diff --git a/CHANGELOG.md b/CHANGELOG.md index cf0d7271207..263c96a0f95 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +Release v1.44.329 (2023-08-22) +=== + +### Service Client Updates +* `service/ce`: Updates service API and documentation +* `service/globalaccelerator`: Updates service documentation +* `service/rds`: Updates service API, documentation, waiters, paginators, and examples + * Adding parameters to CreateCustomDbEngineVersion reserved for future use. +* `service/verifiedpermissions`: Updates service API and documentation + Release v1.44.328 (2023-08-21) === diff --git a/aws/endpoints/defaults.go b/aws/endpoints/defaults.go index c6bf8832bc8..ed4812b8d1b 100644 --- a/aws/endpoints/defaults.go +++ b/aws/endpoints/defaults.go @@ -19004,6 +19004,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -22534,6 +22537,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "rekognition-fips.ca-central-1", }: endpoint{ @@ -27942,6 +27948,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, diff --git a/aws/version.go b/aws/version.go index 4b668b74d59..4d14080cb5e 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.328" +const SDKVersion = "1.44.329" diff --git a/models/apis/ce/2017-10-25/api-2.json b/models/apis/ce/2017-10-25/api-2.json index f016100347c..a346fddea19 100644 --- a/models/apis/ce/2017-10-25/api-2.json +++ b/models/apis/ce/2017-10-25/api-2.json @@ -690,7 +690,9 @@ "members":{ "TagKey":{"shape":"TagKey"}, "Type":{"shape":"CostAllocationTagType"}, - "Status":{"shape":"CostAllocationTagStatus"} + "Status":{"shape":"CostAllocationTagStatus"}, + "LastUpdatedDate":{"shape":"ZonedDateTime"}, + "LastUsedDate":{"shape":"ZonedDateTime"} } }, "CostAllocationTagKeyList":{ diff --git a/models/apis/ce/2017-10-25/docs-2.json b/models/apis/ce/2017-10-25/docs-2.json index 7a23eb965ea..c4fa7dc109e 100644 --- a/models/apis/ce/2017-10-25/docs-2.json +++ b/models/apis/ce/2017-10-25/docs-2.json @@ -21,7 +21,7 @@ "GetReservationPurchaseRecommendation": "

Gets recommendations for reservation purchases. These recommendations might help you to reduce your costs. Reservations provide a discounted hourly rate (up to 75%) compared to On-Demand pricing.

Amazon Web Services generates your recommendations by identifying your On-Demand usage during a specific time period and collecting your usage into categories that are eligible for a reservation. After Amazon Web Services has these categories, it simulates every combination of reservations in each category of usage to identify the best number of each type of Reserved Instance (RI) to purchase to maximize your estimated savings.

For example, Amazon Web Services automatically aggregates your Amazon EC2 Linux, shared tenancy, and c4 family usage in the US West (Oregon) Region and recommends that you buy size-flexible regional reservations to apply to the c4 family usage. Amazon Web Services recommends the smallest size instance in an instance family. This makes it easier to purchase a size-flexible Reserved Instance (RI). Amazon Web Services also shows the equal number of normalized units. This way, you can purchase any instance size that you want. For this example, your RI recommendation is for c4.large because that is the smallest size instance in the c4 instance family.

", "GetReservationUtilization": "

Retrieves the reservation utilization for your account. Management account in an organization have access to member accounts. You can filter data by dimensions in a time period. You can use GetDimensionValues to determine the possible dimension values. Currently, you can group only by SUBSCRIPTION_ID.

", "GetRightsizingRecommendation": "

Creates recommendations that help you save cost by identifying idle and underutilized Amazon EC2 instances.

Recommendations are generated to either downsize or terminate instances, along with providing savings detail and metrics. For more information about calculation and function, see Optimizing Your Cost with Rightsizing Recommendations in the Billing and Cost Management User Guide.

", - "GetSavingsPlanPurchaseRecommendationDetails": "

Retrieves the details for a Savings Plan recommendation. These details include the hourly data-points that construct the new cost, coverage, and utilization charts.

", + "GetSavingsPlanPurchaseRecommendationDetails": "

Retrieves the details for a Savings Plan recommendation. These details include the hourly data-points that construct the cost, coverage, and utilization charts.

", "GetSavingsPlansCoverage": "

Retrieves the Savings Plans covered for your account. This enables you to see how much of your cost is covered by a Savings Plan. An organization’s management account can see the coverage of the associated member accounts. This supports dimensions, Cost Categories, and nested expressions. For any time period, you can filter data for Savings Plans usage with the following dimensions:

To determine valid values for a dimension, use the GetDimensionValues operation.

", "GetSavingsPlansPurchaseRecommendation": "

Retrieves the Savings Plans recommendations for your account. First use StartSavingsPlansPurchaseRecommendationGeneration to generate a new set of recommendations, and then use GetSavingsPlansPurchaseRecommendation to retrieve them.

", "GetSavingsPlansUtilization": "

Retrieves the Savings Plans utilization for your account across date ranges with daily or monthly granularity. Management account in an organization have access to member accounts. You can use GetDimensionValues in SAVINGS_PLANS to determine the possible dimension values.

You can't group by any dimension values for GetSavingsPlansUtilization.

", @@ -2370,6 +2370,8 @@ "ZonedDateTime": { "base": "

The period of time that you want the usage and costs for.

", "refs": { + "CostAllocationTag$LastUpdatedDate": "

The last date that the tag was either activated or deactivated.

", + "CostAllocationTag$LastUsedDate": "

The last month that the tag was used on an Amazon Web Services resource.

", "CostCategory$EffectiveStart": "

The effective start date of your Cost Category.

", "CostCategory$EffectiveEnd": "

The effective end date of your Cost Category.

", "CostCategoryReference$EffectiveStart": "

The Cost Category's effective start date.

