diff --git a/.changes/1.35.88.json b/.changes/1.35.88.json new file mode 100644 index 0000000000..99ad69fa9b --- /dev/null +++ b/.changes/1.35.88.json @@ -0,0 +1,22 @@ +[ + { + "category": "``bcm-pricing-calculator``", + "description": "Added ConflictException to DeleteBillEstimate.", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "Add support for Dualstack Endpoints", + "type": "api-change" + }, + { + "category": "``network-firewall``", + "description": "Dual-stack endpoints are now supported.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Documentation updates for AWS Security Hub", + "type": "api-change" + } +] \ No newline at end of file diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 6dfea9b8ff..8a6791eb8c 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -2,6 +2,15 @@ CHANGELOG ========= +1.35.88 +======= + +* api-change:``bcm-pricing-calculator``: Added ConflictException to DeleteBillEstimate. +* api-change:``ecr``: Add support for Dualstack Endpoints +* api-change:``network-firewall``: Dual-stack endpoints are now supported. +* api-change:``securityhub``: Documentation updates for AWS Security Hub + + 1.35.87 ======= diff --git a/botocore/__init__.py b/botocore/__init__.py index 90bfa3a343..8dbf48b71a 100644 --- a/botocore/__init__.py +++ b/botocore/__init__.py @@ -16,7 +16,7 @@ import os import re -__version__ = '1.35.87' +__version__ = '1.35.88' class NullHandler(logging.Handler): diff --git a/botocore/data/bcm-pricing-calculator/2024-06-19/service-2.json b/botocore/data/bcm-pricing-calculator/2024-06-19/service-2.json index 670e14e122..5050c0084e 100644 --- a/botocore/data/bcm-pricing-calculator/2024-06-19/service-2.json +++ b/botocore/data/bcm-pricing-calculator/2024-06-19/service-2.json @@ -264,6 +264,7 @@ "input":{"shape":"DeleteBillEstimateRequest"}, "output":{"shape":"DeleteBillEstimateResponse"}, "errors":[ + {"shape":"ConflictException"}, {"shape":"ValidationException"}, {"shape":"DataUnavailableException"}, {"shape":"InternalServerException"}, diff --git a/botocore/data/ecr/2015-09-21/endpoint-rule-set-1.json b/botocore/data/ecr/2015-09-21/endpoint-rule-set-1.json index 06f8b3b5f5..e794bba4b7 100644 --- a/botocore/data/ecr/2015-09-21/endpoint-rule-set-1.json +++ b/botocore/data/ecr/2015-09-21/endpoint-rule-set-1.json @@ -7,13 +7,6 @@ "documentation": "The AWS region used to dispatch the request.", "type": "String" }, - "UseDualStack": { - "builtIn": "AWS::UseDualStack", - "required": true, - "default": false, - "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", - "type": "Boolean" - }, "UseFIPS": { "builtIn": "AWS::UseFIPS", "required": true, @@ -21,11 +14,12 @@ "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", "type": "Boolean" }, - "Endpoint": { - "builtIn": "SDK::Endpoint", - "required": false, - "documentation": "Override the endpoint used to send this request", - "type": "String" + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" } }, "rules": [ @@ -35,9 +29,18 @@ "fn": "isSet", "argv": [ { - "ref": "Endpoint" + "ref": "Region" } ] + }, + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" } ], "rules": [ @@ -51,13 +54,7 @@ }, true ] - } - ], - "error": "Invalid Configuration: FIPS and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [ + }, { "fn": "booleanEquals", "argv": [ @@ -68,297 +65,176 @@ ] } ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" - }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - }, - { - "conditions": [ - { - "fn": "isSet", - "argv": [ - { - "ref": "Region" - } - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "aws.partition", - "argv": [ - { - "ref": "Region" - } - ], - "assign": "PartitionResult" - } - ], "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] }, { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } - ], - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://api.ecr-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - }, + ] + } + ], + "rules": [ { "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" + "endpoint": { + "url": "https://ecr-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ], "type": "tree" }, + { + "conditions": [], + "error": "FIPS and dualstack are enabled, but this partition does not support one or both", + "type": "error" + } + ], + "type": "tree" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] + "ref": "PartitionResult" }, - true + "supportsDualStack" ] } - ], - "rules": [ - { - "conditions": [ - { - "fn": "stringEquals", - "argv": [ - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "name" - ] - }, - "aws" - ] - } - ], - "endpoint": { - "url": "https://ecr-fips.{Region}.amazonaws.com", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [ - { - "fn": "stringEquals", - "argv": [ - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "name" - ] - }, - "aws-us-gov" - ] - } - ], - "endpoint": { - "url": "https://ecr-fips.{Region}.amazonaws.com", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - }, - { - "conditions": [], - "endpoint": { - "url": "https://api.ecr-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - }, + ] + } + ], + "rules": [ { "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" + "endpoint": { + "url": "https://ecr.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ], "type": "tree" }, + { + "conditions": [], + "error": "Dualstack is enabled but this partition does not support dualstack", + "type": "error" + } + ], + "type": "tree" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } + "ref": "PartitionResult" + }, + "supportsFIPS" ] } - ], - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://api.ecr.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ], - "type": "tree" - }, + ] + } + ], + "rules": [ { "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" + "endpoint": { + "url": "https://ecr-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ], "type": "tree" }, { "conditions": [], - "endpoint": { - "url": "https://api.ecr.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" } ], "type": "tree" + }, + { + "conditions": [], + "endpoint": { + "url": "https://api.ecr.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ], "type": "tree" - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] } \ No newline at end of file diff --git a/botocore/data/endpoints.json b/botocore/data/endpoints.json index 05a0eda4e2..6e5a6c7d58 100644 --- a/botocore/data/endpoints.json +++ b/botocore/data/endpoints.json @@ -675,85 +675,283 @@ "credentialScope" : { "region" : "af-south-1" }, - "hostname" : "api.ecr.af-south-1.amazonaws.com" + "hostname" : "api.ecr.af-south-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-east-1" : { "credentialScope" : { "region" : "ap-east-1" }, - "hostname" : "api.ecr.ap-east-1.amazonaws.com" + "hostname" : "api.ecr.ap-east-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-northeast-1" : { "credentialScope" : { "region" : "ap-northeast-1" }, - "hostname" : "api.ecr.ap-northeast-1.amazonaws.com" + "hostname" : "api.ecr.ap-northeast-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-northeast-2" : { "credentialScope" : { "region" : "ap-northeast-2" }, - "hostname" : "api.ecr.ap-northeast-2.amazonaws.com" + "hostname" : "api.ecr.ap-northeast-2.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-northeast-3" : { "credentialScope" : { "region" : "ap-northeast-3" }, - "hostname" : "api.ecr.ap-northeast-3.amazonaws.com" + "hostname" : "api.ecr.ap-northeast-3.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-south-1" : { "credentialScope" : { "region" : "ap-south-1" }, - "hostname" : "api.ecr.ap-south-1.amazonaws.com" + "hostname" : "api.ecr.ap-south-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-south-2" : { "credentialScope" : { "region" : "ap-south-2" }, - "hostname" : "api.ecr.ap-south-2.amazonaws.com" + "hostname" : "api.ecr.ap-south-2.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-southeast-1" : { "credentialScope" : { "region" : "ap-southeast-1" }, - "hostname" : "api.ecr.ap-southeast-1.amazonaws.com" + "hostname" : "api.ecr.ap-southeast-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-southeast-2" : { "credentialScope" : { "region" : "ap-southeast-2" }, - "hostname" : "api.ecr.ap-southeast-2.amazonaws.com" + "hostname" : "api.ecr.ap-southeast-2.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-southeast-3" : { "credentialScope" : { "region" : "ap-southeast-3" }, - "hostname" : "api.ecr.ap-southeast-3.amazonaws.com" + "hostname" : "api.ecr.ap-southeast-3.