Attaches an EBS volume to a running or stopped instance and exposes it to the instance with the specified device name.
Encrypted EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see Amazon EBS encryption in the Amazon Elastic Compute Cloud User Guide.
After you attach an EBS volume, you must make it available. For more information, see Making an EBS volume available for use.
If a volume has an AWS Marketplace product code:
The volume can be attached only to a stopped instance.
AWS Marketplace product codes are copied from the volume to the instance.
You must be subscribed to the product.
The instance type and operating system of the instance must support the product. For example, you can't detach a volume from a Windows instance and attach it to a Linux instance.
For more information, see Attaching Amazon EBS volumes in the Amazon Elastic Compute Cloud User Guide.
", "AttachVpnGateway": "Attaches a virtual private gateway to a VPC. You can attach one virtual private gateway to one VPC at a time.
For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide.
", "AuthorizeClientVpnIngress": "Adds an ingress authorization rule to a Client VPN endpoint. Ingress authorization rules act as firewall rules that grant access to networks. You must configure ingress authorization rules to enable clients to access resources in AWS or on-premises networks.
", - "AuthorizeSecurityGroupEgress": "[VPC only] Adds the specified outbound (egress) rules to a security group for use with a VPC.
An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 CIDR address ranges, or to the instances that are associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP). For the TCP and UDP protocols, you must also specify the destination port or port range. For the ICMP protocol, you must also specify the ICMP type and code. You can use -1 for the type or code to mean all types or all codes.
You can optionally add a tag to the security group rule.
Rule changes are propagated to affected instances as quickly as possible. However, a small delay might occur.
For information about VPC security group quotas, see Amazon VPC Limits.
", - "AuthorizeSecurityGroupIngress": "Adds the specified inbound (ingress) rules to a security group.
An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address ranges, or from the instances that are associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP). For TCP and UDP, you must also specify the destination port or port range. For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean all types or all codes.
[VPC Only] You can optionally add a tag to the security group rule.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
For information about VPC security group quotas, see Amazon VPC Limits.
", + "AuthorizeSecurityGroupEgress": "[VPC only] Adds the specified egress rules to a security group for use with a VPC.
An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 CIDR address ranges, or to the instances associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP). For the TCP and UDP protocols, you must also specify the destination port or port range. For the ICMP protocol, you must also specify the ICMP type and code. You can use -1 for the type or code to mean all types or all codes.
Rule changes are propagated to affected instances as quickly as possible. However, a small delay might occur.
For more information about VPC security group limits, see Amazon VPC Limits.
", + "AuthorizeSecurityGroupIngress": "Adds the specified ingress rules to a security group.
An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address ranges, or from the instances associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP). For TCP and UDP, you must also specify the destination port or port range. For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean all types or all codes.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
For more information about VPC security group limits, see Amazon VPC Limits.
", "BundleInstance": "Bundles an Amazon instance store-backed Windows instance.
During bundling, only the root device volume (C:\\) is bundled. Data on other instance store volumes is not preserved.
This action is not applicable for Linux/Unix instances or Windows instances that are backed by Amazon EBS.
Cancels a bundling operation for an instance store-backed Windows instance.
", "CancelCapacityReservation": "Cancels the specified Capacity Reservation, releases the reserved capacity, and changes the Capacity Reservation's state to cancelled.
Instances running in the reserved capacity continue running until you stop them. Stopped instances that target the Capacity Reservation can no longer launch. Modify these instances to either target a different Capacity Reservation, launch On-Demand Instance capacity, or run in any open Capacity Reservation that has matching attributes and sufficient capacity.
", @@ -247,7 +247,6 @@ "DescribeScheduledInstanceAvailability": "Finds available schedules that meet the specified criteria.
You can search for an available schedule no more than 3 months in advance. You must meet the minimum required duration of 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.
After you find a schedule that meets your needs, call PurchaseScheduledInstances to purchase Scheduled Instances with that schedule.
", "DescribeScheduledInstances": "Describes the specified Scheduled Instances or all your Scheduled Instances.
", "DescribeSecurityGroupReferences": "[VPC only] Describes the VPCs on the other side of a VPC peering connection that are referencing the security groups you've specified in this request.
", - "DescribeSecurityGroupRules": "Describes one or more of your security group rules.
", "DescribeSecurityGroups": "Describes the specified security groups or all of your security groups.
A security group is for use with instances either in the EC2-Classic platform or in a specific VPC. For more information, see Amazon EC2 Security Groups in the Amazon Elastic Compute Cloud User Guide and Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.
", "DescribeSnapshotAttribute": "Describes the specified attribute of the specified snapshot. You can specify only one attribute at a time.
For more information about EBS snapshots, see Amazon EBS snapshots in the Amazon Elastic Compute Cloud User Guide.
", "DescribeSnapshots": "Describes the specified EBS snapshots available to you or all of the EBS snapshots available to you.
The snapshots available to you include public snapshots, private snapshots that you own, and private snapshots owned by other AWS accounts for which you have explicit create volume permissions.
The create volume permissions fall into the following categories:
public: The owner of the snapshot granted create volume permissions for the snapshot to the all group. All AWS accounts have create volume permissions for these snapshots.
explicit: The owner of the snapshot granted create volume permissions to a specific AWS account.
implicit: An AWS account has implicit create volume permissions for all snapshots it owns.
The list of snapshots returned can be filtered by specifying snapshot IDs, snapshot owners, or AWS accounts with create volume permissions. If no options are specified, Amazon EC2 returns all snapshots for which you have create volume permissions.
If you specify one or more snapshot IDs, only snapshots that have the specified IDs are returned. If you specify an invalid snapshot ID, an error is returned. If you specify a snapshot ID for which you do not have access, it is not included in the returned results.
If you specify one or more snapshot owners using the OwnerIds option, only snapshots from the specified owners and for which you have access are returned. The results can include the AWS account IDs of the specified owners, amazon for snapshots owned by Amazon, or self for snapshots that you own.
If you specify a list of restorable users, only snapshots with create snapshot permissions for those users are returned. You can specify AWS account IDs (if you own the snapshots), self for snapshots for which you own or have explicit permissions, or all for public snapshots.
If you are describing a long list of snapshots, we recommend that you paginate the output to make the list more manageable. The MaxResults parameter sets the maximum number of results returned in a single page. If the list of results exceeds your MaxResults value, then that number of results is returned along with a NextToken value that can be passed to a subsequent DescribeSnapshots request to retrieve the remaining results.
To get the state of fast snapshot restores for a snapshot, use DescribeFastSnapshotRestores.
For more information about EBS snapshots, see Amazon EBS snapshots in the Amazon Elastic Compute Cloud User Guide.
", @@ -373,7 +372,6 @@ "ModifyManagedPrefixList": "Modifies the specified managed prefix list.
Adding or removing entries in a prefix list creates a new version of the prefix list. Changing the name of the prefix list does not affect the version.
If you specify a current version number that does not match the true current version number, the request fails.
", "ModifyNetworkInterfaceAttribute": "Modifies the specified network interface attribute. You can specify only one attribute at a time. You can use this action to attach and detach security groups from an existing EC2 instance.
", "ModifyReservedInstances": "Modifies the Availability Zone, instance count, instance type, or network platform (EC2-Classic or EC2-VPC) of your Reserved Instances. The Reserved Instances to be modified must be identical, except for Availability Zone, network platform, and instance type.
For more information, see Modifying Reserved Instances in the Amazon EC2 User Guide.
