diff --git a/.changelog/6dda46eae2554b04a3bd93354a95e844.json b/.changelog/6dda46eae2554b04a3bd93354a95e844.json new file mode 100644 index 00000000000..0a623f5823c --- /dev/null +++ b/.changelog/6dda46eae2554b04a3bd93354a95e844.json @@ -0,0 +1,13 @@ +{ + "id": "6dda46ea-e255-4b04-a3bd-93354a95e844", + "type": "feature", + "description": "API client updated", + "modules": [ + "service/appsync", + "service/elasticloadbalancingv2", + "service/greengrassv2", + "service/sagemaker", + "service/secretsmanager", + "service/ssmcontacts" + ] +} \ No newline at end of file diff --git a/service/appsync/api_op_CreateDataSource.go b/service/appsync/api_op_CreateDataSource.go index 8a71f80c3f1..fc157a922ef 100644 --- a/service/appsync/api_op_CreateDataSource.go +++ b/service/appsync/api_op_CreateDataSource.go @@ -56,14 +56,14 @@ type CreateDataSourceInput struct { // HTTP endpoint settings. HttpConfig *types.HttpDataSourceConfig - // AWS Lambda settings. + // Amazon Web Services Lambda settings. LambdaConfig *types.LambdaDataSourceConfig // Relational database settings. RelationalDatabaseConfig *types.RelationalDatabaseDataSourceConfig - // The AWS IAM service role ARN for the data source. The system assumes this role - // when accessing the data source. + // The Identity and Access Management service role ARN for the data source. The + // system assumes this role when accessing the data source. ServiceRoleArn *string noSmithyDocumentSerde diff --git a/service/appsync/api_op_CreateGraphqlApi.go b/service/appsync/api_op_CreateGraphqlApi.go index 6d510d2400b..74237ce29aa 100644 --- a/service/appsync/api_op_CreateGraphqlApi.go +++ b/service/appsync/api_op_CreateGraphqlApi.go @@ -29,7 +29,8 @@ func (c *Client) CreateGraphqlApi(ctx context.Context, params *CreateGraphqlApiI type CreateGraphqlApiInput struct { - // The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito user pools. + // The authentication type: API key, Identity and Access Management, OIDC, or + // Amazon Cognito user pools. // // This member is required. AuthenticationType types.AuthenticationType @@ -42,6 +43,9 @@ type CreateGraphqlApiInput struct { // A list of additional authentication providers for the GraphqlApi API. AdditionalAuthenticationProviders []types.AdditionalAuthenticationProvider + // Configuration for AWS Lambda function authorization. + LambdaAuthorizerConfig *types.LambdaAuthorizerConfig + // The Amazon CloudWatch Logs configuration. LogConfig *types.LogConfig diff --git a/service/appsync/api_op_UpdateDataSource.go b/service/appsync/api_op_UpdateDataSource.go index 7249d9cfb2b..114737c60d0 100644 --- a/service/appsync/api_op_UpdateDataSource.go +++ b/service/appsync/api_op_UpdateDataSource.go @@ -56,7 +56,7 @@ type UpdateDataSourceInput struct { // The new HTTP endpoint configuration. HttpConfig *types.HttpDataSourceConfig - // The new AWS Lambda configuration. + // The new Amazon Web Services Lambda configuration. LambdaConfig *types.LambdaDataSourceConfig // The new relational database configuration. diff --git a/service/appsync/api_op_UpdateGraphqlApi.go b/service/appsync/api_op_UpdateGraphqlApi.go index 84f0e69155a..b1644150908 100644 --- a/service/appsync/api_op_UpdateGraphqlApi.go +++ b/service/appsync/api_op_UpdateGraphqlApi.go @@ -45,6 +45,9 @@ type UpdateGraphqlApiInput struct { // The new authentication type for the GraphqlApi object. AuthenticationType types.AuthenticationType + // Configuration for AWS Lambda function authorization. + LambdaAuthorizerConfig *types.LambdaAuthorizerConfig + // The Amazon CloudWatch Logs configuration for the GraphqlApi object. LogConfig *types.LogConfig diff --git a/service/appsync/deserializers.go b/service/appsync/deserializers.go index 7ea41c3e385..315b73d22c5 100644 --- a/service/appsync/deserializers.go +++ b/service/appsync/deserializers.go @@ -6368,6 +6368,11 @@ func awsRestjson1_deserializeDocumentAdditionalAuthenticationProvider(v **types. sv.AuthenticationType = types.AuthenticationType(jtv) } + case "lambdaAuthorizerConfig": + if err := awsRestjson1_deserializeDocumentLambdaAuthorizerConfig(&sv.LambdaAuthorizerConfig, value); err != nil { + return err + } + case "openIDConnectConfig": if err := awsRestjson1_deserializeDocumentOpenIDConnectConfig(&sv.OpenIDConnectConfig, value); err != nil { return err @@ -7610,6 +7615,11 @@ func awsRestjson1_deserializeDocumentGraphqlApi(v **types.GraphqlApi, value inte sv.AuthenticationType = types.AuthenticationType(jtv) } + case "lambdaAuthorizerConfig": + if err := awsRestjson1_deserializeDocumentLambdaAuthorizerConfig(&sv.LambdaAuthorizerConfig, value); err != nil { + return err + } + case "logConfig": if err := awsRestjson1_deserializeDocumentLogConfig(&sv.LogConfig, value); err != nil { return err @@ -7830,6 +7840,68 @@ func awsRestjson1_deserializeDocumentInternalFailureException(v **types.Internal return nil } +func awsRestjson1_deserializeDocumentLambdaAuthorizerConfig(v **types.LambdaAuthorizerConfig, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.LambdaAuthorizerConfig + if *v == nil { + sv = &types.LambdaAuthorizerConfig{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "authorizerResultTtlInSeconds": + if value != nil { + jtv, ok := value.(json.Number) + if !ok { + return fmt.Errorf("expected TTL to be json.Number, got %T instead", value) + } + i64, err := jtv.Int64() + if err != nil { + return err + } + sv.AuthorizerResultTtlInSeconds = int32(i64) + } + + case "authorizerUri": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected String to be of type string, got %T instead", value) + } + sv.AuthorizerUri = ptr.String(jtv) + } + + case "identityValidationExpression": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected String to be of type string, got %T instead", value) + } + sv.IdentityValidationExpression = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsRestjson1_deserializeDocumentLambdaConflictHandlerConfig(v **types.LambdaConflictHandlerConfig, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) diff --git a/service/appsync/doc.go b/service/appsync/doc.go index 7fcae7418ba..9326f02ccc7 100644 --- a/service/appsync/doc.go +++ b/service/appsync/doc.go @@ -3,6 +3,6 @@ // Package appsync provides the API client, operations, and parameter types for AWS // AppSync. // -// AWS AppSync provides API actions for creating and interacting with data sources +// AppSync provides API actions for creating and interacting with data sources // using GraphQL from your application. package appsync diff --git a/service/appsync/serializers.go b/service/appsync/serializers.go index 96cb94bc9c0..d7840ea03fe 100644 --- a/service/appsync/serializers.go +++ b/service/appsync/serializers.go @@ -517,6 +517,13 @@ func awsRestjson1_serializeOpDocumentCreateGraphqlApiInput(v *CreateGraphqlApiIn ok.String(string(v.AuthenticationType)) } + if v.LambdaAuthorizerConfig != nil { + ok := object.Key("lambdaAuthorizerConfig") + if err := awsRestjson1_serializeDocumentLambdaAuthorizerConfig(v.LambdaAuthorizerConfig, ok); err != nil { + return err + } + } + if v.LogConfig != nil { ok := object.Key("logConfig") if err := awsRestjson1_serializeDocumentLogConfig(v.LogConfig, ok); err != nil { @@ -3103,6 +3110,13 @@ func awsRestjson1_serializeOpDocumentUpdateGraphqlApiInput(v *UpdateGraphqlApiIn ok.String(string(v.AuthenticationType)) } + if v.LambdaAuthorizerConfig != nil { + ok := object.Key("lambdaAuthorizerConfig") + if err := awsRestjson1_serializeDocumentLambdaAuthorizerConfig(v.LambdaAuthorizerConfig, ok); err != nil { + return err + } + } + if v.LogConfig != nil { ok := object.Key("logConfig") if err := awsRestjson1_serializeDocumentLogConfig(v.LogConfig, ok); err != nil { @@ -3376,6 +3390,13 @@ func awsRestjson1_serializeDocumentAdditionalAuthenticationProvider(v *types.Add ok.String(string(v.AuthenticationType)) } + if v.LambdaAuthorizerConfig != nil { + ok := object.Key("lambdaAuthorizerConfig") + if err := awsRestjson1_serializeDocumentLambdaAuthorizerConfig(v.LambdaAuthorizerConfig, ok); err != nil { + return err + } + } + if v.OpenIDConnectConfig != nil { ok := object.Key("openIDConnectConfig") if err := awsRestjson1_serializeDocumentOpenIDConnectConfig(v.OpenIDConnectConfig, ok); err != nil { @@ -3597,6 +3618,28 @@ func awsRestjson1_serializeDocumentHttpDataSourceConfig(v *types.HttpDataSourceC return nil } +func awsRestjson1_serializeDocumentLambdaAuthorizerConfig(v *types.LambdaAuthorizerConfig, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.AuthorizerResultTtlInSeconds != 0 { + ok := object.Key("authorizerResultTtlInSeconds") + ok.Integer(v.AuthorizerResultTtlInSeconds) + } + + if v.AuthorizerUri != nil { + ok := object.Key("authorizerUri") + ok.String(*v.AuthorizerUri) + } + + if v.IdentityValidationExpression != nil { + ok := object.Key("identityValidationExpression") + ok.String(*v.IdentityValidationExpression) + } + + return nil +} + func awsRestjson1_serializeDocumentLambdaConflictHandlerConfig(v *types.LambdaConflictHandlerConfig, value smithyjson.Value) error { object := value.Object() defer object.Close() diff --git a/service/appsync/types/enums.go b/service/appsync/types/enums.go index 0ee879d09a3..46aef5bb972 100644 --- a/service/appsync/types/enums.go +++ b/service/appsync/types/enums.go @@ -96,6 +96,7 @@ const ( AuthenticationTypeAwsIam AuthenticationType = "AWS_IAM" AuthenticationTypeAmazonCognitoUserPools AuthenticationType = "AMAZON_COGNITO_USER_POOLS" AuthenticationTypeOpenidConnect AuthenticationType = "OPENID_CONNECT" + AuthenticationTypeAwsLambda AuthenticationType = "AWS_LAMBDA" ) // Values returns all known values for AuthenticationType. Note that this can be @@ -107,6 +108,7 @@ func (AuthenticationType) Values() []AuthenticationType { "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT", + "AWS_LAMBDA", } } diff --git a/service/appsync/types/errors.go b/service/appsync/types/errors.go index d7f70a13a11..dbd0fcb760e 100644 --- a/service/appsync/types/errors.go +++ b/service/appsync/types/errors.go @@ -149,7 +149,7 @@ func (e *GraphQLSchemaException) ErrorMessage() string { func (e *GraphQLSchemaException) ErrorCode() string { return "GraphQLSchemaException" } func (e *GraphQLSchemaException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } -// An internal AWS AppSync error occurred. Try your request again. +// An internal AppSync error occurred. Try your request again. type InternalFailureException struct { Message *string diff --git a/service/appsync/types/types.go b/service/appsync/types/types.go index 726e34a9059..e1cbb551a1d 100644 --- a/service/appsync/types/types.go +++ b/service/appsync/types/types.go @@ -9,9 +9,13 @@ import ( // Describes an additional authentication provider. type AdditionalAuthenticationProvider struct { - // The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito user pools. + // The authentication type: API key, Identity and Access Management, OIDC, or + // Amazon Cognito user pools. AuthenticationType AuthenticationType + // Configuration for AWS Lambda function authorization. + LambdaAuthorizerConfig *LambdaAuthorizerConfig + // The OpenID Connect configuration. OpenIDConnectConfig *OpenIDConnectConfig @@ -105,20 +109,20 @@ type ApiCache struct { noSmithyDocumentSerde } -// Describes an API key. Customers invoke AWS AppSync GraphQL API operations with -// API keys as an identity mechanism. There are two key versions: da1: This version -// was introduced at launch in November 2017. These keys always expire after 7 -// days. Key expiration is managed by Amazon DynamoDB TTL. The keys ceased to be -// valid after February 21, 2018 and should not be used after that date. +// Describes an API key. Customers invoke AppSync GraphQL API operations with API +// keys as an identity mechanism. There are two key versions: da1: This version was +// introduced at launch in November 2017. These keys always expire after 7 days. +// Key expiration is managed by Amazon DynamoDB TTL. The keys ceased to be valid +// after February 21, 2018 and should not be used after that date. // -// * -// ListApiKeys returns the expiration time in milliseconds. +// * ListApiKeys +// returns the expiration time in milliseconds. // -// * CreateApiKey returns -// the expiration time in milliseconds. +// * CreateApiKey returns the +// expiration time in milliseconds. // -// * UpdateApiKey is not available for this -// key version. +// * UpdateApiKey is not available for this key +// version. // // * DeleteApiKey deletes the item from the table. // @@ -182,19 +186,19 @@ type AuthorizationConfig struct { // This member is required. AuthorizationType AuthorizationType - // The AWS IAM settings. + // The Identity and Access Management settings. AwsIamConfig *AwsIamConfig noSmithyDocumentSerde } -// The AWS IAM configuration. +// The Identity and Access Management configuration. type AwsIamConfig struct { - // The signing region for AWS IAM authorization. + // The signing region for Identity and Access Management authorization. SigningRegion *string - // The signing service name for AWS IAM authorization. + // The signing service name for Identity and Access Management authorization. SigningServiceName *string noSmithyDocumentSerde @@ -218,7 +222,7 @@ type CachingConfig struct { // Describes an Amazon Cognito user pool configuration. type CognitoUserPoolConfig struct { - // The AWS Region in which the user pool was created. + // The Amazon Web Services Region in which the user pool was created. // // This member is required. AwsRegion *string @@ -253,7 +257,7 @@ type DataSource struct { // HTTP endpoint settings. HttpConfig *HttpDataSourceConfig - // AWS Lambda settings. + // Amazon Web Services Lambda settings. LambdaConfig *LambdaDataSourceConfig // The name of the data source. @@ -262,8 +266,8 @@ type DataSource struct { // Relational database settings. RelationalDatabaseConfig *RelationalDatabaseDataSourceConfig - // The AWS IAM service role ARN for the data source. The system assumes this role - // when accessing the data source. + // The Identity and Access Management service role ARN for the data source. The + // system assumes this role when accessing the data source. ServiceRoleArn *string // The type of the data source. @@ -274,18 +278,18 @@ type DataSource struct { // * AMAZON_ELASTICSEARCH: The data source is an Amazon // Elasticsearch Service domain. // - // * AWS_LAMBDA: The data source is an AWS Lambda - // function. + // * AWS_LAMBDA: The data source is an Amazon Web + // Services Lambda function. // - // * NONE: There is no data source. This type is used when you wish to - // invoke a GraphQL operation without connecting to a data source, such as - // performing data transformation with resolvers or triggering a subscription to be - // invoked from a mutation. + // * NONE: There is no data source. This type is used + // when you wish to invoke a GraphQL operation without connecting to a data source, + // such as performing data transformation with resolvers or triggering a + // subscription to be invoked from a mutation. // - // * HTTP: The data source is an HTTP endpoint. + // * HTTP: The data source is an HTTP + // endpoint. // - // * - // RELATIONAL_DATABASE: The data source is a relational database. + // * RELATIONAL_DATABASE: The data source is a relational database. Type DataSourceType noSmithyDocumentSerde @@ -309,7 +313,7 @@ type DeltaSyncConfig struct { // Describes an Amazon DynamoDB data source configuration. type DynamodbDataSourceConfig struct { - // The AWS Region. + // The Amazon Web Services Region. // // This member is required. AwsRegion *string @@ -334,7 +338,7 @@ type DynamodbDataSourceConfig struct { // Describes an Elasticsearch data source configuration. type ElasticsearchDataSourceConfig struct { - // The AWS Region. + // The Amazon Web Services Region. // // This member is required. AwsRegion *string @@ -400,6 +404,9 @@ type GraphqlApi struct { // The authentication type. AuthenticationType AuthenticationType + // Configuration for AWS Lambda function authorization. + LambdaAuthorizerConfig *LambdaAuthorizerConfig + // The Amazon CloudWatch Logs configuration. LogConfig *LogConfig @@ -418,8 +425,7 @@ type GraphqlApi struct { // The Amazon Cognito user pool configuration. UserPoolConfig *UserPoolConfig - // The ARN of the AWS Web Application Firewall (WAF) ACL associated with this - // GraphqlApi, if one exists. + // The ARN of the WAF ACL associated with this GraphqlApi, if one exists. WafWebAclArn *string // A flag representing whether X-Ray tracing is enabled for this GraphqlApi. @@ -436,13 +442,41 @@ type HttpDataSourceConfig struct { // The HTTP URL endpoint. You can either specify the domain name or IP, and port // combination, and the URL scheme must be HTTP or HTTPS. If the port is not - // specified, AWS AppSync uses the default port 80 for the HTTP endpoint and port - // 443 for HTTPS endpoints. + // specified, AppSync uses the default port 80 for the HTTP endpoint and port 443 + // for HTTPS endpoints. Endpoint *string noSmithyDocumentSerde } +// A LambdaAuthorizerConfig holds configuration on how to authorize AppSync API +// access when using the AWS_LAMBDA authorizer mode. Be aware that an AppSync API +// may have only one Lambda authorizer configured at a time. +type LambdaAuthorizerConfig struct { + + // The ARN of the lambda function to be called for authorization. This may be a + // standard Lambda ARN, a version ARN (.../v3) or alias ARN. Note: This Lambda + // function must have the following resource-based policy assigned to it. When + // configuring Lambda authorizers in the Console, this is done for you. To do so + // with the AWS CLI, run the following: aws lambda add-permission --function-name + // "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id + // "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction + // + // This member is required. + AuthorizerUri *string + + // The number of seconds a response should be cached for. The default is 5 minutes + // (300 seconds). The Lambda function can override this by returning a ttlOverride + // key in its response. A value of 0 disables caching of responses. + AuthorizerResultTtlInSeconds int32 + + // A regular expression for validation of tokens before the Lambda Function is + // called. + IdentityValidationExpression *string + + noSmithyDocumentSerde +} + // The LambdaConflictHandlerConfig object when configuring LAMBDA as the Conflict // Handler. type LambdaConflictHandlerConfig struct { @@ -453,7 +487,7 @@ type LambdaConflictHandlerConfig struct { noSmithyDocumentSerde } -// Describes an AWS Lambda data source configuration. +// Describes an Amazon Web Services Lambda data source configuration. type LambdaDataSourceConfig struct { // The ARN for the Lambda function. @@ -467,8 +501,8 @@ type LambdaDataSourceConfig struct { // The CloudWatch Logs configuration. type LogConfig struct { - // The service role that AWS AppSync will assume to publish to Amazon CloudWatch - // logs in your account. + // The service role that AppSync will assume to publish to Amazon CloudWatch logs + // in your account. // // This member is required. CloudWatchLogsRoleArn *string @@ -521,8 +555,8 @@ type OpenIDConnectConfig struct { // The client identifier of the Relying party at the OpenID identity provider. This // identifier is typically obtained when the Relying party is registered with the - // OpenID identity provider. You can specify a regular expression so the AWS - // AppSync can validate against multiple client identifiers at a time. + // OpenID identity provider. You can specify a regular expression so the AppSync + // can validate against multiple client identifiers at a time. ClientId *string // The number of milliseconds a token is valid after being issued to a user. @@ -543,10 +577,10 @@ type PipelineConfig struct { // The Amazon RDS HTTP endpoint configuration. type RdsHttpEndpointConfig struct { - // AWS Region for RDS HTTP endpoint. + // Amazon Web Services Region for RDS HTTP endpoint. AwsRegion *string - // AWS secret store ARN for database credentials. + // Amazon Web Services secret store ARN for database credentials. AwsSecretStoreArn *string // Logical database name. @@ -677,7 +711,7 @@ type Type struct { // Describes an Amazon Cognito user pool configuration. type UserPoolConfig struct { - // The AWS Region in which the user pool was created. + // The Amazon Web Services Region in which the user pool was created. // // This member is required. AwsRegion *string diff --git a/service/appsync/validators.go b/service/appsync/validators.go index eb9061ff248..69ce6849550 100644 --- a/service/appsync/validators.go +++ b/service/appsync/validators.go @@ -985,6 +985,11 @@ func validateAdditionalAuthenticationProvider(v *types.AdditionalAuthenticationP invalidParams.AddNested("UserPoolConfig", err.(smithy.InvalidParamsError)) } } + if v.LambdaAuthorizerConfig != nil { + if err := validateLambdaAuthorizerConfig(v.LambdaAuthorizerConfig); err != nil { + invalidParams.AddNested("LambdaAuthorizerConfig", err.(smithy.InvalidParamsError)) + } + } if invalidParams.Len() > 0 { return invalidParams } else { @@ -1095,6 +1100,21 @@ func validateHttpDataSourceConfig(v *types.HttpDataSourceConfig) error { } } +func validateLambdaAuthorizerConfig(v *types.LambdaAuthorizerConfig) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "LambdaAuthorizerConfig"} + if v.AuthorizerUri == nil { + invalidParams.Add(smithy.NewErrParamRequired("AuthorizerUri")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateLambdaDataSourceConfig(v *types.LambdaDataSourceConfig) error { if v == nil { return nil @@ -1296,6 +1316,11 @@ func validateOpCreateGraphqlApiInput(v *CreateGraphqlApiInput) error { invalidParams.AddNested("AdditionalAuthenticationProviders", err.(smithy.InvalidParamsError)) } } + if v.LambdaAuthorizerConfig != nil { + if err := validateLambdaAuthorizerConfig(v.LambdaAuthorizerConfig); err != nil { + invalidParams.AddNested("LambdaAuthorizerConfig", err.(smithy.InvalidParamsError)) + } + } if invalidParams.Len() > 0 { return invalidParams } else { @@ -1930,6 +1955,11 @@ func validateOpUpdateGraphqlApiInput(v *UpdateGraphqlApiInput) error { invalidParams.AddNested("AdditionalAuthenticationProviders", err.(smithy.InvalidParamsError)) } } + if v.LambdaAuthorizerConfig != nil { + if err := validateLambdaAuthorizerConfig(v.LambdaAuthorizerConfig); err != nil { + invalidParams.AddNested("LambdaAuthorizerConfig", err.(smithy.InvalidParamsError)) + } + } if invalidParams.Len() > 0 { return invalidParams } else { diff --git a/service/elasticloadbalancingv2/types/types.go b/service/elasticloadbalancingv2/types/types.go index 9d7348114b4..595f1874f2e 100644 --- a/service/elasticloadbalancingv2/types/types.go +++ b/service/elasticloadbalancingv2/types/types.go @@ -533,21 +533,27 @@ type LoadBalancerAttribute struct { // values for the attribute are true and false. The default is false. // // * - // routing.http2.enabled - Indicates whether HTTP/2 is enabled. The value is true - // or false. The default is true. Elastic Load Balancing requires that message - // header names contain only alphanumeric characters and hyphens. + // routing.http.xff_client_port.enabled - Indicates whether the X-Forwarded-For + // header should preserve the source port that the client used to connect to the + // load balancer. The possible values are true and false. The default is false. + // + // * + // routing.http2.enabled - Indicates whether HTTP/2 is enabled. The possible values + // are true and false. The default is true. Elastic Load Balancing requires that + // message header names contain only alphanumeric characters and hyphens. // // * // waf.fail_open.enabled - Indicates whether to allow a WAF-enabled load balancer // to route requests to targets if it is unable to forward the request to Amazon - // Web Services WAF. The value is true or false. The default is false. + // Web Services WAF. The possible values are true and false. The default is + // false. // - // The - // following attribute is supported by Network Load Balancers and Gateway Load - // Balancers: + // The following attribute is supported by Network Load Balancers and + // Gateway Load Balancers: // - // * load_balancing.cross_zone.enabled - Indicates whether cross-zone - // load balancing is enabled. The value is true or false. The default is false. + // * load_balancing.cross_zone.enabled - Indicates whether + // cross-zone load balancing is enabled. The possible values are true and false. + // The default is false. Key *string // The value of the attribute. diff --git a/service/greengrassv2/api_client.go b/service/greengrassv2/api_client.go index 04177e0e247..eb80d3048ff 100644 --- a/service/greengrassv2/api_client.go +++ b/service/greengrassv2/api_client.go @@ -4,6 +4,7 @@ package greengrassv2 import ( "context" + cryptorand "crypto/rand" "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/retry" @@ -13,6 +14,7 @@ import ( smithydocument "github.com/aws/smithy-go/document" "github.com/aws/smithy-go/logging" "github.com/aws/smithy-go/middleware" + smithyrand "github.com/aws/smithy-go/rand" smithyhttp "github.com/aws/smithy-go/transport/http" "net/http" "time" @@ -43,6 +45,8 @@ func New(options Options, optFns ...func(*Options)) *Client { resolveDefaultEndpointConfiguration(&options) + resolveIdempotencyTokenProvider(&options) + for _, fn := range optFns { fn(&options) } @@ -75,6 +79,10 @@ type Options struct { // Signature Version 4 (SigV4) Signer HTTPSignerV4 HTTPSignerV4 + // Provides idempotency tokens values that will be automatically populated into + // idempotent API operations. + IdempotencyTokenProvider IdempotencyTokenProvider + // The logger writer interface to write logging messages to. Logger logging.Logger @@ -236,6 +244,13 @@ func newDefaultV4Signer(o Options) *v4.Signer { }) } +func resolveIdempotencyTokenProvider(o *Options) { + if o.IdempotencyTokenProvider != nil { + return + } + o.IdempotencyTokenProvider = smithyrand.NewUUIDIdempotencyToken(cryptorand.Reader) +} + func addRetryMiddlewares(stack *middleware.Stack, o Options) error { mo := retry.AddRetryMiddlewaresOptions{ Retryer: o.Retryer, @@ -244,6 +259,11 @@ func addRetryMiddlewares(stack *middleware.Stack, o Options) error { return retry.AddRetryMiddlewares(stack, mo) } +// IdempotencyTokenProvider interface for providing idempotency token +type IdempotencyTokenProvider interface { + GetIdempotencyToken() (string, error) +} + func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { return awsmiddleware.AddRequestIDRetrieverMiddleware(stack) } diff --git a/service/greengrassv2/api_op_BatchAssociateClientDeviceWithCoreDevice.go b/service/greengrassv2/api_op_BatchAssociateClientDeviceWithCoreDevice.go index e5f1cb2349e..cf11d14cb72 100644 --- a/service/greengrassv2/api_op_BatchAssociateClientDeviceWithCoreDevice.go +++ b/service/greengrassv2/api_op_BatchAssociateClientDeviceWithCoreDevice.go @@ -13,17 +13,17 @@ import ( // Associate a list of client devices with a core device. Use this API operation to // specify which client devices can discover a core device through cloud discovery. -// With cloud discovery, client devices connect to AWS IoT Greengrass to retrieve +// With cloud discovery, client devices connect to IoT Greengrass to retrieve // associated core devices' connectivity information and certificates. For more // information, see Configure cloud discovery // (https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-cloud-discovery.html) -// in the AWS IoT Greengrass V2 Developer Guide. Client devices are local IoT -// devices that connect to and communicate with an AWS IoT Greengrass core device -// over MQTT. You can connect client devices to a core device to sync MQTT messages -// and data to AWS IoT Core and interact with client devices in AWS IoT Greengrass +// in the IoT Greengrass V2 Developer Guide. Client devices are local IoT devices +// that connect to and communicate with an IoT Greengrass core device over MQTT. +// You can connect client devices to a core device to sync MQTT messages and data +// to Amazon Web Services IoT Core and interact with client devices in Greengrass // components. For more information, see Interact with local IoT devices // (https://docs.aws.amazon.com/greengrass/v2/developerguide/interact-with-local-iot-devices.html) -// in the AWS IoT Greengrass V2 Developer Guide. +// in the IoT Greengrass V2 Developer Guide. func (c *Client) BatchAssociateClientDeviceWithCoreDevice(ctx context.Context, params *BatchAssociateClientDeviceWithCoreDeviceInput, optFns ...func(*Options)) (*BatchAssociateClientDeviceWithCoreDeviceOutput, error) { if params == nil { params = &BatchAssociateClientDeviceWithCoreDeviceInput{} @@ -41,7 +41,7 @@ func (c *Client) BatchAssociateClientDeviceWithCoreDevice(ctx context.Context, p type BatchAssociateClientDeviceWithCoreDeviceInput struct { - // The name of the core device. This is also the name of the AWS IoT thing. + // The name of the core device. This is also the name of the IoT thing. // // This member is required. CoreDeviceThingName *string @@ -55,7 +55,7 @@ type BatchAssociateClientDeviceWithCoreDeviceInput struct { type BatchAssociateClientDeviceWithCoreDeviceOutput struct { // The list of any errors for the entries in the request. Each error entry contains - // the name of the AWS IoT thing that failed to associate. + // the name of the IoT thing that failed to associate. ErrorEntries []types.AssociateClientDeviceWithCoreDeviceErrorEntry // Metadata pertaining to the operation's result. diff --git a/service/greengrassv2/api_op_BatchDisassociateClientDeviceFromCoreDevice.go b/service/greengrassv2/api_op_BatchDisassociateClientDeviceFromCoreDevice.go index 872d5ca1168..b5014188b43 100644 --- a/service/greengrassv2/api_op_BatchDisassociateClientDeviceFromCoreDevice.go +++ b/service/greengrassv2/api_op_BatchDisassociateClientDeviceFromCoreDevice.go @@ -32,7 +32,7 @@ func (c *Client) BatchDisassociateClientDeviceFromCoreDevice(ctx context.Context type BatchDisassociateClientDeviceFromCoreDeviceInput struct { - // The name of the core device. This is also the name of the AWS IoT thing. + // The name of the core device. This is also the name of the IoT thing. // // This member is required. CoreDeviceThingName *string @@ -46,7 +46,7 @@ type BatchDisassociateClientDeviceFromCoreDeviceInput struct { type BatchDisassociateClientDeviceFromCoreDeviceOutput struct { // The list of errors (if any) for the entries in the request. Each error entry - // contains the name of the AWS IoT thing that failed to disassociate. + // contains the name of the IoT thing that failed to disassociate. ErrorEntries []types.DisassociateClientDeviceFromCoreDeviceErrorEntry // Metadata pertaining to the operation's result. diff --git a/service/greengrassv2/api_op_CreateComponentVersion.go b/service/greengrassv2/api_op_CreateComponentVersion.go index 07239d8098a..6f59670940d 100644 --- a/service/greengrassv2/api_op_CreateComponentVersion.go +++ b/service/greengrassv2/api_op_CreateComponentVersion.go @@ -4,6 +4,7 @@ package greengrassv2 import ( "context" + "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/greengrassv2/types" @@ -12,44 +13,43 @@ import ( "time" ) -// Creates a component. Components are software that run on AWS IoT Greengrass core +// Creates a component. Components are software that run on Greengrass core // devices. After you develop and test a component on your core device, you can use -// this operation to upload your component to AWS IoT Greengrass. Then, you can -// deploy the component to other core devices. You can use this operation to do the +// this operation to upload your component to IoT Greengrass. Then, you can deploy +// the component to other core devices. You can use this operation to do the // following: // // * Create components from recipes Create a component from a recipe, // which is a file that defines the component's metadata, parameters, dependencies, -// lifecycle, artifacts, and platform capability. For more information, see AWS IoT +// lifecycle, artifacts, and platform capability. For more information, see IoT // Greengrass component recipe reference // (https://docs.aws.amazon.com/greengrass/v2/developerguide/component-recipe-reference.html) -// in the AWS IoT Greengrass V2 Developer Guide. To create a component from a -// recipe, specify inlineRecipe when you call this operation. +// in the IoT Greengrass V2 Developer Guide. To create a component from a recipe, +// specify inlineRecipe when you call this operation. // -// * Create components -// from Lambda functions Create a component from an AWS Lambda function that runs -// on AWS IoT Greengrass. This creates a recipe and artifacts from the Lambda -// function's deployment package. You can use this operation to migrate Lambda -// functions from AWS IoT Greengrass V1 to AWS IoT Greengrass V2. This function -// only accepts Lambda functions that use the following runtimes: +// * Create components from +// Lambda functions Create a component from an Lambda function that runs on IoT +// Greengrass. This creates a recipe and artifacts from the Lambda function's +// deployment package. You can use this operation to migrate Lambda functions from +// IoT Greengrass V1 to IoT Greengrass V2. This function only accepts Lambda +// functions that use the following runtimes: // -// * Python 2.7 – -// python2.7 +// * Python 2.7 – python2.7 // -// * Python 3.7 – python3.7 +// * Python +// 3.7 – python3.7 // // * Python 3.8 – python3.8 // -// * Java 8 – -// java8 +// * Java 8 – java8 // -// * Node.js 10 – nodejs10.x +// * Node.js 10 – +// nodejs10.x // // * Node.js 12 – nodejs12.x // -// To create a -// component from a Lambda function, specify lambdaFunction when you call this -// operation. +// To create a component from a Lambda +// function, specify lambdaFunction when you call this operation. func (c *Client) CreateComponentVersion(ctx context.Context, params *CreateComponentVersionInput, optFns ...func(*Options)) (*CreateComponentVersionOutput, error) { if params == nil { params = &CreateComponentVersionInput{} @@ -67,6 +67,15 @@ func (c *Client) CreateComponentVersion(ctx context.Context, params *CreateCompo type CreateComponentVersionInput struct { + // A unique, case-sensitive identifier that you can provide to ensure that the + // request is idempotent. Idempotency means that the request is successfully + // processed only once, even if you send the request multiple times. When a request + // succeeds, and you specify the same client token for subsequent successful + // requests, the IoT Greengrass V2 service returns the successful response that it + // caches from the previous request. IoT Greengrass V2 caches successful responses + // for idempotent requests for up to 8 hours. + ClientToken *string + // The recipe to use to create the component. The recipe defines the component's // metadata, parameters, dependencies, lifecycle, artifacts, and platform // compatibility. You must specify either inlineRecipe or lambdaFunction. @@ -79,7 +88,7 @@ type CreateComponentVersionInput struct { // A list of key-value pairs that contain metadata for the resource. For more // information, see Tag your resources // (https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in - // the AWS IoT Greengrass V2 Developer Guide. + // the IoT Greengrass V2 Developer Guide. Tags map[string]string noSmithyDocumentSerde @@ -102,7 +111,7 @@ type CreateComponentVersionOutput struct { // This member is required. CreationTimestamp *time.Time - // The status of the component version in AWS IoT Greengrass V2. This status is + // The status of the component version in IoT Greengrass V2. This status is // different from the status of the component on a core device. // // This member is required. @@ -164,6 +173,9 @@ func (c *Client) addOperationCreateComponentVersionMiddlewares(stack *middleware if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } + if err = addIdempotencyToken_opCreateComponentVersionMiddleware(stack, options); err != nil { + return err + } if err = addOpCreateComponentVersionValidationMiddleware(stack); err != nil { return err } @@ -182,6 +194,39 @@ func (c *Client) addOperationCreateComponentVersionMiddlewares(stack *middleware return nil } +type idempotencyToken_initializeOpCreateComponentVersion struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpCreateComponentVersion) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpCreateComponentVersion) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*CreateComponentVersionInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *CreateComponentVersionInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opCreateComponentVersionMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpCreateComponentVersion{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + func newServiceMetadataMiddleware_opCreateComponentVersion(region string) *awsmiddleware.RegisterServiceMetadata { return &awsmiddleware.RegisterServiceMetadata{ Region: region, diff --git a/service/greengrassv2/api_op_CreateDeployment.go b/service/greengrassv2/api_op_CreateDeployment.go index 430343d8c71..c60d7309b59 100644 --- a/service/greengrassv2/api_op_CreateDeployment.go +++ b/service/greengrassv2/api_op_CreateDeployment.go @@ -4,6 +4,7 @@ package greengrassv2 import ( "context" + "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/greengrassv2/types" @@ -11,19 +12,19 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Creates a continuous deployment for a target, which is a AWS IoT Greengrass core -// device or group of core devices. When you add a new core device to a group of -// core devices that has a deployment, AWS IoT Greengrass deploys that group's -// deployment to the new device. You can define one deployment for each target. -// When you create a new deployment for a target that has an existing deployment, -// you replace the previous deployment. AWS IoT Greengrass applies the new -// deployment to the target devices. Every deployment has a revision number that -// indicates how many deployment revisions you define for a target. Use this -// operation to create a new revision of an existing deployment. This operation -// returns the revision number of the new deployment when you create it. For more -// information, see the Create deployments +// Creates a continuous deployment for a target, which is a Greengrass core device +// or group of core devices. When you add a new core device to a group of core +// devices that has a deployment, IoT Greengrass deploys that group's deployment to +// the new device. You can define one deployment for each target. When you create a +// new deployment for a target that has an existing deployment, you replace the +// previous deployment. IoT Greengrass applies the new deployment to the target +// devices. Every deployment has a revision number that indicates how many +// deployment revisions you define for a target. Use this operation to create a new +// revision of an existing deployment. This operation returns the revision number +// of the new deployment when you create it. For more information, see the Create +// deployments // (https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) -// in the AWS IoT Greengrass V2 Developer Guide. +// in the IoT Greengrass V2 Developer Guide. func (c *Client) CreateDeployment(ctx context.Context, params *CreateDeploymentInput, optFns ...func(*Options)) (*CreateDeploymentOutput, error) { if params == nil { params = &CreateDeploymentInput{} @@ -43,20 +44,26 @@ type CreateDeploymentInput struct { // The ARN // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of - // the target AWS IoT thing or thing group. + // the target IoT thing or thing group. // // This member is required. TargetArn *string + // A unique, case-sensitive identifier that you can provide to ensure that the + // request is idempotent. Idempotency means that the request is successfully + // processed only once, even if you send the request multiple times. When a request + // succeeds, and you specify the same client token for subsequent successful + // requests, the IoT Greengrass V2 service returns the successful response that it + // caches from the previous request. IoT Greengrass V2 caches successful responses + // for idempotent requests for up to 8 hours. + ClientToken *string + // The components to deploy. This is a dictionary, where each key is the name of a // component, and each key's value is the version and configuration to deploy for // that component. Components map[string]types.ComponentDeploymentSpecification - // The name of the deployment. You can create deployments without names. If you - // create a deployment without a name, the AWS IoT Greengrass V2 console shows the - // deployment name as :, where targetType and targetName are the type and name of - // the deployment target. + // The name of the deployment. DeploymentName *string // The deployment policies for the deployment. These policies define how the @@ -71,7 +78,7 @@ type CreateDeploymentInput struct { // A list of key-value pairs that contain metadata for the resource. For more // information, see Tag your resources // (https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in - // the AWS IoT Greengrass V2 Developer Guide. + // the IoT Greengrass V2 Developer Guide. Tags map[string]string noSmithyDocumentSerde @@ -84,10 +91,10 @@ type CreateDeploymentOutput struct { // The ARN // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of - // the AWS IoT job that applies the deployment to target devices. + // the IoT job that applies the deployment to target devices. IotJobArn *string - // The ID of the AWS IoT job that applies the deployment to target devices. + // The ID of the IoT job that applies the deployment to target devices. IotJobId *string // Metadata pertaining to the operation's result. @@ -141,6 +148,9 @@ func (c *Client) addOperationCreateDeploymentMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } + if err = addIdempotencyToken_opCreateDeploymentMiddleware(stack, options); err != nil { + return err + } if err = addOpCreateDeploymentValidationMiddleware(stack); err != nil { return err } @@ -159,6 +169,39 @@ func (c *Client) addOperationCreateDeploymentMiddlewares(stack *middleware.Stack return nil } +type idempotencyToken_initializeOpCreateDeployment struct { + tokenProvider IdempotencyTokenProvider +} + +func (*idempotencyToken_initializeOpCreateDeployment) ID() string { + return "OperationIdempotencyTokenAutoFill" +} + +func (m *idempotencyToken_initializeOpCreateDeployment) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + if m.tokenProvider == nil { + return next.HandleInitialize(ctx, in) + } + + input, ok := in.Parameters.(*CreateDeploymentInput) + if !ok { + return out, metadata, fmt.Errorf("expected middleware input to be of type *CreateDeploymentInput ") + } + + if input.ClientToken == nil { + t, err := m.tokenProvider.GetIdempotencyToken() + if err != nil { + return out, metadata, err + } + input.ClientToken = &t + } + return next.HandleInitialize(ctx, in) +} +func addIdempotencyToken_opCreateDeploymentMiddleware(stack *middleware.Stack, cfg Options) error { + return stack.Initialize.Add(&idempotencyToken_initializeOpCreateDeployment{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) +} + func newServiceMetadataMiddleware_opCreateDeployment(region string) *awsmiddleware.RegisterServiceMetadata { return &awsmiddleware.RegisterServiceMetadata{ Region: region, diff --git a/service/greengrassv2/api_op_DeleteComponent.go b/service/greengrassv2/api_op_DeleteComponent.go index 0079e0fd32a..510773c8ae6 100644 --- a/service/greengrassv2/api_op_DeleteComponent.go +++ b/service/greengrassv2/api_op_DeleteComponent.go @@ -10,11 +10,11 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes a version of a component from AWS IoT Greengrass. This operation deletes -// the component's recipe and artifacts. As a result, deployments that refer to -// this component version will fail. If you have deployments that use this -// component version, you can remove the component from the deployment or update -// the deployment to use a valid version. +// Deletes a version of a component from IoT Greengrass. This operation deletes the +// component's recipe and artifacts. As a result, deployments that refer to this +// component version will fail. If you have deployments that use this component +// version, you can remove the component from the deployment or update the +// deployment to use a valid version. func (c *Client) DeleteComponent(ctx context.Context, params *DeleteComponentInput, optFns ...func(*Options)) (*DeleteComponentOutput, error) { if params == nil { params = &DeleteComponentInput{} diff --git a/service/greengrassv2/api_op_DeleteCoreDevice.go b/service/greengrassv2/api_op_DeleteCoreDevice.go index 76c757feb37..ca1d90b36e8 100644 --- a/service/greengrassv2/api_op_DeleteCoreDevice.go +++ b/service/greengrassv2/api_op_DeleteCoreDevice.go @@ -10,12 +10,12 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes a AWS IoT Greengrass core device, which is an AWS IoT thing. This -// operation removes the core device from the list of core devices. This operation -// doesn't delete the AWS IoT thing. For more information about how to delete the -// AWS IoT thing, see DeleteThing +// Deletes a Greengrass core device, which is an IoT thing. This operation removes +// the core device from the list of core devices. This operation doesn't delete the +// IoT thing. For more information about how to delete the IoT thing, see +// DeleteThing // (https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThing.html) in -// the AWS IoT API Reference. +// the IoT API Reference. func (c *Client) DeleteCoreDevice(ctx context.Context, params *DeleteCoreDeviceInput, optFns ...func(*Options)) (*DeleteCoreDeviceOutput, error) { if params == nil { params = &DeleteCoreDeviceInput{} @@ -33,7 +33,7 @@ func (c *Client) DeleteCoreDevice(ctx context.Context, params *DeleteCoreDeviceI type DeleteCoreDeviceInput struct { - // The name of the core device. This is also the name of the AWS IoT thing. + // The name of the core device. This is also the name of the IoT thing. // // This member is required. CoreDeviceThingName *string diff --git a/service/greengrassv2/api_op_DescribeComponent.go b/service/greengrassv2/api_op_DescribeComponent.go index 2bfbd68414e..32e51d33d41 100644 --- a/service/greengrassv2/api_op_DescribeComponent.go +++ b/service/greengrassv2/api_op_DescribeComponent.go @@ -65,14 +65,14 @@ type DescribeComponentOutput struct { // The publisher of the component version. Publisher *string - // The status of the component version in AWS IoT Greengrass V2. This status is + // The status of the component version in IoT Greengrass V2. This status is // different from the status of the component on a core device. Status *types.CloudComponentStatus // A list of key-value pairs that contain metadata for the resource. For more // information, see Tag your resources // (https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in - // the AWS IoT Greengrass V2 Developer Guide. + // the IoT Greengrass V2 Developer Guide. Tags map[string]string // Metadata pertaining to the operation's result. diff --git a/service/greengrassv2/api_op_GetComponent.go b/service/greengrassv2/api_op_GetComponent.go index 608ff06ce8a..301b9d1eb8a 100644 --- a/service/greengrassv2/api_op_GetComponent.go +++ b/service/greengrassv2/api_op_GetComponent.go @@ -58,7 +58,7 @@ type GetComponentOutput struct { // A list of key-value pairs that contain metadata for the resource. For more // information, see Tag your resources // (https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in - // the AWS IoT Greengrass V2 Developer Guide. + // the IoT Greengrass V2 Developer Guide. Tags map[string]string // Metadata pertaining to the operation's result. diff --git a/service/greengrassv2/api_op_GetCoreDevice.go b/service/greengrassv2/api_op_GetCoreDevice.go index f0c9c38e0ae..8db5fbe148c 100644 --- a/service/greengrassv2/api_op_GetCoreDevice.go +++ b/service/greengrassv2/api_op_GetCoreDevice.go @@ -12,7 +12,7 @@ import ( "time" ) -// Retrieves metadata for a AWS IoT Greengrass core device. +// Retrieves metadata for a Greengrass core device. func (c *Client) GetCoreDevice(ctx context.Context, params *GetCoreDeviceInput, optFns ...func(*Options)) (*GetCoreDeviceOutput, error) { if params == nil { params = &GetCoreDeviceInput{} @@ -30,7 +30,7 @@ func (c *Client) GetCoreDevice(ctx context.Context, params *GetCoreDeviceInput, type GetCoreDeviceInput struct { - // The name of the core device. This is also the name of the AWS IoT thing. + // The name of the core device. This is also the name of the IoT thing. // // This member is required. CoreDeviceThingName *string @@ -43,15 +43,15 @@ type GetCoreDeviceOutput struct { // The computer architecture of the core device. Architecture *string - // The name of the core device. This is also the name of the AWS IoT thing. + // The name of the core device. This is also the name of the IoT thing. CoreDeviceThingName *string - // The version of the AWS IoT Greengrass Core software that the core device runs. - // This version is equivalent to the version of the AWS IoT Greengrass nucleus - // component that runs on the core device. For more information, see the AWS IoT - // Greengrass nucleus component + // The version of the IoT Greengrass Core software that the core device runs. This + // version is equivalent to the version of the Greengrass nucleus component that + // runs on the core device. For more information, see the Greengrass nucleus + // component // (https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) - // in the AWS IoT Greengrass V2 Developer Guide. + // in the IoT Greengrass V2 Developer Guide. CoreVersion *string // The time at which the core device's status last updated, expressed in ISO 8601 @@ -64,17 +64,17 @@ type GetCoreDeviceOutput struct { // The status of the core device. The core device status can be: // // * HEALTHY – The - // AWS IoT Greengrass Core software and all components run on the core device - // without issue. + // IoT Greengrass Core software and all components run on the core device without + // issue. // - // * UNHEALTHY – The AWS IoT Greengrass Core software or a - // component is in a failed state on the core device. + // * UNHEALTHY – The IoT Greengrass Core software or a component is in a + // failed state on the core device. Status types.CoreDeviceStatus // A list of key-value pairs that contain metadata for the resource. For more // information, see Tag your resources // (https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in - // the AWS IoT Greengrass V2 Developer Guide. + // the IoT Greengrass V2 Developer Guide. Tags map[string]string // Metadata pertaining to the operation's result. diff --git a/service/greengrassv2/api_op_GetDeployment.go b/service/greengrassv2/api_op_GetDeployment.go index d483e0d77cd..6afc4ab5c5d 100644 --- a/service/greengrassv2/api_op_GetDeployment.go +++ b/service/greengrassv2/api_op_GetDeployment.go @@ -12,8 +12,8 @@ import ( "time" ) -// Gets a deployment. Deployments define the components that run on AWS IoT -// Greengrass core devices. +// Gets a deployment. Deployments define the components that run on Greengrass core +// devices. func (c *Client) GetDeployment(ctx context.Context, params *GetDeploymentInput, optFns ...func(*Options)) (*GetDeploymentOutput, error) { if params == nil { params = &GetDeploymentInput{} @@ -52,10 +52,7 @@ type GetDeploymentOutput struct { // The ID of the deployment. DeploymentId *string - // The name of the deployment. You can create deployments without names. If you - // create a deployment without a name, the AWS IoT Greengrass V2 console shows the - // deployment name as :, where targetType and targetName are the type and name of - // the deployment target. + // The name of the deployment. DeploymentName *string // The deployment policies for the deployment. These policies define how the @@ -67,7 +64,7 @@ type GetDeploymentOutput struct { // The ARN // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of - // the AWS IoT job that applies the deployment to target devices. + // the IoT job that applies the deployment to target devices. IotJobArn *string // The job configuration for the deployment configuration. The job configuration @@ -75,7 +72,7 @@ type GetDeploymentOutput struct { // configuration. IotJobConfiguration *types.DeploymentIoTJobConfiguration - // The ID of the AWS IoT job that applies the deployment to target devices. + // The ID of the IoT job that applies the deployment to target devices. IotJobId *string // Whether or not the deployment is the latest revision for its target. @@ -87,12 +84,12 @@ type GetDeploymentOutput struct { // A list of key-value pairs that contain metadata for the resource. For more // information, see Tag your resources // (https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in - // the AWS IoT Greengrass V2 Developer Guide. + // the IoT Greengrass V2 Developer Guide. Tags map[string]string // The ARN // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of - // the target AWS IoT thing or thing group. + // the target IoT thing or thing group. TargetArn *string // Metadata pertaining to the operation's result. diff --git a/service/greengrassv2/api_op_ListClientDevicesAssociatedWithCoreDevice.go b/service/greengrassv2/api_op_ListClientDevicesAssociatedWithCoreDevice.go index d89d715d991..06d63cfb8b3 100644 --- a/service/greengrassv2/api_op_ListClientDevicesAssociatedWithCoreDevice.go +++ b/service/greengrassv2/api_op_ListClientDevicesAssociatedWithCoreDevice.go @@ -31,7 +31,7 @@ func (c *Client) ListClientDevicesAssociatedWithCoreDevice(ctx context.Context, type ListClientDevicesAssociatedWithCoreDeviceInput struct { - // The name of the core device. This is also the name of the AWS IoT thing. + // The name of the core device. This is also the name of the IoT thing. // // This member is required. CoreDeviceThingName *string diff --git a/service/greengrassv2/api_op_ListCoreDevices.go b/service/greengrassv2/api_op_ListCoreDevices.go index 8f8386c39fb..bc76d8bb0af 100644 --- a/service/greengrassv2/api_op_ListCoreDevices.go +++ b/service/greengrassv2/api_op_ListCoreDevices.go @@ -12,7 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Retrieves a paginated list of AWS IoT Greengrass core devices. +// Retrieves a paginated list of Greengrass core devices. func (c *Client) ListCoreDevices(ctx context.Context, params *ListCoreDevicesInput, optFns ...func(*Options)) (*ListCoreDevicesOutput, error) { if params == nil { params = &ListCoreDevicesInput{} @@ -40,17 +40,17 @@ type ListCoreDevicesInput struct { // list includes only core devices that have this status. Choose one of the // following options: // - // * HEALTHY – The AWS IoT Greengrass Core software and all + // * HEALTHY – The IoT Greengrass Core software and all // components run on the core device without issue. // - // * UNHEALTHY – The AWS IoT + // * UNHEALTHY – The IoT // Greengrass Core software or a component is in a failed state on the core device. Status types.CoreDeviceStatus // The ARN // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of - // the AWS IoT thing group by which to filter. If you specify this parameter, the - // list includes only core devices that are members of this thing group. + // the IoT thing group by which to filter. If you specify this parameter, the list + // includes only core devices that are members of this thing group. ThingGroupArn *string noSmithyDocumentSerde diff --git a/service/greengrassv2/api_op_ListDeployments.go b/service/greengrassv2/api_op_ListDeployments.go index dd4d5ee80b4..6e6629d2f25 100644 --- a/service/greengrassv2/api_op_ListDeployments.go +++ b/service/greengrassv2/api_op_ListDeployments.go @@ -49,7 +49,7 @@ type ListDeploymentsInput struct { // The ARN // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of - // the target AWS IoT thing or thing group. + // the target IoT thing or thing group. TargetArn *string noSmithyDocumentSerde diff --git a/service/greengrassv2/api_op_ListEffectiveDeployments.go b/service/greengrassv2/api_op_ListEffectiveDeployments.go index 8e6d0198b2a..d535ae6a545 100644 --- a/service/greengrassv2/api_op_ListEffectiveDeployments.go +++ b/service/greengrassv2/api_op_ListEffectiveDeployments.go @@ -12,8 +12,8 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Retrieves a paginated list of deployment jobs that AWS IoT Greengrass sends to -// AWS IoT Greengrass core devices. +// Retrieves a paginated list of deployment jobs that IoT Greengrass sends to +// Greengrass core devices. func (c *Client) ListEffectiveDeployments(ctx context.Context, params *ListEffectiveDeploymentsInput, optFns ...func(*Options)) (*ListEffectiveDeploymentsOutput, error) { if params == nil { params = &ListEffectiveDeploymentsInput{} @@ -31,7 +31,7 @@ func (c *Client) ListEffectiveDeployments(ctx context.Context, params *ListEffec type ListEffectiveDeploymentsInput struct { - // The name of the core device. This is also the name of the AWS IoT thing. + // The name of the core device. This is also the name of the IoT thing. // // This member is required. CoreDeviceThingName *string diff --git a/service/greengrassv2/api_op_ListInstalledComponents.go b/service/greengrassv2/api_op_ListInstalledComponents.go index 7c0262543a8..c7ac58672b9 100644 --- a/service/greengrassv2/api_op_ListInstalledComponents.go +++ b/service/greengrassv2/api_op_ListInstalledComponents.go @@ -12,8 +12,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Retrieves a paginated list of the components that a AWS IoT Greengrass core -// device runs. +// Retrieves a paginated list of the components that a Greengrass core device runs. func (c *Client) ListInstalledComponents(ctx context.Context, params *ListInstalledComponentsInput, optFns ...func(*Options)) (*ListInstalledComponentsOutput, error) { if params == nil { params = &ListInstalledComponentsInput{} @@ -31,7 +30,7 @@ func (c *Client) ListInstalledComponents(ctx context.Context, params *ListInstal type ListInstalledComponentsInput struct { - // The name of the core device. This is also the name of the AWS IoT thing. + // The name of the core device. This is also the name of the IoT thing. // // This member is required. CoreDeviceThingName *string diff --git a/service/greengrassv2/api_op_ListTagsForResource.go b/service/greengrassv2/api_op_ListTagsForResource.go index 169e49bfcbd..ca5b1e98403 100644 --- a/service/greengrassv2/api_op_ListTagsForResource.go +++ b/service/greengrassv2/api_op_ListTagsForResource.go @@ -10,7 +10,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Retrieves the list of tags for an AWS IoT Greengrass resource. +// Retrieves the list of tags for an IoT Greengrass resource. func (c *Client) ListTagsForResource(ctx context.Context, params *ListTagsForResourceInput, optFns ...func(*Options)) (*ListTagsForResourceOutput, error) { if params == nil { params = &ListTagsForResourceInput{} @@ -43,7 +43,7 @@ type ListTagsForResourceOutput struct { // A list of key-value pairs that contain metadata for the resource. For more // information, see Tag your resources // (https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in - // the AWS IoT Greengrass V2 Developer Guide. + // the IoT Greengrass V2 Developer Guide. Tags map[string]string // Metadata pertaining to the operation's result. diff --git a/service/greengrassv2/api_op_ResolveComponentCandidates.go b/service/greengrassv2/api_op_ResolveComponentCandidates.go index 034a3c6bd33..9aa44125de8 100644 --- a/service/greengrassv2/api_op_ResolveComponentCandidates.go +++ b/service/greengrassv2/api_op_ResolveComponentCandidates.go @@ -12,19 +12,19 @@ import ( ) // Retrieves a list of components that meet the component, version, and platform -// requirements of a deployment. AWS IoT Greengrass core devices call this -// operation when they receive a deployment to identify the components to install. -// This operation identifies components that meet all dependency requirements for a -// deployment. If the requirements conflict, then this operation returns an error -// and the deployment fails. For example, this occurs if component A requires -// version >2.0.0 and component B requires version <2.0.0 of a component -// dependency. When you specify the component candidates to resolve, AWS IoT -// Greengrass compares each component's digest from the core device with the -// component's digest in the AWS Cloud. If the digests don't match, then AWS IoT -// Greengrass specifies to use the version from the AWS Cloud. To use this -// operation, you must use the data plane API endpoint and authenticate with an AWS -// IoT device certificate. For more information, see AWS IoT Greengrass endpoints -// and quotas (https://docs.aws.amazon.com/general/latest/gr/greengrass.html). +// requirements of a deployment. Greengrass core devices call this operation when +// they receive a deployment to identify the components to install. This operation +// identifies components that meet all dependency requirements for a deployment. If +// the requirements conflict, then this operation returns an error and the +// deployment fails. For example, this occurs if component A requires version +// >2.0.0 and component B requires version <2.0.0 of a component dependency. When +// you specify the component candidates to resolve, IoT Greengrass compares each +// component's digest from the core device with the component's digest in the +// Amazon Web Services Cloud. If the digests don't match, then IoT Greengrass +// specifies to use the version from the Amazon Web Services Cloud. To use this +// operation, you must use the data plane API endpoint and authenticate with an IoT +// device certificate. For more information, see IoT Greengrass endpoints and +// quotas (https://docs.aws.amazon.com/general/latest/gr/greengrass.html). func (c *Client) ResolveComponentCandidates(ctx context.Context, params *ResolveComponentCandidatesInput, optFns ...func(*Options)) (*ResolveComponentCandidatesOutput, error) { if params == nil { params = &ResolveComponentCandidatesInput{} diff --git a/service/greengrassv2/api_op_TagResource.go b/service/greengrassv2/api_op_TagResource.go index 15257503cba..005dc2a7ee8 100644 --- a/service/greengrassv2/api_op_TagResource.go +++ b/service/greengrassv2/api_op_TagResource.go @@ -10,7 +10,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Adds tags to an AWS IoT Greengrass resource. If a tag already exists for the +// Adds tags to an IoT Greengrass resource. If a tag already exists for the // resource, this operation updates the tag's value. func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optFns ...func(*Options)) (*TagResourceOutput, error) { if params == nil { @@ -39,7 +39,7 @@ type TagResourceInput struct { // A list of key-value pairs that contain metadata for the resource. For more // information, see Tag your resources // (https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in - // the AWS IoT Greengrass V2 Developer Guide. + // the IoT Greengrass V2 Developer Guide. // // This member is required. Tags map[string]string diff --git a/service/greengrassv2/api_op_UntagResource.go b/service/greengrassv2/api_op_UntagResource.go index fc472809af1..6d0299dbf61 100644 --- a/service/greengrassv2/api_op_UntagResource.go +++ b/service/greengrassv2/api_op_UntagResource.go @@ -10,7 +10,7 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Removes a tag from an AWS IoT Greengrass resource. +// Removes a tag from an IoT Greengrass resource. func (c *Client) UntagResource(ctx context.Context, params *UntagResourceInput, optFns ...func(*Options)) (*UntagResourceOutput, error) { if params == nil { params = &UntagResourceInput{} diff --git a/service/greengrassv2/deserializers.go b/service/greengrassv2/deserializers.go index 52cbb5cc14a..e8e744b6fdc 100644 --- a/service/greengrassv2/deserializers.go +++ b/service/greengrassv2/deserializers.go @@ -614,6 +614,9 @@ func awsRestjson1_deserializeOpErrorCreateComponentVersion(response *smithyhttp. case strings.EqualFold("InternalServerException", errorCode): return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + case strings.EqualFold("RequestAlreadyInProgressException", errorCode): + return awsRestjson1_deserializeErrorRequestAlreadyInProgressException(response, errorBody) + case strings.EqualFold("ServiceQuotaExceededException", errorCode): return awsRestjson1_deserializeErrorServiceQuotaExceededException(response, errorBody) @@ -816,6 +819,9 @@ func awsRestjson1_deserializeOpErrorCreateDeployment(response *smithyhttp.Respon case strings.EqualFold("InternalServerException", errorCode): return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + case strings.EqualFold("RequestAlreadyInProgressException", errorCode): + return awsRestjson1_deserializeErrorRequestAlreadyInProgressException(response, errorBody) + case strings.EqualFold("ResourceNotFoundException", errorCode): return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) @@ -3961,6 +3967,42 @@ func awsRestjson1_deserializeErrorInternalServerException(response *smithyhttp.R return output } +func awsRestjson1_deserializeErrorRequestAlreadyInProgressException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + output := &types.RequestAlreadyInProgressException{} + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + err := awsRestjson1_deserializeDocumentRequestAlreadyInProgressException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + + return output +} + func awsRestjson1_deserializeErrorResourceNotFoundException(response *smithyhttp.Response, errorBody *bytes.Reader) error { output := &types.ResourceNotFoundException{} var buff [1024]byte @@ -4837,6 +4879,11 @@ func awsRestjson1_deserializeDocumentComponentRunWith(v **types.ComponentRunWith sv.PosixUser = ptr.String(jtv) } + case "systemResourceLimits": + if err := awsRestjson1_deserializeDocumentSystemResourceLimits(&sv.SystemResourceLimits, value); err != nil { + return err + } + default: _, _ = key, value @@ -6282,6 +6329,46 @@ func awsRestjson1_deserializeDocumentPlatformAttributesMap(v *map[string]string, return nil } +func awsRestjson1_deserializeDocumentRequestAlreadyInProgressException(v **types.RequestAlreadyInProgressException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.RequestAlreadyInProgressException + if *v == nil { + sv = &types.RequestAlreadyInProgressException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "message": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected String to be of type string, got %T instead", value) + } + sv.Message = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsRestjson1_deserializeDocumentResolvedComponentVersion(v **types.ResolvedComponentVersion, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -6557,6 +6644,84 @@ func awsRestjson1_deserializeDocumentStringMap(v *map[string]string, value inter return nil } +func awsRestjson1_deserializeDocumentSystemResourceLimits(v **types.SystemResourceLimits, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.SystemResourceLimits + if *v == nil { + sv = &types.SystemResourceLimits{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "cpus": + if value != nil { + switch jtv := value.(type) { + case json.Number: + f64, err := jtv.Float64() + if err != nil { + return err + } + sv.Cpus = f64 + + case string: + var f64 float64 + switch { + case strings.EqualFold(jtv, "NaN"): + f64 = math.NaN() + + case strings.EqualFold(jtv, "Infinity"): + f64 = math.Inf(1) + + case strings.EqualFold(jtv, "-Infinity"): + f64 = math.Inf(-1) + + default: + return fmt.Errorf("unknown JSON number value: %s", jtv) + + } + sv.Cpus = f64 + + default: + return fmt.Errorf("expected CPU to be a JSON Number, got %T instead", value) + + } + } + + case "memory": + if value != nil { + jtv, ok := value.(json.Number) + if !ok { + return fmt.Errorf("expected Memory to be json.Number, got %T instead", value) + } + i64, err := jtv.Int64() + if err != nil { + return err + } + sv.Memory = i64 + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsRestjson1_deserializeDocumentTagMap(v *map[string]string, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) diff --git a/service/greengrassv2/doc.go b/service/greengrassv2/doc.go index 7715b02cc97..4095d4fe7c1 100644 --- a/service/greengrassv2/doc.go +++ b/service/greengrassv2/doc.go @@ -3,18 +3,18 @@ // Package greengrassv2 provides the API client, operations, and parameter types // for AWS IoT Greengrass V2. // -// AWS IoT Greengrass brings local compute, messaging, data management, sync, and -// ML inference capabilities to edge devices. This enables devices to collect and +// IoT Greengrass brings local compute, messaging, data management, sync, and ML +// inference capabilities to edge devices. This enables devices to collect and // analyze data closer to the source of information, react autonomously to local // events, and communicate securely with each other on local networks. Local -// devices can also communicate securely with AWS IoT Core and export IoT data to -// the AWS Cloud. AWS IoT Greengrass developers can use AWS Lambda functions and -// components to create and deploy applications to fleets of edge devices for local -// operation. AWS IoT Greengrass Version 2 provides a new major version of the AWS -// IoT Greengrass Core software, new APIs, and a new console. Use this API -// reference to learn how to use the AWS IoT Greengrass V2 API operations to manage -// components, manage deployments, and core devices. For more information, see What -// is AWS IoT Greengrass? +// devices can also communicate securely with Amazon Web Services IoT Core and +// export IoT data to the Amazon Web Services Cloud. IoT Greengrass developers can +// use Lambda functions and components to create and deploy applications to fleets +// of edge devices for local operation. IoT Greengrass Version 2 provides a new +// major version of the IoT Greengrass Core software, new APIs, and a new console. +// Use this API reference to learn how to use the IoT Greengrass V2 API operations +// to manage components, manage deployments, and core devices. For more +// information, see What is IoT Greengrass? // (https://docs.aws.amazon.com/greengrass/v2/developerguide/what-is-iot-greengrass.html) -// in the AWS IoT Greengrass V2 Developer Guide. +// in the IoT Greengrass V2 Developer Guide. package greengrassv2 diff --git a/service/greengrassv2/serializers.go b/service/greengrassv2/serializers.go index 20ec5a8c9a6..e4d3bbf0fe4 100644 --- a/service/greengrassv2/serializers.go +++ b/service/greengrassv2/serializers.go @@ -299,6 +299,11 @@ func awsRestjson1_serializeOpDocumentCreateComponentVersionInput(v *CreateCompon object := value.Object() defer object.Close() + if v.ClientToken != nil { + ok := object.Key("clientToken") + ok.String(*v.ClientToken) + } + if v.InlineRecipe != nil { ok := object.Key("inlineRecipe") ok.Base64EncodeBytes(v.InlineRecipe) @@ -381,6 +386,11 @@ func awsRestjson1_serializeOpDocumentCreateDeploymentInput(v *CreateDeploymentIn object := value.Object() defer object.Close() + if v.ClientToken != nil { + ok := object.Key("clientToken") + ok.String(*v.ClientToken) + } + if v.Components != nil { ok := object.Key("components") if err := awsRestjson1_serializeDocumentComponentDeploymentSpecifications(v.Components, ok); err != nil { @@ -1782,6 +1792,13 @@ func awsRestjson1_serializeDocumentComponentRunWith(v *types.ComponentRunWith, v ok.String(*v.PosixUser) } + if v.SystemResourceLimits != nil { + ok := object.Key("systemResourceLimits") + if err := awsRestjson1_serializeDocumentSystemResourceLimits(v.SystemResourceLimits, ok); err != nil { + return err + } + } + return nil } @@ -2357,6 +2374,36 @@ func awsRestjson1_serializeDocumentPlatformAttributesMap(v map[string]string, va return nil } +func awsRestjson1_serializeDocumentSystemResourceLimits(v *types.SystemResourceLimits, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.Cpus != 0 { + ok := object.Key("cpus") + switch { + case math.IsNaN(v.Cpus): + ok.String("NaN") + + case math.IsInf(v.Cpus, 1): + ok.String("Infinity") + + case math.IsInf(v.Cpus, -1): + ok.String("-Infinity") + + default: + ok.Double(v.Cpus) + + } + } + + if v.Memory != 0 { + ok := object.Key("memory") + ok.Long(v.Memory) + } + + return nil +} + func awsRestjson1_serializeDocumentTagMap(v map[string]string, value smithyjson.Value) error { object := value.Object() defer object.Close() diff --git a/service/greengrassv2/types/errors.go b/service/greengrassv2/types/errors.go index 3a748e068ed..2a27239cbbd 100644 --- a/service/greengrassv2/types/errors.go +++ b/service/greengrassv2/types/errors.go @@ -49,7 +49,7 @@ func (e *ConflictException) ErrorMessage() string { func (e *ConflictException) ErrorCode() string { return "ConflictException" } func (e *ConflictException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } -// AWS IoT Greengrass can't process your request right now. Try again later. +// IoT Greengrass can't process your request right now. Try again later. type InternalServerException struct { Message *string @@ -70,6 +70,29 @@ func (e *InternalServerException) ErrorMessage() string { func (e *InternalServerException) ErrorCode() string { return "InternalServerException" } func (e *InternalServerException) ErrorFault() smithy.ErrorFault { return smithy.FaultServer } +// The request is already in progress. This exception occurs when you use a client +// token for multiple requests while IoT Greengrass is still processing an earlier +// request that uses the same client token. +type RequestAlreadyInProgressException struct { + Message *string + + noSmithyDocumentSerde +} + +func (e *RequestAlreadyInProgressException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *RequestAlreadyInProgressException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *RequestAlreadyInProgressException) ErrorCode() string { + return "RequestAlreadyInProgressException" +} +func (e *RequestAlreadyInProgressException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + // The requested resource can't be found. type ResourceNotFoundException struct { Message *string diff --git a/service/greengrassv2/types/types.go b/service/greengrassv2/types/types.go index 842d70c35f7..8d67c6be872 100644 --- a/service/greengrassv2/types/types.go +++ b/service/greengrassv2/types/types.go @@ -13,7 +13,7 @@ import ( // operation consumes a list of these requests. type AssociateClientDeviceWithCoreDeviceEntry struct { - // The name of the AWS IoT thing that represents the client device to associate. + // The name of the IoT thing that represents the client device to associate. // // This member is required. ThingName *string @@ -33,7 +33,7 @@ type AssociateClientDeviceWithCoreDeviceErrorEntry struct { // A message that provides additional information about the error. Message *string - // The name of the AWS IoT thing whose associate request failed. + // The name of the IoT thing whose associate request failed. ThingName *string noSmithyDocumentSerde @@ -46,22 +46,22 @@ type AssociatedClientDevice struct { // The time that the client device was associated, expressed in ISO 8601 format. AssociationTimestamp *time.Time - // The name of the AWS IoT thing that represents the associated client device. + // The name of the IoT thing that represents the associated client device. ThingName *string noSmithyDocumentSerde } -// Contains the status of a component in the AWS IoT Greengrass service. +// Contains the status of a component in the IoT Greengrass service. type CloudComponentStatus struct { // The state of the component. ComponentState CloudComponentState // A dictionary of errors that communicate why the component is in an error state. - // For example, if AWS IoT Greengrass can't access an artifact for the component, - // then errors contains the artifact's URI as a key, and the error message as the - // value for that key. + // For example, if IoT Greengrass can't access an artifact for the component, then + // errors contains the artifact's URI as a key, and the error message as the value + // for that key. Errors map[string]string // A message that communicates details, such as errors, about the status of the @@ -88,8 +88,8 @@ type Component struct { noSmithyDocumentSerde } -// Contains information about a component that is a candidate to deploy to a AWS -// IoT Greengrass core device. +// Contains information about a component that is a candidate to deploy to a +// Greengrass core device. type ComponentCandidate struct { // The name of the component. @@ -98,10 +98,10 @@ type ComponentCandidate struct { // The version of the component. ComponentVersion *string - // The version requirements for the component's dependencies. AWS IoT Greengrass - // core devices get the version requirements from component recipes. AWS IoT - // Greengrass V2 uses semantic version constraints. For more information, see - // Semantic Versioning (https://semver.org/). + // The version requirements for the component's dependencies. Greengrass core + // devices get the version requirements from component recipes. IoT Greengrass V2 + // uses semantic version constraints. For more information, see Semantic Versioning + // (https://semver.org/). VersionRequirements map[string]string noSmithyDocumentSerde @@ -111,7 +111,7 @@ type ComponentCandidate struct { // on Greengrass core devices. For more information, see Update component // configurations // (https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) -// in the AWS IoT Greengrass V2 Developer Guide. +// in the IoT Greengrass V2 Developer Guide. type ComponentConfigurationUpdate struct { // A serialized JSON string that contains the configuration object to merge to @@ -122,7 +122,7 @@ type ComponentConfigurationUpdate struct { // for keys and values that you don't specify in this object. For more information, // see Merge configuration updates // (https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) - // in the AWS IoT Greengrass V2 Developer Guide. + // in the IoT Greengrass V2 Developer Guide. Merge *string // The list of configuration nodes to reset to default values on target devices. @@ -131,7 +131,7 @@ type ComponentConfigurationUpdate struct { // the object. For more information, see the JSON pointer specification // (https://tools.ietf.org/html/rfc6901) and Reset configuration updates // (https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) - // in the AWS IoT Greengrass V2 Developer Guide. + // in the IoT Greengrass V2 Developer Guide. Reset []string noSmithyDocumentSerde @@ -152,9 +152,9 @@ type ComponentDependencyRequirement struct { // Default: HARD DependencyType ComponentDependencyType - // The component version requirement for the component dependency. AWS IoT - // Greengrass V2 uses semantic version constraints. For more information, see - // Semantic Versioning (https://semver.org/). + // The component version requirement for the component dependency. IoT Greengrass + // V2 uses semantic version constraints. For more information, see Semantic + // Versioning (https://semver.org/). VersionRequirement *string noSmithyDocumentSerde @@ -169,20 +169,20 @@ type ComponentDeploymentSpecification struct { // The configuration updates to deploy for the component. You can define reset // updates and