aws.Context, *iot.ListThingsInThingGroupInput, ...request.Option) (*iot.ListThingsInThingGroupOutput, error) ListThingsInThingGroupRequest(*iot.ListThingsInThingGroupInput) (*request.Request, *iot.ListThingsInThingGroupOutput) + ListTopicRuleDestinations(*iot.ListTopicRuleDestinationsInput) (*iot.ListTopicRuleDestinationsOutput, error) + ListTopicRuleDestinationsWithContext(aws.Context, *iot.ListTopicRuleDestinationsInput, ...request.Option) (*iot.ListTopicRuleDestinationsOutput, error) + ListTopicRuleDestinationsRequest(*iot.ListTopicRuleDestinationsInput) (*request.Request, *iot.ListTopicRuleDestinationsOutput) + ListTopicRules(*iot.ListTopicRulesInput) (*iot.ListTopicRulesOutput, error) ListTopicRulesWithContext(aws.Context, *iot.ListTopicRulesInput, ...request.Option) (*iot.ListTopicRulesOutput, error) ListTopicRulesRequest(*iot.ListTopicRulesInput) (*request.Request, *iot.ListTopicRulesOutput) @@ -776,6 +796,10 @@ type IoTAPI interface { UpdateThingGroupsForThingWithContext(aws.Context, *iot.UpdateThingGroupsForThingInput, ...request.Option) (*iot.UpdateThingGroupsForThingOutput, error) UpdateThingGroupsForThingRequest(*iot.UpdateThingGroupsForThingInput) (*request.Request, *iot.UpdateThingGroupsForThingOutput) + UpdateTopicRuleDestination(*iot.UpdateTopicRuleDestinationInput) (*iot.UpdateTopicRuleDestinationOutput, error) + UpdateTopicRuleDestinationWithContext(aws.Context, *iot.UpdateTopicRuleDestinationInput, ...request.Option) (*iot.UpdateTopicRuleDestinationOutput, error) + UpdateTopicRuleDestinationRequest(*iot.UpdateTopicRuleDestinationInput) (*request.Request, *iot.UpdateTopicRuleDestinationOutput) + ValidateSecurityProfileBehaviors(*iot.ValidateSecurityProfileBehaviorsInput) (*iot.ValidateSecurityProfileBehaviorsOutput, error) ValidateSecurityProfileBehaviorsWithContext(aws.Context, *iot.ValidateSecurityProfileBehaviorsInput, ...request.Option) (*iot.ValidateSecurityProfileBehaviorsOutput, error) ValidateSecurityProfileBehaviorsRequest(*iot.ValidateSecurityProfileBehaviorsInput) (*request.Request, *iot.ValidateSecurityProfileBehaviorsOutput) diff --git a/service/lambda/api.go b/service/lambda/api.go index c5c91217388..b12c06eb8b9 100644 --- a/service/lambda/api.go +++ b/service/lambda/api.go @@ -9511,9 +9511,15 @@ const ( // RuntimeNodejs10X is a Runtime enum value RuntimeNodejs10X = "nodejs10.x" + // RuntimeNodejs12X is a Runtime enum value + RuntimeNodejs12X = "nodejs12.x" + // RuntimeJava8 is a Runtime enum value RuntimeJava8 = "java8" + // RuntimeJava11 is a Runtime enum value + RuntimeJava11 = "java11" + // RuntimePython27 is a Runtime enum value RuntimePython27 = "python2.7" @@ -9523,6 +9529,9 @@ const ( // RuntimePython37 is a Runtime enum value RuntimePython37 = "python3.7" + // RuntimePython38 is a Runtime enum value + RuntimePython38 = "python3.8" + // RuntimeDotnetcore10 is a Runtime enum value RuntimeDotnetcore10 = "dotnetcore1.0"