", - "ModifySecurityGroupRules": "Modifies the rules of a security group.
", "ModifySnapshotAttribute": "Adds or removes permission settings for the specified snapshot. You may add or remove specified AWS account IDs from a snapshot's list of create volume permissions, but you cannot do both in a single operation. If you need to both add and remove account IDs for a snapshot, you must use multiple operations. You can make up to 500 modifications to a snapshot in a single operation.
Encrypted snapshots and snapshots with AWS Marketplace product codes cannot be made public. Snapshots encrypted with your default CMK cannot be shared with other accounts.
For more information about modifying snapshot permissions, see Sharing snapshots in the Amazon Elastic Compute Cloud User Guide.
", "ModifySpotFleetRequest": "Modifies the specified Spot Fleet request.
You can only modify a Spot Fleet request of type maintain.
While the Spot Fleet request is being modified, it is in the modifying state.
To scale up your Spot Fleet, increase its target capacity. The Spot Fleet launches the additional Spot Instances according to the allocation strategy for the Spot Fleet request. If the allocation strategy is lowestPrice, the Spot Fleet launches instances using the Spot Instance pool with the lowest price. If the allocation strategy is diversified, the Spot Fleet distributes the instances across the Spot Instance pools. If the allocation strategy is capacityOptimized, Spot Fleet launches instances from Spot Instance pools with optimal capacity for the number of instances that are launching.
To scale down your Spot Fleet, decrease its target capacity. First, the Spot Fleet cancels any open requests that exceed the new target capacity. You can request that the Spot Fleet terminate Spot Instances until the size of the fleet no longer exceeds the new target capacity. If the allocation strategy is lowestPrice, the Spot Fleet terminates the instances with the highest price per unit. If the allocation strategy is capacityOptimized, the Spot Fleet terminates the instances in the Spot Instance pools that have the least available Spot Instance capacity. If the allocation strategy is diversified, the Spot Fleet terminates instances across the Spot Instance pools. Alternatively, you can request that the Spot Fleet keep the fleet at its current size, but not replace any Spot Instances that are interrupted or that you terminate manually.
If you are finished with your Spot Fleet for now, but will use it again later, you can set the target capacity to 0.
", "ModifySubnetAttribute": "Modifies a subnet attribute. You can only modify one attribute at a time.
", @@ -433,8 +431,8 @@ "RestoreAddressToClassic": "Restores an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform. You cannot move an Elastic IP address that was originally allocated for use in EC2-VPC. The Elastic IP address must not be associated with an instance or network interface.
", "RestoreManagedPrefixListVersion": "Restores the entries from a previous version of a managed prefix list to a new version of the prefix list.
", "RevokeClientVpnIngress": "Removes an ingress authorization rule from a Client VPN endpoint.
", - "RevokeSecurityGroupEgress": "Removes the specified egress (outbound) rules from a security group for EC2-VPC. This action does not apply to security groups for use in EC2-Classic.
You can specify the rules that you want to remove by using one of the following methods:
The security group rule IDs.
The security group rule properties. Each rule consists of the protocol, from port, to port, and the IPv4 or IPv6 CIDR range or referenced security group or prefix list id. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
[Default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked.
AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
", - "RevokeSecurityGroupIngress": "Removes the specified ingress rules from a security group. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
[EC2-Classic, default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked.
AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
You can specify the rules that you want to remove by using one of the following methods:
[VPC only] The security group rule IDs.
The security group rule properties. Each rule consists of the protocol, from port, to port, and the IPv4 or IPv6 CIDR range or referenced security group or prefix list id. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
[Default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked.
AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
", + "RevokeSecurityGroupEgress": "[VPC only] Removes the specified egress rules from a security group for EC2-VPC. This action does not apply to security groups for use in EC2-Classic. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
[Default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked.
AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
Each rule consists of the protocol and the IPv4 or IPv6 CIDR range or source security group. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
", + "RevokeSecurityGroupIngress": "Removes the specified ingress rules from a security group. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
[EC2-Classic , default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked.
AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
Each rule consists of the protocol and the CIDR range or source security group. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
", "RunInstances": "Launches the specified number of instances using an AMI for which you have permissions.
You can specify a number of options, or leave the default options. The following rules apply:
[EC2-VPC] If you don't specify a subnet ID, we choose a default subnet from your default VPC for you. If you don't have a default VPC, you must specify a subnet ID in the request.
[EC2-Classic] If don't specify an Availability Zone, we choose one for you.
Some instance types must be launched into a VPC. If you do not have a default VPC, or if you do not specify a subnet ID, the request fails. For more information, see Instance types available only in a VPC.
[EC2-VPC] All instances have a network interface with a primary private IPv4 address. If you don't specify this address, we choose one from the IPv4 range of your subnet.
Not all instance types support IPv6 addresses. For more information, see Instance types.
If you don't specify a security group ID, we use the default security group. For more information, see Security groups.
If any of the AMIs have a product code attached for which the user has not subscribed, the request fails.
You can create a launch template, which is a resource that contains the parameters to launch an instance. When you launch an instance using RunInstances, you can specify the launch template instead of specifying the launch parameters.
To ensure faster instance launches, break up large requests into smaller batches. For example, create five separate launch requests for 100 instances each instead of one launch request for 500 instances.
An instance is ready for you to use when it's in the running state. You can check the state of your instance using DescribeInstances. You can tag instances and EBS volumes during launch, after launch, or both. For more information, see CreateTags and Tagging your Amazon EC2 resources.
Linux instances have access to the public key of the key pair at boot. You can use this key to provide secure access to the instance. Amazon EC2 public images use this feature to provide secure access without passwords. For more information, see Key pairs.
For troubleshooting, see What to do if an instance immediately terminates, and Troubleshooting connecting to your instance.
", "RunScheduledInstances": "Launches the specified Scheduled Instances.
Before you can launch a Scheduled Instance, you must purchase it and obtain an identifier using PurchaseScheduledInstances.
You must launch a Scheduled Instance during its scheduled time period. You can't stop or reboot a Scheduled Instance, but you can terminate it as needed. If you terminate a Scheduled Instance before the current scheduled time period ends, you can launch it again after a few minutes. For more information, see Scheduled Instances in the Amazon EC2 User Guide.
", "SearchLocalGatewayRoutes": "Searches for routes in the specified local gateway route table.
", @@ -450,8 +448,8 @@ "UnassignIpv6Addresses": "Unassigns one or more IPv6 addresses from a network interface.
", "UnassignPrivateIpAddresses": "Unassigns one or more secondary private IP addresses from a network interface.
", "UnmonitorInstances": "Disables detailed monitoring for a running instance. For more information, see Monitoring your instances and volumes in the Amazon EC2 User Guide.
", - "UpdateSecurityGroupRuleDescriptionsEgress": "[VPC only] Updates the description of an egress (outbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.
You can specify the rule that you want to update by using one of the following methods:
The security group rule descriptions.
The IP permissions structure.
You can remove a description for a security group rule by omitting the description parameter in the request.
", - "UpdateSecurityGroupRuleDescriptionsIngress": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.
You can specify the rule that you want to update by using one of the following methods:
[VPC only] The security group rule descriptions.
The IP permissions structure.
You can remove a description for a security group rule by omitting the description parameter in the request.
", + "UpdateSecurityGroupRuleDescriptionsEgress": "[VPC only] Updates the description of an egress (outbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.
You specify the description as part of the IP permissions structure. You can remove a description for a security group rule by omitting the description parameter in the request.