merge updates. A reset updates the keys that you specify to the // default configuration for the component. A merge updates the core device's - // component configuration with the keys and values that you specify. The AWS IoT + // component configuration with the keys and values that you specify. The IoT // Greengrass Core software applies reset updates before it applies merge updates. // For more information, see Update component configurations // (https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) - // in the AWS IoT Greengrass V2 Developer Guide. + // in the IoT Greengrass V2 Developer Guide. ConfigurationUpdate *ComponentConfigurationUpdate - // The system user and group that the AWS IoT Greengrass Core software uses to run - // component processes on the core device. If you omit this parameter, the AWS IoT + // The system user and group that the IoT Greengrass Core software uses to run + // component processes on the core device. If you omit this parameter, the IoT // Greengrass Core software uses the system user and group that you configure for // the core device. For more information, see Configure the user and group that run // components // (https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) - // in the AWS IoT Greengrass V2 Developer Guide. + // in the IoT Greengrass V2 Developer Guide. RunWith *ComponentRunWith noSmithyDocumentSerde @@ -217,36 +217,47 @@ type ComponentLatestVersion struct { // Contains information about a platform that a component supports. type ComponentPlatform struct { - // A dictionary of attributes for the platform. The AWS IoT Greengrass Core - // software defines the os and platform by default. You can specify additional - // platform attributes for a core device when you deploy the AWS IoT Greengrass - // nucleus component. For more information, see the AWS IoT Greengrass nucleus - // component + // A dictionary of attributes for the platform. The IoT Greengrass Core software + // defines the os and platform by default. You can specify additional platform + // attributes for a core device when you deploy the Greengrass nucleus component. + // For more information, see the Greengrass nucleus component // (https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) - // in the AWS IoT Greengrass V2 Developer Guide. + // in the IoT Greengrass V2 Developer Guide. Attributes map[string]string // The friendly name of the platform. This name helps you identify the platform. If - // you omit this parameter, AWS IoT Greengrass creates a friendly name from the os - // and architecture of the platform. + // you omit this parameter, IoT Greengrass creates a friendly name from the os and + // architecture of the platform. Name *string noSmithyDocumentSerde } -// Contains information system user and group that the AWS IoT Greengrass Core -// software uses to run component processes on the core device. For more -// information, see Configure the user and group that run components +// Contains information system user and group that the IoT Greengrass Core software +// uses to run component processes on the core device. For more information, see +// Configure the user and group that run components // (https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) -// in the AWS IoT Greengrass V2 Developer Guide. +// in the IoT Greengrass V2 Developer Guide. type ComponentRunWith struct { // The POSIX system user and (optional) group to use to run this component. Specify // the user and group separated by a colon (:) in the following format: user:group. - // The group is optional. If you don't specify a group, the AWS IoT Greengrass Core - // software uses the primary user for the group. + // The group is optional. If you don't specify a group, the IoT Greengrass Core + // software uses the primary user for the group. If you omit this parameter, the + // IoT Greengrass Core software uses the default system user and group that you + // configure on the Greengrass nucleus component. For more information, see + // Configure the user and group that run components + // (https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user). PosixUser *string + // The system resource limits to apply to this component's process on the core + // device. If you omit this parameter, the IoT Greengrass Core software uses the + // default system resource limits that you configure on the Greengrass nucleus + // component. For more information, see Configure system resource limits for + // components + // (https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits). + SystemResourceLimits *SystemResourceLimits + noSmithyDocumentSerde } @@ -267,11 +278,11 @@ type ComponentVersionListItem struct { noSmithyDocumentSerde } -// Contains information about a AWS IoT Greengrass core device, which is an AWS IoT -// thing that runs the AWS IoT Greengrass Core software. +// Contains information about a Greengrass core device, which is an IoT thing that +// runs the IoT Greengrass Core software. type CoreDevice struct { - // The name of the core device. This is also the name of the AWS IoT thing. + // The name of the core device. This is also the name of the IoT thing. CoreDeviceThingName *string // The time at which the core device's status last updated, expressed in ISO 8601 @@ -281,11 +292,11 @@ type CoreDevice struct { // The status of the core device. Core devices can have the following statuses: // // * - // HEALTHY – The AWS IoT Greengrass Core software and all components run on the - // core device without issue. + // HEALTHY – The IoT Greengrass Core software and all components run on the core + // device without issue. // - // * UNHEALTHY – The AWS IoT Greengrass Core software - // or a component is in a failed state on the core device. + // * UNHEALTHY – The IoT Greengrass Core software or a + // component is in a failed state on the core device. Status CoreDeviceStatus noSmithyDocumentSerde @@ -300,10 +311,7 @@ type Deployment struct { // The ID of the deployment. DeploymentId *string - // The name of the deployment. You can create deployments without names. If you - // create a deployment without a name, the AWS IoT Greengrass V2 console shows the - // deployment name as :, where targetType and targetName are the type and name of - // the deployment target. + // The name of the deployment. DeploymentName *string // The status of the deployment. @@ -317,7 +325,7 @@ type Deployment struct { // The ARN // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of - // the target AWS IoT thing or thing group. + // the target IoT thing or thing group. TargetArn *string noSmithyDocumentSerde @@ -344,7 +352,7 @@ type DeploymentComponentUpdatePolicy struct { // (https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) // IPC operation. For more information, see Create deployments // (https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) - // in the AWS IoT Greengrass V2 Developer Guide. + // in the IoT Greengrass V2 Developer Guide. // // * SKIP_NOTIFY_COMPONENTS – The // deployment doesn't notify components or wait for them to be safe to @@ -371,7 +379,7 @@ type DeploymentComponentUpdatePolicy struct { // (https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-sendconfigurationvalidityreport) // IPC operation. For more information, see Create deployments // (https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) -// in the AWS IoT Greengrass V2 Developer Guide. +// in the IoT Greengrass V2 Developer Guide. type DeploymentConfigurationValidationPolicy struct { // The amount of time in seconds that a component can validate its configuration @@ -382,7 +390,7 @@ type DeploymentConfigurationValidationPolicy struct { noSmithyDocumentSerde } -// Contains information about an AWS IoT job configuration. +// Contains information about an IoT job configuration. type DeploymentIoTJobConfiguration struct { // The stop configuration for the job. This configuration defines when and how to @@ -425,7 +433,7 @@ type DeploymentPolicies struct { // operation consumes a list of these requests. type DisassociateClientDeviceFromCoreDeviceEntry struct { - // The name of the AWS IoT thing that represents the client device to disassociate. + // The name of the IoT thing that represents the client device to disassociate. // // This member is required. ThingName *string @@ -445,17 +453,17 @@ type DisassociateClientDeviceFromCoreDeviceErrorEntry struct { // A message that provides additional information about the error. Message *string - // The name of the AWS IoT thing whose disassociate request failed. + // The name of the IoT thing whose disassociate request failed. ThingName *string noSmithyDocumentSerde } -// Contains information about a deployment job that AWS IoT Greengrass sends to a -// AWS IoT Greengrass core device. +// Contains information about a deployment job that IoT Greengrass sends to a +// Greengrass core device. type EffectiveDeployment struct { - // The status of the deployment job on the AWS IoT Greengrass core device. + // The status of the deployment job on the Greengrass core device. // // This member is required. CoreDeviceExecutionStatus EffectiveDeploymentExecutionStatus @@ -470,10 +478,7 @@ type EffectiveDeployment struct { // This member is required. DeploymentId *string - // The name of the deployment. You can create deployments without names. If you - // create a deployment without a name, the AWS IoT Greengrass V2 console shows the - // deployment name as :, where targetType and targetName are the type and name of - // the deployment target. + // The name of the deployment. // // This member is required. DeploymentName *string @@ -486,7 +491,7 @@ type EffectiveDeployment struct { // The ARN // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of - // the target AWS IoT thing or thing group. + // the target IoT thing or thing group. // // This member is required. TargetArn *string @@ -496,10 +501,10 @@ type EffectiveDeployment struct { // The ARN // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of - // the AWS IoT job that applies the deployment to target devices. + // the IoT job that applies the deployment to target devices. IotJobArn *string - // The ID of the AWS IoT job that applies the deployment to target devices. + // The ID of the IoT job that applies the deployment to target devices. IotJobId *string // The reason code for the update, if the job was updated. @@ -508,7 +513,7 @@ type EffectiveDeployment struct { noSmithyDocumentSerde } -// Contains information about a component on a AWS IoT Greengrass core device. +// Contains information about a component on a Greengrass core device. type InstalledComponent struct { // The name of the component. @@ -647,8 +652,8 @@ type IoTJobTimeoutConfig struct { noSmithyDocumentSerde } -// Contains information about a container in which AWS Lambda functions run on AWS -// IoT Greengrass core devices. +// Contains information about a container in which Lambda functions run on +// Greengrass core devices. type LambdaContainerParams struct { // The list of system devices that the container can access. @@ -687,7 +692,7 @@ type LambdaDeviceMount struct { noSmithyDocumentSerde } -// Contains information about an event source for an AWS Lambda function. The event +// Contains information about an event source for an Lambda function. The event // source defines the topics on which this Lambda function subscribes to receive // messages that run the function. type LambdaEventSource struct { @@ -704,8 +709,8 @@ type LambdaEventSource struct { // support MQTT wildcards (+ and #) in the event source topic. // // * IOT_CORE – - // Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT - // wildcards (+ and #) in the event source topic. + // Subscribe to Amazon Web Services IoT Core MQTT messages. This event source type + // supports MQTT wildcards (+ and #) in the event source topic. // // This member is required. Type LambdaEventSourceType @@ -713,7 +718,7 @@ type LambdaEventSource struct { noSmithyDocumentSerde } -// Contains parameters for a Lambda function that runs on AWS IoT Greengrass. +// Contains parameters for a Lambda function that runs on IoT Greengrass. type LambdaExecutionParameters struct { // The map of environment variables that are available to the Lambda function when @@ -722,8 +727,8 @@ type LambdaExecutionParameters struct { // The list of event sources to which to subscribe to receive work messages. The // Lambda function runs when it receives a message from an event source. You can - // subscribe this function to local publish/subscribe messages and AWS IoT Core - // MQTT messages. + // subscribe this function to local publish/subscribe messages and Amazon Web + // Services IoT Core MQTT messages. EventSources []LambdaEventSource // The list of arguments to pass to the Lambda function when it runs. @@ -736,28 +741,28 @@ type LambdaExecutionParameters struct { LinuxProcessParams *LambdaLinuxProcessParams // The maximum amount of time in seconds that a non-pinned Lambda function can idle - // before the AWS IoT Greengrass Core software stops its process. + // before the IoT Greengrass Core software stops its process. MaxIdleTimeInSeconds int32 // The maximum number of instances that a non-pinned Lambda function can run at the // same time. MaxInstancesCount int32 - // The maximum size of the message queue for the Lambda function component. The AWS - // IoT Greengrass core stores messages in a FIFO (first-in-first-out) queue until - // it can run the Lambda function to consume each message. + // The maximum size of the message queue for the Lambda function component. The IoT + // Greengrass core stores messages in a FIFO (first-in-first-out) queue until it + // can run the Lambda function to consume each message. MaxQueueSize int32 // Whether or not the Lambda function is pinned, or long-lived. // // * A pinned Lambda - // function starts when AWS IoT Greengrass starts and keeps running in its own + // function starts when IoT Greengrass starts and keeps running in its own // container. // // * A non-pinned Lambda function starts only when it receives a work // item and exists after it idles for maxIdleTimeInSeconds. If the function has - // multiple work items, the AWS IoT Greengrass Core software creates multiple - // instances of the function. + // multiple work items, the IoT Greengrass Core software creates multiple instances + // of the function. // // Default: true Pinned bool @@ -773,8 +778,7 @@ type LambdaExecutionParameters struct { noSmithyDocumentSerde } -// Contains information about an AWS Lambda function to import to create a -// component. +// Contains information about an Lambda function to import to create a component. type LambdaFunctionRecipeSource struct { // The ARN @@ -788,8 +792,8 @@ type LambdaFunctionRecipeSource struct { // The component versions on which this Lambda function component depends. ComponentDependencies map[string]ComponentDependencyRequirement - // The system and runtime parameters for the Lambda function as it runs on the AWS - // IoT Greengrass core device. + // The system and runtime parameters for the Lambda function as it runs on the + // Greengrass core device. ComponentLambdaParameters *LambdaExecutionParameters // The name of the component. Defaults to the name of the Lambda function. @@ -806,14 +810,14 @@ type LambdaFunctionRecipeSource struct { noSmithyDocumentSerde } -// Contains parameters for a Linux process that contains an AWS Lambda function. +// Contains parameters for a Linux process that contains an Lambda function. type LambdaLinuxProcessParams struct { // The parameters for the container in which the Lambda function runs. ContainerParams *LambdaContainerParams // The isolation mode for the process that contains the Lambda function. The - // process can run in an isolated runtime environment inside the AWS IoT Greengrass + // process can run in an isolated runtime environment inside the IoT Greengrass // container, or as a regular process outside any container. Default: // GreengrassContainer IsolationMode LambdaIsolationMode @@ -822,8 +826,8 @@ type LambdaLinuxProcessParams struct { } // Contains information about a volume that Linux processes in a container can -// access. When you define a volume, the AWS IoT Greengrass Core software mounts -// the source files to the destination inside the container. +// access. When you define a volume, the IoT Greengrass Core software mounts the +// source files to the destination inside the container. type LambdaVolumeMount struct { // The path to the logical volume in the file system. @@ -836,8 +840,8 @@ type LambdaVolumeMount struct { // This member is required. SourcePath *string - // Whether or not to add the AWS IoT Greengrass user group as an owner of the - // volume. Default: false + // Whether or not to add the IoT Greengrass user group as an owner of the volume. + // Default: false AddGroupOwner bool // The permission to access the volume: read/only (ro) or read/write (rw). Default: @@ -848,7 +852,7 @@ type LambdaVolumeMount struct { } // Contains information about a component version that is compatible to run on a -// AWS IoT Greengrass core device. +// Greengrass core device. type ResolvedComponentVersion struct { // The ARN @@ -868,6 +872,29 @@ type ResolvedComponentVersion struct { noSmithyDocumentSerde } +// Contains information about system resource limits that the IoT Greengrass Core +// software applies to a component's processes. For more information, see Configure +// system resource limits for components +// (https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits). +type SystemResourceLimits struct { + + // The maximum amount of CPU time that a component's processes can use on the core + // device. A core device's total CPU time is equivalent to the device's number of + // CPU cores. For example, on a core device with 4 CPU cores, you can set this + // value to 2 to limit the component's processes to 50 percent usage of each CPU + // core. On a device with 1 CPU core, you can set this value to 0.25 to limit the + // component's processes to 25 percent usage of the CPU. If you set this value to a + // number greater than the number of CPU cores, the IoT Greengrass Core software + // doesn't limit the component's CPU usage. + Cpus float64 + + // The maximum amount of RAM, expressed in kilobytes, that a component's processes + // can use on the core device. + Memory int64 + + noSmithyDocumentSerde +} + // Contains information about a validation exception field. type ValidationExceptionField struct { diff --git a/service/sagemaker/api_op_CreateEndpoint.go b/service/sagemaker/api_op_CreateEndpoint.go index 732dc76fe72..3e01d53f3db 100644 --- a/service/sagemaker/api_op_CreateEndpoint.go +++ b/service/sagemaker/api_op_CreateEndpoint.go @@ -16,9 +16,8 @@ import ( // create the endpoint configuration with the CreateEndpointConfig API. Use this // API to deploy models using Amazon SageMaker hosting services. For an example // that calls this method when deploying a model to Amazon SageMaker hosting -// services, see Deploy the Model to Amazon SageMaker Hosting Services (Amazon Web -// Services SDK for Python (Boto 3)). -// (https://docs.aws.amazon.com/sagemaker/latest/dg/ex1-deploy-model.html#ex1-deploy-model-boto) +// services, see the Create Endpoint example notebook. +// (https://github.com/aws/amazon-sagemaker-examples/blob/master/sagemaker-fundamentals/create-endpoint/create_endpoint.ipynb) // You must not delete an EndpointConfig that is in use by an endpoint that is live // or while the UpdateEndpoint or CreateEndpoint operations are being performed on // the endpoint. To update an endpoint, you must create a new EndpointConfig. The diff --git a/service/sagemaker/api_op_DescribeImage.go b/service/sagemaker/api_op_DescribeImage.go index e1b3ca33a88..9b0a745dd78 100644 --- a/service/sagemaker/api_op_DescribeImage.go +++ b/service/sagemaker/api_op_DescribeImage.go @@ -4,11 +4,17 @@ package sagemaker import ( "context" + "errors" + "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/sagemaker/types" + smithy "github.com/aws/smithy-go" "github.com/aws/smithy-go/middleware" + smithytime "github.com/aws/smithy-go/time" smithyhttp "github.com/aws/smithy-go/transport/http" + smithywaiter "github.com/aws/smithy-go/waiter" + "github.com/jmespath/go-jmespath" "time" ) @@ -137,6 +143,548 @@ func (c *Client) addOperationDescribeImageMiddlewares(stack *middleware.Stack, o return nil } +// DescribeImageAPIClient is a client that implements the DescribeImage operation. +type DescribeImageAPIClient interface { + DescribeImage(context.Context, *DescribeImageInput, ...func(*Options)) (*DescribeImageOutput, error) +} + +var _ DescribeImageAPIClient = (*Client)(nil) + +// ImageCreatedWaiterOptions are waiter options for ImageCreatedWaiter +type ImageCreatedWaiterOptions struct { + + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // MinDelay is the minimum amount of time to delay between retries. If unset, + // ImageCreatedWaiter will use default minimum delay of 60 seconds. Note that + // MinDelay must resolve to a value lesser than or equal to the MaxDelay. + MinDelay time.Duration + + // MaxDelay is the maximum amount of time to delay between retries. If unset or set + // to zero, ImageCreatedWaiter will use default max delay of 120 seconds. Note that + // MaxDelay must resolve to value greater than or equal to the MinDelay. + MaxDelay time.Duration + + // LogWaitAttempts is used to enable logging for waiter retry attempts + LogWaitAttempts bool + + // Retryable is function that can be used to override the service defined + // waiter-behavior based on operation output, or returned error. This function is + // used by the waiter to decide if a state is retryable or a terminal state. By + // default service-modeled logic will populate this option. This option can thus be + // used to define a custom waiter state with fall-back to service-modeled waiter + // state mutators.The function returns an error in case of a failure state. In case + // of retry state, this function returns a bool value of true and nil error, while + // in case of success it returns a bool value of false and nil error. + Retryable func(context.Context, *DescribeImageInput, *DescribeImageOutput, error) (bool, error) +} + +// ImageCreatedWaiter defines the waiters for ImageCreated +type ImageCreatedWaiter struct { + client DescribeImageAPIClient + + options ImageCreatedWaiterOptions +} + +// NewImageCreatedWaiter constructs a ImageCreatedWaiter. +func NewImageCreatedWaiter(client DescribeImageAPIClient, optFns ...func(*ImageCreatedWaiterOptions)) *ImageCreatedWaiter { + options := ImageCreatedWaiterOptions{} + options.MinDelay = 60 * time.Second + options.MaxDelay = 120 * time.Second + options.Retryable = imageCreatedStateRetryable + + for _, fn := range optFns { + fn(&options) + } + return &ImageCreatedWaiter{ + client: client, + options: options, + } +} + +// Wait calls the waiter function for ImageCreated waiter. The maxWaitDur is the +// maximum wait duration the waiter will wait. The maxWaitDur is required and must +// be greater than zero. +func (w *ImageCreatedWaiter) Wait(ctx context.Context, params *DescribeImageInput, maxWaitDur time.Duration, optFns ...func(*ImageCreatedWaiterOptions)) error { + if maxWaitDur <= 0 { + return fmt.Errorf("maximum wait time for waiter must be greater than zero") + } + + options := w.options + for _, fn := range optFns { + fn(&options) + } + + if options.MaxDelay <= 0 { + options.MaxDelay = 120 * time.Second + } + + if options.MinDelay > options.MaxDelay { + return fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay) + } + + ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur) + defer cancelFn() + + logger := smithywaiter.Logger{} + remainingTime := maxWaitDur + + var attempt int64 + for { + + attempt++ + apiOptions := options.APIOptions + start := time.Now() + + if options.LogWaitAttempts { + logger.Attempt = attempt + apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...) + apiOptions = append(apiOptions, logger.AddLogger) + } + + out, err := w.client.DescribeImage(ctx, params, func(o *Options) { + o.APIOptions = append(o.APIOptions, apiOptions...) + }) + + retryable, err := options.Retryable(ctx, params, out, err) + if err != nil { + return err + } + if !retryable { + return nil + } + + remainingTime -= time.Since(start) + if remainingTime < options.MinDelay || remainingTime <= 0 { + break + } + + // compute exponential backoff between waiter retries + delay, err := smithywaiter.ComputeDelay( + attempt, options.MinDelay, options.MaxDelay, remainingTime, + ) + if err != nil { + return fmt.Errorf("error computing waiter delay, %w", err) + } + + remainingTime -= delay + // sleep for the delay amount before invoking a request + if err := smithytime.SleepWithContext(ctx, delay); err != nil { + return fmt.Errorf("request cancelled while waiting, %w", err) + } + } + return fmt.Errorf("exceeded max wait time for ImageCreated waiter") +} + +func imageCreatedStateRetryable(ctx context.Context, input *DescribeImageInput, output *DescribeImageOutput, err error) (bool, error) { + + if err == nil { + pathValue, err := jmespath.Search("ImageStatus", output) + if err != nil { + return false, fmt.Errorf("error evaluating waiter state: %w", err) + } + + expectedValue := "CREATED" + value, ok := pathValue.(types.ImageStatus) + if !ok { + return false, fmt.Errorf("waiter comparator expected types.ImageStatus value, got %T", pathValue) + } + + if string(value) == expectedValue { + return false, nil + } + } + + if err == nil { + pathValue, err := jmespath.Search("ImageStatus", output) + if err != nil { + return false, fmt.Errorf("error evaluating waiter state: %w", err) + } + + expectedValue := "CREATE_FAILED" + value, ok := pathValue.