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-southeast-4" : { "credentialScope" : { "region" : "ap-southeast-4" }, - "hostname" : "api.ecr.ap-southeast-4.amazonaws.com" + "hostname" : "api.ecr.ap-southeast-4.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ap-southeast-5" : { "credentialScope" : { "region" : "ap-southeast-5" }, - "hostname" : "api.ecr.ap-southeast-5.amazonaws.com" + "hostname" : "api.ecr.ap-southeast-5.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ca-central-1" : { "credentialScope" : { "region" : "ca-central-1" }, - "hostname" : "api.ecr.ca-central-1.amazonaws.com" + "hostname" : "api.ecr.ca-central-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "ca-west-1" : { "credentialScope" : { "region" : "ca-west-1" }, - "hostname" : "api.ecr.ca-west-1.amazonaws.com" + "hostname" : "api.ecr.ca-west-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-af-south-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-east-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-northeast-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-northeast-2" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-northeast-3" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-south-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-south-2" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-southeast-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-southeast-2" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-southeast-3" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-southeast-4" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ap-southeast-5" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ca-central-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-ca-west-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-eu-central-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-eu-central-2" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-eu-north-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-eu-south-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-eu-south-2" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-eu-west-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-eu-west-2" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-eu-west-3" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-il-central-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-me-central-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-me-south-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-sa-east-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "dkr-us-east-1" : { "credentialScope" : { @@ -761,6 +959,10 @@ }, "deprecated" : true, "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-east-1.amazonaws.com", "tags" : [ "fips" ] } ] @@ -771,6 +973,10 @@ }, "deprecated" : true, "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-east-2.amazonaws.com", "tags" : [ "fips" ] } ] @@ -781,6 +987,10 @@ }, "deprecated" : true, "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-west-1.amazonaws.com", "tags" : [ "fips" ] } ] @@ -791,6 +1001,10 @@ }, "deprecated" : true, "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-west-2.amazonaws.com", "tags" : [ "fips" ] } ] @@ -799,49 +1013,73 @@ "credentialScope" : { "region" : "eu-central-1" }, - "hostname" : "api.ecr.eu-central-1.amazonaws.com" + "hostname" : "api.ecr.eu-central-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "eu-central-2" : { "credentialScope" : { "region" : "eu-central-2" }, - "hostname" : "api.ecr.eu-central-2.amazonaws.com" + "hostname" : "api.ecr.eu-central-2.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "eu-north-1" : { "credentialScope" : { "region" : "eu-north-1" }, - "hostname" : "api.ecr.eu-north-1.amazonaws.com" + "hostname" : "api.ecr.eu-north-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "eu-south-1" : { "credentialScope" : { "region" : "eu-south-1" }, - "hostname" : "api.ecr.eu-south-1.amazonaws.com" + "hostname" : "api.ecr.eu-south-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "eu-south-2" : { "credentialScope" : { "region" : "eu-south-2" }, - "hostname" : "api.ecr.eu-south-2.amazonaws.com" + "hostname" : "api.ecr.eu-south-2.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "eu-west-1" : { "credentialScope" : { "region" : "eu-west-1" }, - "hostname" : "api.ecr.eu-west-1.amazonaws.com" + "hostname" : "api.ecr.eu-west-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "eu-west-2" : { "credentialScope" : { "region" : "eu-west-2" }, - "hostname" : "api.ecr.eu-west-2.amazonaws.com" + "hostname" : "api.ecr.eu-west-2.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "eu-west-3" : { "credentialScope" : { "region" : "eu-west-3" }, - "hostname" : "api.ecr.eu-west-3.amazonaws.com" + "hostname" : "api.ecr.eu-west-3.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "fips-dkr-us-east-1" : { "credentialScope" : { @@ -903,25 +1141,37 @@ "credentialScope" : { "region" : "il-central-1" }, - "hostname" : "api.ecr.il-central-1.amazonaws.com" + "hostname" : "api.ecr.il-central-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "me-central-1" : { "credentialScope" : { "region" : "me-central-1" }, - "hostname" : "api.ecr.me-central-1.amazonaws.com" + "hostname" : "api.ecr.me-central-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "me-south-1" : { "credentialScope" : { "region" : "me-south-1" }, - "hostname" : "api.ecr.me-south-1.amazonaws.com" + "hostname" : "api.ecr.me-south-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "sa-east-1" : { "credentialScope" : { "region" : "sa-east-1" }, - "hostname" : "api.ecr.sa-east-1.amazonaws.com" + "hostname" : "api.ecr.sa-east-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "us-east-1" : { "credentialScope" : { @@ -929,6 +1179,10 @@ }, "hostname" : "api.ecr.us-east-1.amazonaws.com", "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-east-1.amazonaws.com", "tags" : [ "fips" ] } ] @@ -939,6 +1193,10 @@ }, "hostname" : "api.ecr.us-east-2.amazonaws.com", "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-east-2.amazonaws.com", "tags" : [ "fips" ] } ] @@ -949,6 +1207,10 @@ }, "hostname" : "api.ecr.us-west-1.amazonaws.com", "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-west-1.amazonaws.com", "tags" : [ "fips" ] } ] @@ -959,6 +1221,10 @@ }, "hostname" : "api.ecr.us-west-2.amazonaws.com", "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-west-2.amazonaws.com", "tags" : [ "fips" ] } ] @@ -971,7 +1237,10 @@ "credentialScope" : { "region" : "us-east-1" }, - "hostname" : "api.ecr-public.us-east-1.amazonaws.com" + "hostname" : "api.ecr-public.us-east-1.amazonaws.com", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "us-west-2" : { "credentialScope" : { @@ -24938,13 +25207,31 @@ "credentialScope" : { "region" : "cn-north-1" }, - "hostname" : "api.ecr.cn-north-1.amazonaws.com.cn" + "hostname" : "api.ecr.cn-north-1.amazonaws.com.cn", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] }, "cn-northwest-1" : { "credentialScope" : { "region" : "cn-northwest-1" }, - "hostname" : "api.ecr.cn-northwest-1.amazonaws.com.cn" + "hostname" : "api.ecr.cn-northwest-1.amazonaws.com.cn", + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-cn-north-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] + }, + "dkr-cn-northwest-1" : { + "deprecated" : true, + "variants" : [ { + "tags" : [ "dualstack" ] + } ] } } }, @@ -26695,6 +26982,10 @@ }, "deprecated" : true, "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-gov-east-1.amazonaws.com", "tags" : [ "fips" ] } ] @@ -26705,6 +26996,10 @@ }, "deprecated" : true, "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-gov-west-1.amazonaws.com", "tags" : [ "fips" ] } ] @@ -26743,6 +27038,10 @@ }, "hostname" : "api.ecr.us-gov-east-1.amazonaws.com", "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-gov-east-1.amazonaws.com", "tags" : [ "fips" ] } ] @@ -26753,6 +27052,10 @@ }, "hostname" : "api.ecr.us-gov-west-1.amazonaws.com", "variants" : [ { + "tags" : [ "dualstack" ] + }, { + "tags" : [ "dualstack", "fips" ] + }, { "hostname" : "ecr-fips.us-gov-west-1.amazonaws.com", "tags" : [ "fips" ] } ] diff --git a/botocore/data/network-firewall/2020-11-12/service-2.json b/botocore/data/network-firewall/2020-11-12/service-2.json index ec6854a661..834fa0f83a 100644 --- a/botocore/data/network-firewall/2020-11-12/service-2.json +++ b/botocore/data/network-firewall/2020-11-12/service-2.json @@ -3766,5 +3766,5 @@ "member":{"shape":"VpcId"} } }, - "documentation":"