", + "UpdateSecurityGroupRuleDescriptionsIngress": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.
You specify the description as part of the IP permissions structure. You can remove a description for a security group rule by omitting the description parameter in the request.
", "WithdrawByoipCidr": "Stops advertising an address range that is provisioned as an address pool.
You can perform this operation at most once every 10 seconds, even if you specify different address ranges each time.
It can take a few minutes before traffic to the specified addresses stops routing to AWS because of BGP propagation delays.
" }, "shapes": { @@ -1175,21 +1173,11 @@ "refs": { } }, - "AuthorizeSecurityGroupEgressResult": { - "base": null, - "refs": { - } - }, "AuthorizeSecurityGroupIngressRequest": { "base": null, "refs": { } }, - "AuthorizeSecurityGroupIngressResult": { - "base": null, - "refs": { - } - }, "AutoAcceptSharedAssociationsValue": { "base": null, "refs": { @@ -1391,9 +1379,7 @@ "AuthorizeClientVpnIngressRequest$AuthorizeAllGroups": "Indicates whether to grant access to all clients. Specify true to grant all clients who successfully establish a VPN connection access to the network. Must be set to true if AccessGroupId is not specified.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, returns an error.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, returns an error.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, returns an error.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Is true if the request succeeds, and an error otherwise.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Indicates whether there are additional routes available.
", - "SecurityGroupRule$IsEgress": "Indicates whether the security group rule is an outbound rule.
", "SendDiagnosticInterruptRequest$DryRun": "Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Indicates whether requests from other AWS accounts to create an endpoint to the service must first be accepted.
", "ServiceConfiguration$ManagesVpcEndpoints": "Indicates whether the service manages its VPC endpoints. Management of the service VPC endpoints using the VPC endpoint API is restricted.
", @@ -5333,22 +5315,6 @@ "refs": { } }, - "DescribeSecurityGroupRulesMaxResults": { - "base": null, - "refs": { - "DescribeSecurityGroupRulesRequest$MaxResults": "The maximum number of results to return in a single call. To retrieve the remaining results, make another request with the returned NextToken value. This value can be between 5 and 1000. If this parameter is not specified, then all results are returned.
One or more filters.
association.route-table-association-id - The ID of an association ID for the route table.
association.route-table-id - The ID of the route table involved in the association.
association.subnet-id - The ID of the subnet involved in the association.
association.main - Indicates whether the route table is the main route table for the VPC (true | false). Route tables that do not have an association ID are not returned in the response.
owner-id - The ID of the AWS account that owns the route table.
route-table-id - The ID of the route table.
route.destination-cidr-block - The IPv4 CIDR range specified in a route in the table.
route.destination-ipv6-cidr-block - The IPv6 CIDR range specified in a route in the route table.
route.destination-prefix-list-id - The ID (prefix) of the AWS service specified in a route in the table.
route.egress-only-internet-gateway-id - The ID of an egress-only Internet gateway specified in a route in the route table.
route.gateway-id - The ID of a gateway specified in a route in the table.
route.instance-id - The ID of an instance specified in a route in the table.
route.nat-gateway-id - The ID of a NAT gateway.
route.transit-gateway-id - The ID of a transit gateway.
route.origin - Describes how the route was created. CreateRouteTable indicates that the route was automatically created when the route table was created; CreateRoute indicates that the route was manually added to the route table; EnableVgwRoutePropagation indicates that the route was propagated by route propagation.
route.state - The state of a route in the route table (active | blackhole). The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, the specified NAT instance has been terminated, and so on).
route.vpc-peering-connection-id - The ID of a VPC peering connection specified in a route in the table.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC for the route table.
The filters.
availability-zone - The Availability Zone (for example, us-west-2a).
instance-type - The instance type (for example, c4.large).
network-platform - The network platform (EC2-Classic or EC2-VPC).
platform - The platform (Linux/UNIX or Windows).
The filters.
availability-zone - The Availability Zone (for example, us-west-2a).
instance-type - The instance type (for example, c4.large).
network-platform - The network platform (EC2-Classic or EC2-VPC).
platform - The platform (Linux/UNIX or Windows).
One or more filters.
group-id - The ID of the security group.
security-group-rule-id - The ID of the security group rule.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
The filters. If using multiple filters for rules, the results include security groups for which any combination of rules - not necessarily a single rule - match all filters.
description - The description of the security group.
egress.ip-permission.cidr - An IPv4 CIDR block for an outbound security group rule.
egress.ip-permission.from-port - For an outbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.
egress.ip-permission.group-id - The ID of a security group that has been referenced in an outbound security group rule.
egress.ip-permission.group-name - The name of a security group that is referenced in an outbound security group rule.
egress.ip-permission.ipv6-cidr - An IPv6 CIDR block for an outbound security group rule.
egress.ip-permission.prefix-list-id - The ID of a prefix list to which a security group rule allows outbound access.
egress.ip-permission.protocol - The IP protocol for an outbound security group rule (tcp | udp | icmp, a protocol number, or -1 for all protocols).
egress.ip-permission.to-port - For an outbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.
egress.ip-permission.user-id - The ID of an AWS account that has been referenced in an outbound security group rule.
group-id - The ID of the security group.
group-name - The name of the security group.
ip-permission.cidr - An IPv4 CIDR block for an inbound security group rule.
ip-permission.from-port - For an inbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.
ip-permission.group-id - The ID of a security group that has been referenced in an inbound security group rule.
ip-permission.group-name - The name of a security group that is referenced in an inbound security group rule.
ip-permission.ipv6-cidr - An IPv6 CIDR block for an inbound security group rule.
ip-permission.prefix-list-id - The ID of a prefix list from which a security group rule allows inbound access.
ip-permission.protocol - The IP protocol for an inbound security group rule (tcp | udp | icmp, a protocol number, or -1 for all protocols).
ip-permission.to-port - For an inbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.
ip-permission.user-id - The ID of an AWS account that has been referenced in an inbound security group rule.
owner-id - The AWS account ID of the owner of the security group.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC specified when the security group was created.
The filters.
description - A description of the snapshot.
encrypted - Indicates whether the snapshot is encrypted (true | false)
owner-alias - The owner alias, from an Amazon-maintained list (amazon). This is not the user-configured AWS account alias set using the IAM console. We recommend that you use the related parameter instead of this filter.
owner-id - The AWS account ID of the owner. We recommend that you use the related parameter instead of this filter.
progress - The progress of the snapshot, as a percentage (for example, 80%).
snapshot-id - The snapshot ID.
start-time - The time stamp when the snapshot was initiated.
status - The status of the snapshot (pending | completed | error).
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
volume-id - The ID of the volume the snapshot is for.
volume-size - The size of the volume, in GiB.