(types.ImageStatus) + if !ok { + return false, fmt.Errorf("waiter comparator expected types.ImageStatus value, got %T", pathValue) + } + + if string(value) == expectedValue { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + if err != nil { + var apiErr smithy.APIError + ok := errors.As(err, &apiErr) + if !ok { + return false, fmt.Errorf("expected err to be of type smithy.APIError, got %w", err) + } + + if "ValidationException" == apiErr.ErrorCode() { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + return true, nil +} + +// ImageDeletedWaiterOptions are waiter options for ImageDeletedWaiter +type ImageDeletedWaiterOptions struct { + + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // MinDelay is the minimum amount of time to delay between retries. If unset, + // ImageDeletedWaiter will use default minimum delay of 60 seconds. Note that + // MinDelay must resolve to a value lesser than or equal to the MaxDelay. + MinDelay time.Duration + + // MaxDelay is the maximum amount of time to delay between retries. If unset or set + // to zero, ImageDeletedWaiter will use default max delay of 120 seconds. Note that + // MaxDelay must resolve to value greater than or equal to the MinDelay. + MaxDelay time.Duration + + // LogWaitAttempts is used to enable logging for waiter retry attempts + LogWaitAttempts bool + + // Retryable is function that can be used to override the service defined + // waiter-behavior based on operation output, or returned error. This function is + // used by the waiter to decide if a state is retryable or a terminal state. By + // default service-modeled logic will populate this option. This option can thus be + // used to define a custom waiter state with fall-back to service-modeled waiter + // state mutators.The function returns an error in case of a failure state. In case + // of retry state, this function returns a bool value of true and nil error, while + // in case of success it returns a bool value of false and nil error. + Retryable func(context.Context, *DescribeImageInput, *DescribeImageOutput, error) (bool, error) +} + +// ImageDeletedWaiter defines the waiters for ImageDeleted +type ImageDeletedWaiter struct { + client DescribeImageAPIClient + + options ImageDeletedWaiterOptions +} + +// NewImageDeletedWaiter constructs a ImageDeletedWaiter. +func NewImageDeletedWaiter(client DescribeImageAPIClient, optFns ...func(*ImageDeletedWaiterOptions)) *ImageDeletedWaiter { + options := ImageDeletedWaiterOptions{} + options.MinDelay = 60 * time.Second + options.MaxDelay = 120 * time.Second + options.Retryable = imageDeletedStateRetryable + + for _, fn := range optFns { + fn(&options) + } + return &ImageDeletedWaiter{ + client: client, + options: options, + } +} + +// Wait calls the waiter function for ImageDeleted waiter. The maxWaitDur is the +// maximum wait duration the waiter will wait. The maxWaitDur is required and must +// be greater than zero. +func (w *ImageDeletedWaiter) Wait(ctx context.Context, params *DescribeImageInput, maxWaitDur time.Duration, optFns ...func(*ImageDeletedWaiterOptions)) error { + if maxWaitDur <= 0 { + return fmt.Errorf("maximum wait time for waiter must be greater than zero") + } + + options := w.options + for _, fn := range optFns { + fn(&options) + } + + if options.MaxDelay <= 0 { + options.MaxDelay = 120 * time.Second + } + + if options.MinDelay > options.MaxDelay { + return fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay) + } + + ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur) + defer cancelFn() + + logger := smithywaiter.Logger{} + remainingTime := maxWaitDur + + var attempt int64 + for { + + attempt++ + apiOptions := options.APIOptions + start := time.Now() + + if options.LogWaitAttempts { + logger.Attempt = attempt + apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...) + apiOptions = append(apiOptions, logger.AddLogger) + } + + out, err := w.client.DescribeImage(ctx, params, func(o *Options) { + o.APIOptions = append(o.APIOptions, apiOptions...) + }) + + retryable, err := options.Retryable(ctx, params, out, err) + if err != nil { + return err + } + if !retryable { + return nil + } + + remainingTime -= time.Since(start) + if remainingTime < options.MinDelay || remainingTime <= 0 { + break + } + + // compute exponential backoff between waiter retries + delay, err := smithywaiter.ComputeDelay( + attempt, options.MinDelay, options.MaxDelay, remainingTime, + ) + if err != nil { + return fmt.Errorf("error computing waiter delay, %w", err) + } + + remainingTime -= delay + // sleep for the delay amount before invoking a request + if err := smithytime.SleepWithContext(ctx, delay); err != nil { + return fmt.Errorf("request cancelled while waiting, %w", err) + } + } + return fmt.Errorf("exceeded max wait time for ImageDeleted waiter") +} + +func imageDeletedStateRetryable(ctx context.Context, input *DescribeImageInput, output *DescribeImageOutput, err error) (bool, error) { + + if err != nil { + var apiErr smithy.APIError + ok := errors.As(err, &apiErr) + if !ok { + return false, fmt.Errorf("expected err to be of type smithy.APIError, got %w", err) + } + + if "ResourceNotFoundException" == apiErr.ErrorCode() { + return false, nil + } + } + + if err == nil { + pathValue, err := jmespath.Search("ImageStatus", output) + if err != nil { + return false, fmt.Errorf("error evaluating waiter state: %w", err) + } + + expectedValue := "DELETE_FAILED" + value, ok := pathValue.(types.ImageStatus) + if !ok { + return false, fmt.Errorf("waiter comparator expected types.ImageStatus value, got %T", pathValue) + } + + if string(value) == expectedValue { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + if err != nil { + var apiErr smithy.APIError + ok := errors.As(err, &apiErr) + if !ok { + return false, fmt.Errorf("expected err to be of type smithy.APIError, got %w", err) + } + + if "ValidationException" == apiErr.ErrorCode() { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + return true, nil +} + +// ImageUpdatedWaiterOptions are waiter options for ImageUpdatedWaiter +type ImageUpdatedWaiterOptions struct { + + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // MinDelay is the minimum amount of time to delay between retries. If unset, + // ImageUpdatedWaiter will use default minimum delay of 60 seconds. Note that + // MinDelay must resolve to a value lesser than or equal to the MaxDelay. + MinDelay time.Duration + + // MaxDelay is the maximum amount of time to delay between retries. If unset or set + // to zero, ImageUpdatedWaiter will use default max delay of 120 seconds. Note that + // MaxDelay must resolve to value greater than or equal to the MinDelay. + MaxDelay time.Duration + + // LogWaitAttempts is used to enable logging for waiter retry attempts + LogWaitAttempts bool + + // Retryable is function that can be used to override the service defined + // waiter-behavior based on operation output, or returned error. This function is + // used by the waiter to decide if a state is retryable or a terminal state. By + // default service-modeled logic will populate this option. This option can thus be + // used to define a custom waiter state with fall-back to service-modeled waiter + // state mutators.The function returns an error in case of a failure state. In case + // of retry state, this function returns a bool value of true and nil error, while + // in case of success it returns a bool value of false and nil error. + Retryable func(context.Context, *DescribeImageInput, *DescribeImageOutput, error) (bool, error) +} + +// ImageUpdatedWaiter defines the waiters for ImageUpdated +type ImageUpdatedWaiter struct { + client DescribeImageAPIClient + + options ImageUpdatedWaiterOptions +} + +// NewImageUpdatedWaiter constructs a ImageUpdatedWaiter. +func NewImageUpdatedWaiter(client DescribeImageAPIClient, optFns ...func(*ImageUpdatedWaiterOptions)) *ImageUpdatedWaiter { + options := ImageUpdatedWaiterOptions{} + options.MinDelay = 60 * time.Second + options.MaxDelay = 120 * time.Second + options.Retryable = imageUpdatedStateRetryable + + for _, fn := range optFns { + fn(&options) + } + return &ImageUpdatedWaiter{ + client: client, + options: options, + } +} + +// Wait calls the waiter function for ImageUpdated waiter. The maxWaitDur is the +// maximum wait duration the waiter will wait. The maxWaitDur is required and must +// be greater than zero. +func (w *ImageUpdatedWaiter) Wait(ctx context.Context, params *DescribeImageInput, maxWaitDur time.Duration, optFns ...func(*ImageUpdatedWaiterOptions)) error { + if maxWaitDur <= 0 { + return fmt.Errorf("maximum wait time for waiter must be greater than zero") + } + + options := w.options + for _, fn := range optFns { + fn(&options) + } + + if options.MaxDelay <= 0 { + options.MaxDelay = 120 * time.Second + } + + if options.MinDelay > options.MaxDelay { + return fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay) + } + + ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur) + defer cancelFn() + + logger := smithywaiter.Logger{} + remainingTime := maxWaitDur + + var attempt int64 + for { + + attempt++ + apiOptions := options.APIOptions + start := time.Now() + + if options.LogWaitAttempts { + logger.Attempt = attempt + apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...) + apiOptions = append(apiOptions, logger.AddLogger) + } + + out, err := w.client.DescribeImage(ctx, params, func(o *Options) { + o.APIOptions = append(o.APIOptions, apiOptions...) + }) + + retryable, err := options.Retryable(ctx, params, out, err) + if err != nil { + return err + } + if !retryable { + return nil + } + + remainingTime -= time.Since(start) + if remainingTime < options.MinDelay || remainingTime <= 0 { + break + } + + // compute exponential backoff between waiter retries + delay, err := smithywaiter.ComputeDelay( + attempt, options.MinDelay, options.MaxDelay, remainingTime, + ) + if err != nil { + return fmt.Errorf("error computing waiter delay, %w", err) + } + + remainingTime -= delay + // sleep for the delay amount before invoking a request + if err := smithytime.SleepWithContext(ctx, delay); err != nil { + return fmt.Errorf("request cancelled while waiting, %w", err) + } + } + return fmt.Errorf("exceeded max wait time for ImageUpdated waiter") +} + +func imageUpdatedStateRetryable(ctx context.Context, input *DescribeImageInput, output *DescribeImageOutput, err error) (bool, error) { + + if err == nil { + pathValue, err := jmespath.Search("ImageStatus", output) + if err != nil { + return false, fmt.Errorf("error evaluating waiter state: %w", err) + } + + expectedValue := "CREATED" + value, ok := pathValue.(types.ImageStatus) + if !ok { + return false, fmt.Errorf("waiter comparator expected types.ImageStatus value, got %T", pathValue) + } + + if string(value) == expectedValue { + return false, nil + } + } + + if err == nil { + pathValue, err := jmespath.Search("ImageStatus", output) + if err != nil { + return false, fmt.Errorf("error evaluating waiter state: %w", err) + } + + expectedValue := "UPDATE_FAILED" + value, ok := pathValue.(types.ImageStatus) + if !ok { + return false, fmt.Errorf("waiter comparator expected types.ImageStatus value, got %T", pathValue) + } + + if string(value) == expectedValue { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + if err != nil { + var apiErr smithy.APIError + ok := errors.As(err, &apiErr) + if !ok { + return false, fmt.Errorf("expected err to be of type smithy.APIError, got %w", err) + } + + if "ValidationException" == apiErr.ErrorCode() { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + return true, nil +} + func newServiceMetadataMiddleware_opDescribeImage(region string) *awsmiddleware.RegisterServiceMetadata { return &awsmiddleware.RegisterServiceMetadata{ Region: region, diff --git a/service/sagemaker/api_op_DescribeImageVersion.go b/service/sagemaker/api_op_DescribeImageVersion.go index 10584610c3c..5f742a70ce9 100644 --- a/service/sagemaker/api_op_DescribeImageVersion.go +++ b/service/sagemaker/api_op_DescribeImageVersion.go @@ -4,11 +4,17 @@ package sagemaker import ( "context" + "errors" + "fmt" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/aws-sdk-go-v2/service/sagemaker/types" + smithy "github.com/aws/smithy-go" "github.com/aws/smithy-go/middleware" + smithytime "github.com/aws/smithy-go/time" smithyhttp "github.com/aws/smithy-go/transport/http" + smithywaiter "github.com/aws/smithy-go/waiter" + "github.com/jmespath/go-jmespath" "time" ) @@ -139,6 +145,371 @@ func (c *Client) addOperationDescribeImageVersionMiddlewares(stack *middleware.S return nil } +// DescribeImageVersionAPIClient is a client that implements the +// DescribeImageVersion operation. +type DescribeImageVersionAPIClient interface { + DescribeImageVersion(context.Context, *DescribeImageVersionInput, ...func(*Options)) (*DescribeImageVersionOutput, error) +} + +var _ DescribeImageVersionAPIClient = (*Client)(nil) + +// ImageVersionCreatedWaiterOptions are waiter options for +// ImageVersionCreatedWaiter +type ImageVersionCreatedWaiterOptions struct { + + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // MinDelay is the minimum amount of time to delay between retries. If unset, + // ImageVersionCreatedWaiter will use default minimum delay of 60 seconds. Note + // that MinDelay must resolve to a value lesser than or equal to the MaxDelay. + MinDelay time.Duration + + // MaxDelay is the maximum amount of time to delay between retries. If unset or set + // to zero, ImageVersionCreatedWaiter will use default max delay of 120 seconds. + // Note that MaxDelay must resolve to value greater than or equal to the MinDelay. + MaxDelay time.Duration + + // LogWaitAttempts is used to enable logging for waiter retry attempts + LogWaitAttempts bool + + // Retryable is function that can be used to override the service defined + // waiter-behavior based on operation output, or returned error. This function is + // used by the waiter to decide if a state is retryable or a terminal state. By + // default service-modeled logic will populate this option. This option can thus be + // used to define a custom waiter state with fall-back to service-modeled waiter + // state mutators.The function returns an error in case of a failure state. In case + // of retry state, this function returns a bool value of true and nil error, while + // in case of success it returns a bool value of false and nil error. + Retryable func(context.Context, *DescribeImageVersionInput, *DescribeImageVersionOutput, error) (bool, error) +} + +// ImageVersionCreatedWaiter defines the waiters for ImageVersionCreated +type ImageVersionCreatedWaiter struct { + client DescribeImageVersionAPIClient + + options ImageVersionCreatedWaiterOptions +} + +// NewImageVersionCreatedWaiter constructs a ImageVersionCreatedWaiter. +func NewImageVersionCreatedWaiter(client DescribeImageVersionAPIClient, optFns ...func(*ImageVersionCreatedWaiterOptions)) *ImageVersionCreatedWaiter { + options := ImageVersionCreatedWaiterOptions{} + options.MinDelay = 60 * time.Second + options.MaxDelay = 120 * time.Second + options.Retryable = imageVersionCreatedStateRetryable + + for _, fn := range optFns { + fn(&options) + } + return &ImageVersionCreatedWaiter{ + client: client, + options: options, + } +} + +// Wait calls the waiter function for ImageVersionCreated waiter. The maxWaitDur is +// the maximum wait duration the waiter will wait. The maxWaitDur is required and +// must be greater than zero. +func (w *ImageVersionCreatedWaiter) Wait(ctx context.Context, params *DescribeImageVersionInput, maxWaitDur time.Duration, optFns ...func(*ImageVersionCreatedWaiterOptions)) error { + if maxWaitDur <= 0 { + return fmt.Errorf("maximum wait time for waiter must be greater than zero") + } + + options := w.options + for _, fn := range optFns { + fn(&options) + } + + if options.MaxDelay <= 0 { + options.MaxDelay = 120 * time.Second + } + + if options.MinDelay > options.MaxDelay { + return fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay) + } + + ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur) + defer cancelFn() + + logger := smithywaiter.Logger{} + remainingTime := maxWaitDur + + var attempt int64 + for { + + attempt++ + apiOptions := options.APIOptions + start := time.Now() + + if options.LogWaitAttempts { + logger.Attempt = attempt + apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...) + apiOptions = append(apiOptions, logger.AddLogger) + } + + out, err := w.client.DescribeImageVersion(ctx, params, func(o *Options) { + o.APIOptions = append(o.APIOptions, apiOptions...) + }) + + retryable, err := options.Retryable(ctx, params, out, err) + if err != nil { + return err + } + if !retryable { + return nil + } + + remainingTime -= time.Since(start) + if remainingTime < options.MinDelay || remainingTime <= 0 { + break + } + + // compute exponential backoff between waiter retries + delay, err := smithywaiter.ComputeDelay( + attempt, options.MinDelay, options.MaxDelay, remainingTime, + ) + if err != nil { + return fmt.Errorf("error computing waiter delay, %w", err) + } + + remainingTime -= delay + // sleep for the delay amount before invoking a request + if err := smithytime.SleepWithContext(ctx, delay); err != nil { + return fmt.Errorf("request cancelled while waiting, %w", err) + } + } + return fmt.Errorf("exceeded max wait time for ImageVersionCreated waiter") +} + +func imageVersionCreatedStateRetryable(ctx context.Context, input *DescribeImageVersionInput, output *DescribeImageVersionOutput, err error) (bool, error) { + + if err == nil { + pathValue, err := jmespath.Search("ImageVersionStatus", output) + if err != nil { + return false, fmt.Errorf("error evaluating waiter state: %w", err) + } + + expectedValue := "CREATED" + value, ok := pathValue.(types.ImageVersionStatus) + if !ok { + return false, fmt.Errorf("waiter comparator expected types.ImageVersionStatus value, got %T", pathValue) + } + + if string(value) == expectedValue { + return false, nil + } + } + + if err == nil { + pathValue, err := jmespath.Search("ImageVersionStatus", output) + if err != nil { + return false, fmt.Errorf("error evaluating waiter state: %w", err) + } + + expectedValue := "CREATE_FAILED" + value, ok := pathValue.(types.ImageVersionStatus) + if !ok { + return false, fmt.Errorf("waiter comparator expected types.ImageVersionStatus value, got %T", pathValue) + } + + if string(value) == expectedValue { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + if err != nil { + var apiErr smithy.APIError + ok := errors.As(err, &apiErr) + if !ok { + return false, fmt.Errorf("expected err to be of type smithy.APIError, got %w", err) + } + + if "ValidationException" == apiErr.ErrorCode() { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + return true, nil +} + +// ImageVersionDeletedWaiterOptions are waiter options for +// ImageVersionDeletedWaiter +type ImageVersionDeletedWaiterOptions struct { + + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // MinDelay is the minimum amount of time to delay between retries. If unset, + // ImageVersionDeletedWaiter will use default minimum delay of 60 seconds. Note + // that MinDelay must resolve to a value lesser than or equal to the MaxDelay. + MinDelay time.Duration + + // MaxDelay is the maximum amount of time to delay between retries. If unset or set + // to zero, ImageVersionDeletedWaiter will use default max delay of 120 seconds. + // Note that MaxDelay must resolve to value greater than or equal to the MinDelay. + MaxDelay time.Duration + + // LogWaitAttempts is used to enable logging for waiter retry attempts + LogWaitAttempts bool + + // Retryable is function that can be used to override the service defined + // waiter-behavior based on operation output, or returned error. This function is + // used by the waiter to decide if a state is retryable or a terminal state. By + // default service-modeled logic will populate this option. This option can thus be + // used to define a custom waiter state with fall-back to service-modeled waiter + // state mutators.The function returns an error in case of a failure state. In case + // of retry state, this function returns a bool value of true and nil error, while + // in case of success it returns a bool value of false and nil error. + Retryable func(context.Context, *DescribeImageVersionInput, *DescribeImageVersionOutput, error) (bool, error) +} + +// ImageVersionDeletedWaiter defines the waiters for ImageVersionDeleted +type ImageVersionDeletedWaiter struct { + client DescribeImageVersionAPIClient + + options ImageVersionDeletedWaiterOptions +} + +// NewImageVersionDeletedWaiter constructs a ImageVersionDeletedWaiter. +func NewImageVersionDeletedWaiter(client DescribeImageVersionAPIClient, optFns ...func(*ImageVersionDeletedWaiterOptions)) *ImageVersionDeletedWaiter { + options := ImageVersionDeletedWaiterOptions{} + options.MinDelay = 60 * time.Second + options.MaxDelay = 120 * time.Second + options.Retryable = imageVersionDeletedStateRetryable + + for _, fn := range optFns { + fn(&options) + } + return &ImageVersionDeletedWaiter{ + client: client, + options: options, + } +} + +// Wait calls the waiter function for ImageVersionDeleted waiter. The maxWaitDur is +// the maximum wait duration the waiter will wait. The maxWaitDur is required and +// must be greater than zero. +func (w *ImageVersionDeletedWaiter) Wait(ctx context.Context, params *DescribeImageVersionInput, maxWaitDur time.Duration, optFns ...func(*ImageVersionDeletedWaiterOptions)) error { + if maxWaitDur <= 0 { + return fmt.Errorf("maximum wait time for waiter must be greater than zero") + } + + options := w.options + for _, fn := range optFns { + fn(&options) + } + + if options.MaxDelay <= 0 { + options.MaxDelay = 120 * time.Second + } + + if options.MinDelay > options.MaxDelay { + return fmt.Errorf("minimum waiter delay %v must be lesser than or equal to maximum waiter delay of %v.", options.MinDelay, options.MaxDelay) + } + + ctx, cancelFn := context.WithTimeout(ctx, maxWaitDur) + defer cancelFn() + + logger := smithywaiter.Logger{} + remainingTime := maxWaitDur + + var attempt int64 + for { + + attempt++ + apiOptions := options.APIOptions + start := time.Now() + + if options.LogWaitAttempts { + logger.Attempt = attempt + apiOptions = append([]func(*middleware.Stack) error{}, options.APIOptions...) + apiOptions = append(apiOptions, logger.AddLogger) + } + + out, err := w.client.DescribeImageVersion(ctx, params, func(o *Options) { + o.APIOptions = append(o.APIOptions, apiOptions...) + }) + + retryable, err := options.Retryable(ctx, params, out, err) + if err != nil { + return err + } + if !retryable { + return nil + } + + remainingTime -= time.Since(start) + if remainingTime < options.MinDelay || remainingTime <= 0 { + break + } + + // compute exponential backoff between waiter retries + delay, err := smithywaiter.ComputeDelay( + attempt, options.MinDelay, options.MaxDelay, remainingTime, + ) + if err != nil { + return fmt.Errorf("error computing waiter delay, %w", err) + } + + remainingTime -= delay + // sleep for the delay amount before invoking a request + if err := smithytime.SleepWithContext(ctx, delay); err != nil { + return fmt.Errorf("request cancelled while waiting, %w", err) + } + } + return fmt.Errorf("exceeded max wait time for ImageVersionDeleted waiter") +} + +func imageVersionDeletedStateRetryable(ctx context.Context, input *DescribeImageVersionInput, output *DescribeImageVersionOutput, err error) (bool, error) { + + if err != nil { + var apiErr smithy.APIError + ok := errors.As(err, &apiErr) + if !ok { + return false, fmt.Errorf("expected err to be of type smithy.APIError, got %w", err) + } + + if "ResourceNotFoundException" == apiErr.ErrorCode() { + return false, nil + } + } + + if err == nil { + pathValue, err := jmespath.Search("ImageVersionStatus", output) + if err != nil { + return false, fmt.Errorf("error evaluating waiter state: %w", err) + } + + expectedValue := "DELETE_FAILED" + value, ok := pathValue.