This is the API Reference for Network Firewall. This guide is for developers who need detailed information about the Network Firewall API actions, data types, and errors.

Network Firewall is a stateful, managed, network firewall and intrusion detection and prevention service for Amazon Virtual Private Cloud (Amazon VPC). With Network Firewall, you can filter traffic at the perimeter of your VPC. This includes filtering traffic going to and coming from an internet gateway, NAT gateway, or over VPN or Direct Connect. Network Firewall uses rules that are compatible with Suricata, a free, open source network analysis and threat detection engine.

You can use Network Firewall to monitor and protect your VPC traffic in a number of ways. The following are just a few examples:

To enable Network Firewall for your VPCs, you perform steps in both Amazon VPC and in Network Firewall. For information about using Amazon VPC, see Amazon VPC User Guide.

To start using Network Firewall, do the following:

  1. (Optional) If you don't already have a VPC that you want to protect, create it in Amazon VPC.

  2. In Amazon VPC, in each Availability Zone where you want to have a firewall endpoint, create a subnet for the sole use of Network Firewall.

  3. In Network Firewall, create stateless and stateful rule groups, to define the components of the network traffic filtering behavior that you want your firewall to have.

  4. In Network Firewall, create a firewall policy that uses your rule groups and specifies additional default traffic filtering behavior.

  5. In Network Firewall, create a firewall and specify your new firewall policy and VPC subnets. Network Firewall creates a firewall endpoint in each subnet that you specify, with the behavior that's defined in the firewall policy.

  6. In Amazon VPC, use ingress routing enhancements to route traffic through the new firewall endpoints.

" + "documentation":"

This is the API Reference for Network Firewall. This guide is for developers who need detailed information about the Network Firewall API actions, data types, and errors.

The REST API requires you to handle connection details, such as calculating signatures, handling request retries, and error handling. For general information about using the Amazon Web Services REST APIs, see Amazon Web Services APIs.

To view the complete list of Amazon Web Services Regions where Network Firewall is available, see Service endpoints and quotas in the Amazon Web Services General Reference.

To access Network Firewall using the IPv4 REST API endpoint: https://network-firewall.<region>.amazonaws.com

To access Network Firewall using the Dualstack (IPv4 and IPv6) REST API endpoint: https://network-firewall.<region>.aws.api

Alternatively, you can use one of the Amazon Web Services SDKs to access an API that's tailored to the programming language or platform that you're using. For more information, see Amazon Web Services SDKs.

For descriptions of Network Firewall features, including and step-by-step instructions on how to use them through the Network Firewall console, see the Network Firewall Developer Guide.

Network Firewall is a stateful, managed, network firewall and intrusion detection and prevention service for Amazon Virtual Private Cloud (Amazon VPC). With Network Firewall, you can filter traffic at the perimeter of your VPC. This includes filtering traffic going to and coming from an internet gateway, NAT gateway, or over VPN or Direct Connect. Network Firewall uses rules that are compatible with Suricata, a free, open source network analysis and threat detection engine.

You can use Network Firewall to monitor and protect your VPC traffic in a number of ways. The following are just a few examples:

To enable Network Firewall for your VPCs, you perform steps in both Amazon VPC and in Network Firewall. For information about using Amazon VPC, see Amazon VPC User Guide.

To start using Network Firewall, do the following:

  1. (Optional) If you don't already have a VPC that you want to protect, create it in Amazon VPC.

  2. In Amazon VPC, in each Availability Zone where you want to have a firewall endpoint, create a subnet for the sole use of Network Firewall.

  3. In Network Firewall, create stateless and stateful rule groups, to define the components of the network traffic filtering behavior that you want your firewall to have.

  4. In Network Firewall, create a firewall policy that uses your rule groups and specifies additional default traffic filtering behavior.

  5. In Network Firewall, create a firewall and specify your new firewall policy and VPC subnets. Network Firewall creates a firewall endpoint in each subnet that you specify, with the behavior that's defined in the firewall policy.

  6. In Amazon VPC, use ingress routing enhancements to route traffic through the new firewall endpoints.

" } diff --git a/botocore/data/securityhub/2018-10-26/service-2.json b/botocore/data/securityhub/2018-10-26/service-2.json index d55134d58f..7c4f8638a0 100644 --- a/botocore/data/securityhub/2018-10-26/service-2.json +++ b/botocore/data/securityhub/2018-10-26/service-2.json @@ -1579,7 +1579,7 @@ "documentation":"

Contains information about the user session where the activity initiated.

" } }, - "documentation":"

Information about the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

Information about the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" }, "ActorSession":{ "type":"structure", @@ -1601,7 +1601,7 @@ "documentation":"

The issuer of the session.

In CloudTrail, you can find this value as userIdentity.sessionContext.sessionIssuer.arn.

" } }, - "documentation":"

Contains information about the authenticated session used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

Contains information about the authenticated session used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" }, "ActorSessionMfaStatus":{ "type":"string", @@ -1634,7 +1634,7 @@ "documentation":"

The account of the threat actor.