One or more filters.
availability-zone-group - The Availability Zone group.
create-time - The time stamp when the Spot Instance request was created.
fault-code - The fault code related to the request.
fault-message - The fault message related to the request.
instance-id - The ID of the instance that fulfilled the request.
launch-group - The Spot Instance launch group.
launch.block-device-mapping.delete-on-termination - Indicates whether the EBS volume is deleted on instance termination.
launch.block-device-mapping.device-name - The device name for the volume in the block device mapping (for example, /dev/sdh or xvdh).
launch.block-device-mapping.snapshot-id - The ID of the snapshot for the EBS volume.
launch.block-device-mapping.volume-size - The size of the EBS volume, in GiB.
launch.block-device-mapping.volume-type - The type of EBS volume: gp2 for General Purpose SSD, io1 or io2 for Provisioned IOPS SSD, st1 for Throughput Optimized HDD, sc1for Cold HDD, or standard for Magnetic.
launch.group-id - The ID of the security group for the instance.
launch.group-name - The name of the security group for the instance.
launch.image-id - The ID of the AMI.
launch.instance-type - The type of instance (for example, m3.medium).
launch.kernel-id - The kernel ID.
launch.key-name - The name of the key pair the instance launched with.
launch.monitoring-enabled - Whether detailed monitoring is enabled for the Spot Instance.
launch.ramdisk-id - The RAM disk ID.
launched-availability-zone - The Availability Zone in which the request is launched.
network-interface.addresses.primary - Indicates whether the IP address is the primary private IP address.
network-interface.delete-on-termination - Indicates whether the network interface is deleted when the instance is terminated.
network-interface.description - A description of the network interface.
network-interface.device-index - The index of the device for the network interface attachment on the instance.
network-interface.group-id - The ID of the security group associated with the network interface.
network-interface.network-interface-id - The ID of the network interface.
network-interface.private-ip-address - The primary private IP address of the network interface.
network-interface.subnet-id - The ID of the subnet for the instance.
product-description - The product description associated with the instance (Linux/UNIX | Windows).
spot-instance-request-id - The Spot Instance request ID.
spot-price - The maximum hourly price for any Spot Instance launched to fulfill the request.
state - The state of the Spot Instance request (open | active | closed | cancelled | failed). Spot request status information can help you track your Amazon EC2 Spot Instance requests. For more information, see Spot request status in the Amazon EC2 User Guide for Linux Instances.
status-code - The short code describing the most recent evaluation of your Spot Instance request.
status-message - The message explaining the status of the Spot Instance request.
tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
type - The type of Spot Instance request (one-time | persistent).
valid-from - The start date of the request.
valid-until - The end date of the request.
The ID of one or more of the VPC's security groups. You cannot specify security groups from a different VPC.
", - "DescribeSecurityGroupsRequest$GroupIds": "The IDs of the security groups. Required for security groups in a nondefault VPC.
Default: Describes all of your security groups.
", + "DescribeSecurityGroupsRequest$GroupIds": "The IDs of the security groups. Required for security groups in a nondefault VPC.
Default: Describes all your security groups.
", "LaunchTemplateInstanceNetworkInterfaceSpecification$Groups": "The IDs of one or more security groups.
", "ModifyInstanceAttributeRequest$Groups": "[EC2-VPC] Replaces the security groups of the instance with the specified security groups. You must specify at least one security group, even if it's just the default security group for the VPC. You must specify the security group ID, not the security group name.
" } @@ -7630,7 +7595,7 @@ "GroupNameStringList": { "base": null, "refs": { - "DescribeSecurityGroupsRequest$GroupNames": "[EC2-Classic and default VPC only] The names of the security groups. You can specify either the security group name or the security group ID. For security groups in a nondefault VPC, use the group-name filter to describe security groups by name.
Default: Describes all of your security groups.
", + "DescribeSecurityGroupsRequest$GroupNames": "[EC2-Classic and default VPC only] The names of the security groups. You can specify either the security group name or the security group ID. For security groups in a nondefault VPC, use the group-name filter to describe security groups by name.
Default: Describes all your security groups.
", "ModifySnapshotAttributeRequest$GroupNames": "The group to modify for the snapshot.
" } }, @@ -8893,10 +8858,6 @@ "ScheduledInstancesNetworkInterface$DeviceIndex": "The index of the device for the network interface attachment.
", "ScheduledInstancesNetworkInterface$Ipv6AddressCount": "The number of IPv6 addresses to assign to the network interface. The IPv6 addresses are automatically selected from the subnet range.
", "ScheduledInstancesNetworkInterface$SecondaryPrivateIpAddressCount": "The number of secondary private IPv4 addresses.
", - "SecurityGroupRule$FromPort": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
", - "SecurityGroupRule$ToPort": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
", - "SecurityGroupRuleRequest$ToPort": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
The size of the volume, in GiB.
", "SnapshotInfo$VolumeSize": "Size of the volume from which this snapshot was created.
", "SpotFleetRequestConfigData$TargetCapacity": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is maintain, you can specify a target capacity of 0 and add capacity later.
The inbound rules that were unknown to the service. In some cases, unknownIpPermissionSet might be in a different format from the request parameter.
The inbound rules associated with the security group.
", "SecurityGroup$IpPermissionsEgress": "[VPC only] The outbound rules associated with the security group.
", - "UpdateSecurityGroupRuleDescriptionsEgressRequest$IpPermissions": "The IP permissions for the security group rule. You can either specify this parameter, or the SecurityGroupRuleDescriptions parameter.
The IP permissions for the security group rule. You can either specify this parameter, or the SecurityGroupRuleDescriptions parameter.
The IP permissions for the security group rule.
", + "UpdateSecurityGroupRuleDescriptionsIngressRequest$IpPermissions": "The IP permissions for the security group rule.
" } }, "IpRange": { @@ -9185,7 +9146,7 @@ "KeyNameStringList": { "base": null, "refs": { - "DescribeKeyPairsRequest$KeyNames": "The key pair names.
Default: Describes all of your key pairs.
" + "DescribeKeyPairsRequest$KeyNames": "The key pair names.
Default: Describes all your key pairs.
" } }, "KeyPair": { @@ -10339,16 +10300,6 @@ "refs": { } }, - "ModifySecurityGroupRulesRequest": { - "base": null, - "refs": { - } - }, - "ModifySecurityGroupRulesResult": { - "base": null, - "refs": { - } - }, "ModifySnapshotAttributeRequest": { "base": null, "refs": { @@ -11559,8 +11510,6 @@ "PrefixListResourceIdStringList$member": null, "ReplaceRouteRequest$DestinationPrefixListId": "The ID of the prefix list for the route.
", "RestoreManagedPrefixListVersionRequest$PrefixListId": "The ID of the prefix list.
", - "SecurityGroupRule$PrefixListId": "The ID of the prefix list.
", - "SecurityGroupRuleRequest$PrefixListId": "The ID of the prefix list.
", "TransitGatewayPrefixListReference$PrefixListId": "The ID of the prefix list.
", "TransitGatewayRoute$PrefixListId": "The ID of the prefix list used for destination matches.
" } @@ -11936,12 +11885,6 @@ "ReservedInstancesOffering$RecurringCharges": "The recurring charge tag assigned to the resource.
" } }, - "ReferencedSecurityGroup": { - "base": "Describes the security group that is referenced in the security group rule.
", - "refs": { - "SecurityGroupRule$ReferencedGroupInfo": "Describes the security group that is referenced in the rule.
" - } - }, "Region": { "base": "Describes a Region.
", "refs": { @@ -12960,7 +12903,7 @@ } }, "SecurityGroup": { - "base": "Describes a security group.
", + "base": "Describes a security group
", "refs": { "SecurityGroupList$member": null } @@ -12973,14 +12916,11 @@ "ClientVpnSecurityGroupIdSet$member": null, "DeleteSecurityGroupRequest$GroupId": "The ID of the security group. Required for a nondefault VPC.
", "GroupIds$member": null, - "ModifySecurityGroupRulesRequest$GroupId": "The ID of the security group.
", "RequestSpotLaunchSpecificationSecurityGroupIdList$member": null, "RevokeSecurityGroupEgressRequest$GroupId": "The ID of the security group.