", diff --git a/models/apis/ce/2017-10-25/endpoint-rule-set-1.json b/models/apis/ce/2017-10-25/endpoint-rule-set-1.json index e4c99e99633..0a970cbf0e7 100644 --- a/models/apis/ce/2017-10-25/endpoint-rule-set-1.json +++ b/models/apis/ce/2017-10-25/endpoint-rule-set-1.json @@ -58,52 +58,56 @@ "type": "error" }, { - "conditions": [], - "type": "tree", - "rules": [ + "conditions": [ { - "conditions": [ + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" - }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" + "ref": "UseDualStack" }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" + true + ] } - ] + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, { - "conditions": [], + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], "type": "tree", "rules": [ { "conditions": [ { - "fn": "isSet", + "fn": "aws.partition", "argv": [ { "ref": "Region" } - ] + ], + "assign": "PartitionResult" } ], "type": "tree", @@ -111,342 +115,302 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "stringEquals", "argv": [ { - "ref": "Region" - } - ], - "assign": "PartitionResult" - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "stringEquals", + "fn": "getAttr", "argv": [ { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "name" - ] + "ref": "PartitionResult" }, - "aws" + "name" ] }, + "aws" + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - false - ] + "ref": "UseFIPS" }, + false + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - false - ] - } - ], - "endpoint": { - "url": "https://ce.us-east-1.amazonaws.com", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "ce", - "signingRegion": "us-east-1" - } - ] + "ref": "UseDualStack" }, - "headers": {} - }, - "type": "endpoint" + false + ] + } + ], + "endpoint": { + "url": "https://ce.us-east-1.amazonaws.com", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "ce", + "signingRegion": "us-east-1" + } + ] }, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [ { - "conditions": [ + "fn": "stringEquals", + "argv": [ { - "fn": "stringEquals", + "fn": "getAttr", "argv": [ { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "name" - ] + "ref": "PartitionResult" }, - "aws-cn" + "name" ] }, + "aws-cn" + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - false - ] + "ref": "UseFIPS" }, + false + ] + }, + { + "fn": "booleanEquals", + "argv": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - false - ] + "ref": "UseDualStack" + }, + false + ] + } + ], + "endpoint": { + "url": "https://ce.cn-northwest-1.amazonaws.com.cn", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "ce", + "signingRegion": "cn-northwest-1" } - ], - "endpoint": { - "url": "https://ce.cn-northwest-1.amazonaws.com.cn", - "properties": { - "authSchemes": [ - { - "name": "sigv4", - "signingName": "ce", - "signingRegion": "cn-northwest-1" - } - ] + ] + }, + "headers": {} + }, + "type": "endpoint" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" }, - "headers": {} - }, - "type": "endpoint" + true + ] }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } ] }, { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - }, - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://ce-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" + "endpoint": { + "url": "https://ce-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseFIPS" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsFIPS" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://ce-fips.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsFIPS" ] } ] - }, + } + ], + "type": "tree", + "rules": [ { "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" + "endpoint": { + "url": "https://ce-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ + true, { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", + "fn": "getAttr", "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "type": "tree", - "rules": [ { - "conditions": [], - "endpoint": { - "url": "https://ce.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } + "ref": "PartitionResult" + }, + "supportsDualStack" ] } ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } - ] - }, - { - "conditions": [], + ], "type": "tree", "rules": [ { "conditions": [], "endpoint": { - "url": "https://ce.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://ce.{Region}.{PartitionResult#dualStackDnsSuffix}", "properties": {}, "headers": {} }, "type": "endpoint" } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://ce.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, - { - "conditions": [], - "error": "Invalid Configuration: Missing Region", - "type": "error" } ] + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } \ No newline at end of file diff --git a/models/apis/globalaccelerator/2018-08-08/docs-2.json b/models/apis/globalaccelerator/2018-08-08/docs-2.json index b328a318a04..4e6088788bb 100644 --- a/models/apis/globalaccelerator/2018-08-08/docs-2.json +++ b/models/apis/globalaccelerator/2018-08-08/docs-2.json @@ -670,8 +670,8 @@ "CustomRoutingAccelerator$Enabled": "

Indicates whether the accelerator is enabled. The value is true or false. The default value is true.

If the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.

", "CustomRoutingAcceleratorAttributes$FlowLogsEnabled": "

Indicates whether flow logs are enabled. The default value is false. If the value is true, FlowLogsS3Bucket and FlowLogsS3Prefix must be specified.

For more information, see Flow logs in the Global Accelerator Developer Guide.

", "DenyCustomRoutingTrafficRequest$DenyAllTrafficToEndpoint": "

Indicates whether all destination IP addresses and ports for a specified VPC subnet endpoint cannot receive traffic from a custom routing accelerator. The value is TRUE or FALSE.

When set to TRUE, no destinations in the custom routing VPC subnet can receive traffic. Note that you cannot specify destination IP addresses and ports when the value is set to TRUE.

When set to FALSE (or not specified), you must specify a list of destination IP addresses that cannot receive traffic. A list of ports is optional. If you don't specify a list of ports, the ports that can accept traffic is the same as the ports configured for the endpoint group.

The default value is FALSE.

", - "EndpointConfiguration$ClientIPPreservationEnabled": "

Indicates whether client IP address preservation is enabled for an endpoint. The value is true or false. The default value is true for new accelerators.

If the value is set to true, the client's IP address is preserved in the X-Forwarded-For request header as traffic travels to applications on the endpoint fronted by the accelerator.

Client IP address preservation is supported, in specific Amazon Web Services Regions, for endpoints that are Application Load Balancers and Amazon EC2 instances.

For more information, see Preserve client IP addresses in Global Accelerator in the Global Accelerator Developer Guide.

", - "EndpointDescription$ClientIPPreservationEnabled": "

Indicates whether client IP address preservation is enabled for an endpoint. The value is true or false. The default value is true for new accelerators.

If the value is set to true, the client's IP address is preserved in the X-Forwarded-For request header as traffic travels to applications on the endpoint fronted by the accelerator.

Client IP address preservation is supported, in specific Amazon Web Services Regions, for endpoints that are Application Load Balancers and Amazon EC2 instances.

For more information, see Preserve client IP addresses in Global Accelerator in the Global Accelerator Developer Guide.

", + "EndpointConfiguration$ClientIPPreservationEnabled": "

Indicates whether client IP address preservation is enabled for an endpoint. The value is true or false. The default value is true for new accelerators.

If the value is set to true, the client's IP address is preserved in the X-Forwarded-For request header as traffic travels to applications on the endpoint fronted by the accelerator.

Client IP address preservation is supported, in specific Amazon Web Services Regions, for endpoints that are Application Load Balancers, Amazon EC2 instances, and Network Load Balancers with Security Groups. IMPORTANT: You cannot use client IP address preservation with Network Load Balancers with TLS listeners.

For more information, see Preserve client IP addresses in Global Accelerator in the Global Accelerator Developer Guide.

", + "EndpointDescription$ClientIPPreservationEnabled": "

Indicates whether client IP address preservation is enabled for an endpoint. The value is true or false. The default value is true for new accelerators.

If the value is set to true, the client's IP address is preserved in the X-Forwarded-For request header as traffic travels to applications on the endpoint fronted by the accelerator.

Client IP address preservation is supported, in specific Amazon Web Services Regions, for endpoints that are Application Load Balancers, Amazon EC2 instances, and Network Load Balancers with Security Groups. IMPORTANT: You cannot use client IP address preservation with Network Load Balancers with TLS listeners.

For more information, see Preserve client IP addresses in Global Accelerator in the Global Accelerator Developer Guide.

", "EndpointIdentifier$ClientIPPreservationEnabled": "

Indicates whether client IP address preservation is enabled for an endpoint. The value is true or false.

If the value is set to true, the client's IP address is preserved in the X-Forwarded-For request header as traffic travels to applications on the endpoint fronted by the accelerator.

", "UpdateAcceleratorAttributesRequest$FlowLogsEnabled": "

Update whether flow logs are enabled. The default value is false. If the value is true, FlowLogsS3Bucket and FlowLogsS3Prefix must be specified.

For more information, see Flow Logs in the Global Accelerator Developer Guide.

", "UpdateAcceleratorRequest$Enabled": "

Indicates whether an accelerator is enabled. The value is true or false. The default value is true.

If the value is set to true, the accelerator cannot be deleted. If set to false, the accelerator can be deleted.

", diff --git a/models/apis/rds/2014-10-31/api-2.json b/models/apis/rds/2014-10-31/api-2.json index ffe21eac8da..50447dd44d2 100644 --- a/models/apis/rds/2014-10-31/api-2.json +++ b/models/apis/rds/2014-10-31/api-2.json @@ -3167,7 +3167,9 @@ "KMSKeyId":{"shape":"KmsKeyIdOrArn"}, "Description":{"shape":"Description"}, "Manifest":{"shape":"CustomDBEngineVersionManifest"}, - "Tags":{"shape":"TagList"} + "Tags":{"shape":"TagList"}, + "SourceCustomDbEngineVersionIdentifier":{"shape":"String255"}, + "UseAwsProvidedLatestImage":{"shape":"BooleanOptional"} } }, "CreateDBClusterEndpointMessage":{ diff --git a/models/apis/rds/2014-10-31/docs-2.json b/models/apis/rds/2014-10-31/docs-2.json index 33a7c641eea..92d5c1e2a9f 100644 --- a/models/apis/rds/2014-10-31/docs-2.json +++ b/models/apis/rds/2014-10-31/docs-2.json @@ -526,6 +526,7 @@ "CopyDBClusterSnapshotMessage$CopyTags": "

A value that indicates whether to copy all tags from the source DB cluster snapshot to the target DB cluster snapshot. By default, tags are not copied.