" } }, - "documentation":"

Contains information about the credentials used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

Contains information about the credentials used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" }, "ActorsList":{ "type":"list", @@ -1860,11 +1860,11 @@ }, "CreatedAt":{ "shape":"Timestamp", - "documentation":"

A timestamp that indicates when the rule was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the rule was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "UpdatedAt":{ "shape":"Timestamp", - "documentation":"

A timestamp that indicates when the rule was most recently updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the rule was most recently updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "CreatedBy":{ "shape":"NonEmptyString", @@ -1935,19 +1935,19 @@ }, "FirstObservedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" + "documentation":"

A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" }, "LastObservedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" + "documentation":"

A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" }, "CreatedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that indicates when this finding record was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" + "documentation":"

A timestamp that indicates when this finding record was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" }, "UpdatedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that indicates when the finding record was most recently updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" + "documentation":"

A timestamp that indicates when the finding record was most recently updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" }, "Confidence":{ "shape":"NumberFilterList", @@ -2043,7 +2043,7 @@ }, "NoteUpdatedAt":{ "shape":"DateFilterList", - "documentation":"

The timestamp of when the note was updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" + "documentation":"

The timestamp of when the note was updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

" }, "NoteUpdatedBy":{ "shape":"StringFilterList", @@ -2097,11 +2097,11 @@ }, "CreatedAt":{ "shape":"Timestamp", - "documentation":"

A timestamp that indicates when the rule was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the rule was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "UpdatedAt":{ "shape":"Timestamp", - "documentation":"

A timestamp that indicates when the rule was most recently updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the rule was most recently updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "CreatedBy":{ "shape":"NonEmptyString", @@ -2375,11 +2375,11 @@ }, "FirstSeen":{ "shape":"NonEmptyString", - "documentation":"

A timestamp that indicates when the API call was first observed.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the API call was first observed.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "LastSeen":{ "shape":"NonEmptyString", - "documentation":"

A timestamp that indicates when the API call was most recently observed.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the API call was most recently observed.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

Provided if ActionType is AWS_API_CALL. It provides details about the API call that was detected.

" @@ -2515,7 +2515,7 @@ }, "CreatedDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the API was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the API was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Version":{ "shape":"NonEmptyString", @@ -2597,11 +2597,11 @@ }, "CreatedDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the stage was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the stage was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "LastUpdatedDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the stage was most recently updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the stage was most recently updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "WebAclArn":{ "shape":"NonEmptyString", @@ -2627,7 +2627,7 @@ }, "CreatedDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the API was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the API was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Description":{ "shape":"NonEmptyString", @@ -2691,7 +2691,7 @@ }, "CreatedDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the stage was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the stage was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Description":{ "shape":"NonEmptyString", @@ -2707,7 +2707,7 @@ }, "LastUpdatedDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the stage was most recently updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the stage was most recently updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "RouteSettings":{ "shape":"AwsApiGatewayV2RouteSettings", @@ -2991,7 +2991,7 @@ }, "CreatedTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the auto scaling group was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the auto scaling group was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "MixedInstancesPolicy":{ "shape":"AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails", @@ -3201,7 +3201,7 @@ }, "CreatedTime":{ "shape":"NonEmptyString", - "documentation":"

The creation date and time for the launch configuration.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The creation date and time for the launch configuration.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "EbsOptimized":{ "shape":"Boolean", @@ -3607,7 +3607,7 @@ }, "CreatedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the certificate was requested.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the certificate was requested.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "DomainName":{ "shape":"NonEmptyString", @@ -3627,7 +3627,7 @@ }, "ImportedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the certificate was imported. Provided if the certificate type is IMPORTED.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the certificate was imported. Provided if the certificate type is IMPORTED.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "InUseBy":{ "shape":"StringList", @@ -3635,7 +3635,7 @@ }, "IssuedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the certificate was issued. Provided if the certificate type is AMAZON_ISSUED.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the certificate was issued. Provided if the certificate type is AMAZON_ISSUED.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Issuer":{ "shape":"NonEmptyString", @@ -3651,11 +3651,11 @@ }, "NotAfter":{ "shape":"NonEmptyString", - "documentation":"

The time after which the certificate becomes invalid.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The time after which the certificate becomes invalid.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "NotBefore":{ "shape":"NonEmptyString", - "documentation":"

The time before which the certificate is not valid.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The time before which the certificate is not valid.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Options":{ "shape":"AwsCertificateManagerCertificateOptions", @@ -3789,7 +3789,7 @@ }, "UpdatedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the renewal summary was last updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the renewal summary was last updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

Contains information about the Certificate Manager managed renewal for an AMAZON_ISSUED certificate.

" @@ -3969,7 +3969,7 @@ }, "LastModifiedTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when that the distribution was last modified.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when that the distribution was last modified.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Logging":{ "shape":"AwsCloudFrontDistributionLogging", @@ -4873,7 +4873,7 @@ }, "LastUpdateToPayPerRequestDateTime":{ "shape":"NonEmptyString", - "documentation":"

If the billing mode is PAY_PER_REQUEST, indicates when the billing mode was set to that value.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

If the billing mode is PAY_PER_REQUEST, indicates when the billing mode was set to that value.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

Provides information about the billing for read/write capacity on the table.

" @@ -4891,7 +4891,7 @@ }, "CreationDateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the table was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the table was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "GlobalSecondaryIndexes":{ "shape":"AwsDynamoDbTableGlobalSecondaryIndexList", @@ -5073,11 +5073,11 @@ "members":{ "LastDecreaseDateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the provisioned throughput was last decreased.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the provisioned throughput was last decreased.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "LastIncreaseDateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the provisioned throughput was last increased.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the provisioned throughput was last increased.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "NumberOfDecreasesToday":{ "shape":"Integer", @@ -5169,7 +5169,7 @@ }, "RestoreDateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates the point in time that the table was restored to.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates the point in time that the table was restored to.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "RestoreInProgress":{ "shape":"Boolean", @@ -5183,7 +5183,7 @@ "members":{ "InaccessibleEncryptionDateTime":{ "shape":"NonEmptyString", - "documentation":"

If the key is inaccessible, the date and time when DynamoDB detected that the key was inaccessible.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

If the key is inaccessible, the date and time when DynamoDB detected that the key was inaccessible.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Status":{ "shape":"NonEmptyString", @@ -5491,7 +5491,7 @@ }, "LaunchedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the instance was launched.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the instance was launched.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "NetworkInterfaces":{ "shape":"AwsEc2InstanceNetworkInterfacesList", @@ -6499,7 +6499,7 @@ "members":{ "AttachTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the attachment initiated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the attachment initiated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "AttachmentId":{ "shape":"NonEmptyString", @@ -6933,7 +6933,7 @@ "members":{ "CreateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the volume was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the volume was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "DeviceName":{ "shape":"NonEmptyString", @@ -7307,7 +7307,7 @@ }, "LastStatusChange":{ "shape":"NonEmptyString", - "documentation":"

The date and time of the last change in status.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The date and time of the last change in status.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "OutsideIpAddress":{ "shape":"NonEmptyString", @@ -7353,7 +7353,7 @@ }, "ImagePublishedAt":{ "shape":"NonEmptyString", - "documentation":"

The date and time when the image was pushed to the repository.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The date and time when the image was pushed to the repository.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

Information about an Amazon ECR image.

" @@ -9416,7 +9416,7 @@ }, "CreatedTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the load balancer was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the load balancer was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "DnsName":{ "shape":"NonEmptyString", @@ -9616,7 +9616,7 @@ }, "CreatedTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the load balancer was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the load balancer was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "DNSName":{ "shape":"NonEmptyString", @@ -9994,7 +9994,7 @@ }, "CreatedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the IAM access key was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the IAM access key was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "PrincipalId":{ "shape":"NonEmptyString", @@ -10046,7 +10046,7 @@ }, "CreationDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the session was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the session was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

Attributes of the session that the key was used for.

" @@ -10111,7 +10111,7 @@ }, "CreateDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the IAM group was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the IAM group was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "GroupId":{ "shape":"NonEmptyString", @@ -10155,7 +10155,7 @@ }, "CreateDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the instance profile was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the instance profile was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "InstanceProfileId":{ "shape":"NonEmptyString", @@ -10193,7 +10193,7 @@ }, "CreateDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the role was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the role was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Path":{ "shape":"NonEmptyString", @@ -10237,7 +10237,7 @@ }, "CreateDate":{ "shape":"NonEmptyString", - "documentation":"

When the policy was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

When the policy was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "DefaultVersionId":{ "shape":"NonEmptyString", @@ -10273,7 +10273,7 @@ }, "UpdateDate":{ "shape":"NonEmptyString", - "documentation":"

When the policy was most recently updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

When the policy was most recently updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

Represents an IAM permissions policy.

" @@ -10291,7 +10291,7 @@ }, "CreateDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the version was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the version was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

A version of an IAM policy.

" @@ -10319,7 +10319,7 @@ }, "CreateDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the role was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the role was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "InstanceProfileList":{ "shape":"AwsIamInstanceProfileList", @@ -10372,7 +10372,7 @@ }, "CreateDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the user was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the user was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "GroupList":{ "shape":"StringList", @@ -10464,7 +10464,7 @@ }, "CreationDate":{ "shape":"Double", - "documentation":"

Indicates when the KMS key was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the KMS key was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "KeyId":{ "shape":"NonEmptyString", @@ -10558,7 +10558,7 @@ }, "LastModified":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the function was last updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the function was last updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Layers":{ "shape":"AwsLambdaFunctionLayerList", @@ -10698,7 +10698,7 @@ }, "CreatedDate":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the version was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the version was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

Details about a Lambda layer version.

" @@ -11399,7 +11399,7 @@ }, "ClusterCreateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "EnabledCloudWatchLogsExports":{ "shape":"StringList", @@ -11535,7 +11535,7 @@ }, "SnapshotCreateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the snapshot was taken.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the snapshot was taken.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Engine":{ "shape":"NonEmptyString", @@ -11559,7 +11559,7 @@ }, "ClusterCreateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the DB cluster was created, in Universal Coordinated Time (UTC).

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "MasterUsername":{ "shape":"NonEmptyString", @@ -11713,7 +11713,7 @@ }, "InstanceCreateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the DB instance was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the DB instance was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "KmsKeyId":{ "shape":"NonEmptyString", @@ -11789,7 +11789,7 @@ }, "LatestRestorableTime":{ "shape":"NonEmptyString", - "documentation":"

Specifies the latest time to which a database can be restored with point-in-time restore.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Specifies the latest time to which a database can be restored with point-in-time restore.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "AutoMinorVersionUpgrade":{ "shape":"Boolean", @@ -12364,7 +12364,7 @@ }, "SubscriptionCreationTime":{ "shape":"NonEmptyString", - "documentation":"

The datetime when the event notification subscription was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The datetime when the event notification subscription was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

Details about an Amazon RDS event notification subscription. The subscription allows Amazon RDS to post events to an SNS topic.

" @@ -12494,7 +12494,7 @@ "members":{ "DeferMaintenanceEndTime":{ "shape":"NonEmptyString", - "documentation":"

The end of the time window for which maintenance was deferred.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The end of the time window for which maintenance was deferred.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "DeferMaintenanceIdentifier":{ "shape":"NonEmptyString", @@ -12502,7 +12502,7 @@ }, "DeferMaintenanceStartTime":{ "shape":"NonEmptyString", - "documentation":"

The start of the time window for which maintenance was deferred.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The start of the time window for which maintenance was deferred.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

A time windows during which maintenance was deferred for an Amazon Redshift cluster.

" @@ -12532,7 +12532,7 @@ }, "ClusterCreateTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the cluster was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the cluster was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "ClusterIdentifier":{ "shape":"NonEmptyString", @@ -12604,7 +12604,7 @@ }, "ExpectedNextSnapshotScheduleTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the next snapshot is expected to be taken. The cluster must have a valid snapshot schedule and have backups enabled.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the next snapshot is expected to be taken. The cluster must have a valid snapshot schedule and have backups enabled.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "ExpectedNextSnapshotScheduleTimeStatus":{ "shape":"NonEmptyString", @@ -12636,7 +12636,7 @@ }, "NextMaintenanceWindowStartTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates the start of the next maintenance window.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates the start of the next maintenance window.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "NodeType":{ "shape":"NonEmptyString", @@ -12770,11 +12770,11 @@ }, "LastFailureTime":{ "shape":"NonEmptyString", - "documentation":"

The last time when logs failed to be delivered.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The last time when logs failed to be delivered.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "LastSuccessfulDeliveryTime":{ "shape":"NonEmptyString", - "documentation":"

The last time that logs were delivered successfully.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The last time that logs were delivered successfully.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "LoggingEnabled":{ "shape":"Boolean", @@ -13077,7 +13077,7 @@ }, "ExpirationDate":{ "shape":"NonEmptyString", - "documentation":"

The date when objects are moved or deleted.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

The date when objects are moved or deleted.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "ExpirationInDays":{ "shape":"Integer", @@ -13227,7 +13227,7 @@ "members":{ "Date":{ "shape":"NonEmptyString", - "documentation":"

A date on which to transition objects to the specified storage class. If you provide Date, you cannot provide Days.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A date on which to transition objects to the specified storage class. If you provide Date, you cannot provide Days.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Days":{ "shape":"Integer", @@ -13275,7 +13275,7 @@ }, "CreatedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the S3 bucket was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the S3 bucket was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "ServerSideEncryptionConfiguration":{ "shape":"AwsS3BucketServerSideEncryptionConfiguration", @@ -13598,7 +13598,7 @@ "members":{ "LastModified":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the object was last modified.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the object was last modified.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "ETag":{ "shape":"NonEmptyString", @@ -13632,15 +13632,15 @@ }, "AdditionalCodeRepositories":{ "shape":"NonEmptyStringList", - "documentation":"

An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in CodeCommit or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see Associating Git repositories with SageMaker notebook instances in the Amazon SageMaker Developer Guide.