", "RevokeSecurityGroupIngressRequest$GroupId": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.
", "ScheduledInstancesSecurityGroupIdSet$member": null, "SecurityGroupIdStringList$member": null, - "SecurityGroupRule$GroupId": "The ID of the security group.
", - "SecurityGroupRuleRequest$ReferencedGroupId": "The ID of the security group that is referenced in the security group rule.
", "UpdateSecurityGroupRuleDescriptionsEgressRequest$GroupId": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.
", "UpdateSecurityGroupRuleDescriptionsIngressRequest$GroupId": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.
", "VpcEndpointSecurityGroupIdList$member": null @@ -13034,70 +12974,6 @@ "DescribeSecurityGroupReferencesResult$SecurityGroupReferenceSet": "Information about the VPCs with the referencing security groups.
" } }, - "SecurityGroupRule": { - "base": "Describes a security group rule.
", - "refs": { - "SecurityGroupRuleList$member": null - } - }, - "SecurityGroupRuleDescription": { - "base": "Describes the description of a security group rule.
You can use this when you want to update the security group rule description for either an inbound or outbound rule.
", - "refs": { - "SecurityGroupRuleDescriptionList$member": null - } - }, - "SecurityGroupRuleDescriptionList": { - "base": null, - "refs": { - "UpdateSecurityGroupRuleDescriptionsEgressRequest$SecurityGroupRuleDescriptions": "The description for the egress security group rules. You can either specify this parameter, or the IpPermissions parameter.
[VPC only] The description for the ingress security group rules. You can either specify this parameter, or the IpPermissions parameter.
The ID of the security group rule.
", - "Ipv6Range$SecurityGroupRuleId": "The ID of the security group rule.
", - "PrefixListId$SecurityGroupRuleId": "The ID of the security group rule.
", - "SecurityGroupRule$SecurityGroupRuleId": "The ID of the security group rule.
", - "SecurityGroupRuleUpdate$SecurityGroupRuleId": "The ID of the security group rule.
", - "UserIdGroupPair$SecurityGroupRuleId": "The ID of the security group rule.
" - } - }, - "SecurityGroupRuleIdList": { - "base": null, - "refs": { - "DescribeSecurityGroupRulesRequest$SecurityGroupRuleIds": "The IDs of the security group rules.
", - "RevokeSecurityGroupEgressRequest$SecurityGroupRuleIds": "The IDs of the security group rules.
", - "RevokeSecurityGroupIngressRequest$SecurityGroupRuleIds": "The IDs of the security group rules.
" - } - }, - "SecurityGroupRuleList": { - "base": null, - "refs": { - "AuthorizeSecurityGroupEgressResult$SecurityGroupRules": "Information about the outbound (egress) security group rules that were added.
", - "AuthorizeSecurityGroupIngressResult$SecurityGroupRules": "Information about the inbound (ingress) security group rules that were added.
", - "DescribeSecurityGroupRulesResult$SecurityGroupRules": "Information about security group rules.
" - } - }, - "SecurityGroupRuleRequest": { - "base": "Describes a security group rule.
You can only use one of the following to specify the rule:
CidrIpv4
CidrIpv6
PrefixListId
ReferencedGroupId
When you run the ModifySecurityGroupRules command, you cannot change the rule type. For example if the rules references CidrIpv4, then you must use CidrIpv4 to reference the rule.
Information about the security group rule.
" - } - }, - "SecurityGroupRuleUpdate": { - "base": "Describes an update to a security group rule.
", - "refs": { - "SecurityGroupRuleUpdateList$member": null - } - }, - "SecurityGroupRuleUpdateList": { - "base": null, - "refs": { - "ModifySecurityGroupRulesRequest$SecurityGroupRules": "Information about the security group properties to update.
" - } - }, "SecurityGroupStringList": { "base": null, "refs": { @@ -13703,7 +13579,7 @@ "AuthorizeSecurityGroupEgressRequest$SourceSecurityGroupName": "Not supported. Use a set of IP permissions to specify a destination security group.
", "AuthorizeSecurityGroupEgressRequest$SourceSecurityGroupOwnerId": "Not supported. Use a set of IP permissions to specify a destination security group.
", "AuthorizeSecurityGroupIngressRequest$CidrIp": "The IPv4 address range, in CIDR format. You can't specify this parameter when specifying a source security group. To specify an IPv6 address range, use a set of IP permissions.
Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.
", - "AuthorizeSecurityGroupIngressRequest$IpProtocol": "The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers). To specify icmpv6, use a set of IP permissions.
[VPC only] Use -1 to specify all protocols. If you specify -1 or a protocol other than tcp, udp, or icmp, traffic on all ports is allowed, regardless of any ports that you specify.
Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.
", + "AuthorizeSecurityGroupIngressRequest$IpProtocol": "The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers). To specify icmpv6, use a set of IP permissions.
[VPC only] Use -1 to specify all protocols. If you specify -1 or a protocol other than tcp, udp, or icmp, traffic on all ports is allowed, regardless of any ports you specify.
Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.
", "AuthorizeSecurityGroupIngressRequest$SourceSecurityGroupName": "[EC2-Classic, default VPC] The name of the source security group. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. For EC2-VPC, the source security group must be in the same VPC.
", "AuthorizeSecurityGroupIngressRequest$SourceSecurityGroupOwnerId": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead.
", "AvailabilityZone$RegionName": "The name of the Region.
", @@ -14084,8 +13960,6 @@ "DescribeScheduledInstanceAvailabilityResult$NextToken": "The token required to retrieve the next set of results. This value is null when there are no more results to return.
The token for the next set of results.
", "DescribeScheduledInstancesResult$NextToken": "The token required to retrieve the next set of results. This value is null when there are no more results to return.
The token for the next page of results.
", - "DescribeSecurityGroupRulesResult$NextToken": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The token to request the next page of results.
", "DescribeSecurityGroupsResult$NextToken": "The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the EBS snapshot.
", @@ -14408,7 +14282,7 @@ "ImportInstanceVolumeDetailItem$StatusMessage": "The status information or errors related to the disk image.
", "ImportKeyPairRequest$KeyName": "A unique name for the key pair.
", "ImportKeyPairResult$KeyFingerprint": "The MD5 public key fingerprint as specified in section 4 of RFC 4716.
", - "ImportKeyPairResult$KeyName": "The key pair name that you provided.
", + "ImportKeyPairResult$KeyName": "The key pair name you provided.
", "ImportKeyPairResult$KeyPairId": "The ID of the resulting key pair.
", "ImportSnapshotRequest$ClientToken": "Token to enable idempotency for VM import requests.
", "ImportSnapshotRequest$Description": "The description string for the import snapshot task.
", @@ -14759,11 +14633,6 @@ "PurchaseRequest$PurchaseToken": "The purchase token.
", "PurchaseReservedInstancesOfferingResult$ReservedInstancesId": "The IDs of the purchased Reserved Instances.
", "PurchaseScheduledInstancesRequest$ClientToken": "Unique, case-sensitive identifier that ensures the idempotency of the request. For more information, see Ensuring Idempotency.
", - "ReferencedSecurityGroup$GroupId": "The ID of the security group.
", - "ReferencedSecurityGroup$PeeringStatus": "The status of a VPC peering connection, if applicable.
", - "ReferencedSecurityGroup$UserId": "The AWS account ID.
", - "ReferencedSecurityGroup$VpcId": "The ID of the VPC.
", - "ReferencedSecurityGroup$VpcPeeringConnectionId": "The ID of the VPC peering connection.