", "CopyDBSnapshotMessage$CopyTags": "

A value that indicates whether to copy all tags from the source DB snapshot to the target DB snapshot. By default, tags aren't copied.

", "CopyDBSnapshotMessage$CopyOptionGroup": "

A value that indicates whether to copy the DB option group associated with the source DB snapshot to the target Amazon Web Services account and associate with the target DB snapshot. The associated option group can be copied only with cross-account snapshot copy calls.

", + "CreateCustomDBEngineVersionMessage$UseAwsProvidedLatestImage": "

Reserved for future use.

", "CreateDBClusterMessage$StorageEncrypted": "

Specifies whether the DB cluster is encrypted.

Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters

", "CreateDBClusterMessage$EnableIAMDatabaseAuthentication": "

Specifies whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled.

For more information, see IAM Database Authentication in the Amazon Aurora User Guide.

Valid for Cluster Type: Aurora DB clusters only

", "CreateDBClusterMessage$DeletionProtection": "

Specifies whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled.

Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters

", @@ -5007,7 +5008,8 @@ "base": null, "refs": { "CreateCustomDBEngineVersionMessage$DatabaseInstallationFilesS3Prefix": "

The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is 123456789012/cev1. If this setting isn't specified, no prefix is assumed.

", - "CreateCustomDBEngineVersionMessage$ImageId": "

The ID of the Amazon Machine Image (AMI). For RDS Custom for SQL Server, an AMI ID is required to create a CEV. For RDS Custom for Oracle, the default is the most recent AMI available, but you can specify an AMI ID that was used in a different Oracle CEV. Find the AMIs used by your CEVs by calling the DescribeDBEngineVersions operation.

" + "CreateCustomDBEngineVersionMessage$ImageId": "

The ID of the Amazon Machine Image (AMI). For RDS Custom for SQL Server, an AMI ID is required to create a CEV. For RDS Custom for Oracle, the default is the most recent AMI available, but you can specify an AMI ID that was used in a different Oracle CEV. Find the AMIs used by your CEVs by calling the DescribeDBEngineVersions operation.

", + "CreateCustomDBEngineVersionMessage$SourceCustomDbEngineVersionIdentifier": "

Reserved for future use.

" } }, "StringList": { diff --git a/models/apis/verifiedpermissions/2021-12-01/api-2.json b/models/apis/verifiedpermissions/2021-12-01/api-2.json index ab49db3fdf8..3441b67a476 100644 --- a/models/apis/verifiedpermissions/2021-12-01/api-2.json +++ b/models/apis/verifiedpermissions/2021-12-01/api-2.json @@ -435,7 +435,8 @@ "type":"string", "max":200, "min":1, - "pattern":".*" + "pattern":".*", + "sensitive":true }, "ActionIdentifier":{ "type":"structure", @@ -452,7 +453,8 @@ "type":"string", "max":200, "min":1, - "pattern":"Action$|^.+::Action" + "pattern":"Action$|^.+::Action", + "sensitive":true }, "AttributeValue":{ "type":"structure", @@ -472,13 +474,15 @@ }, "BooleanAttribute":{ "type":"boolean", - "box":true + "box":true, + "sensitive":true }, "ClientId":{ "type":"string", "max":255, "min":1, - "pattern":".*" + "pattern":".*", + "sensitive":true }, "ClientIds":{ "type":"list", @@ -523,8 +527,7 @@ "ContextMap":{ "type":"map", "key":{"shape":"String"}, - "value":{"shape":"AttributeValue"}, - "min":0 + "value":{"shape":"AttributeValue"} }, "CreateIdentitySourceInput":{ "type":"structure", @@ -742,14 +745,14 @@ "EntityAttributes":{ "type":"map", "key":{"shape":"String"}, - "value":{"shape":"AttributeValue"}, - "min":0 + "value":{"shape":"AttributeValue"} }, "EntityId":{ "type":"string", "max":200, "min":1, - "pattern":".*" + "pattern":".*", + "sensitive":true }, "EntityIdentifier":{ "type":"structure", @@ -773,8 +776,7 @@ }, "EntityList":{ "type":"list", - "member":{"shape":"EntityItem"}, - "min":0 + "member":{"shape":"EntityItem"} }, "EntityReference":{ "type":"structure", @@ -788,14 +790,16 @@ "type":"string", "max":200, "min":1, - "pattern":".*" + "pattern":".*", + "sensitive":true }, "EvaluationErrorItem":{ "type":"structure", "required":["errorDescription"], "members":{ "errorDescription":{"shape":"String"} - } + }, + "sensitive":true }, "EvaluationErrorList":{ "type":"list", @@ -1140,19 +1144,21 @@ }, "LongAttribute":{ "type":"long", - "box":true + "box":true, + "sensitive":true }, "MaxResults":{ "type":"integer", "box":true, - "max":20, + "max":50, "min":1 }, "Namespace":{ "type":"string", "max":100, "min":1, - "pattern":".*" + "pattern":".*", + "sensitive":true }, "NamespaceList":{ "type":"list", @@ -1241,7 +1247,8 @@ "PolicyStatement":{ "type":"string", "max":10000, - "min":1 + "min":1, + "sensitive":true }, "PolicyStoreId":{ "type":"string", @@ -1269,7 +1276,8 @@ "PolicyTemplateDescription":{ "type":"string", "max":150, - "min":0 + "min":0, + "sensitive":true }, "PolicyTemplateId":{ "type":"string", @@ -1308,7 +1316,8 @@ "type":"string", "max":200, "min":1, - "pattern":".*" + "pattern":".*", + "sensitive":true }, "PutSchemaInput":{ "type":"structure", @@ -1396,7 +1405,8 @@ "SchemaJson":{ "type":"string", "max":10000, - "min":1 + "min":1, + "sensitive":true }, "ServiceQuotaExceededException":{ "type":"structure", @@ -1442,10 +1452,14 @@ "StaticPolicyDescription":{ "type":"string", "max":150, - "min":0 + "min":0, + "sensitive":true }, "String":{"type":"string"}, - "StringAttribute":{"type":"string"}, + "StringAttribute":{ + "type":"string", + "sensitive":true + }, "TemplateLinkedPolicyDefinition":{ "type":"structure", "required":["policyTemplateId"], @@ -1492,7 +1506,8 @@ "type":"string", "max":131072, "min":1, - "pattern":"[A-Za-z0-9-_=]+.[A-Za-z0-9-_=]+.[A-Za-z0-9-_=]+" + "pattern":"[A-Za-z0-9-_=]+.[A-Za-z0-9-_=]+.[A-Za-z0-9-_=]+", + "sensitive":true }, "UpdateCognitoUserPoolConfiguration":{ "type":"structure", diff --git a/models/apis/verifiedpermissions/2021-12-01/docs-2.json b/models/apis/verifiedpermissions/2021-12-01/docs-2.json index 37a95cb860b..409caabdb52 100644 --- a/models/apis/verifiedpermissions/2021-12-01/docs-2.json +++ b/models/apis/verifiedpermissions/2021-12-01/docs-2.json @@ -16,14 +16,14 @@ "GetPolicyTemplate": "

Retrieve the details for the specified policy template in the specified policy store.

", "GetSchema": "

Retrieve the details for the specified schema in the specified policy store.

", "IsAuthorized": "

Makes an authorization decision about a service request described in the parameters. The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

", - "IsAuthorizedWithToken": "

Makes an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source. The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to be usable until they expire.

", + "IsAuthorizedWithToken": "

Makes an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source in the form of an identity token formatted as a JSON web token (JWT). The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

If you specify the identityToken parameter, then this operation derives the principal from that token. You must not also include that principal in the entities parameter or the operation fails and reports a conflict between the two entity sources.

If you provide only an accessToken, then you can include the entity as part of the entities parameter to provide additional attributes.

At this time, Verified Permissions accepts tokens from only Amazon Cognito.

Verified Permissions validates each token that is specified in a request by checking its expiration date and its signature.

If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to be usable until they expire.

", "ListIdentitySources": "

Returns a paginated list of all of the identity sources defined in the specified policy store.

", "ListPolicies": "

Returns a paginated list of all policies stored in the specified policy store.

", "ListPolicyStores": "

Returns a paginated list of all policy stores in the calling Amazon Web Services account.

", "ListPolicyTemplates": "

Returns a paginated list of all policy templates in the specified policy store.

", "PutSchema": "

Creates or updates the policy schema in the specified policy store. The schema is used to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.

", "UpdateIdentitySource": "

Updates the specified identity source to use a new identity provider (IdP) source, or to change the mapping of identities from the IdP to a different principal entity type.

", - "UpdatePolicy": "

Modifies a Cedar static policy in the specified policy store. You can change only certain elements of the UpdatePolicyDefinition parameter. You can directly update only static policies. To change a template-linked policy, you must update the template instead, using UpdatePolicyTemplate.

If policy validation is enabled in the policy store, then updating a static policy causes Verified Permissions to validate the policy against the schema in the policy store. If the updated static policy doesn't pass validation, the operation fails and the update isn't stored.

", + "UpdatePolicy": "

Modifies a Cedar static policy in the specified policy store. You can change only certain elements of the UpdatePolicyDefinition parameter. You can directly update only static policies. To change a template-linked policy, you must update the template instead, using UpdatePolicyTemplate.

", "UpdatePolicyStore": "

Modifies the validation setting for a policy store.

", "UpdatePolicyTemplate": "

Updates the specified policy template. You can update only the description and the some elements of the policyBody.

Changes you make to the policy template content are immediately reflected in authorization decisions that involve all template-linked policies instantiated from this template.

" }, @@ -229,7 +229,7 @@ "base": "

Contains the list of entities to be considered during an authorization request. This includes all principals, resources, and actions required to successfully evaluate the request.

This data type is used as a field in the response parameter for the IsAuthorized and IsAuthorizedWithToken operations.

", "refs": { "IsAuthorizedInput$entities": "

Specifies the list of resources and principals and their associated attributes that Verified Permissions can examine when evaluating the policies.

You can include only principal and resource entities in this parameter; you can't include actions. You must specify actions in the schema.

", - "IsAuthorizedWithTokenInput$entities": "

Specifies the list of resources and principals and their associated attributes that Verified Permissions can examine when evaluating the policies.

You can include only principal and resource entities in this parameter; you can't include actions. You must specify actions in the schema.

" + "IsAuthorizedWithTokenInput$entities": "

Specifies the list of resources and their associated attributes that Verified Permissions can examine when evaluating the policies.

You can include only resource and action entities in this parameter; you can't include principals.

" } }, "EntityAttributes": { @@ -448,7 +448,7 @@ "ListIdentitySourcesMaxResults": { "base": null, "refs": { - "ListIdentitySourcesInput$maxResults": "

Specifies the total number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value that is specific to the operation. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next part of the results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

" + "ListIdentitySourcesInput$maxResults": "

Specifies the total number of results that you want included in each response. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next set of results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

If you do not specify this parameter, the operation defaults to 10 identity sources per response. You can specify a maximum of 200 identity sources per response.

" } }, "ListIdentitySourcesOutput": { @@ -495,9 +495,9 @@ "MaxResults": { "base": null, "refs": { - "ListPoliciesInput$maxResults": "

Specifies the total number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value that is specific to the operation. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next part of the results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

", - "ListPolicyStoresInput$maxResults": "

Specifies the total number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value that is specific to the operation. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next part of the results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

", - "ListPolicyTemplatesInput$maxResults": "

Specifies the total number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value that is specific to the operation. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next part of the results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

" + "ListPoliciesInput$maxResults": "

Specifies the total number of results that you want included in each response. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next set of results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

If you do not specify this parameter, the operation defaults to 10 policies per response. You can specify a maximum of 50 policies per response.

", + "ListPolicyStoresInput$maxResults": "

Specifies the total number of results that you want included in each response. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next set of results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

If you do not specify this parameter, the operation defaults to 10 policy stores per response. You can specify a maximum of 50 policy stores per response.

", + "ListPolicyTemplatesInput$maxResults": "

Specifies the total number of results that you want included in each response. If additional items exist beyond the number you specify, the NextToken response element is returned with a value (not null). Include the specified value as the NextToken request parameter in the next call to the operation to get the next set of results. Note that the service might return fewer results than the maximum even when there are more results available. You should check NextToken after every operation to ensure that you receive all of the results.

If you do not specify this parameter, the operation defaults to 10 policy templates per response. You can specify a maximum of 50 policy templates per response.

" } }, "Namespace": { @@ -910,8 +910,8 @@ "Token": { "base": null, "refs": { - "IsAuthorizedWithTokenInput$identityToken": "

Specifies an identity token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken or an IdentityToken, but not both.

", - "IsAuthorizedWithTokenInput$accessToken": "

Specifies an access token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken or an IdentityToken, but not both.

" + "IsAuthorizedWithTokenInput$identityToken": "

Specifies an identity token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken or an IdentityToken, or both.

", + "IsAuthorizedWithTokenInput$accessToken": "

Specifies an access token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken, or an IdentityToken, or both.

" } }, "UpdateCognitoUserPoolConfiguration": { diff --git a/models/apis/verifiedpermissions/2021-12-01/endpoint-tests-1.json b/models/apis/verifiedpermissions/2021-12-01/endpoint-tests-1.json index 1ee1c6c8398..3a5b73a9e4e 100644 --- a/models/apis/verifiedpermissions/2021-12-01/endpoint-tests-1.json +++ b/models/apis/verifiedpermissions/2021-12-01/endpoint-tests-1.json @@ -1,55 +1,55 @@ { "testCases": [ { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://verifiedpermissions-fips.us-gov-east-1.api.aws" + "url": "https://verifiedpermissions-fips.us-east-1.api.aws" } }, "params": { + "Region": "us-east-1", "UseFIPS": true, - "UseDualStack": true, - "Region": "us-gov-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://verifiedpermissions-fips.us-gov-east-1.amazonaws.com" + "url": "https://verifiedpermissions-fips.us-east-1.amazonaws.com" } }, "params": { + "Region": "us-east-1", "UseFIPS": true, - "UseDualStack": false, - "Region": "us-gov-east-1" + "UseDualStack": false } }, { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://verifiedpermissions.us-gov-east-1.api.aws" + "url": "https://verifiedpermissions.us-east-1.api.aws" } }, "params": { + "Region": "us-east-1", "UseFIPS": false, - "UseDualStack": true, - "Region": "us-gov-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://verifiedpermissions.us-gov-east-1.amazonaws.com" + "url": "https://verifiedpermissions.us-east-1.amazonaws.com" } }, "params": { + "Region": "us-east-1", "UseFIPS": false, - "UseDualStack": false, - "Region": "us-gov-east-1" + "UseDualStack": false } }, { @@ -60,9 +60,9 @@ } }, "params": { + "Region": "cn-north-1", "UseFIPS": true, - "UseDualStack": true, - "Region": "cn-north-1" + "UseDualStack": true } }, { @@ -73,9 +73,9 @@ } }, "params": { + "Region": "cn-north-1", "UseFIPS": true, - "UseDualStack": false, - "Region": "cn-north-1" + "UseDualStack": false } }, { @@ -86,9 +86,9 @@ } }, "params": { + "Region": "cn-north-1", "UseFIPS": false, - "UseDualStack": true, - "Region": "cn-north-1" + "UseDualStack": true } }, { @@ -99,109 +99,109 @@ } }, "params": { + "Region": "cn-north-1", "UseFIPS": false, - "UseDualStack": false, - "Region": "cn-north-1" + "UseDualStack": false } }, { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + "endpoint": { + "url": "https://verifiedpermissions-fips.us-gov-east-1.api.aws" + } }, "params": { + "Region": "us-gov-east-1", "UseFIPS": true, - "UseDualStack": true, - "Region": "us-iso-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://verifiedpermissions-fips.us-iso-east-1.c2s.ic.gov" + "url": "https://verifiedpermissions-fips.us-gov-east-1.amazonaws.com" } }, "params": { + "Region": "us-gov-east-1", "UseFIPS": true, - "UseDualStack": false, - "Region": "us-iso-east-1" + "UseDualStack": false } }, { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" + "endpoint": { + "url": "https://verifiedpermissions.us-gov-east-1.api.aws" + } }, "params": { + "Region": "us-gov-east-1", "UseFIPS": false, - "UseDualStack": true, - "Region": "us-iso-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://verifiedpermissions.us-iso-east-1.c2s.ic.gov" + "url": "https://verifiedpermissions.us-gov-east-1.amazonaws.com" } }, "params": { + "Region": "us-gov-east-1", "UseFIPS": false, - "UseDualStack": false, - "Region": "us-iso-east-1" + "UseDualStack": false } }, { - "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", "expect": { - "endpoint": { - "url": "https://verifiedpermissions-fips.us-east-1.api.aws" - } + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { + "Region": "us-iso-east-1", "UseFIPS": true, - "UseDualStack": true, - "Region": "us-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://verifiedpermissions-fips.us-east-1.amazonaws.com" + "url": "https://verifiedpermissions-fips.us-iso-east-1.c2s.ic.gov" } }, "params": { + "Region": "us-iso-east-1", "UseFIPS": true, - "UseDualStack": false, - "Region": "us-east-1" + "UseDualStack": false } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", "expect": { - "endpoint": { - "url": "https://verifiedpermissions.us-east-1.api.aws" - } + "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { + "Region": "us-iso-east-1", "UseFIPS": false, - "UseDualStack": true, - "Region": "us-east-1" + "UseDualStack": true } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://verifiedpermissions.us-east-1.amazonaws.com" + "url": "https://verifiedpermissions.us-iso-east-1.c2s.ic.gov" } }, "params": { + "Region": "us-iso-east-1", "UseFIPS": false, - "UseDualStack": false, - "Region": "us-east-1" + "UseDualStack": false } }, { @@ -210,9 +210,9 @@ "error": "FIPS and DualStack are enabled, but this partition does not support one or both" }, "params": { + "Region": "us-isob-east-1", "UseFIPS": true, - "UseDualStack": true, - "Region": "us-isob-east-1" + "UseDualStack": true } }, { @@ -223,9 +223,9 @@ } }, "params": { + "Region": "us-isob-east-1", "UseFIPS": true, - "UseDualStack": false, - "Region": "us-isob-east-1" + "UseDualStack": false } }, { @@ -234,9 +234,9 @@ "error": "DualStack is enabled but this partition does not support DualStack" }, "params": { + "Region": "us-isob-east-1", "UseFIPS": false, - "UseDualStack": true, - "Region": "us-isob-east-1" + "UseDualStack": true } }, { @@ -247,13 +247,27 @@ } }, "params": { + "Region": "us-isob-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "Region": "us-east-1", "UseFIPS": false, "UseDualStack": false, - "Region": "us-isob-east-1" + "Endpoint": "https://example.com" } }, { - "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", "expect": { "endpoint": { "url": "https://example.com" @@ -262,7 +276,6 @@ "params": { "UseFIPS": false, "UseDualStack": false, - "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -272,9 +285,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { + "Region": "us-east-1", "UseFIPS": true, "UseDualStack": false, - "Region": "us-east-1", "Endpoint": "https://example.com" } }, @@ -284,11 +297,17 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { + "Region": "us-east-1", "UseFIPS": false, "UseDualStack": true, - "Region": "us-east-1", "Endpoint": "https://example.com" } + }, + { + "documentation": "Missing region", + "expect": { + "error": "Invalid Configuration: Missing Region" + } } ], "version": "1.0" diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 08d8b0c524c..eed77d15cfa 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -10906,6 +10906,7 @@ "deprecated" : true, "hostname" : "mgn-fips.us-west-2.amazonaws.com" }, + "il-central-1" : { }, "me-central-1" : { }, "me-south-1" : { }, "sa-east-1" : { }, @@ -12944,6 +12945,7 @@ "eu-central-1" : { }, "eu-west-1" : { }, "eu-west-2" : { }, + "il-central-1" : { }, "rekognition-fips.ca-central-1" : { "credentialScope" : { "region" : "ca-central-1" @@ -16017,6 +16019,7 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "il-central-1" : { }, "me-central-1" : { }, "me-south-1" : { }, "sa-east-1" : { }, diff --git a/service/costexplorer/api.go b/service/costexplorer/api.go index a48e7f00e86..94801762a49 100644 --- a/service/costexplorer/api.go +++ b/service/costexplorer/api.go @@ -1771,7 +1771,7 @@ func (c *CostExplorer) GetSavingsPlanPurchaseRecommendationDetailsRequest(input // GetSavingsPlanPurchaseRecommendationDetails API operation for AWS Cost Explorer Service. // // Retrieves the details for a Savings Plan recommendation. These details include -// the hourly data-points that construct the new cost, coverage, and utilization +// the hourly data-points that construct the cost, coverage, and utilization // charts. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4277,6 +4277,12 @@ func (s *BillExpirationException) RequestID() string { type CostAllocationTag struct { _ struct{} `type:"structure"` + // The last date that the tag was either activated or deactivated. + LastUpdatedDate *string `min:"20" type:"string"` + + // The last month that the tag was used on an Amazon Web Services resource. + LastUsedDate *string `min:"20" type:"string"` + // The status of a cost allocation tag. // // Status is a required field @@ -4315,6 +4321,18 @@ func (s CostAllocationTag) GoString() string { return s.String() } +// SetLastUpdatedDate sets the LastUpdatedDate field's value. +func (s *CostAllocationTag) SetLastUpdatedDate(v string) *CostAllocationTag { + s.LastUpdatedDate = &v + return s +} + +// SetLastUsedDate sets the LastUsedDate field's value. +func (s *CostAllocationTag) SetLastUsedDate(v string) *CostAllocationTag { + s.LastUsedDate = &v + return s +} + // SetStatus sets the Status field's value. func (s *CostAllocationTag) SetStatus(v string) *CostAllocationTag { s.Status = &v diff --git a/service/globalaccelerator/api.go b/service/globalaccelerator/api.go index 454fff96b76..1e69cbec16a 100644 --- a/service/globalaccelerator/api.go +++ b/service/globalaccelerator/api.go @@ -9306,8 +9306,9 @@ type EndpointConfiguration struct { // endpoint fronted by the accelerator. // // Client IP address preservation is supported, in specific Amazon Web Services - // Regions, for endpoints that are Application Load Balancers and Amazon EC2 - // instances. + // Regions, for endpoints that are Application Load Balancers, Amazon EC2 instances, + // and Network Load Balancers with Security Groups. IMPORTANT: You cannot use + // client IP address preservation with Network Load Balancers with TLS listeners. // // For more information, see Preserve client IP addresses in Global Accelerator // (https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) @@ -9383,8 +9384,9 @@ type EndpointDescription struct { // endpoint fronted by the accelerator. // // Client IP address preservation is supported, in specific Amazon Web Services - // Regions, for endpoints that are Application Load Balancers and Amazon EC2 - // instances. + // Regions, for endpoints that are Application Load Balancers, Amazon EC2 instances, + // and Network Load Balancers with Security Groups. IMPORTANT: You cannot use + // client IP address preservation with Network Load Balancers with TLS listeners. // // For more information, see Preserve client IP addresses in Global Accelerator // (https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) diff --git a/service/rds/api.go b/service/rds/api.go index 2e35735ca3e..42fc94c4b05 100644 --- a/service/rds/api.go +++ b/service/rds/api.go @@ -19168,9 +19168,15 @@ type CreateCustomDBEngineVersionInput struct { // in the Amazon RDS User Guide. Manifest *string `min:"1" type:"string"` + // Reserved for future use. + SourceCustomDbEngineVersionIdentifier *string `min:"1" type:"string"` + // A list of tags. For more information, see Tagging Amazon RDS Resources (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) // in the Amazon RDS User Guide. Tags []*Tag `locationNameList:"Tag" type:"list"` + + // Reserved for future use. + UseAwsProvidedLatestImage *bool `type:"boolean"` } // String returns the string representation. @@ -19224,6 +19230,9 @@ func (s *CreateCustomDBEngineVersionInput) Validate() error { if s.Manifest != nil && len(*s.Manifest) < 1 { invalidParams.Add(request.NewErrParamMinLen("Manifest", 1)) } + if s.SourceCustomDbEngineVersionIdentifier != nil && len(*s.SourceCustomDbEngineVersionIdentifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SourceCustomDbEngineVersionIdentifier", 1)) + } if invalidParams.Len() > 0 { return invalidParams @@ -19279,12 +19288,24 @@ func (s *CreateCustomDBEngineVersionInput) SetManifest(v string) *CreateCustomDB return s } +// SetSourceCustomDbEngineVersionIdentifier sets the SourceCustomDbEngineVersionIdentifier field's value. +func (s *CreateCustomDBEngineVersionInput) SetSourceCustomDbEngineVersionIdentifier(v string) *CreateCustomDBEngineVersionInput { + s.SourceCustomDbEngineVersionIdentifier = &v + return s +} + // SetTags sets the Tags field's value. func (s *CreateCustomDBEngineVersionInput) SetTags(v []*Tag) *CreateCustomDBEngineVersionInput { s.Tags = v return s } +// SetUseAwsProvidedLatestImage sets the UseAwsProvidedLatestImage field's value. +func (s *CreateCustomDBEngineVersionInput) SetUseAwsProvidedLatestImage(v bool) *CreateCustomDBEngineVersionInput { + s.UseAwsProvidedLatestImage = &v + return s +} + // This data type is used as a response element in the action DescribeDBEngineVersions. type CreateCustomDBEngineVersionOutput struct { _ struct{} `type:"structure"` diff --git a/service/verifiedpermissions/api.go b/service/verifiedpermissions/api.go index eeba609f2fa..d2bb80190cd 100644 --- a/service/verifiedpermissions/api.go +++ b/service/verifiedpermissions/api.go @@ -2041,11 +2041,25 @@ func (c *VerifiedPermissions) IsAuthorizedWithTokenRequest(input *IsAuthorizedWi // // Makes an authorization decision about a service request described in the // parameters. The principal in this request comes from an external identity -// source. The information in the parameters can also define additional context -// that Verified Permissions can include in the evaluation. The request is evaluated -// against all matching policies in the specified policy store. The result of -// the decision is either Allow or Deny, along with a list of the policies that -// resulted in the decision. +// source in the form of an identity token formatted as a JSON web token (JWT) +// (https://wikipedia.org/wiki/JSON_Web_Token). The information in the parameters +// can also define additional context that Verified Permissions can include +// in the evaluation. The request is evaluated against all matching policies +// in the specified policy store. The result of the decision is either Allow +// or Deny, along with a list of the policies that resulted in the decision. +// +// If you specify the identityToken parameter, then this operation derives the +// principal from that token. You must not also include that principal in the +// entities parameter or the operation fails and reports a conflict between +// the two entity sources. +// +// If you provide only an accessToken, then you can include the entity as part +// of the entities parameter to provide additional attributes. +// +// At this time, Verified Permissions accepts tokens from only Amazon Cognito. +// +// Verified Permissions validates each token that is specified in a request +// by checking its expiration date and its signature. // // If you delete a Amazon Cognito user pool or user, tokens from that deleted // pool or that deleted user continue to be usable until they expire. @@ -3245,10 +3259,19 @@ func (c *VerifiedPermissions) UpdatePolicyRequest(input *UpdatePolicyInput) (req // policy, you must update the template instead, using UpdatePolicyTemplate // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html). // -// If policy validation is enabled in the policy store, then updating a static -// policy causes Verified Permissions to validate the policy against the schema -// in the policy store. If the updated static policy doesn't pass validation, -// the operation fails and the update isn't stored. +// - If policy validation is enabled in the policy store, then updating a +// static policy causes Verified Permissions to validate the policy against +// the schema in the policy store. If the updated static policy doesn't pass +// validation, the operation fails and the update isn't stored. +// +// - When you edit a static policy, You can change only certain elements +// of a static policy: The action referenced by the policy. A condition clause, +// such as when and unless. You can't change these elements of a static policy: +// Changing a policy from a static policy to a template-linked policy. Changing +// the effect of a static policy from permit or forbid. The principal referenced +// by a static policy. The resource referenced by a static policy. +// +// - To update a template-linked policy, you must update the template instead. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3707,13 +3730,21 @@ type ActionIdentifier struct { // The ID of an action. // + // ActionId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ActionIdentifier's + // String and GoString methods. + // // ActionId is a required field - ActionId *string `locationName:"actionId" min:"1" type:"string" required:"true"` + ActionId *string `locationName:"actionId" min:"1" type:"string" required:"true" sensitive:"true"` // The type of an action. // + // ActionType is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ActionIdentifier's + // String and GoString methods. + // // ActionType is a required field - ActionType *string `locationName:"actionType" min:"1" type:"string" required:"true"` + ActionType *string `locationName:"actionType" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -3784,7 +3815,11 @@ type AttributeValue struct { // type. // // Example: {"boolean": true} - Boolean *bool `locationName:"boolean" type:"boolean"` + // + // Boolean is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AttributeValue's + // String and GoString methods. + Boolean *bool `locationName:"boolean" type:"boolean" sensitive:"true"` // An attribute value of type EntityIdentifier (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntityIdentifier.html). // @@ -3796,7 +3831,11 @@ type AttributeValue struct { // type. // // Example: {"long": 0} - Long *int64 `locationName:"long" type:"long"` + // + // Long is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AttributeValue's + // String and GoString methods. + Long *int64 `locationName:"long" type:"long" sensitive:"true"` // An attribute value of Record (https://docs.cedarpolicy.com/syntax-datatypes.html#record) // type. @@ -3814,7 +3853,11 @@ type AttributeValue struct { // type. // // Example: {"string": "abc"} - String_ *string `locationName:"string" type:"string"` + // + // String_ is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AttributeValue's + // String and GoString methods. + String_ *string `locationName:"string" type:"string" sensitive:"true"` } // String returns the string representation. @@ -4210,7 +4253,11 @@ type CreateIdentitySourceInput struct { // Specifies the namespace and data type of the principals generated for identities // authenticated by the new identity source. - PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string"` + // + // PrincipalEntityType is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateIdentitySourceInput's + // String and GoString methods. + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" sensitive:"true"` } // String returns the string representation. @@ -4706,7 +4753,11 @@ type CreatePolicyTemplateInput struct { ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` // Specifies a description for the policy template. - Description *string `locationName:"description" type:"string"` + // + // Description is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreatePolicyTemplateInput's + // String and GoString methods. + Description *string `locationName:"description" type:"string" sensitive:"true"` // The ID of the policy store in which to create the policy template. // @@ -4716,8 +4767,12 @@ type CreatePolicyTemplateInput struct { // Specifies the content that you want to use for the new policy template, written // in the Cedar policy language. // + // Statement is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreatePolicyTemplateInput's + // String and GoString methods. + // // Statement is a required field - Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` + Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -5312,15 +5367,23 @@ type EntityIdentifier struct { // // "entityId":"identifier" // + // EntityId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by EntityIdentifier's + // String and GoString methods. + // // EntityId is a required field - EntityId *string `locationName:"entityId" min:"1" type:"string" required:"true"` + EntityId *string `locationName:"entityId" min:"1" type:"string" required:"true" sensitive:"true"` // The type of an entity. // // Example: "entityType":"typeName" // + // EntityType is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by EntityIdentifier's + // String and GoString methods. + // // EntityType is a required field - EntityType *string `locationName:"entityType" min:"1" type:"string" required:"true"` + EntityType *string `locationName:"entityType" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -5542,7 +5605,7 @@ func (s *EntityReference) SetUnspecified(v bool) *EntityReference { // and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) // operations. type EvaluationErrorItem struct { - _ struct{} `type:"structure"` + _ struct{} `type:"structure" sensitive:"true"` // The error description. // @@ -5672,8 +5735,12 @@ type GetIdentitySourceOutput struct { // The data type of principals generated for identities authenticated by this // identity source. // + // PrincipalEntityType is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetIdentitySourceOutput's + // String and GoString methods. + // // PrincipalEntityType is a required field - PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true"` + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -6108,7 +6175,11 @@ type GetPolicyTemplateOutput struct { CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The description of the policy template. - Description *string `locationName:"description" type:"string"` + // + // Description is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetPolicyTemplateOutput's + // String and GoString methods. + Description *string `locationName:"description" type:"string" sensitive:"true"` // The date and time that the policy template was most recently updated. // @@ -6128,8 +6199,12 @@ type GetPolicyTemplateOutput struct { // The content of the body of the policy template written in the Cedar policy // language. // + // Statement is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetPolicyTemplateOutput's + // String and GoString methods. + // // Statement is a required field - Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` + Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -6255,8 +6330,12 @@ type GetSchemaOutput struct { // The body of the schema, written in Cedar schema JSON. // + // Schema is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetSchemaOutput's + // String and GoString methods. + // // Schema is a required field - Schema *string `locationName:"schema" min:"1" type:"string" required:"true"` + Schema *string `locationName:"schema" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -6386,7 +6465,11 @@ type IdentitySourceFilter struct { // The Cedar entity type of the principals returned by the identity provider // (IdP) associated with this identity source. - PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string"` + // + // PrincipalEntityType is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by IdentitySourceFilter's + // String and GoString methods. + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" sensitive:"true"` } // String returns the string representation. @@ -6463,8 +6546,12 @@ type IdentitySourceItem struct { // The Cedar entity type of the principals returned from the IdP associated // with this identity source. // + // PrincipalEntityType is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by IdentitySourceItem's + // String and GoString methods. + // // PrincipalEntityType is a required field - PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true"` + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -6852,9 +6939,13 @@ type IsAuthorizedWithTokenInput struct { // Specifies an access token for the principal to be authorized. This token // is provided to you by the identity provider (IdP) associated with the specified - // identity source. You must specify either an AccessToken or an IdentityToken, - // but not both. - AccessToken *string `locationName:"accessToken" min:"1" type:"string"` + // identity source. You must specify either an AccessToken, or an IdentityToken, + // or both. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by IsAuthorizedWithTokenInput's + // String and GoString methods. + AccessToken *string `locationName:"accessToken" min:"1" type:"string" sensitive:"true"` // Specifies the requested action to be authorized. Is the specified principal // authorized to perform this action on the specified resource. @@ -6864,18 +6955,27 @@ type IsAuthorizedWithTokenInput struct { // decisions. Context *ContextDefinition `locationName:"context" type:"structure"` - // Specifies the list of resources and principals and their associated attributes - // that Verified Permissions can examine when evaluating the policies. + // Specifies the list of resources and their associated attributes that Verified + // Permissions can examine when evaluating the policies. // - // You can include only principal and resource entities in this parameter; you - // can't include actions. You must specify actions in the schema. + // You can include only resource and action entities in this parameter; you + // can't include principals. + // + // * The IsAuthorizedWithToken operation takes principal attributes from + // only the identityToken or accessToken passed to the operation. + // + // * For action entities, you can include only their Identifier and EntityType. Entities *EntitiesDefinition `locationName:"entities" type:"structure"` // Specifies an identity token for the principal to be authorized. This token // is provided to you by the identity provider (IdP) associated with the specified // identity source. You must specify either an AccessToken or an IdentityToken, - // but not both. - IdentityToken *string `locationName:"identityToken" min:"1" type:"string"` + // or both. + // + // IdentityToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by IsAuthorizedWithTokenInput's + // String and GoString methods. + IdentityToken *string `locationName:"identityToken" min:"1" type:"string" sensitive:"true"` // Specifies the ID of the policy store. Policies in this policy store will // be used to make an authorization decision for the input. @@ -7060,15 +7160,17 @@ type ListIdentitySourcesInput struct { // the output to matching identity sources. Filters []*IdentitySourceFilter `locationName:"filters" type:"list"` - // Specifies the total number of results that you want included on each page - // of the response. If you do not include this parameter, it defaults to a value - // that is specific to the operation. If additional items exist beyond the number - // you specify, the NextToken response element is returned with a value (not - // null). Include the specified value as the NextToken request parameter in - // the next call to the operation to get the next part of the results. Note - // that the service might return fewer results than the maximum even when there - // are more results available. You should check NextToken after every operation - // to ensure that you receive all of the results. + // Specifies the total number of results that you want included in each response. + // If additional items exist beyond the number you specify, the NextToken response + // element is returned with a value (not null). Include the specified value + // as the NextToken request parameter in the next call to the operation to get + // the next set of results. Note that the service might return fewer results + // than the maximum even when there are more results available. You should check + // NextToken after every operation to ensure that you receive all of the results. + // + // If you do not specify this parameter, the operation defaults to 10 identity + // sources per response. You can specify a maximum of 200 identity sources per + // response. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // Specifies that you want to receive the next page of results. Valid only if @@ -7213,15 +7315,16 @@ type ListPoliciesInput struct { // a specified principal. Filter *PolicyFilter `locationName:"filter" type:"structure"` - // Specifies the total number of results that you want included on each page - // of the response. If you do not include this parameter, it defaults to a value - // that is specific to the operation. If additional items exist beyond the number - // you specify, the NextToken response element is returned with a value (not - // null). Include the specified value as the NextToken request parameter in - // the next call to the operation to get the next part of the results. Note - // that the service might return fewer results than the maximum even when there - // are more results available. You should check NextToken after every operation - // to ensure that you receive all of the results. + // Specifies the total number of results that you want included in each response. + // If additional items exist beyond the number you specify, the NextToken response + // element is returned with a value (not null). Include the specified value + // as the NextToken request parameter in the next call to the operation to get + // the next set of results. Note that the service might return fewer results + // than the maximum even when there are more results available. You should check + // NextToken after every operation to ensure that you receive all of the results. + // + // If you do not specify this parameter, the operation defaults to 10 policies + // per response. You can specify a maximum of 50 policies per response. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // Specifies that you want to receive the next page of results. Valid only if @@ -7355,15 +7458,16 @@ func (s *ListPoliciesOutput) SetPolicies(v []*PolicyItem) *ListPoliciesOutput { type ListPolicyStoresInput struct { _ struct{} `type:"structure"` - // Specifies the total number of results that you want included on each page - // of the response. If you do not include this parameter, it defaults to a value - // that is specific to the operation. If additional items exist beyond the number - // you specify, the NextToken response element is returned with a value (not - // null). Include the specified value as the NextToken request parameter in - // the next call to the operation to get the next part of the results. Note - // that the service might return fewer results than the maximum even when there - // are more results available. You should check NextToken after every operation - // to ensure that you receive all of the results. + // Specifies the total number of results that you want included in each response. + // If additional items exist beyond the number you specify, the NextToken response + // element is returned with a value (not null). Include the specified value + // as the NextToken request parameter in the next call to the operation to get + // the next set of results. Note that the service might return fewer results + // than the maximum even when there are more results available. You should check + // NextToken after every operation to ensure that you receive all of the results. + // + // If you do not specify this parameter, the operation defaults to 10 policy + // stores per response. You can specify a maximum of 50 policy stores per response. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // Specifies that you want to receive the next page of results. Valid only if @@ -7469,15 +7573,17 @@ func (s *ListPolicyStoresOutput) SetPolicyStores(v []*PolicyStoreItem) *ListPoli type ListPolicyTemplatesInput struct { _ struct{} `type:"structure"` - // Specifies the total number of results that you want included on each page - // of the response. If you do not include this parameter, it defaults to a value - // that is specific to the operation. If additional items exist beyond the number - // you specify, the NextToken response element is returned with a value (not - // null). Include the specified value as the NextToken request parameter in - // the next call to the operation to get the next part of the results. Note - // that the service might return fewer results than the maximum even when there - // are more results available. You should check NextToken after every operation - // to ensure that you receive all of the results. + // Specifies the total number of results that you want included in each response. + // If additional items exist beyond the number you specify, the NextToken response + // element is returned with a value (not null). Include the specified value + // as the NextToken request parameter in the next call to the operation to get + // the next set of results. Note that the service might return fewer results + // than the maximum even when there are more results available. You should check + // NextToken after every operation to ensure that you receive all of the results. + // + // If you do not specify this parameter, the operation defaults to 10 policy + // templates per response. You can specify a maximum of 50 policy templates + // per response. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // Specifies that you want to receive the next page of results. Valid only if @@ -8037,7 +8143,11 @@ type PolicyTemplateItem struct { CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The description attached to the policy template. - Description *string `locationName:"description" type:"string"` + // + // Description is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by PolicyTemplateItem's + // String and GoString methods. + Description *string `locationName:"description" type:"string" sensitive:"true"` // The date and time that the policy template was most recently updated. // @@ -8368,7 +8478,11 @@ type SchemaDefinition struct { // A JSON string representation of the schema supported by applications that // use this policy store. For more information, see Policy store schema (https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) // in the Amazon Verified Permissions User Guide. - CedarJson *string `locationName:"cedarJson" min:"1" type:"string"` + // + // CedarJson is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SchemaDefinition's + // String and GoString methods. + CedarJson *string `locationName:"cedarJson" min:"1" type:"string" sensitive:"true"` } // String returns the string representation. @@ -8495,12 +8609,20 @@ type StaticPolicyDefinition struct { _ struct{} `type:"structure"` // The description of the static policy. - Description *string `locationName:"description" type:"string"` + // + // Description is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StaticPolicyDefinition's + // String and GoString methods. + Description *string `locationName:"description" type:"string" sensitive:"true"` // The policy content of the static policy, written in the Cedar policy language. // + // Statement is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StaticPolicyDefinition's + // String and GoString methods. + // // Statement is a required field - Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` + Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -8559,12 +8681,20 @@ type StaticPolicyDefinitionDetail struct { _ struct{} `type:"structure"` // A description of the static policy. - Description *string `locationName:"description" type:"string"` + // + // Description is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StaticPolicyDefinitionDetail's + // String and GoString methods. + Description *string `locationName:"description" type:"string" sensitive:"true"` // The content of the static policy written in the Cedar policy language. // + // Statement is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StaticPolicyDefinitionDetail's + // String and GoString methods. + // // Statement is a required field - Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` + Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -8607,7 +8737,11 @@ type StaticPolicyDefinitionItem struct { _ struct{} `type:"structure"` // A description of the static policy. - Description *string `locationName:"description" type:"string"` + // + // Description is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StaticPolicyDefinitionItem's + // String and GoString methods. + Description *string `locationName:"description" type:"string" sensitive:"true"` } // String returns the string representation. @@ -9035,7 +9169,11 @@ type UpdateIdentitySourceInput struct { // Specifies the data type of principals generated for identities authenticated // by the identity source. - PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string"` + // + // PrincipalEntityType is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UpdateIdentitySourceInput's + // String and GoString methods. + PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" sensitive:"true"` // Specifies the details required to communicate with the identity provider // (IdP) associated with this identity source. @@ -9581,7 +9719,11 @@ type UpdatePolicyTemplateInput struct { _ struct{} `type:"structure"` // Specifies a new description to apply to the policy template. - Description *string `locationName:"description" type:"string"` + // + // Description is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UpdatePolicyTemplateInput's + // String and GoString methods. + Description *string `locationName:"description" type:"string" sensitive:"true"` // Specifies the ID of the policy store that contains the policy template that // you want to update. @@ -9611,8 +9753,12 @@ type UpdatePolicyTemplateInput struct { // // * The resource referenced by the policy template. // + // Statement is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UpdatePolicyTemplateInput's + // String and GoString methods. + // // Statement is a required field - Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` + Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -9756,7 +9902,11 @@ type UpdateStaticPolicyDefinition struct { _ struct{} `type:"structure"` // Specifies the description to be added to or replaced on the static policy. - Description *string `locationName:"description" type:"string"` + // + // Description is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UpdateStaticPolicyDefinition's + // String and GoString methods. + Description *string `locationName:"description" type:"string" sensitive:"true"` // Specifies the Cedar policy language text to be added to or replaced on the // static policy. @@ -9777,8 +9927,12 @@ type UpdateStaticPolicyDefinition struct { // // * The resource referenced by the policy. // + // Statement is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UpdateStaticPolicyDefinition's + // String and GoString methods. + // // Statement is a required field - Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` + Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"` } // String returns the string representation.