" + "documentation":"

An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in CodeCommit or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see Associating Git repositories with SageMaker AI notebook instances in the Amazon SageMaker AI Developer Guide.

" }, "DefaultCodeRepository":{ "shape":"NonEmptyString", - "documentation":"

The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in CodeCommit or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see Associating Git repositories with SageMaker notebook instances in the Amazon SageMaker Developer Guide.

" + "documentation":"

The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in CodeCommit or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see Associating Git repositories with SageMaker AI notebook instances in the Amazon SageMaker AI Developer Guide.

" }, "DirectInternetAccess":{ "shape":"NonEmptyString", - "documentation":"

Sets whether SageMaker provides internet access to the notebook instance. If you set this to Disabled, this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker training and endpoint services unless you configure a Network Address Translation (NAT) Gateway in your VPC.

" + "documentation":"

Sets whether SageMaker AI provides internet access to the notebook instance. If you set this to Disabled, this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker AI training and endpoint services unless you configure a Network Address Translation (NAT) Gateway in your VPC.

" }, "FailureReason":{ "shape":"NonEmptyString", @@ -13656,11 +13656,11 @@ }, "KmsKeyId":{ "shape":"NonEmptyString", - "documentation":"

The Amazon Resource Name (ARN) of an Key Management Service (KMS) key that SageMaker uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see Enabling and disabling keys in the Key Management Service Developer Guide.

" + "documentation":"

The Amazon Resource Name (ARN) of an Key Management Service (KMS) key that SageMaker AI uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see Enabling and disabling keys in the Key Management Service Developer Guide.

" }, "NetworkInterfaceId":{ "shape":"NonEmptyString", - "documentation":"

The network interface ID that SageMaker created when the instance was created.

" + "documentation":"

The network interface ID that SageMaker AI created when the instance was created.

" }, "NotebookInstanceArn":{ "shape":"NonEmptyString", @@ -13707,7 +13707,7 @@ "documentation":"

The size, in GB, of the ML storage volume to attach to the notebook instance.

" } }, - "documentation":"

Provides details about an Amazon SageMaker notebook instance.

" + "documentation":"

Provides details about an Amazon SageMaker AI notebook instance.

" }, "AwsSageMakerNotebookInstanceMetadataServiceConfigurationDetails":{ "type":"structure", @@ -13820,19 +13820,19 @@ }, "FirstObservedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the security findings provider first observed the potential security issue that a finding captured.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the security findings provider first observed the potential security issue that a finding captured.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "LastObservedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the security findings provider most recently observed the potential security issue that a finding captured.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "CreatedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the security findings provider created the potential security issue that a finding captured.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the security findings provider created the potential security issue that a finding captured.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "UpdatedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the security findings provider last updated the finding record.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the security findings provider last updated the finding record.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Severity":{ "shape":"Severity", @@ -13952,7 +13952,7 @@ }, "ProcessedAt":{ "shape":"NonEmptyString", - "documentation":"

A timestamp that indicates when Security Hub received a finding and begins to process it.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when Security Hub received a finding and begins to process it.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "AwsAccountName":{ "shape":"NonEmptyString", @@ -13960,7 +13960,7 @@ }, "Detection":{ "shape":"Detection", - "documentation":"

Provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

Provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" } }, "documentation":"

Provides a consistent format for Security Hub findings. AwsSecurityFinding format allows you to share findings between Amazon Web Services security services and third-party solutions.

A finding is a potential security issue generated either by Amazon Web Services services or by the integrated third-party solutions and standards checks.

" @@ -13994,19 +13994,19 @@ }, "FirstObservedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "LastObservedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that indicates when the security findings provider most recently observed the potential security issue that a finding captured.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "CreatedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "UpdatedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that indicates when the security findings provider last updated the finding record.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the security findings provider last updated the finding record.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "SeverityProduct":{ "shape":"NumberFilterList", @@ -14142,11 +14142,11 @@ }, "ProcessLaunchedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that identifies when the process was launched.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that identifies when the process was launched.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "ProcessTerminatedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that identifies when the process was terminated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that identifies when the process was terminated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "ThreatIntelIndicatorType":{ "shape":"StringFilterList", @@ -14162,7 +14162,7 @@ }, "ThreatIntelIndicatorLastObservedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that identifies the last observation of a threat intelligence indicator.

" + "documentation":"

A timestamp that identifies the last observation of a threat intelligence indicator.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "ThreatIntelIndicatorSource":{ "shape":"StringFilterList", @@ -14272,7 +14272,7 @@ }, "ResourceContainerLaunchedAt":{ "shape":"DateFilterList", - "documentation":"

A timestamp that identifies when the container was started.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that identifies when the container was started.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "ResourceDetailsOther":{ "shape":"MapFilterList", @@ -16127,7 +16127,7 @@ }, "LaunchedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the container started.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the container started.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "VolumeMounts":{ "shape":"VolumeMountList", @@ -16495,11 +16495,11 @@ "members":{ "Start":{ "shape":"NonEmptyString", - "documentation":"

A timestamp that provides the start date for the date filter.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that provides the start date for the date filter.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "End":{ "shape":"NonEmptyString", - "documentation":"

A timestamp that provides the end date for the date filter.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that provides the end date for the date filter.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "DateRange":{ "shape":"DateRange", @@ -16720,7 +16720,7 @@ }, "AutoEnableControls":{ "shape":"Boolean", - "documentation":"

Whether to automatically enable new controls when they are added to standards that are enabled.

If set to true, then new controls for enabled standards are enabled automatically. If set to false, then new controls are not enabled.

" + "documentation":"

Whether to automatically enable new controls when they are added to standards that are enabled.

If set to true, then new controls for enabled standards are enabled automatically. If set to false, then new controls are not enabled.

When you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of DISABLED. It can take up to several days for Security Hub to process the control release and designate the control as ENABLED in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have AutoEnableControls set to true.

" }, "ControlFindingGenerator":{ "shape":"ControlFindingGenerator", @@ -16863,7 +16863,7 @@ "documentation":"

Provides details about an attack sequence.

" } }, - "documentation":"

A top-level object field that provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

A top-level object field that provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" }, "DisableImportFindingsForProductRequest":{ "type":"structure", @@ -17130,7 +17130,7 @@ "FindingIdentifier":{"shape":"AwsSecurityFindingIdentifier"}, "UpdateTime":{ "shape":"Timestamp", - "documentation":"

A timestamp that indicates when Security Hub processed the updated finding record.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when Security Hub processed the updated finding record.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "FindingCreated":{ "shape":"Boolean", @@ -17515,11 +17515,11 @@ "FindingIdentifier":{"shape":"AwsSecurityFindingIdentifier"}, "StartTime":{ "shape":"Timestamp", - "documentation":"

A timestamp that indicates the start time of the requested finding history.

If you provide values for both StartTime and EndTime, Security Hub returns finding history for the specified time period. If you provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at which the API is called. If you provide a value for EndTime but not for StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you provide neither StartTime nor EndTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the time at which the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is limited to 90 days.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates the start time of the requested finding history.

If you provide values for both StartTime and EndTime, Security Hub returns finding history for the specified time period. If you provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at which the API is called. If you provide a value for EndTime but not for StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you provide neither StartTime nor EndTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the time at which the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is limited to 90 days.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "EndTime":{ "shape":"Timestamp", - "documentation":"

An ISO 8601-formatted timestamp that indicates the end time of the requested finding history.

If you provide values for both StartTime and EndTime, Security Hub returns finding history for the specified time period. If you provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at which the API is called. If you provide a value for EndTime but not for StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you provide neither StartTime nor EndTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the time at which the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is limited to 90 days.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

An ISO 8601-formatted timestamp that indicates the end time of the requested finding history.

If you provide values for both StartTime and EndTime, Security Hub returns finding history for the specified time period. If you provide a value for StartTime but not for EndTime, Security Hub returns finding history from the StartTime to the time at which the API is called. If you provide a value for EndTime but not for StartTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the EndTime. If you provide neither StartTime nor EndTime, Security Hub returns finding history from the CreatedAt timestamp of the finding to the time at which the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is limited to 90 days.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "NextToken":{ "shape":"NextToken", @@ -18616,7 +18616,7 @@ "documentation":"

The unique number that identifies the AS.

" } }, - "documentation":"

Contains information about the Autonomous System (AS) of the network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

Contains information about the Autonomous System (AS) of the network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" }, "NetworkConnection":{ "type":"structure", @@ -18626,7 +18626,7 @@ "documentation":"

The direction in which the network traffic is flowing.

" } }, - "documentation":"

Contains information about the network connection involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

Contains information about the network connection involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" }, "NetworkConnectionAction":{ "type":"structure", @@ -18697,7 +18697,7 @@ "documentation":"

Information about the network connection.

" } }, - "documentation":"

Contains information about network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

This field can provide information about the network endpoints associated with the resource in the attack sequence finding, or about a specific network endpoint used for the attack.

" + "documentation":"

Contains information about network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

This field can provide information about the network endpoints associated with the resource in the attack sequence finding, or about a specific network endpoint used for the attack.

" }, "NetworkEndpointsList":{ "type":"list", @@ -18725,7 +18725,7 @@ "documentation":"

The longitude information of the endpoint location.

" } }, - "documentation":"

Contains information about the location of a network endpoint involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

Contains information about the location of a network endpoint involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" }, "NetworkHeader":{ "type":"structure", @@ -18812,7 +18812,7 @@ }, "UpdatedAt":{ "shape":"NonEmptyString", - "documentation":"

A timestamp that indicates when the note was updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

A timestamp that indicates when the note was updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

A user-defined note added to a finding.

" @@ -19077,11 +19077,11 @@ }, "OperationStartTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the operation started.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the operation started.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "OperationEndTime":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the operation completed.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the operation completed.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "RebootOption":{ "shape":"NonEmptyString", @@ -19194,11 +19194,11 @@ }, "LaunchedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the process was launched.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the process was launched.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "TerminatedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the process was terminated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the process was terminated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

The details of process-related information about a finding.

" @@ -20558,7 +20558,7 @@ "documentation":"

Contains information about the indicators observed in the attack sequence. The values for SignalIndicators are a subset of the values for SequenceIndicators, but the values for these fields don't always match 1:1.

" } }, - "documentation":"

Contains information about an Amazon GuardDuty Extended Threat Detection attack sequence finding. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

Contains information about an Amazon GuardDuty Extended Threat Detection attack sequence finding. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" }, "Severity":{ "type":"structure", @@ -20668,7 +20668,7 @@ }, "Severity":{ "shape":"Double", - "documentation":"

The severity associated with the signal. For more information about severity, see Findings severity levels in the Amazon GuardDuty User Guide.

" + "documentation":"

The severity associated with the signal. For more information about severity, see Severity levels for GuardDuty findings in the Amazon GuardDuty User Guide.

" }, "Count":{ "shape":"Integer", @@ -21434,7 +21434,7 @@ }, "LastObservedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the most recent instance of a threat intelligence indicator was observed.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the most recent instance of a threat intelligence indicator was observed.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "Source":{ "shape":"NonEmptyString", @@ -21923,7 +21923,7 @@ "members":{ "AutoEnableControls":{ "shape":"Boolean", - "documentation":"

Whether to automatically enable new controls when they are added to standards that are enabled.

By default, this is set to true, and new controls are enabled automatically. To not automatically enable new controls, set this to false.

" + "documentation":"

Whether to automatically enable new controls when they are added to standards that are enabled.

By default, this is set to true, and new controls are enabled automatically. To not automatically enable new controls, set this to false.

When you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of DISABLED. It can take up to several days for Security Hub to process the control release and designate the control as ENABLED in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have AutoEnableControls set to true.

" }, "ControlFindingGenerator":{ "shape":"ControlFindingGenerator", @@ -21980,7 +21980,7 @@ "documentation":"

The name of the user account involved in the attack sequence.

" } }, - "documentation":"

Provides Amazon Web Services account information of the user involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" + "documentation":"

Provides Amazon Web Services account information of the user involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

" }, "VerificationState":{ "type":"string", @@ -22165,11 +22165,11 @@ }, "VendorCreatedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the vulnerability advisory was created.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the vulnerability advisory was created.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" }, "VendorUpdatedAt":{ "shape":"NonEmptyString", - "documentation":"

Indicates when the vulnerability advisory was last updated.

This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

" + "documentation":"

Indicates when the vulnerability advisory was last updated.

For more information about the validation and formatting of timestamp fields in Security Hub, see Timestamps.

" } }, "documentation":"

A vendor that generates a vulnerability report.