", "Region$Endpoint": "The Region service endpoint.
", "Region$RegionName": "The name of the Region.
", "Region$OptInStatus": "The Region opt-in status. The possible values are opt-in-not-required, opted-in, and not-opted-in.
The ID of your security group.
", "SecurityGroupReference$ReferencingVpcId": "The ID of the VPC with the referencing security group.
", "SecurityGroupReference$VpcPeeringConnectionId": "The ID of the VPC peering connection.
", - "SecurityGroupRule$GroupOwnerId": "The ID of the AWS account that owns the security group.
", - "SecurityGroupRule$IpProtocol": "The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).
Use -1 to specify all protocols.
The IPv4 CIDR range.
", - "SecurityGroupRule$CidrIpv6": "The IPv6 CIDR range.
", - "SecurityGroupRule$Description": "The security group rule description.
", - "SecurityGroupRuleDescription$SecurityGroupRuleId": "The ID of the security group rule.
", - "SecurityGroupRuleDescription$Description": "The description of the security group rule.
", - "SecurityGroupRuleIdList$member": null, - "SecurityGroupRuleRequest$IpProtocol": "The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).
Use -1 to specify all protocols.
The IPv4 CIDR range. To specify a single IPv4 address, use the /32 prefix length.
", - "SecurityGroupRuleRequest$CidrIpv6": "The IPv6 CIDR range. To specify a single IPv6 address, use the /128 prefix length.
", - "SecurityGroupRuleRequest$Description": "The description of the security group rule.
", "ServiceConfiguration$ServiceId": "The ID of the service.
", "ServiceConfiguration$ServiceName": "The name of the service.
", "ServiceConfiguration$PrivateDnsName": "The private DNS name for the service.
", @@ -15455,7 +15312,6 @@ "ReservedInstancesListing$Tags": "Any tags assigned to the resource.
", "RouteTable$Tags": "Any tags assigned to the route table.
", "SecurityGroup$Tags": "Any tags assigned to the security group.
", - "SecurityGroupRule$Tags": "The tags applied to the security group rule.
", "ServiceConfiguration$Tags": "Any tags assigned to the service.
", "ServiceDetail$Tags": "Any tags assigned to the service.
", "Snapshot$Tags": "Any tags assigned to the snapshot.
", @@ -15496,8 +15352,6 @@ "refs": { "AllocateAddressRequest$TagSpecifications": "The tags to assign to the Elastic IP address.
", "AllocateHostsRequest$TagSpecifications": "The tags to apply to the Dedicated Host during creation.
", - "AuthorizeSecurityGroupEgressRequest$TagSpecifications": "The tags applied to the security group rule.
", - "AuthorizeSecurityGroupIngressRequest$TagSpecifications": "[VPC Only] The tags applied to the security group rule.
", "CopySnapshotRequest$TagSpecifications": "The tags to apply to the new snapshot.
", "CreateCapacityReservationRequest$TagSpecifications": "The tags to apply to the Capacity Reservation during launch.
", "CreateCarrierGatewayRequest$TagSpecifications": "The tags to associate with the carrier gateway.
", diff --git a/models/apis/ec2/2016-11-15/paginators-1.json b/models/apis/ec2/2016-11-15/paginators-1.json index e1d041efc2c..fde6975e311 100755 --- a/models/apis/ec2/2016-11-15/paginators-1.json +++ b/models/apis/ec2/2016-11-15/paginators-1.json @@ -374,12 +374,6 @@ "output_token": "NextToken", "result_key": "ScheduledInstanceSet" }, - "DescribeSecurityGroupRules": { - "input_token": "NextToken", - "limit_key": "MaxResults", - "output_token": "NextToken", - "result_key": "SecurityGroupRules" - }, "DescribeSecurityGroups": { "input_token": "NextToken", "limit_key": "MaxResults", diff --git a/service/ec2/api.go b/service/ec2/api.go index 72a783d1dcb..8550cffea5e 100644 --- a/service/ec2/api.go +++ b/service/ec2/api.go @@ -2356,29 +2356,29 @@ func (c *EC2) AuthorizeSecurityGroupEgressRequest(input *AuthorizeSecurityGroupE output = &AuthorizeSecurityGroupEgressOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } // AuthorizeSecurityGroupEgress API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Adds the specified outbound (egress) rules to a security group -// for use with a VPC. +// [VPC only] Adds the specified egress rules to a security group for use with +// a VPC. // // An outbound rule permits instances to send traffic to the specified IPv4 -// or IPv6 CIDR address ranges, or to the instances that are associated with -// the specified destination security groups. +// or IPv6 CIDR address ranges, or to the instances associated with the specified +// destination security groups. // // You specify a protocol for each rule (for example, TCP). For the TCP and // UDP protocols, you must also specify the destination port or port range. // For the ICMP protocol, you must also specify the ICMP type and code. You // can use -1 for the type or code to mean all types or all codes. // -// You can optionally add a tag to the security group rule. -// // Rule changes are propagated to affected instances as quickly as possible. // However, a small delay might occur. // -// For information about VPC security group quotas, see Amazon VPC Limits (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). +// For more information about VPC security group limits, see Amazon VPC Limits +// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2447,28 +2447,28 @@ func (c *EC2) AuthorizeSecurityGroupIngressRequest(input *AuthorizeSecurityGroup output = &AuthorizeSecurityGroupIngressOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } // AuthorizeSecurityGroupIngress API operation for Amazon Elastic Compute Cloud. // -// Adds the specified inbound (ingress) rules to a security group. +// Adds the specified ingress rules to a security group. // // An inbound rule permits instances to receive traffic from the specified IPv4 -// or IPv6 CIDR address ranges, or from the instances that are associated with -// the specified destination security groups. +// or IPv6 CIDR address ranges, or from the instances associated with the specified +// destination security groups. // // You specify a protocol for each rule (for example, TCP). For TCP and UDP, // you must also specify the destination port or port range. For ICMP/ICMPv6, // you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean // all types or all codes. // -// [VPC Only] You can optionally add a tag to the security group rule. -// // Rule changes are propagated to instances within the security group as quickly // as possible. However, a small delay might occur. // -// For information about VPC security group quotas, see Amazon VPC Limits (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). +// For more information about VPC security group limits, see Amazon VPC Limits +// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -22869,138 +22869,6 @@ func (c *EC2) DescribeSecurityGroupReferencesWithContext(ctx aws.Context, input return out, req.Send() } -const opDescribeSecurityGroupRules = "DescribeSecurityGroupRules" - -// DescribeSecurityGroupRulesRequest generates a "aws/request.Request" representing the -// client's request for the DescribeSecurityGroupRules operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DescribeSecurityGroupRules for more information on using the DescribeSecurityGroupRules -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// -// // Example sending a request using the DescribeSecurityGroupRulesRequest method. -// req, resp := client.DescribeSecurityGroupRulesRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeSecurityGroupRules -func (c *EC2) DescribeSecurityGroupRulesRequest(input *DescribeSecurityGroupRulesInput) (req *request.Request, output *DescribeSecurityGroupRulesOutput) { - op := &request.Operation{ - Name: opDescribeSecurityGroupRules, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"NextToken"}, - OutputTokens: []string{"NextToken"}, - LimitToken: "MaxResults", - TruncationToken: "", - }, - } - - if input == nil { - input = &DescribeSecurityGroupRulesInput{} - } - - output = &DescribeSecurityGroupRulesOutput{} - req = c.newRequest(op, input, output) - return -} - -// DescribeSecurityGroupRules API operation for Amazon Elastic Compute Cloud. -// -// Describes one or more of your security group rules. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Elastic Compute Cloud's -// API operation DescribeSecurityGroupRules for usage and error information. -// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeSecurityGroupRules -func (c *EC2) DescribeSecurityGroupRules(input *DescribeSecurityGroupRulesInput) (*DescribeSecurityGroupRulesOutput, error) { - req, out := c.DescribeSecurityGroupRulesRequest(input) - return out, req.Send() -} - -// DescribeSecurityGroupRulesWithContext is the same as DescribeSecurityGroupRules with the addition of -// the ability to pass a context and additional request options. -// -// See DescribeSecurityGroupRules for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *EC2) DescribeSecurityGroupRulesWithContext(ctx aws.Context, input *DescribeSecurityGroupRulesInput, opts ...request.Option) (*DescribeSecurityGroupRulesOutput, error) { - req, out := c.DescribeSecurityGroupRulesRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// DescribeSecurityGroupRulesPages iterates over the pages of a DescribeSecurityGroupRules operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See DescribeSecurityGroupRules method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a DescribeSecurityGroupRules operation. -// pageNum := 0 -// err := client.DescribeSecurityGroupRulesPages(params, -// func(page *ec2.DescribeSecurityGroupRulesOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -// -func (c *EC2) DescribeSecurityGroupRulesPages(input *DescribeSecurityGroupRulesInput, fn func(*DescribeSecurityGroupRulesOutput, bool) bool) error { - return c.DescribeSecurityGroupRulesPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// DescribeSecurityGroupRulesPagesWithContext same as DescribeSecurityGroupRulesPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *EC2) DescribeSecurityGroupRulesPagesWithContext(ctx aws.Context, input *DescribeSecurityGroupRulesInput, fn func(*DescribeSecurityGroupRulesOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *DescribeSecurityGroupRulesInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.DescribeSecurityGroupRulesRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*DescribeSecurityGroupRulesOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - const opDescribeSecurityGroups = "DescribeSecurityGroups" // DescribeSecurityGroupsRequest generates a "aws/request.Request" representing the @@ -35266,80 +35134,6 @@ func (c *EC2) ModifyReservedInstancesWithContext(ctx aws.Context, input *ModifyR return out, req.Send() } -const opModifySecurityGroupRules = "ModifySecurityGroupRules" - -// ModifySecurityGroupRulesRequest generates a "aws/request.Request" representing the -// client's request for the ModifySecurityGroupRules operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ModifySecurityGroupRules for more information on using the ModifySecurityGroupRules -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// -// // Example sending a request using the ModifySecurityGroupRulesRequest method. -// req, resp := client.ModifySecurityGroupRulesRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifySecurityGroupRules -func (c *EC2) ModifySecurityGroupRulesRequest(input *ModifySecurityGroupRulesInput) (req *request.Request, output *ModifySecurityGroupRulesOutput) { - op := &request.Operation{ - Name: opModifySecurityGroupRules, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &ModifySecurityGroupRulesInput{} - } - - output = &ModifySecurityGroupRulesOutput{} - req = c.newRequest(op, input, output) - return -} - -// ModifySecurityGroupRules API operation for Amazon Elastic Compute Cloud. -// -// Modifies the rules of a security group. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Elastic Compute Cloud's -// API operation ModifySecurityGroupRules for usage and error information. -// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifySecurityGroupRules -func (c *EC2) ModifySecurityGroupRules(input *ModifySecurityGroupRulesInput) (*ModifySecurityGroupRulesOutput, error) { - req, out := c.ModifySecurityGroupRulesRequest(input) - return out, req.Send() -} - -// ModifySecurityGroupRulesWithContext is the same as ModifySecurityGroupRules with the addition of -// the ability to pass a context and additional request options. -// -// See ModifySecurityGroupRules for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *EC2) ModifySecurityGroupRulesWithContext(ctx aws.Context, input *ModifySecurityGroupRulesInput, opts ...request.Option) (*ModifySecurityGroupRulesOutput, error) { - req, out := c.ModifySecurityGroupRulesRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - const opModifySnapshotAttribute = "ModifySnapshotAttribute" // ModifySnapshotAttributeRequest generates a "aws/request.Request" representing the @@ -40215,26 +40009,23 @@ func (c *EC2) RevokeSecurityGroupEgressRequest(input *RevokeSecurityGroupEgressI // RevokeSecurityGroupEgress API operation for Amazon Elastic Compute Cloud. // -// Removes the specified egress (outbound) rules from a security group for EC2-VPC. -// This action does not apply to security groups for use in EC2-Classic. +// [VPC only] Removes the specified egress rules from a security group for EC2-VPC. +// This action does not apply to security groups for use in EC2-Classic. To +// remove a rule, the values that you specify (for example, ports) must match +// the existing rule's values exactly. // -// You can specify the rules that you want to remove by using one of the following -// methods: +// [Default VPC] If the values you specify do not match the existing rule's +// values, no error is returned, and the output describes the security group +// rules that were not revoked. // -// * The security group rule IDs. +// AWS recommends that you use DescribeSecurityGroups to verify that the rule +// has been removed. // -// * The security group rule properties. Each rule consists of the protocol, -// from port, to port, and the IPv4 or IPv6 CIDR range or referenced security -// group or prefix list id. For the TCP and UDP protocols, you must also -// specify the destination port or range of ports. For the ICMP protocol, -// you must also specify the ICMP type and code. If the security group rule -// has a description, you do not have to specify the description to revoke -// the rule. To remove a rule, the values that you specify (for example, -// ports) must match the existing rule's values exactly. [Default VPC] If -// the values you specify do not match the existing rule's values, no error -// is returned, and the output describes the security group rules that were -// not revoked. AWS recommends that you use DescribeSecurityGroups to verify -// that the rule has been removed. +// Each rule consists of the protocol and the IPv4 or IPv6 CIDR range or source +// security group. For the TCP and UDP protocols, you must also specify the +// destination port or range of ports. For the ICMP protocol, you must also +// specify the ICMP type and code. If the security group rule has a description, +// you do not have to specify the description to revoke the rule. // // Rule changes are propagated to instances within the security group as quickly // as possible. However, a small delay might occur. @@ -40315,30 +40106,18 @@ func (c *EC2) RevokeSecurityGroupIngressRequest(input *RevokeSecurityGroupIngres // the values that you specify (for example, ports) must match the existing // rule's values exactly. // -// [EC2-Classic, default VPC] If the values you specify do not match the existing +// [EC2-Classic , default VPC] If the values you specify do not match the existing // rule's values, no error is returned, and the output describes the security // group rules that were not revoked. // // AWS recommends that you use DescribeSecurityGroups to verify that the rule // has been removed. // -// You can specify the rules that you want to remove by using one of the following -// methods: -// -// * [VPC only] The security group rule IDs. -// -// * The security group rule properties. Each rule consists of the protocol, -// from port, to port, and the IPv4 or IPv6 CIDR range or referenced security -// group or prefix list id. For the TCP and UDP protocols, you must also -// specify the destination port or range of ports. For the ICMP