(types.ImageVersionStatus) + if !ok { + return false, fmt.Errorf("waiter comparator expected types.ImageVersionStatus value, got %T", pathValue) + } + + if string(value) == expectedValue { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + if err != nil { + var apiErr smithy.APIError + ok := errors.As(err, &apiErr) + if !ok { + return false, fmt.Errorf("expected err to be of type smithy.APIError, got %w", err) + } + + if "ValidationException" == apiErr.ErrorCode() { + return false, fmt.Errorf("waiter state transitioned to Failure") + } + } + + return true, nil +} + func newServiceMetadataMiddleware_opDescribeImageVersion(region string) *awsmiddleware.RegisterServiceMetadata { return &awsmiddleware.RegisterServiceMetadata{ Region: region, diff --git a/service/sagemaker/deserializers.go b/service/sagemaker/deserializers.go index 3146ff49743..c085edbc746 100644 --- a/service/sagemaker/deserializers.go +++ b/service/sagemaker/deserializers.go @@ -37600,6 +37600,51 @@ func awsAwsjson11_deserializeDocumentLabelingJobSummaryList(v *[]types.LabelingJ return nil } +func awsAwsjson11_deserializeDocumentLambdaStepMetadata(v **types.LambdaStepMetadata, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.LambdaStepMetadata + if *v == nil { + sv = &types.LambdaStepMetadata{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "Arn": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected String256 to be of type string, got %T instead", value) + } + sv.Arn = ptr.String(jtv) + } + + case "OutputParameters": + if err := awsAwsjson11_deserializeDocumentOutputParameterList(&sv.OutputParameters, value); err != nil { + return err + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsAwsjson11_deserializeDocumentLineageEntityParameters(v *map[string]string, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -43419,6 +43464,11 @@ func awsAwsjson11_deserializeDocumentPipelineExecutionStepMetadata(v **types.Pip return err } + case "Lambda": + if err := awsAwsjson11_deserializeDocumentLambdaStepMetadata(&sv.Lambda, value); err != nil { + return err + } + case "Model": if err := awsAwsjson11_deserializeDocumentModelStepMetadata(&sv.Model, value); err != nil { return err diff --git a/service/sagemaker/types/enums.go b/service/sagemaker/types/enums.go index 3704f899ce4..85321b86b99 100644 --- a/service/sagemaker/types/enums.go +++ b/service/sagemaker/types/enums.go @@ -109,6 +109,14 @@ const ( AppInstanceTypeMlM512xlarge AppInstanceType = "ml.m5.12xlarge" AppInstanceTypeMlM516xlarge AppInstanceType = "ml.m5.16xlarge" AppInstanceTypeMlM524xlarge AppInstanceType = "ml.m5.24xlarge" + AppInstanceTypeMlM5dLarge AppInstanceType = "ml.m5d.large" + AppInstanceTypeMlM5dXlarge AppInstanceType = "ml.m5d.xlarge" + AppInstanceTypeMlM5d2xlarge AppInstanceType = "ml.m5d.2xlarge" + AppInstanceTypeMlM5d4xlarge AppInstanceType = "ml.m5d.4xlarge" + AppInstanceTypeMlM5d8xlarge AppInstanceType = "ml.m5d.8xlarge" + AppInstanceTypeMlM5d12xlarge AppInstanceType = "ml.m5d.12xlarge" + AppInstanceTypeMlM5d16xlarge AppInstanceType = "ml.m5d.16xlarge" + AppInstanceTypeMlM5d24xlarge AppInstanceType = "ml.m5d.24xlarge" AppInstanceTypeMlC5Large AppInstanceType = "ml.c5.large" AppInstanceTypeMlC5Xlarge AppInstanceType = "ml.c5.xlarge" AppInstanceTypeMlC52xlarge AppInstanceType = "ml.c5.2xlarge" @@ -120,12 +128,21 @@ const ( AppInstanceTypeMlP32xlarge AppInstanceType = "ml.p3.2xlarge" AppInstanceTypeMlP38xlarge AppInstanceType = "ml.p3.8xlarge" AppInstanceTypeMlP316xlarge AppInstanceType = "ml.p3.16xlarge" + AppInstanceTypeMlP3dn24xlarge AppInstanceType = "ml.p3dn.24xlarge" AppInstanceTypeMlG4dnXlarge AppInstanceType = "ml.g4dn.xlarge" AppInstanceTypeMlG4dn2xlarge AppInstanceType = "ml.g4dn.2xlarge" AppInstanceTypeMlG4dn4xlarge AppInstanceType = "ml.g4dn.4xlarge" AppInstanceTypeMlG4dn8xlarge AppInstanceType = "ml.g4dn.8xlarge" AppInstanceTypeMlG4dn12xlarge AppInstanceType = "ml.g4dn.12xlarge" AppInstanceTypeMlG4dn16xlarge AppInstanceType = "ml.g4dn.16xlarge" + AppInstanceTypeMlR5Large AppInstanceType = "ml.r5.large" + AppInstanceTypeMlR5Xlarge AppInstanceType = "ml.r5.xlarge" + AppInstanceTypeMlR52xlarge AppInstanceType = "ml.r5.2xlarge" + AppInstanceTypeMlR54xlarge AppInstanceType = "ml.r5.4xlarge" + AppInstanceTypeMlR58xlarge AppInstanceType = "ml.r5.8xlarge" + AppInstanceTypeMlR512xlarge AppInstanceType = "ml.r5.12xlarge" + AppInstanceTypeMlR516xlarge AppInstanceType = "ml.r5.16xlarge" + AppInstanceTypeMlR524xlarge AppInstanceType = "ml.r5.24xlarge" ) // Values returns all known values for AppInstanceType. Note that this can be @@ -148,6 +165,14 @@ func (AppInstanceType) Values() []AppInstanceType { "ml.m5.12xlarge", "ml.m5.16xlarge", "ml.m5.24xlarge", + "ml.m5d.large", + "ml.m5d.xlarge", + "ml.m5d.2xlarge", + "ml.m5d.4xlarge", + "ml.m5d.8xlarge", + "ml.m5d.12xlarge", + "ml.m5d.16xlarge", + "ml.m5d.24xlarge", "ml.c5.large", "ml.c5.xlarge", "ml.c5.2xlarge", @@ -159,12 +184,21 @@ func (AppInstanceType) Values() []AppInstanceType { "ml.p3.2xlarge", "ml.p3.8xlarge", "ml.p3.16xlarge", + "ml.p3dn.24xlarge", "ml.g4dn.xlarge", "ml.g4dn.2xlarge", "ml.g4dn.4xlarge", "ml.g4dn.8xlarge", "ml.g4dn.12xlarge", "ml.g4dn.16xlarge", + "ml.r5.large", + "ml.r5.xlarge", + "ml.r5.2xlarge", + "ml.r5.4xlarge", + "ml.r5.8xlarge", + "ml.r5.12xlarge", + "ml.r5.16xlarge", + "ml.r5.24xlarge", } } diff --git a/service/sagemaker/types/types.go b/service/sagemaker/types/types.go index 8acadcb40e8..9a77d05c231 100644 --- a/service/sagemaker/types/types.go +++ b/service/sagemaker/types/types.go @@ -6259,6 +6259,19 @@ type LabelingJobSummary struct { noSmithyDocumentSerde } +// Metadata for a Lambda step. +type LambdaStepMetadata struct { + + // The Amazon Resource Name (ARN) of the Lambda function that was run by this step + // execution. + Arn *string + + // A list of the output parameters of the Lambda step. + OutputParameters []OutputParameter + + noSmithyDocumentSerde +} + // Defines an Amazon Cognito or your own OIDC IdP user group that is part of a work // team. type MemberDefinition struct { @@ -8272,20 +8285,27 @@ type PipelineExecutionStep struct { // Metadata for a step execution. type PipelineExecutionStepMetadata struct { - // Metadata about a callback step. + // The URL of the Amazon SQS queue used by this step execution, the pipeline + // generated token, and a list of output parameters. Callback *CallbackStepMetadata - // If this is a Condition step metadata object, details on the condition. + // The outcome of the condition evaluation that was run by this step execution. Condition *ConditionStepMetadata - // Metadata for the Model step. + // The Amazon Resource Name (ARN) of the Lambda function that was run by this step + // execution and a list of output parameters. + Lambda *LambdaStepMetadata + + // The Amazon Resource Name (ARN) of the model that was created by this step + // execution. Model *ModelStepMetadata // The Amazon Resource Name (ARN) of the processing job that was run by this step // execution. ProcessingJob *ProcessingJobStepMetadata - // Metadata for the RegisterModel step. + // The Amazon Resource Name (ARN) of the model package the model was registered to + // by this step execution. RegisterModel *RegisterModelStepMetadata // The Amazon Resource Name (ARN) of the training job that was run by this step @@ -9988,10 +10008,10 @@ type SourceIpConfig struct { // hyperparameter tuning job can run. It also specifies how long a managed Spot // training job has to complete. When the job reaches the time limit, Amazon // SageMaker ends the training or compilation job. Use this API to cap model -// training costs. To stop a job, Amazon SageMaker sends the algorithm the SIGTERM -// signal, which delays job termination for 120 seconds. Algorithms can use this -// 120-second window to save the model artifacts, so the results of training are -// not lost. The training algorithms provided by Amazon SageMaker automatically +// training costs. To stop a training job, Amazon SageMaker sends the algorithm the +// SIGTERM signal, which delays job termination for 120 seconds. Algorithms can use +// this 120-second window to save the model artifacts, so the results of training +// are not lost. The training algorithms provided by Amazon SageMaker automatically // save the intermediate results of a model training job when possible. This // attempt to save artifacts is only a best effort case as model might not be in a // state from which it can be saved. For example, if training has just started, the @@ -10003,10 +10023,13 @@ type SourceIpConfig struct { type StoppingCondition struct { // The maximum length of time, in seconds, that a training or compilation job can - // run. If the job does not complete during this time, Amazon SageMaker ends the - // job. When RetryStrategy is specified in the job request, MaxRuntimeInSeconds - // specifies the maximum time for all of the attempts in total, not each individual - // attempt. The default value is 1 day. The maximum value is 28 days. + // run. For compilation jobs, if the job does not complete during this time, you + // will receive a TimeOut error. We recommend starting with 900 seconds and + // increase as necessary based on your model. For all other jobs, if the job does + // not complete during this time, Amazon SageMaker ends the job. When RetryStrategy + // is specified in the job request, MaxRuntimeInSeconds specifies the maximum time + // for all of the attempts in total, not each individual attempt. The default value + // is 1 day. The maximum value is 28 days. MaxRuntimeInSeconds int32 // The maximum length of time, in seconds, that a managed Spot training job has to diff --git a/service/secretsmanager/api_op_CreateSecret.go b/service/secretsmanager/api_op_CreateSecret.go index aae83818acf..8c2290f88f0 100644 --- a/service/secretsmanager/api_op_CreateSecret.go +++ b/service/secretsmanager/api_op_CreateSecret.go @@ -28,50 +28,53 @@ import ( // // * If you call an // operation to encrypt or decrypt the SecretString or SecretBinary for a secret in -// the same account as the calling user and that secret doesn't specify a AWS KMS -// encryption key, Secrets Manager uses the account's default AWS managed customer -// master key (CMK) with the alias aws/secretsmanager. If this key doesn't already -// exist in your account then Secrets Manager creates it for you automatically. All -// users and roles in the same AWS account automatically have access to use the -// default CMK. Note that if an Secrets Manager API call results in AWS creating -// the account's AWS-managed CMK, it can result in a one-time significant delay in -// returning the result. +// the same account as the calling user and that secret doesn't specify a Amazon +// Web Services KMS encryption key, Secrets Manager uses the account's default +// Amazon Web Services managed customer master key (CMK) with the alias +// aws/secretsmanager. If this key doesn't already exist in your account then +// Secrets Manager creates it for you automatically. All users and roles in the +// same Amazon Web Services account automatically have access to use the default +// CMK. Note that if an Secrets Manager API call results in Amazon Web Services +// creating the account's Amazon Web Services-managed CMK, it can result in a +// one-time significant delay in returning the result. // -// * If the secret resides in a different AWS account from -// the credentials calling an API that requires encryption or decryption of the -// secret value then you must create and use a custom AWS KMS CMK because you can't -// access the default CMK for the account using credentials from a different AWS +// * If the secret resides in +// a different Amazon Web Services account from the credentials calling an API that +// requires encryption or decryption of the secret value then you must create and +// use a custom Amazon Web Services KMS CMK because you can't access the default +// CMK for the account using credentials from a different Amazon Web Services // account. Store the ARN of the CMK in the secret when you create the secret or // when you update it by including it in the KMSKeyId. If you call an API that must // encrypt or decrypt SecretString or SecretBinary using credentials from a -// different account then the AWS KMS key policy must grant cross-account access to -// that other account's user or role for both the kms:GenerateDataKey and -// kms:Decrypt operations. +// different account then the Amazon Web Services KMS key policy must grant +// cross-account access to that other account's user or role for both the +// kms:GenerateDataKey and kms:Decrypt operations. // -// Minimum permissions To run this command, you must have -// the following permissions: +// Minimum permissions To run this +// command, you must have the following permissions: // -// * secretsmanager:CreateSecret +// * +// secretsmanager:CreateSecret +// +// * kms:GenerateDataKey - needed only if you use a +// customer-managed Amazon Web Services KMS key to encrypt the secret. You do not +// need this permission to use the account default Amazon Web Services managed CMK +// for Secrets Manager. // -// * kms:GenerateDataKey -// - needed only if you use a customer-managed AWS KMS key to encrypt the secret. -// You do not need this permission to use the account default AWS managed CMK for +// * kms:Decrypt - needed only if you use a customer-managed +// Amazon Web Services KMS key to encrypt the secret. You do not need this +// permission to use the account default Amazon Web Services managed CMK for // Secrets Manager. // -// * kms:Decrypt - needed only if you use a customer-managed AWS -// KMS key to encrypt the secret. You do not need this permission to use the -// account default AWS managed CMK for Secrets Manager. -// -// * -// secretsmanager:TagResource - needed only if you include the Tags -// parameter. +// * secretsmanager:TagResource - needed only if you include the +// Tags parameter. // // Related operations // // * To delete a secret, use DeleteSecret. // -// * To -// modify an existing secret, use UpdateSecret. +// * +// To modify an existing secret, use UpdateSecret. // // * To create a new version of a // secret, use PutSecretValue. @@ -120,31 +123,31 @@ type CreateSecretInput struct { // (Optional) If you include SecretString or SecretBinary, then an initial version // is created as part of the secret, and this parameter specifies a unique - // identifier for the new version. If you use the AWS CLI or one of the AWS SDK to - // call this operation, then you can leave this parameter empty. The CLI or SDK - // generates a random UUID for you and includes it as the value for this parameter - // in the request. If you don't use the SDK and instead generate a raw HTTP request - // to the Secrets Manager service endpoint, then you must generate a - // ClientRequestToken yourself for the new version and include the value in the - // request. This value helps ensure idempotency. Secrets Manager uses this value to - // prevent the accidental creation of duplicate versions if there are failures and - // retries during a rotation. We recommend that you generate a UUID-type - // (https://wikipedia.org/wiki/Universally_unique_identifier) value to ensure - // uniqueness of your versions within the specified secret. + // identifier for the new version. If you use the Amazon Web Services CLI or one of + // the Amazon Web Services SDK to call this operation, then you can leave this + // parameter empty. The CLI or SDK generates a random UUID for you and includes it + // as the value for this parameter in the request. If you don't use the SDK and + // instead generate a raw HTTP request to the Secrets Manager service endpoint, + // then you must generate a ClientRequestToken yourself for the new version and + // include the value in the request. This value helps ensure idempotency. Secrets + // Manager uses this value to prevent the accidental creation of duplicate versions + // if there are failures and retries during a rotation. We recommend that you + // generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) + // value to ensure uniqueness of your versions within the specified secret. // - // * If the - // ClientRequestToken value isn't already associated with a version of the secret - // then a new version of the secret is created. - // - // * If a version with this value - // already exists and the version SecretString and SecretBinary values are the same - // as those in the request, then the request is ignored. + // * If + // the ClientRequestToken value isn't already associated with a version of the + // secret then a new version of the secret is created. // // * If a version with this - // value already exists and that version's SecretString and SecretBinary values are - // different from those in the request, then the request fails because you cannot - // modify an existing version. Instead, use PutSecretValue to create a new - // version. + // value already exists and the version SecretString and SecretBinary values are + // the same as those in the request, then the request is ignored. + // + // * If a version + // with this value already exists and that version's SecretString and SecretBinary + // values are different from those in the request, then the request fails because + // you cannot modify an existing version. Instead, use PutSecretValue to create a + // new version. // // This value becomes the VersionId of the new version. ClientRequestToken *string @@ -156,13 +159,14 @@ type CreateSecretInput struct { // destination region. ForceOverwriteReplicaSecret bool - // (Optional) Specifies the ARN, Key ID, or alias of the AWS KMS customer master - // key (CMK) to be used to encrypt the SecretString or SecretBinary values in the - // versions stored in this secret. You can specify any of the supported ways to - // identify a AWS KMS key ID. If you need to reference a CMK in a different - // account, you can use only the key ARN or the alias ARN. If you don't specify - // this value, then Secrets Manager defaults to using the AWS account's default CMK - // (the one named aws/secretsmanager). If a AWS KMS CMK with that name doesn't yet + // (Optional) Specifies the ARN, Key ID, or alias of the Amazon Web Services KMS + // customer master key (CMK) to be used to encrypt the SecretString or SecretBinary + // values in the versions stored in this secret. You can specify any of the + // supported ways to identify a Amazon Web Services KMS key ID. If you need to + // reference a CMK in a different account, you can use only the key ARN or the + // alias ARN. If you don't specify this value, then Secrets Manager defaults to + // using the Amazon Web Services account's default CMK (the one named + // aws/secretsmanager). If a Amazon Web Services KMS CMK with that name doesn't yet // exist, then Secrets Manager creates it for you automatically the first time it // needs to encrypt a version's SecretString or SecretBinary fields. You can use // the account default CMK to encrypt and decrypt only if you call this operation @@ -177,7 +181,8 @@ type CreateSecretInput struct { // technique for your tool to pass the contents of the file as a parameter. Either // SecretString or SecretBinary must have a value, but not both. They cannot both // be empty. This parameter is not available using the Secrets Manager console. It - // can be accessed only by using the AWS CLI or one of the AWS SDKs. + // can be accessed only by using the Amazon Web Services CLI or one of the Amazon + // Web Services SDKs. SecretBinary []byte // (Optional) Specifies text data that you want to encrypt and store in this new @@ -191,10 +196,10 @@ type CreateSecretInput struct { // how to format a JSON parameter for the various command line tool environments, // see Using JSON for Parameters // (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) - // in the AWS CLI User Guide. For example: - // {"username":"bob","password":"abc123xyz456"} If your command-line tool or SDK - // requires quotation marks around the parameter, you should use single quotes to - // avoid confusion with the double quotes required in the JSON text. + // in the CLI User Guide. For example: {"username":"bob","password":"abc123xyz456"} + // If your command-line tool or SDK requires quotation marks around the parameter, + // you should use single quotes to avoid confusion with the double quotes required + // in the JSON text. SecretString *string // (Optional) Specifies a list of user-defined tags that are attached to the @@ -216,7 +221,7 @@ type CreateSecretInput struct { // parameter for the various command line tool environments, see Using JSON for // Parameters // (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) - // in the AWS CLI User Guide. For example: + // in the CLI User Guide. For example: // [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}] // If your command-line tool or SDK requires quotation marks around the parameter, // you should use single quotes to avoid confusion with the double quotes required @@ -234,14 +239,15 @@ type CreateSecretInput struct { // values are case sensitive. // // * Do not use the aws: prefix in your tag names or - // values because AWS reserves it for AWS use. You can't edit or delete tag names - // or values with this prefix. Tags with this prefix do not count against your tags - // per secret limit. + // values because Amazon Web Services reserves it for Amazon Web Services use. You + // can't edit or delete tag names or values with this prefix. Tags with this prefix + // do not count against your tags per secret limit. // - // * If you use your tagging schema across multiple services and - // resources, remember other services might have restrictions on allowed - // characters. Generally allowed characters: letters, spaces, and numbers - // representable in UTF-8, plus the following special characters: + - = . _ : / @. + // * If you use your tagging + // schema across multiple services and resources, remember other services might + // have restrictions on allowed characters. Generally allowed characters: letters, + // spaces, and numbers representable in UTF-8, plus the following special + // characters: + - = . _ : / @. Tags []types.Tag noSmithyDocumentSerde diff --git a/service/secretsmanager/api_op_DeleteSecret.go b/service/secretsmanager/api_op_DeleteSecret.go index 8aed18fc583..686d000505f 100644 --- a/service/secretsmanager/api_op_DeleteSecret.go +++ b/service/secretsmanager/api_op_DeleteSecret.go @@ -91,12 +91,12 @@ type DeleteSecretInput struct { // write code to delete and then immediately recreate a secret with the same name, // ensure that your code includes appropriate back off and retry logic. Use this // parameter with caution. This parameter causes the operation to skip the normal - // waiting period before the permanent deletion that AWS would normally impose with - // the RecoveryWindowInDays parameter. If you delete a secret with the - // ForceDeleteWithouRecovery parameter, then you have no opportunity to recover the - // secret. You lose the secret permanently. If you use this parameter and include a - // previously deleted or nonexistent secret, the operation does not return the - // error ResourceNotFoundException in order to correctly handle retries. + // waiting period before the permanent deletion that Amazon Web Services would + // normally impose with the RecoveryWindowInDays parameter. If you delete a secret + // with the ForceDeleteWithouRecovery parameter, then you have no opportunity to + // recover the secret. You lose the secret permanently. If you use this parameter + // and include a previously deleted or nonexistent secret, the operation does not + // return the error ResourceNotFoundException in order to correctly handle retries. ForceDeleteWithoutRecovery bool // (Optional) Specifies the number of days that Secrets Manager waits before diff --git a/service/secretsmanager/api_op_DescribeSecret.go b/service/secretsmanager/api_op_DescribeSecret.go index 40d23986a3c..d1ee97b92fe 100644 --- a/service/secretsmanager/api_op_DescribeSecret.go +++ b/service/secretsmanager/api_op_DescribeSecret.go @@ -30,8 +30,8 @@ import ( // retrieve the encrypted secret information in a version of the secret, use // GetSecretValue. // -// * To list all of the secrets in the AWS account, use -// ListSecrets. +// * To list all of the secrets in the Amazon Web Services +// account, use ListSecrets. func (c *Client) DescribeSecret(ctx context.Context, params *DescribeSecretInput, optFns ...func(*Options)) (*DescribeSecretOutput, error) { if params == nil { params = &DescribeSecretInput{} @@ -91,11 +91,11 @@ type DescribeSecretOutput struct { // The user-provided description of the secret. Description *string - // The ARN or alias of the AWS KMS customer master key (CMK) that's used to encrypt - // the SecretString or SecretBinary fields in each version of the secret. If you - // don't provide a key, then Secrets Manager defaults to encrypting the secret - // fields with the default AWS KMS CMK (the one named awssecretsmanager) for this - // account. + // The ARN or alias of the Amazon Web Services KMS customer master key (CMK) that's + // used to encrypt the SecretString or SecretBinary fields in each version of the + // secret. If you don't provide a key, then Secrets Manager defaults to encrypting + // the secret fields with the default Amazon Web Services KMS CMK (the one named + // awssecretsmanager) for this account. KmsKeyId *string // The last date that this secret was accessed. This value is truncated to midnight diff --git a/service/secretsmanager/api_op_GetResourcePolicy.go b/service/secretsmanager/api_op_GetResourcePolicy.go index 2d1260f79c5..6565f244f14 100644 --- a/service/secretsmanager/api_op_GetResourcePolicy.go +++ b/service/secretsmanager/api_op_GetResourcePolicy.go @@ -83,10 +83,10 @@ type GetResourcePolicyOutput struct { // the attached secret. These permissions are combined with any permissions that // are associated with the user or role that attempts to access this secret. The // combined permissions specify who can access the secret and what actions they can - // perform. For more information, see Authentication and Access Control for AWS - // Secrets Manager + // perform. For more information, see Authentication and Access Control for Amazon + // Web Services Secrets Manager // (http://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html) - // in the AWS Secrets Manager User Guide. + // in the Amazon Web Services Secrets Manager User Guide. ResourcePolicy *string // Metadata pertaining to the operation's result. diff --git a/service/secretsmanager/api_op_GetSecretValue.go b/service/secretsmanager/api_op_GetSecretValue.go index f14c8aff4cf..918d507e668 100644 --- a/service/secretsmanager/api_op_GetSecretValue.go +++ b/service/secretsmanager/api_op_GetSecretValue.go @@ -19,17 +19,17 @@ import ( // secretsmanager:GetSecretValue // // * kms:Decrypt - required only if you use a -// customer-managed AWS KMS key to encrypt the secret. You do not need this -// permission to use the account's default AWS managed CMK for Secrets -// Manager. +// customer-managed Amazon Web Services KMS key to encrypt the secret. You do not +// need this permission to use the account's default Amazon Web Services managed +// CMK for Secrets Manager. // // Related operations // -// * To create a new version of the secret with -// different encrypted information, use PutSecretValue. +// * To create a new version of the +// secret with different encrypted information, use PutSecretValue. // -// * To retrieve the -// non-encrypted details for the secret, use DescribeSecret. +// * To retrieve +// the non-encrypted details for the secret, use DescribeSecret. func (c *Client) GetSecretValue(ctx context.Context, params *GetSecretValueInput, optFns ...func(*Options)) (*GetSecretValueOutput, error) { if params == nil { params = &GetSecretValueInput{} diff --git a/service/secretsmanager/api_op_ListSecrets.go b/service/secretsmanager/api_op_ListSecrets.go index a1767dd3403..e10f9b194a9 100644 --- a/service/secretsmanager/api_op_ListSecrets.go +++ b/service/secretsmanager/api_op_ListSecrets.go @@ -12,10 +12,10 @@ import ( smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Lists all of the secrets that are stored by Secrets Manager in the AWS account. -// To list the versions currently stored for a specific secret, use -// ListSecretVersionIds. The encrypted fields SecretString and SecretBinary are not -// included in the output. To get that information, call the GetSecretValue +// Lists all of the secrets that are stored by Secrets Manager in the Amazon Web +// Services account. To list the versions currently stored for a specific secret, +// use ListSecretVersionIds. The encrypted fields SecretString and SecretBinary are +// not included in the output. To get that information, call the GetSecretValue // operation. Always check the NextToken response parameter when calling any of the // List* operations. These operations can occasionally return an empty or shorter // than expected list of results even when there more results become available. diff --git a/service/secretsmanager/api_op_PutResourcePolicy.go b/service/secretsmanager/api_op_PutResourcePolicy.go index fc16eeabfde..a13d0eeaac7 100644 --- a/service/secretsmanager/api_op_PutResourcePolicy.go +++ b/service/secretsmanager/api_op_PutResourcePolicy.go @@ -16,10 +16,11 @@ import ( // the policy statement's Resources element. You can also use a combination of both // identity-based and resource-based policies. The affected users and roles receive // the permissions that are permitted by all of the relevant policies. For more -// information, see Using Resource-Based Policies for AWS Secrets Manager +// information, see Using Resource-Based Policies for Amazon Web Services Secrets +// Manager // (http://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). -// For the complete description of the AWS policy syntax and grammar, see IAM JSON -// Policy Reference +// For the complete description of the Amazon Web Services policy syntax and +// grammar, see IAM JSON Policy Reference // (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html) in // the IAM User Guide. Minimum permissions To run this command, you must have the // following permissions: @@ -55,12 +56,12 @@ func (c *Client) PutResourcePolicy(ctx context.Context, params *PutResourcePolic type PutResourcePolicyInput struct { // A JSON-formatted string constructed according to the grammar and syntax for an - // AWS resource-based policy. The policy in the string identifies who can access or - // manage this secret and its versions. For information on how to format a JSON - // parameter for the various command line tool environments, see Using JSON for - // Parameters + // Amazon Web Services resource-based policy. The policy in the string identifies + // who can access or manage this secret and its versions. For information on how to + // format a JSON parameter for the various command line tool environments, see + // Using JSON for Parameters // (http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) - // in the AWS CLI User Guide. + // in the CLI User Guide. // // This member is required. ResourcePolicy *string diff --git a/service/secretsmanager/api_op_PutSecretValue.go b/service/secretsmanager/api_op_PutSecretValue.go index 67bc5fda2b6..90406e2ba04 100644 --- a/service/secretsmanager/api_op_PutSecretValue.go +++ b/service/secretsmanager/api_op_PutSecretValue.go @@ -16,72 +16,75 @@ import ( // contain a new SecretString value or a new SecretBinary value. You can also // specify the staging labels that are initially attached to the new version. The // Secrets Manager console uses only the SecretString field. To add binary data to -// a secret with the SecretBinary field you must use the AWS CLI or one of the AWS -// SDKs. +// a secret with the SecretBinary field you must use the Amazon Web Services CLI or +// one of the Amazon Web Services SDKs. // -// * If this operation creates the first version for the secret then Secrets -// Manager automatically attaches the staging label AWSCURRENT to the new -// version. +// * If this operation creates the first +// version for the secret then Secrets Manager automatically attaches the staging +// label AWSCURRENT to the new version. // -// * If you do not specify a value for VersionStages then Secrets Manager -// automatically moves the staging label AWSCURRENT to this new version. +// * If you do not specify a value for +// VersionStages then Secrets Manager automatically moves the staging label +// AWSCURRENT to this new version. // -// * If this -// operation moves the staging label AWSCURRENT from another version to this -// version, then Secrets Manager also automatically moves the staging label -// AWSPREVIOUS to the version that AWSCURRENT was removed from. +// * If this operation moves the staging label +// AWSCURRENT from another version to this version, then Secrets Manager also +// automatically moves the staging label AWSPREVIOUS to the version that AWSCURRENT +// was removed from. // -// * This operation -// is idempotent. If a version with a VersionId with the same value as the -// ClientRequestToken parameter already exists and you specify the same secret -// data, the operation succeeds but does nothing. However, if the secret data is -// different, then the operation fails because you cannot modify an existing -// version; you can only create new ones. +// * This operation is idempotent. If a version with a VersionId +// with the same value as the ClientRequestToken parameter already exists and you +// specify the same secret data, the operation succeeds but does nothing. However, +// if the secret data is different, then the operation fails because you cannot +// modify an existing version; you can only create new ones. // -// * If you call an operation to encrypt or -// decrypt the SecretString or SecretBinary for a secret in the same account as the -// calling user and that secret doesn't specify a AWS KMS encryption key, Secrets -// Manager uses the account's default AWS managed customer master key (CMK) with -// the alias aws/secretsmanager. If this key doesn't already exist in your account -// then Secrets Manager creates it for you automatically. All users and roles in -// the same AWS account automatically have access to use the default CMK. Note that -// if an Secrets Manager API call results in AWS creating the account's AWS-managed -// CMK, it can result in a one-time significant delay in returning the result. +// * If you call an +// operation to encrypt or decrypt the SecretString or SecretBinary for a secret in +// the same account as the calling user and that secret doesn't specify a Amazon +// Web Services KMS encryption key, Secrets Manager uses the account's default +// Amazon Web Services managed customer master key (CMK) with the alias +// aws/secretsmanager. If this key doesn't already exist in your account then +// Secrets Manager creates it for you automatically. All users and roles in the +// same Amazon Web Services account automatically have access to use the default +// CMK. Note that if an Secrets Manager API call results in Amazon Web Services +// creating the account's Amazon Web Services-managed CMK, it can result in a +// one-time significant delay in returning the result. // -// * -// If the secret resides in a different AWS account from the credentials calling an -// API that requires encryption or decryption of the secret value then you must -// create and use a custom AWS KMS CMK because you can't access the default CMK for -// the account using credentials from a different AWS account. Store the ARN of the -// CMK in the secret when you create the secret or when you update it by including -// it in the KMSKeyId. If you call an API that must encrypt or decrypt SecretString -// or SecretBinary using credentials from a different account then the AWS KMS key -// policy must grant cross-account access to that other account's user or role for -// both the kms:GenerateDataKey and kms:Decrypt operations. +// * If the secret resides in +// a different Amazon Web Services account from the credentials calling an API that +// requires encryption or decryption of the secret value then you must create and +// use a custom Amazon Web Services KMS CMK because you can't access the default +// CMK for the account using credentials from a different Amazon Web Services +// account. Store the ARN of the CMK in the secret when you create the secret or +// when you update it by including it in the KMSKeyId. If you call an API that must +// encrypt or decrypt SecretString or SecretBinary using credentials from a +// different account then the Amazon Web Services KMS key policy must grant +// cross-account access to that other account's user or role for both the +// kms:GenerateDataKey and kms:Decrypt operations. // -// Minimum permissions To -// run this command, you must have the following permissions: +// Minimum permissions To run this +// command, you must have the following permissions: // // * // secretsmanager:PutSecretValue // // * kms:GenerateDataKey - needed only if you use a -// customer-managed AWS KMS key to encrypt the secret. You do not need this -// permission to use the account's default AWS managed CMK for Secrets -// Manager. +// customer-managed Amazon Web Services KMS key to encrypt the secret. You do not +// need this permission to use the account's default Amazon Web Services managed +// CMK for Secrets Manager. // // Related operations // -// * To retrieve the encrypted value you store in the -// version of a secret, use GetSecretValue. +// * To retrieve the encrypted value +// you store in the version of a secret, use GetSecretValue. // -// * To create a secret, use -// CreateSecret. +// * To create a secret, +// use CreateSecret. // // * To get the details for a secret, use DescribeSecret. // -// * To list -// the versions attached to a secret, use ListSecretVersionIds. +// * To +// list the versions attached to a secret, use ListSecretVersionIds. func (c *Client) PutSecretValue(ctx context.Context, params *PutSecretValueInput, optFns ...func(*Options)) (*PutSecretValueOutput, error) { if params == nil { params = &PutSecretValueInput{} @@ -121,33 +124,33 @@ type PutSecretValueInput struct { SecretId *string // (Optional) Specifies a unique identifier for the new version of the secret. If - // you use the AWS CLI or one of the AWS SDK to call this operation, then you can - // leave this parameter empty. The CLI or SDK generates a random UUID for you and - // includes that in the request. If you don't use the SDK and instead generate a - // raw HTTP request to the Secrets Manager service endpoint, then you must generate - // a ClientRequestToken yourself for new versions and include that value in the - // request. This value helps ensure idempotency. Secrets Manager uses this value to - // prevent the accidental creation of duplicate versions if there are failures and - // retries during the Lambda rotation function's processing. We recommend that you - // generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) - // value to ensure uniqueness within the specified secret. + // you use the Amazon Web Services CLI or one of the Amazon Web Services SDK to + // call this operation, then you can leave this parameter empty. The CLI or SDK + // generates a random UUID for you and includes that in the request. If you don't + // use the SDK and instead generate a raw HTTP request to the Secrets Manager + // service endpoint, then you must generate a ClientRequestToken yourself for new + // versions and include that value in the request. This value helps ensure + // idempotency. Secrets Manager uses this value to prevent the accidental creation + // of duplicate versions if there are failures and retries during the Lambda + // rotation function's processing. We recommend that you generate a UUID-type + // (https://wikipedia.org/wiki/Universally_unique_identifier) value to ensure + // uniqueness within the specified secret. // - // * If the - // ClientRequestToken value isn't already associated with a version of the secret - // then a new version of the secret is created. + // * If the ClientRequestToken value isn't + // already associated with a version of the secret then a new version of the secret + // is created. // - // * If a version with this value - // already exists and that version's SecretString or SecretBinary values are the - // same as those in the request then the request is ignored (the operation is - // idempotent). + // * If a version with this value already exists and that version's + // SecretString or SecretBinary values are the same as those in the request then + // the request is ignored (the operation is idempotent). // - // * If a version with this value already exists and the version of - // the SecretString and SecretBinary values are different from those in the request - // then the request fails because you cannot modify an existing secret version. You - // can only create new versions to store new secret values. + // * If a version with this + // value already exists and the version of the SecretString and SecretBinary values + // are different from those in the request then the request fails because you + // cannot modify an existing secret version. You can only create new versions to + // store new secret values. // - // This value becomes the - // VersionId of the new version. + // This value becomes the VersionId of the new version. ClientRequestToken *string // (Optional) Specifies binary data that you want to encrypt and store in the new @@ -170,7 +173,7 @@ type PutSecretValueInput struct { // information on how to format a JSON parameter for the various command line tool // environments, see Using JSON for Parameters // (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) - // in the AWS CLI User Guide. For example: + // in the CLI User Guide. For example: // [{"username":"bob"},{"password":"abc123xyz456"}] If your command-line tool or // SDK requires quotation marks around the parameter, you should use single quotes // to avoid confusion with the double quotes required in the JSON text. diff --git a/service/secretsmanager/api_op_RotateSecret.go b/service/secretsmanager/api_op_RotateSecret.go index 2044cd374f2..c6326854614 100644 --- a/service/secretsmanager/api_op_RotateSecret.go +++ b/service/secretsmanager/api_op_RotateSecret.go @@ -18,32 +18,33 @@ import ( // configuration parameters, the operation starts a rotation with the values // already stored in the secret. After the rotation completes, the protected // service and its clients all use the new version of the secret. This required -// configuration information includes the ARN of an AWS Lambda function and the -// time between scheduled rotations. The Lambda rotation function creates a new -// version of the secret and creates or updates the credentials on the protected -// service to match. After testing the new credentials, the function marks the new -// secret with the staging label AWSCURRENT so that your clients all immediately -// begin to use the new version. For more information about rotating secrets and -// how to configure a Lambda function to rotate the secrets for your protected -// service, see Rotating Secrets in AWS Secrets Manager +// configuration information includes the ARN of an Amazon Web Services Lambda +// function and optionally, the time between scheduled rotations. The Lambda +// rotation function creates a new version of the secret and creates or updates the +// credentials on the protected service to match. After testing the new +// credentials, the function marks the new secret with the staging label AWSCURRENT +// so that your clients all immediately begin to use the new version. For more +// information about rotating secrets and how to configure a Lambda function to +// rotate the secrets for your protected service, see Rotating Secrets in Amazon +// Web Services Secrets Manager // (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) -// in the AWS Secrets Manager User Guide. Secrets Manager schedules the next -// rotation when the previous one completes. Secrets Manager schedules the date by -// adding the rotation interval (number of days) to the actual date of the last -// rotation. The service chooses the hour within that 24-hour date window randomly. -// The minute is also chosen somewhat randomly, but weighted towards the top of the -// hour and influenced by a variety of factors that help distribute load. The -// rotation function must end with the versions of the secret in one of two -// states: +// in the Amazon Web Services Secrets Manager User Guide. Secrets Manager schedules +// the next rotation when the previous one completes. Secrets Manager schedules the +// date by adding the rotation interval (number of days) to the actual date of the +// last rotation. The service chooses the hour within that 24-hour date window +// randomly. The minute is also chosen somewhat randomly, but weighted towards the +// top of the hour and influenced by a variety of factors that help distribute +// load. The rotation function must end with the versions of the secret in one of +// two states: // -// * The AWSPENDING and AWSCURRENT staging labels are attached to the same -// version of the secret, or +// * The AWSPENDING and AWSCURRENT staging labels are attached to the +// same version of the secret, or // -// * The AWSPENDING staging label is not attached to any -// version of the secret. +// * The AWSPENDING staging label is not attached +// to any version of the secret. // -// If the AWSPENDING staging label is present but not -// attached to the same version as AWSCURRENT then any later invocation of +// If the AWSPENDING staging label is present but +// not attached to the same version as AWSCURRENT then any later invocation of // RotateSecret assumes that a previous rotation request is still in progress and // returns an error. Minimum permissions To run this command, you must have the // following permissions: @@ -105,15 +106,15 @@ type RotateSecretInput struct { SecretId *string // (Optional) Specifies a unique identifier for the new version of the secret that - // helps ensure idempotency. If you use the AWS CLI or one of the AWS SDK to call - // this operation, then you can leave this parameter empty. The CLI or SDK - // generates a random UUID for you and includes that in the request for this - // parameter. If you don't use the SDK and instead generate a raw HTTP request to - // the Secrets Manager service endpoint, then you must generate a - // ClientRequestToken yourself for new versions and include that value in the - // request. You only need to specify your own value if you implement your own retry - // logic and want to ensure that a given secret is not created twice. We recommend - // that you generate a UUID-type + // helps ensure idempotency. If you use the Amazon Web Services CLI or one of the + // Amazon Web Services SDK to call this operation, then you can leave this + // parameter empty. The CLI or SDK generates a random UUID for you and includes + // that in the request for this parameter. If you don't use the SDK and instead + // generate a raw HTTP request to the Secrets Manager service endpoint, then you + // must generate a ClientRequestToken yourself for new versions and include that + // value in the request. You only need to specify your own value if you implement + // your own retry logic and want to ensure that a given secret is not created + // twice. We recommend that you generate a UUID-type // (https://wikipedia.org/wiki/Universally_unique_identifier) value to ensure // uniqueness within the specified secret. Secrets Manager uses this value to // prevent the accidental creation of duplicate versions if there are failures and diff --git a/service/secretsmanager/api_op_TagResource.go b/service/secretsmanager/api_op_TagResource.go index 0e79f176898..5fc23c1e7a2 100644 --- a/service/secretsmanager/api_op_TagResource.go +++ b/service/secretsmanager/api_op_TagResource.go @@ -28,33 +28,33 @@ import ( // * Tag keys and values are case // sensitive. // -// * Do not use the aws: prefix in your tag names or values because AWS -// reserves it for AWS use. You can't edit or delete tag names or values with this -// prefix. Tags with this prefix do not count against your tags per secret -// limit. +// * Do not use the aws: prefix in your tag names or values because +// Amazon Web Services reserves it for Amazon Web Services use. You can't edit or +// delete tag names or values with this prefix. Tags with this prefix do not count +// against your tags per secret limit. // -// * If you use your tagging schema across multiple services and resources, -// remember other services might have restrictions on allowed characters. Generally -// allowed characters: letters, spaces, and numbers representable in UTF-8, plus -// the following special characters: + - = . _ : / @. +// * If you use your tagging schema across +// multiple services and resources, remember other services might have restrictions +// on allowed characters. Generally allowed characters: letters, spaces, and +// numbers representable in UTF-8, plus the following special characters: + - = . _ +// : / @. // -// If you use tags as part of -// your security strategy, then adding or removing a tag can change permissions. If -// successfully completing this operation would result in you losing your -// permissions for this secret, then the operation is blocked and returns an Access -// Denied error. Minimum permissions To run this command, you must have the -// following permissions: +// If you use tags as part of your security strategy, then adding or +// removing a tag can change permissions. If successfully completing this operation +// would result in you losing your permissions for this secret, then the operation +// is blocked and returns an Access Denied error. Minimum permissions To run this +// command, you must have the following permissions: // -// * secretsmanager:TagResource +// * +// secretsmanager:TagResource // // Related operations // -// * To -// remove one or more tags from the collection attached to a secret, use -// UntagResource. +// * To remove one or more tags +// from the collection attached to a secret, use UntagResource. // -// * To view the list of tags attached to a secret, use -// DescribeSecret. +// * To view the list +// of tags attached to a secret, use DescribeSecret. func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optFns ...func(*Options)) (*TagResourceOutput, error) { if params == nil { params = &TagResourceInput{} @@ -98,7 +98,7 @@ type TagResourceInput struct { // information on how to format a JSON parameter for the various command line tool // environments, see Using JSON for Parameters // (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) - // in the AWS CLI User Guide. For the AWS CLI, you can also use the syntax: --Tags + // in the CLI User Guide. For the CLI, you can also use the syntax: --Tags // Key="Key1",Value="Value1" Key="Key2",Value="Value2"[,…] // // This member is required. diff --git a/service/secretsmanager/api_op_UntagResource.go b/service/secretsmanager/api_op_UntagResource.go index bbc1015fb32..b278d2319e0 100644 --- a/service/secretsmanager/api_op_UntagResource.go +++ b/service/secretsmanager/api_op_UntagResource.go @@ -72,7 +72,7 @@ type UntagResourceInput struct { // parameter for the various command line tool environments, see Using JSON for // Parameters // (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) - // in the AWS CLI User Guide. + // in the CLI User Guide. // // This member is required. TagKeys []string diff --git a/service/secretsmanager/api_op_UpdateSecret.go b/service/secretsmanager/api_op_UpdateSecret.go index c6d7e5f2efb..13f50bc9a3e 100644 --- a/service/secretsmanager/api_op_UpdateSecret.go +++ b/service/secretsmanager/api_op_UpdateSecret.go @@ -17,65 +17,69 @@ import ( // secret, use RotateSecret instead. The Secrets Manager console uses only the // SecretString parameter and therefore limits you to encrypting and storing only a // text string. To encrypt and store binary data as part of the version of a -// secret, you must use either the AWS CLI or one of the AWS SDKs. +// secret, you must use either the Amazon Web Services CLI or one of the Amazon Web +// Services SDKs. // -// * If a version -// with a VersionId with the same value as the ClientRequestToken parameter already -// exists, the operation results in an error. You cannot modify an existing -// version, you can only create a new version. +// * If a version with a VersionId with the same value as the +// ClientRequestToken parameter already exists, the operation results in an error. +// You cannot modify an existing version, you can only create a new version. // -// * If you include SecretString or -// SecretBinary to create a new secret version, Secrets Manager automatically -// attaches the staging label AWSCURRENT to the new version. +// * If +// you include SecretString or SecretBinary to create a new secret version, Secrets +// Manager automatically attaches the staging label AWSCURRENT to the new +// version. // -// * If you call an -// operation to encrypt or decrypt the SecretString or SecretBinary for a secret in -// the same account as the calling user and that secret doesn't specify a AWS KMS -// encryption key, Secrets Manager uses the account's default AWS managed customer -// master key (CMK) with the alias aws/secretsmanager. If this key doesn't already -// exist in your account then Secrets Manager creates it for you automatically. All -// users and roles in the same AWS account automatically have access to use the -// default CMK. Note that if an Secrets Manager API call results in AWS creating -// the account's AWS-managed CMK, it can result in a one-time significant delay in -// returning the result. +// * If you call an operation to encrypt or decrypt the SecretString or +// SecretBinary for a secret in the same account as the calling user and that +// secret doesn't specify a Amazon Web Services KMS encryption key, Secrets Manager +// uses the account's default Amazon Web Services managed customer master key (CMK) +// with the alias aws/secretsmanager. If this key doesn't already exist in your +// account then Secrets Manager creates it for you automatically. All users and +// roles in the same Amazon Web Services account automatically have access to use +// the default CMK. Note that if an Secrets Manager API call results in Amazon Web +// Services creating the account's Amazon Web Services-managed CMK, it can result +// in a one-time significant delay in returning the result. // -// * If the secret resides in a different AWS account from -// the credentials calling an API that requires encryption or decryption of the -// secret value then you must create and use a custom AWS KMS CMK because you can't -// access the default CMK for the account using credentials from a different AWS -// account. Store the ARN of the CMK in the secret when you create the secret or -// when you update it by including it in the KMSKeyId. If you call an API that must -// encrypt or decrypt SecretString or SecretBinary using credentials from a -// different account then the AWS KMS key policy must grant cross-account access to -// that other account's user or role for both the kms:GenerateDataKey and -// kms:Decrypt operations. +// * If the secret +// resides in a different Amazon Web Services account from the credentials calling +// an API that requires encryption or decryption of the secret value then you must +// create and use a custom Amazon Web Services KMS CMK because you can't access the +// default CMK for the account using credentials from a different Amazon Web +// Services account. Store the ARN of the CMK in the secret when you create the +// secret or when you update it by including it in the KMSKeyId. If you call an API +// that must encrypt or decrypt SecretString or SecretBinary using credentials from +// a different account then the Amazon Web Services KMS key policy must grant +// cross-account access to that other account's user or role for both the +// kms:GenerateDataKey and kms:Decrypt operations. // -// Minimum permissions To run this command, you must have -// the following permissions: +// Minimum permissions To run this +// command, you must have the following permissions: // -// * secretsmanager:UpdateSecret +// * +// secretsmanager:UpdateSecret // -// * kms:GenerateDataKey -// - needed only if you use a custom AWS KMS key to encrypt the secret. You do not -// need this permission to use the account's AWS managed CMK for Secrets +// * kms:GenerateDataKey - needed only if you use a +// custom Amazon Web Services KMS key to encrypt the secret. You do not need this +// permission to use the account's Amazon Web Services managed CMK for Secrets // Manager. // -// * kms:Decrypt - needed only if you use a custom AWS KMS key to encrypt -// the secret. You do not need this permission to use the account's AWS managed CMK -// for Secrets Manager. +// * kms:Decrypt - needed only if you use a custom Amazon Web Services +// KMS key to encrypt the secret. You do not need this permission to use the +// account's Amazon Web Services managed CMK for Secrets Manager. // -// Related operations +// Related +// operations // -// * To create a new secret, use -// CreateSecret. +// * To create a new secret, use CreateSecret. // -// * To add only a new version to an existing secret, use -// PutSecretValue. +// * To add only a new +// version to an existing secret, use PutSecretValue. // -// * To get the details for a secret, use DescribeSecret. +// * To get the details for a +// secret, use DescribeSecret. // -// * To -// list the versions contained in a secret, use ListSecretVersionIds. +// * To list the versions contained in a secret, use +// ListSecretVersionIds. func (c *Client) UpdateSecret(ctx context.Context, params *UpdateSecretInput, optFns ...func(*Options)) (*UpdateSecretOutput, error) { if params == nil { params = &UpdateSecretInput{} @@ -116,18 +120,18 @@ type UpdateSecretInput struct { // (Optional) If you want to add a new version to the secret, this parameter // specifies a unique identifier for the new version that helps ensure idempotency. - // If you use the AWS CLI or one of the AWS SDK to call this operation, then you - // can leave this parameter empty. The CLI or SDK generates a random UUID for you - // and includes that in the request. If you don't use the SDK and instead generate - // a raw HTTP request to the Secrets Manager service endpoint, then you must - // generate a ClientRequestToken yourself for new versions and include that value - // in the request. You typically only need to interact with this value if you - // implement your own retry logic and want to ensure that a given secret is not - // created twice. We recommend that you generate a UUID-type - // (https://wikipedia.org/wiki/Universally_unique_identifier) value to ensure - // uniqueness within the specified secret. Secrets Manager uses this value to - // prevent the accidental creation of duplicate versions if there are failures and - // retries during the Lambda rotation function's processing. + // If you use the Amazon Web Services CLI or one of the Amazon Web Services SDK to + // call this operation, then you can leave this parameter empty. The CLI or SDK + // generates a random UUID for you and includes that in the request. If you don't + // use the SDK and instead generate a raw HTTP request to the Secrets Manager + // service endpoint, then you must generate a ClientRequestToken yourself for new + // versions and include that value in the request. You typically only need to + // interact with this value if you implement your own retry logic and want to + // ensure that a given secret is not created twice. We recommend that you generate + // a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) value to + // ensure uniqueness within the specified secret. Secrets Manager uses this value + // to prevent the accidental creation of duplicate versions if there are failures + // and retries during the Lambda rotation function's processing. // // * If the // ClientRequestToken value isn't already associated with a version of the secret @@ -149,13 +153,14 @@ type UpdateSecretInput struct { // (Optional) Specifies an updated user-provided description of the secret. Description *string - // (Optional) Specifies an updated ARN or alias of the AWS KMS customer master key - // (CMK) to be used to encrypt the protected text in new versions of this secret. - // You can only use the account's default CMK to encrypt and decrypt if you call - // this operation using credentials from the same account that owns the secret. If - // the secret is in a different account, then you must create a custom CMK and - // provide the ARN of that CMK in this field. The user making the call must have - // permissions to both the secret and the CMK in their respective accounts. + // (Optional) Specifies an updated ARN or alias of the Amazon Web Services KMS + // customer master key (CMK) to be used to encrypt the protected text in new + // versions of this secret. You can only use the account's default CMK to encrypt + // and decrypt if you call this operation using credentials from the same account + // that owns the secret. If the secret is in a different account, then you must + // create a custom CMK and provide the ARN of that CMK in this field. The user + // making the call must have permissions to both the secret and the CMK in their + // respective accounts. KmsKeyId *string // (Optional) Specifies updated binary data that you want to encrypt and store in @@ -178,7 +183,7 @@ type UpdateSecretInput struct { // information on how to format a JSON parameter for the various command line tool // environments, see Using JSON for Parameters // (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) - // in the AWS CLI User Guide. For example: + // in the CLI User Guide. For example: // [{"username":"bob"},{"password":"abc123xyz456"}] If your command-line tool or // SDK requires quotation marks around the parameter, you should use single quotes // to avoid confusion with the double quotes required in the JSON text. You can diff --git a/service/secretsmanager/api_op_UpdateSecretVersionStage.go b/service/secretsmanager/api_op_UpdateSecretVersionStage.go index 6b6d95e2887..1bddeddca46 100644 --- a/service/secretsmanager/api_op_UpdateSecretVersionStage.go +++ b/service/secretsmanager/api_op_UpdateSecretVersionStage.go @@ -17,24 +17,24 @@ import ( // then it is moved--removed from the other version first and then attached to this // one. For more information about staging labels, see Staging Labels // (https://docs.aws.amazon.com/secretsmanager/latest/userguide/terms-concepts.html#term_staging-label) -// in the AWS Secrets Manager User Guide. The staging labels that you specify in -// the VersionStage parameter are added to the existing list of staging -// labels--they don't replace it. You can move the AWSCURRENT staging label to this -// version by including it in this call. Whenever you move AWSCURRENT, Secrets -// Manager automatically moves the label AWSPREVIOUS to the version that AWSCURRENT -// was removed from. If this action results in the last label being removed from a -// version, then the version is considered to be 'deprecated' and can be deleted by -// Secrets Manager. Minimum permissions To run this command, you must have the -// following permissions: +// in the Amazon Web Services Secrets Manager User Guide. The staging labels that +// you specify in the VersionStage parameter are added to the existing list of +// staging labels--they don't replace it. You can move the AWSCURRENT staging label +// to this version by including it in this call. Whenever you move AWSCURRENT, +// Secrets Manager automatically moves the label AWSPREVIOUS to the version that +// AWSCURRENT was removed from. If this action results in the last label being +// removed from a version, then the version is considered to be 'deprecated' and +// can be deleted by Secrets Manager. Minimum permissions To run this command, you +// must have the following permissions: // -// * secretsmanager:UpdateSecretVersionStage +// * +// secretsmanager:UpdateSecretVersionStage // -// Related -// operations +// Related operations // -// * To get the list of staging labels that are currently associated -// with a version of a secret, use DescribeSecret and examine the -// SecretVersionsToStages response value. +// * To get the list +// of staging labels that are currently associated with a version of a secret, use +// DescribeSecret and examine the SecretVersionsToStages response value. func (c *Client) UpdateSecretVersionStage(ctx context.Context, params *UpdateSecretVersionStageInput, optFns ...func(*Options)) (*UpdateSecretVersionStageOutput, error) { if params == nil { params = &UpdateSecretVersionStageInput{} diff --git a/service/secretsmanager/api_op_ValidateResourcePolicy.go b/service/secretsmanager/api_op_ValidateResourcePolicy.go index 809fe6208e5..56e327a03be 100644 --- a/service/secretsmanager/api_op_ValidateResourcePolicy.go +++ b/service/secretsmanager/api_op_ValidateResourcePolicy.go @@ -53,12 +53,12 @@ func (c *Client) ValidateResourcePolicy(ctx context.Context, params *ValidateRes type ValidateResourcePolicyInput struct { // A JSON-formatted string constructed according to the grammar and syntax for an - // AWS resource-based policy. The policy in the string identifies who can access or - // manage this secret and its versions. For information on how to format a JSON - // parameter for the various command line tool environments, see Using JSON for - // Parameters + // Amazon Web Services resource-based policy. The policy in the string identifies + // who can access or manage this secret and its versions. For information on how to + // format a JSON parameter for the various command line tool environments, see + // Using JSON for Parameters // (http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) - // in the AWS CLI User Guide.publi + // in the CLI User Guide.publi // // This member is required. ResourcePolicy *string diff --git a/service/secretsmanager/deserializers.go b/service/secretsmanager/deserializers.go index c9ca4693a93..d8dadc58893 100644 --- a/service/secretsmanager/deserializers.go +++ b/service/secretsmanager/deserializers.go @@ -617,6 +617,9 @@ func awsAwsjson11_deserializeOpErrorDescribeSecret(response *smithyhttp.Response case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + case strings.EqualFold("ResourceNotFoundException", errorCode): return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) @@ -848,6 +851,9 @@ func awsAwsjson11_deserializeOpErrorGetResourcePolicy(response *smithyhttp.Respo case strings.EqualFold("InternalServiceError", errorCode): return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + case strings.EqualFold("InvalidRequestException", errorCode): return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) @@ -1208,6 +1214,9 @@ func awsAwsjson11_deserializeOpErrorListSecretVersionIds(response *smithyhttp.Re case strings.EqualFold("InvalidNextTokenException", errorCode): return awsAwsjson11_deserializeErrorInvalidNextTokenException(response, errorBody) + case strings.EqualFold("InvalidParameterException", errorCode): + return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) + case strings.EqualFold("ResourceNotFoundException", errorCode): return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) @@ -3313,6 +3322,42 @@ func awsAwsjson11_deserializeDocumentInvalidRequestException(v **types.InvalidRe return nil } +func awsAwsjson11_deserializeDocumentKmsKeyIdListType(v *[]string, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []string + if *v == nil { + cv = []string{} + } else { + cv = *v + } + + for _, value := range shape { + var col string + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected KmsKeyIdType to be of type string, got %T instead", value) + } + col = jtv + } + cv = append(cv, col) + + } + *v = cv + return nil +} + func awsAwsjson11_deserializeDocumentLimitExceededException(v **types.LimitExceededException, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -3984,6 +4029,11 @@ func awsAwsjson11_deserializeDocumentSecretVersionsListEntry(v **types.SecretVer } } + case "KmsKeyIds": + if err := awsAwsjson11_deserializeDocumentKmsKeyIdListType(&sv.KmsKeyIds, value); err != nil { + return err + } + case "LastAccessedDate": if value != nil { switch jtv := value.(type) { diff --git a/service/secretsmanager/doc.go b/service/secretsmanager/doc.go index aee3ff1b47c..0baeb08b1ae 100644 --- a/service/secretsmanager/doc.go +++ b/service/secretsmanager/doc.go @@ -3,51 +3,56 @@ // Package secretsmanager provides the API client, operations, and parameter types // for AWS Secrets Manager. // -// AWS Secrets Manager API Reference AWS Secrets Manager provides a service to -// enable you to store, manage, and retrieve, secrets. This guide provides -// descriptions of the Secrets Manager API. For more information about using this -// service, see the AWS Secrets Manager User Guide +// Amazon Web Services Secrets Manager Amazon Web Services Secrets Manager provides +// a service to enable you to store, manage, and retrieve, secrets. This guide +// provides descriptions of the Secrets Manager API. For more information about +// using this service, see the Amazon Web Services Secrets Manager User Guide // (https://docs.aws.amazon.com/secretsmanager/latest/userguide/introduction.html). // API Version This version of the Secrets Manager API Reference documents the // Secrets Manager API version 2017-10-17. As an alternative to using the API, you -// can use one of the AWS SDKs, which consist of libraries and sample code for -// various programming languages and platforms such as Java, Ruby, .NET, iOS, and -// Android. The SDKs provide a convenient way to create programmatic access to AWS -// Secrets Manager. For example, the SDKs provide cryptographically signing -// requests, managing errors, and retrying requests automatically. For more -// information about the AWS SDKs, including downloading and installing them, see -// Tools for Amazon Web Services (http://aws.amazon.com/tools/). We recommend you -// use the AWS SDKs to make programmatic API calls to Secrets Manager. However, you -// also can use the Secrets Manager HTTP Query API to make direct calls to the -// Secrets Manager web service. To learn more about the Secrets Manager HTTP Query -// API, see Making Query Requests +// can use one of the Amazon Web Services SDKs, which consist of libraries and +// sample code for various programming languages and platforms such as Java, Ruby, +// .NET, iOS, and Android. The SDKs provide a convenient way to create programmatic +// access to Amazon Web Services Secrets Manager. For example, the SDKs provide +// cryptographically signing requests, managing errors, and retrying requests +// automatically. For more information about the Amazon Web Services SDKs, +// including downloading and installing them, see Tools for Amazon Web Services +// (http://aws.amazon.com/tools/). We recommend you use the Amazon Web Services +// SDKs to make programmatic API calls to Secrets Manager. However, you also can +// use the Secrets Manager HTTP Query API to make direct calls to the Secrets +// Manager web service. To learn more about the Secrets Manager HTTP Query API, see +// Making Query Requests // (https://docs.aws.amazon.com/secretsmanager/latest/userguide/query-requests.html) -// in the AWS Secrets Manager User Guide. Secrets Manager API supports GET and POST -// requests for all actions, and doesn't require you to use GET for some actions -// and POST for others. However, GET requests are subject to the limitation size of -// a URL. Therefore, for operations that require larger sizes, use a POST request. -// Support and Feedback for AWS Secrets Manager We welcome your feedback. Send your -// comments to awssecretsmanager-feedback@amazon.com +// in the Amazon Web Services Secrets Manager User Guide. Secrets Manager API +// supports GET and POST requests for all actions, and doesn't require you to use +// GET for some actions and POST for others. However, GET requests are subject to +// the limitation size of a URL. Therefore, for operations that require larger +// sizes, use a POST request. Support and Feedback for Amazon Web Services Secrets +// Manager We welcome your feedback. Send your comments to +// awssecretsmanager-feedback@amazon.com // (mailto:awssecretsmanager-feedback@amazon.com), or post your feedback and -// questions in the AWS Secrets Manager Discussion Forum +// questions in the Amazon Web Services Secrets Manager Discussion Forum // (http://forums.aws.amazon.com/forum.jspa?forumID=296). For more information -// about the AWS Discussion Forums, see Forums Help +// about the Amazon Web Services Discussion Forums, see Forums Help // (http://forums.aws.amazon.com/help.jspa). How examples are presented The JSON -// that AWS Secrets Manager expects as your request parameters and the service -// returns as a response to HTTP query requests contain single, long strings -// without line breaks or white space formatting. The JSON shown in the examples -// displays the code formatted with both line breaks and white space to improve -// readability. When example input parameters can also cause long strings extending -// beyond the screen, you can insert line breaks to enhance readability. You should -// always submit the input as a single JSON text string. Logging API Requests AWS -// Secrets Manager supports AWS CloudTrail, a service that records AWS API calls -// for your AWS account and delivers log files to an Amazon S3 bucket. By using -// information that's collected by AWS CloudTrail, you can determine the requests -// successfully made to Secrets Manager, who made the request, when it was made, -// and so on. For more about AWS Secrets Manager and support for AWS CloudTrail, -// see Logging AWS Secrets Manager Events with AWS CloudTrail +// that Amazon Web Services Secrets Manager expects as your request parameters and +// the service returns as a response to HTTP query requests contain single, long +// strings without line breaks or white space formatting. The JSON shown in the +// examples displays the code formatted with both line breaks and white space to +// improve readability. When example input parameters can also cause long strings +// extending beyond the screen, you can insert line breaks to enhance readability. +// You should always submit the input as a single JSON text string. Logging API +// Requests Amazon Web Services Secrets Manager supports Amazon Web Services +// CloudTrail, a service that records Amazon Web Services API calls for your Amazon +// Web Services account and delivers log files to an Amazon S3 bucket. By using +// information that's collected by Amazon Web Services CloudTrail, you can +// determine the requests successfully made to Secrets Manager, who made the +// request, when it was made, and so on. For more about Amazon Web Services Secrets +// Manager and support for Amazon Web Services CloudTrail, see Logging Amazon Web +// Services Secrets Manager Events with Amazon Web Services CloudTrail // (http://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring.html#monitoring_cloudtrail) -// in the AWS Secrets Manager User Guide. To learn more about CloudTrail, including -// enabling it and find your log files, see the AWS CloudTrail User Guide +// in the Amazon Web Services Secrets Manager User Guide. To learn more about +// CloudTrail, including enabling it and find your log files, see the Amazon Web +// Services CloudTrail User Guide // (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html). package secretsmanager diff --git a/service/secretsmanager/types/types.go b/service/secretsmanager/types/types.go index d5f1c3bd625..e5ed6779146 100644 --- a/service/secretsmanager/types/types.go +++ b/service/secretsmanager/types/types.go @@ -78,7 +78,7 @@ type SecretListEntry struct { // The Amazon Resource Name (ARN) of the secret. For more information about ARNs in // Secrets Manager, see Policy Resources // (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#iam-resources) - // in the AWS Secrets Manager User Guide. + // in the Amazon Web Services Secrets Manager User Guide. ARN *string // The date and time when a secret was created. @@ -93,10 +93,11 @@ type SecretListEntry struct { // The user-provided description of the secret. Description *string - // The ARN or alias of the AWS KMS customer master key (CMK) used to encrypt the - // SecretString and SecretBinary fields in each version of the secret. If you don't - // provide a key, then Secrets Manager defaults to encrypting the secret fields - // with the default KMS CMK, the key named awssecretsmanager, for this account. + // The ARN or alias of the Amazon Web Services KMS customer master key (CMK) used + // to encrypt the SecretString and SecretBinary fields in each version of the + // secret. If you don't provide a key, then Secrets Manager defaults to encrypting + // the secret fields with the default KMS CMK, the key named awssecretsmanager, for + // this account. KmsKeyId *string // The last date that this secret was accessed. This value is truncated to midnight @@ -125,9 +126,9 @@ type SecretListEntry struct { // Indicates whether automatic, scheduled rotation is enabled for this secret. RotationEnabled bool - // The ARN of an AWS Lambda function invoked by Secrets Manager to rotate and - // expire the secret either automatically per the schedule or manually by a call to - // RotateSecret. + // The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager to + // rotate and expire the secret either automatically per the schedule or manually + // by a call to RotateSecret. RotationLambdaARN *string // A structure that defines the rotation configuration for the secret. @@ -153,6 +154,9 @@ type SecretVersionsListEntry struct { // The date and time this version of the secret was created. CreatedDate *time.Time + // The KMS keys used to encrypt the secret version. + KmsKeyIds []string + // The date that this version of the secret was last accessed. Note that the // resolution of this field is at the date level and does not include the time. LastAccessedDate *time.Time diff --git a/service/ssmcontacts/api_op_AcceptPage.go b/service/ssmcontacts/api_op_AcceptPage.go index 73b5a02fa8f..8b44e124e91 100644 --- a/service/ssmcontacts/api_op_AcceptPage.go +++ b/service/ssmcontacts/api_op_AcceptPage.go @@ -44,6 +44,15 @@ type AcceptPageInput struct { // This member is required. PageId *string + // An optional field that Incident Manager uses to ENFORCEAcceptCode validation + // when acknowledging an page. Acknowledgement can occur by replying to a page, or + // when entering the AcceptCode in the console. Enforcing AcceptCode validation + // causes Incident Manager to verify that the code entered by the user matches the + // code sent by Incident Manager with the page. Incident Manager can also + // IGNOREAcceptCode validation. Ignoring AcceptCode validation causes Incident + // Manager to accept any value entered for the AcceptCode. + AcceptCodeValidation types.AcceptCodeValidation + // The ARN of the contact channel. ContactChannelId *string diff --git a/service/ssmcontacts/doc.go b/service/ssmcontacts/doc.go index ad32b556904..b56d4c6d756 100644 --- a/service/ssmcontacts/doc.go +++ b/service/ssmcontacts/doc.go @@ -3,5 +3,12 @@ // Package ssmcontacts provides the API client, operations, and parameter types for // AWS Systems Manager Incident Manager Contacts. // -// +// AWS Systems Manager Incident Manager is an incident management console designed +// to help users mitigate and recover from incidents affecting their AWS-hosted +// applications. An incident is any unplanned interruption or reduction in quality +// of services. Incident Manager increases incident resolution by notifying +// responders of impact, highlighting relevant troubleshooting data, and providing +// collaboration tools to get services back up and running. To achieve the primary +// goal of reducing the time-to-resolution of critical incidents, Incident Manager +// automates response plans and enables responder team escalation. package ssmcontacts diff --git a/service/ssmcontacts/serializers.go b/service/ssmcontacts/serializers.go index 37670411ff9..ba52ea38431 100644 --- a/service/ssmcontacts/serializers.go +++ b/service/ssmcontacts/serializers.go @@ -1476,6 +1476,11 @@ func awsAwsjson11_serializeOpDocumentAcceptPageInput(v *AcceptPageInput, value s ok.String(*v.AcceptCode) } + if len(v.AcceptCodeValidation) > 0 { + ok := object.Key("AcceptCodeValidation") + ok.String(string(v.AcceptCodeValidation)) + } + if len(v.AcceptType) > 0 { ok := object.Key("AcceptType") ok.String(string(v.AcceptType)) diff --git a/service/ssmcontacts/types/enums.go b/service/ssmcontacts/types/enums.go index e8591606734..16b14779138 100644 --- a/service/ssmcontacts/types/enums.go +++ b/service/ssmcontacts/types/enums.go @@ -2,6 +2,24 @@ package types +type AcceptCodeValidation string + +// Enum values for AcceptCodeValidation +const ( + AcceptCodeValidationIgnore AcceptCodeValidation = "IGNORE" + AcceptCodeValidationEnforce AcceptCodeValidation = "ENFORCE" +) + +// Values returns all known values for AcceptCodeValidation. Note that this can be +// expanded in the future, and so it is only as up to date as the client. The +// ordering of this slice is not guaranteed to be stable across updates. +func (AcceptCodeValidation) Values() []AcceptCodeValidation { + return []AcceptCodeValidation{ + "IGNORE", + "ENFORCE", + } +} + type AcceptType string // Enum values for AcceptType diff --git a/service/ssmcontacts/types/types.go b/service/ssmcontacts/types/types.go index 8ed580ad702..a862533330b 100644 --- a/service/ssmcontacts/types/types.go +++ b/service/ssmcontacts/types/types.go @@ -235,7 +235,8 @@ type Receipt struct { // specified contacts or contact methods. type Stage struct { - // The time to wait until beginning the next stage. + // The time to wait until beginning the next stage. The duration can only be set to + // 0 if a target is specified. // // This member is required. DurationInMinutes *int32