" diff --git a/docs/source/conf.py b/docs/source/conf.py index 5f83bd436c..845eb568cf 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -59,7 +59,7 @@ # The short X.Y version. version = '1.35.' # The full version, including alpha/beta/rc tags. -release = '1.35.87' +release = '1.35.88' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff --git a/tests/functional/endpoint-rules/ecr/endpoint-tests-1.json b/tests/functional/endpoint-rules/ecr/endpoint-tests-1.json index 9e2aafff9c..b3142c1d0f 100644 --- a/tests/functional/endpoint-rules/ecr/endpoint-tests-1.json +++ b/tests/functional/endpoint-rules/ecr/endpoint-tests-1.json @@ -1,676 +1,97 @@ { "testCases": [ { - "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.af-south-1.amazonaws.com" - } - }, - "params": { - "Region": "af-south-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.ap-east-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.ap-northeast-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.ap-northeast-2.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.ap-northeast-3.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-3", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.ap-south-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-south-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.ap-southeast-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-southeast-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.ap-southeast-2.amazonaws.com" - } - }, - "params": { - "Region": "ap-southeast-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.ap-southeast-3.amazonaws.com" - } - }, - "params": { - "Region": "ap-southeast-3", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.ca-central-1.amazonaws.com" - } - }, - "params": { - "Region": "ca-central-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.eu-central-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-central-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.eu-north-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-north-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.eu-south-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-south-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.eu-west-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.eu-west-2.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.eu-west-3.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-3", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.me-south-1.amazonaws.com" - } - }, - "params": { - "Region": "me-south-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.sa-east-1.amazonaws.com" - } - }, - "params": { - "Region": "sa-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "documentation": "Valid with dualstack and FIPS disabled. i.e, IPv4 Only stack with no FIPS, with special prefix", "expect": { "endpoint": { "url": "https://api.ecr.us-east-1.amazonaws.com" } }, - "params": { - "Region": "us-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://ecr-fips.us-east-1.amazonaws.com" - } - }, - "params": { - "Region": "us-east-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.us-east-2.amazonaws.com" - } - }, - "params": { - "Region": "us-east-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://ecr-fips.us-east-2.amazonaws.com" - } - }, - "params": { - "Region": "us-east-2", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.us-west-1.amazonaws.com" - } - }, - "params": { - "Region": "us-west-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://ecr-fips.us-west-1.amazonaws.com" - } - }, - "params": { - "Region": "us-west-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.us-west-2.amazonaws.com" - } - }, - "params": { - "Region": "us-west-2", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://ecr-fips.us-west-2.amazonaws.com" - } - }, - "params": { - "Region": "us-west-2", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://api.ecr-fips.us-east-1.api.aws" - } - }, - "params": { - "Region": "us-east-1", - "UseFIPS": true, - "UseDualStack": true - } - }, - { - "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.us-east-1.api.aws" - } - }, - "params": { - "Region": "us-east-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.cn-north-1.amazonaws.com.cn" + "operationInputs": [ + { + "builtInParams": { + "AWS::Region": "us-east-1" + }, + "operationName": "DescribeRepositories" } - }, + ], "params": { - "Region": "cn-north-1", + "UseDualStack": false, "UseFIPS": false, - "UseDualStack": false + "Region": "us-east-1" } }, { - "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", + "documentation": "Valid with dualstack enabled", "expect": { "endpoint": { - "url": "https://api.ecr.cn-northwest-1.amazonaws.com.cn" + "url": "https://ecr.us-west-2.api.aws" } }, "params": { - "Region": "cn-northwest-1", + "UseDualStack": true, "UseFIPS": false, - "UseDualStack": false + "Region": "us-west-2" } }, { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "documentation": "Valid with FIPS set, dualstack disabled", "expect": { "endpoint": { - "url": "https://api.ecr-fips.cn-north-1.api.amazonwebservices.com.cn" + "url": "https://ecr-fips.us-east-1.amazonaws.com" } }, "params": { - "Region": "cn-north-1", + "UseDualStack": false, "UseFIPS": true, - "UseDualStack": true + "Region": "us-east-1" } }, { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "documentation": "Valid with both dualstack and FIPS enabled", "expect": { "endpoint": { - "url": "https://api.ecr-fips.cn-north-1.amazonaws.com.cn" + "url": "https://ecr-fips.us-east-1.api.aws" } }, "params": { - "Region": "cn-north-1", + "UseDualStack": true, "UseFIPS": true, - "UseDualStack": false + "Region": "us-east-1" } }, { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.cn-north-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "Region": "cn-north-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "documentation": "Valid with both dualstack and FIPS disabled (Govcloud)", "expect": { "endpoint": { "url": "https://api.ecr.us-gov-east-1.amazonaws.com" } }, "params": { - "Region": "us-gov-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://ecr-fips.us-gov-east-1.amazonaws.com" - } - }, - "params": { - "Region": "us-gov-east-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.us-gov-west-1.amazonaws.com" - } - }, - "params": { - "Region": "us-gov-west-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://ecr-fips.us-gov-west-1.amazonaws.com" - } - }, - "params": { - "Region": "us-gov-west-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://api.ecr-fips.us-gov-east-1.api.aws" - } - }, - "params": { - "Region": "us-gov-east-1", - "UseFIPS": true, - "UseDualStack": true - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.us-gov-east-1.api.aws" - } - }, - "params": { - "Region": "us-gov-east-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.us-iso-east-1.c2s.ic.gov" - } - }, - "params": { - "Region": "us-iso-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.us-iso-west-1.c2s.ic.gov" - } - }, - "params": { - "Region": "us-iso-west-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "Region": "us-iso-east-1", - "UseFIPS": true, - "UseDualStack": true - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr-fips.us-iso-east-1.c2s.ic.gov" - } - }, - "params": { - "Region": "us-iso-east-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "Region": "us-iso-east-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr.us-isob-east-1.sc2s.sgov.gov" - } - }, - "params": { - "Region": "us-isob-east-1", - "UseFIPS": false, - "UseDualStack": false - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "Region": "us-isob-east-1", - "UseFIPS": true, - "UseDualStack": true - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://api.ecr-fips.us-isob-east-1.sc2s.sgov.gov" - } - }, - "params": { - "Region": "us-isob-east-1", - "UseFIPS": true, - "UseDualStack": false - } - }, - { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "Region": "us-isob-east-1", - "UseFIPS": false, - "UseDualStack": true - } - }, - { - "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", - "expect": { - "endpoint": { - "url": "https://example.com" - } - }, - "params": { - "Region": "us-east-1", - "UseFIPS": false, "UseDualStack": false, - "Endpoint": "https://example.com" - } - }, - { - "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", - "expect": { - "endpoint": { - "url": "https://example.com" - } - }, - "params": { "UseFIPS": false, - "UseDualStack": false, - "Endpoint": "https://example.com" + "Region": "us-gov-east-1" } }, { - "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "documentation": "Invalid with DualStack enabled and partition does not support Dualstack", "expect": { - "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + "error": "Dualstack is enabled but this partition does not support dualstack" }, "params": { - "Region": "us-east-1", - "UseFIPS": true, - "UseDualStack": false, - "Endpoint": "https://example.com" + "UseDualStack": true, + "Region": "us-isob-east-1" } }, { - "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "documentation": "Invalid with DualStack enabled and FIPS enabled and partition does not support one/either", "expect": { - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + "error": "FIPS and dualstack are enabled, but this partition does not support one or both" }, "params": { - "Region": "us-east-1", - "UseFIPS": false, "UseDualStack": true, - "Endpoint": "https://example.com" - } - }, - { - "documentation": "Missing region", - "expect": { - "error": "Invalid Configuration: Missing Region" + "UseFIPS": true, + "Region": "us-isob-east-1" } } ],