protocol, -// you must also specify the ICMP type and code. If the security group rule -// has a description, you do not have to specify the description to revoke -// the rule. To remove a rule, the values that you specify (for example, -// ports) must match the existing rule's values exactly. [Default VPC] If -// the values you specify do not match the existing rule's values, no error -// is returned, and the output describes the security group rules that were -// not revoked. AWS recommends that you use DescribeSecurityGroups to verify -// that the rule has been removed. +// Each rule consists of the protocol and the CIDR range or source security +// group. For the TCP and UDP protocols, you must also specify the destination +// port or range of ports. For the ICMP protocol, you must also specify the +// ICMP type and code. If the security group rule has a description, you do +// not have to specify the description to revoke the rule. // // Rule changes are propagated to instances within the security group as quickly // as possible. However, a small delay might occur. @@ -41830,14 +41609,8 @@ func (c *EC2) UpdateSecurityGroupRuleDescriptionsEgressRequest(input *UpdateSecu // rule. You can replace an existing description, or add a description to a // rule that did not have one previously. // -// You can specify the rule that you want to update by using one of the following -// methods: -// -// * The security group rule descriptions. -// -// * The IP permissions structure. -// -// You can remove a description for a security group rule by omitting the description +// You specify the description as part of the IP permissions structure. You +// can remove a description for a security group rule by omitting the description // parameter in the request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -41916,14 +41689,8 @@ func (c *EC2) UpdateSecurityGroupRuleDescriptionsIngressRequest(input *UpdateSec // can replace an existing description, or add a description to a rule that // did not have one previously. // -// You can specify the rule that you want to update by using one of the following -// methods: -// -// * [VPC only] The security group rule descriptions. -// -// * The IP permissions structure. -// -// You can remove a description for a security group rule by omitting the description +// You specify the description as part of the IP permissions structure. You +// can remove a description for a security group rule by omitting the description // parameter in the request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -46007,9 +45774,6 @@ type AuthorizeSecurityGroupEgressInput struct { // group. SourceSecurityGroupOwnerId *string `locationName:"sourceSecurityGroupOwnerId" type:"string"` - // The tags applied to the security group rule. - TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // Not supported. Use a set of IP permissions to specify the port. ToPort *int64 `locationName:"toPort" type:"integer"` } @@ -46085,12 +45849,6 @@ func (s *AuthorizeSecurityGroupEgressInput) SetSourceSecurityGroupOwnerId(v stri return s } -// SetTagSpecifications sets the TagSpecifications field's value. -func (s *AuthorizeSecurityGroupEgressInput) SetTagSpecifications(v []*TagSpecification) *AuthorizeSecurityGroupEgressInput { - s.TagSpecifications = v - return s -} - // SetToPort sets the ToPort field's value. func (s *AuthorizeSecurityGroupEgressInput) SetToPort(v int64) *AuthorizeSecurityGroupEgressInput { s.ToPort = &v @@ -46099,12 +45857,6 @@ func (s *AuthorizeSecurityGroupEgressInput) SetToPort(v int64) *AuthorizeSecurit type AuthorizeSecurityGroupEgressOutput struct { _ struct{} `type:"structure"` - - // Returns true if the request succeeds; otherwise, returns an error. - Return *bool `locationName:"return" type:"boolean"` - - // Information about the outbound (egress) security group rules that were added. - SecurityGroupRules []*SecurityGroupRule `locationName:"securityGroupRuleSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -46117,18 +45869,6 @@ func (s AuthorizeSecurityGroupEgressOutput) GoString() string { return s.String() } -// SetReturn sets the Return field's value. -func (s *AuthorizeSecurityGroupEgressOutput) SetReturn(v bool) *AuthorizeSecurityGroupEgressOutput { - s.Return = &v - return s -} - -// SetSecurityGroupRules sets the SecurityGroupRules field's value. -func (s *AuthorizeSecurityGroupEgressOutput) SetSecurityGroupRules(v []*SecurityGroupRule) *AuthorizeSecurityGroupEgressOutput { - s.SecurityGroupRules = v - return s -} - type AuthorizeSecurityGroupIngressInput struct { _ struct{} `type:"structure"` @@ -46171,7 +45911,7 @@ type AuthorizeSecurityGroupIngressInput struct { // // [VPC only] Use -1 to specify all protocols. If you specify -1 or a protocol // other than tcp, udp, or icmp, traffic on all ports is allowed, regardless - // of any ports that you specify. + // of any ports you specify. // // Alternatively, use a set of IP permissions to specify multiple rules and // a description for the rule. @@ -46194,9 +45934,6 @@ type AuthorizeSecurityGroupIngressInput struct { // with a specific IP protocol and port range, use a set of IP permissions instead. SourceSecurityGroupOwnerId *string `type:"string"` - // [VPC Only] The tags applied to the security group rule. - TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The end of port range for the TCP and UDP protocols, or an ICMP code number. // For the ICMP code number, use -1 to specify all codes. If you specify all // ICMP types, you must specify all codes. @@ -46270,12 +46007,6 @@ func (s *AuthorizeSecurityGroupIngressInput) SetSourceSecurityGroupOwnerId(v str return s } -// SetTagSpecifications sets the TagSpecifications field's value. -func (s *AuthorizeSecurityGroupIngressInput) SetTagSpecifications(v []*TagSpecification) *AuthorizeSecurityGroupIngressInput { - s.TagSpecifications = v - return s -} - // SetToPort sets the ToPort field's value. func (s *AuthorizeSecurityGroupIngressInput) SetToPort(v int64) *AuthorizeSecurityGroupIngressInput { s.ToPort = &v @@ -46284,12 +46015,6 @@ func (s *AuthorizeSecurityGroupIngressInput) SetToPort(v int64) *AuthorizeSecuri type AuthorizeSecurityGroupIngressOutput struct { _ struct{} `type:"structure"` - - // Returns true if the request succeeds; otherwise, returns an error. - Return *bool `locationName:"return" type:"boolean"` - - // Information about the inbound (ingress) security group rules that were added. - SecurityGroupRules []*SecurityGroupRule `locationName:"securityGroupRuleSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -46302,18 +46027,6 @@ func (s AuthorizeSecurityGroupIngressOutput) GoString() string { return s.String() } -// SetReturn sets the Return field's value. -func (s *AuthorizeSecurityGroupIngressOutput) SetReturn(v bool) *AuthorizeSecurityGroupIngressOutput { - s.Return = &v - return s -} - -// SetSecurityGroupRules sets the SecurityGroupRules field's value. -func (s *AuthorizeSecurityGroupIngressOutput) SetSecurityGroupRules(v []*SecurityGroupRule) *AuthorizeSecurityGroupIngressOutput { - s.SecurityGroupRules = v - return s -} - // Describes Availability Zones, Local Zones, and Wavelength Zones. type AvailabilityZone struct { _ struct{} `type:"structure"` @@ -69496,7 +69209,7 @@ type DescribeKeyPairsInput struct { // The key pair names. // - // Default: Describes all of your key pairs. + // Default: Describes all your key pairs. KeyNames []*string `locationName:"KeyName" locationNameList:"KeyName" type:"list"` // The IDs of the key pairs. @@ -73505,127 +73218,6 @@ func (s *DescribeSecurityGroupReferencesOutput) SetSecurityGroupReferenceSet(v [ return s } -type DescribeSecurityGroupRulesInput struct { - _ struct{} `type:"structure"` - - // Checks whether you have the required permissions for the action, without - // actually making the request, and provides an error response. If you have - // the required permissions, the error response is DryRunOperation. Otherwise, - // it is UnauthorizedOperation. - DryRun *bool `type:"boolean"` - - // One or more filters. - // - // * group-id - The ID of the security group. - // - // * security-group-rule-id - The ID of the security group rule. - // - // * tag: